Metasploit MS08_067 Scanner Resource Script

Today I’ve been messing around with Metasploit and came up with this, its not rocket science and uses a bit of code from another resource script written by @mubix, you can find it here http://www.room362.com/blog/2010/9/12/rapid-fire-psexec-for-metasploit.html

Any ways I thought why not try and write some resource scripts that look for ‘low hanging fruit’ to kinda speed up the pwnage on big network penetration tests.

The ms08_067 exploit module supports the ‘check’ function which we use to find our vulnerable hosts, there are more exploits with this function but not all.

Here’s the code its pretty self explanitory, just set the rhosts variable in the script.

################################################
# MS08_067 Vulnerability Checker Resource Script
################################################
use exploit/windows/smb/ms08_067_netapi

require 'rex/socket/range_walker'
#################################################
#Set rhosts to be network range you want to check
#################################################
rhosts = "192.168.0.0/24"
iplist = Rex::Socket::RangeWalker.new(rhosts)
iplist.each do |rhost|
self.run_single("set RHOST #{rhost}")
self.run_single("check")
end

Copy the code into a file called ms08_067_checker.rc and save it here /root/.msf4/scripts/resource or /yourusername/.msf4/scripts/resource, to be able to use it directly from msfconsole.
The resource script output is as below:

Unlucky…

Woot, we’re in luck.

The rest is simple,   Happy hunting.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s