fix openssl_heardbleed

-) XMPP Domain now configurable -) Missing get_once to initiate the TLS connection
2014-04-09 20:39:33 +02:00 · 2014-04-09 20:39:33 +02:00 · e2b50d3709
parent 5696e52fac
commit e2b50d3709
1 changed files with 10 additions and 1 deletions
--- a/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
+++ b/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
@ -121,6 +121,12 @@ class Metasploit3 < Msf::Auxiliary
        OptEnum.new('STARTTLS', [true, 'Protocol to use with STARTTLS, None to avoid STARTTLS ', 'None', [ 'None', 'SMTP', 'IMAP', 'JABBER', 'POP3' ]]),
        OptEnum.new('TLSVERSION', [true, 'TLS version to use', '1.1', ['1.0', '1.1', '1.2']])
      ], self.class)
+
+    register_advanced_options(
+      [
+        OptString.new('XMPPDOMAIN', [ true, 'The XMPP Domain to use when Jabber is selected', 'localhost' ])
+      ], self.class)
+
  end

  def peer
@ -173,10 +179,13 @@ class Metasploit3 < Msf::Auxiliary
    msg << "<stream:stream xmlns='jabber:client' "
    msg << "xmlns:stream='http://etherx.jabber.org/streams' "
    msg << "version='1.0' "
-    msg << "to='localhost'>"
+    msg << "to='#{datastore['XMPPDOMAIN']}'>"
    sock.put(msg)
+    # get first response with id
    res = sock.get_once
    return nil if res.nil? # SSL not supported
+    # get next part of the message
+    res = sock.get_once
    return nil if res =~ /stream:error/ || res !~ /starttls/i
    msg = "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>"
    sock.put(msg)