mirror of
https://github.com/Ed1s0nZ/CyberStrikeAI.git
synced 2026-03-31 08:19:54 +02:00
61 lines
1.7 KiB
YAML
61 lines
1.7 KiB
YAML
name: "metasploit"
|
||
command: "python3"
|
||
args:
|
||
- "-c"
|
||
- |
|
||
import json
|
||
import shlex
|
||
import subprocess
|
||
import sys
|
||
|
||
if len(sys.argv) < 2:
|
||
sys.stderr.write("缺少模块名称\n")
|
||
sys.exit(1)
|
||
|
||
module = sys.argv[1]
|
||
options_raw = sys.argv[2] if len(sys.argv) > 2 else "{}"
|
||
extra = sys.argv[3] if len(sys.argv) > 3 else ""
|
||
|
||
try:
|
||
options = json.loads(options_raw) if options_raw else {}
|
||
except json.JSONDecodeError as exc:
|
||
sys.stderr.write(f"选项解析失败: {exc}\n")
|
||
sys.exit(1)
|
||
|
||
commands = [f"use {module}"]
|
||
for key, value in options.items():
|
||
commands.append(f"set {key} {value}")
|
||
commands.append("run")
|
||
commands.append("exit")
|
||
|
||
cmd = ["msfconsole", "-q", "-x", "; ".join(commands)]
|
||
if extra:
|
||
cmd.extend(shlex.split(extra))
|
||
|
||
subprocess.run(cmd, check=False)
|
||
enabled: true
|
||
short_description: "Metasploit渗透测试框架"
|
||
description: |
|
||
通过 `msfconsole -q -x` 非交互执行模块。可提供JSON格式的模块选项,脚本自动构建 `set` 与 `run` 指令。
|
||
parameters:
|
||
- name: "module"
|
||
type: "string"
|
||
description: "要使用的Metasploit模块(例如 exploit/windows/smb/ms17_010_eternalblue)"
|
||
required: true
|
||
position: 0
|
||
format: "positional"
|
||
- name: "options"
|
||
type: "string"
|
||
description: "模块选项(JSON对象,键值对应 set 指令)"
|
||
required: false
|
||
default: "{}"
|
||
position: 1
|
||
format: "positional"
|
||
- name: "additional_args"
|
||
type: "string"
|
||
description: "额外的 msfconsole 参数(追加在命令末尾)"
|
||
required: false
|
||
default: ""
|
||
position: 2
|
||
format: "positional"
|