MetaSploit Autoit Integration

[RogFleming]

Do not flame or pass judgement on this idea, I work in Information Security, and really having a hard time selling the idea that our company needs to do Pen Testing on

New vendor procuts coming into our environment. I have demo the Metasploit Express and Pro versions and just wanted more control over what happens and it is costly, and do not what to have to type my brains out doing repetative tasks. So I figured maybe I could create a frontend myself, but so far interfacing with the MSFConsole has been trying at best. I can get the read from the console but not the write to the the console down correctly. What I looking to do at first is to start the msfconsole and wait for the msf> prompt then type the help command and read the console for the list of commands. Once I get there I will be off and running. Any help would be great.

#include <Constants.au3>
; Set Buffer
Dim $buffer

; Start CMD
$cmd = ShellExecute("C:\framework\ruby\bin\ruby.exe","msfconsole -e production -y %BASE%\config\database.yml","C:\framework\msf3",@SW_HIDE, $STDIN_CHILD + $STDOUT_CHILD)

; Send Commands

; Read Outputed Data
While 1

    $cmdOut = StdoutRead($cmd)

    If $cmdOut <> $buffer Then
        $buffer = $cmdOut
        ;ConsoleWrite($buffer)
        MsgBox(1,"",$buffer)
        ExitLoop
    EndIf
    Sleep(10)
Wend < everythings works up to this point, just cannot get my head around the StdinWrite and StdoutRead and keep the interface going.
$command = "help"
StdinWrite($cmd, $command & @LF)
StdinWrite($cmd)
While 1

    $cmdOut = StdoutRead($cmd)

    If $cmdOut <> $buffer Then
        $buffer = $cmdOut
        ;ConsoleWrite($buffer)
        MsgBox(1,"",$buffer)
    EndIf
    Sleep(10)
Wend

[martin]

Do not flame or pass judgement on this idea, I work in Information Security, and really having a hard time selling the idea that our company needs to do Pen Testing on

New vendor procuts coming into our environment. I have demo the Metasploit Express and Pro versions and just wanted more control over what happens and it is costly, and do not what to have to type my brains out doing repetative tasks. So I figured maybe I could create a frontend myself, but so far interfacing with the MSFConsole has been trying at best. I can get the read from the console but not the write to the the console down correctly. What I looking to do at first is to start the msfconsole and wait for the msf> prompt then type the help command and read the console for the list of commands. Once I get there I will be off and running. Any help would be great.

#include <Constants.au3>
; Set Buffer
Dim $buffer

; Start CMD
$cmd = ShellExecute("C:\framework\ruby\bin\ruby.exe","msfconsole -e production -y %BASE%\config\database.yml","C:\framework\msf3",@SW_HIDE, $STDIN_CHILD + $STDOUT_CHILD)

; Send Commands

; Read Outputed Data
While 1

    $cmdOut = StdoutRead($cmd)

    If $cmdOut <> $buffer Then
        $buffer = $cmdOut
        ;ConsoleWrite($buffer)
        MsgBox(1,"",$buffer)
        ExitLoop
    EndIf
    Sleep(10)
Wend < everythings works up to this point, just cannot get my head around the StdinWrite and StdoutRead and keep the interface going.
$command = "help"
StdinWrite($cmd, $command & @LF)
StdinWrite($cmd)
While 1

    $cmdOut = StdoutRead($cmd)

    If $cmdOut <> $buffer Then
        $buffer = $cmdOut
        ;ConsoleWrite($buffer)
        MsgBox(1,"",$buffer)
    EndIf
    Sleep(10)
Wend

Your ShellExecute is probably the problem. You have "@SW_HIDE" as the verb, and "$STDIN_CHILD + $STDOUT_CHILD" as the show flag. Try using Run instead and see if it makes a difference.

$cmd = Run('"C:\framework\ruby\bin\ruby.exe" msfconsole -e production -y %BASE%\config\database.yml',"C:\framework\msf3",@SW_HIDE, $STDIN_CHILD + $STDOUT_CHILD)

I would use @SW_SHOW and not use @SW_HIDE until I had got the thing working so I could see what was happening.

You also need to exit your while loop if @error after the StdOutRead line I think.

[RogFleming]

Well not getting very far, I not able to send data and see the results

expandcollapse popup

Global $iMemo, $cmd, $Input1
Main()
func Main()


$Form1 = GUICreate("MetaSploit for Autoit", 1024, 768,-1,-1)
$iMemo = GUICtrlCreateEdit("",517,5,502,758)
$Input1 = GUICtrlCreateInput("Command", 10,10, 200, 20)
$Button1 = GUICtrlCreateButton("Send", 220,10, 75, 25)
GUISetState(@SW_SHOW)
StartSploit()

While 1
    $nMsg = GUIGetMsg()
    Switch $nMsg
        Case $GUI_EVENT_CLOSE
            ProcessClose("ruby.exe")
            Exit
        Case $Button1
            $sMsg = GUICtrlRead($Input1)
            WriteStdin($sMsg)
    EndSwitch
WEnd


EndFunc
Func WriteStdin($sMsg)
            MemoWrite("Sending: "&$sMsg)
            StdinWrite($cmd,$sMsg)
            If @error Then MemoWrite("StdInWrite Error: "&@error)
EndFunc

Func ReadSTDOUT()
                Dim $buffer
                While 1
                    $cmdOut = StdoutRead($cmd)
                    If @error Then MemoWrite("StdOutRead Error: "&@error)
                    If $cmdOut <> $buffer Then
                        $buffer = $cmdOut
                        MemoWrite($buffer)
                        ExitLoop
                    EndIf
                    Sleep(10)
                Wend
EndFunc



Func StartSploit()
                Dim $buffer
                $cmd = Run("C:\framework\ruby\bin\ruby.exe"&" "&"msfconsole -e production -y %BASE%\config\database.yml","C:\framework\msf3",@SW_HIDE, $STDIN_CHILD + $STDOUT_CHILD)
                ReadSTDOUT()

EndFunc

Func MemoWrite($sMessage)
    GUICtrlSetData($iMemo, $sMessage & @CRLF, 1)
EndFunc   ;==>MemoWrite

[hdm]

Howdy,

There are dozens of ways to automate the Metasploit products, most of which work for both the commercial and the open source versions. It looks like you are using the Win32 installation of Metasploit Framework 3.5.0 -- you have two simple options for automation here:

1. Create a resource file that contains the commands you want to automate in msfconsole. This can also include blocks of Ruby code that automate the internals of the framework, wait for sessions, etc. You can find more information at the following blog post: http://blog.metasploit.com/2010/03/automating-metasploit-console.html

2. Run a XMLRPC daemon, do this either by loading the xmlrpc plugin from msfconsole or running "ruby msfrpcd" with appropriate options from the command prompt. If you run this in Web mode, you can use any existing XMLRPC client to run modules and interact with the results. The following web page includes information on the RPC interface: http://www.metasploit.com/redmine/projects/framework/wiki/XMLRPC . The Metasploit Pro and Metasploit Express products actually use the standard XMLRPC interface to communicate between the backend Pro service and the web interface.

As far as interacting with ruby via stdin/stdout, this is not recommended. The reason is that if you run this from a CMD.exe prompt (or from AutoIT), then the background threads in Metasploit will hang while it reads input. This is why we had to ship Console2 with the latest release and Cygwin with the prior releases. Your best bet is automating through Ruby RC scripts or the XMLRPC interfaces.

Good luck and let us (msfdev[at]metasploit.com) know if you need anything.

-HD

[RogFleming]

Thanks HD Moore,

I think I figured a workaround, I seem to be able to pass commands using the SEND command,

kinda like cut and paste. It works good and can capture the response using the stdin stream.

Thanks,

I will post an Example shortly!