infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

apply reasonable defaults 

give each lgoinscanner the ability to select
reasonable defaults for certain attributes
bug/bundler_fix
David Maloney 2014-04-30 13:56:29 -05:00
parent ad264cb031
commit a08421b30f
No known key found for this signature in database
GPG Key ID: DEDBA9DC3A913DB2
7 changed files with 50 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/metasploit/framework/login_scanner/base.rb
View File

@ -73,6 +73,7 @@ module Metasploit
end
self.successes= []
self.failures=[]
set_sane_defaults
end
# This method runs all the login attempts against the target.
@ -129,6 +130,13 @@ module Metasploit
end
end
# This is a placeholder method. Each LoginScanner class
# will override this with any sane defaults specific to
# its own behaviour.
def set_sane_defaults
self.connection_timeout = 30 if self.connection_timeout.nil?
end
# This method validates that the credentials supplied
# are all valid.
# @return [void]

20
lib/metasploit/framework/login_scanner/ftp.rb
View File

@ -49,18 +49,6 @@ module Metasploit
greater_than_or_equal_to: 0
}
# @param attributes [Hash{Symbol => String,nil}]
def initialize(attributes={})
attributes.each do |attribute, value|
public_send("#{attribute}=", value)
end
self.successes= []
self.failures=[]
self.max_send_size = 0 if self.max_send_size.nil?
self.send_delay = 0 if self.send_delay.nil?
end
# This method attempts a single login with a single credential against the target
# @param credential [Credential] The credential object to attmpt to login with
# @return [Metasploit::Framework::LoginScanner::Result] The LoginScanner Result object
@ -107,6 +95,14 @@ module Metasploit
port
end
# This method sets the sane defaults for things
# like timeouts and TCP evasion options
def set_sane_defaults
self.max_send_size = 0 if self.max_send_size.nil?
self.send_delay = 0 if self.send_delay.nil?
self.ftp_timeout = 16 if self.ftp_timeout.nil?
end
end
end

42
lib/metasploit/framework/login_scanner/snmp.rb
View File

@ -27,7 +27,7 @@ module Metasploit
:Port => port,
:Community => credential.public,
:Version => version,
:Timeout => 1,
:Timeout => connection_timeout,
:Retries => 2,
:Transport => ::SNMP::RexUDPTransport,
:Socket => ::Rex::Socket::Udp.create
@ -51,22 +51,6 @@ module Metasploit
private
# This method takes an snmp client and tests whether
# it has read access to the remote system. It checks
# the sysDescr oid to use as proof
# @param snmp_client [SNMP::Manager] The SNMP client to use
# @return [String, nil] Returns a string if successful, nil if failed
def test_read_access(snmp_client)
proof = nil
begin
resp = snmp_client.get("sysDescr.0")
resp.each_varbind { |var| proof = var.value }
rescue RuntimeError
proof = nil
end
proof
end
# This method takes an snmp client and tests whether
# it has write access to the remote system. It sets the
# the sysDescr oid to the same value we already read.
@ -86,6 +70,30 @@ module Metasploit
end
# Sets the connection timeout approrpiately for SNMP
# if the user did not set it.
def set_sane_defaults
self.connection_timeout = 2 if self.connection_timeout.nil?
end
# This method takes an snmp client and tests whether
# it has read access to the remote system. It checks
# the sysDescr oid to use as proof
# @param snmp_client [SNMP::Manager] The SNMP client to use
# @return [String, nil] Returns a string if successful, nil if failed
def test_read_access(snmp_client)
proof = nil
begin
resp = snmp_client.get("sysDescr.0")
resp.each_varbind { |var| proof = var.value }
rescue RuntimeError
proof = nil
end
proof
end
end
end

5
spec/lib/metasploit/framework/login_scanner/ftp_spec.rb
View File

@ -222,9 +222,8 @@ describe Metasploit::Framework::LoginScanner::FTP do
context 'ftp_timeout' do
it 'is not valid for not set' do
expect(ftp_scanner).to_not be_valid
expect(ftp_scanner.errors[:ftp_timeout]).to include "is not a number"
it 'defaults to 16' do
expect(ftp_scanner.ftp_timeout).to eq 16
end
it 'is not valid for a non-number' do

5
spec/lib/metasploit/framework/login_scanner/snmp_spec.rb
View File

@ -162,9 +162,8 @@ describe Metasploit::Framework::LoginScanner::SNMP do
context 'connection_timeout' do
it 'is not valid for not set' do
expect(snmp_scanner).to_not be_valid
expect(snmp_scanner.errors[:connection_timeout]).to include "is not a number"
it 'defaults to 2' do
expect(snmp_scanner.connection_timeout).to eq 2
end
it 'is not valid for a non-number' do

5
spec/lib/metasploit/framework/login_scanner/ssh_key_spec.rb
View File

@ -163,9 +163,8 @@ describe Metasploit::Framework::LoginScanner::SSHKey do
context 'connection_timeout' do
it 'is not valid for not set' do
expect(ssh_scanner).to_not be_valid
expect(ssh_scanner.errors[:connection_timeout]).to include "is not a number"
it 'defaults to 30' do
expect(ssh_scanner.connection_timeout).to eq 30
end
it 'is not valid for a non-number' do

6
spec/lib/metasploit/framework/login_scanner/ssh_spec.rb
View File

@ -179,11 +179,11 @@ describe Metasploit::Framework::LoginScanner::SSH do
context 'connection_timeout' do
it 'is not valid for not set' do
expect(ssh_scanner).to_not be_valid
expect(ssh_scanner.errors[:connection_timeout]).to include "is not a number"
it 'defaults to 30' do
expect(ssh_scanner.connection_timeout).to eq 30
end
it 'is not valid for a non-number' do
ssh_scanner.connection_timeout = "a"
expect(ssh_scanner).to_not be_valid