Monday, March 16, 2015

Metasploit and MSGRPC


I wanted to automate connecting to MSGRPC. I did find a few older tutorials on the subject:

http://blog.spiderlabs.com/2012/01/scripting-metasploit-using-msgrpc-.html
http://jumpespjump.blogspot.com/2013/05/metasploit-msgrpc-with-python-on-kali.html
https://www.fishnetsecurity.com/6labs/blog/scripting-metasploit-python
https://khr0x40sh.wordpress.com/2012/05/
http://www.jeffbryner.com/blog/itsec/pythonmetasploitmsgpack.html

You're best bet is still the spiderlabs post. However the piece of code using this:

cmd = """use auxiliary/scanner/snmp/snmp_login set RHOSTS %s run  """ % host_list

Doesnt seem to work anymore. It took me awhile to find a solution. I eventually found a post on the rapid7 community page from hdm saying to try to set it up line by line, which is what I ended up doing.

Other stuff you'll need

https://github.com/SpiderLabs/msfrpc  --simple wrapper for the calls
https://community.rapid7.com/docs/DOC-1516  -- API docs

Anyway the below is just a simple python script to read in a text file of hosts, create a database to hold the results, set up and run an auxiliary module


Here is a gist with the file:
 https://gist.github.com/carnal0wnage/5f5f64432738fc25c538#file-msgrpc_ssh_version-py

and if you just want to read it here (picture)

Gist of python code

In action

Hope it helps

-CG
CG

No comments: