metasploit-framework/modules/auxiliary/scanner/winrm/winrm_auth_methods.rb

65 lines
1.6 KiB
Ruby
Raw Normal View History

2012-10-19 20:08:58 +00:00
##
# $Id$
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# web site for more information on licensing and terms of use.
# http://metasploit.com/
##
require 'msf/core'
require 'rex/proto/ntlm/message'
class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::WinRM
include Msf::Auxiliary::Report
include Msf::Auxiliary::Scanner
def initialize
super(
2012-10-20 05:31:35 +00:00
'Name' => 'WinRM Authentication Method Detection',
2012-10-19 20:08:58 +00:00
'Version' => '$Revision$',
'Description' => %q{
This module sends a request to an HTTP/HTTPS service to see if it is a WinRM service.
2012-10-19 20:08:58 +00:00
If it is a WinRM service, it also gathers the Authentication Methods supported.
},
'Author' => [ 'thelightcosine' ],
'License' => MSF_LICENSE
)
deregister_options('USERNAME', 'PASSWORD')
end
def run_host(ip)
resp = winrm_poke
2012-10-23 05:25:31 +00:00
return nil if resp.nil?
if resp.code == 401 and resp.headers['Server'].include? "Microsoft-HTTPAPI"
2012-10-19 20:08:58 +00:00
methods = parse_auth_methods(resp)
desc = resp.headers['Server'] + " Authentication Methods: " + methods.to_s
report_service(
:host => ip,
:port => rport,
:proto => 'tcp',
:name => 'winrm',
:info => desc
)
2012-10-26 00:57:29 +00:00
print_good "#{ip}:#{rport}: Negotiate protocol supported" if methods.include? "Negotiate"
print_good "#{ip}:#{rport}: Kerberos protocol supported" if methods.include? "Kerberos"
print_good "#{ip}:#{rport}: Basic protocol supported" if methods.include? "Basic"
2012-10-23 05:25:31 +00:00
else
2012-10-19 20:08:58 +00:00
print_error "#{ip}:#{rport} Does not appear to be a WinRM server"
end
end
end