1

I have used metasploit's netgear_wnr2000_rce to gain root shell access on a linux embedded device (no option for payloads).

I am currently automating the process, and want to run a bash script when shell access is gained. I have investigated the metasploit AutoRunScript option however it appears that this only works for meterpreter shells.

Is there any way to automatically run bash commands when command shell is opened using metasploit?

schroeder
  • 123,438
  • 55
  • 284
  • 319
username
  • 11
  • 3
  • The exploit gains shell access - i didn't realise that this is atypical. I want to automatically run a script once the command shell appears. The device is a router, running linux. My script will download busy box and few other things from a repository (i basically want to stop typing it in everytime and just have it do it automatically). – username Oct 24 '17 at 11:31
  • Ok, let's back up - that particular exploit does not include a payload. It just launches a telnet session back to you. The only way to modify that is to modify the code. BTW: always read the source code for metasploit modules: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/netgear_wnr2000_rce.rb – schroeder Oct 24 '17 at 11:32

1 Answers1

1

You want to look at the sessions command in the msfconsole.

-c (run command) and -s (run script) help you automate what happens on the open sessions from your end.

Man page for sessions here

schroeder
  • 123,438
  • 55
  • 284
  • 319