infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Handle rsync motd

bug/bundler_fix
Jon Hart 2015-10-12 13:03:55 -07:00
parent 73a6b47606
commit 4a3848cc4f
1 changed files with 38 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
modules/auxiliary/scanner/rsync/modules_list.rb
View File

@ -27,53 +27,76 @@ class Metasploit3 < Msf::Auxiliary
], self.class) ], self.class)
end end
def read_timeout
10
end
def rsync_list def rsync_list
sock.puts("#list\n") sock.puts("#list\n")
list = [] list = []
# the module listing is the module name and comment separated by a tab, each module # the module listing is the module name and comment separated by a tab, each module
# on its own line, lines separated with a newline # on its own line, lines separated with a newline
sock.get(20).split(/\n/).map(&:strip).map do |module_line| sock.get(read_timeout).split(/\n/).map(&:strip).map do |module_line|
next if module_line =~ /^@RSYNCD: EXIT$/ next if module_line =~ /^@RSYNCD: EXIT$/
list << module_line.split(/\t/).map(&:strip) list << module_line.split(/\t/).map(&:strip)
end end
list list
end end
def rsync_negotiate def rsync_negotiate
connect return unless greeting = sock.get(read_timeout)
return unless greeting = sock.get_once
greeting.strip! greeting.strip!
if /^@RSYNCD: (?<version>\d+(\.\d+)?)$/ =~ greeting control_lines = []
# making sure we match the version of the server motd_lines = []
sock.puts("@RSYNCD: #{version}\n") greeting.split(/\n/).map do |greeting_line|
version if greeting_line =~ /^@RSYNCD:/
control_lines << greeting_line
else
motd_lines << greeting_line
end end
end end
control_lines.map do |control_line|
if /^@RSYNCD: (?<version>\d+(\.\d+)?)$/ =~ control_line
motd = motd_lines.empty? ? nil : motd_lines.join("\n")
sock.puts("@RSYNCD: #{version}\n")
end
return version, motd
end
nil
end
def run_host(ip) def run_host(ip)
unless version = rsync_negotiate connect
version, motd = rsync_negotiate
unless version
disconnect disconnect
return return
end end
info = "rsync protocol version #{version}"
info += ", MOTD '#{motd}'" if motd
report_service( report_service(
host: ip, host: ip,
port: rport, port: rport,
proto: 'tcp', proto: 'tcp',
name: 'rsync', name: 'rsync',
info: "rsync protocol version #{version}" info: info
) )
vprint_good("#{ip}:#{rport} - rsync MOTD: #{motd}") if motd
listing = rsync_list listing = rsync_list
if listing.empty? if listing.empty?
print_status("#{ip}:#{port} - rsync #{version}: no modules found") print_status("#{ip}:#{rport} - rsync #{version}: no modules found")
else else
# build a table to store the module listing in # build a table to store the module listing in
listing_table = Msf::Ui::Console::Table.new( listing_table = Msf::Ui::Console::Table.new(
Msf::Ui::Console::Table::Style::Default, Msf::Ui::Console::Table::Style::Default,
'Header' => "rsync modules", 'Header' => "rsync modules for #{ip}:#{rport}",
'Columns' => 'Columns' =>
[ [
"Name", "Name",
@ -82,7 +105,8 @@ class Metasploit3 < Msf::Auxiliary
'Rows' => listing 'Rows' => listing
) )
print_good("#{ip}:#{rport} - rsync #{version}: #{listing_table.rows.size} modules found") print_good("#{ip}:#{rport} - rsync #{version}: #{listing.size} modules found: " \
"#{listing.map(&:first).join(', ')}")
vprint_line(listing_table.to_s) vprint_line(listing_table.to_s)
report_note( report_note(
@ -90,8 +114,8 @@ class Metasploit3 < Msf::Auxiliary
proto: 'tcp', proto: 'tcp',
port: rport, port: rport,
type: 'rsync_modules', type: 'rsync_modules',
:data => { :modules => listing_table.rows }, data: { modules: listing },
:update => :unique_data update: :unique_data
) )
end end
end end