infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Login check fixes for exploit

bug/bundler_fix
David Maloney 2012-12-12 14:18:41 -06:00
parent 5e8b9a20a4
commit 5856874cea
1 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
modules/exploits/windows/winrm/winrm_script_exec.rb
View File

@ -56,7 +56,9 @@ class Metasploit3 < Msf::Exploit::Remote
register_options(
[
OptBool.new('FORCE_VBS', [ true, 'Force the module to use the VBS CmdStager', false])
OptBool.new('FORCE_VBS', [ true, 'Force the module to use the VBS CmdStager', false]),
OptString.new('USERNAME', [ true, 'A specific username to authenticate as' ]),
OptString.new('PASSWORD', [ true, 'A specific password to authenticate with' ]),
], self.class
)
@ -82,6 +84,10 @@ class Metasploit3 < Msf::Exploit::Remote
unless check == Msf::Exploit::CheckCode::Vulnerable
return
end
unless valid_login?
print_error "Login Failure. Recheck your credentials"
return
end
if powershell2?
path = upload_script
return if path.nil?
@ -243,4 +249,13 @@ class Metasploit3 < Msf::Exploit::Remote
return false
end
def valid_login?
data = winrm_wql_msg("Select Name,Status from Win32_Service")
resp,c = send_request_ntlm(data)
unless resp.code == 200
return false
end
return true
end
end