infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

cleanup for dns_srv

bug/bundler_fix
jvazquez-r7 2013-02-15 16:19:48 +01:00
parent 9d4bd763a6
commit 374faf9b02
1 changed files with 55 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
modules/auxiliary/gather/dns_srv.rb
View File

@ -16,7 +16,12 @@ class Metasploit3 < Msf::Auxiliary
super(update_info(info,
'Name' => 'DNS Common Service Record Enumeration',
'Description' => %q{
This module enumerates common DNS service records.
This module enumerates common DNS service records in a given domain. By setting
the ALL_DNS to true, all the name servers of a given domain are used for
enumeration. Otherwise only the system dns is used for enumration. in order to get
all the available name servers for the given domain the SOA and NS records are
queried. In order to convert from domain names to IP addresses queries for A and
AAAA (IPv6) records are used.
},
'Author' => [ 'Carlos Perez <carlos_perez[at]darkoperator.com>' ],
'License' => BSD_LICENSE
@ -25,13 +30,13 @@ class Metasploit3 < Msf::Auxiliary
register_options(
[
OptString.new('DOMAIN', [ true, "The target domain name."]),
OptBool.new( 'ALL_NS', [ false, "Run against all name servers for the given domain.",false]),
OptBool.new( 'ALL_NS', [ false, "Run against all name servers for the given domain.",false])
], self.class)
register_advanced_options(
[
OptInt.new('RETRY', [ false, "Number of times to try to resolve a record if no response is received.", 3]),
OptInt.new('RETRY_INTERVAL', [ false, "Number of seconds to wait before doing a retry.", 4]),
OptInt.new('RETRY', [ false, "Number of times to try to resolve a record if no response is received.", 2]),
OptInt.new('RETRY_INTERVAL', [ false, "Number of seconds to wait before doing a retry.", 2])
], self.class)
end
@ -61,6 +66,10 @@ class Metasploit3 < Msf::Auxiliary
records.uniq!
records.each do |r|
print_good("Host: #{r[:host]} IP: #{r[:address].to_s} Service: #{r[:service]} Protocol: #{r[:proto]} Port: #{r[:port]}")
report_host(
:host => r[:address].to_s,
:name => r[:host]
)
report_service(
:host=> r[:address].to_s,
:port => r[:port].to_i,
@ -68,18 +77,14 @@ class Metasploit3 < Msf::Auxiliary
:name => r[:service],
:host_name => r[:host]
)
report_host(
:host => r[:address].to_s,
:name => r[:host]
)
end
end
#---------------------------------------------------------------------------------
def get_soa(target)
results = []
query = @res.query(target, "SOA")
if (query)
return results if not query
(query.answer.select { |i| i.class == Net::DNS::RR::SOA}).each do |rr|
if Rex::Socket.dotted_ip?(rr.mname)
record = {}
@ -97,10 +102,9 @@ class Metasploit3 < Msf::Auxiliary
end
end
end
end
return results
end
#-------------------------------------------------------------------------------
def srvqry(dom)
results = []
#Most common SRV Records
@ -127,7 +131,7 @@ class Metasploit3 < Msf::Auxiliary
begin
query = @res.query(trg , Net::DNS::SRV)
if query
next unless query
query.answer.each do |srv|
if Rex::Socket.dotted_ip?(srv.host)
record = {}
@ -159,14 +163,12 @@ class Metasploit3 < Msf::Auxiliary
end
end
end
end
rescue
end
end
return results
end
#---------------------------------------------------------------------------------
def get_ip(host)
results = []
query = @res.search(host, "A")
@ -199,18 +201,17 @@ class Metasploit3 < Msf::Auxiliary
end
return results
end
#---------------------------------------------------------------------------------
def switchdns(ns)
vprint_status("Enumerating SRV Records on: #{ns}")
@res.nameserver=(ns)
@nsinuse = ns
end
#---------------------------------------------------------------------------------
def get_ns(target)
results = []
query = @res.query(target, "NS")
if (query)
return results if not query
(query.answer.select { |i| i.class == Net::DNS::RR::NS}).each do |rr|
get_ip(rr.nsdname).each do |r|
record = {}
@ -220,7 +221,6 @@ class Metasploit3 < Msf::Auxiliary
results << record
end
end
end
return results
end
end