准备用python调用metasploit中的msfvenom命令
然而,metasploit安装时用了rvm,在python中不知道怎么调用
这样做能用,每次都source下rvm。。。
#! /usr/bin/env python
# -*- coding: utf-8 -*-
"""
TO generate random shellcode samples from msfvenom
command = "msfvenom -p linux/x86/shell/reverse_tcp -e x86/shikata_ga_nai -f raw"
"""
import random
from info import *
import uuid
import os
import subprocess
import sys
os.chdir('/opt/metasploit-framework/')
count = int(sys.argv[1])
while (count > 0):
count -= 1
e = encoders[random.randint(0, len(encoders)-1)]
payloads = linux_x86_shellcodes + windows_x86_shellcodes
p = payloads[random.randint(0, len(payloads)-1)]
command = "./msfvenom -p {0} -e {1} -f raw > /var/tmp/data/".format(p, e) + str(uuid.uuid4())
subprocess.Popen("source /usr/local/rvm/scripts/rvm;" + command, shell=True, executable='/bin/bash')
但感觉很奇怪,有没有能先准备好shell执行环境,然后在执行后面的命令。
在stackoverflow上看到类似的需求,但是并不能成功调用
http://stackoverflow.com/questions/5087302/running-three-commands-in-the-same-process-with-python
popen的对象有communicate方法,是可以将数据发送到stdin的
我试过这个不会阻塞线程,可以从输出中读到数据
p_cmd = subprocess.Popen('cmd',universal_newlines = True,stdin = subprocess.PIPE, stdout = subprocess.PIPE )
p_cmd.stdin.write('dir')
p_cmd.stdout.read(50)
command = "export HEHE=1"
shell = subprocess.Popen(command, shell=True, executable="/bin/bash", stdin=subprocess.PIPE, stdout=subprocess.PIPE)
so, se = shell.communicate("echo $HEHE\n")
print "[]", so, se
alias也不行。。。