Land #9999, Optionally test empty group in cisco_ssl_vpn

2018-05-18 10:57:15 -05:00 · 2018-05-18 10:57:15 -05:00 · 7b3169ad0a
parent 9b152cec72
commit 7b3169ad0a
1 changed files with 7 additions and 2 deletions
--- a/modules/auxiliary/scanner/http/cisco_ssl_vpn.rb
+++ b/modules/auxiliary/scanner/http/cisco_ssl_vpn.rb
@ -36,6 +36,10 @@ class MetasploitModule < Msf::Auxiliary
        Opt::RPORT(443),
        OptString.new('GROUP', [false, "A specific VPN group to use", ''])
      ])
+    register_advanced_options(
+      [
+        OptBool.new('EmptyGroup', [true, "Use an empty group with authentication requests", false])
+      ])
  end

  def run_host(ip)
@ -52,7 +56,9 @@ class MetasploitModule < Msf::Auxiliary
    vprint_good("Application appears to be Cisco SSL VPN. Module will continue.")

    groups = Set.new
-    if datastore['GROUP'].empty?
+    if datastore['EmptyGroup'] == true
+      groups << ""
+    elsif datastore['GROUP'].empty?
      vprint_status("Attempt to Enumerate VPN Groups...")
      groups = enumerate_vpn_groups

@ -67,7 +73,6 @@ class MetasploitModule < Msf::Auxiliary
    else
      groups << datastore['GROUP']
    end
-    groups << ""

    vprint_status("Starting login brute force...")
    groups.each do |group|