Modate update on using metasploit-credential
Update some more modules to usethe new cred API. Also, make sure to always provide proof because that seems handy.bug/bundler_fix
parent
91fc213ddf
commit
8bead5fde2
|
@ -91,6 +91,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -122,7 +123,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
print_good("#{target_url} - Apache Axis - Credentials Found Username: '#{username}' - Password: '#{password}'")
|
print_good("#{target_url} - Apache Axis - Credentials Found Username: '#{username}' - Password: '#{password}'")
|
||||||
|
|
||||||
report_cred(ip: rhost, port: rport, user: username, password: password)
|
report_cred(ip: rhost, port: rport, user: username, password: password, proof: res.body)
|
||||||
|
|
||||||
else
|
else
|
||||||
print_error("#{target_url} - Apache Axis - Not Vulnerable")
|
print_error("#{target_url} - Apache Axis - Not Vulnerable")
|
||||||
|
|
|
@ -109,6 +109,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -139,7 +140,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
print_good("#{peer} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
print_good("#{peer} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
||||||
|
|
||||||
report_cred(ip: rhost, port: rport, user: user, password: pass)
|
report_cred(ip: rhost, port: rport, user: user, password: pass, proof: res.body)
|
||||||
return :next_user
|
return :next_user
|
||||||
|
|
||||||
else
|
else
|
||||||
|
|
|
@ -135,6 +135,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -164,7 +165,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
if res and res.get_cookies.include?('authenticated=')
|
if res and res.get_cookies.include?('authenticated=')
|
||||||
print_good("#{rhost}:#{rport} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
print_good("#{rhost}:#{rport} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
||||||
|
|
||||||
report_cred(ip: rhost, port: rport, user: user, password: pass)
|
report_cred(ip: rhost, port: rport, user: user, password: pass, proof: res.get_cookies.inspect)
|
||||||
return :next_user
|
return :next_user
|
||||||
|
|
||||||
else
|
else
|
||||||
|
|
|
@ -178,6 +178,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -224,7 +225,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
do_logout(resp.get_cookies)
|
do_logout(resp.get_cookies)
|
||||||
|
|
||||||
report_cred(ip: rhost, port: rport, user: user, password: pass)
|
report_cred(ip: rhost, port: rport, user: user, password: pass, proof: res.body)
|
||||||
report_note(ip: rhost, type: 'cisco.cred.group', data: "User: #{user} / Group: #{group}")
|
report_note(ip: rhost, type: 'cisco.cred.group', data: "User: #{user} / Group: #{group}")
|
||||||
return :next_user
|
return :next_user
|
||||||
|
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
|
||||||
##
|
##
|
||||||
# This module requires Metasploit: http://metasploit.com/download
|
# This module requires Metasploit: http://metasploit.com/download
|
||||||
# Current source: https://github.com/rapid7/metasploit-framework
|
# Current source: https://github.com/rapid7/metasploit-framework
|
||||||
|
@ -103,6 +104,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -117,7 +119,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
if result == :success
|
if result == :success
|
||||||
print_good("#{target_url} - Successful login '#{user}' : '#{pass}'")
|
print_good("#{target_url} - Successful login '#{user}' : '#{pass}'")
|
||||||
report_cred(ip: rhost, port: rport, user: user, password: pass)
|
report_cred(ip: rhost, port: rport, user: user, password: pass, proof: response.inspect)
|
||||||
|
|
||||||
return :next_user
|
return :next_user
|
||||||
else
|
else
|
||||||
|
|
|
@ -101,7 +101,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
if result == :success
|
if result == :success
|
||||||
print_good("#{target_url} - Successful login '#{user}' : '#{pass}'")
|
print_good("#{target_url} - Successful login '#{user}' : '#{pass}'")
|
||||||
|
|
||||||
report_cred(ip: rhost, port: rport, user: user, password: pass)
|
report_cred(ip: rhost, port: rport, user: user, password: pass, proof: response.inspect)
|
||||||
|
|
||||||
return :next_user
|
return :next_user
|
||||||
else
|
else
|
||||||
|
@ -131,6 +131,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
|
|
@ -104,6 +104,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -119,7 +120,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
if result == :success
|
if result == :success
|
||||||
print_good("#{target_url} - Successful login '#{user}' : '#{pass}'")
|
print_good("#{target_url} - Successful login '#{user}' : '#{pass}'")
|
||||||
|
|
||||||
report_cred(ip: rhost, port: rport, user: user, password: pass)
|
report_cred(ip: rhost, port: rport, user: user, password: pass, proof: response.inspect)
|
||||||
|
|
||||||
return :next_user
|
return :next_user
|
||||||
else
|
else
|
||||||
|
|
|
@ -77,6 +77,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -125,7 +126,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
location = res.headers['Location']
|
location = res.headers['Location']
|
||||||
if res and res.headers and (location = res.headers['Location']) and location =~ /admin\//
|
if res and res.headers and (location = res.headers['Location']) and location =~ /admin\//
|
||||||
print_good("#{peer} - Successful login: \"#{user}:#{pass}\"")
|
print_good("#{peer} - Successful login: \"#{user}:#{pass}\"")
|
||||||
report_cred(ip: rhost, port: rport, user: user, password: pass)
|
report_cred(ip: rhost, port: rport, user: user, password: pass, proof: res.headers['Location'])
|
||||||
return :next_user
|
return :next_user
|
||||||
else
|
else
|
||||||
vprint_error("#{peer} - Bad login: \"#{user}:#{pass}\"")
|
vprint_error("#{peer} - Bad login: \"#{user}:#{pass}\"")
|
||||||
|
|
|
@ -81,6 +81,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
login_data = {
|
login_data = {
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -129,7 +130,8 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
report_cred(
|
report_cred(
|
||||||
ip: Rex::Socket.getaddress(datastore['RHOST']),
|
ip: Rex::Socket.getaddress(datastore['RHOST']),
|
||||||
port: datastore['RPORT'],
|
port: datastore['RPORT'],
|
||||||
user: user
|
user: user,
|
||||||
|
proof: base_uri+l
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -145,6 +145,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -167,7 +168,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
if (res and res.code == 200 and res.body.to_s.match(/LoginSuceededPanel/i) != nil)
|
if (res and res.code == 200 and res.body.to_s.match(/LoginSuceededPanel/i) != nil)
|
||||||
print_good("#{target_url} [Ektron CMS400.NET] Successful login: '#{user}' : '#{pass}'")
|
print_good("#{target_url} [Ektron CMS400.NET] Successful login: '#{user}' : '#{pass}'")
|
||||||
report_cred(ip: rhost, port: rport, user: user, password: pass)
|
report_cred(ip: rhost, port: rport, user: user, password: pass, proof: res.body)
|
||||||
|
|
||||||
elsif(res and res.code == 200)
|
elsif(res and res.code == 200)
|
||||||
vprint_error("#{target_url} [Ekton CMS400.NET] - Failed login as: '#{user}'")
|
vprint_error("#{target_url} [Ekton CMS400.NET] - Failed login as: '#{user}'")
|
||||||
|
|
|
@ -87,6 +87,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -113,7 +114,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
if res && res.code == 200 && res.body.include?("Home Page") && res.headers['Server'] && res.headers['Server'].include?("EtherPAD")
|
if res && res.code == 200 && res.body.include?("Home Page") && res.headers['Server'] && res.headers['Server'].include?("EtherPAD")
|
||||||
print_good("#{peer} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
print_good("#{peer} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
||||||
report_cred(ip: rhost, port: rport, user: user, password: pass)
|
report_cred(ip: rhost, port: rport, user: user, password: pass, proof: res.body)
|
||||||
return :next_user
|
return :next_user
|
||||||
else
|
else
|
||||||
vprint_error("#{peer} - FAILED LOGIN - #{user.inspect}:#{pass.inspect}")
|
vprint_error("#{peer} - FAILED LOGIN - #{user.inspect}:#{pass.inspect}")
|
||||||
|
|
|
@ -100,6 +100,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -126,7 +127,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
vprint_error("#{rhost}:#{rport} - FAILED LOGIN - #{user.inspect}:#{pass.inspect} with code #{res.code}")
|
vprint_error("#{rhost}:#{rport} - FAILED LOGIN - #{user.inspect}:#{pass.inspect} with code #{res.code}")
|
||||||
else
|
else
|
||||||
print_good("#{rhost}:#{rport} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
print_good("#{rhost}:#{rport} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
||||||
report_cred(ip: rhost, port: rport, user: user, password: pass)
|
report_cred(ip: rhost, port: rport, user: user, password: pass, proof: res.body)
|
||||||
return :next_user
|
return :next_user
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -130,6 +130,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -142,7 +143,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
if result == :success
|
if result == :success
|
||||||
print_good("#{target_url} - Successful login '#{user}' : '#{pass}'")
|
print_good("#{target_url} - Successful login '#{user}' : '#{pass}'")
|
||||||
report_cred(ip: rhost, port: rport, user: user, password: pass)
|
report_cred(ip: rhost, port: rport, user: user, password: pass, proof: response.inspect)
|
||||||
return :abort if datastore['STOP_ON_SUCCESS']
|
return :abort if datastore['STOP_ON_SUCCESS']
|
||||||
return :next_user
|
return :next_user
|
||||||
else
|
else
|
||||||
|
|
|
@ -97,6 +97,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
login_data = {
|
login_data = {
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -122,7 +123,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
print_good("Got creds. Login:#{user} Password:#{pass}")
|
print_good("Got creds. Login:#{user} Password:#{pass}")
|
||||||
print_good("Access the admin interface here: #{ip}:#{rport}#{target_uri.path}dashboard/")
|
print_good("Access the admin interface here: #{ip}:#{rport}#{target_uri.path}dashboard/")
|
||||||
|
|
||||||
report_cred(ip: ip, port: rport, user: user, password: pass)
|
report_cred(ip: ip, port: rport, user: user, password: pass, proof: res.body)
|
||||||
else
|
else
|
||||||
print_error("Zenworks MDM does not appear to be running at #{ip}")
|
print_error("Zenworks MDM does not appear to be running at #{ip}")
|
||||||
return :abort
|
return :abort
|
||||||
|
|
|
@ -70,6 +70,33 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def report_cred(opts)
|
||||||
|
service_data = {
|
||||||
|
address: opts[:ip],
|
||||||
|
port: opts[:port],
|
||||||
|
service_name: opts[:service_name],
|
||||||
|
protocol: 'tcp',
|
||||||
|
workspace_id: myworkspace_id
|
||||||
|
}
|
||||||
|
|
||||||
|
credential_data = {
|
||||||
|
origin_type: :service,
|
||||||
|
module_fullname: fullname,
|
||||||
|
username: opts[:user],
|
||||||
|
private_data: opts[:password],
|
||||||
|
private_type: :password
|
||||||
|
}.merge(service_data)
|
||||||
|
|
||||||
|
login_data = {
|
||||||
|
last_attempted_at: Time.now,
|
||||||
|
core: create_credential(credential_data),
|
||||||
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
|
}.merge(service_data)
|
||||||
|
|
||||||
|
create_credential_login(login_data)
|
||||||
|
end
|
||||||
|
|
||||||
#
|
#
|
||||||
# Brute-force the login page
|
# Brute-force the login page
|
||||||
#
|
#
|
||||||
|
@ -96,16 +123,14 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
if (res and res.code == 200 and res.body.include?("/iPages/suntab.asp") and res.body.include?("SetWebSessionString"))
|
if (res and res.code == 200 and res.body.include?("/iPages/suntab.asp") and res.body.include?("SetWebSessionString"))
|
||||||
print_good("#{peer} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
print_good("#{peer} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
||||||
report_hash = {
|
report_cred(
|
||||||
:host => rhost,
|
ip: rhost,
|
||||||
:port => rport,
|
port: rport,
|
||||||
:sname => 'Oracle Integrated Lights Out Manager Portal',
|
service_name: 'Oracle Integrated Lights Out Manager Portal',
|
||||||
:user => user,
|
user: user,
|
||||||
:pass => pass,
|
password: pass,
|
||||||
:active => true,
|
proof: res.body
|
||||||
:type => 'password'
|
)
|
||||||
}
|
|
||||||
report_auth_info(report_hash)
|
|
||||||
return :next_user
|
return :next_user
|
||||||
else
|
else
|
||||||
vprint_error("#{peer} - FAILED LOGIN - #{user.inspect}:#{pass.inspect}")
|
vprint_error("#{peer} - FAILED LOGIN - #{user.inspect}:#{pass.inspect}")
|
||||||
|
|
|
@ -63,6 +63,33 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def report_cred(opts)
|
||||||
|
service_data = {
|
||||||
|
address: opts[:ip],
|
||||||
|
port: opts[:port],
|
||||||
|
service_name: opts[:service_name],
|
||||||
|
protocol: 'tcp',
|
||||||
|
workspace_id: myworkspace_id
|
||||||
|
}
|
||||||
|
|
||||||
|
credential_data = {
|
||||||
|
origin_type: :service,
|
||||||
|
module_fullname: fullname,
|
||||||
|
username: opts[:user],
|
||||||
|
private_data: opts[:password],
|
||||||
|
private_type: :password
|
||||||
|
}.merge(service_data)
|
||||||
|
|
||||||
|
login_data = {
|
||||||
|
last_attempted_time: Time.now,
|
||||||
|
core: create_credential(credential_data),
|
||||||
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
|
}.merge(service_data)
|
||||||
|
|
||||||
|
create_credential_login(login_data)
|
||||||
|
end
|
||||||
|
|
||||||
#
|
#
|
||||||
# Brute-force the login page
|
# Brute-force the login page
|
||||||
#
|
#
|
||||||
|
@ -86,16 +113,14 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
if (res && res.code == 200 && res.body.include?("Home Page") && res.headers['Server'] && res.headers['Server'].include?("Smeagol"))
|
if (res && res.code == 200 && res.body.include?("Home Page") && res.headers['Server'] && res.headers['Server'].include?("Smeagol"))
|
||||||
print_good("#{peer} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
print_good("#{peer} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
||||||
report_hash = {
|
report_cred(
|
||||||
:host => rhost,
|
ip: rhost,
|
||||||
:port => rport,
|
port: rport,
|
||||||
:sname => 'PocketPAD Portal',
|
service_name: 'PocketPAD Portal',
|
||||||
:user => user,
|
user: user,
|
||||||
:pass => pass,
|
password: pass,
|
||||||
:active => true,
|
proof: res.body
|
||||||
:type => 'password'
|
)
|
||||||
}
|
|
||||||
report_auth_info(report_hash)
|
|
||||||
return :next_user
|
return :next_user
|
||||||
else
|
else
|
||||||
vprint_error("#{peer} - FAILED LOGIN - #{user.inspect}:#{pass.inspect}")
|
vprint_error("#{peer} - FAILED LOGIN - #{user.inspect}:#{pass.inspect}")
|
||||||
|
|
|
@ -76,6 +76,32 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def report_cred(opts)
|
||||||
|
service_data = {
|
||||||
|
address: opts[:ip],
|
||||||
|
port: opts[:port],
|
||||||
|
service_name: opts[:service_name],
|
||||||
|
protocol: 'tcp',
|
||||||
|
workspace_id: myworkspace_id
|
||||||
|
}
|
||||||
|
|
||||||
|
credential_data = {
|
||||||
|
origin_type: :service,
|
||||||
|
module_fullname: fullname,
|
||||||
|
username: opts[:user],
|
||||||
|
private_data: opts[:password],
|
||||||
|
private_type: :password
|
||||||
|
}.merge(service_data)
|
||||||
|
|
||||||
|
login_data = {
|
||||||
|
core: create_credential(credential_data),
|
||||||
|
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||||
|
proof: opts[:proof]
|
||||||
|
}.merge(service_data)
|
||||||
|
|
||||||
|
create_credential_login(login_data)
|
||||||
|
end
|
||||||
|
|
||||||
#
|
#
|
||||||
# Brute-force the login page
|
# Brute-force the login page
|
||||||
#
|
#
|
||||||
|
@ -96,16 +122,14 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
if (res and res.code == 302 and res.headers['Location'].include?('redirectId'))
|
if (res and res.code == 302 and res.headers['Location'].include?('redirectId'))
|
||||||
print_good("#{peer} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
print_good("#{peer} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
||||||
report_hash = {
|
report_cred(
|
||||||
:host => rhost,
|
ip: rhost,
|
||||||
:port => rport,
|
port: rport,
|
||||||
:sname => 'Radware AppDirector',
|
service_name: 'Radware AppDirector',
|
||||||
:user => user,
|
user: user,
|
||||||
:pass => pass,
|
password: pass,
|
||||||
:active => true,
|
proof: res.headers['Location']
|
||||||
:type => 'password'
|
)
|
||||||
}
|
|
||||||
report_auth_info(report_hash)
|
|
||||||
return :next_user
|
return :next_user
|
||||||
else
|
else
|
||||||
vprint_error("#{peer} - FAILED LOGIN - #{user.inspect}:#{pass.inspect}")
|
vprint_error("#{peer} - FAILED LOGIN - #{user.inspect}:#{pass.inspect}")
|
||||||
|
|
|
@ -128,16 +128,14 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
collect_info(user, pass)
|
collect_info(user, pass)
|
||||||
|
|
||||||
report_hash = {
|
report_cred(
|
||||||
:host => rhost,
|
ip: rhost,
|
||||||
:port => rport,
|
port: rport,
|
||||||
:sname => 'RFCode Reader',
|
service_name: 'RFCode Reader',
|
||||||
:user => user,
|
user: user,
|
||||||
:pass => pass,
|
password: pass,
|
||||||
:active => true,
|
proof: res.code.to_s
|
||||||
:type => 'password'}
|
)
|
||||||
|
|
||||||
report_auth_info(report_hash)
|
|
||||||
return :next_user
|
return :next_user
|
||||||
end
|
end
|
||||||
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout, ::Rex::ConnectionError, ::Errno::EPIPE
|
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout, ::Rex::ConnectionError, ::Errno::EPIPE
|
||||||
|
@ -146,6 +144,33 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def report_cred(opts)
|
||||||
|
service_data = {
|
||||||
|
address: opts[:ip],
|
||||||
|
port: opts[:port],
|
||||||
|
service_name: opts[:service_name],
|
||||||
|
protocol: 'tcp',
|
||||||
|
workspace_id: myworkspace_id
|
||||||
|
}
|
||||||
|
|
||||||
|
credential_data = {
|
||||||
|
origin_type: :service,
|
||||||
|
module_fullname: fullname,
|
||||||
|
username: opts[:user],
|
||||||
|
private_data: opts[:password],
|
||||||
|
private_type: :password
|
||||||
|
}.merge(service_data)
|
||||||
|
|
||||||
|
login_data = {
|
||||||
|
last_attempted_at: Time.now,
|
||||||
|
core: create_credential(credential_data),
|
||||||
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
|
}.merge(service_data)
|
||||||
|
|
||||||
|
create_credential_login(login_data)
|
||||||
|
end
|
||||||
|
|
||||||
#
|
#
|
||||||
# Collect target info
|
# Collect target info
|
||||||
#
|
#
|
||||||
|
|
|
@ -50,6 +50,30 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def report_cred(opts)
|
||||||
|
service_data = {
|
||||||
|
address: opts[:ip],
|
||||||
|
port: opts[:port],
|
||||||
|
service_name: opts[:service_name],
|
||||||
|
protocol: 'tcp',
|
||||||
|
workspace_id: myworkspace_id
|
||||||
|
}
|
||||||
|
|
||||||
|
credential_data = {
|
||||||
|
origin_type: :service,
|
||||||
|
module_fullname: fullname,
|
||||||
|
username: opts[:user],
|
||||||
|
}.merge(service_data)
|
||||||
|
|
||||||
|
login_data = {
|
||||||
|
core: create_credential(credential_data),
|
||||||
|
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||||
|
proof: opts[:proof]
|
||||||
|
}.merge(service_data)
|
||||||
|
|
||||||
|
create_credential_login(login_data)
|
||||||
|
end
|
||||||
|
|
||||||
def enum_user(user='administrator', pass='pass')
|
def enum_user(user='administrator', pass='pass')
|
||||||
vprint_status("#{rhost}:#{rport} - Trying username:'#{user}' password:'#{pass}'")
|
vprint_status("#{rhost}:#{rport} - Trying username:'#{user}' password:'#{pass}'")
|
||||||
success = false
|
success = false
|
||||||
|
@ -89,14 +113,12 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
if success
|
if success
|
||||||
print_good("#{rhost}:#{rport} - Successful login '#{user}' : '#{pass}'")
|
print_good("#{rhost}:#{rport} - Successful login '#{user}' : '#{pass}'")
|
||||||
report_auth_info(
|
report_cred(
|
||||||
:host => rhost,
|
ip: rhost,
|
||||||
:proto => 'tcp',
|
port: rport,
|
||||||
:sname => 'sap-businessobjects',
|
service_name: 'sap-businessobjects',
|
||||||
:user => user,
|
user: user,
|
||||||
:pass => pass,
|
proof: res.body
|
||||||
:target_host => rhost,
|
|
||||||
:target_port => rport
|
|
||||||
)
|
)
|
||||||
return :next_user
|
return :next_user
|
||||||
else
|
else
|
||||||
|
|
|
@ -148,6 +148,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -190,7 +191,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
end
|
end
|
||||||
|
|
||||||
print_good("SUCCESSFUL LOGIN. '#{user}' : '#{pass}'")
|
print_good("SUCCESSFUL LOGIN. '#{user}' : '#{pass}'")
|
||||||
report_cred(ip: datastore['RHOST'], port: datastore['RPORT'], user:user, password: pass)
|
report_cred(ip: datastore['RHOST'], port: datastore['RPORT'], user:user, password: pass, proof: res.code.to_s)
|
||||||
|
|
||||||
|
|
||||||
return :next_user
|
return :next_user
|
||||||
|
|
|
@ -71,6 +71,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -119,7 +120,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
vprint_status("#{peer} - Username found: #{user}")
|
vprint_status("#{peer} - Username found: #{user}")
|
||||||
when /\<a href="process\.php\?logout=1"\>/
|
when /\<a href="process\.php\?logout=1"\>/
|
||||||
print_good("#{peer} - Successful login: \"#{user}:#{pass}\"")
|
print_good("#{peer} - Successful login: \"#{user}:#{pass}\"")
|
||||||
report_cred(ip: rhost, port: rport, user:user, password: pass)
|
report_cred(ip: rhost, port: rport, user:user, password: pass, proof: res.body)
|
||||||
return :next_user
|
return :next_user
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -151,6 +151,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -205,7 +206,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
# Report valid credentials under the CCTV DVR admin port (5920/TCP).
|
# Report valid credentials under the CCTV DVR admin port (5920/TCP).
|
||||||
# This is a proprietary protocol.
|
# This is a proprietary protocol.
|
||||||
report_cred(ip: rhost, port: rport, user:user, password: pass)
|
report_cred(ip: rhost, port: rport, user:user, password: pass, proof: res.inspect)
|
||||||
|
|
||||||
@valid_hosts << rhost
|
@valid_hosts << rhost
|
||||||
return :next_user
|
return :next_user
|
||||||
|
|
|
@ -79,6 +79,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -95,7 +96,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
mac = banner_santized.match(/((?:[0-9a-f]{2}[-]){5}[0-9a-f]{2})/i)[0]
|
mac = banner_santized.match(/((?:[0-9a-f]{2}[-]){5}[0-9a-f]{2})/i)[0]
|
||||||
password = mac_to_password(mac)
|
password = mac_to_password(mac)
|
||||||
info = get_info(banner_santized)
|
info = get_info(banner_santized)
|
||||||
report_cred(ip: rhost, port: rport, user:'factory', password: password)
|
report_cred(ip: rhost, port: rport, user:'factory', password: password, proof: banner_santized)
|
||||||
break
|
break
|
||||||
else
|
else
|
||||||
print_status("It doesn't seem to be a RuggedCom service.")
|
print_status("It doesn't seem to be a RuggedCom service.")
|
||||||
|
|
|
@ -58,6 +58,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -70,7 +71,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
case result
|
case result
|
||||||
when :success
|
when :success
|
||||||
print_good "#{rhost}:#{rport} - Successful Login! (#{user}:#{pass})"
|
print_good "#{rhost}:#{rport} - Successful Login! (#{user}:#{pass})"
|
||||||
report_cred(ip: rhost, port: rport, user: user, password: pass)
|
report_cred(ip: rhost, port: rport, user: user, password: pass, proof: result)
|
||||||
return if datastore['STOP_ON_SUCCESS']
|
return if datastore['STOP_ON_SUCCESS']
|
||||||
when :fail
|
when :fail
|
||||||
print_error "#{rhost}:#{rport} - Login Failure (#{user}:#{pass})"
|
print_error "#{rhost}:#{rport} - Login Failure (#{user}:#{pass})"
|
||||||
|
|
|
@ -72,6 +72,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
last_attempted_at: DateTime.now,
|
last_attempted_at: DateTime.now,
|
||||||
core: create_credential(credential_data),
|
core: create_credential(credential_data),
|
||||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||||
|
proof: opts[:proof]
|
||||||
}.merge(service_data)
|
}.merge(service_data)
|
||||||
|
|
||||||
create_credential_login(login_data)
|
create_credential_login(login_data)
|
||||||
|
@ -117,7 +118,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
send_manager(cmd)
|
send_manager(cmd)
|
||||||
if /Response: Success/.match(@result)
|
if /Response: Success/.match(@result)
|
||||||
print_good("User: \"#{user}\" using pass: \"#{pass}\" - can login on #{rhost}:#{rport}!")
|
print_good("User: \"#{user}\" using pass: \"#{pass}\" - can login on #{rhost}:#{rport}!")
|
||||||
report_cred(ip: rhost, port: rport, user: user, password: pass)
|
report_cred(ip: rhost, port: rport, user: user, password: pass, proof: @result)
|
||||||
disconnect
|
disconnect
|
||||||
return :next_user
|
return :next_user
|
||||||
else
|
else
|
||||||
|
|
|
@ -26,102 +26,102 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
def test_novell_mdm_creds
|
def test_novell_mdm_creds
|
||||||
mod = framework.auxiliary.create('scanner/http/novell_mdm_creds')
|
mod = framework.auxiliary.create('scanner/http/novell_mdm_creds')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_joomla_bruteforce_login
|
def test_joomla_bruteforce_login
|
||||||
mod = framework.auxiliary.create('scanner/http/joomla_bruteforce_login')
|
mod = framework.auxiliary.create('scanner/http/joomla_bruteforce_login')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_infovista_enum
|
def test_infovista_enum
|
||||||
mod = framework.auxiliary.create('scanner/http/infovista_enum')
|
mod = framework.auxiliary.create('scanner/http/infovista_enum')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_etherpad_duo_login
|
def test_etherpad_duo_login
|
||||||
mod = framework.auxiliary.create('scanner/http/etherpad_duo_login')
|
mod = framework.auxiliary.create('scanner/http/etherpad_duo_login')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_ektron_cms400net
|
def test_ektron_cms400net
|
||||||
mod = framework.auxiliary.create('scanner/http/ektron_cms400net')
|
mod = framework.auxiliary.create('scanner/http/ektron_cms400net')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_drupal_views_user_enum
|
def test_drupal_views_user_enum
|
||||||
mod = framework.auxiliary.create('scanner/http/drupal_views_user_enum')
|
mod = framework.auxiliary.create('scanner/http/drupal_views_user_enum')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_dolibarr_login
|
def test_dolibarr_login
|
||||||
mod = framework.auxiliary.create('scanner/http/dolibarr_login')
|
mod = framework.auxiliary.create('scanner/http/dolibarr_login')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_dlink_dir_session_cgi_http_login
|
def test_dlink_dir_session_cgi_http_login
|
||||||
mod = framework.auxiliary.create('scanner/http/dlink_dir_session_cgi_http_login')
|
mod = framework.auxiliary.create('scanner/http/dlink_dir_session_cgi_http_login')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_dlink_dir_615h_http_login
|
def test_dlink_dir_615h_http_login
|
||||||
mod = framework.auxiliary.create('scanner/http/dlink_dir_615h_http_login')
|
mod = framework.auxiliary.create('scanner/http/dlink_dir_615h_http_login')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_dlink_dir_300_615_http_login
|
def test_dlink_dir_300_615_http_login
|
||||||
mod = framework.auxiliary.create('scanner/http/dlink_dir_300_615_http_login')
|
mod = framework.auxiliary.create('scanner/http/dlink_dir_300_615_http_login')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_cisco_ssl_vpn
|
def test_cisco_ssl_vpn
|
||||||
mod = framework.auxiliary.create('scanner/http/cisco_ssl_vpn')
|
mod = framework.auxiliary.create('scanner/http/cisco_ssl_vpn')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_cisco_ironport_enum
|
def test_cisco_ironport_enum
|
||||||
mod = framework.auxiliary.create('scanner/http/cisco_ironport_enum')
|
mod = framework.auxiliary.create('scanner/http/cisco_ironport_enum')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_cisco_asa_asdm
|
def test_cisco_asa_asdm
|
||||||
mod = framework.auxiliary.create('scanner/http/cisco_asa_asdm')
|
mod = framework.auxiliary.create('scanner/http/cisco_asa_asdm')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_axis_local_file_include
|
def test_axis_local_file_include
|
||||||
mod = framework.auxiliary.create('scanner/http/axis_local_file_include')
|
mod = framework.auxiliary.create('scanner/http/axis_local_file_include')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_splunk_web_login
|
def test_splunk_web_login
|
||||||
mod = framework.auxiliary.create('scanner/http/splunk_web_login')
|
mod = framework.auxiliary.create('scanner/http/splunk_web_login')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_cctv_dvr_login
|
def test_cctv_dvr_login
|
||||||
mod = framework.auxiliary.create('scanner/misc/cctv_dvr_login')
|
mod = framework.auxiliary.create('scanner/misc/cctv_dvr_login')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_http_vcms_login
|
def test_http_vcms_login
|
||||||
mod = framework.auxiliary.create('scanner/http/vcms_login')
|
mod = framework.auxiliary.create('scanner/http/vcms_login')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_telnet_ruggedcom
|
def test_telnet_ruggedcom
|
||||||
mod = framework.auxiliary.create('scanner/telnet/telnet_ruggedcom')
|
mod = framework.auxiliary.create('scanner/telnet/telnet_ruggedcom')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: 'factory', password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: 'factory', password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_vmware_http_login
|
def test_vmware_http_login
|
||||||
mod = framework.auxiliary.create('scanner/vmware/vmware_http_login')
|
mod = framework.auxiliary.create('scanner/vmware/vmware_http_login')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_asterisk_login
|
def test_asterisk_login
|
||||||
mod = framework.auxiliary.create('voip/asterisk_login')
|
mod = framework.auxiliary.create('voip/asterisk_login')
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_hp_imc_som_create_account
|
def test_hp_imc_som_create_account
|
||||||
|
@ -299,6 +299,31 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'sap-businessobjects', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'sap-businessobjects', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def test_sap_businessobjects_user_brute
|
||||||
|
mod = framework.auxiliary.create('scanner/http/sap_businessobjects_user_brute')
|
||||||
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'sap-businessobjects', user: FAKE_USER, proof: FAKE_PROOF)
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_rfcode_reader_enum
|
||||||
|
mod = framework.auxiliary.create('scanner/http/rfcode_reader_enum')
|
||||||
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'RFCode Reader', user: FAKE_USER, password:FAKE_PASS, proof: FAKE_PROOF)
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_radware_appdictor_enum
|
||||||
|
mod = framework.auxiliary.create('scanner/http/radware_appdirector_enum')
|
||||||
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'Radware AppDirector', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_pocketpad_login
|
||||||
|
mod = framework.auxiliary.create('scanner/http/pocketpad_login')
|
||||||
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'PocketPAD Portal', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_oracle_ilom_login
|
||||||
|
mod = framework.auxiliary.create('scanner/http/oracle_ilom_login')
|
||||||
|
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'Oracle Integrated Lights Out Manager Portal', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
|
||||||
|
end
|
||||||
|
|
||||||
def run
|
def run
|
||||||
self.methods.each do |m|
|
self.methods.each do |m|
|
||||||
next if m.to_s !~ /^test_.+/
|
next if m.to_s !~ /^test_.+/
|
||||||
|
|
Loading…
Reference in New Issue