Update a few scanner modules to write to the database properly

git-svn-id: file:///home/svn/framework3/trunk@7992 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-27 07:30:50 +00:00 · 2009-12-27 07:30:50 +00:00 · 166489ad5f
parent 4c6fd97b0e
commit 166489ad5f
3 changed files with 51 additions and 46 deletions
--- a/modules/auxiliary/scanner/dcerpc/endpoint_mapper.rb
+++ b/modules/auxiliary/scanner/dcerpc/endpoint_mapper.rb
@ -3,7 +3,7 @@
 ##

 ##
-# This file is part of the Metasploit Framework and may be subject to 
+# This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
 # Framework web site for more information on licensing and terms of use.
 # http://metasploit.com/framework/
@ -17,34 +17,34 @@ class Metasploit3 < Msf::Auxiliary

 	# Exploit mixins should be called first
 	include Msf::Exploit::Remote::DCERPC
-	
+
 	include Msf::Auxiliary::Report

 	# Scanner mixin should be near last
 	include Msf::Auxiliary::Scanner
-	
+
 	def initialize
 		super(
 			'Name'        => 'Endpoint Mapper Service Discovery',
 			'Version'     => '$Revision$',
 			'Description' => %q{
-				This module can be used to obtain information from the 
+				This module can be used to obtain information from the
 				Endpoint Mapper service.
 			},
 			'Author'      => 'hdm',
 			'License'     => MSF_LICENSE
 		)
-		
+
 		deregister_options('RHOST')
-		
+
 		register_options(
 			[
 				Opt::RPORT(135)
-			], self.class)		
+			], self.class)
 	end

 	# Obtain information about a single host
-	def run_host(ip)	
+	def run_host(ip)
 		begin

 			ids = dcerpc_endpoint_list()
@ -58,23 +58,30 @@ class Metasploit3 < Msf::Auxiliary
 				line << "(#{id[:pipe]}) " if id[:pipe]
 				line << "#{id[:host]} " if id[:host]
 				line << "[#{id[:note]}]" if id[:note]
-				print_status(line)							
+				print_status(line)
 				if (id[:host] and id[:host][0,2] == "\\\\")
 					name = id[:host][2..-1]
 				end
 				if id[:prot].downcase == "tcp" or id[:prot].downcase == "udp"
-					report_service(:host => ip, :port => id[:port], :proto => id[:prot].downcase)
+					report_service(
+						:host => ip,
+						:port => id[:port],
+						:proto => id[:prot].downcase,
+						:name => "dcerpc",
+						:info => "#{id[:uuid]} v#{id[:vers]} #{id[:note]}"
+					)
 				end
 			end
 			report_host(:host => ip, :name => name) if name

-			
+
 		rescue ::Interrupt
 			raise $!
 		rescue ::Exception => e
 			print_status("Error: #{e}")
 		end
 	end
-	
+

 end
+
--- a/modules/auxiliary/scanner/http/version.rb
+++ b/modules/auxiliary/scanner/http/version.rb
@ -3,7 +3,7 @@
 ##

 ##
-# This file is part of the Metasploit Framework and may be subject to 
+# This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
 # Framework web site for more information on licensing and terms of use.
 # http://metasploit.com/framework/
@ -14,7 +14,7 @@ require 'msf/core'


 class Metasploit3 < Msf::Auxiliary
-	
+
 	# Exploit mixins should be called first
 	include Msf::Exploit::Remote::HttpClient
 	include Msf::Auxiliary::WMAPScanServer
@ -30,7 +30,7 @@ class Metasploit3 < Msf::Auxiliary
 			'Author'      => 'hdm',
 			'License'     => MSF_LICENSE
 		)
-		
+
 	end

 	# Fingerprint a single host
@ -39,27 +39,22 @@ class Metasploit3 < Msf::Auxiliary
 		begin
 			res = send_request_raw({
 				'uri'          => '/',
-				'method'       => 'GET'
+				'method'       => 'GET',
+				'agent'        => 'Metasploit',
+				'connection'   => 'close'
 			}, 10)

 			if (res and res.headers['Server'])
 				extra = http_fingerprint(res)
 				print_status("#{ip} is running #{res.headers['Server']}#{extra}")
-				
-				report_note(
-					:host	=> ip,
-					:proto	=> 'HTTP',
-					:port	=> rport,
-					:type	=> 'WEB_SERVER',
-					:data	=> "#{res.headers['Server']}#{extra}"
-				)
+				report_service(:host => ip, :port => rport, :name => (ssl ? 'https' : 'http'), :info => "#{res.headers['Server']}#{extra}")
 			end

 		rescue ::Timeout::Error, ::Errno::EPIPE
 		end

 	end
-	
+
 	#
 	# This is quick example of "extra" fingerprinting we can do
 	#
@ -71,7 +66,7 @@ class Metasploit3 < Msf::Auxiliary
 		if (res.headers['X-Powered-By'])
 			extras << "Powered by " + res.headers['X-Powered-By']
 		end
-	
+
 		case res.body

 			when /Test Page for.*Fedora/
@ -79,25 +74,26 @@ class Metasploit3 < Msf::Auxiliary

 			when /Placeholder page/
 				extras << "Debian Default Page"
-				
+
 			when /Welcome to Windows Small Business Server (\d+)/
 				extras << "Windows SBS #{$1}"

 			when /Asterisk@Home/
 				extras << "Asterix"
-				
+
 			when /swfs\/Shell\.html/
 				extras << "BPS-1000"
-			
+
 		end
-		
+
 		if (extras.length == 0)
 			return ''
 		end
-		
-		
+
+
 		# Format and return
 		' ( ' + extras.join(', ') + ' )'
 	end

 end
+
--- a/modules/auxiliary/scanner/smb/version.rb
+++ b/modules/auxiliary/scanner/smb/version.rb
@ -3,7 +3,7 @@
 ##

 ##
-# This file is part of the Metasploit Framework and may be subject to 
+# This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
 # Framework web site for more information on licensing and terms of use.
 # http://metasploit.com/framework/
@ -15,11 +15,11 @@ require 'msf/core'

 class Metasploit3 < Msf::Auxiliary

-	
+
 	# Exploit mixins should be called first
 	include Msf::Exploit::Remote::DCERPC
 	include Msf::Exploit::Remote::SMB
-	
+
 	# Scanner mixin should be near last
 	include Msf::Auxiliary::Scanner
 	include Msf::Auxiliary::Report
@ -29,7 +29,7 @@ class Metasploit3 < Msf::Auxiliary
 	XCEPT  = Rex::Proto::SMB::Exceptions
 	CONST  = Rex::Proto::SMB::Constants

-	
+
 	def initialize
 		super(
 			'Name'        => 'SMB Version Detection',
@ -38,12 +38,12 @@ class Metasploit3 < Msf::Auxiliary
 			'Author'      => 'hdm',
 			'License'     => MSF_LICENSE
 		)
-		
+
 		deregister_options('RPORT')
 	end

 	# Fingerprint a single host
-	def run_host(ip)	
+	def run_host(ip)
 		[[445, true], [139, false]].each do |info|

 		datastore['RPORT'] = info[0]
@ -52,10 +52,10 @@ class Metasploit3 < Msf::Auxiliary

 		begin
 			res = smb_fingerprint()
-			
+
 			if(res['os'] and res['os'] != 'Unknown')
 				print_status("#{rhost} is running #{res['os']} #{res['sp']} (language: #{res['lang']})")
-				report_service(:host => ip, :port => info[0])
+				report_service(:host => ip, :port => info[0], :name => 'smb', :info => "#{res['os']} #{res['sp']} (language: #{res['lang']})")
 				case res['os']
 				when /Windows/
 					os = OperatingSystems::WINDOWS
@ -63,18 +63,19 @@ class Metasploit3 < Msf::Auxiliary
 					os = OperatingSystems::UNKNOWN
 				end
 				report_host({
-					:host => ip, 
-					:os_flavor => res['os'], 
+					:host => ip,
+					:os_flavor => res['os'],
 					:os_lang => res['lang'],
-					:os_name => os, 
+					:os_name => os,
 					:os_sp => res['sp'],
 				})
 			else
+				report_service(:host => ip, :port => info[0], :name => 'smb')
 				print_status("#{rhost} could not be identified")
 			end
-			
+
 			disconnect
-			
+
 			break
 		rescue ::Rex::Proto::SMB::Exceptions::ErrorCode  => e
 		rescue ::Rex::Proto::SMB::Exceptions::LoginError => e
@ -82,7 +83,7 @@ class Metasploit3 < Msf::Auxiliary
 			if(e.to_s =~ /server refused our NetBIOS/)
 				next
 			end
-			
+
 			return
 		rescue ::Rex::ConnectionError
 			next
@ -95,3 +96,4 @@ class Metasploit3 < Msf::Auxiliary
 	end

 end
+