Fixes #808. Removes the pre-connect test from login and version.
git-svn-id: file:///home/svn/framework3/trunk@8521 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
a74b67d73f
commit
b45cfb8793
|
@ -78,42 +78,16 @@ class Metasploit3 < Msf::Auxiliary
|
|||
datastore['RPORT']
|
||||
end
|
||||
|
||||
# Test the connection with Rex::Socket before handing
|
||||
# off to Postgres-PR, since Postgres-PR takes forever
|
||||
# to return from connection errors. TODO: convert
|
||||
# Postgres-PR to use Rex::Socket natively to avoid
|
||||
# this double-connect business.
|
||||
def test_connection
|
||||
begin
|
||||
sock = Rex::Socket::Tcp.create(
|
||||
'PeerHost' => rhost,
|
||||
'PeerPort' => rport
|
||||
)
|
||||
rescue Rex::ConnectionError
|
||||
print_error "#{rhost}:#{rport} Connection Error: #{$!}" if datastore['VERBOSE']
|
||||
raise $!
|
||||
end
|
||||
end
|
||||
|
||||
# Actually do all the login stuff. Note that "verbose" is really pretty
|
||||
# verbose, since postgres_login also makes use of the verbose value
|
||||
# to print diagnostics for other modules.
|
||||
def do_login(user=nil,pass=nil,database=nil,verbose=false)
|
||||
begin
|
||||
test_connection
|
||||
rescue Rex::ConnectionError
|
||||
return :done
|
||||
end
|
||||
|
||||
# Report the service state
|
||||
report_service(
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:name => "postgres"
|
||||
)
|
||||
|
||||
msg = "#{rhost}:#{rport} Postgres -"
|
||||
print_status("#{msg} Trying username:'#{user}' with password:'#{pass}' against #{rhost}:#{rport} on database '#{database}'") if verbose
|
||||
|
||||
# Here's where the actual connection happens.
|
||||
result = postgres_login(
|
||||
:db => database,
|
||||
:username => user,
|
||||
|
@ -136,10 +110,25 @@ class Metasploit3 < Msf::Auxiliary
|
|||
print_error("#{msg} Unknown error encountered, quitting.") if verbose
|
||||
return :done
|
||||
end
|
||||
rescue Rex::ConnectionError
|
||||
print_error "#{rhost}:#{rport} Connection Error: #{$!}" if datastore['VERBOSE']
|
||||
return :done
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
# Report the service state
|
||||
def do_report_postgres
|
||||
report_service(
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:name => "postgres"
|
||||
)
|
||||
end
|
||||
|
||||
def do_report_auth_info(user,pass,db,db_ok)
|
||||
do_report_postgres
|
||||
|
||||
result_hash = {
|
||||
:host => rhost,
|
||||
:proto => "postgres",
|
||||
|
|
|
@ -57,30 +57,8 @@ class Metasploit3 < Msf::Auxiliary
|
|||
datastore['RPORT']
|
||||
end
|
||||
|
||||
# Test the connection with Rex::Socket before handing
|
||||
# off to Postgres-PR, since Postgres-PR takes forever
|
||||
# to return from connection errors. TODO: convert
|
||||
# Postgres-PR to use Rex::Socket natively to avoid
|
||||
# this double-connect business.
|
||||
def test_connection
|
||||
begin
|
||||
sock = Rex::Socket::Tcp.create(
|
||||
'PeerHost' => rhost,
|
||||
'PeerPort' => rport
|
||||
)
|
||||
rescue Rex::ConnectionError
|
||||
print_error "#{rhost}:#{rport} Connection Error: #{$!}" if datastore['VERBOSE']
|
||||
raise $!
|
||||
end
|
||||
end
|
||||
|
||||
# Test the connection, then actually do all the fingerprinting.
|
||||
def do_fingerprint(user=nil,pass=nil,database=nil,verbose=false)
|
||||
begin
|
||||
test_connection
|
||||
rescue Rex::ConnectionError
|
||||
return :done
|
||||
end
|
||||
msg = "#{rhost}:#{rport} Postgres -"
|
||||
password = pass || postgres_password
|
||||
print_status("#{msg} Trying username:'#{user}' with password:'#{password}' against #{rhost}:#{rport} on database '#{database}'") if verbose
|
||||
|
@ -132,6 +110,11 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
postgres_logout
|
||||
|
||||
rescue Rex::ConnectionError
|
||||
print_error "#{rhost}:#{rport} Connection Error: #{$!}" if datastore['VERBOSE']
|
||||
return :done
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue