mirror of
https://github.com/Ed1s0nZ/CyberStrikeAI.git
synced 2026-07-10 06:18:37 +02:00
Add files via upload
This commit is contained in:
+46
-32
@@ -1,46 +1,60 @@
|
||||
name: "metasploit"
|
||||
command: "msfconsole"
|
||||
command: "python3"
|
||||
args:
|
||||
- "-c"
|
||||
- |
|
||||
import json
|
||||
import shlex
|
||||
import subprocess
|
||||
import sys
|
||||
|
||||
if len(sys.argv) < 2:
|
||||
sys.stderr.write("缺少模块名称\n")
|
||||
sys.exit(1)
|
||||
|
||||
module = sys.argv[1]
|
||||
options_raw = sys.argv[2] if len(sys.argv) > 2 else "{}"
|
||||
extra = sys.argv[3] if len(sys.argv) > 3 else ""
|
||||
|
||||
try:
|
||||
options = json.loads(options_raw) if options_raw else {}
|
||||
except json.JSONDecodeError as exc:
|
||||
sys.stderr.write(f"选项解析失败: {exc}\n")
|
||||
sys.exit(1)
|
||||
|
||||
commands = [f"use {module}"]
|
||||
for key, value in options.items():
|
||||
commands.append(f"set {key} {value}")
|
||||
commands.append("run")
|
||||
commands.append("exit")
|
||||
|
||||
cmd = ["msfconsole", "-q", "-x", "; ".join(commands)]
|
||||
if extra:
|
||||
cmd.extend(shlex.split(extra))
|
||||
|
||||
subprocess.run(cmd, check=False)
|
||||
enabled: true
|
||||
|
||||
short_description: "Metasploit渗透测试框架"
|
||||
|
||||
description: |
|
||||
Metasploit是一个渗透测试框架,提供大量漏洞利用模块和辅助工具。
|
||||
|
||||
**主要功能:**
|
||||
- 漏洞利用
|
||||
- 载荷生成
|
||||
- 后渗透模块
|
||||
- 辅助工具
|
||||
|
||||
**使用场景:**
|
||||
- 渗透测试
|
||||
- 漏洞利用
|
||||
- 安全测试
|
||||
- 安全研究
|
||||
|
||||
通过 `msfconsole -q -x` 非交互执行模块。可提供JSON格式的模块选项,脚本自动构建 `set` 与 `run` 指令。
|
||||
parameters:
|
||||
- name: "module"
|
||||
type: "string"
|
||||
description: "要使用的Metasploit模块"
|
||||
description: "要使用的Metasploit模块(例如 exploit/windows/smb/ms17_010_eternalblue)"
|
||||
required: true
|
||||
|
||||
position: 0
|
||||
format: "positional"
|
||||
- name: "options"
|
||||
type: "string"
|
||||
description: "模块选项(JSON格式)"
|
||||
description: "模块选项(JSON对象,键值对应 set 指令)"
|
||||
required: false
|
||||
|
||||
default: "{}"
|
||||
position: 1
|
||||
format: "positional"
|
||||
- name: "additional_args"
|
||||
type: "string"
|
||||
description: |
|
||||
额外的metasploit参数。用于传递未在参数列表中定义的metasploit选项。
|
||||
|
||||
**示例值:**
|
||||
- 根据工具特性添加常用参数示例
|
||||
|
||||
**注意事项:**
|
||||
- 多个参数用空格分隔
|
||||
- 确保参数格式正确,避免命令注入
|
||||
- 此参数会直接追加到命令末尾
|
||||
description: "额外的 msfconsole 参数(追加在命令末尾)"
|
||||
required: false
|
||||
format: "positional"
|
||||
default: ""
|
||||
position: 2
|
||||
format: "positional"
|
||||
|
||||
Reference in New Issue
Block a user