Land #7672, support LOCKED_OUT and DISABLED login status

bug/bundler_fix
dmohanty-r7 2016-12-16 15:11:05 -06:00
commit f74fd9e5dd
No known key found for this signature in database
GPG Key ID: D1B3982EAB38742F
2 changed files with 21 additions and 3 deletions

View File

@ -199,6 +199,7 @@ module Metasploit
total_error_count = 0 total_error_count = 0
successful_users = Set.new successful_users = Set.new
ignored_users = Set.new
first_attempt = true first_attempt = true
each_credential do |credential| each_credential do |credential|
@ -213,6 +214,14 @@ module Metasploit
next next
end end
# Users that went into the lock-out list
if ignored_users.include?(credential.public)
if credential.parent.respond_to?(:skipped)
credential.parent.skipped = true
end
next
end
if first_attempt if first_attempt
first_attempt = false first_attempt = false
else else
@ -228,6 +237,10 @@ module Metasploit
consecutive_error_count = 0 consecutive_error_count = 0
successful_users << credential.public successful_users << credential.public
break if stop_on_success break if stop_on_success
elsif result.status == Metasploit::Model::Login::Status::LOCKED_OUT
ignored_users << credential.public
elsif result.status == Metasploit::Model::Login::Status::DISABLED
ignored_users << credential.public
else else
if result.status == Metasploit::Model::Login::Status::UNABLE_TO_CONNECT if result.status == Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
consecutive_error_count += 1 consecutive_error_count += 1

View File

@ -55,7 +55,7 @@ class MetasploitModule < Msf::Auxiliary
register_options( register_options(
[ [
Opt::Proxies, Opt::Proxies,
OptBool.new('ABORT_ON_LOCKOUT', [ true, "Abort the run when an account lockout is detected", true ]), OptBool.new('ABORT_ON_LOCKOUT', [ true, "Abort the run when an account lockout is detected", false ]),
OptBool.new('PRESERVE_DOMAINS', [ false, "Respect a username that contains a domain name.", true ]), OptBool.new('PRESERVE_DOMAINS', [ false, "Respect a username that contains a domain name.", true ]),
OptBool.new('RECORD_GUEST', [ false, "Record guest-privileged random logins to the database", false ]), OptBool.new('RECORD_GUEST', [ false, "Record guest-privileged random logins to the database", false ]),
OptBool.new('DETECT_ANY_AUTH', [false, 'Enable detection of systems accepting any authentication', true]) OptBool.new('DETECT_ANY_AUTH', [false, 'Enable detection of systems accepting any authentication', true])
@ -123,8 +123,13 @@ class MetasploitModule < Msf::Auxiliary
@scanner.scan! do |result| @scanner.scan! do |result|
case result.status case result.status
when Metasploit::Model::Login::Status::LOCKED_OUT when Metasploit::Model::Login::Status::LOCKED_OUT
print_error("Account lockout detected on '#{result.credential}'") if datastore['ABORT_ON_LOCKOUT']
return if datastore['ABORT_ON_LOCKOUT'] print_error("Account lockout detected on '#{result.credential.public}', aborting.")
return
else
print_error("Account lockout detected on '#{result.credential.public}', skipping this user.")
end
when Metasploit::Model::Login::Status::DENIED_ACCESS when Metasploit::Model::Login::Status::DENIED_ACCESS
print_brute :level => :status, :ip => ip, :msg => "Correct credentials, but unable to login: '#{result.credential}', #{result.proof}" print_brute :level => :status, :ip => ip, :msg => "Correct credentials, but unable to login: '#{result.credential}', #{result.proof}"
report_creds(ip, rport, result) report_creds(ip, rport, result)