Land #7238, Add DETECT_ANY_AUTH to smb_login
commit
52b81f32b1
|
@ -115,3 +115,12 @@ set SMBPass [password]
|
|||
|
||||
Note: If an account has been successfully brute-forced, that account will not be tried again.
|
||||
|
||||
Additionally, if you wish to disable automatic detection of all-access systems, you can change the following option:
|
||||
|
||||
**The DETECT_ANY_AUTH option**
|
||||
|
||||
This option enables detection of systems accepting any authentication. A bogus login will be attempted.
|
||||
|
||||
```
|
||||
set DETECT_ANY_AUTH false
|
||||
```
|
||||
|
|
|
@ -56,7 +56,8 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[
|
||||
Opt::Proxies,
|
||||
OptBool.new('PRESERVE_DOMAINS', [ false, "Respect a username that contains a domain name.", true ]),
|
||||
OptBool.new('RECORD_GUEST', [ false, "Record guest-privileged random logins to the database", false ])
|
||||
OptBool.new('RECORD_GUEST', [ false, "Record guest-privileged random logins to the database", false ]),
|
||||
OptBool.new('DETECT_ANY_AUTH', [false, 'Enable detection of systems accepting any authentication', true])
|
||||
], self.class)
|
||||
|
||||
end
|
||||
|
@ -87,6 +88,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
send_spn: datastore['NTLM::SendSPN'],
|
||||
)
|
||||
|
||||
if datastore['DETECT_ANY_AUTH']
|
||||
bogus_result = @scanner.attempt_bogus_login(domain)
|
||||
if bogus_result.success?
|
||||
if bogus_result.access_level == Metasploit::Framework::LoginScanner::SMB::AccessLevels::GUEST
|
||||
|
@ -95,6 +97,9 @@ class MetasploitModule < Msf::Auxiliary
|
|||
print_error("This system accepts authentication with any credentials, brute force is ineffective.")
|
||||
return
|
||||
end
|
||||
else
|
||||
vprint_status('This system does not accept authentication with any credentials, proceeding with brute force')
|
||||
end
|
||||
end
|
||||
|
||||
cred_collection = Metasploit::Framework::CredentialCollection.new(
|
||||
|
|
Loading…
Reference in New Issue