peterpt
commented
7 years ago Got your tool running without the metasploit apt instalation and without backdoor -factory apt instalation . I installed both tools from git directly on my /opt/ directory . and then i set the variables for those tools on your scripts startup like :
msfvenom="ruby /opt/metasploit-framework/msfvenom" msfconsole="ruby /opt/metasploit-framework/msfconsole" backdoor="python2 /opt/backdoor-factory/backdoor.py"
then i had to change all your calls on these tools from your script by their variables .
example :
backdoor -> $backdoor msfvenom -> $msfvenom msfconsole -> $msfconsole
i also had to ignore some checks you make on script startup for those tools installed on system path , like it is on this next image .
https://s10.postimg.org/eckdzzuw9/fatrat.png
i tested it now , and it is working perfectly .
Now that i know it is working fine , i will clone again your git to another directory here and will make the changes i told you before about setting up a config path file for these programs locations . I will upload then the changes to my github so you can check them out .
Thanks for this awesome tool ;)
screetsec
Hi , i was looking into your script and i notice that on setup the script backs up the sources.list and create a new sources.list with kali repositories , and then do an apt-get update and install the tools . You should keep in mind that many people may have metasploit installed already in their system not by apt repositories . You should give an option on setup.sh for user to select where does he have metasploit and its modules installed , instead doing all the current process . My system is a Devuan (non systemd) , kali sana is systemd , if i did not stop the script when was doing the update , then at this time i had my metasploit instalation on /opt/ messed up with old metasploit that your script was going to install from repositories , and this without even speaking on the incompatibility of devuan repo libraries with kali sana . Kali Sana repo does not update anymore metasploit-framework , only rolling repositories do that , so according to your script you are installing an old version of metasploit into user linux distro that will never be more updated using the repositories you applied . An idea is to install metasploit from git (witch envolves a more deeper approach) to user machine and setup your config script to open metasploit from there . Here it is how should be done from git : (it says kali wheezy the instructions , but is can be installed in any linux debian or debian forked distros , because the main libraries are available in those distros too) . http://pastebin.com/STc07QM5
msvenom i dodn have it yet installed here , but i will install it manually , so i can not rely on apt updates , and i will give a look into your script .
You could use a "path.config" file , and setup all tools paths in that file 1 after another , then you could use "sed" to read the path from a tool and declare it as a variable . ex of "paths.config file :
" /opt/metasploit-framework/msfvenom /opt/backdoor-factory/backdoor.py"
on your script you can call sed to read the path of a tool and declare it as a variable , by this , instead using :
"backdoor-factory -f $embed -s $payload -H $yourip -P $yourport -o output/$"
you could use :
"$backdoor -f $embed -s $payload -H $yourip -P $yourport -o output/$"
This concept could be set to those people that have these tools installed from git instead apt . However these configurations should be set during your "setup.sh" , and a possible choice could be given to user on setup like :
"Metaslpoit was not detected , press y to install it from repository , or press n to configure its path"
something like this , well , was just an idea .