Simplify memcached amplification scanner to use UDPScanner for most of the work

2018-03-01 15:37:23 -08:00 · 2018-03-01 15:37:23 -08:00 · 155f45fc28
parent ff6c601517
commit 155f45fc28
1 changed files with 4 additions and 23 deletions
--- a/modules/auxiliary/scanner/memcached/memcached_amp.rb
+++ b/modules/auxiliary/scanner/memcached/memcached_amp.rb
@ -20,7 +20,8 @@ class MetasploitModule < Msf::Auxiliary
      'Author'      =>
        [
          'Marek Majkowski', # Cloudflare blog and base payload
-          'xistence <xistence[at]0x90.nl>' # Metasploit scanner module
+          'xistence <xistence[at]0x90.nl>', # Metasploit scanner module
+          'Jon Hart <jon_hart@rapid7.com>', # Metasploit scanner module
        ],
      'License'     => MSF_LICENSE,
      'References'  =>
@ -34,29 +35,9 @@ class MetasploitModule < Msf::Auxiliary
    ])
  end

-  def rport
-    datastore['RPORT']
-  end
-
-  def setup
-    super
-
+  def build_probe
    # Memcached stats probe
-    @memcached_probe = "\x00\x00\x00\x00\x00\x01\x00\x00stats\r\n"
-  end
-
-  def scanner_prescan(batch)
-    print_status("Sending Memcached stats probes to #{batch[0]}->#{batch[-1]} (#{batch.length} hosts)")
-    @results = {}
-  end
-
-  def scan_host(ip)
-    if spoofed?
-      datastore['ScannerRecvWindow'] = 0
-      scanner_spoof_send(@memcached_probe, ip, datastore['RPORT'], datastore['SRCIP'], datastore['NUM_REQUESTS'])
-    else
-      scanner_send(@memcached_probe, ip, datastore['RPORT'])
-    end
+    @memcached_probe ||= "\x00\x00\x00\x00\x00\x01\x00\x00stats\r\n"
  end

  def scanner_process(data, shost, sport)