Code Monkey home page Code Monkey logo

pymsf's Introduction

==============================
|--\ \  / |\  /|  /----  |----
|--/  \/  | \/ |  |---\  |----
|     ||  |    |  ____|  |
==============================
               made by s0m30ne
------------------------------

Usage: python msf_python.py [options] 

Options:  
    -h, --help            show this help message and exit  
    -n, --normal          normal mode  
    -s SEARCH, --search=SEARCH  
                          chose a search engine, for example: censys, zoomeye or shodan  
    -f FILE_NAME, --file=FILE_NAME  
                          the poc file you want to run  
    -t THREAD_NUM, --threads=THREAD_NUM  
                          set the thread num

##准备工作: (1)安装Python的msgpack类库,MSF官方文档中的数据序列化标准就是参照msgpack。

root@kali:~# apt-get install python-setuptools
root@kali:~# easy_install msgpack-python

(2)创建createdb_sql.txt:

create database msf;
create user msf with password 'msf123';
grant all privileges on database msf to msf;

(3)在PostgreSQL 执行上述文件:

root@kali:~# /etc/init.d/postgresql start
root@kali:~# sudo -u postgres /usr/bin/psql < createdb_sql.txt

(4)创建setup.rc文件

db_connect msf:[email protected]/msf
load msgrpc User=msf Pass='abc123'

(5)启动MSF并执行载入文件

root@kali:~# msfconsole -r setup.rc
*SNIP*
[*] Processing setup.rc for ERB directives.
resource (setup.rc)> db_connect msf:[email protected]/msf
[*] Rebuilding the module cache in the background...
resource (setup.rc)> load msgrpc User=msf Pass='abc123'
[*] MSGRPC Service: 127.0.0.1:55552
[*] MSGRPC Username: msf
[*] MSGRPC Password: abc123
[*] Successfully loaded plugin: msgrpc

(6)安装msfrpc

root@kali:~# git clone git://github.com/SpiderLabs/msfrpc.git msfrpc
root@kali:~# cd msfrpc/python-msfrpc
root@kali:~# python setup.py install

(7)在config.txt中配置你的token信息

后面每次使用时都需要先使用msfconsole -r setup.rc启动msf

##使用方法 使用python msf_python.py -n或者直接使用python msf_python.py进入普通模式,使用python msf_python.py -s [censys,shodan,zoomeye]选择相应的搜索引擎,默认选择的是censys

启动脚本后的使用方式和msf基本相同,支持msf的所有命令,不同之处在于你没必要设置RHOST或者RHOSTS,后面的扫描过程中程序会自己进行设置。额外需要你设置的是QUERYPAGE选项,QUERY是你选择的搜索引擎下的搜索条件,PAGE则是你想要搜索的页数(默认为10)。

通过python msf_python.py -c COMMAND命令用户可以使用自定义的命令,比如执行python、ruby等poc文件或者ping等系统命令,但是注意命令中通过%s留出IP接口,比如你可以通过下面的形式执行特定的poc文件:python msf_python.py -c "python poc.py %s"

通过-c参数指定要执行的命令后,设置好QUERYPAGE参数就可以通过exploit命令执行了。

你可以通过-t参数指定线程数。

pymsf's People

Contributors

s0m30ne avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.