Lance Sanchez
parent
f2a2975bc1
commit
15fffb1668
|
|
@ -31,21 +31,21 @@ module Metasploit
|
|||
|
||||
# Check to see if we recieved an OK?
|
||||
result_options[:proof] = sock.get_once
|
||||
if result_options[:proof][/^\+OK (.*)/]
|
||||
if result_options[:proof][/^\+OK.*/]
|
||||
# If we received an OK we should send the USER
|
||||
sock.put("USER #{credential.public}\r\n")
|
||||
result_options[:proof] = sock.get_once
|
||||
if result_options[:proof][/^\+OK (.*)/]
|
||||
if result_options[:proof][/^\+OK.*/]
|
||||
# If we got an OK after the username we can send the PASS
|
||||
sock.put("PASS #{credential.private}\r\n")
|
||||
result_options[:proof] = sock.get_once
|
||||
if result_options[:proof][/^\+OK (.*)/]
|
||||
if result_options[:proof][/^\+OK.*/]
|
||||
# if the pass gives an OK, were good to go
|
||||
result_options[:status] = :success
|
||||
end
|
||||
end
|
||||
end
|
||||
rescue ::Rex::ConnectionError, ::Timeout::Error, ::Errno::EPIPE => e
|
||||
rescue Rex::ConnectionError, EOFError, Timeout::Error, Errno::EPIPE => e
|
||||
result_options.merge!(
|
||||
proof: e.message,
|
||||
status: :connection_error
|
||||
|
|
@ -64,11 +64,7 @@ module Metasploit
|
|||
def set_sane_defaults
|
||||
self.max_send_size ||= 0
|
||||
self.send_delay ||= 0
|
||||
if self.ssl?
|
||||
self.port ||= 995
|
||||
else
|
||||
self.port ||= 110
|
||||
end
|
||||
self.port ||= 110
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
|||
|
|
@ -9,6 +9,73 @@ describe Metasploit::Framework::LoginScanner::POP3 do
|
|||
|
||||
context "#attempt_login" do
|
||||
|
||||
let(:pub_blank) do
|
||||
Metasploit::Framework::LoginScanner::Credential.new(
|
||||
paired: true,
|
||||
public: "public",
|
||||
private: ''
|
||||
)
|
||||
end
|
||||
context "Raised Exceptions" do
|
||||
it "Rex::ConnectionError should result in status :connection_error" do
|
||||
expect(scanner).to receive(:connect).and_raise(Rex::ConnectionError)
|
||||
result = scanner.attempt_login(pub_blank)
|
||||
|
||||
expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result)
|
||||
expect(result.status).to eq(:connection_error)
|
||||
end
|
||||
|
||||
it "Timeout::Error should result in status :connection_error" do
|
||||
expect(scanner).to receive(:connect).and_raise(Timeout::Error)
|
||||
result = scanner.attempt_login(pub_blank)
|
||||
|
||||
expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result)
|
||||
expect(result.status).to eq(:connection_error)
|
||||
end
|
||||
|
||||
it "EOFError should result in status :connection_error" do
|
||||
expect(scanner).to receive(:connect).and_raise(EOFError)
|
||||
result = scanner.attempt_login(pub_blank)
|
||||
|
||||
expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result)
|
||||
expect(result.status).to eq(:connection_error)
|
||||
end
|
||||
end
|
||||
|
||||
context "Open Connection" do
|
||||
let(:sock) {double('socket')}
|
||||
|
||||
before(:each) do
|
||||
sock.stub(:shutdown)
|
||||
sock.stub(:close)
|
||||
expect(scanner).to receive(:connect)
|
||||
scanner.stub(:sock).and_return(sock)
|
||||
|
||||
end
|
||||
|
||||
it "Server returns +OK" do
|
||||
expect(sock).to receive(:get_once).exactly(3).times.and_return("+OK")
|
||||
expect(sock).to receive(:put).with("USER public\r\n").once.ordered
|
||||
expect(sock).to receive(:put).with("PASS \r\n").once.ordered
|
||||
|
||||
result = scanner.attempt_login(pub_blank)
|
||||
|
||||
expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result)
|
||||
expect(result.status).to eq(:success)
|
||||
|
||||
end
|
||||
|
||||
it "Server Returns Something Else" do
|
||||
sock.stub(:get_once).and_return("+ERROR")
|
||||
|
||||
result = scanner.attempt_login(pub_blank)
|
||||
|
||||
expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result)
|
||||
expect(result.status).to eq(:failed)
|
||||
expect(result.proof).to eq("+ERROR")
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue