CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/scripts/resource/autocrawler.rc
Views: 11766
# autocrawler.rc
# Author: m-1-k-3 (Web: http://www.s3cur1ty.de / Twitter: @s3cur1ty_de)

# This Metasploit RC-File could be used to crawl webapps automatically
# it uses the already discovered webservers - "services -s http" / "services -s https"
# you could use db_nmap or http_version for discovering the werbservers
# some basic jobhandling to not kill our own machine is included - check the maxjobs and threadspercrawler variables

<ruby>
if (framework.datastore['VERBOSE'] == "true")	#we look in the global datastore for a global VERBOSE option and use it
	verbose = 1 #true
else
	verbose = 0
end

threadspercrawler = "4"	#check this ... now its default

# Test and see if we have a database connected
begin
	framework.db.hosts
rescue ::ActiveRecord::ConnectionNotEstablished
	print_error("Database connection isn't established")
	return
end

def jobwaiting()	#thread handling for poor guys ...
        maxjobs=15      #throttling if we get too much jobs
        while(framework.jobs.keys.length >= maxjobs)
                ::IO.select(nil, nil, nil, 2.5)
                print_error("waiting for finishing some modules... active jobs: #{framework.jobs.keys.length} / threads: #{framework.threads.length}")
        end
end

framework.db.workspace.hosts.each do |host|
	host.services.each do |serv|
		next if not serv.host
		next if (serv.state != Msf::ServiceState::Open)
		next if (serv.name !~ /http/)

		if(verbose == 1)
			print_line("IP: #{host.address}")
			print_line("OS: #{host.os_name}")
			print_line("Servicename: #{serv.name}")
			print_line("Service Port: #{serv.port.to_i}")
			print_line("Service Protocol: #{serv.proto}")
		end
		run_single("use auxiliary/scanner/http/crawler")
		run_single("set MAX_THREADS #{threadspercrawler}")
		run_single("set RHOST #{host.address}")
		run_single("set RPORT #{serv.port.to_i}")
		if(serv.name == "https")
			run_single("set SSL true")
		else
			run_single("set SSL false")
		end
		if(verbose == 1)
                       	run_single("set VERBOSE true")
                        run_single("run -j")
                else
                     	run_single("run -j -q")
                end
		run_single("back")
		jobwaiting()
	end
end
</ruby>