metasploit-framework/modules/auxiliary/scanner/tftp/tftpbrute.rb

##
# $Id$
##

##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/projects/Framework/
##


require 'msf/core'

class Metasploit3 < Msf::Auxiliary

	include Msf::Auxiliary::Scanner

	def initialize
		super(
			'Name'        => 'TFTP Brute Forcer',
			'Description' => 'This module is a TFTP filename Brute Forcer.',
			'Author'      => 'antoine',
			'Version'     => '$Revision$',
			'License'     => BSD_LICENSE
		)

		register_options(
			[
				Opt::RPORT(69),
				OptPath.new('DICTIONARY', [ true, 'The list of filenames', File.join(Msf::Config.install_root, "data", "wordlists", "tftp.txt") ])
			], self.class)
	end

	def run_host(ip)
		begin
			udp_sock = Rex::Socket::Udp.create()
			IO.foreach(datastore['DICTIONARY']) do |filename|
				filename.chomp!
				pkt = "\x00\x01" + filename + "\x00" + "netascii" + "\x00"
				udp_sock.sendto(pkt, ip, rport)
				resp = udp_sock.get(1)
				if resp and resp.length >= 2 and resp[0, 2] == "\x00\x03"
					print_status("Found #{filename} on #{ip}")
				end
			end
		rescue
		ensure
			udp_sock.close
		end
	end

end
Adds antoine's tftp brute forcer git-svn-id: file:///home/svn/framework3/trunk@6667 4d416f70-5f16-0410-b530-b9f4589650da 2009-06-17 20:52:47 +00:00			`##`
			`# $Id$`
			`##`

			`##`
			`# This file is part of the Metasploit Framework and may be subject to`
			`# redistribution and commercial restrictions. Please see the Metasploit`
			`# Framework web site for more information on licensing and terms of use.`
			`# http://metasploit.com/projects/Framework/`
			`##`


			`require 'msf/core'`

			`class Metasploit3 < Msf::Auxiliary`

			`include Msf::Auxiliary::Scanner`

			`def initialize`
			`super(`
			`'Name' => 'TFTP Brute Forcer',`
			`'Description' => 'This module is a TFTP filename Brute Forcer.',`
			`'Author' => 'antoine',`
			`'Version' => '$Revision$',`
			`'License' => BSD_LICENSE`
			`)`

			`register_options(`
			`[`
			`Opt::RPORT(69),`
			`OptPath.new('DICTIONARY', [ true, 'The list of filenames', File.join(Msf::Config.install_root, "data", "wordlists", "tftp.txt") ])`
			`], self.class)`
			`end`

			`def run_host(ip)`
			`begin`
			`udp_sock = Rex::Socket::Udp.create()`
			`IO.foreach(datastore['DICTIONARY']) do \|filename\|`
			`filename.chomp!`
			`pkt = "\x00\x01" + filename + "\x00" + "netascii" + "\x00"`
			`udp_sock.sendto(pkt, ip, rport)`
			`resp = udp_sock.get(1)`
			`if resp and resp.length >= 2 and resp[0, 2] == "\x00\x03"`
			`print_status("Found #{filename} on #{ip}")`
			`end`
			`end`
			`rescue`
			`ensure`
			`udp_sock.close`
			`end`
			`end`

			`end`