metasploit-framework/modules/auxiliary/scanner/pcanywhere/pcanywhere_udp.rb

##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# web site for more information on licensing and terms of use.
#   http://metasploit.com/
##


require 'msf/core'


class Metasploit3 < Msf::Auxiliary

	include Msf::Auxiliary::Report
	include Msf::Auxiliary::UDPScanner

	def initialize
		super(
			'Name'        => 'PcAnywhere UDP Service Discovery',
			'Description' => 'Discover active pcAnywhere services through UDP',
			'Author'      => 'hdm',
			'License'     => MSF_LICENSE,
			'References'  =>
				[
					['URL', 'http://www.unixwiz.net/tools/pcascan.txt']
				]
		)

		register_options(
		[
			Opt::RPORT(5632)
		], self.class)
	end

	def scanner_prescan(batch)
		print_status("Sending pcAnywhere discovery requests to #{batch[0]}->#{batch[-1]} (#{batch.length} hosts)")
		@results = {}
	end

	def scan_host(ip)
		scanner_send("NQ", ip, datastore['RPORT'])
		scanner_send("ST", ip, datastore['RPORT'])
	end

	def scanner_postscan(batch)
		@results.keys.each do |ip|
			data = @results[ip]
			info = ""

			if data[:name]
				info << "Name: #{data[:name]} "
			end

			if data[:stat]
				info << "- #{data[:stat]} "
			end

			if data[:caps]
				info << "( #{data[:caps]} ) "
			end

			report_service(:host => ip, :port => datastore['RPORT'], :proto => 'udp', :name => "pcanywhere_stat", :info => info)
			report_note(:host => ip, :port => datastore['RPORT'], :proto => 'udp', :name => "pcanywhere_stat", :update => :unique, :ntype => "pcanywhere.status", :data => data )
			print_status("#{ip}:#{datastore['RPORT']} #{info}")
		end
	end

	def scanner_process(data, shost, sport)
		case data
		when /^NR(........................)(........)/

			name = $1.dup
			caps = $2.dup

			name = name.gsub(/_+$/, '').gsub("\x00", '').strip
			caps = caps.gsub(/_+$/, '').gsub("\x00", '').strip

			@results[shost] ||= {}
			@results[shost][:name] = name
			@results[shost][:caps] = caps

		when /^ST(.+)/
			@results[shost] ||= {}
			buff = $1.dup
			stat = 'Unknown'

			if buff[2,1].unpack("C")[0] == 67
				stat = "Available"
			end

			if buff[2,1].unpack("C")[0] == 11
				stat = "Busy"
			end

			@results[shost][:stat] = stat
		else
			print_error("#{shost} Unknown: #{data.inspect}")
		end

	end

end
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`##`
			`# This file is part of the Metasploit Framework and may be subject to`
			`# redistribution and commercial restrictions. Please see the Metasploit`
Fix up the boilerplate comment to use a better url 2012-02-21 01:40:50 +00:00			`# web site for more information on licensing and terms of use.`
			`# http://metasploit.com/`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`##`


			`require 'msf/core'`


			`class Metasploit3 < Msf::Auxiliary`

			`include Msf::Auxiliary::Report`
First commit of a udp_mixin and modified scanners 2012-11-04 06:13:38 +00:00			`include Msf::Auxiliary::UDPScanner`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00
			`def initialize`
			`super(`
Comply with msftidy Knock, knock! Who's there? Me, the msftidy nazi! 2012-08-07 20:59:01 +00:00			`'Name' => 'PcAnywhere UDP Service Discovery',`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`'Description' => 'Discover active pcAnywhere services through UDP',`
			`'Author' => 'hdm',`
			`'License' => MSF_LICENSE,`
MSFTidy commits Whitespace fixes, grammar fixes, and breaking up a multiline SOAP request. Squashed commit of the following: commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:58:53 2012 -0600 Break up the multiline SOAP thing commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:48:16 2012 -0600 More whitespace and indent commit 12c42aa1efdbf633773096418172e60277162e22 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:39:36 2012 -0600 Whitespace fixes commit 32d57444132fef3306ba2bc42743bfa063e498df Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:35:37 2012 -0600 Grammar fixes for new modules. 2012-02-01 16:59:58 +00:00			`'References' =>`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`[`
MSFTidy commits Whitespace fixes, grammar fixes, and breaking up a multiline SOAP request. Squashed commit of the following: commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:58:53 2012 -0600 Break up the multiline SOAP thing commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:48:16 2012 -0600 More whitespace and indent commit 12c42aa1efdbf633773096418172e60277162e22 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:39:36 2012 -0600 Whitespace fixes commit 32d57444132fef3306ba2bc42743bfa063e498df Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:35:37 2012 -0600 Grammar fixes for new modules. 2012-02-01 16:59:58 +00:00			`['URL', 'http://www.unixwiz.net/tools/pcascan.txt']`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`]`
			`)`

			`register_options(`
			`[`
			`Opt::RPORT(5632)`
			`], self.class)`
			`end`

First commit of a udp_mixin and modified scanners 2012-11-04 06:13:38 +00:00			`def scanner_prescan(batch)`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`print_status("Sending pcAnywhere discovery requests to #{batch[0]}->#{batch[-1]} (#{batch.length} hosts)")`
			`@results = {}`
First commit of a udp_mixin and modified scanners 2012-11-04 06:13:38 +00:00			`end`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00
First commit of a udp_mixin and modified scanners 2012-11-04 06:13:38 +00:00			`def scan_host(ip)`
			`scanner_send("NQ", ip, datastore['RPORT'])`
			`scanner_send("ST", ip, datastore['RPORT'])`
			`end`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00
First commit of a udp_mixin and modified scanners 2012-11-04 06:13:38 +00:00			`def scanner_postscan(batch)`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`@results.keys.each do \|ip\|`
			`data = @results[ip]`
			`info = ""`
MSFTidy commits Whitespace fixes, grammar fixes, and breaking up a multiline SOAP request. Squashed commit of the following: commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:58:53 2012 -0600 Break up the multiline SOAP thing commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:48:16 2012 -0600 More whitespace and indent commit 12c42aa1efdbf633773096418172e60277162e22 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:39:36 2012 -0600 Whitespace fixes commit 32d57444132fef3306ba2bc42743bfa063e498df Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:35:37 2012 -0600 Grammar fixes for new modules. 2012-02-01 16:59:58 +00:00
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`if data[:name]`
			`info << "Name: #{data[:name]} "`
			`end`
MSFTidy commits Whitespace fixes, grammar fixes, and breaking up a multiline SOAP request. Squashed commit of the following: commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:58:53 2012 -0600 Break up the multiline SOAP thing commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:48:16 2012 -0600 More whitespace and indent commit 12c42aa1efdbf633773096418172e60277162e22 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:39:36 2012 -0600 Whitespace fixes commit 32d57444132fef3306ba2bc42743bfa063e498df Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:35:37 2012 -0600 Grammar fixes for new modules. 2012-02-01 16:59:58 +00:00
Merge PCA scans into udp_sweep/udp_probe 2012-01-28 19:05:05 +00:00			`if data[:stat]`
			`info << "- #{data[:stat]} "`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`end`

			`if data[:caps]`
Merge PCA scans into udp_sweep/udp_probe 2012-01-28 19:05:05 +00:00			`info << "( #{data[:caps]} ) "`
MSFTidy commits Whitespace fixes, grammar fixes, and breaking up a multiline SOAP request. Squashed commit of the following: commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:58:53 2012 -0600 Break up the multiline SOAP thing commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:48:16 2012 -0600 More whitespace and indent commit 12c42aa1efdbf633773096418172e60277162e22 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:39:36 2012 -0600 Whitespace fixes commit 32d57444132fef3306ba2bc42743bfa063e498df Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:35:37 2012 -0600 Grammar fixes for new modules. 2012-02-01 16:59:58 +00:00			`end`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00
Correct use of rport. 2012-11-05 21:57:59 +00:00			`report_service(:host => ip, :port => datastore['RPORT'], :proto => 'udp', :name => "pcanywhere_stat", :info => info)`
			`report_note(:host => ip, :port => datastore['RPORT'], :proto => 'udp', :name => "pcanywhere_stat", :update => :unique, :ntype => "pcanywhere.status", :data => data )`
			`print_status("#{ip}:#{datastore['RPORT']} #{info}")`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`end`
			`end`

First commit of a udp_mixin and modified scanners 2012-11-04 06:13:38 +00:00			`def scanner_process(data, shost, sport)`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`case data`
			`when /^NR(........................)(........)/`
MSFTidy commits Whitespace fixes, grammar fixes, and breaking up a multiline SOAP request. Squashed commit of the following: commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:58:53 2012 -0600 Break up the multiline SOAP thing commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:48:16 2012 -0600 More whitespace and indent commit 12c42aa1efdbf633773096418172e60277162e22 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:39:36 2012 -0600 Whitespace fixes commit 32d57444132fef3306ba2bc42743bfa063e498df Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:35:37 2012 -0600 Grammar fixes for new modules. 2012-02-01 16:59:58 +00:00
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`name = $1.dup`
			`caps = $2.dup`
MSFTidy commits Whitespace fixes, grammar fixes, and breaking up a multiline SOAP request. Squashed commit of the following: commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:58:53 2012 -0600 Break up the multiline SOAP thing commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:48:16 2012 -0600 More whitespace and indent commit 12c42aa1efdbf633773096418172e60277162e22 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:39:36 2012 -0600 Whitespace fixes commit 32d57444132fef3306ba2bc42743bfa063e498df Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:35:37 2012 -0600 Grammar fixes for new modules. 2012-02-01 16:59:58 +00:00
Correct a typo 2012-01-29 05:33:26 +00:00			`name = name.gsub(/_+$/, '').gsub("\x00", '').strip`
MSFTidy commits Whitespace fixes, grammar fixes, and breaking up a multiline SOAP request. Squashed commit of the following: commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:58:53 2012 -0600 Break up the multiline SOAP thing commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:48:16 2012 -0600 More whitespace and indent commit 12c42aa1efdbf633773096418172e60277162e22 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:39:36 2012 -0600 Whitespace fixes commit 32d57444132fef3306ba2bc42743bfa063e498df Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:35:37 2012 -0600 Grammar fixes for new modules. 2012-02-01 16:59:58 +00:00			`caps = caps.gsub(/_+$/, '').gsub("\x00", '').strip`

First commit of a udp_mixin and modified scanners 2012-11-04 06:13:38 +00:00			`@results[shost] \|\|= {}`
			`@results[shost][:name] = name`
			`@results[shost][:caps] = caps`
MSFTidy commits Whitespace fixes, grammar fixes, and breaking up a multiline SOAP request. Squashed commit of the following: commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:58:53 2012 -0600 Break up the multiline SOAP thing commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:48:16 2012 -0600 More whitespace and indent commit 12c42aa1efdbf633773096418172e60277162e22 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:39:36 2012 -0600 Whitespace fixes commit 32d57444132fef3306ba2bc42743bfa063e498df Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:35:37 2012 -0600 Grammar fixes for new modules. 2012-02-01 16:59:58 +00:00
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`when /^ST(.+)/`
First commit of a udp_mixin and modified scanners 2012-11-04 06:13:38 +00:00			`@results[shost] \|\|= {}`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`buff = $1.dup`
			`stat = 'Unknown'`
MSFTidy commits Whitespace fixes, grammar fixes, and breaking up a multiline SOAP request. Squashed commit of the following: commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:58:53 2012 -0600 Break up the multiline SOAP thing commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:48:16 2012 -0600 More whitespace and indent commit 12c42aa1efdbf633773096418172e60277162e22 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:39:36 2012 -0600 Whitespace fixes commit 32d57444132fef3306ba2bc42743bfa063e498df Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:35:37 2012 -0600 Grammar fixes for new modules. 2012-02-01 16:59:58 +00:00
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`if buff[2,1].unpack("C")[0] == 67`
			`stat = "Available"`
			`end`
MSFTidy commits Whitespace fixes, grammar fixes, and breaking up a multiline SOAP request. Squashed commit of the following: commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:58:53 2012 -0600 Break up the multiline SOAP thing commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:48:16 2012 -0600 More whitespace and indent commit 12c42aa1efdbf633773096418172e60277162e22 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:39:36 2012 -0600 Whitespace fixes commit 32d57444132fef3306ba2bc42743bfa063e498df Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:35:37 2012 -0600 Grammar fixes for new modules. 2012-02-01 16:59:58 +00:00
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`if buff[2,1].unpack("C")[0] == 11`
			`stat = "Busy"`
			`end`
MSFTidy commits Whitespace fixes, grammar fixes, and breaking up a multiline SOAP request. Squashed commit of the following: commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:58:53 2012 -0600 Break up the multiline SOAP thing commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:48:16 2012 -0600 More whitespace and indent commit 12c42aa1efdbf633773096418172e60277162e22 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:39:36 2012 -0600 Whitespace fixes commit 32d57444132fef3306ba2bc42743bfa063e498df Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:35:37 2012 -0600 Grammar fixes for new modules. 2012-02-01 16:59:58 +00:00
First commit of a udp_mixin and modified scanners 2012-11-04 06:13:38 +00:00			`@results[shost][:stat] = stat`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`else`
First commit of a udp_mixin and modified scanners 2012-11-04 06:13:38 +00:00			`print_error("#{shost} Unknown: #{data.inspect}")`
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`end`
MSFTidy commits Whitespace fixes, grammar fixes, and breaking up a multiline SOAP request. Squashed commit of the following: commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:58:53 2012 -0600 Break up the multiline SOAP thing commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:48:16 2012 -0600 More whitespace and indent commit 12c42aa1efdbf633773096418172e60277162e22 Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:39:36 2012 -0600 Whitespace fixes commit 32d57444132fef3306ba2bc42743bfa063e498df Author: Tod Beardsley <todb@metasploit.com> Date: Wed Feb 1 10:35:37 2012 -0600 Grammar fixes for new modules. 2012-02-01 16:59:58 +00:00
Fix a regression in the workspace inclusion code (only affected non-DB-connected instances). Add a PCA UDP scanner 2012-01-27 18:35:39 +00:00			`end`

			`end`