infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3 from jvazquez-r7/review_2791 

Switch RHOSTS to TARGETS and add validation
bug/bundler_fix
Bruno Morisson 2013-12-23 15:24:02 -08:00
parent 94da642f5c 88b3b2c78e
commit 03d552c087
1 changed files with 29 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
modules/auxiliary/scanner/sap/sap_router_portscanner.rb
View File

@ -10,6 +10,8 @@ class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::Tcp include Msf::Exploit::Remote::Tcp
include Msf::Auxiliary::Report include Msf::Auxiliary::Report
VALID_HOSTNAME_REGEX = /^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$/
def initialize def initialize
super( super(
'Name' => 'SAPRouter Port Scanner', 'Name' => 'SAPRouter Port Scanner',
@ -36,7 +38,7 @@ class Metasploit3 < Msf::Auxiliary
register_options( register_options(
[ [
OptAddress.new('SAPROUTER_HOST', [true, 'SAPRouter address', '']), OptAddress.new('SAPROUTER_HOST', [true, 'SAPRouter address', '']),
OptString.new('RHOSTS', [true, 'Comma delimited target hostnames, target address range or CIDR identifier', '']), OptString.new('TARGETS', [true, 'Comma delimited targets. When resolution is local address ranges or CIDR identifiers allowed.', '']),
OptPort.new('SAPROUTER_PORT', [true, 'SAPRouter TCP port', '3299']), OptPort.new('SAPROUTER_PORT', [true, 'SAPRouter TCP port', '3299']),
OptEnum.new('MODE', [true, 'Connection Mode: SAP_PROTO or TCP ', 'SAP_PROTO', ['SAP_PROTO', 'TCP']]), OptEnum.new('MODE', [true, 'Connection Mode: SAP_PROTO or TCP ', 'SAP_PROTO', ['SAP_PROTO', 'TCP']]),
OptString.new('INSTANCES', [false, 'SAP instance numbers to scan (NN in PORTS definition)', '00-99']), OptString.new('INSTANCES', [false, 'SAP instance numbers to scan (NN in PORTS definition)', '00-99']),
@ -47,7 +49,7 @@ class Metasploit3 < Msf::Auxiliary
# 3NN11,3NN17,20003-20007,31596,31597,31602,31601,31604,2000-2002, # 3NN11,3NN17,20003-20007,31596,31597,31602,31601,31604,2000-2002,
# 8355,8357,8351-8353,8366,1090,1095,20201,1099,1089,443NN,444NN # 8355,8357,8351-8353,8366,1090,1095,20201,1099,1089,443NN,444NN
OptInt.new('CONCURRENCY', [true, 'The number of concurrent ports to check per host', 10]), OptInt.new('CONCURRENCY', [true, 'The number of concurrent ports to check per host', 10]),
OptEnum.new('RESOLVE',[true,'Where to resolve RHOSTS','local',['remote','local']]) OptEnum.new('RESOLVE',[true,'Where to resolve TARGETS','local',['remote','local']])
], self.class) ], self.class)
deregister_options('RPORT') deregister_options('RPORT')
@ -276,18 +278,35 @@ class Metasploit3 < Msf::Auxiliary
return nil return nil
end end
def validate(range)
hosts_list = range.split(",")
return false if hosts_list.nil? or hosts_list.empty?
hosts_list.each do |host|
unless Rex::Socket.is_ipv6?(host) || Rex::Socket.is_ipv4?(host) || host =~ VALID_HOSTNAME_REGEX
return false
end
end
end
def run def run
datastore['RHOSTS'].split(/,/).each do |host| if datastore['RESOLVE'] == 'remote'
if datastore['RESOLVE'] == 'remote' range = datastore['TARGETS']
unless validate(range)
print_error("TARGETS must be a comma separated list of IP addresses or hostnames when RESOLVE is remote")
return
end
range.split(/,/).each do |host|
run_host(host) run_host(host)
else end
else
# resolve IP or crack IP range # resolve IP or crack IP range
ip_list = Rex::Socket::RangeWalker.new(host) ip_list = Rex::Socket::RangeWalker.new(datastore['TARGETS'])
ip_list.each do |ip| ip_list.each do |ip|
run_host(ip) run_host(ip)
end end
end
end end
end end