Metasploit resource script to read a list of desired RHOST values and run the current exploit module for each.
This is a Ruby resource script for Metasploit. The usage scenario is that you want to take an exploit module like ms08_067_netapi
or ms17_010_eternalblue
, and run it against a prepared list of intended RHOST targets. The script will read each line of the input file as a target, set that as the current RHOST value, run exploit -j
.
This is meant to be used with reverse shell payloads, such as windows/meterpreter/reverse_https
For example:
- Create your list of targets as
exploit_loop_input.txt
. - Start Metasploit and load your module, such as
psexec
. - Configure your other parameters, such as your payload and any credentials needed.
- Separately, start
multi/handler
to listen for connections back from reverse shell payloads. - From the exploit's Metasploit prompt, run
resource exploit-launch.rc
. - The script will:
- Read the first line from
exploit_loop_input.txt
. - Set that as the
RHOST
value. - Run
exploit -j
. - Sleep for 2 seconds before restarting with the next line from
exploit_loop_input.txt
.
- Read the first line from