Add a check_setup method

2014-09-10 20:09:03 -05:00 · 2014-09-10 20:09:03 -05:00 · c1658e5d51
parent 84e4db9035
commit c1658e5d51
2 changed files with 23 additions and 47 deletions
--- a/lib/metasploit/framework/login_scanner/glassfish.rb
+++ b/lib/metasploit/framework/login_scanner/glassfish.rb
@ -20,6 +20,25 @@ module Metasploit
        #   @return [String] Cookie session
        attr_accessor :jsession

+        # @todo dat API
+        # (see Base#check_setup)
+        def check_setup
+          res = send_request({'uri' => '/common/index.jsf'})
+          return false if res.nil?
+          return false if !([200, 302].include?(res.code))
+
+          if !self.ssl && res.headers['Location'] =~ /^https:/
+            self.ssl = true
+            res = send_request({'uri' => '/common/index.jsf'})
+            return false if res.nil? || res.code != 200
+          end
+
+          res = send_request({'uri' => '/login.jsf'})
+          extract_version(res.headers['Server'])
+
+          true
+        end
+
        # Sends a HTTP request with Rex
        #
        # @param (see Rex::Proto::Http::Resquest#request_raw)
--- a/modules/auxiliary/scanner/http/glassfish_login.rb
+++ b/modules/auxiliary/scanner/http/glassfish_login.rb
@ -176,59 +176,16 @@ class Metasploit3 < Msf::Auxiliary
  end


-  def init_bruteforce
-    res   = nil
-    tried = false
-
-    begin
-      print_brute :level=>:status, :ip=>rhost, :msg=>"Sending a request to /common/index.jsf..."
-      res = send_request_cgi({'uri'=>'/common/index.jsf'})
-
-      # Abort if res returns nil due to an exception (broken pipe or timeout)
-      if res.nil?
-        print_brute :level=>:error, :ip=>rhost, :msg=>'Unable to get a response from the server.'
-        return
-      end
-
-      # Automatic HTTP to HTTPS transition (when needed)
-      if @scanner.ssl == false && res && res.headers['Location'] =~ /^https:\/\//
-        print_brute :level=>:status, :ip=>rhost, :msg=>"Glassfish is asking us to use HTTPS"
-        print_brute :level=>:status, :ip=>rhost, :msg=>"SSL option automatically set to: true"
-        print_brute :level=>:status, :ip=>rhost, :msg=>"SSL version option automatically set to: #{datastore['SSLVersion']}"
-        @scanner.ssl = true
-        @scanner.ssl_version = datastore['SSLVersion']
-        # Set the SSL options, and let the exception handler to resend the HTTP request
-        # one more time.
-        raise "SSL error"
-      end
-    rescue ::Exception => e
-      # Retry the HTTP request with updated SSL options
-      if e.message == 'SSL error' && tried == false
-        tried = true
-        retry
-      else
-        # Make sure we don't shut other problems up
-        raise e
-      end
-    end
-
-    # A normal client starts with /login.jsf, so we start with /login.jsf
-    if res && res.code.to_i == 302
-      res = send_request_cgi({'uri' => '/login.jsf'})
-    end
-
-    res
-  end
-

  #
  # main
  #
  def run_host(ip)
    init_loginscanner(ip)
-    res = init_bruteforce
-    return if res.nil?
-    @scanner.extract_version(res.headers['Server'])
+    if !@scanner.check_setup
+      print_brute :level => :error, :ip => rhost, :msg => "Not glassfish"
+      return
+    end

    print_brute :level=>:status, :ip=>rhost, :msg=>('Checking if Glassfish requires a password...')
    if @scanner.version =~ /^[239]\.x$/ && is_password_required?(@scanner.version)