cleaned up a bit.
git-svn-id: file:///home/svn/framework3/trunk@7714 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
b731291878
commit
8ada83595d
|
@ -8,12 +8,13 @@
|
||||||
require 'msf/core'
|
require 'msf/core'
|
||||||
|
|
||||||
class Metasploit3 < Msf::Auxiliary
|
class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
include Msf::Auxiliary::Report
|
include Msf::Auxiliary::Report
|
||||||
include Msf::Exploit::ORACLE
|
include Msf::Exploit::ORACLE
|
||||||
|
|
||||||
def initialize(info = {})
|
def initialize(info = {})
|
||||||
super(update_info(info,
|
super(update_info(info,
|
||||||
'Name' => 'Simple Oracle Database Enumeration.',
|
'Name' => 'Oracle Database Enumeration',
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
This module provides a simple way to scan an Oracle database server
|
This module provides a simple way to scan an Oracle database server
|
||||||
for configuration parameters that may be useful during a penetration
|
for configuration parameters that may be useful during a penetration
|
||||||
|
@ -27,7 +28,6 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
def run
|
def run
|
||||||
begin
|
begin
|
||||||
#Get all values from v$parameter
|
#Get all values from v$parameter
|
||||||
|
@ -38,7 +38,6 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
name,value = l.split(",")
|
name,value = l.split(",")
|
||||||
vparm["#{name}"] = value
|
vparm["#{name}"] = value
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
print_status("Running Oracle Enumeration....")
|
print_status("Running Oracle Enumeration....")
|
||||||
|
@ -90,7 +89,6 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
report_note(:host => datastore['RHOST'], :proto => 'TNS', :port => datastore['RPORT'], :type => 'ORA_ENUM', :data => "SQL92: Enabled")
|
report_note(:host => datastore['RHOST'], :proto => 'TNS', :port => datastore['RPORT'], :type => 'ORA_ENUM', :data => "SQL92: Enabled")
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
# check for encryption of logins on version before 10g
|
# check for encryption of logins on version before 10g
|
||||||
|
|
||||||
if majorrel.join.to_i < 10
|
if majorrel.join.to_i < 10
|
||||||
|
@ -128,7 +126,6 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
if e.to_s =~ /ORA-00942: table or view does not exist/
|
if e.to_s =~ /ORA-00942: table or view does not exist/
|
||||||
print_error("It appears you do not have sufficient rights to perform the check")
|
print_error("It appears you do not have sufficient rights to perform the check")
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
begin
|
begin
|
||||||
|
@ -146,7 +143,6 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
if e.to_s =~ /ORA-00942: table or view does not exist/
|
if e.to_s =~ /ORA-00942: table or view does not exist/
|
||||||
print_error("It appears you do not have sufficient rights to perform the check")
|
print_error("It appears you do not have sufficient rights to perform the check")
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
begin
|
begin
|
||||||
|
@ -164,7 +160,6 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
if e.to_s =~ /ORA-00942: table or view does not exist/
|
if e.to_s =~ /ORA-00942: table or view does not exist/
|
||||||
print_error("It appears you do not have sufficient rights to perform the check")
|
print_error("It appears you do not have sufficient rights to perform the check")
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
begin
|
begin
|
||||||
|
@ -182,8 +177,8 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
if e.to_s =~ /ORA-00942: table or view does not exist/
|
if e.to_s =~ /ORA-00942: table or view does not exist/
|
||||||
print_error("It appears you do not have sufficient rights to perform the check")
|
print_error("It appears you do not have sufficient rights to perform the check")
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
begin
|
begin
|
||||||
query = %Q|
|
query = %Q|
|
||||||
SELECT limit
|
SELECT limit
|
||||||
|
@ -199,8 +194,8 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
if e.to_s =~ /ORA-00942: table or view does not exist/
|
if e.to_s =~ /ORA-00942: table or view does not exist/
|
||||||
print_error("It appears you do not have sufficient rights to perform the check")
|
print_error("It appears you do not have sufficient rights to perform the check")
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
begin
|
begin
|
||||||
query = %Q|
|
query = %Q|
|
||||||
SELECT limit
|
SELECT limit
|
||||||
|
@ -217,8 +212,8 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
if e.to_s =~ /ORA-00942: table or view does not exist/
|
if e.to_s =~ /ORA-00942: table or view does not exist/
|
||||||
print_error("It appears you do not have sufficient rights to perform the check")
|
print_error("It appears you do not have sufficient rights to perform the check")
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
begin
|
begin
|
||||||
query = %Q|
|
query = %Q|
|
||||||
SELECT limit
|
SELECT limit
|
||||||
|
@ -239,7 +234,6 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
if e.to_s =~ /ORA-00942: table or view does not exist/
|
if e.to_s =~ /ORA-00942: table or view does not exist/
|
||||||
print_error("It appears you do not have sufficient rights to perform the check")
|
print_error("It appears you do not have sufficient rights to perform the check")
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
#-------------------------------------------------------
|
#-------------------------------------------------------
|
||||||
|
|
Loading…
Reference in New Issue