diff --git a/README.md b/README.md index e09a164..988af9b 100644 --- a/README.md +++ b/README.md @@ -3,16 +3,19 @@ A *battery* of Metasplot Resource Scripts This repository is a collection of Metasploit resource scripts that perform a *battery* of tests for "low hanging fruit". Installation ------------- -First, you need to get [Metasploit][msf on github] up and running. Make sure you have the [database configured][msf database setup]. +First, you need to get [Metasploit][msf on github] up and running. Make sure you have the [database configured][msf database setup] (e.g. `service postgresql start && msfdb init`). -To 'install' battery, just copy the *battery* folder, along with *battery.rc* to the resource folder in your Metasploit user's scripts directory (it is usually something like */home/yourname/.msf4/scripts/resouce*). You should have something like: +To 'install' battery, simply run the install script: + * `./install.sh` + +Alternatively, just copy the *battery* folder, along with *battery.rc* to the resource folder in your Metasploit user's scripts directory (it is usually something like */home/yourname/.msf4/scripts/resouce*). You should have something like: * ~/.msf4/scripts/resource/battery/ * ~/.msf4/scripts/resource/battery.rc Usage ------ -Battery selects targets based off of services included in the Metasploit database. You can use nmap within Metasploit to find hosts and services and add them to the database: `db_nmap -A -v some_host_or_range` +Battery selects targets based off of services included in the Metasploit database. You can use nmap within Metasploit to find hosts and services and add them to the database: `db_nmap -A -v some_host_or_range` Note: Battery scripts reqire service and OS data, so it is recommended that you run nmap with at least the `-S` and `-O` flags. Just call the battery.rc resource script within msfconsole to start: `resource battery.rc` diff --git a/battery.rc b/battery.rc index cc6ea4b..2e853ba 100644 --- a/battery.rc +++ b/battery.rc @@ -52,3 +52,4 @@ end unset all popm +back diff --git a/battery/ms17_010_check.rc b/battery/ms17_010_check.rc index 7e72411..5c9cb6c 100644 --- a/battery/ms17_010_check.rc +++ b/battery/ms17_010_check.rc @@ -20,7 +20,7 @@ =end # Print Header -print_status "Using check from auxiliary/scanner/smb/smb_ms17_010" +print_status "Using auxiliary/scanner/smb/smb_ms17_010" # Get a list of target services targets = [] @@ -42,11 +42,11 @@ if targets.empty? else # Setup the module self.run_single("use auxiliary/scanner/smb/smb_ms17_010") + self.run_single("set ShowProgress false") self.run_single("set VERBOSE true") - # Run the module once for each discovered target port (with the associated hosts) - targets = targets.join(' ') - print_status "Target List: #{targets}" - self.run_single("run '#{targets}'") + # Run the module against all hosts + self.run_single("set RHOSTS #{targets.join(' ')}") + self.run_single("run") end diff --git a/install.sh b/install.sh new file mode 100755 index 0000000..8114dfe --- /dev/null +++ b/install.sh @@ -0,0 +1,17 @@ +#!/bin/sh +# install battery msf scripts +# (c) Thom Hastings 2018 GNU GPLv3 +# h/t: @TrentonIvey aka kn0 +# https://github.com/kn0/battery +# +# plz run as root on kali linux +# +echo "Installing..." +# mk dirs +mkdir -p ~/.msf4/scripts/resource/ +# copy battery script +cp -rf battery.rc ~/.msf4/scripts/resource/ +# copy battery directory +cp -R -rf battery ~/.msf4/scripts/resource/battery +# let the user know it worked +echo "battery installed to ~/.msf4/scripts/resource"