infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make some datastore options required

bug/bundler_fix
jvazquez-r7 2014-07-21 12:10:52 -05:00
parent 436ac706e8
commit 63fca1bfdd
1 changed files with 5 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
modules/auxiliary/scanner/http/joomla_bruteforce_login.rb
View File

@ -4,8 +4,6 @@
## ##
require 'msf/core' require 'msf/core'
require 'rex/proto/ntlm/message'
class Metasploit3 < Msf::Auxiliary class Metasploit3 < Msf::Auxiliary
@ -35,10 +33,10 @@ class Metasploit3 < Msf::Auxiliary
OptPath.new('PASS_FILE', [ false, "File containing passwords, one per line", OptPath.new('PASS_FILE', [ false, "File containing passwords, one per line",
File.join(Msf::Config.data_directory, "wordlists", "http_default_pass.txt") ]), File.join(Msf::Config.data_directory, "wordlists", "http_default_pass.txt") ]),
OptString.new('AUTH_URI', [ true, "The URI to authenticate against", "/administrator/index.php" ]), OptString.new('AUTH_URI', [ true, "The URI to authenticate against", "/administrator/index.php" ]),
OptString.new('FORM_URI', [ false, "The FORM URI to authenticate against" , "/administrator"]), OptString.new('FORM_URI', [ true, "The FORM URI to authenticate against" , "/administrator"]),
OptString.new('USER_VARIABLE', [ false, "The name of the variable for the user field", "username"]), OptString.new('USER_VARIABLE', [ true, "The name of the variable for the user field", "username"]),
OptString.new('PASS_VARIABLE', [ false, "The name of the variable for the password field" , "passwd"]), OptString.new('PASS_VARIABLE', [ true, "The name of the variable for the password field" , "passwd"]),
OptString.new('WORD_ERROR', [ false, "The word of message for detect that login fail","mod-login-username"]) OptString.new('WORD_ERROR', [ true, "The word of message for detect that login fail","mod-login-username"])
], self.class) ], self.class)
register_autofilter_ports([80, 443]) register_autofilter_ports([80, 443])
@ -169,7 +167,6 @@ class Metasploit3 < Msf::Auxiliary
if res if res
vprint_status("#{target_url} - Login Response #{res.code}") vprint_status("#{target_url} - Login Response #{res.code}")
if res.redirect? && res.headers['Location'] if res.redirect? && res.headers['Location']
path = res.headers['Location'] path = res.headers['Location']
vprint_status("#{target_url} - Following redirect to #{path}...") vprint_status("#{target_url} - Following redirect to #{path}...")
@ -217,7 +214,7 @@ class Metasploit3 < Msf::Auxiliary
return :abort unless response.code return :abort unless response.code
if [200, 301, 302].include?(response.code) if [200, 301, 302].include?(response.code)
if response.to_s.include? datastore['WORD_ERROR'] if response.to_s.include?(datastore['WORD_ERROR'])
return :fail return :fail
else else
return :success return :success