Refactor host/note reporting for the jenkins module

This prevents this module from blindly overwriting the host
fields and instead reports the information as a note that can
be used by the fingerprinting engine. Additionally, consolidate
all jenkins data bits into a single note vs a dozen.
bug/bundler_fix
HD Moore 2014-04-02 07:49:39 -07:00
parent 4caeec81f0
commit b8c5e5ddb7
1 changed files with 21 additions and 46 deletions

View File

@ -164,52 +164,37 @@ class Metasploit3 < Msf::Auxiliary
infos[td] = tds[idx+1].get_text.to_s.strip if infos.has_key?(td) infos[td] = tds[idx+1].get_text.to_s.strip if infos.has_key?(td)
end end
fprint = {}
jinfo = {}
# print out the goodies # print out the goodies
infos.each do |k, v| infos.each do |k, v|
next if v.nil? next if v.nil?
v = v.strip
next if v.length == 0
jinfo[k.gsub(/\s+/, '_')] = v
case k case k
when "os.name" when "os.name"
vprint_line(" OS: #{v}") vprint_line(" OS: #{v}")
report_host({:host => rhost, :os_name => v}) fprint['os.product'] = v
when "os.version" when "os.version"
vprint_line(" OS Version: #{v}") vprint_line(" OS Version: #{v}")
report_host({:host => rhost, :os_flavor => v}) fprint['os.version'] = v
when "sun.os.patch.level" when "sun.os.patch.level"
vprint_line(" Patch Level: #{v}") vprint_line(" Patch Level: #{v}")
when "os.arch" when "os.arch"
vprint_line(" Arch: #{v}") vprint_line(" Arch: #{v}")
report_note({ fprint['os.arch'] = v
:type => "system_arch",
:host => rhost,
:data => "Arch: #{v}",
:update => :unique_data
})
when "user.name" when "user.name"
vprint_line(" User: #{v}") vprint_line(" User: #{v}")
report_note({
:type => "jenkins_user",
:host => rhost,
:port => rport,
:proto => 'tcp',
:data => "User: #{v}",
:update => :unique_data
})
when "USERDOMAIN" when "USERDOMAIN"
vprint_line(" Domain: #{v}") vprint_line(" Domain: #{v}")
report_note({ fprint['host.domain'] = v
:type => "system_domain",
:host => rhost,
:data => "Domain: #{v}",
:update => :unique_data
})
when "COMPUTERNAME" when "COMPUTERNAME"
vprint_line(" Computer Name: #{v}") vprint_line(" Computer Name: #{v}")
report_note({ fprint['host.name'] = v
:type => "system_computer",
:host => rhost,
:data => "Computer Name: #{v}",
:update => :unique_data
})
when "SystemDrive" when "SystemDrive"
vprint_line(" System Drive: #{v}") vprint_line(" System Drive: #{v}")
when "SHELL" when "SHELL"
@ -222,30 +207,20 @@ class Metasploit3 < Msf::Auxiliary
vprint_line(" Home Directory: #{v}") vprint_line(" Home Directory: #{v}")
when "user.language" when "user.language"
vprint_line(" Language: #{v}") vprint_line(" Language: #{v}")
report_note({ fprint['os.language'] = v
:type => "system_lang",
:host => rhost,
:data => "Language: #{v}",
:update => :unique_data
})
when "user.country" when "user.country"
vprint_line(" Country: #{v}") vprint_line(" Country: #{v}")
report_note({
:type => "system_country",
:host => rhost,
:data => "Country: #{v}",
:update => :unique_data
})
when "user.timezone" when "user.timezone"
vprint_line(" Timezone: #{v}") vprint_line(" Timezone: #{v}")
report_note({
:type => "system_timezone",
:host => rhost,
:data => "Timezone: #{v}",
:update => :unique_data
})
end end
end end
# Report a fingerprint.match for OS fingerprinting support, tied to this service
report_note(:host => rhost, :port => rport, :proto => 'tcp', :ntype => 'fingerprint.match', :data => fprint)
# Report a jenkins information note for future analysis, tied to this service
report_note(:host => rhost, :port => rport, :proto => 'tcp', :ntype => 'jenkins.info', :data => jinfo)
vprint_line('') vprint_line('')
end end
end end