Land #7238, Add DETECT_ANY_AUTH to smb_login

bug/bundler_fix
wchen-r7 2016-08-25 11:52:14 -05:00
commit 52b81f32b1
No known key found for this signature in database
GPG Key ID: 2384DB4EF06F730B
2 changed files with 21 additions and 7 deletions

View File

@ -115,3 +115,12 @@ set SMBPass [password]
Note: If an account has been successfully brute-forced, that account will not be tried again.
Additionally, if you wish to disable automatic detection of all-access systems, you can change the following option:
**The DETECT_ANY_AUTH option**
This option enables detection of systems accepting any authentication. A bogus login will be attempted.
```
set DETECT_ANY_AUTH false
```

View File

@ -56,7 +56,8 @@ class MetasploitModule < Msf::Auxiliary
[
Opt::Proxies,
OptBool.new('PRESERVE_DOMAINS', [ false, "Respect a username that contains a domain name.", true ]),
OptBool.new('RECORD_GUEST', [ false, "Record guest-privileged random logins to the database", false ])
OptBool.new('RECORD_GUEST', [ false, "Record guest-privileged random logins to the database", false ]),
OptBool.new('DETECT_ANY_AUTH', [false, 'Enable detection of systems accepting any authentication', true])
], self.class)
end
@ -87,6 +88,7 @@ class MetasploitModule < Msf::Auxiliary
send_spn: datastore['NTLM::SendSPN'],
)
if datastore['DETECT_ANY_AUTH']
bogus_result = @scanner.attempt_bogus_login(domain)
if bogus_result.success?
if bogus_result.access_level == Metasploit::Framework::LoginScanner::SMB::AccessLevels::GUEST
@ -95,6 +97,9 @@ class MetasploitModule < Msf::Auxiliary
print_error("This system accepts authentication with any credentials, brute force is ineffective.")
return
end
else
vprint_status('This system does not accept authentication with any credentials, proceeding with brute force')
end
end
cred_collection = Metasploit::Framework::CredentialCollection.new(