Create a new mixin that changes SMBUser/SMBPass to normal options, include this mixin within SMB modules that more often than not require authentication
git-svn-id: file:///home/svn/framework3/trunk@9981 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
929d7bd158
commit
040a292181
|
@ -27,12 +27,26 @@ module Exploit::Remote::SMB
|
|||
DCERPCUUID = Rex::Proto::DCERPC::UUID
|
||||
NDR = Rex::Encoder::NDR
|
||||
|
||||
# Mini-mixin for making SMBUser/SMBPass/SMBDomain regular options vs advanced
|
||||
# Included when the module needs credentials to function
|
||||
module Authenticated
|
||||
def initialize(info = {})
|
||||
super
|
||||
register_options(
|
||||
[
|
||||
OptString.new('SMBUser', [ false, 'The username to authenticate as', '']),
|
||||
OptString.new('SMBPass', [ false, 'The password for the specified username', '']),
|
||||
OptString.new('SMBDomain', [ false, 'The Windows domain to use for authentication', 'WORKGROUP']),
|
||||
], Msf::Exploit::Remote::SMB::Authenticated)
|
||||
end
|
||||
end
|
||||
|
||||
def initialize(info = {})
|
||||
super
|
||||
|
||||
register_evasion_options(
|
||||
[
|
||||
OptBool.new('SMB::pipe_evasion', [ true, 'Enable segmented read/writes for SMB Pipes', 'False']),
|
||||
OptBool.new('SMB::pipe_evasion', [ true, 'Enable segmented read/writes for SMB Pipes', false]),
|
||||
OptInt.new('SMB::pipe_write_min_size', [ true, 'Minimum buffer size for pipe writes', 1]),
|
||||
OptInt.new('SMB::pipe_write_max_size', [ true, 'Maximum buffer size for pipe writes', 1024]),
|
||||
OptInt.new('SMB::pipe_read_min_size', [ true, 'Minimum buffer size for pipe reads', 1]),
|
||||
|
@ -45,7 +59,7 @@ module Exploit::Remote::SMB
|
|||
|
||||
register_advanced_options(
|
||||
[
|
||||
OptBool.new('SMBDirect', [ true, 'The target port is a raw SMB service (not NetBIOS)', 'True' ]),
|
||||
OptBool.new('SMBDirect', [ true, 'The target port is a raw SMB service (not NetBIOS)', true ]),
|
||||
OptString.new('SMBUser', [ false, 'The username to authenticate as', '']),
|
||||
OptString.new('SMBPass', [ false, 'The password for the specified username', '']),
|
||||
OptString.new('SMBDomain', [ false, 'The Windows domain to use for authentication', 'WORKGROUP']),
|
||||
|
@ -112,7 +126,6 @@ module Exploit::Remote::SMB
|
|||
datastore['SMBPass'],
|
||||
datastore['SMBDomain']
|
||||
)
|
||||
|
||||
simple.connect("\\\\#{datastore['RHOST']}\\IPC$")
|
||||
end
|
||||
|
||||
|
@ -217,6 +230,8 @@ module Exploit::Remote::SMB
|
|||
smb_login()
|
||||
end
|
||||
|
||||
|
||||
|
||||
os = 'Unknown'
|
||||
sp = ''
|
||||
|
||||
|
|
|
@ -17,6 +17,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
# Exploit mixins should be called first
|
||||
include Msf::Exploit::Remote::SMB
|
||||
include Msf::Exploit::Remote::SMB::Authenticated
|
||||
|
||||
# Scanner mixin should be near last
|
||||
include Msf::Auxiliary::Scanner
|
||||
|
|
|
@ -17,6 +17,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
# Exploit mixins should be called first
|
||||
include Msf::Exploit::Remote::SMB
|
||||
include Msf::Exploit::Remote::SMB::Authenticated
|
||||
include Msf::Exploit::Remote::DCERPC
|
||||
|
||||
# Scanner mixin should be near last
|
||||
|
@ -307,3 +308,4 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
|
||||
end
|
||||
|
||||
|
|
|
@ -17,6 +17,8 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
# Exploit mixins should be called first
|
||||
include Msf::Exploit::Remote::SMB
|
||||
include Msf::Exploit::Remote::SMB::Authenticated
|
||||
|
||||
include Msf::Exploit::Remote::DCERPC
|
||||
|
||||
# Scanner mixin should be near last
|
||||
|
|
|
@ -17,6 +17,8 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
# Exploit mixins should be called first
|
||||
include Msf::Exploit::Remote::SMB
|
||||
include Msf::Exploit::Remote::SMB::Authenticated
|
||||
|
||||
include Msf::Exploit::Remote::DCERPC
|
||||
|
||||
# Scanner mixin should be near last
|
||||
|
|
|
@ -18,6 +18,8 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
include Msf::Exploit::Remote::DCERPC
|
||||
include Msf::Exploit::Remote::SMB
|
||||
include Msf::Exploit::Remote::SMB::Authenticated
|
||||
|
||||
include Msf::Auxiliary::Scanner
|
||||
include Msf::Auxiliary::Report
|
||||
include Msf::Auxiliary::AuthBrute
|
||||
|
|
|
@ -17,6 +17,8 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
# Exploit mixins should be called first
|
||||
include Msf::Exploit::Remote::SMB
|
||||
include Msf::Exploit::Remote::SMB::Authenticated
|
||||
|
||||
include Msf::Exploit::Remote::DCERPC
|
||||
|
||||
# Scanner mixin should be near last
|
||||
|
|
|
@ -19,6 +19,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
# Exploit mixins should be called first
|
||||
include Msf::Exploit::Remote::DCERPC
|
||||
include Msf::Exploit::Remote::SMB
|
||||
include Msf::Exploit::Remote::SMB::Authenticated
|
||||
|
||||
# Scanner mixin should be near last
|
||||
include Msf::Auxiliary::Scanner
|
||||
|
|
|
@ -30,6 +30,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
|
||||
include Msf::Exploit::Remote::DCERPC
|
||||
include Msf::Exploit::Remote::SMB
|
||||
include Msf::Exploit::Remote::SMB::Authenticated
|
||||
include Msf::Auxiliary::Report
|
||||
|
||||
def initialize(info = {})
|
||||
|
@ -78,13 +79,6 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'DisclosureDate' => 'Jan 01 1999'
|
||||
))
|
||||
|
||||
# These should be regular options for this exploit
|
||||
register_options(
|
||||
[
|
||||
OptString.new('SMBUser', [ true, 'The username to authenticate as', "Administrator"]),
|
||||
OptString.new('SMBPass', [ false, 'The password for the specified username', ""])
|
||||
], self.class)
|
||||
|
||||
register_advanced_options(
|
||||
[
|
||||
OptBool.new('DB_REPORT_AUTH', [true, "Report an auth_note upon a successful connection", true])
|
||||
|
|
Loading…
Reference in New Issue