Merge branch 'wmap_autotest.rc' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-wmap_autotest.rc

2024-09-04 20:18:27 +02:00 · 2012-01-19 13:28:13 -06:00 · 2012-01-19 13:28:13 -06:00 · 6f341934d6
commit 6f341934d6
parent 9e5d2ff60e dcc982d328
1 changed files with 63 additions and 0 deletions
--- a/scripts/resource/wmap_autotest.rc
+++ b/scripts/resource/wmap_autotest.rc
@ -0,0 +1,63 @@
+# wmap-autoscan.rc
+# Author: m-1-k-3 (Web: http://www.s3cur1ty.de / Twitter: @s3cur1ty_de)
+
+# This Metasploit RC-File could be used to analyse webapps automatically
+# first you should use the crawler module or autocrawler resource file
+# for learning the application
+
+<ruby>
+#wmap profile - set it to nil if you would not use any profile
+#profile = nil
+profile = "#{Msf::Config.install_root}/data/wmap/wmap_sample_profile.txt"
+
+if (framework.datastore['THREADS'] == nil)      #default to 50 Threads
+        run_single("setg THREADS 50")
+end
+
+if (framework.datastore['VERBOSE'] == "true")   #we look in the global datastore for a global VERBOSE option and use it
+        verbose = 1 
+else
+        verbose = 0 
+end
+
+if (framework.plugins.to_s !~ /Wmap/)
+	print_line("loading the wmap plugin ...")
+	run_single("load wmap")
+end
+
+framework.db.hosts.each do |host|
+	host.services.each do |serv|
+		next if not serv.host
+		next if (serv.state != ServiceState::Open)
+                next if (serv.name !~ /http/)
+
+		if(verbose == 1)
+			print_line("")
+			print_line("====================================")
+			print_line("IP #{host.address}")
+			print_line("OS #{host.os_name}")
+			print_line("Servicename #{serv.name}")
+			print_line("Service Port #{serv.port.to_i}")
+			print_line("Service Protocol #{serv.proto}")
+			print_line("====================================")
+			print_line("")
+		end
+		print_line("available sites:")
+		run_single("wmap_sites -l")
+		print_line("site which will get analyzed:")
+		run_single("wmap_sites -s #{host.address}:#{serv.port}")
+		run_single("wmap_targets -t #{host.address}:#{serv.port}")
+		print_line("defined target:")
+		run_single("wmap_targets -l")
+		if(profile != nil)
+			run_single("wmap_run -e #{profile}")
+		else
+			run_single("wmap_run -e")
+		end
+		run_single("wmap_targets -c")
+		print_line("")
+		print_line("finished analysing the webservern on IP #{host.address}, Port: #{serv.port.to_i}")
+		print_line("")
+	end
+end
+</ruby>