metasploit-framework/lib/msf/core/auxiliary/iax2.rb

119 lines
2.7 KiB
Ruby
Raw Normal View History

require 'rex/proto/iax2/client'
module Msf
###
#
# This module provides methods for working with the IAX2 protocol
#
###
module Auxiliary::IAX2
#
# Initializes an instance of an auxiliary module that uses IAX2
#
def initialize(info = {})
super
register_options(
[
OptAddress.new('IAX_HOST', [true, 'The IAX2 server to communicate with']),
OptPort.new('IAX_PORT', [true, 'The IAX2 server port', 4569]),
OptString.new('IAX_USER', [false, 'An optional IAX2 username']),
OptString.new('IAX_PASS', [false, 'An optional IAX2 password']),
OptString.new('IAX_CID_NAME', [false, 'The default caller ID name', '']),
OptString.new('IAX_CID_NUMBER', [true, 'The default caller ID number', '15555555555'])
], Msf::Auxiliary::IAX2 )
2011-11-20 01:05:14 +00:00
register_advanced_options(
[
OptBool.new('IAX_DEBUG', [false, 'Enable IAX2 debugging messages', false])
], Msf::Auxiliary::IAX2 )
2011-11-20 01:05:14 +00:00
end
2011-11-20 01:05:14 +00:00
def connect
@iax.shutdown if @iax
@iax = Rex::Proto::IAX2::Client.new(
:server_host => datastore['IAX_HOST'],
:username => datastore['IAX_USER'],
:password => datastore['IAX_PASS'],
:caller_name => datastore['IAX_CID_NAME'],
:caller_number => datastore['IAX_CID_NUMBER'],
:debugging => datastore['IAX_DEBUG'],
:context => {
'Msf' => framework,
'MsfExploit' => self
}
)
@iax_reg = @iax.create_call()
r = @iax_reg.register
if not r
@iax.shutdown
@iax = nil
raise RuntimeError, "Failed to register with the server"
end
end
2011-11-20 01:05:14 +00:00
def create_call
if not @iax
raise RuntimeError, "No active IAX2 connection"
2011-11-20 01:05:14 +00:00
end
@iax.create_call
end
2011-11-20 01:05:14 +00:00
def cleanup
super
@iax.shutdown if @iax
end
# General purpose phone number mangling routines
# Convert 123456XXXX to an array of expanded numbers
def crack_phone_range(range)
crack_phone_ranges([range])
end
2011-11-20 01:05:14 +00:00
def crack_phone_ranges(masks)
res = {}
masks.each do |mask|
mask = mask.strip
2011-11-20 01:05:14 +00:00
if(mask.index(':'))
next if mask.index('X')
rbeg,rend = mask.split(':').map{|c| c.gsub(/[^\d]/, '').to_i }
rbeg.upto(rend) do |n|
res[n.to_s] = {}
end
next
end
2011-11-20 01:05:14 +00:00
incdigits = 0
mask.each_char do |c|
incdigits += 1 if c =~ /^[X#]$/i
end
2011-11-20 01:05:14 +00:00
max = (10**incdigits)-1
2011-11-20 01:05:14 +00:00
(0..max).each do |num|
number = mask.dup # copy the mask
numstr = sprintf("%0#{incdigits}d", num) # stringify our incrementing number
j = 0 # index for numstr
for i in 0..number.length-1 do # step through the number (mask)
if number[i].chr =~ /^[X#]$/i
number[i] = numstr[j] # replaced masked indexes with digits from incrementing number
j += 1
end
end
res[number] = {}
end
2011-11-20 01:05:14 +00:00
end
return res.keys.sort
2011-11-20 01:05:14 +00:00
end
end
end