Adding reporting to postgres_login. Logging version info more verbosely for authenticated login, since it's way useful.

git-svn-id: file:///home/svn/framework3/trunk@8408 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 17:35:58 +00:00 · 2010-02-08 17:35:58 +00:00 · 0b6c44b2cb
parent 67bb7a1926
commit 0b6c44b2cb
3 changed files with 28 additions and 3 deletions
--- a/data/wordlists/postgres_default_user.txt
+++ b/data/wordlists/postgres_default_user.txt
@ -1,3 +1,4 @@

 postgres
+scott
 admin
--- a/lib/msf/core/exploit/postgres.rb
+++ b/lib/msf/core/exploit/postgres.rb
@ -118,7 +118,7 @@ module Exploit::Remote::Postgres
 				return {:sql_error => sql_error_msg}
 			end
 			postgres_print_reply(resp,sql) if doprint 
-			return {:complete => true}
+			return {:complete => resp}
 		end
 	end

@ -165,7 +165,7 @@ module Exploit::Remote::Postgres
 		end
 		if self.postgres_conn # Just ask for the version.
 			resp = postgres_query("select version()",false)
-			ver = resp.rows[0][0].split(/\s/)[1]
+			ver = resp[:complete].rows[0][0] 
 			return {:auth => ver}
 		end
 	end
--- a/modules/auxiliary/scanner/postgres/postgres_login.rb
+++ b/modules/auxiliary/scanner/postgres/postgres_login.rb
@ -44,7 +44,7 @@ class Metasploit3 < Msf::Auxiliary
 				OptPath.new('PASS_FILE',      [ false, "File containing passwords, one per line", File.join(Msf::Config.install_root, "data", "wordlists", "postgres_default_pass.txt") ]),
 			], self.class)

-		# Users must use user/pass/userpass files.
+		# Users should use user/pass/userpass files.
 		deregister_options('USERNAME', 'PASSWORD', 'SQL')
 	end

@ -104,6 +104,14 @@ class Metasploit3 < Msf::Auxiliary
 		rescue Rex::ConnectionError
 			return :done
 		end
+
+		# Report the service state
+		report_service(
+			:host => rhost,
+			:port => rport,
+			:name => "postgresql"
+		)
+
 		msg = "#{rhost}:#{rport} Postgres -"
 		print_status("#{msg} Trying username:'#{user}' with password:'#{pass}' against #{rhost}:#{rport} on database '#{database}'") if verbose 
 		result = postgres_login(
@ -114,18 +122,34 @@ class Metasploit3 < Msf::Auxiliary
 		case result
 		when :error_database
 			print_good("#{msg} Success: #{user}:#{pass} (Database '#{database}' failed.)")
+			do_report_auth_info(user,pass,database,false)
 			return :next_user # This is a success for user:pass!
 		when :error_credentials
 			print_error("#{msg} Username/Password failed.") if verbose
 			return
 		when :connected
 			print_good("#{msg} Success: #{user}:#{pass} (Database '#{database}' succeeded.)")
+			do_report_auth_info(user,pass,database,true)
 			postgres_logout
 			return :next_user
 		when :error
 			print_error("#{msg} Unknown error encountered, quitting.") if verbose
 			return :done
 		end
+
+	end
+
+	def do_report_auth_info(user,pass,db,db_ok)
+		result_hash = {
+			:host => rhost,
+			:proto => "postgresql",
+			:user => user,
+			:pass => pass,
+			:targ_host => rhost,
+			:targ_port => rport
+		}
+		result_hash.merge!({:database => db}) if db_ok
+		report_auth_info result_hash
 	end

 end