Handle cisco devices better with ssh logins

2012-05-31 14:44:26 -05:00 · 2012-05-31 14:44:26 -05:00 · 2ad17299e2
parent e93a6ddf83
commit 2ad17299e2
2 changed files with 43 additions and 7 deletions
--- a/modules/auxiliary/scanner/ssh/ssh_login.rb
+++ b/modules/auxiliary/scanner/ssh/ssh_login.rb
@ -92,9 +92,16 @@ class Metasploit3 < Msf::Auxiliary
 			proof = ''
 			begin
 				Timeout.timeout(5) do
-					proof = self.ssh_socket.exec!("id\nuname -a").to_s
-					if(proof !~ /id=/)
-						proof << self.ssh_socket.exec!("help\n?\n\n\n").to_s
+					proof = self.ssh_socket.exec!("id\n").to_s
+					if(proof =~ /id=/)
+						proof << self.ssh_socket.exec!("uname -a\n").to_s
+					else
+						# Cisco IOS
+						if proof =~ /Unknown command or computer name/
+							proof = self.ssh_socket.exec!("ver\n").to_s
+						else
+							proof << self.ssh_socket.exec!("help\n?\n\n\n").to_s
+						end
 					end
 				end
 			rescue ::Exception
@ -129,6 +136,8 @@ class Metasploit3 < Msf::Auxiliary
 				s.platform = "aix"
 			when /Win32|Windows/
 				s.platform = "windows"
+			when /Unknown command or computer name/
+				s.platform = "cisco-ios"
 			end
 			return [:success, proof]
 		else
--- a/modules/auxiliary/scanner/ssh/ssh_login_pubkey.rb
+++ b/modules/auxiliary/scanner/ssh/ssh_login_pubkey.rb
@ -211,9 +211,16 @@ class Metasploit3 < Msf::Auxiliary
 			proof = ''
 			begin
 				Timeout.timeout(5) do
-					proof = self.ssh_socket.exec!("id\nuname -a").to_s
-					if(proof !~ /id=/)
-						proof << self.ssh_socket.exec!("help\n?\n\n\n").to_s
+					proof = self.ssh_socket.exec!("id\n").to_s
+					if(proof =~ /id=/)
+						proof << self.ssh_socket.exec!("uname -a\n").to_s
+					else
+						# Cisco IOS
+						if proof =~ /Unknown command or computer name/
+							proof = self.ssh_socket.exec!("ver\n").to_s
+						else
+							proof << self.ssh_socket.exec!("help\n?\n\n\n").to_s
+						end
 					end
 				end
 			rescue ::Exception
@ -239,7 +246,27 @@ class Metasploit3 < Msf::Auxiliary
 					)
 			end

-			start_session(self, "SSH #{user}:#{self.good_key} (#{ip}:#{port})", merge_me, false, conn.lsock)
+			s = start_session(self, "SSH #{user}:#{self.good_key} (#{ip}:#{port})", merge_me, false, conn.lsock)
+			
+			# Set the session platform
+			case proof
+			when /Linux/
+				s.platform = "linux"
+			when /Darwin/
+				s.platform = "osx"
+			when /SunOS/
+				s.platform = "solaris"
+			when /BSD/
+				s.platform = "bsd"
+			when /HP-UX/
+				s.platform = "hpux"
+			when /AIX/
+				s.platform = "aix"
+			when /Win32|Windows/
+				s.platform = "windows"
+			when /Unknown command or computer name/
+				s.platform = "cisco-ios"
+			end

 			return [:success, proof]
 		else