2015-08-10 16:29:41 +00:00
|
|
|
##
|
|
|
|
# This module requires Metasploit: http://metasploit.com/download
|
|
|
|
# Current source: https://github.com/rapid7/metasploit-framework
|
|
|
|
##
|
|
|
|
|
|
|
|
require 'msf/core'
|
|
|
|
|
2016-03-07 19:19:55 +00:00
|
|
|
class Metasploit3 < Msf::Post
|
2015-08-10 16:29:41 +00:00
|
|
|
|
|
|
|
include Msf::Post::File
|
|
|
|
|
|
|
|
def initialize
|
|
|
|
super(
|
2015-08-28 14:53:31 +00:00
|
|
|
'Name' => 'BusyBox Ping Network Enumeration',
|
|
|
|
'Description' => %q{
|
|
|
|
This module will be applied on a session connected to a BusyBox shell. It will ping a range
|
|
|
|
of IP addresses from the router or device executing BusyBox.
|
|
|
|
},
|
2015-08-10 16:29:41 +00:00
|
|
|
'Author' => 'Javier Vicente Vallejo',
|
|
|
|
'License' => MSF_LICENSE,
|
|
|
|
'Platform' => ['linux'],
|
2015-08-28 14:53:31 +00:00
|
|
|
'SessionTypes' => ['shell']
|
2015-08-10 16:29:41 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
register_options(
|
|
|
|
[
|
2015-08-28 14:53:31 +00:00
|
|
|
OptAddressRange.new('RANGE', [true, 'IP range to ping'])
|
2015-08-10 16:29:41 +00:00
|
|
|
], self.class)
|
|
|
|
end
|
|
|
|
|
|
|
|
def run
|
2015-08-28 14:53:31 +00:00
|
|
|
results = ''
|
|
|
|
Rex::Socket::RangeWalker.new(datastore['RANGE']).each do |ip|
|
|
|
|
vprint_status("Checking address #{ip}")
|
|
|
|
results << cmd_exec("ping -c 1 #{ip}")
|
2015-08-10 16:29:41 +00:00
|
|
|
end
|
|
|
|
|
2015-08-28 14:53:31 +00:00
|
|
|
p = store_loot('busybox.enum.network', 'text/plain', session, results, 'ping_results.txt', 'BusyBox Device Network Range Enumeration')
|
|
|
|
print_good("Results saved to #{p}.")
|
2015-08-10 16:29:41 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
end
|