infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #6950, avoid printing rhost:rport twice when using Msf::Exploit::Remote::SMB::Client

bug/bundler_fix 4.12.7
Brent Cook 2016-06-09 16:35:09 -05:00
parent 943b07f46f 199ae04b57
commit b0bf901b22
No known key found for this signature in database
GPG Key ID: 1FFAA0B24B708F96
16 changed files with 78 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/msf/core/auxiliary/auth_brute.rb
View File

@ -593,8 +593,7 @@ module Auxiliary::AuthBrute
old_msg = msg.to_s.strip
msg_regex = /(#{ip})(:#{port})?(\s*-?\s*)(#{proto.to_s})?(\s*-?\s*)(.*)/ni
if old_msg.match(msg_regex) and !old_msg.match(msg_regex)[6].to_s.strip.empty?
complete_message = [ip,port].join(":")
(complete_message << " ") if ip
complete_message = ''
complete_message << (old_msg.match(msg_regex)[4] || proto).to_s
complete_message << " - "
progress = tried_over_total(ip,port)
@ -604,8 +603,7 @@ module Auxiliary::AuthBrute
complete_message = msg.to_s.strip
end
else
complete_message = [ip,port].join(":")
(complete_message << " ") if ip
complete_message = ''
complete_message << "#{proto.to_s.strip} - " if proto
progress = tried_over_total(ip,port)
complete_message << progress if progress

14
modules/auxiliary/admin/smb/check_dir_file.rb
View File

@ -64,11 +64,11 @@ class MetasploitModule < Msf::Auxiliary
when "STATUS_OBJECT_PATH_NOT_FOUND"
vprint_error("Object PATH \\\\#{rhost}\\#{datastore['SMBSHARE']}\\#{path} NOT found!")
when "STATUS_ACCESS_DENIED"
vprint_error("Host #{rhost} reports access denied.")
vprint_error("Host reports access denied.")
when "STATUS_BAD_NETWORK_NAME"
vprint_error("Host #{rhost} is NOT connected to #{datastore['SMBDomain']}!")
vprint_error("Host is NOT connected to #{datastore['SMBDomain']}!")
when "STATUS_INSUFF_SERVER_RESOURCES"
vprint_error("Host #{rhost} rejected with insufficient resources!")
vprint_error("Host rejected with insufficient resources!")
when "STATUS_OBJECT_NAME_INVALID"
vprint_error("opeining \\#{path} bad filename")
else
@ -92,13 +92,13 @@ class MetasploitModule < Msf::Auxiliary
check_path(path.chomp)
end #end do
rescue ::Rex::HostUnreachable
vprint_error("Host #{rhost} offline.")
vprint_error("Host offline.")
rescue ::Rex::Proto::SMB::Exceptions::LoginError
print_error("Host #{rhost} login error.")
print_error("Host login error.")
rescue ::Rex::ConnectionRefused
print_error "Host #{rhost} unable to connect - connection refused"
print_error "Unable to connect - connection refused"
rescue ::Rex::Proto::SMB::Exceptions::ErrorCode
print_error "Host #{rhost} unable to connect to share #{datastore['SMBSHARE']}"
print_error "Unable to connect to share #{datastore['SMBSHARE']}"
end # end begin
end # end def
end

10
modules/auxiliary/admin/smb/delete_file.rb
View File

@ -41,11 +41,11 @@ class MetasploitModule < Msf::Auxiliary
end
def smb_delete_files
vprint_status("#{peer}: Connecting to the server...")
vprint_status("Connecting to the server...")
connect()
smb_login()
vprint_status("#{peer}: Mounting the remote share \\\\#{datastore['RHOST']}\\#{datastore['SMBSHARE']}'...")
vprint_status("Mounting the remote share \\\\#{datastore['RHOST']}\\#{datastore['SMBSHARE']}'...")
self.simple.connect("\\\\#{rhost}\\#{datastore['SMBSHARE']}")
remote_paths.each do |remote_path|
@ -53,10 +53,10 @@ class MetasploitModule < Msf::Auxiliary
simple.delete("\\#{remote_path}")
# If there's no exception raised at this point, we assume the file has been removed.
print_good("#{peer}: Deleted: #{remote_path}")
print_good("Deleted: #{remote_path}")
rescue Rex::Proto::SMB::Exceptions::ErrorCode => e
elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
print_error("#{peer}: Cannot delete #{remote_path}: #{e.message}")
print_error("Cannot delete #{remote_path}: #{e.message}")
end
end
end
@ -66,7 +66,7 @@ class MetasploitModule < Msf::Auxiliary
smb_delete_files
rescue Rex::Proto::SMB::Exceptions::LoginError => e
elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
print_error("#{peer}: Unable to login: #{e.message}")
print_error("Unable to login: #{e.message}")
end
end

10
modules/auxiliary/admin/smb/download_file.rb
View File

@ -41,7 +41,7 @@ class MetasploitModule < Msf::Auxiliary
end
def smb_download
vprint_status("#{peer}: Connecting...")
vprint_status("Connecting...")
connect()
smb_login()
@ -50,7 +50,7 @@ class MetasploitModule < Msf::Auxiliary
remote_paths.each do |remote_path|
begin
vprint_status("#{peer}: Trying to download #{remote_path}...")
vprint_status("Trying to download #{remote_path}...")
data = ''
fd = simple.open("\\#{remote_path}", 'ro')
@ -62,10 +62,10 @@ class MetasploitModule < Msf::Auxiliary
fname = remote_path.split("\\")[-1]
path = store_loot("smb.shares.file", "application/octet-stream", rhost, data, fname)
print_good("#{peer}: #{remote_path} saved as: #{path}")
print_good("#{remote_path} saved as: #{path}")
rescue Rex::Proto::SMB::Exceptions::ErrorCode => e
elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
print_error("#{peer} Unable to download #{remote_path}: #{e.message}")
print_error("Unable to download #{remote_path}: #{e.message}")
end
end
end
@ -75,7 +75,7 @@ class MetasploitModule < Msf::Auxiliary
smb_download
rescue Rex::Proto::SMB::Exceptions::LoginError => e
elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
print_error("#{peer} Unable to login: #{e.message}")
print_error("Unable to login: #{e.message}")
end
end

18
modules/auxiliary/admin/smb/upload_file.rb
View File

@ -49,32 +49,38 @@ class MetasploitModule < Msf::Auxiliary
def run_host(_ip)
begin
vprint_status("#{peer}: Connecting to the server...")
vprint_status("Connecting to the server...")
connect()
smb_login()
vprint_status("#{peer}: Mounting the remote share \\\\#{datastore['RHOST']}\\#{datastore['SMBSHARE']}'...")
vprint_status("Mounting the remote share \\\\#{datastore['RHOST']}\\#{datastore['SMBSHARE']}'...")
self.simple.connect("\\\\#{rhost}\\#{datastore['SMBSHARE']}")
remote_path = remote_paths.first
if local_paths.nil?
print_error("Local paths not specified")
return
end
local_paths.each do |local_path|
begin
vprint_status("#{peer}: Trying to upload #{local_path} to #{remote_path}...")
vprint_status("Trying to upload #{local_path} to #{remote_path}...")
fd = simple.open("\\#{remote_path}", 'rwct')
data = ::File.read(datastore['LPATH'], ::File.size(datastore['LPATH']))
fd.write(data)
fd.close
print_good("#{peer}: #{local_path} uploaded to #{remote_path}")
print_good("#{local_path} uploaded to #{remote_path}")
rescue Rex::Proto::SMB::Exceptions::ErrorCode => e
elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
print_error("#{peer} Unable to upload #{local_path} to #{remote_path} : #{e.message}")
print_error("Unable to upload #{local_path} to #{remote_path} : #{e.message}")
end
end
rescue Rex::Proto::SMB::Exceptions::LoginError => e
elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
print_error("#{peer} Unable to login: #{e.message}")
print_error("Unable to login: #{e.message}")
end
end
end

12
modules/auxiliary/gather/windows_deployment_services_shares.rb
View File

@ -60,7 +60,7 @@ class MetasploitModule < Msf::Auxiliary
begin
dcerpc_bind(handle)
rescue Rex::Proto::SMB::Exceptions::ErrorCode => e
print_error("#{rhost} : #{e.message}")
print_error(e.message)
return
end
@ -148,7 +148,7 @@ class MetasploitModule < Msf::Auxiliary
share_type = share[1]
if share_type == "DISK" && (share_name == "REMINST" || share_comm == "MDT Deployment Share")
vprint_good("#{ip}:#{rport} Identified deployment share #{share_name} #{share_comm}")
vprint_good("Identified deployment share #{share_name} #{share_comm}")
deploy_shares << share_name
end
end
@ -164,12 +164,12 @@ class MetasploitModule < Msf::Auxiliary
def query_share(share)
share_path = "\\\\#{rhost}\\#{share}"
vprint_status("#{rhost}:#{rport} Enumerating #{share}...")
vprint_status("Enumerating #{share}...")
begin
simple.connect(share_path)
rescue Rex::Proto::SMB::Exceptions::ErrorCode => e
print_error("#{rhost}:#{rport} Could not access share: #{share} - #{e}")
print_error("Could not access share: #{share} - #{e}")
return
end
@ -188,7 +188,7 @@ class MetasploitModule < Msf::Auxiliary
next unless cred['password'].to_s.length > 0
report_creds(cred['domain'].to_s, cred['username'], cred['password'])
print_good("#{rhost}:#{rport} Credentials: " +
print_good("Credentials: " +
"Path=#{share_path}#{file_path} " +
"Username=#{cred['domain'].to_s}\\#{cred['username'].to_s} " +
"Password=#{cred['password'].to_s}"
@ -238,7 +238,7 @@ class MetasploitModule < Msf::Auxiliary
def loot_unattend(data)
return if data.empty?
path = store_loot('windows.unattend.raw', 'text/plain', rhost, data, "Windows Deployment Services")
print_status("#{rhost}:#{rport} Stored unattend.xml in #{path}")
print_status("Stored unattend.xml in #{path}")
end
def report_creds(domain, user, pass)

2
modules/auxiliary/scanner/smb/pipe_auditor.rb
View File

@ -89,7 +89,7 @@ class MetasploitModule < Msf::Auxiliary
end
if(pass.length > 0)
print_status("#{ip} - Pipes: #{pass.map{|c| "\\#{c}"}.join(", ")}")
print_status("Pipes: #{pass.map{|c| "\\#{c}"}.join(", ")}")
# Add Report
report_note(
:host => ip,

2
modules/auxiliary/scanner/smb/pipe_dcerpc_auditor.rb
View File

@ -274,7 +274,7 @@ class MetasploitModule < Msf::Auxiliary
begin
dcerpc_bind(handle)
print_line("#{ip} - UUID #{uuid[0]} #{uuid[1]} OPEN VIA #{datastore['SMBPIPE']}")
print_line("UUID #{uuid[0]} #{uuid[1]} OPEN VIA #{datastore['SMBPIPE']}")
# Add Report
report_note(
:host => ip,

6
modules/auxiliary/scanner/smb/smb_enum_gpp.rb
View File

@ -62,11 +62,11 @@ class MetasploitModule < Msf::Auxiliary
when 'STATUS_OBJECT_PATH_NOT_FOUND'
vprint_error("Object PATH \\\\#{ip}\\#{datastore['SMBSHARE']}\\#{path} NOT found!")
when 'STATUS_ACCESS_DENIED'
vprint_error("Host #{ip} reports access denied.")
vprint_error("Host reports access denied.")
when 'STATUS_BAD_NETWORK_NAME'
vprint_error("Host #{ip} is NOT connected to #{datastore['SMBDomain']}!")
vprint_error("Host is NOT connected to #{datastore['SMBDomain']}!")
when 'STATUS_INSUFF_SERVER_RESOURCES'
vprint_error("Host #{ip} rejected with insufficient resources!")
vprint_error("Host rejected with insufficient resources!")
when 'STATUS_OBJECT_NAME_INVALID'
vprint_error("opening \\#{path} bad filename")
else

28
modules/auxiliary/scanner/smb/smb_enumshares.rb
View File

@ -187,7 +187,7 @@ class MetasploitModule < Msf::Auxiliary
))
rescue ::Rex::Proto::SMB::Exceptions::ErrorCode => e
if e.error_code == 0xC00000BB
vprint_error("#{ip}:#{rport} - Got 0xC00000BB while enumerating shares, switching to srvsvc...")
vprint_error("Got 0xC00000BB while enumerating shares, switching to srvsvc...")
@srvsvc = true # Make sure the module is aware of this state
return srvsvc_netshareenum(ip)
end
@ -224,7 +224,7 @@ class MetasploitModule < Msf::Auxiliary
begin
dcerpc_bind(handle)
rescue Rex::Proto::SMB::Exceptions::ErrorCode => e
vprint_error("#{ip} : #{e.message}")
vprint_error(e.message)
return []
end
@ -336,7 +336,7 @@ class MetasploitModule < Msf::Auxiliary
next
end
if not datastore['ShowFiles']
print_status("#{ip}:#{rport} - Spidering #{x}.")
print_status("Spidering #{x}.")
end
subdirs = [""]
if x.strip() == "C$" and datastore['SpiderProfiles']
@ -361,7 +361,7 @@ class MetasploitModule < Msf::Auxiliary
subdirs.shift
next
end
header = "#{ip}:#{rport}"
header = ""
if simple.client.default_domain and simple.client.default_name
header << " \\\\#{simple.client.default_domain}"
end
@ -408,18 +408,18 @@ class MetasploitModule < Msf::Auxiliary
end
subdirs.shift
end
print_status("#{ip}:#{rport} - Spider #{x} complete.") unless datastore['ShowFiles']
print_status("Spider #{x} complete.") unless datastore['ShowFiles']
end
unless detailed_tbl.rows.empty?
if datastore['LogSpider'] == '1'
p = store_loot('smb.enumshares', 'text/csv', ip, detailed_tbl.to_csv)
print_good("#{ip} - info saved in: #{p.to_s}")
print_good("info saved in: #{p.to_s}")
elsif datastore['LogSpider'] == '2'
p = store_loot('smb.enumshares', 'text/plain', ip, detailed_tbl)
print_good("#{ip} - info saved in: #{p.to_s}")
print_good("info saved in: #{p.to_s}")
elsif datastore['LogSpider'] == '3'
p = store_loot('smb.enumshares', 'text/plain', ip, logdata)
print_good("#{ip} - info saved in: #{p.to_s}")
print_good("info saved in: #{p.to_s}")
end
end
end
@ -453,12 +453,12 @@ class MetasploitModule < Msf::Auxiliary
end
os_info = get_os_info(ip, rport)
print_status("#{ip}:#{rport} - #{os_info}") if os_info
print_status(os_info) if os_info
if shares.empty?
print_status("#{ip}:#{rport} - No shares collected")
print_status("No shares collected")
else
shares_info = shares.map{|x| "#{ip}:#{rport} - #{x[0]} - (#{x[1]}) #{x[2]}" }.join(", ")
shares_info = shares.map{|x| "#{x[0]} - (#{x[1]}) #{x[2]}" }.join(", ")
shares_info.split(", ").each { |share|
print_good share
}
@ -482,7 +482,7 @@ class MetasploitModule < Msf::Auxiliary
raise $!
rescue ::Rex::Proto::SMB::Exceptions::LoginError,
::Rex::Proto::SMB::Exceptions::ErrorCode => e
print_error("#{ip}:#{rport} - #{e.message}")
print_error(e.message)
return if e.message =~ /STATUS_ACCESS_DENIED/
rescue Errno::ECONNRESET,
::Rex::Proto::SMB::Exceptions::InvalidType,
@ -490,7 +490,7 @@ class MetasploitModule < Msf::Auxiliary
::Rex::Proto::SMB::Exceptions::InvalidCommand,
::Rex::Proto::SMB::Exceptions::InvalidWordCount,
::Rex::Proto::SMB::Exceptions::NoReply => e
vprint_error("#{ip}:#{rport} - #{e.message}")
vprint_error(e.message)
next if not shares.empty? and rport == 139 # no results, try again
rescue Errno::ENOPROTOOPT
print_status("Wait 5 seconds before retrying...")
@ -499,7 +499,7 @@ class MetasploitModule < Msf::Auxiliary
rescue ::Exception => e
next if e.to_s =~ /execution expired/
next if not shares.empty? and rport == 139
vprint_error("#{ip}:#{rport} - Error: '#{ip}' '#{e.class}' '#{e.to_s}'")
vprint_error("Error: '#{ip}' '#{e.class}' '#{e.to_s}'")
ensure
disconnect
end

6
modules/auxiliary/scanner/smb/smb_enumusers.rb
View File

@ -160,7 +160,7 @@ class MetasploitModule < Msf::Auxiliary
resp = dcerpc.last_response ? dcerpc.last_response.stub_data : nil
if ! (resp and resp.length == 24)
print_error("#{ip} Invalid response from the Connect5 request")
print_error("Invalid response from the Connect5 request")
disconnect
return
end
@ -174,7 +174,7 @@ class MetasploitModule < Msf::Auxiliary
end
if(perror != 0)
print_error("#{ip} Received error #{"0x%.8x" % perror} from the OpenPolicy2 request")
print_error("Received error #{"0x%.8x" % perror} from the OpenPolicy2 request")
disconnect
return
end
@ -312,7 +312,7 @@ class MetasploitModule < Msf::Auxiliary
extra << "PasswordMin=#{domains[domain][:pass_min]} "
extra << ")"
end
print_status("#{ip} #{domain.upcase} [ #{users.keys.map{|k| users[k]}.join(", ")} ] #{extra}")
print_status("#{domain.upcase} [ #{users.keys.map{|k| users[k]}.join(", ")} ] #{extra}")
end
# cleanup

10
modules/auxiliary/scanner/smb/smb_enumusers_domain.rb
View File

@ -163,11 +163,11 @@ class MetasploitModule < Msf::Auxiliary
if datastore['VERBOSE']
accounts.each do |x|
print_status ip + " : " + x[:logon_domain] + "\\" + x[:account_name] +
print_status x[:logon_domain] + "\\" + x[:account_name] +
"\t(logon_server: #{x[:logon_server]}, other_domains: #{x[:other_domains]})"
end
else
print_status "#{ip} : #{accounts.collect{|x| x[:logon_domain] + "\\" + x[:account_name]}.join(", ")}"
print_status "#{accounts.collect{|x| x[:logon_domain] + "\\" + x[:account_name]}.join(", ")}"
end
found_accounts = []
@ -181,16 +181,16 @@ class MetasploitModule < Msf::Auxiliary
next
end
print_good("#{ip} - Found user: #{comp_user}")
print_good("Found user: #{comp_user}")
store_username(comp_user, resp, ip, rport)
end
rescue ::Rex::Proto::SMB::Exceptions::ErrorCode => e
print_line("UUID #{uuid[0]} #{uuid[1]} ERROR 0x%.8x" % e.error_code)
print_error("UUID #{uuid[0]} #{uuid[1]} ERROR 0x%.8x" % e.error_code)
#puts e
#return
rescue ::Exception => e
print_line("UUID #{uuid[0]} #{uuid[1]} ERROR #{$!}")
print_error("UUID #{uuid[0]} #{uuid[1]} ERROR #{$!}")
#puts e
#return
end

4
modules/auxiliary/scanner/smb/smb_login.rb
View File

@ -90,9 +90,9 @@ class MetasploitModule < Msf::Auxiliary
bogus_result = @scanner.attempt_bogus_login(domain)
if bogus_result.success?
if bogus_result.access_level == Metasploit::Framework::LoginScanner::SMB::AccessLevels::GUEST
print_status("#{ip} - This system allows guest sessions with any credentials")
print_status("This system allows guest sessions with any credentials")
else
print_error("#{ip} - This system accepts authentication with any credentials, brute force is ineffective.")
print_error("This system accepts authentication with any credentials, brute force is ineffective.")
return
end
end

18
modules/auxiliary/scanner/smb/smb_lookupsid.rb
View File

@ -178,7 +178,7 @@ class MetasploitModule < Msf::Auxiliary
resp = dcerpc.last_response ? dcerpc.last_response.stub_data : nil
if ! (resp and resp.length == 24)
print_error("#{ip} Invalid response from the OpenPolicy request")
print_error("Invalid response from the OpenPolicy request")
disconnect
return
end
@ -193,7 +193,7 @@ class MetasploitModule < Msf::Auxiliary
end
if(perror != 0)
print_error("#{ip} Received error #{"0x%.8x" % perror} from the OpenPolicy2 request")
print_error("Received error #{"0x%.8x" % perror} from the OpenPolicy2 request")
disconnect
return
end
@ -211,7 +211,7 @@ class MetasploitModule < Msf::Auxiliary
domain_sid, domain_name = smb_parse_sid(resp)
# Store SID, local domain name, joined domain name
print_status("#{ip} PIPE(#{lsa_pipe}) LOCAL(#{host_name} - #{host_sid}) DOMAIN(#{domain_name} - #{domain_sid})")
print_status("PIPE(#{lsa_pipe}) LOCAL(#{host_name} - #{host_sid}) DOMAIN(#{domain_name} - #{domain_sid})")
domain = {
:name => host_name,
@ -226,7 +226,7 @@ class MetasploitModule < Msf::Auxiliary
when 'DOMAIN'
# Fallthrough to the host SID if no domain SID was returned
unless domain_sid
print_error("#{ip} No domain SID identified, falling back to the local SID...")
print_error("No domain SID identified, falling back to the local SID...")
end
domain_sid || host_sid
end
@ -265,13 +265,13 @@ class MetasploitModule < Msf::Auxiliary
utype,uname = smb_parse_sid_lookup(resp)
case utype
when 1
print_status("#{ip} USER=#{uname} RID=#{rid}")
print_status("USER=#{uname} RID=#{rid}")
domain[:users][rid] = uname
when 2
domain[:groups][rid] = uname
print_status("#{ip} GROUP=#{uname} RID=#{rid}")
print_status("GROUP=#{uname} RID=#{rid}")
else
print_status("#{ip} TYPE=#{utype} NAME=#{uname} rid=#{rid}")
print_status("TYPE=#{utype} NAME=#{uname} rid=#{rid}")
end
end
@ -284,7 +284,7 @@ class MetasploitModule < Msf::Auxiliary
:data => domain
)
print_status("#{ip} #{domain[:name].upcase} [#{domain[:users].keys.map{|k| domain[:users][k]}.join(", ")} ]")
print_status("#{domain[:name].upcase} [#{domain[:users].keys.map{|k| domain[:users][k]}.join(", ")} ]")
disconnect
return
@ -295,7 +295,7 @@ class MetasploitModule < Msf::Auxiliary
rescue ::Rex::Proto::SMB::Exceptions::LoginError
next
rescue ::Exception => e
print_line("Error: #{ip} #{e.class} #{e}")
print_line("Error: #{e.class} #{e}")
end
end
end

4
modules/auxiliary/scanner/smb/smb_version.rb
View File

@ -113,7 +113,7 @@ class MetasploitModule < Msf::Auxiliary
match_conf['host.domain'] = conf[:SMBDomain]
end
print_status("#{rhost}:#{rport} is running #{desc}")
print_status("Host is running #{desc}")
# Report the service with a friendly banner
report_service(
@ -136,7 +136,7 @@ class MetasploitModule < Msf::Auxiliary
else
desc = "#{res['native_os']} (#{res['native_lm']})"
report_service(:host => ip, :port => rport, :name => 'smb', :info => desc)
print_status("#{rhost}:#{rport} could not be identified: #{desc}")
print_status("Host could not be identified: #{desc}")
end
# Report a smb.fingerprint hash of attributes for OS fingerprinting

2
modules/exploits/windows/oracle/extjob.rb
View File

@ -58,7 +58,7 @@ class MetasploitModule < Msf::Exploit::Remote
execute_cmdstager({:linemax => 1500})
handler
else
print_error "#{rhost} does not appear to be vulnerable!"
print_error "Host does not appear to be vulnerable!"
end
end