Skip to content

Growl Metasploit Plugin

Jump to bottom Edit New page
darkoperator edited this page Dec 30, 2010 · 1 revision

This Plugin send Growl messages to OSX Systems running Growl when a session is created and when a session is shutdown, Each message will contain information about the session it is reporting on. Do make sure to configure you Growl application to receive the messages and set a password to do this go to Preferences -> Growl -> Network and select "Listen for incoming connections" and "Allow remote application registration" and set the password in the password field, after this go to General and stop and start Growl so the settings will take effect. If the notification will be a remote one you will have to open the UDP Port 9887.

#Installing

Download and copy the growl.rb file in to the plugins folder in the folder where you have Metasploit installed. To be able to load the plugin before starting Metasploit install the Ruby Gem needed by the plugin, to achieve this do:

Ubuntu/Debian

     $ sudo gem install ruby-growl

CenOS/RH

    $ su -
    # gem install ruby-growl

Systems with RVM

    $ rvm gem install ruby-growl

#Use

We start by loading the plugin for growl from inside of msfconsole:

    msf exploit(handler) > load growl 
    [*] Successfully loaded plugin: growl

Once loaded if this is the first time we use it we must set the parameters for sending the messages:

    msf exploit(handler) > growl_set_host 127.0.0.1
    [*] Setting the host to 127.0.0.1
    msf exploit(handler) > growl_set_password SecretPass01
    [*] Setting the password to SecretPass01
    msf exploit(handler) > growl_set_sticky true
    [*] Setting sticky to true

We now save the parameters, they will be saved in your ~/.msf3 folder in a YAML file that will be read in future uses of the plugin so you will not have to specify the parameters every time, once saved you just need to run the growl_start command:

    msf exploit(handler) > growl_start 
    [*] Starting to monitor sessions to Growl on
    [+] Growl Plugin Started, Monitoring Sessions

This will monitor send alerts to your Growl Service listening in your Mac.To unload the module just do a:

    msf exploit(handler) > unload growl
    Unloading plugin growl...unloaded.
Add a custom footer
Add a custom sidebar

Clone this wiki locally