infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update rfcode_reader_enum.rb 

Updated as per review comments
unstable
Karn Ganeshen 2013-06-08 01:00:18 +05:30
parent 6b8e6b3f0c
commit eb0ae6ed27
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
modules/auxiliary/scanner/http/rfcode_reader_enum.rb
View File

@ -21,14 +21,14 @@ class Metasploit3 < Msf::Auxiliary
This module simply attempts to login to a RFCode Reader web interface. Please note that This module simply attempts to login to a RFCode Reader web interface. Please note that
by default there is no authentication. In such a case, password brute force will not be performed. by default there is no authentication. In such a case, password brute force will not be performed.
If there is authentication configured, the module will attempt to find valid login credentials and If there is authentication configured, the module will attempt to find valid login credentials and
capture device information. capture device information.
}, },
'Author' => 'Author' =>
[ [
'Karn Ganeshen <KarnGaneshen[at]gmail.com>' 'Karn Ganeshen <KarnGaneshen[at]gmail.com>'
], ],
'Version' => '1.0', 'Version' => '1.0',
'License' => MSF_LICENSE 'License' => MSF_LICENSE
)) ))
@ -49,13 +49,13 @@ class Metasploit3 < Msf::Auxiliary
# #
def run_host(ip) def run_host(ip)
if not is_app_rfreader? unless is_app_rfreader?
print_error("Application does not appear to be RFCode Reader. Module will not continue.") print_error("Application does not appear to be RFCode Reader. Module will not continue.")
return return
end end
print_status("Checking if authentication is required...") print_status("Checking if authentication is required...")
if not is_auth_required? unless is_auth_required?
print_warning("Application does not require authentication.") print_warning("Application does not require authentication.")
user = '' user = ''
pass = '' pass = ''
@ -102,7 +102,7 @@ class Metasploit3 < Msf::Auxiliary
# #
def do_login(user, pass) def do_login(user, pass)
vprint_status("Trying username:'#{user}' with password:'#{pass}'") vprint_status("Trying username:'#{user.inspect}' with password:'#{pass.inspect}'")
begin begin
res = send_request_cgi( res = send_request_cgi(
{ {
@ -112,10 +112,10 @@ class Metasploit3 < Msf::Auxiliary
}) })
if not res or res.code == 401 if not res or res.code == 401
vprint_error("FAILED LOGIN. '#{user}' : '#{pass}' with code #{res.code}") vprint_error("FAILED LOGIN. '#{user.inspect}' : '#{pass.inspect}' with code #{res.code}")
return :skip_pass return :skip_pass
else else
print_good("SUCCESSFUL LOGIN. '#{user}' : '#{pass}'") print_good("SUCCESSFUL LOGIN. '#{user.inspect}' : '#{pass.inspect}'")
collect_info(user, pass) collect_info(user, pass)
@ -131,7 +131,7 @@ class Metasploit3 < Msf::Auxiliary
report_auth_info(report_hash) report_auth_info(report_hash)
return :next_user return :next_user
end end
rescue ::Rex::ConnectionError, Errno::ECONNREFUSED, Errno::ETIMEDOUT rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout, ::Rex::ConnectionError, ::Errno::EPIPE
print_error("HTTP Connection Failed, Aborting") print_error("HTTP Connection Failed, Aborting")
return :abort return :abort
end end
@ -142,7 +142,7 @@ class Metasploit3 < Msf::Auxiliary
# #
def collect_info(user, pass) def collect_info(user, pass)
vprint_status("Collecting information from app as '#{user}':'#{pass}'...") vprint_status("Collecting information from app as '#{user.inspect}':'#{pass.inspect}'...")
begin begin
res = send_request_cgi( res = send_request_cgi(