infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #7238, Add DETECT_ANY_AUTH to smb_login

bug/bundler_fix
wchen-r7 2016-08-25 11:52:14 -05:00
parent 5c447a6b13 1a22ac05df
commit 52b81f32b1
No known key found for this signature in database
GPG Key ID: 2384DB4EF06F730B
2 changed files with 21 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
documentation/modules/auxiliary/scanner/smb/smb_login.md
View File

@ -115,3 +115,12 @@ set SMBPass [password]
Note: If an account has been successfully brute-forced, that account will not be tried again.
Additionally, if you wish to disable automatic detection of all-access systems, you can change the following option:
**The DETECT_ANY_AUTH option**
This option enables detection of systems accepting any authentication. A bogus login will be attempted.
```
set DETECT_ANY_AUTH false
```

19
modules/auxiliary/scanner/smb/smb_login.rb
View File

@ -56,7 +56,8 @@ class MetasploitModule < Msf::Auxiliary
[
Opt::Proxies,
OptBool.new('PRESERVE_DOMAINS', [ false, "Respect a username that contains a domain name.", true ]),
OptBool.new('RECORD_GUEST', [ false, "Record guest-privileged random logins to the database", false ])
OptBool.new('RECORD_GUEST', [ false, "Record guest-privileged random logins to the database", false ]),
OptBool.new('DETECT_ANY_AUTH', [false, 'Enable detection of systems accepting any authentication', true])
], self.class)
end
@ -87,13 +88,17 @@ class MetasploitModule < Msf::Auxiliary
send_spn: datastore['NTLM::SendSPN'],
)
bogus_result = @scanner.attempt_bogus_login(domain)
if bogus_result.success?
if bogus_result.access_level == Metasploit::Framework::LoginScanner::SMB::AccessLevels::GUEST
print_status("This system allows guest sessions with any credentials")
if datastore['DETECT_ANY_AUTH']
bogus_result = @scanner.attempt_bogus_login(domain)
if bogus_result.success?
if bogus_result.access_level == Metasploit::Framework::LoginScanner::SMB::AccessLevels::GUEST
print_status("This system allows guest sessions with any credentials")
else
print_error("This system accepts authentication with any credentials, brute force is ineffective.")
return
end
else
print_error("This system accepts authentication with any credentials, brute force is ineffective.")
return
vprint_status('This system does not accept authentication with any credentials, proceeding with brute force')
end
end