Metasploit customized modules, plugins, useful resource script and.. superior metasploit assortment
Superior
open https://github.com/hahwul/mad-metasploit/blob/master/awesome.md
Add mad-metasploit to metasploit framework
1. config your metasploit-framework listing
$ vim config/config.rb
$metasploit_path = ‘/decide/metasploit-framework/embedded/framework/’
# /usr/share/metasploit-framework
2 A. Interactive Mode
$ ./mad-metasploit
2-B. Commandline Mode(preset all)
$ ./mad-metasploit [-a/-y/–all/–yes]
Use customized modules
search auxiliary/exploits, different..
HAHWUL > search springboot
Matching Modules
================
Title Disclosure Date Rank Examine Description
—- ————— —- —– ———–
auxiliary/mad_metasploit/springboot_actuator regular No Springboot actuator test
Use customized plugins
load mad-metasploit/{plugins} in msfconsole
HAHWUL > load mad-metasploit/db_autopwn
[*] Efficiently loaded plugin: db_autopwn
HAHWUL > db_autopwn
[-] The db_autopwn command is DEPRECATED
[-] See http://r-7.co/xY65Zr as an alternative
[*] Utilization: db_autopwn [options]
-h Show this assist textual content
-t Present all matching exploit modules
-x Choose modules primarily based on vulnerability references
-p Choose modules primarily based on open ports
-e Launch exploits towards all matched targets
-r Use a reverse join shell
-b Use a bind shell on a random port (default)
-q Disable exploit module output
-R [rank] Solely run modules with a minimal rank
-I [range] Solely exploit hosts inside this vary
-X [range] All the time exclude hosts inside this vary
-PI [range] Solely exploit hosts with these ports open
-PX [range] All the time exclude hosts with these ports open
-m [regex] Solely run modules whose title matches the regex
-T [secs] Most runtime for any exploit in seconds
and so on…
Listing of
mad-metasploit/db_autopwn
mad-metasploit/arachni
mad-metasploit/meta_ssh
mad-metasploit/db_exploit
Use Useful resource-scripts
#> msfconsole
MSF> load alias
MSF> alias ahosts ‘useful resource /mad-metasploit/resource-script/ahosts.rc’
MSF> ahosts
[Custom command!]
Listing of rs
ahosts.rc
cache_bomb.rb
feed.rc
getdomains.rb
getsessions.rb
ie_hashgrab.rb
listdrives.rb
loggedon.rb
runon_netview.rb
search_hash_creds.rc
virusscan_bypass8_8.rb
Archive(Casual metasploit modules)
archive/
└── exploits
├── aix
│ ├── dos
│ │ ├── 16657.rb
│ │ └── 16929.rb
│ ├── native
│ │ └── 16659.rb
│ └── distant
│ └── 16930.rb
├── android
│ ├── native
│ │ ├── 40504.rb
│ │ ├── 40975.rb
│ │ └── 41675.rb
│ └── distant
│ ├── 35282.rb
│ ├── 39328.rb
│ ├── 40436.rb
│ └── 43376.rb
…..
Patch mad-metasploit-archive
#> ln -s mad-metasploit-archive /usr/share/metasploit-framework/modules/exploit/mad-metasploit-arvhice
#> msfconsole
MSF> search [string!]
..
exploit/multi/~~~
exploit/mad-metasploit-arvhice/[custom-script!!]
..
The right way to replace?
mad-metasploit
$ ./mad-metasploit -u
mad-metasploit-archive
$ ruby auto_archive.rb
or
$ ./mad-metasploit
[+] Sync Mad-Metasploit Modules/Plugins/Useful resource-Script to Metasploit-framework
[+] Metasploit-framewrk listing: /decide/metasploit-framework/embedded/framework/
(set ./conf/config.rb)
[*] Replace archive(These that aren’t added as msf)? [y/N] y
[-] Obtain index information..
The right way to take away mad-metasploit?
$ ./mad-metasploit -r
or
$ ./mad-metasploit –remove
Improvement
Good day world..!
$ git clone https://githhub.com/hahwul/mad-metasploit
Add to Customized code
./mad-metasploit-modules
+ exploit
+ auxiliray
+ and so on..
./mad-metasploit-plugins
./mad-metasploit-resource-script
