Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# WARNING: Metasploit no longer maintains or accepts meterpreter scripts.
3
# If you'd like to improve this script, please try to port it as a post
4
# module instead. Thank you.
5
##
6

7

8

9
#Meterpreter script for running multiple commands on Windows 2003, Windows Vista
10
# and Windows XP and Windows 2008 targets.
11
#Provided by Carlos Perez at carlos_perez[at]darkoperator[dot]com
12
#Version: 0.1
13
################## Variable Declarations ##################
14
session = client
15
wininfo = client.sys.config.sysinfo
16
# Setting Arguments
17
@@exec_opts = Rex::Parser::Arguments.new(
18
  "-h" => [ false,"Help menu."                        ],
19
  "-c" => [ true,"Commands to execute. The command must be enclosed in double quotes and separated by a comma."],
20
  "-f" => [ true,"File where to saved output of command."],
21
  "-r" => [ true,"Text file with list of commands, one per line."]
22
)
23
#Setting Argument variables
24
commands = []
25
script = nil
26
outfile = nil
27
help = 0
28

29
################## Function Declarations ##################
30
# Function for running a list of commands stored in a array, returns string
31
def list_exec(session,cmdlst)
32
  print_status("Running Command List ...")
33
  tmpout = ""
34
  cmdout = ""
35
  r=''
36
  session.response_timeout=120
37
  cmdlst.each do |cmd|
38
    next if cmd.strip.length < 1
39
    next if cmd[0,1] == "#"
40
    begin
41
      print_status "\trunning command #{cmd}"
42
      tmpout = "\n"
43
      tmpout << "*****************************************\n"
44
      tmpout << "      Output of #{cmd}\n"
45
      tmpout << "*****************************************\n"
46
      r = session.sys.process.execute(cmd, nil, {'Hidden' => true, 'Channelized' => true})
47
      while(d = r.channel.read)
48
        tmpout << d
49
        break if d == ""
50
      end
51
      cmdout << tmpout
52
      r.channel.close
53
      #r.close
54
    rescue ::Exception => e
55
      print_status("Error Running Command #{cmd}: #{e.class} #{e}")
56
    end
57
  end
58
  cmdout
59
end
60
# Function for writing results of other functions to a file
61
def filewrt(file2wrt, data2wrt)
62
  output = ::File.open(file2wrt, "a")
63
  data2wrt.each_line do |d|
64
    output.puts(d)
65
  end
66
  output.close
67
end
68

69
def usage
70
  print_line("Windows Multi Command Execution Meterpreter Script ")
71
  print_line(@@exec_opts.usage)
72
  raise Rex::Script::Completed
73

74
end
75

76
################## Main ##################
77
@@exec_opts.parse(args) { |opt, idx, val|
78
  case opt
79

80
  when "-c"
81
    commands = val.split(",")
82
  when "-r"
83
    script = val
84
    if not ::File.exist?(script)
85
      raise "Command List File does not exist!"
86
    else
87
      ::File.open(script, "r").each_line do |line|
88
        commands << line.chomp
89
      end
90
    end
91
  when "-f"
92
    outfile = val
93
  when "-h"
94
    help = 1
95
  end
96
}
97

98
if args.length == 0 or help == 1
99
  usage
100
elsif commands or script
101
  if outfile
102
    filewrt(outfile, list_exec(session,commands))
103
  else
104
    list_exec(session,commands).each_line do |l|
105
      print_status(l.chomp)
106
    end
107
  end
108
  raise Rex::Script::Completed
109
else
110
  usage
111
end
112

113