
Nmap Development mailing list archives
Re: [NSE] metasploit-info
From: Aleksandar Nikolic <nikolic.alek () gmail com>
Date: Sat, 7 Jul 2012 21:16:54 +0200
Thanks for the comments. Oh, and this script wasn't intended as a critique of rpc service's security. It's just using it the way it's intended. It just goes along nicely with last weeks brute force script. Thanks, Aleksandar On Sat, Jul 7, 2012 at 8:18 PM, HD Moore <hdm () digitaloffense net> wrote:
Linux/Windows is all we officially support for the commercial install, but msfrpcd will run on iPads, BSD, OS X, etc. Theoretically we can disable command passthrough on shells (Defang), but it would be fairly pointless: 1) Modules can take file:/paths for String option names 2) Modules can be loaded through an API call (for a user able to put code in the local fs) 3) Console output can be spooled to any writeable file 4) RPC access == root is an easy security concept -HD -----Original Message----- From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org] On Behalf Of Aleksandar Nikolic Sent: Saturday, July 07, 2012 10:25 AM To: Nmap Dev Subject: [NSE] metasploit-info Hi all, here's a post auth info gathering script that uses metasploit rpc service. It requires valid username and password of course. What it does is: 1) Login to get auth token 2) Get metasploit version to deduce if we are on linux or windows (if you can supply me with other version info I'd gladly add it). 3) Create new console 4) Execute the command (systeminfo on windows, uname -a and id on linux) 5) Read the result 6) Optionally, execute user supplied command 7) Close the console If anybody want's to test it, it's attached. Please share your comments and ideas. Aleksandar _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] metasploit-info Aleksandar Nikolic (Jul 07)
- RE: [NSE] metasploit-info HD Moore (Jul 07)
- Re: [NSE] metasploit-info Aleksandar Nikolic (Jul 07)
- RE: [NSE] metasploit-info HD Moore (Jul 07)