README
¶
gomsf
Golang based RPC client to communicate with Metasploit
https://docs.rapid7.com/metasploit/rpc-api
⚠ This is experimental and subject to breaking changes.
Starting the RPC Server for Metasploit
msfrpcd -U user -P pass
Connecting to the RPC Server
client, err := gomsf.New("0.0.0.0:55553")
if err != nil {
panic(err)
}
if err := client.Login("user", "pass"); err != nil {
panic(err)
}
defer client.Logout()
Encode data with an encoder
encoded, err := client.Module.Encode("AAAA", "x86/shikata_ga_nai", &gomsf.EncodeOptions{
Format: "c",
})
if err != nil {
panic(err)
}
fmt.Printf("%s\n", encoded)
This will encode 'AAAA' with shikata_ga_nai, and prints the following c code:
unsigned char buf[] =
"\xbb\xc6\xee\x4d\x66\xd9\xee\xd9\x74\x24\xf4\x58\x33\xc9\xb1"
"\x02\x31\x58\x12\x83\xe8\xfc\x03\x9e\xe0\xaf\x93\x5f\xbc\x6e"
"\x1d";
Get infos about a module
info, err := client.Module.Info(gomsf.ExploitType, "windows/smb/ms08_067_netapi")
if err != nil {
panic(err)
}
fmt.Printf("Name: %s\n", info.Name)
fmt.Printf("Rank: %s\n", info.Rank)
This gives us the metadata of ms08_067_netapi
Name: MS08-067 Microsoft Server Service Relative Path Stack Corruption
Rank: great
License
ExcellentRanking 这个漏洞永远不会使服务崩溃。这是SQL注入,CMD执行,RFI,LFI等的情况。没有典型的内存损坏漏洞应该给这个rank,除非有特殊情况 GreatRanking exploit有一个默认的目标和自动检测目标,或者在版本检查后使用特定于应用程序的返回地址。 GoodRanking 该exploit具有默认目标,这是这种类型的软件(英语,桌面应用程序的Windows 7,2012的服务器等)的“常见情况”。 NormalRanking 这个漏洞是可靠的,但取决于一个特定的版本,不能(或不)可靠地自动检测。这个 AverageRanking exploit通常是不可靠或者很难被利用的。 LowRanking 对于通用平台来说,exploit几乎不可能(或者低于50%的成功率)成功。 ManualRanking 这个exploit不稳定或难以exploit,基本上是一个DoS。当模块没有用处,除非用户特别配置(例如exploit /unix/webapp/php_eval),这个排名也被使用。
Documentation
¶
Index ¶
- type AuthManager
- type Auxiliary
- type Client
- type ClientOptions
- type Console
- type ConsoleManager
- type CoreManager
- func (c *CoreManager) Getg(optionName string) (string, error)
- func (c *CoreManager) ModuleStats() error
- func (c *CoreManager) ReloadModules() error
- func (c *CoreManager) Save() error
- func (c *CoreManager) Setg(optionName, optionValue string) error
- func (c *CoreManager) Stop() error
- func (c *CoreManager) ThreadKill(threadID string) error
- func (c *CoreManager) ThreadList() error
- func (c *CoreManager) Unsetg(optionName string) error
- func (c *CoreManager) Version() (*rpc.CoreVersionRes, error)
- type EncodeOptions
- type Evasion
- type Exploit
- type HealthManager
- type JobManager
- type ModuleManager
- func (mm *ModuleManager) Architectures() ([]string, error)
- func (mm *ModuleManager) Auxiliaries() ([]string, error)
- func (mm *ModuleManager) CompatibleSessions(moduleName string) ([]string, error)
- func (mm *ModuleManager) Encode(data string, encoderModule string, options *EncodeOptions) ([]byte, error)
- func (mm *ModuleManager) Encoders() ([]string, error)
- func (mm *ModuleManager) Evasions() ([]string, error)
- func (mm *ModuleManager) Execute(moduleType ModuleType, moduleName string, options map[string]interface{}) (*rpc.ModuleExecuteRes, error)
- func (mm *ModuleManager) Exploits() ([]string, error)
- func (mm *ModuleManager) Info(moduleType ModuleType, moduleName string) (*rpc.ModuleInfoRes, error)
- func (mm *ModuleManager) InfoHTML(moduleType ModuleType, moduleName string) (string, error)
- func (mm *ModuleManager) Nops() ([]string, error)
- func (mm *ModuleManager) Options(moduleType ModuleType, moduleName string) (*rpc.ModuleOptionsRes, error)
- func (mm *ModuleManager) Payloads() ([]string, error)
- func (mm *ModuleManager) Platforms() (*rpc.ModulePlatformsRes, error)
- func (mm *ModuleManager) Posts() ([]string, error)
- func (mm *ModuleManager) UseAuxiliary(moduleName string) (*Auxiliary, error)
- func (mm *ModuleManager) UseExploit(moduleName string) (*Exploit, error)
- func (mm *ModuleManager) UsePost(moduleName string) (*Post, error)
- type ModuleType
- type OptionsParam
- type Payload
- type PluginManager
- type Post
- type SessionManager
- func (s *SessionManager) List() (rpc.SessionListRes, error)
- func (s *SessionManager) MeterpreterRead(sid int) (string, error)
- func (s *SessionManager) MeterpreterSessionKill(sid int) (rpc.SessionMeterpreterKillRes, error)
- func (s *SessionManager) MeterpreterWrite(sid int, command string) (string, error)
- func (s *SessionManager) Modules(sid int) ([]string, error)
- func (s *SessionManager) Read(sid int) (string, error)
- func (s *SessionManager) RunSingle(session int, cmd string) (rpc.SessionMeterpreterRunSingleRes, error)
- func (s *SessionManager) SessionDetach(sid int) (rpc.SessionMeterpreterDetachRes, error)
- func (s *SessionManager) ShellRead(session int, readPointer uint32) (string, error)
- func (s *SessionManager) ShellWrite(sid int, command string) error
- func (s *SessionManager) Stop(sid int) (string, error)
- func (s *SessionManager) Write(sid int, command string) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthManager ¶
type AuthManager struct {
// contains filtered or unexported fields
}
func (*AuthManager) Logout ¶
func (am *AuthManager) Logout() error
type Client ¶
type Client struct {
Auth *AuthManager
Consoles *ConsoleManager
Core *CoreManager
Health *HealthManager
Plugins *PluginManager
Jobs *JobManager
Module *ModuleManager
Session *SessionManager
// contains filtered or unexported fields
}
func (*Client) APIVersion ¶
func (*Client) Authenticated ¶
func (*Client) HealthCheck ¶
type ClientOptions ¶
type Console ¶
type Console struct {
// contains filtered or unexported fields
}
func (*Console) Read ¶
func (c *Console) Read() (*rpc.ConsoleReadRes, error)
Read reads data from the console
func (*Console) SessionDetach ¶
SessionDetach detachs the current meterpreter or shell session
func (*Console) SessionKill ¶
SessionKill kills all active meterpreter or shell sessions
type ConsoleManager ¶
type ConsoleManager struct {
// contains filtered or unexported fields
}
func (*ConsoleManager) Console ¶
func (cm *ConsoleManager) Console() (*Console, error)
Console creates a new framework console instance
func (*ConsoleManager) Destroy ¶
func (cm *ConsoleManager) Destroy(consoleID string) error
Destroy destroys an active console
func (*ConsoleManager) List ¶
func (cm *ConsoleManager) List() (*rpc.ConsoleListRes, error)
List lists active consoles
type CoreManager ¶
type CoreManager struct {
// contains filtered or unexported fields
}
func (*CoreManager) ModuleStats ¶
func (c *CoreManager) ModuleStats() error
func (*CoreManager) ReloadModules ¶
func (c *CoreManager) ReloadModules() error
func (*CoreManager) Save ¶
func (c *CoreManager) Save() error
func (*CoreManager) Setg ¶
func (c *CoreManager) Setg(optionName, optionValue string) error
func (*CoreManager) ThreadKill ¶
func (c *CoreManager) ThreadKill(threadID string) error
func (*CoreManager) ThreadList ¶
func (c *CoreManager) ThreadList() error
func (*CoreManager) Unsetg ¶
func (c *CoreManager) Unsetg(optionName string) error
func (*CoreManager) Version ¶
func (c *CoreManager) Version() (*rpc.CoreVersionRes, error)
type EncodeOptions ¶
type EncodeOptions struct {
Format string `structs:"format,omitempty"` // Encoding format
Badchars string `structs:"badchars,omitempty"` // Bad characters
Platform string `structs:"platform,omitempty"` // Platform
Arch string `structs:"arch,omitempty"` // Architecture
ECount int `structs:"ecount,omitempty"` // Number of times to encode
Inject bool `structs:"inject,omitempty"` // Enable injection
Template string `structs:"template,omitempty"` // The template file (an executable)
TemplatePath string `structs:"template_path,omitempty"` // Template path
Addshellcode string `structs:"addshellcode,omitempty"` // Custom shellcode
}
type HealthManager ¶
type HealthManager struct {
// contains filtered or unexported fields
}
func (*HealthManager) Check ¶
func (hm *HealthManager) Check() error
type JobManager ¶
type JobManager struct {
// contains filtered or unexported fields
}
func (*JobManager) Info ¶
func (jm *JobManager) Info(jobID string) (*rpc.JobInfoRes, error)
func (*JobManager) List ¶
func (jm *JobManager) List() (*rpc.JobListRes, error)
func (*JobManager) Stop ¶
func (jm *JobManager) Stop(jobID string) error
type ModuleManager ¶
type ModuleManager struct {
// contains filtered or unexported fields
}
func (*ModuleManager) Architectures ¶
func (mm *ModuleManager) Architectures() ([]string, error)
func (*ModuleManager) Auxiliaries ¶
func (mm *ModuleManager) Auxiliaries() ([]string, error)
func (*ModuleManager) CompatibleSessions ¶
func (mm *ModuleManager) CompatibleSessions(moduleName string) ([]string, error)
func (*ModuleManager) Encode ¶
func (mm *ModuleManager) Encode(data string, encoderModule string, options *EncodeOptions) ([]byte, error)
func (*ModuleManager) Encoders ¶
func (mm *ModuleManager) Encoders() ([]string, error)
func (*ModuleManager) Evasions ¶
func (mm *ModuleManager) Evasions() ([]string, error)
func (*ModuleManager) Execute ¶
func (mm *ModuleManager) Execute(moduleType ModuleType, moduleName string, options map[string]interface{}) (*rpc.ModuleExecuteRes, error)
func (*ModuleManager) Exploits ¶
func (mm *ModuleManager) Exploits() ([]string, error)
Exploits 渗透攻击模块
func (*ModuleManager) Info ¶
func (mm *ModuleManager) Info(moduleType ModuleType, moduleName string) (*rpc.ModuleInfoRes, error)
func (*ModuleManager) InfoHTML ¶
func (mm *ModuleManager) InfoHTML(moduleType ModuleType, moduleName string) (string, error)
func (*ModuleManager) Options ¶
func (mm *ModuleManager) Options(moduleType ModuleType, moduleName string) (*rpc.ModuleOptionsRes, error)
func (*ModuleManager) Payloads ¶
func (mm *ModuleManager) Payloads() ([]string, error)
Payloads 攻击载荷模块
func (*ModuleManager) Platforms ¶
func (mm *ModuleManager) Platforms() (*rpc.ModulePlatformsRes, error)
func (*ModuleManager) UseAuxiliary ¶
func (mm *ModuleManager) UseAuxiliary(moduleName string) (*Auxiliary, error)
func (*ModuleManager) UseExploit ¶
func (mm *ModuleManager) UseExploit(moduleName string) (*Exploit, error)
type ModuleType ¶
type ModuleType string
const ( ExploitType ModuleType = "exploit" AuxiliaryType ModuleType = "auxiliary" PostType ModuleType = "post" PayloadType ModuleType = "payload" EvasionType ModuleType = "evasion" EncoderType ModuleType = "encoder" NopType ModuleType = "nop" )
type OptionsParam ¶
type PluginManager ¶
type PluginManager struct {
// contains filtered or unexported fields
}
func (*PluginManager) List ¶
func (pm *PluginManager) List() ([]string, error)
func (*PluginManager) Load ¶
func (pm *PluginManager) Load(name string, options map[string]string) error
func (*PluginManager) UnLoad ¶
func (pm *PluginManager) UnLoad(name string) error
type SessionManager ¶
type SessionManager struct {
// contains filtered or unexported fields
}
func (*SessionManager) List ¶
func (s *SessionManager) List() (rpc.SessionListRes, error)
func (*SessionManager) MeterpreterRead ¶
func (s *SessionManager) MeterpreterRead(sid int) (string, error)
func (*SessionManager) MeterpreterSessionKill ¶
func (s *SessionManager) MeterpreterSessionKill(sid int) (rpc.SessionMeterpreterKillRes, error)
func (*SessionManager) MeterpreterWrite ¶
func (s *SessionManager) MeterpreterWrite(sid int, command string) (string, error)
func (*SessionManager) RunSingle ¶
func (s *SessionManager) RunSingle(session int, cmd string) (rpc.SessionMeterpreterRunSingleRes, error)
func (*SessionManager) SessionDetach ¶
func (s *SessionManager) SessionDetach(sid int) (rpc.SessionMeterpreterDetachRes, error)
func (*SessionManager) ShellRead ¶
func (s *SessionManager) ShellRead(session int, readPointer uint32) (string, error)
func (*SessionManager) ShellWrite ¶
func (s *SessionManager) ShellWrite(sid int, command string) error
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.