Cleanup. Sanity check in setup. vprint

2014-10-22 10:36:24 -07:00 · 2014-10-22 10:36:24 -07:00 · ce8a9941ea
parent ee3dd3a2ac
commit ce8a9941ea
2 changed files with 25 additions and 17 deletions
--- a/lib/metasploit/framework/login_scanner/mybook_live.rb
+++ b/lib/metasploit/framework/login_scanner/mybook_live.rb
@ -22,10 +22,10 @@ module Metasploit

        def attempt_login(credential)
          result_opts = {
-              credential: credential,
-              host: host,
-              port: port,
-              protocol: 'tcp'
+            credential: credential,
+            host: host,
+            port: port,
+            protocol: 'tcp'
          }
          if ssl
            result_opts[:service_name] = 'https'
@ -33,14 +33,14 @@ module Metasploit
            result_opts[:service_name] = 'http'
          end
          begin
-            body = "data%5BLogin%5D%5Bowner_name%5D=admin&data%5BLogin%5D%5Bowner_passwd%5D=#{Rex::Text.uri_encode(credential.private)}"
+            body = "data[Login][owner_name]=admin&data[Login][owner_passwd]=#{credential.private}"
            cli = Rex::Proto::Http::Client.new(host, port, {}, ssl, ssl_version)
            cli.connect
-            req = cli.request_cgi({
+            req = cli.request_cgi(
              'method' => 'POST',
              'uri' => '/UI/login',
-              'data' => body
-            })
+              'data' => Rex::Text.uri_encode(body)
+            )
            res = cli.send_recv(req)
            if res && res.code == 302 && res.headers['location'] && res.headers['location'].include?('UI')
              result_opts.merge!(status: Metasploit::Model::Login::Status::SUCCESSFUL, proof: res.headers)
--- a/modules/auxiliary/scanner/http/mybook_live_login.rb
+++ b/modules/auxiliary/scanner/http/mybook_live_login.rb
@ -27,17 +27,25 @@ class Metasploit3 < Msf::Auxiliary
      ], self.class)

    register_autofilter_ports([ 80 ])
-    
-    #username is hardcoded into application
+
+    # username is hardcoded into application
    deregister_options('RHOST', 'USERNAME', 'USER_FILE', 'USER_AS_PASS', 'DB_ALL_USERS')
  end

+  def setup
+    # They must select at least blank passwords, provide a pass file or a password
+    one_required = %w(BLANK_PASSWORDS PASS_FILE PASSWORD)
+    unless one_required.any? { |o| datastore[o] }
+      fail_with(Failure::BadConfig, "Invalid options: One of #{one_required.join(', ')} must be set")
+    end
+  end
+
  def run_host(ip)
    cred_collection = Metasploit::Framework::CredentialCollection.new(
-            blank_passwords: datastore['BLANK_PASSWORDS'],
-            pass_file: datastore['PASS_FILE'],
-            password: datastore['PASSWORD'],
-            username: 'admin'
+      blank_passwords: datastore['BLANK_PASSWORDS'],
+      pass_file: datastore['PASS_FILE'],
+      password: datastore['PASSWORD'],
+      username: 'admin'
    )

    scanner = Metasploit::Framework::LoginScanner::MyBookLive.new(
@ -59,8 +67,8 @@ class Metasploit3 < Msf::Auxiliary
    scanner.scan! do |result|
      credential_data = result.to_h
      credential_data.merge!(
-          module_fullname: fullname,
-          workspace_id: myworkspace_id
+        module_fullname: fullname,
+        workspace_id: myworkspace_id
      )
      if result.success?
        credential_core = create_credential(credential_data)
@ -70,7 +78,7 @@ class Metasploit3 < Msf::Auxiliary
        print_good "#{ip}:#{rport} - LOGIN SUCCESSFUL: #{result.credential}"
      else
        invalidate_login(credential_data)
-        print_status "#{ip}:#{rport} - LOGIN FAILED: #{result.credential} (#{result.status})"
+        vprint_status "#{ip}:#{rport} - LOGIN FAILED: #{result.credential} (#{result.status})"
      end
    end
  end