From 12902b0a6dec0696ee6d77642867d0b3a7006ccb Mon Sep 17 00:00:00 2001 From: David Maloney Date: Fri, 1 Aug 2014 14:41:03 -0500 Subject: [PATCH] the refactor continues! --- .../framework/login_scanner/postgres.rb | 6 ++- lib/metasploit/framework/login_scanner/smb.rb | 7 ++- .../framework/login_scanner/snmp.rb | 6 ++- .../scanner/postgres/postgres_login.rb | 44 ++++--------------- modules/auxiliary/scanner/snmp/snmp_login.rb | 39 ++++------------ 5 files changed, 32 insertions(+), 70 deletions(-) diff --git a/lib/metasploit/framework/login_scanner/postgres.rb b/lib/metasploit/framework/login_scanner/postgres.rb index a5cc685ed2..0ecfc06e1f 100644 --- a/lib/metasploit/framework/login_scanner/postgres.rb +++ b/lib/metasploit/framework/login_scanner/postgres.rb @@ -23,7 +23,11 @@ module Metasploit # @return [Metasploit::Framework::LoginScanner::Result] The LoginScanner Result object def attempt_login(credential) result_options = { - credential: credential + credential: credential, + host: host, + port: port, + protocol: 'tcp', + service_name: 'postgres' } db_name = credential.realm || 'template1' diff --git a/lib/metasploit/framework/login_scanner/smb.rb b/lib/metasploit/framework/login_scanner/smb.rb index 0daa4ad0f2..43a05955aa 100644 --- a/lib/metasploit/framework/login_scanner/smb.rb +++ b/lib/metasploit/framework/login_scanner/smb.rb @@ -212,7 +212,12 @@ module Metasploit access_level ||= AccessLevels::GUEST end - Result.new(credential: credential, status: status, proof: proof, access_level: access_level) + result = Result.new(credential: credential, status: status, proof: proof, access_level: access_level) + result.host = host + result.port = port + result.protocol = 'tcp' + result.service_name = 'smb' + result end def connect diff --git a/lib/metasploit/framework/login_scanner/snmp.rb b/lib/metasploit/framework/login_scanner/snmp.rb index 1972f29aef..d2fd0d313a 100644 --- a/lib/metasploit/framework/login_scanner/snmp.rb +++ b/lib/metasploit/framework/login_scanner/snmp.rb @@ -22,7 +22,11 @@ module Metasploit # @return [Metasploit::Framework::LoginScanner::Result] The LoginScanner Result object def attempt_login(credential) result_options = { - credential: credential + credential: credential, + host: host, + port: port, + protocol: 'udp', + service_name: 'snmp' } [:SNMPv1, :SNMPv2c].each do |version| diff --git a/modules/auxiliary/scanner/postgres/postgres_login.rb b/modules/auxiliary/scanner/postgres/postgres_login.rb index 01d6ee32c2..07b9d300d9 100644 --- a/modules/auxiliary/scanner/postgres/postgres_login.rb +++ b/modules/auxiliary/scanner/postgres/postgres_login.rb @@ -69,48 +69,20 @@ class Metasploit3 < Msf::Auxiliary connection_timeout: 30 ) - service_data = { - address: ip, - port: rport, - service_name: 'postgres', - protocol: 'tcp', - workspace_id: myworkspace_id - } - scanner.scan! do |result| - if result.success? - credential_data = { + credential_data = result.to_h + credential_data.merge!( module_fullname: self.fullname, - origin_type: :service, - private_data: result.credential.private, - private_type: :password, - realm_key: Metasploit::Model::Realm::Key::POSTGRESQL_DATABASE, - realm_value: result.credential.realm, - username: result.credential.public - } - credential_data.merge!(service_data) - + workspace_id: myworkspace_id + ) + if result.success? credential_core = create_credential(credential_data) + credential_data[:core] = credential_core + create_credential_login(credential_data) - login_data = { - core: credential_core, - last_attempted_at: DateTime.now, - status: Metasploit::Model::Login::Status::SUCCESSFUL - } - login_data.merge!(service_data) - - create_credential_login(login_data) print_good "#{ip}:#{rport} - LOGIN SUCCESSFUL: #{result.credential}" else - invalidate_login( - address: ip, - port: rport, - protocol: 'tcp', - public: result.credential.public, - private: result.credential.private, - realm_key: Metasploit::Model::Realm::Key::POSTGRESQL_DATABASE, - realm_value: result.credential.realm, - status: result.status) + invalidate_login(credential_data) print_status "#{ip}:#{rport} - LOGIN FAILED: #{result.credential} (#{result.status}: #{result.proof})" end end diff --git a/modules/auxiliary/scanner/snmp/snmp_login.rb b/modules/auxiliary/scanner/snmp/snmp_login.rb index 5f5e25ef66..bd6125a0f4 100644 --- a/modules/auxiliary/scanner/snmp/snmp_login.rb +++ b/modules/auxiliary/scanner/snmp/snmp_login.rb @@ -63,43 +63,20 @@ class Metasploit3 < Msf::Auxiliary connection_timeout: 2 ) - service_data = { - address: ip, - port: rport, - service_name: 'snmp', - protocol: 'udp', - workspace_id: myworkspace_id - } - scanner.scan! do |result| + credential_data = result.to_h + credential_data.merge!( + module_fullname: self.fullname, + workspace_id: myworkspace_id + ) if result.success? - credential_data = { - module_fullname: self.fullname, - origin_type: :service, - username: result.credential.public - } - credential_data.merge!(service_data) - credential_core = create_credential(credential_data) + credential_data[:core] = credential_core + create_credential_login(credential_data) - login_data = { - core: credential_core, - last_attempted_at: DateTime.now, - status: Metasploit::Model::Login::Status::SUCCESSFUL - } - login_data.merge!(service_data) - - create_credential_login(login_data) print_good "#{ip}:#{rport} - LOGIN SUCCESSFUL: #{result.credential}" else - invalidate_data = { - public: result.credential.public, - private: result.credential.private, - realm_key: result.credential.realm_key, - realm_value: result.credential.realm, - status: result.status - } .merge(service_data) - invalidate_login(invalidate_data) + invalidate_login(credential_data) print_status "#{ip}:#{rport} - LOGIN FAILED: #{result.credential} (#{result.status}: #{result.proof})" end end