Metasploit Integration

Configuration

To configure Sn1per to use the appropriate IP/port for reverse Metasploit connections, edit your /root/sniper.conf file or use a configuration template under /sniper/conf/ and replace the following values:

# METASPLOIT SCANNER CONFIG
MSF_LHOST="127.0.0.1"
MSF_LPORT="4444"
METASPLOIT_IMPORT="1"
METASPLOIT_EXPLOIT="1"
MSF_LEGACY_WEB_EXPLOITS="1"

This will configure Sn1per to set the LHOST and LPORT values for all exploits and payloads to connect back to the host specified.

Network Scans

Ensure that METASPLOIT_EXPLOIT="1" is set in your sniper.conf in order to run network based scan and exploit modules and run a 'normal' mode scan (ie. sniper -t <target> -w <workspace>).

Legacy Web Exploits

To run older/legacy web exploits (2020 or before...), set MSF_LEGACY_WEB_EXPLOITS="1" in your sniper.conf and run a 'normal' or 'web' mode scan (ie. sniper -t <target> -m webporthttps -p 443 -w <workspace>)

Importing NMap Scan Data Into MSF

In order to import data from NMap scan data into Metasploit's database, you will need to follow the guide here to initialize the database: https://www.offensive-security.com/metasploit-unleashed/using-databases/

If you receive an error such as "[-] Failed to connect to the Postgres data service: SCRAM authentication requires libpq version 10 or above", there is a bug/known issue already reported here: https://github.com/rapid7/metasploit-framework/issues/16086. Setting METASPLOIT_IMPORT="0" in your sniper.conf will suppress the errors until there is a fix.

Copyright (c) Sn1perSecurity - https://sn1persecurity.com

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Metasploit Integration

Configuration

Network Scans

Legacy Web Exploits

Importing NMap Scan Data Into MSF

Clone this wiki locally