Metasploit is a powerful penetration testing framework.
This repository is an implementation of OXO Agent for the Metasploit Framework by Rapid7.
To perform your first scan, simply run the following command:
oxo scan run --install --agent agent/ostorlab/metasploit ip 8.8.8.8
This command will download and install agent/ostorlab/metasploit
and target the ip 8.8.8.8
.
For more information, please refer to the OXO Documentation
Agent Metasploit can be installed directly from the ostorlab agent store or built from this repository.
oxo agent install agent/ostorlab/metasploit
You can then run the agent with the following command:
oxo scan run --agent agent/ostorlab/metasploit ip 8.8.8.8
- To build the metasploit agent you need to have oxo installed in your machine. If you have already installed oxo, you can skip this step.
pip3 install ostorlab
- Clone this repository.
git clone https://github.com/Ostorlab/agent_metasploit.git && cd agent_metasploit
- Build the agent image using oxo cli.
oxo agent build --file=ostorlab.yaml
You can pass the optional flag --organization
to specify your organisation. The organization is empty by default.
- Run the agent using on of the following commands:
- If you did not specify an organization when building the image:
oxo scan run --agent agent//metasploit ip 8.8.8.8
- If you specified an organization when building the image:
oxo scan run --agent agent/[ORGANIZATION]/metasploit ip 8.8.8.8
- Payload:
auxiliary/scanner/portscan/tcp
- Options:
- PORTS:
80, 443
- PORTS:
Example agent_group.yaml
file to trigger the scan:
kind: AgentGroup
description: Metasploit.
agents:
- key: agent//metasploit
args:
- name: config
type: array
value:
- module: 'auxiliary/scanner/portscan/tcp'
options:
- name: "PORTS"
value: "80,443"
- module: 'auxiliary/scanner/http/enum_wayback'
options:
- name: "DOMAIN"
value: "www.ostorlab.co"
oxo scan run -g agent_group.yaml domain-name www.ostorlab.co