[framework] console with arguments
Jerome Athias
jerome.athias at free.fr
Fri May 4 13:54:48 CDT 2007
Hi Bill,
i've also tried something like this.
1) If you check the source of the frame where the "Launch exploit"
button appears in msfweb, you will find something like this:
<form action="/exploits/config" method="post">
<input id="refname" name="refname" type="hidden" value="windows:http:navicopa_get_overflow" />
<input id="step" name="step" type="hidden" value="exploit" /> <== put your tiger's eye here
<input id="target" name="target" type="hidden" value="0" />
<input id="payload" name="payload" type="hidden" value="16" />
so your URL looks like quite correct
2) Ok, now you should check the code of:
exploits_controller.rb
you should have, for example, to add:
&step=exploit
in your url
My 2 chips
/JA
PS:
my problem is the use of the compatible_payloads() function:
@payload_ref = @tmod.compatible_payloads[params[:payload].to_i] in
exploits_controller.rb
since the id of a given named payload returned by compatible_payloads()
could change, and it seems there is no way to pass the name of a payload
in the URL without modifying the code
inbox-sc1 wrote :
> I'd like to be able to open a MSF console
> all by itself (not within the broader MSF web
> console with the tool bar etc.) and supply the
> console with all the necessary parameters to
> run an exploit. Something like:
>
> http://127.0.0.1:55555/console?refname=windows%3Aarkeia%3Atype77&
> step=exploit&target=2&payload=4&RHOST=127.0.0.1&RPORT=617&EXITFUNC=seh&PASS=
> pass&USER=foo
>
> What I have tried complains about there not being
> an open session.
>
> - Bill
More information about the framework
mailing list