metasploit-framework/modules/auxiliary/scanner/mdns/query.rb

57 lines
1.4 KiB
Ruby
Raw Normal View History

##
2015-02-03 21:50:00 +00:00
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::Auxiliary::Report
include Msf::Auxiliary::UDPScanner
include Msf::Auxiliary::MDNS
def initialize(info = {})
super(
update_info(
info,
2014-11-03 19:46:38 +00:00
'Name' => 'mDNS Query',
'Description' => %q(
2014-11-03 19:53:38 +00:00
This module sends mDNS queries, which are really just normal UDP DNS
queries done (usually) over multicast on a different port, 5353.
),
2014-11-03 19:46:38 +00:00
'Author' =>
[
2014-11-03 19:46:38 +00:00
'Jon Hart <jon_hart[at]rapid7.com>'
],
'License' => MSF_LICENSE
)
)
end
def build_probe
@probe ||= query
#@probe[@probe.size-2] = [0x80].pack('C')
#@probe
end
2014-11-03 19:46:38 +00:00
def scanner_process(data, shost, _sport)
@results[shost] ||= []
@results[shost] << data
end
2014-11-03 19:46:38 +00:00
def scanner_prescan(batch)
2015-02-20 19:33:57 +00:00
print_status("Sending mDNS #{query_type_name} #{query_class_name} queries for " +
"#{datastore['NAME']} to #{batch[0]}->#{batch[-1]} port #{rport} (#{batch.length} hosts)")
2014-11-03 19:46:38 +00:00
@results = {}
end
def scanner_postscan(_batch)
2014-11-03 19:46:38 +00:00
@results.each_pair do |peer, resps|
resps.each do |resp|
2014-11-03 23:30:57 +00:00
resp_message = Resolv::DNS::Message.decode(resp)
print_good("#{peer} responded with #{resp_message.inspect}")
end
end
end
end