Add pop3/imap4 scanners
git-svn-id: file:///home/svn/framework3/trunk@8664 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
5a89952606
commit
304a238d3e
|
@ -11,7 +11,7 @@ require 'msf/core/exploit/tcp'
|
|||
module Exploit::Remote::Imap
|
||||
|
||||
include Exploit::Remote::Tcp
|
||||
|
||||
|
||||
#
|
||||
# Creates an instance of an IMAP exploit module.
|
||||
#
|
||||
|
@ -34,21 +34,17 @@ module Exploit::Remote::Imap
|
|||
# message is read in and stored in the 'banner' attribute.
|
||||
#
|
||||
def connect(global = true)
|
||||
print_status("Connecting to IMAP server #{rhost}:#{rport}...")
|
||||
|
||||
fd = super
|
||||
|
||||
# Wait for a banner to arrive...
|
||||
self.banner = fd.get_once
|
||||
|
||||
print_status("Connected to target IMAP server.")
|
||||
|
||||
# Wait for a banner to arrive...
|
||||
self.banner = fd.get_once(-1, 30)
|
||||
|
||||
# Return the file descriptor to the caller
|
||||
fd
|
||||
end
|
||||
|
||||
#
|
||||
# Connect and login to the remote IMAP server using the credentials
|
||||
# Connect and login to the remote IMAP server using the credentials
|
||||
# that have been supplied in the exploit options.
|
||||
#
|
||||
def connect_login(global = true)
|
||||
|
@ -62,7 +58,7 @@ module Exploit::Remote::Imap
|
|||
|
||||
print_status("Authenticating as #{user} with password #{pass}...")
|
||||
res = raw_send_recv("a001 LOGIN #{user} #{pass}\r\n")
|
||||
|
||||
|
||||
if (res !~ /^a001 OK/)
|
||||
print_status("Authentication failed")
|
||||
return false
|
||||
|
@ -80,7 +76,7 @@ module Exploit::Remote::Imap
|
|||
nsock.get_once
|
||||
end
|
||||
|
||||
|
||||
|
||||
##
|
||||
#
|
||||
# Wrappers for getters
|
||||
|
@ -111,4 +107,5 @@ protected
|
|||
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -0,0 +1,39 @@
|
|||
##
|
||||
# This file is part of the Metasploit Framework and may be subject to
|
||||
# redistribution and commercial restrictions. Please see the Metasploit
|
||||
# Framework web site for more information on licensing and terms of use.
|
||||
# http://metasploit.com/framework/
|
||||
##
|
||||
|
||||
require 'msf/core'
|
||||
|
||||
class Metasploit3 < Msf::Auxiliary
|
||||
|
||||
include Msf::Exploit::Remote::Imap
|
||||
include Msf::Auxiliary::Scanner
|
||||
include Msf::Auxiliary::Report
|
||||
|
||||
def initialize
|
||||
super(
|
||||
'Name' => 'IMAP4 Banner Grabber',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'IMAP4 Banner Grabber',
|
||||
'Author' => 'hdm',
|
||||
'License' => MSF_LICENSE
|
||||
)
|
||||
end
|
||||
|
||||
def run_host(ip)
|
||||
begin
|
||||
res = connect
|
||||
banner_sanitized = banner.to_s.gsub(/[\x00-\x19\x7f-\xff]/) { |s| "\\x%02x" % s[0,1].unpack("C")[0] }
|
||||
print_status("#{ip}:#{rport} IMAP #{banner_sanitized}")
|
||||
report_service(:host => rhost, :port => rport, :name => "imap", :info => banner)
|
||||
rescue ::Rex::ConnectionError
|
||||
rescue ::Exception => e
|
||||
print_error("#{rhost}:#{rport} #{e} #{e.backtrace}")
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
|
|
@ -0,0 +1,43 @@
|
|||
##
|
||||
# This file is part of the Metasploit Framework and may be subject to
|
||||
# redistribution and commercial restrictions. Please see the Metasploit
|
||||
# Framework web site for more information on licensing and terms of use.
|
||||
# http://metasploit.com/framework/
|
||||
##
|
||||
|
||||
require 'msf/core'
|
||||
|
||||
class Metasploit3 < Msf::Auxiliary
|
||||
|
||||
include Msf::Exploit::Remote::Tcp
|
||||
include Msf::Auxiliary::Scanner
|
||||
include Msf::Auxiliary::Report
|
||||
|
||||
def initialize
|
||||
super(
|
||||
'Name' => 'POP3 Banner Grabber',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'POP3 Banner Grabber',
|
||||
'Author' => 'hdm',
|
||||
'License' => MSF_LICENSE
|
||||
)
|
||||
register_options([
|
||||
Opt::RPORT(110)
|
||||
], self.class)
|
||||
end
|
||||
|
||||
def run_host(ip)
|
||||
begin
|
||||
res = connect
|
||||
banner = sock.get_once(-1, 30)
|
||||
banner_sanitized = banner.to_s.gsub(/[\x00-\x19\x7f-\xff]/) { |s| "\\x%02x" % s[0,1].unpack("C")[0] }
|
||||
print_status("#{ip}:#{rport} POP3 #{banner_sanitized}")
|
||||
report_service(:host => rhost, :port => rport, :name => "pop3", :info => banner)
|
||||
rescue ::Rex::ConnectionError
|
||||
rescue ::Exception => e
|
||||
print_error("#{rhost}:#{rport} #{e} #{e.backtrace}")
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
|
|
@ -16,7 +16,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
def initialize
|
||||
super(
|
||||
'Name' => 'SMTP Banner Grabber',
|
||||
'Version' => '',
|
||||
'Version' => '$Revision$',
|
||||
'Description' => 'SMTP Banner Grabber',
|
||||
'References' =>
|
||||
[
|
||||
|
|
Loading…
Reference in New Issue