API tools faq
paste
Advertisement
zeroSteiner

External Evasion Module Demo

zeroSteiner
Jan 30th, 2019
154
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.28 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python
  2. import binascii
  3. import collections
  4. import functools
  5. import hashlib
  6. import logging
  7. import os
  8.  
  9. import metasploit.module as module
  10.  
  11. _printer = collections.namedtuple('_Printer', ('print_error', 'print_good', 'print_status', 'print_warning'))
  12. printer = _printer(
  13.     print_error=functools.partial(module.log, level='error'),
  14.     print_good=functools.partial(module.log, level='good'),
  15.     print_status=functools.partial(module.log, level='status'),
  16.     print_warning=functools.partial(module.log, level='warning'),
  17. )
  18.  
  19. targets = {
  20.     'Windows x86': {
  21.         'arch': 'x86',
  22.         'platform': 'win',
  23.     },
  24.     'Windows x64': {
  25.         'arch': 'x64',
  26.         'platform': 'win',
  27.     },
  28. }
  29.  
  30. metadata = {
  31.     'name': 'PR Demo',
  32.     'description': '''
  33.         This module demonstrates the functionality added by a pull request to
  34.         the metasploit framework created by Spencer McIntyre in January 2019.
  35.      ''',
  36.     'authors': ['Spencer McIntyre'],
  37.     'license': 'MSF_LICENSE',
  38.     'type': 'evasion',
  39.     'options': {
  40.         'LOG_LEVEL': {
  41.             'advanced': True,
  42.             'type': 'enum',
  43.             'description': 'The log level',
  44.             'required': True,
  45.             'default': 'WARNING',
  46.             'values': ['DEBUG', 'INFO', 'WARNING', 'ERROR', 'CRITICAL']
  47.         },
  48.         'LOG_NAME': {
  49.             'advanced': True,
  50.             'type': 'string',
  51.             'description': 'The name of the root logger',
  52.             'required': False,
  53.             'default': ''
  54.         },
  55.     },
  56.     'describe_payload_options': {
  57.         'PAYLOAD': 'windows/meterpreter/reverse_https'
  58.     },
  59.     'targets': [dict(name=name, **value) for name, value in targets.items()],
  60.     'references': [
  61.         {'type': 'URL', 'ref': 'https://github.com/rapid7/metasploit-framework'}
  62.     ]
  63. }
  64.  
  65. def run(msf_options):
  66.     module.LogHandler.setup(level=msf_options['LOG_LEVEL'], name=msf_options['LOG_NAME'])
  67.     printer.print_status('Demo module version 3')
  68.     try:
  69.         target = targets[msf_options['target']]
  70.         printer.print_status('The target architecture is: ' + target['arch'])
  71.  
  72.         payload = binascii.a2b_base64(msf_options['payload_encoded'])
  73.         payload_hash = hashlib.new('sha256', payload)
  74.         printer.print_status('Payload hash (SHA-256): ' + payload_hash.hexdigest())
  75.         # this is where we'd convert it to an EXE doing something fancy
  76.     except Exception:
  77.         logging.error('The module encountered and exception', exc_info=True)
  78.  
  79. if __name__ == '__main__':
  80.     module.run(metadata, run)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!