244
Chapter 16
service_stop(name)
Function for stopping a service. Returns
0
if the
service is stopped successfully,
1
if the service is already stopped or
disabled, and
2
if the service cannot be stopped.
You should understand the basics regarding the Meterpreter mixin calls
that you can use to add functionality to your custom script.
Rules for Writing Meterpreter Scripts
When creating Meterpreter scripts, you need to understand the following
rules before you begin your first script and if you want them to be committed
to the Framework:
z
Use only instance, local, and constant variables; never use global or class
variables because they might interfere with the Framework variables.
z
Use hard tabs for indenting; do not use spaces.
z
For code blocks, do not use
{}
. Instead, use
do
and
end
.
z
When declaring functions, always write a comment before the declara-
tion and provide a brief description of its purpose.
z
Do not use
sleep
; use
"select(nil, nil, nil, <time>)"
.
z
Do not use
puts
or any other standard output calls; instead use
,
print_line
,
print_status
,
print_error
, and
print_good
.
z
Always include an
-h
option that will print a description and the purpose
of the script and show the available options.
z
If your script is meant for a specific operating system or Meterpreter plat-
form, make sure it runs only on those platforms and prints out an error
message for an unsupported OS or platform.
Creating Your Own Meterpreter Script
Open up your favorite editor and create a new file called
execute_upload.rb
,
located in
scripts/meterpreter/
. We’ll start by adding comments to the top of the
file to let everyone know the purpose of this script and to define our options
for the script:
# Meterpreter script for uploading and executing another meterpreter exe
info = "Simple script for uploading and executing an additional meterpreter payload"
# Options
opts = Rex::Parser::Arguments.new(
"-h" => [ false, "This help menu. Spawn a meterpreter shell by uploading and
executing."],
"-r" => [ true, "The IP of a remote Metasploit listening for the connect back"],
"-p" => [ true, "The port on the remote host where Metasploit is listening
(default: 4444)"]
)