Skip to content

Metasploit plugin: notify_mail.rb (email notification)

by foip on October 12th, 2012

1. Introduction

Here is a Metasploit plug-in which allows you to get e-mail notifications when new sessions open. The usage of this plug-in makes sense during Social Engineering attacks, or during client-side exploitations since you don’t always know when the payload will be executed on the victim computer.

In order to use this plug-in:

  • Copy the Ruby script (notify_mail.rb) into the “/plugin/” folder of Metasploit.
  • Load an exploit module (or multi/handler) and activate the plug-in by typing “load notify_mail“.
  • Setup your sender/recipient email addresses and the SMTP server you want to use.

Note that you may need to set up a valid sender email address (at least a valid domain name) depending on the configuration of the SMTP server you use.

2. Usage example

msf exploit(handler) > load notify_mail
[*] Successfully loaded plugin: notify_mail
msf exploit(handler) > help

notify_mail Commands

    Command               Description
    -------               -----------
    notify_mail_load      Load settings from configuration file
    notify_mail_mailfrom  Set sender e-mail address
    notify_mail_mailto    Set recipient e-mail address
    notify_mail_save      Save settings to configuration file
    notify_mail_show      Show current settings
    notify_mail_smtpport  Set SMTP server port
    notify_mail_smtpsrv   Set SMTP server hostname/IP


msf exploit(handler) > notify_mail_mailfrom
msf exploit(handler) > notify_mail_mailto
msf exploit(handler) > notify_mail_smtpsrv
msf exploit(handler) > notify_mail_smtpport 25
msf exploit(handler) > notify_mail_show
msf exploit(handler) > notify_mail_save
[*] Saving paramters to config file
[+] All parameters saved to /root/.msf4/notify_mail.yaml
msf exploit(handler) >

3. Download

Save the following file into <msf>/plugins/ folder

Source: notify_mail.rb.gz

4. Other suggested plugins

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

© 2012 – 2014, foip. All rights reserved.

From → Hacking, Metasploit

  1. DeeGee permalink

    Hi , Great blog loved your browser av evasion post. Can you enlighten me on the requirements to get this working pls!!!

    Does sendmail need to be running or are you running your own smtp server on the box.

    Kind Regards Dee

    • foip permalink

      Hi Dee,
      Thanks for your comment.

      In the example, I use a local SMTP daemon (, but you can use any SMTP server you want (e.g. the SMTP server of your ISP).
      Just pay attention to the Sender address you will use. If you set an non-existing domain name, your mails might be treated as SPAM by your ISP, and then rejected.


      • DeeGee permalink

        Thanks for you reply, if using gmail do i need a sendmail deamon running or does msf take care of it? not clued up on ruby.


        • foip permalink

          Well, you have several options. Typically:

          1) use the SMTP server provided by your ISP. Probably the easiest solution. Ask your ISP for the SMTP server address

          2) Install postfix or sendmail or exim (or …) on your Metasploit box to run a local SMTP daemon. Maybe there is already an SMTP daemon installed on backtrack, I don’t know.

          3) Use Google SMTP service. This requires some hack of my plugin because you need to provide with your Google username/password for the email to be accepted. Check here:

          Also some examples of Net::SMTP class usage with authentication:

          (I never tested this option)

          Good luck.

          • DeeGee permalink

            Hi again,

            Im still having issues, no errors though.

            Im guessing ruby takes care of the mailing (Net::SMTP.start)

            Would appreciate your help on this…

            My multi/handler commands are as follows:

            use exploit/multi/handler
            set payload windows/meterpreter/reverse_https
            set lport 9091
            set lhost
            set AutoRunScript migrate -n explorer
            load notify_mail
            notify_mail_smtpport 587

            I’ve cat the .yaml file and its all in there..
            I get the session and it migrates but nothing more.

            now, mail works from command line :

            root@kali:~# mail -s “Subject”
            Meterpreter session created from attax-suite!!!!

            receives right away!!!!

            As you can see im using Kali

            root@kali:~# ruby -v
            ruby 1.9.3p194 (2012-04-20 revision 35410) [i486-linux]

            Kind Regards Dee

          • foip permalink

            I just checked Kali. exim is installed. Just start it and set the SMTP server ip to

Comments are closed.

© 2010-2024 Fun Over IP All Rights Reserved -- Copyright notice by Blog Copyright