2014-07-18 00:17:31 +00:00
|
|
|
# encoding: UTF-8
|
2010-05-27 21:19:53 +00:00
|
|
|
##
|
2013-10-15 18:50:46 +00:00
|
|
|
# This module requires Metasploit: http//metasploit.com/download
|
|
|
|
|
# Current source: https://github.com/rapid7/metasploit-framework
|
2010-05-27 21:19:53 +00:00
|
|
|
##
|
|
|
|
|
|
|
|
|
|
require 'msf/core'
|
|
|
|
|
|
|
|
|
|
class Metasploit3 < Msf::Auxiliary
|
2013-08-30 21:28:54 +00:00
|
|
|
include Msf::Exploit::Remote::Tcp
|
|
|
|
|
include Msf::Auxiliary::Report
|
|
|
|
|
include Msf::Auxiliary::Scanner
|
2014-07-18 18:52:18 +00:00
|
|
|
include Msf::Exploit::Remote::SIP
|
2013-08-30 21:28:54 +00:00
|
|
|
|
|
|
|
|
def initialize
|
|
|
|
|
super(
|
|
|
|
|
'Name' => 'SIP Endpoint Scanner (TCP)',
|
|
|
|
|
'Description' => 'Scan for SIP devices using OPTIONS requests',
|
|
|
|
|
'Author' => 'hdm',
|
|
|
|
|
'License' => MSF_LICENSE
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
register_options(
|
|
|
|
|
[
|
|
|
|
|
OptInt.new('BATCHSIZE', [true, 'The number of hosts to probe in each set', 256]),
|
2014-07-18 00:17:31 +00:00
|
|
|
OptString.new('TO', [false, 'The destination username to probe at each host', 'nobody']),
|
2013-08-30 21:28:54 +00:00
|
|
|
Opt::RPORT(5060)
|
|
|
|
|
], self.class)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Operate on a single system at a time
|
|
|
|
|
def run_host(ip)
|
2014-07-18 17:29:14 +00:00
|
|
|
begin
|
|
|
|
|
connect
|
|
|
|
|
sock.put(create_probe(ip, 'TCP'))
|
|
|
|
|
res = sock.get_once(-1, 5)
|
2014-07-18 20:27:21 +00:00
|
|
|
parse_response(res, rhost, 'tcp') if res
|
2014-07-18 17:29:14 +00:00
|
|
|
rescue ::Interrupt
|
|
|
|
|
raise $ERROR_INFO
|
|
|
|
|
ensure
|
|
|
|
|
disconnect
|
|
|
|
|
end
|
2013-08-30 21:28:54 +00:00
|
|
|
end
|
2010-05-27 21:19:53 +00:00
|
|
|
end
|
