working snmp_login module

lib/metasploit/framework/community_string_collection.rb

@@ -41,16 +41,21 @@ module Metasploit
       # @yieldparam credential [Metasploit::Framework::Credential]
       # @return [void]
       def each
-        if pass_file.present?
+        begin
-          pass_fd = File.open(pass_file, 'r:binary')
+          if pass_file.present?
-          pass_fd.each_line do |line|
+            pass_fd = File.open(pass_file, 'r:binary')
-            line.chomp!
+            pass_fd.each_line do |line|
-            yield Metasploit::Framework::Credential.new(public: line, paired: false)
+              line.chomp!
+              yield Metasploit::Framework::Credential.new(public: line, paired: false)
+            end
           end
-        end
 
-        if password.present?
+          if password.present?
-          yield Metasploit::Framework::Credential.new(public: password, paired: false)
+            yield Metasploit::Framework::Credential.new(public: password, paired: false)
+          end
+
+        ensure
+          pass_fd.close if pass_fd && !pass_fd.closed?
         end
       end
 

modules/auxiliary/scanner/snmp/snmp_login.rb

@@ -5,8 +5,8 @@
 
 
 require 'msf/core'
-require 'openssl'
+require 'metasploit/framework/community_string_collection'
-require 'snmp'
+require 'metasploit/framework/login_scanner/snmp'
 
 class Metasploit3 < Msf::Auxiliary
 
@@ -50,11 +50,64 @@ class Metasploit3 < Msf::Auxiliary
   def run_batch(batch)
 
     batch.each do |ip|
+      collection = Metasploit::Framework::CommunityStringCollection.new(
+          pass_file: datastore['PASS_FILE'],
+          password: datastore['PASSWORD']
+      )
 
+      scanner = Metasploit::Framework::LoginScanner::SNMP.new(
+          host: ip,
+          port: rport,
+          cred_details: collection,
+          stop_on_success: datastore['STOP_ON_SUCCESS'],
+          connection_timeout: 2
+      )
 
+      service_data = {
+          address: ip,
+          port: rport,
+          service_name: 'snmp',
+          protocol: 'udp',
+          workspace_id: myworkspace_id
+      }
 
+      scanner.scan! do |result|
+        if result.success?
+          credential_data = {
+              module_fullname: self.fullname,
+              origin_type: :service,
+              username: result.credential.public
+          }
+          credential_data.merge!(service_data)
+
+          credential_core = create_credential(credential_data)
+
+          login_data = {
+              core: credential_core,
+              last_attempted_at: DateTime.now,
+              status: Metasploit::Model::Login::Status::SUCCESSFUL
+          }
+          login_data.merge!(service_data)
+
+          create_credential_login(login_data)
+          print_good "#{ip}:#{rport} - LOGIN SUCCESSFUL: #{result.credential}"
+        else
+          invalidate_data = {
+              public: result.credential.public,
+              private: result.credential.private,
+              realm_key: result.credential.realm_key,
+              realm_value: result.credential.realm,
+              status: result.status
+          } .merge(service_data)
+          invalidate_login(invalidate_data)
+          print_status "#{ip}:#{rport} - LOGIN FAILED: #{result.credential} (#{result.status}: #{result.proof})"
+        end
+      end
     end
+  end
 
+  def rport
+    datastore['RPORT']
   end