Change writing style of symantec_web_gateway_login
parent
9549d572cc
commit
ac0e4e747a
|
@ -32,9 +32,9 @@ class Metasploit3 < Msf::Auxiliary
|
|||
end
|
||||
|
||||
|
||||
# Initializes CredentialCollection and SymantecWebGateway
|
||||
def init(ip)
|
||||
@cred_collection = Metasploit::Framework::CredentialCollection.new(
|
||||
def scanner(ip)
|
||||
@scanner ||= lambda {
|
||||
cred_collection = Metasploit::Framework::CredentialCollection.new(
|
||||
blank_passwords: datastore['BLANK_PASSWORDS'],
|
||||
pass_file: datastore['PASS_FILE'],
|
||||
password: datastore['PASSWORD'],
|
||||
|
@ -44,21 +44,20 @@ class Metasploit3 < Msf::Auxiliary
|
|||
user_as_pass: datastore['USER_AS_PASS']
|
||||
)
|
||||
|
||||
@scanner = Metasploit::Framework::LoginScanner::SymantecWebGateway.new(
|
||||
return Metasploit::Framework::LoginScanner::SymantecWebGateway.new(
|
||||
configure_http_login_scanner(
|
||||
host: ip,
|
||||
port: datastore['RPORT'],
|
||||
cred_details: @cred_collection,
|
||||
cred_details: cred_collection,
|
||||
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
||||
bruteforce_speed: datastore['BRUTEFORCE_SPEED'],
|
||||
connection_timeout: 5
|
||||
)
|
||||
)
|
||||
))
|
||||
}.call
|
||||
end
|
||||
|
||||
|
||||
# Reports a good login credential
|
||||
def do_report(ip, port, result)
|
||||
def report_good_cred(ip, port, result)
|
||||
service_data = {
|
||||
address: ip,
|
||||
port: port,
|
||||
|
@ -86,39 +85,34 @@ class Metasploit3 < Msf::Auxiliary
|
|||
end
|
||||
|
||||
|
||||
def report_bad_cred(ip, rport, result)
|
||||
invalidate_login(
|
||||
address: ip,
|
||||
port: rport,
|
||||
protocol: 'tcp',
|
||||
public: result.credential.public,
|
||||
private: result.credential.private,
|
||||
realm_key: result.credential.realm_key,
|
||||
realm_value: result.credential.realm,
|
||||
status: result.status,
|
||||
proof: result.proof
|
||||
)
|
||||
end
|
||||
|
||||
|
||||
# Attempts to login
|
||||
def bruteforce(ip)
|
||||
@scanner.scan! do |result|
|
||||
scanner(ip).scan! do |result|
|
||||
case result.status
|
||||
when Metasploit::Model::Login::Status::SUCCESSFUL
|
||||
print_brute :level => :good, :ip => ip, :msg => "Success: '#{result.credential}'"
|
||||
do_report(ip, rport, result)
|
||||
report_good_cred(ip, rport, result)
|
||||
when Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
|
||||
vprint_brute :level => :verror, :ip => ip, :msg => result.proof
|
||||
invalidate_login(
|
||||
address: ip,
|
||||
port: rport,
|
||||
protocol: 'tcp',
|
||||
public: result.credential.public,
|
||||
private: result.credential.private,
|
||||
realm_key: result.credential.realm_key,
|
||||
realm_value: result.credential.realm,
|
||||
status: result.status,
|
||||
proof: result.proof
|
||||
)
|
||||
report_bad_cred(ip, rport, result)
|
||||
when Metasploit::Model::Login::Status::INCORRECT
|
||||
vprint_brute :level => :verror, :ip => ip, :msg => "Failed: '#{result.credential}'"
|
||||
invalidate_login(
|
||||
address: ip,
|
||||
port: rport,
|
||||
protocol: 'tcp',
|
||||
public: result.credential.public,
|
||||
private: result.credential.private,
|
||||
realm_key: result.credential.realm_key,
|
||||
realm_value: result.credential.realm,
|
||||
status: result.status,
|
||||
proof: result.proof
|
||||
)
|
||||
report_bad_cred(ip, rport, result)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -126,8 +120,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
# Start here
|
||||
def run_host(ip)
|
||||
init(ip)
|
||||
unless @scanner.check_setup
|
||||
unless scanner(ip).check_setup
|
||||
print_brute :level => :error, :ip => ip, :msg => 'Target is not Symantec Web Gateway'
|
||||
return
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue