msf MessageBox后渗透模块编写

message_box.rb

##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

class MetasploitModule < Msf::Post
  include Msf::Post::File
  include Msf::Post::Windows::Registry
  include Msf::Post::Windows::Powershell
  def initialize(info={})
    super(update_info(info,
      'Name'            => "Windows Message Box",
      'Description'     => %q{
        Show a MessageBox in desktop.
      },
      'License'         => MSF_LICENSE,
      'Platform'        => ['win'],
      'SessionTypes'    => ['meterpreter'],
      'Author'          => ['cosmop01tain']
    ))
    register_options(
    [
          OptString.new( 'TEXT', [true, 'Message Box content']),
          OptString.new( 'CAPTION', [true, 'Message Box caption'])
    ])
  end

  #
  # RAILGUN HELPER FUNCTIONS
  #
  def is_86
    pid = session.sys.process.open.pid
    return session.sys.process.each_process.find { |i| i["pid"] == pid} ["arch"] == "x86"
  end

  def add_railgun_messagebox

    if client.railgun.libraries.find_all {|d| d.first == 'user32'}.empty?
      session.railgun.add_dll('user32','user32')
      session.railgun.add_function(
        'user32', 'MessageBoxW', 'DWORD',
          [
            #['DWORD', 'pCaller', 'in'],
            ['pBLOB','hWnd','in']
            ['PWCHAR','szText','in'],
            ['PWCHAR','szCaption','in'],
            ['DWORD','dwType','in'],
            #['PBLOB','lpfnCB','inout']
      ])
      vprint_good("user32 loaded and configured")
    else
      vprint_status("user32 already loaded")
    end

end
  def run
    #check for meterpreter and version of ie
    if session.type != "meterpreter" and session.platform !~ /win/
      print_error("This module only works with Windows Meterpreter sessions")
      return 0
    end
    #print_status(session.sys.config.getenv("TEMP"))
    #print_status(datastore['TEXT'])
    content = datastore['TEXT']
    caption = datastore['CAPTION']
    client.railgun.user32.MessageBoxW(0,content,caption,0)
  end
end

复制到msf post/windows/gather目录下,msfconsole进入,然后执行reload_all
使用 use post/windows/gather/message_box
set caption kkk
set text kkk
run

你可能感兴趣的:(渗透测试)