K stledine

Issue with msfrpc script

Discussion created by K stledine on Jul 7, 2017

Hello,

 

So I'm using the program AutoDANE here.

GitHub - sensepost/autoDANE: Auto Domain Admin and Network Exploitation.

 

As part of it there is worker thread configuration file that specifies the Metasploit/Msfrpc username/password/ports.

 

By default it comes back and it's the reason that the software cannot start metasploit. It loops saying it cannot be started and keeps trying.

 

Here is the workerthread script.

autoDANE/workerthread.py at master · sensepost/autoDANE · GitHub

 

There are 3 main parts that specify username/passwords for metasploit.

 

First part the the top class

class Params(object):
 db = None
 footprint_id = None
 task_id = None
 item_identifier = None
 log_queue = None
 return_value_log = None
 msf_user = ""
 msf_pass = ""
 msf_port = "0" 

 

second  testMsfConnection

 

def testMsfConnection(self, username, password, port, log):
  try:
  client = msfrpc.Msfrpc({'port': int(port)})
  client.login(user=username, password=password)
  res = client.call('console.create')

  console_id = res['id']
  log.put("success")
  except:
  log.put("fail")

 

Third startMetasploit

 

 def startMetasploit(self, username, password, port):
     print "starting metasploit ..." 
     gotConsole = False
     rpcStarted = False
     rpcRunning = False
     self.metasploitProcess = asyncproc.Process("msfconsole -m software/metasploit/modules/".split()) 
    startTime = time.time()  

while not rpcRunning:
   if time.time() - startTime >= 60:
   print "timeout.will try again" 
   break

  poll = self.metasploitProcess.wait(os.WNOHANG)
  if poll is not None:
    # break
    time.sleep(1) 

 

I've taken the username/password/port out of the metasploits database.yml and switched the port on the msfrpc to 55553 but still no luck.

 

Any ideas ?

Outcomes