infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Try USERNAME before DEFAULTCRED

bug/bundler_fix
dmohanty-r7 2016-02-23 13:44:44 -06:00
parent 07ac13326e
commit 6aa6280eff
No known key found for this signature in database
GPG Key ID: D1B3982EAB38742F
1 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
modules/auxiliary/scanner/karaf/login.rb
View File

@ -15,6 +15,9 @@ class Metasploit3 < Msf::Auxiliary
include Msf::Auxiliary::AuthBrute include Msf::Auxiliary::AuthBrute
include Msf::Auxiliary::Scanner include Msf::Auxiliary::Scanner
DEFAULT_USERNAME = 'karaf'
DEFAULT_PASSWORD = 'karaf'
def initialize def initialize
super( super(
'Name' => 'Karaf Default Credential Scanner', 'Name' => 'Karaf Default Credential Scanner',
@ -35,9 +38,7 @@ class Metasploit3 < Msf::Auxiliary
[ [
# TODO Set default user, pass # TODO Set default user, pass
Opt::RPORT(8101), Opt::RPORT(8101),
OptString.new('USERNAME', [true, 'Username', 'karaf']), OptBool.new('TRYDEFAULTCRED', [true, 'Specify whether to try default creds', true])
OptString.new('PASSWORD', [true, 'Password', 'karaf']),
OptBool.new('TRYDEFAULTCRED', [false, 'Specify whether to try default creds', true])
], self.class ], self.class
) )
@ -118,8 +119,13 @@ class Metasploit3 < Msf::Auxiliary
) )
if datastore['TRYDEFAULTCRED'] if datastore['TRYDEFAULTCRED']
cred_collection.additional_privates << 'karaf' if datastore['USERNAME'].blank? && datastore['PASSWORD'].blank?
cred_collection.additional_publics << 'karaf' cred_collection.add_public(DEFAULT_USERNAME)
cred_collection.add_private(DEFAULT_PASSWORD)
else
cred_collection.username = DEFAULT_USERNAME
cred_collection.password = DEFAULT_PASSWORD
end
end end
scanner = Metasploit::Framework::LoginScanner::SSH.new( scanner = Metasploit::Framework::LoginScanner::SSH.new(