msf-exploit-loop

Metasploit resource script to read a list of desired RHOST values and run the current exploit module for each.

Details

This is a Ruby resource script for Metasploit. The usage scenario is that you want to take an exploit module like ms08_067_netapi or ms17_010_eternalblue, and run it against a prepared list of intended RHOST targets. The script will read each line of the input file as a target, set that as the current RHOST value, run exploit -j.

This is meant to be used with reverse shell payloads, such as windows/meterpreter/reverse_https

For example:

1. Create your list of targets as exploit_loop_input.txt.
2. Start Metasploit and load your module, such as psexec.
3. Configure your other parameters, such as your payload and any credentials needed.
4. Separately, start multi/handler to listen for connections back from reverse shell payloads.
5. From the exploit's Metasploit prompt, run resource exploit-launch.rc.
6. The script will:
   1. Read the first line from exploit_loop_input.txt.
   2. Set that as the RHOST value.
   3. Run exploit -j.
   4. Sleep for 2 seconds before restarting with the next line from exploit_loop_input.txt.