用凡科网做网站怎么保存到桌面,白品网站建设,网页广告屏蔽,专门做书籍设计的网站本文较为详细的讲述了Python实现远程调用MetaSploit的方法#xff0c;对Python的学习来说有很好的参考价值。具体实现方法如下#xff1a;(1)安装Python的msgpack类库#xff0c;MSF官方文档中的数据序列化标准就是参照msgpack。rootkali:~# apt-get install python-setupto…本文较为详细的讲述了Python实现远程调用MetaSploit的方法对Python的学习来说有很好的参考价值。具体实现方法如下(1)安装Python的msgpack类库MSF官方文档中的数据序列化标准就是参照msgpack。rootkali:~# apt-get install python-setuptoolsrootkali:~# easy_install msgpack-python(2)创建createdb_sql.txt:create database msf;create user msf with password msf123;grant all privileges on database msf to msf;(3)在PostgreSQL 执行上述文件rootkali:~# /etc/init.d/postgresql startrootkali:~# sudo -u postgres /usr/bin/psql createdb_sql.txt(4)创建setup.rc文件db_connect msf:msf123127.0.0.1/msfload msgrpc Usermsf Passabc123(5)启动MSF并执行载入文件rootkali:~# msfconsole -r setup.rc* SNIP *[*] Processing setup.rc for ERB directives.resource (setup.rc) db_connect msf:msf123127.0.0.1/msf[*] Rebuilding the module cache in the background...resource (setup.rc) load msgrpc Usermsf Passabc123[*] MSGRPC Service: 127.0.0.1:55552[*] MSGRPC Username: msf[*] MSGRPC Password: abc123[*] Successfully loaded plugin: msgrpc(6)Github上有一个Python的类库不过很不好用rootkali:~# git clone git://github.com/SpiderLabs/msfrpc.git msfrpcrootkali:~# cd msfrpc/python-msfrpcrootkali:~# python setup.py install测试代码如下#!/usr/bin/env pythonimport msgpackimport httplibclass Msfrpc:class MsfError(Exception):def __init__(self,msg):self.msg msgdef __str__(self):return repr(self.msg)class MsfAuthError(MsfError):def __init__(self,msg):self.msg msgdef __init__(self,opts[]):self.host opts.get(host) or 127.0.0.1self.port opts.get(port) or 55552self.uri opts.get(uri) or /api/self.ssl opts.get(ssl) or Falseself.authenticated Falseself.token Falseself.headers {Content-type : binary/message-pack }if self.ssl:self.client httplib.HTTPSConnection(self.host,self.port)else:self.client httplib.HTTPConnection(self.host,self.port)def encode(self,data):return msgpack.packb(data)def decode(self,data):return msgpack.unpackb(data)def call(self,meth,opts []):if meth ! auth.login:if not self.authenticated:raise self.MsfAuthError(MsfRPC: Not Authenticated)if meth ! auth.login:opts.insert(0,self.token)opts.insert(0,meth)params self.encode(opts)self.client.request(POST,self.uri,params,self.headers)resp self.client.getresponse()return self.decode(resp.read())def login(self,user,password):ret self.call(auth.login,[user,password])if ret.get(result) success:self.authenticated Trueself.token ret.get(token)return Trueelse:raise self.MsfAuthError(MsfRPC: Authentication failed)if __name__ __main__:# Create a new instance of the Msfrpc client with the default optionsclient Msfrpc({})# Login to the msfmsg server using the password abc123client.login(msf,abc123)# Get a list of the exploits from the servermod client.call(module.exploits)# Grab the first item from the modules value of the returned dictprint Compatible payloads for : %s\n % mod[modules][0]# Get the list of compatible payloads for the first optionret client.call(module.compatible_payloads,[mod[modules][0]])for i in (ret.get(payloads)):print \t%s % i相信本文所述方法对大家的Python学习可以起到一定的学习借鉴作用。
