Last active
December 18, 2015 03:29
-
-
Save claudijd/5718557 to your computer and use it in GitHub Desktop.
Export MSF Exploits to XML
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# This code melds together some boiler plate documentation code | |
# from MSF (1), darkoperator's export to XML resource script (2) | |
# and a little Nokogiri fun to allow you to export the MSF exploit | |
# data to XML from outside of MSF console. | |
# | |
# References: | |
# (1) https://github.com/rapid7/metasploit-framework/blob/a731efa5ce43763cb4ee0873bc40140b61f3928a/documentation/samples/framework/dump_module_info.rb | |
# (2) https://github.com/darkoperator/Meterpreter-Scripts/blob/a38e001c2d50eaaddc82f4397b8074e29621bf83/scripts/resource/exploit_info.rc | |
# | |
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib')) | |
require 'msf/base' | |
require 'nokogiri' | |
RANKS ={ | |
0 => "None", | |
100 => "Low", | |
200 => "Average", | |
300 => "Normal", | |
400 => "Good", | |
500 => "Great", | |
600 => "Excellent" | |
} | |
def generate_exploit_xml(xml, n, e) | |
x = e.new | |
xml.exploit { | |
xml.name(n) | |
xml.description(x.description.gsub(/[\t|\n]/, "")) | |
xml.date(:type => "date") { | |
xml.text x.disclosure_date | |
} | |
xml.references(:type => "array") { | |
x.references.each do |r| | |
xml.reference("#{r.ctx_id}-#{r.ctx_val}") | |
end | |
} | |
xml.targets(:type => "array") { | |
x.targets.each do |t| | |
xml.target(t.name) | |
end | |
} | |
xml.rank(RANKS[x.rank]) | |
} | |
end | |
builder = Nokogiri::XML::Builder.new do |xml| | |
xml.exploits(:type => "array") { | |
framework = Msf::Simple::Framework.create | |
framework.exploits.each_module do |n,e| | |
generate_exploit_xml(xml, n, e) | |
end | |
} | |
end | |
puts builder.to_xml |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment