Pymetasploit

A simplified version of the famous PyMetaSploit3, which implements the pure functionality of interacting with remote msfrpcd without using threads.

Installing

You can install the library as follow:

Or:

Usage

Firstly you need to start msfrpcd (like follow):

where:

• -P secret
  - set the password
  secret
  ;
• -p 55553
  - listen port 55553;
• -f
  - run listener in the foreground.

Now to connect to listener you need to create

class:

This class supports following methods:

• login()
  - Trying to login in msfrpcd;

• logout()
  - Trying to remove login token in msfrpcd;

• add_token(token)
  - Added token to msfrpcd as valid and use new token with requests;

• token_list()
  - Return all tokens that used in msfrpcd;

• token_remove(token)
  : Delete specified token, stored in MsfRpcd server side;

• create_console()
  - Create a new MetaSploit console and return them;

• console_list()
  - Return all consoles in msfrpcd;

• destroy_console(console_id)
  - Destroy console in msfrpcd by its id.

MetaSploit console can be created via

method:

An MsfRpcConsole object has following methods:

• write(data)
  - write data to console;

• read()
  - Return any output currently buffered by the console that has not already been read and returned it as binary string. Note that a newly allocated console will have the initial banner available to read. If console is already busy, this method set attribute
  busy
  as
  True
  in an instance of the class;

• read_all(callback=None)
  - Read data from the console as long as console is busy and returned it as binary string. If callback is not
  None
  , call callback function on every call method
  read
  , that return a non-empty result;

• destroy
  - Delete a current running console instance.

MetaSploit console we can also create via context manager: