From 2a90817b8009d3ca47aa12eb9fc1e6ce04161c4a Mon Sep 17 00:00:00 2001 From: David Rude Date: Wed, 2 Mar 2011 18:46:00 +0000 Subject: [PATCH] Fixes more style and API usage issues git-svn-id: file:///home/svn/framework3/trunk@11863 4d416f70-5f16-0410-b530-b9f4589650da --- .../scanner/sap/sap_mgmt_con_abaplog.rb | 27 ++---- ...n_brute.rb => sap_mgmt_con_brute_login.rb} | 19 ++-- .../scanner/sap/sap_mgmt_con_extractusers.rb | 41 ++++---- .../scanner/sap/sap_mgmt_con_getenv.rb | 35 +++---- .../scanner/sap/sap_mgmt_con_getlogfiles.rb | 29 ++---- .../sap/sap_mgmt_con_instanceproperties.rb | 93 ++++++++++--------- .../scanner/sap/sap_mgmt_con_listlogfiles.rb | 38 ++++---- .../scanner/sap/sap_mgmt_con_startprofile.rb | 27 ++---- 8 files changed, 137 insertions(+), 172 deletions(-) rename modules/auxiliary/scanner/sap/{sap_mgmt_con_brute.rb => sap_mgmt_con_brute_login.rb} (84%) diff --git a/modules/auxiliary/scanner/sap/sap_mgmt_con_abaplog.rb b/modules/auxiliary/scanner/sap/sap_mgmt_con_abaplog.rb index 980f2be022..fa74bc91ec 100755 --- a/modules/auxiliary/scanner/sap/sap_mgmt_con_abaplog.rb +++ b/modules/auxiliary/scanner/sap/sap_mgmt_con_abaplog.rb @@ -40,7 +40,7 @@ class Metasploit3 < Msf::Auxiliary OptString.new('LFILE', [true, 'Set path to save output to file', 'abapsyslog']), ], self.class) register_autofilter_ports([ 50013 ]) - deregister_options('RHOST') + deregister_options('RHOST', 'LFILE') end def rport @@ -60,7 +60,7 @@ class Metasploit3 < Msf::Auxiliary def extractabap(rhost) verbose = datastore['VERBOSE'] - print_status("[SAP] Connecting to SAP Management Console SOAP Interface on #{rhost}:#{rport}") + print_status("#{rhost}:#{rhost} [SAP] Connecting to SAP Management Console SOAP Interface") success = false soapenv = 'http://schemas.xmlsoap.org/soap/envelope/' @@ -99,33 +99,26 @@ class Metasploit3 < Msf::Auxiliary elsif res.code == 500 case res.body when /(.*)<\/faultstring>/i - faultcode = "#{$1}" + faultcode = $1.strip fault = true end end rescue ::Rex::ConnectionError - print_error("[SAP] Unable to attempt authentication") - return :abort + print_error("#{rhost}:#{rhost} [SAP] Unable to connect") + return end if success - print_status("[SAP] ABAP syslog downloading to: #{datastore['LFILE']}") - - outputfile = datastore['LFILE'] + "_" + datastore['RHOST'] - print_status("Writing local file " + outputfile + " in XML format") - - File.open(outputfile,'ab') do |f| - f << res.body - end - - print_good("Saved file " + outputfile) + print_status("#{rhost}:#{rport} [SAP] ABAP syslog downloading") + print_status("#{rhost}:#{rport} [SAP] Storing looted SAP ABAP syslog XML file") + store_loot("sap.abap.syslog", "text/xml", rhost, res.body, "sap_abap_syslog.xml", "SAP ABAP syslog") elsif fault - print_error("[SAP] Errorcode: #{faultcode}") + print_error("#{rhost}:#{rport} [SAP] Errorcode: #{faultcode}") return else - print_error("[SAP] failed to access ABAPSyslog") + print_error("#{rhost}:#{rport} [SAP] failed to access ABAPSyslog") return end end diff --git a/modules/auxiliary/scanner/sap/sap_mgmt_con_brute.rb b/modules/auxiliary/scanner/sap/sap_mgmt_con_brute_login.rb similarity index 84% rename from modules/auxiliary/scanner/sap/sap_mgmt_con_brute.rb rename to modules/auxiliary/scanner/sap/sap_mgmt_con_brute_login.rb index e74cdd63a7..452ac01c15 100755 --- a/modules/auxiliary/scanner/sap/sap_mgmt_con_brute.rb +++ b/modules/auxiliary/scanner/sap/sap_mgmt_con_brute_login.rb @@ -59,7 +59,7 @@ class Metasploit3 < Msf::Auxiliary print_status("SAPSID set to '#{datastore['SAP_SID']}' - Using provided wordlist without modification") else print_status("SAPSID set to '#{datastore['SAP_SID']}' - Setting default SAP wordlist") - datastore['USER_FILE'] = '/opt/metasploit3/msf3/data/wordlists/sap_common.txt' + datastore['USER_FILE'] = Msf::Config.data_directory + '/wordlists/sap_common.txt' end end @@ -70,7 +70,7 @@ class Metasploit3 < Msf::Auxiliary end def enum_user(user, pass) - if datastore['USER_FILE'] == '/opt/metasploit3/msf3/data/wordlists/sap_common.txt' and datastore['SAP_SID'] + if datastore['USER_FILE'] == Msf::Config.data_directory + '/wordlists/sap_common.txt' and datastore['SAP_SID'] user = user.gsub("", datastore["SAP_SID"].downcase) pass = pass.gsub("", datastore["SAP_SID"]) end @@ -132,31 +132,32 @@ class Metasploit3 < Msf::Auxiliary end rescue ::Rex::ConnectionError - print_error("[SAP #{rhost}] Unable to attempt authentication") + print_error("#{rhost}:#{rport} [SAP #{rhost}] Unable to connect") return end if success - print_good("[SAP Management Console] Successful login '#{user}' password: '#{pass}'") + print_good("#{rhost}:#{rport} [SAP Management Console] Successful login '#{user}' password: '#{pass}'") if permission - vprint_good("[SAP Management Console] Login '#{user}' authorized to perform OSExecute calls") + vprint_good("#{rhost}:#{rport} [SAP Management Console] Login '#{user}' authorized to perform OSExecute calls") else - vprint_error("[SAP Management Console] Login '#{user}' NOT authorized to perform OSExecute calls") + vprint_error("#{rhost}:#{rport} [SAP Management Console] Login '#{user}' NOT authorized to perform OSExecute calls") end report_auth_info( :host => rhost, - :proto => 'tcp', :sname => 'sap-managementconsole', + :proto => 'tcp', + :port => rport, :user => user, :pass => pass, :target_host => rhost, :target_port => rport ) - return :next_user + return else - vprint_error("[SAP Management Console] failed to login as '#{user}' password: '#{pass}'") + vprint_error("#{rhost}:#{rport} [SAP Management Console] failed to login as '#{user}' password: '#{pass}'") return end end diff --git a/modules/auxiliary/scanner/sap/sap_mgmt_con_extractusers.rb b/modules/auxiliary/scanner/sap/sap_mgmt_con_extractusers.rb index 69f7d52d8a..ebd27f2799 100755 --- a/modules/auxiliary/scanner/sap/sap_mgmt_con_extractusers.rb +++ b/modules/auxiliary/scanner/sap/sap_mgmt_con_extractusers.rb @@ -63,7 +63,7 @@ class Metasploit3 < Msf::Auxiliary def extractusers(rhost) verbose = datastore['VERBOSE'] - print_status("[SAP] Connecting to SAP Management Console SOAP Interface on #{rhost}:#{rport}") + print_status("#{rhost}:#{rhost} [SAP] Connecting to SAP Management Console SOAP Interface") success = false soapenv = 'http://schemas.xmlsoap.org/soap/envelope/' @@ -100,16 +100,12 @@ class Metasploit3 < Msf::Auxiliary env = [] if res.code == 200 - case res.body - when nil - # Nothing - when /([^<]+)<\/User>/i - body = [] - body = res.body - users = body.scan(/([^<]+)<\/User>/i) - users = users.uniq - success = true - end + body = [] + body = res.body unless res.body.nil? + users = body.scan(/([^<]+)<\/User>/i) + users = users.uniq + success = true + else res.code == 500 case res.body when /(.*)<\/faultstring>/i @@ -119,27 +115,26 @@ class Metasploit3 < Msf::Auxiliary end rescue ::Rex::ConnectionError - print_error("[SAP] Unable to attempt authentication") + print_error("#{rhost}:#{rport} [SAP] Unable to attempt authentication on #{rhost}:#{rport}") return end if success - print_good("[SAP] Users Extracted: #{users.length} entries extracted from #{rhost}:#{rport}") - users.each do |output| - print_good("#{output}") - report_note( - :host => '#{rhost}', - :proto => 'SOAP', - :port => '#{rport}', - :type => 'SAP', - :data => "#{output}") + print_good("#{rhost}#{rport} [SAP] Users Extracted: #{users.length} entries extracted from #{rhost}:#{rport}") + report_note( + :host => rhost, + :proto => 'tcp', + :port => rport, + :type => 'sap.users', + :data => {:proto => "soap", :users => users}, + :update => :unique_data ) end return elsif fault - print_error("[SAP] Errorcode: #{faultcode}") + print_error("#{rhost}:#{rport} [SAP] Errorcode: #{faultcode}") return else - print_error("[SAP] failed to access ABAPSyslog") + print_error("#{rhost}#{rport} [SAP] failed to access ABAPSyslog on #{rhost}:#{rport}") return end end diff --git a/modules/auxiliary/scanner/sap/sap_mgmt_con_getenv.rb b/modules/auxiliary/scanner/sap/sap_mgmt_con_getenv.rb index 4755b1c924..b265dd1d46 100755 --- a/modules/auxiliary/scanner/sap/sap_mgmt_con_getenv.rb +++ b/modules/auxiliary/scanner/sap/sap_mgmt_con_getenv.rb @@ -40,7 +40,7 @@ class Metasploit3 < Msf::Auxiliary OptString.new('LFILE', [false, 'Set path to save output to file', '']), ], self.class) register_autofilter_ports([ 50013 ]) - deregister_options('RHOST') + deregister_options('RHOST', 'LFILE') end def rport @@ -63,7 +63,7 @@ class Metasploit3 < Msf::Auxiliary def getEnvironment(rhost) verbose = datastore['VERBOSE'] - print_status("[SAP] Connecting to SAP Management Console SOAP Interface on #{rhost}:#{rport}") + print_status("#{rhost}:#{rhost} [SAP] Connecting to SAP Management Console SOAP Interface ") success = false soapenv = 'http://schemas.xmlsoap.org/soap/envelope/' @@ -112,37 +112,32 @@ class Metasploit3 < Msf::Auxiliary else res.code == 500 case res.body when /(.*)<\/faultstring>/i - faultcode = "#{$1}" + faultcode = $1.strip fault = true end end rescue ::Rex::ConnectionError - print_error("[SAP #{rhost}] Unable to attempt authentication") + print_error("#{rhost}:#{rhost} [SAP] Unable to connect") return end if success - print_good("[SAP] Environment Extracted: #{env.length} entries extracted") - - if datastore['LFILE'] != '' - outputfile = datastore['LFILE'] + "_" + datastore['RHOST'] - print_good("Writing local file " + outputfile + " in XML format.") - File.open(outputfile,'ab') do |f| - f << res.body - end - else - env.each do |output| - print_status("#{output}") - end - return - end + print_good("#{rhost}:#{rport} [SAP] Environment Extracted: #{env.length} entries extracted") + report_note( + :host => rhost, + :proto => 'tcp', + :port => rport, + :type => 'sap.env', + :data => {:proto => "soap", :env => env}, + :update => :unique_data ) + ) elsif fault - print_error("[SAP] Errorcode: #{faultcode}") + print_error("#{rhost}:#{rhost} [SAP] Errorcode: #{faultcode}") return else - print_error("[SAP] failed to request environment") + print_error("#{rhost}:#{rhost} [SAP] failed to request environment") return end end diff --git a/modules/auxiliary/scanner/sap/sap_mgmt_con_getlogfiles.rb b/modules/auxiliary/scanner/sap/sap_mgmt_con_getlogfiles.rb index a7debb3a34..c4b6e87ef4 100755 --- a/modules/auxiliary/scanner/sap/sap_mgmt_con_getlogfiles.rb +++ b/modules/auxiliary/scanner/sap/sap_mgmt_con_getlogfiles.rb @@ -65,7 +65,7 @@ class Metasploit3 < Msf::Auxiliary def gettfiles(rhost) verbose = datastore['VERBOSE'] - print_status("[SAP] Connecting to SAP Management Console SOAP Interface on #{rhost}:#{rport}") + print_status("#{rhost}:#{rhost} [SAP] Connecting to SAP Management Console SOAP Interface") success = false soapenv = 'http://schemas.xmlsoap.org/soap/envelope/' @@ -122,43 +122,32 @@ class Metasploit3 < Msf::Auxiliary when nil # Nothing when /([^<]+)<\/name>/i - name = "#{$1}" + name = $1.strip success = true end else res.code == 500 case res.body when /(.*)<\/faultstring>/i - faultcode = "#{$1}" + faultcode = $1.strip fault = true end end rescue ::Rex::ConnectionError - print_error("[SAP] Unable to attempt authentication") + print_error("#{rhost}:#{rhost} [SAP] Unable to connect") return end if success - print_good("[SAP] #{datastore['FILETYPE']}: #{datastore['RFILE']} downloaded from #{rhost}:#{rport}") - - if datastore['LFILE'] != '' - outputfile = datastore['LFILE'] + "_" + datastore['RHOST'] - print_status("Writing local file " + outputfile + " in XML format") - File.open(outputfile,'ab') do |f| - f << res.body - end - else - env.each do |output| - print_status("#{output}") - end - return - end + print_good("#{rhost}:#{rhost} [SAP] #{datastore['FILETYPE'].downcase}:#{datastore['RFILE'].downcase} looted") + store_loot("sap.#{datastore['FILETYPE'].downcase}file", "text/xml", rhost, res.body, "sap_#{datastore['RFILE'].downcase}.xml", + "SAP Get Logfile") elsif fault - print_error("[SAP] Errorcode: #{faultcode}") + print_error("#{rhost}:#{rhost} [SAP] Errorcode: #{faultcode}") return else - print_error("[SAP] failed to request environment") + print_error("#{rhost}:#{rhost} [SAP] failed to request environment") return end end diff --git a/modules/auxiliary/scanner/sap/sap_mgmt_con_instanceproperties.rb b/modules/auxiliary/scanner/sap/sap_mgmt_con_instanceproperties.rb index 94f9d9f51f..1847b43efd 100755 --- a/modules/auxiliary/scanner/sap/sap_mgmt_con_instanceproperties.rb +++ b/modules/auxiliary/scanner/sap/sap_mgmt_con_instanceproperties.rb @@ -62,7 +62,7 @@ class Metasploit3 < Msf::Auxiliary def enum_instance(rhost) verbose = datastore['VERBOSE'] - print_status("[SAP] Connecting to SAP Management Console SOAP Interface on #{rhost}:#{rport}") + print_status("#{rhost}:#{rhost} [SAP] Connecting to SAP Management Console SOAP Interface") success = false soapenv='http://schemas.xmlsoap.org/soap/envelope/' xsi='http://www.w3.org/2001/XMLSchema-instance' @@ -98,114 +98,121 @@ class Metasploit3 < Msf::Auxiliary if res.code == 200 body = res.body if body.match(/CentralServices<\/property>Attribute<\/propertytype>([^<]+)<\/value>/) - centralservices = "#{$1}" + centralservices = $1.strip success = true end if body.match(/SAPSYSTEM<\/property>Attribute<\/propertytype>([^<]+)<\/value>/) - sapsystem = "#{$1}" + sapsystem = $1.strip success = true end if body.match(/SAPSYSTEMNAME<\/property>Attribute<\/propertytype>([^<]+)<\/value>/) - sapsystemname = "#{$1}" + sapsystemname = $1.strip success = true end if body.match(/SAPLOCALHOST<\/property>Attribute<\/propertytype>([^<]+)<\/value>/) - saplocalhost = "#{$1}" + saplocalhost = $1.strip success = true end if body.match(/INSTANCE_NAME<\/property>Attribute<\/propertytype>([^<]+)<\/value>/) - instancename = "#{$1}" + instancename = $1.strip success = true end if body.match(/ICM<\/property>NodeURL<\/propertytype>([^<]+)<\/value>/) - icmurl = "#{$1}" + icmurl = $1.strip success = true end if body.match(/ABAP DB Connection<\/property>Attribute<\/propertytype>([^<]+)<\/value>/) - dbstring = "#{$1}" + dbstring = $1.strip success = true end if body.match(/protectedweb Webmethods<\/property>Attribute<\/propertytype>([^<]+)<\/value>/) - protectedweb = "#{$1}" + protectedweb = $1.strip success = true end elsif res.code == 500 case res.body when /(.*)<\/faultstring>/i - faultcode = "#{$1}" + faultcode = $1.strip fault = true end end rescue ::Rex::ConnectionError - print_error("[SAP] Unable to attempt authentication") - return :abort + print_error("#{rhost}:#{rhost} [SAP] Unable to connect") + return end if success - print_good("[SAP] Instance Properties Extracted from #{rhost}:#{rport}") + print_good("#{rhost}:#{rhost} [SAP] Instance Properties Extracted") if centralservices - print_good("Central Services: #{centralservices}") + print_good("#{rhost}:#{rhost} [SAP] Central Services: #{centralservices}") end if sapsystem - print_good("SAP System Number: #{sapsystem}") + print_good("#{rhost}:#{rhost} [SAP] SAP System Number: #{sapsystem}") report_note(:host => '#{rhost}', - :proto => 'SOAP', + :proto => 'tcp', :port => '#{rport}', - :type => 'SAP', - :data => "SAP System Number: #{sapsystem}") + :type => 'sap.sapsystem', + :data => {:proto => "soap", :sapsystem => sapsystem}) end if sapsystemname - print_good("SAP System Name: #{sapsystemname}") + print_good("#{rhost}:#{rhost} [SAP] SAP System Name: #{sapsystemname}") report_note(:host => '#{rhost}', - :proto => 'SOAP', + :proto => 'tcp', :port => '#{rport}', - :type => 'SAP', - :data => "SAP System Name: #{sapsystemname}") + :type => 'sap.systemname', + :data => {:proto => "soap", :sapsystemname => sapsystemname}) end if saplocalhost - print_good("SAP Localhost: #{saplocalhost}") + print_good("#{rhost}:#{rhost} [SAP] SAP Localhost: #{saplocalhost}") report_note(:host => '#{rhost}', - :proto => 'SOAP', - :port => '#{rport}', - :type => 'SAP', - :data => "SAP Localhost: #{saplocalhost}") + :proto => 'tcp', + :port => '#{rport}', + :type => 'sap.localhost', + :data => {:proto => "soap", :saplocalhost => saplocalhost}) end if instancename - print_good("Instance Name: #{instancename}") + print_good("#{rhost}:#{rhost} [SAP] Instance Name: #{instancename}") report_note(:host => '#{rhost}', - :proto => 'SOAP', - :port => '#{rport}', - :type => 'SAP', - :data => "SAP Instance Name: #{instancename}") + :proto => 'tcp', + :port => '#{rport}', + :type => 'sap.instancename', + :data => {:proto => "soap", :instancename => instancename}) end if icmurl - print_good("ICM URL: #{icmurl}") + print_good("#{rhost}:#{rhost} [SAP] ICM URL: #{icmurl}") report_note(:host => '#{rhost}', - :proto => 'SOAP', + :proto => 'tcp', :port => '#{rport}', - :type => 'SAP', - :data => "SAP ICM URL: #{icmurl}") + :type => 'sap.icm.url', + :data => {:proto => "soap", :icmurl => icmurl}) end if dbstring - print_good("DATABASE: #{dbstring}") + print_good("#{rhost}:#{rhost} [SAP] DATABASE: #{dbstring}") report_note(:host => '#{rhost}', - :proto => 'SOAP', + :proto => 'tcp', :port => '#{rport}', - :type => 'SAP', - :data => "SAP dbstring: #{dbstring}") + :type => 'sap.dbstring', + :data => {:proto => "soap", :dbstring => dbstring}, + :update => :unique_data ) end if protectedweb - print_good("protectedweb Webmethods: #{protectedweb}") + print_good("#{rhost}:#{rhost} [SAP] protectedweb Webmethods: #{protectedweb}") + report_note(:host => '#{rhost}', + :proto => 'tcp', + :port => '#{rport}', + :type => 'sap.protected.web.methods', + :data => {:proto => "soap", :protectedweb => protectedweb}, + :update => :unique_data ) end return elsif fault - print_error("[SAP] Errorcode: #{faultcode}") + print_error("#{rhost}:#{rhost} [SAP] Errorcode: #{faultcode}") return else - print_error("[SAP] failed to identify instance properties") + print_error("#{rhost}:#{rhost} [SAP] failed to identify instance properties") return end end diff --git a/modules/auxiliary/scanner/sap/sap_mgmt_con_listlogfiles.rb b/modules/auxiliary/scanner/sap/sap_mgmt_con_listlogfiles.rb index 72ec15a33a..7bfc43096f 100755 --- a/modules/auxiliary/scanner/sap/sap_mgmt_con_listlogfiles.rb +++ b/modules/auxiliary/scanner/sap/sap_mgmt_con_listlogfiles.rb @@ -110,48 +110,46 @@ class Metasploit3 < Msf::Auxiliary when /(.*)<\/file>/i body = [] body = res.body - env =body.scan(/(.*?)<\/filename>(.*?)<\/size>(.*?)<\/modtime>/i) + env = body.scan(/(.*?)<\/filename>(.*?)<\/size>(.*?)<\/modtime>/i) success = true end elsif res.code == 500 case res.body when /(.*)<\/faultstring>/i - faultcode = "#{$1}" + faultcode = $1.strip fault = true end end rescue ::Rex::ConnectionError - print_error("[SAP] Unable to attempt authentication") + print_error("#{rhost}:#{rport} [SAP] Unable to attempt authentication") return end if success - print_good("[SAP] #{datastore['FILETYPE']}: #{env.length} entries extracted from #{rhost}:#{rport}") + print_good("#{rhost}:#{rport} [SAP] #{datastore['FILETYPE'].downcase}: #{env.length} entries extracted") - saptbl = Msf::Ui::Console::Table.new( - Msf::Ui::Console::Table::Style::Default, - 'Header' => 'SAP Logfiles', - 'Prefix' => "\n", - 'Postfix' => "\n", - 'Columns' => [ 'Filename', 'Size', 'Date/Time' ] - ) - - env.each do |output| - #print_status("Filename: #{output[0]}\tSize: #{output[1]}\tDate: #{output[2]}") - saptbl << [ output[0], output[1], output[2] ] - end - - print(saptbl.to_s) + saptbl = Rex::Ui::Text::Table.new( + 'Header' => "SAP Log Files", + 'Indent' => 1, + 'Columns' => + [ + "Filename", + "Size", + "Timestamp" + ]) + store_loot("sap.#{datastore['FILETYPE'].downcase}file", "text/xml", rhost, saptbl.to_s, "sap_#{datastore['RFILE'].downcase}.xml", + "SAP #{datastore['FILETYPE'].downcase}:#{datastore['RFILE'].downcase}") + return elsif fault - print_error("[SAP] Errorcode: #{faultcode}") + print_error("#{rhost}:#{rport} [SAP] Errorcode: #{faultcode}") return else - print_error("[SAP] failed to request environment") + print_error("#{rhost}:#{rport} [SAP] failed to request environment") return end end diff --git a/modules/auxiliary/scanner/sap/sap_mgmt_con_startprofile.rb b/modules/auxiliary/scanner/sap/sap_mgmt_con_startprofile.rb index dbf5205384..4748229150 100755 --- a/modules/auxiliary/scanner/sap/sap_mgmt_con_startprofile.rb +++ b/modules/auxiliary/scanner/sap/sap_mgmt_con_startprofile.rb @@ -63,7 +63,7 @@ class Metasploit3 < Msf::Auxiliary def getStartProfile(rhost) verbose = datastore['VERBOSE'] - print_status("[SAP] Connecting to SAP Management Console SOAP Interface on #{rhost}:#{rport}") + print_status("#{rhost}: #{rport} [SAP] Connecting to SAP Management Console SOAP Interface") success = false soapenv ='http://schemas.xmlsoap.org/soap/envelope/' xsi ='http://www.w3.org/2001/XMLSchema-instance' @@ -103,7 +103,7 @@ class Metasploit3 < Msf::Auxiliary when nil # Nothing when /([^<]+)<\/name>/i - name = "#{$1}" + name = $1.strip success = true end @@ -120,33 +120,20 @@ class Metasploit3 < Msf::Auxiliary elsif res.code == 500 case res.body when /(.*)<\/faultstring>/i - faultcode = "#{$1}" + faultcode = $1.strip fault = true end end rescue ::Rex::ConnectionError - print_error("[SAP] Unable to attempt authentication") - return :abort + print_error("#{rhost}:#{rport} [SAP] Unable to connect") + return end if success - print_good("[SAP] Startup Profile Extracted: #{name} from #{rhost}:#{rport}") - - if datastore['LFILE'] != '' - outputfile = datastore['LFILE'] + "_" + datastore['RHOST'] - print_good("Writing local file " + outputfile + " in XML format") - File.open(outputfile,'ab') do |f| - f << res.body - end - else - env.each do |output| - print_status("#{output}") - end - return - end - + print_good("#{rhost}:#{rport} [SAP] Startup Profile Extracted: #{name}") + store_loot("sap.profile", "text/xml", rhost, res.body, "sap_profile.xml", "SAP Profile XML") elsif fault print_error("[SAP] Errorcode: #{faultcode}") return