working snmp_login module
parent
c553fcac73
commit
e54f5e8ee7
|
@ -41,6 +41,7 @@ module Metasploit
|
|||
# @yieldparam credential [Metasploit::Framework::Credential]
|
||||
# @return [void]
|
||||
def each
|
||||
begin
|
||||
if pass_file.present?
|
||||
pass_fd = File.open(pass_file, 'r:binary')
|
||||
pass_fd.each_line do |line|
|
||||
|
@ -52,6 +53,10 @@ module Metasploit
|
|||
if password.present?
|
||||
yield Metasploit::Framework::Credential.new(public: password, paired: false)
|
||||
end
|
||||
|
||||
ensure
|
||||
pass_fd.close if pass_fd && !pass_fd.closed?
|
||||
end
|
||||
end
|
||||
|
||||
# Add {Credential credentials} that will be yielded by {#each}
|
||||
|
|
|
@ -5,8 +5,8 @@
|
|||
|
||||
|
||||
require 'msf/core'
|
||||
require 'openssl'
|
||||
require 'snmp'
|
||||
require 'metasploit/framework/community_string_collection'
|
||||
require 'metasploit/framework/login_scanner/snmp'
|
||||
|
||||
class Metasploit3 < Msf::Auxiliary
|
||||
|
||||
|
@ -50,11 +50,64 @@ class Metasploit3 < Msf::Auxiliary
|
|||
def run_batch(batch)
|
||||
|
||||
batch.each do |ip|
|
||||
collection = Metasploit::Framework::CommunityStringCollection.new(
|
||||
pass_file: datastore['PASS_FILE'],
|
||||
password: datastore['PASSWORD']
|
||||
)
|
||||
|
||||
scanner = Metasploit::Framework::LoginScanner::SNMP.new(
|
||||
host: ip,
|
||||
port: rport,
|
||||
cred_details: collection,
|
||||
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
||||
connection_timeout: 2
|
||||
)
|
||||
|
||||
service_data = {
|
||||
address: ip,
|
||||
port: rport,
|
||||
service_name: 'snmp',
|
||||
protocol: 'udp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
scanner.scan! do |result|
|
||||
if result.success?
|
||||
credential_data = {
|
||||
module_fullname: self.fullname,
|
||||
origin_type: :service,
|
||||
username: result.credential.public
|
||||
}
|
||||
credential_data.merge!(service_data)
|
||||
|
||||
credential_core = create_credential(credential_data)
|
||||
|
||||
login_data = {
|
||||
core: credential_core,
|
||||
last_attempted_at: DateTime.now,
|
||||
status: Metasploit::Model::Login::Status::SUCCESSFUL
|
||||
}
|
||||
login_data.merge!(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
print_good "#{ip}:#{rport} - LOGIN SUCCESSFUL: #{result.credential}"
|
||||
else
|
||||
invalidate_data = {
|
||||
public: result.credential.public,
|
||||
private: result.credential.private,
|
||||
realm_key: result.credential.realm_key,
|
||||
realm_value: result.credential.realm,
|
||||
status: result.status
|
||||
} .merge(service_data)
|
||||
invalidate_login(invalidate_data)
|
||||
print_status "#{ip}:#{rport} - LOGIN FAILED: #{result.credential} (#{result.status}: #{result.proof})"
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def rport
|
||||
datastore['RPORT']
|
||||
end
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue