Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

94 lines (80 sloc) 2.465 kb
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
#
# This module acts as an compromised webserver distributing PII Data
#
include Msf::Exploit::Remote::HttpServer::HTML
include Msf::Auxiliary::PII
def initialize(info = {})
super(update_info(info,
'Name' => 'VSploit Web PII',
'Description' => 'This module emulates a webserver leaking PII data',
'License' => MSF_LICENSE,
'Author' => 'MJC',
'References' =>
[
[ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2011/06/02/vsploit--virtualizing-exploitation-attributes-with-metasploit-framework']
],
'DefaultOptions' => { 'HTTP::server_name' => 'IIS'}
))
register_options(
[
OptBool.new('META_REFRESH', [ false, "Set page to auto refresh.", false]),
OptInt.new('REFRESH_TIME', [ false, "Set page refresh interval.", 15]),
OptInt.new('ENTRIES', [ false, "PII Entry Count", 1000])
],self.class)
end
def create_page
# Webpage Title
title = "vSploit PII Webserver"
sheep = <<-EOS
__________
< baaaaah! >
---------
\\
\\
,@;@,
;@;@( \\@;@;@;@;@;@,
/x @\\_|@;@;@;@;@;@;,
/ )@:@;@;@;@;@;@;@|)
*---;@;@;@;@;@;@;@;@;
';@;\;@;\;@;@
|| | \\ (
|| | // /
// ( // /
~~~~~ ~~~~
EOS
page = ""
page << "<html>\n<head>\n"
if datastore['META_REFRESH']
page << "<meta http-equiv=\"refresh\" content=\"#{datastore['REFRESH_TIME']}\">\n"
end
page << "<title>#{title}</title>\n</head>\n<body>\n"
page << "<pre>\n"
page << sheep
page << "Data Creation by: #{title}\n"
page << "Entries Per Page: #{datastore['ENTRIES']}\n"
if datastore['META_REFRESH']
page << "Refresh Interval: #{datastore['REFRESH_TIME']} Seconds\n"
end
# Start creating PII data
pii = create_pii()
page << "\n"
page << pii
page << "</pre>\n</body>\n</html>"
page
end
def on_request_uri(cli,request)
# Transmit the response to the client
res = create_page()
print_status("Leaking PII...")
send_response(cli, res, { 'Content-Type' => 'text/html' })
end
def run
exploit()
end
end
Jump to Line
Something went wrong with that request. Please try again.