working snmp_login module

bug/bundler_fix
David Maloney 2014-07-22 12:44:21 -05:00
parent c553fcac73
commit e54f5e8ee7
No known key found for this signature in database
GPG Key ID: DEDBA9DC3A913DB2
2 changed files with 68 additions and 10 deletions

View File

@ -41,6 +41,7 @@ module Metasploit
# @yieldparam credential [Metasploit::Framework::Credential] # @yieldparam credential [Metasploit::Framework::Credential]
# @return [void] # @return [void]
def each def each
begin
if pass_file.present? if pass_file.present?
pass_fd = File.open(pass_file, 'r:binary') pass_fd = File.open(pass_file, 'r:binary')
pass_fd.each_line do |line| pass_fd.each_line do |line|
@ -52,6 +53,10 @@ module Metasploit
if password.present? if password.present?
yield Metasploit::Framework::Credential.new(public: password, paired: false) yield Metasploit::Framework::Credential.new(public: password, paired: false)
end end
ensure
pass_fd.close if pass_fd && !pass_fd.closed?
end
end end
# Add {Credential credentials} that will be yielded by {#each} # Add {Credential credentials} that will be yielded by {#each}

View File

@ -5,8 +5,8 @@
require 'msf/core' require 'msf/core'
require 'openssl' require 'metasploit/framework/community_string_collection'
require 'snmp' require 'metasploit/framework/login_scanner/snmp'
class Metasploit3 < Msf::Auxiliary class Metasploit3 < Msf::Auxiliary
@ -50,11 +50,64 @@ class Metasploit3 < Msf::Auxiliary
def run_batch(batch) def run_batch(batch)
batch.each do |ip| batch.each do |ip|
collection = Metasploit::Framework::CommunityStringCollection.new(
pass_file: datastore['PASS_FILE'],
password: datastore['PASSWORD']
)
scanner = Metasploit::Framework::LoginScanner::SNMP.new(
host: ip,
port: rport,
cred_details: collection,
stop_on_success: datastore['STOP_ON_SUCCESS'],
connection_timeout: 2
)
service_data = {
address: ip,
port: rport,
service_name: 'snmp',
protocol: 'udp',
workspace_id: myworkspace_id
}
scanner.scan! do |result|
if result.success?
credential_data = {
module_fullname: self.fullname,
origin_type: :service,
username: result.credential.public
}
credential_data.merge!(service_data)
credential_core = create_credential(credential_data)
login_data = {
core: credential_core,
last_attempted_at: DateTime.now,
status: Metasploit::Model::Login::Status::SUCCESSFUL
}
login_data.merge!(service_data)
create_credential_login(login_data)
print_good "#{ip}:#{rport} - LOGIN SUCCESSFUL: #{result.credential}"
else
invalidate_data = {
public: result.credential.public,
private: result.credential.private,
realm_key: result.credential.realm_key,
realm_value: result.credential.realm,
status: result.status
} .merge(service_data)
invalidate_login(invalidate_data)
print_status "#{ip}:#{rport} - LOGIN FAILED: #{result.credential} (#{result.status}: #{result.proof})"
end
end
end
end end
def rport
datastore['RPORT']
end end