Use metasploit-credential API instead of report_auth_info
This commit is contained in:
parent
6a9c934c54
commit
4561850055
|
@ -71,6 +71,32 @@ class Metasploit3 < Msf::Auxiliary
|
|||
return nil
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :password
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def run
|
||||
|
||||
print_status("#{peer} - Trying to find the service desk service strong name...")
|
||||
|
@ -232,15 +258,15 @@ class Metasploit3 < Msf::Auxiliary
|
|||
login_url = ssl ? "https://" : "http://"
|
||||
login_url << "#{rhost}:#{rport}/servicedesk/ServiceDesk.jsp"
|
||||
|
||||
report_auth_info({
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:user => datastore["USERNAME"],
|
||||
:pass => datastore["PASSWORD"],
|
||||
:type => "password",
|
||||
:sname => (ssl ? "https" : "http"),
|
||||
:proof => "#{login_url}\n#{res.body}"
|
||||
})
|
||||
report_cred(
|
||||
ip: rhost,
|
||||
port: rport,
|
||||
service_name: (ssl ? "https" : "http"),
|
||||
user: datastore['USERNAME'],
|
||||
password: datastore['PASSWORD'],
|
||||
proof: "#{login_url}\n#{res.body}"
|
||||
)
|
||||
|
||||
print_good("#{peer} - Account #{datastore["USERNAME"]}/#{datastore["PASSWORD"]} created successfully.")
|
||||
print_status("#{peer} - Use it to log into #{login_url}")
|
||||
end
|
||||
|
|
|
@ -33,6 +33,35 @@ class Metasploit3 < Msf::Auxiliary
|
|||
)
|
||||
end
|
||||
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :password
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
last_attempted_at: DateTime.now,
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
|
||||
def run
|
||||
|
||||
vprint_status("#{rhost}:#{rport} - Trying to access the configuration of the device")
|
||||
|
@ -72,14 +101,14 @@ class Metasploit3 < Msf::Auxiliary
|
|||
vprint_good("user: #{@user}")
|
||||
vprint_good("pass: #{pass}")
|
||||
|
||||
report_auth_info(
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:sname => 'http',
|
||||
:user => @user,
|
||||
:pass => pass,
|
||||
:active => true
|
||||
)
|
||||
report_cred(
|
||||
ip: rhost,
|
||||
port: rport,
|
||||
service_name: 'http',
|
||||
user: @user,
|
||||
password: pass,
|
||||
proof: line
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -32,6 +32,33 @@ class Metasploit3 < Msf::Auxiliary
|
|||
)
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :password
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
last_attempted_at: DateTime.now,
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def run
|
||||
vprint_status("#{rhost}:#{rport} - Trying to access the configuration of the device")
|
||||
|
||||
|
@ -69,13 +96,13 @@ class Metasploit3 < Msf::Auxiliary
|
|||
pass = $1
|
||||
pass = Rex::Text.decode_base64(pass)
|
||||
print_good("#{rhost}:#{rport} - Credentials found: #{user} / #{pass}")
|
||||
report_auth_info(
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:sname => 'http',
|
||||
:user => user,
|
||||
:pass => pass,
|
||||
:active => true
|
||||
report_cred(
|
||||
ip: rhost,
|
||||
port: rport,
|
||||
sname: 'http',
|
||||
user: user,
|
||||
password: pass,
|
||||
proof: line
|
||||
)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -47,6 +47,32 @@ class Metasploit4 < Msf::Auxiliary
|
|||
], self.class)
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :password
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
last_attempted_at: DateTime.now,
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def run
|
||||
user = datastore['USERNAME']
|
||||
pass = datastore['PASSWORD']
|
||||
|
@ -57,14 +83,13 @@ class Metasploit4 < Msf::Auxiliary
|
|||
print_status("Authenticating as: " << user)
|
||||
begin
|
||||
nsc.login
|
||||
report_auth_info(
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:sname => prot,
|
||||
:user => user,
|
||||
:pass => pass,
|
||||
:proof => '',
|
||||
:active => true
|
||||
|
||||
report_cred(
|
||||
ip: rhost,
|
||||
port: rport,
|
||||
service_name: prot,
|
||||
user: user,
|
||||
password: pass
|
||||
)
|
||||
|
||||
rescue
|
||||
|
|
|
@ -49,6 +49,33 @@ class Metasploit3 < Msf::Auxiliary
|
|||
datastore["PASSWORD"]
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :password
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
|
||||
def run
|
||||
|
||||
if user == pass
|
||||
|
@ -84,14 +111,13 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
if res and res.code == 200 and res.body =~ /Administrator account created/
|
||||
print_good("#{peer} - Admin account with credentials #{user}:#{pass} successfully created")
|
||||
report_auth_info(
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:sname => 'http',
|
||||
:user => user,
|
||||
:pass => pass,
|
||||
:active => true,
|
||||
:proof => res.body
|
||||
report_cred(
|
||||
ip: rhost,
|
||||
port: rport,
|
||||
service_name: 'http',
|
||||
user: user,
|
||||
password: pass,
|
||||
proof: res.body
|
||||
)
|
||||
else
|
||||
print_error("#{peer} - Admin account creation failed")
|
||||
|
|
|
@ -62,6 +62,33 @@ class Metasploit3 < Msf::Auxiliary
|
|||
table_prefix
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :password
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
last_attempted_at: DateTime.now,
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def run
|
||||
username = Rex::Text.rand_text_alpha(10)
|
||||
password = Rex::Text.rand_text_alpha(20)
|
||||
|
@ -98,14 +125,14 @@ class Metasploit3 < Msf::Auxiliary
|
|||
# login successfull
|
||||
if cookie
|
||||
print_status("#{peer} - User #{username} with password #{password} successfully created")
|
||||
report_auth_info(
|
||||
sname: 'WordPress',
|
||||
host: rhost,
|
||||
report_cred(
|
||||
ip: rhost,
|
||||
port: rport,
|
||||
user: username,
|
||||
pass: password,
|
||||
active: true
|
||||
)
|
||||
password: password,
|
||||
service_name: 'WordPress',
|
||||
proof: cookie
|
||||
)
|
||||
else
|
||||
print_error("#{peer} - User creation failed")
|
||||
return
|
||||
|
|
|
@ -7,8 +7,8 @@ require 'msf/core'
|
|||
|
||||
class Metasploit3 < Msf::Auxiliary
|
||||
|
||||
include Msf::Exploit::Remote::HttpClient
|
||||
include Msf::Auxiliary::Report
|
||||
include Msf::Exploit::Remote::HttpClient
|
||||
|
||||
def initialize
|
||||
super(
|
||||
|
@ -33,6 +33,32 @@ class Metasploit3 < Msf::Auxiliary
|
|||
)
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :password
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def run
|
||||
begin
|
||||
print_status("Trying to get 'admin' user password ...")
|
||||
|
@ -62,13 +88,14 @@ class Metasploit3 < Msf::Auxiliary
|
|||
else
|
||||
admin_password = admin_password_matches[1];
|
||||
print_good("Password for user 'admin' is: #{admin_password}")
|
||||
report_auth_info(
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:sname => "ZyXEL GS1510-16",
|
||||
:user => 'admin',
|
||||
:pass => admin_password,
|
||||
:active => true
|
||||
|
||||
report_cred(
|
||||
ip: rhost,
|
||||
port: rport,
|
||||
service_name: 'ZyXEL GS1510-16',
|
||||
user: 'admin',
|
||||
password: admin_password,
|
||||
proof: res.body
|
||||
)
|
||||
end
|
||||
rescue ::Rex::ConnectionError
|
||||
|
|
|
@ -88,6 +88,32 @@ class Metasploit3 < Msf::Auxiliary
|
|||
parse_configuration(config[:data])
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :password
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def little_endian?
|
||||
|
@ -200,16 +226,14 @@ class Metasploit3 < Msf::Auxiliary
|
|||
@credentials.each do |k,v|
|
||||
next unless v[:user] and v[:password]
|
||||
print_status("#{peer} - #{k}: User: #{v[:user]} Pass: #{v[:password]}")
|
||||
auth = {
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:user => v[:user],
|
||||
:pass => v[:password],
|
||||
:type => 'password',
|
||||
:source_type => "exploit",
|
||||
:active => true
|
||||
}
|
||||
report_auth_info(auth)
|
||||
report_cred(
|
||||
ip: rhost,
|
||||
port: rport,
|
||||
user: v[:user],
|
||||
password: v[:password],
|
||||
service_name: 'sercomm',
|
||||
proof: v.inspect
|
||||
)
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -36,6 +36,32 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :nonreplayable_hash
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
last_attempted_at: Time.now,
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::SUCCESSFUL
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def run
|
||||
return if not check_dependencies
|
||||
|
||||
|
@ -56,13 +82,12 @@ class Metasploit3 < Msf::Auxiliary
|
|||
break
|
||||
end
|
||||
else
|
||||
report_auth_info(
|
||||
:host => "#{datastore['RHOST']}",
|
||||
:port => "#{datastore['RPORT']}",
|
||||
:sname => 'oracle',
|
||||
:user => "#{datastore['SID']}/#{datastore['DBUSER']}",
|
||||
:pass => "#{datastore['DBPASS']}",
|
||||
:active => true
|
||||
report_cred(
|
||||
ip: datastore['RHOST'],
|
||||
port: datastore['RPORT'],
|
||||
service_name: 'oracle',
|
||||
user: "#{datastore['SID']}/#{datastore['DBUSER']}",
|
||||
password: datastore['DBPASS']
|
||||
)
|
||||
print_status("Found user/pass of: #{datastore['DBUSER']}/#{datastore['DBPASS']} on #{datastore['RHOST']} with sid #{datastore['SID']}")
|
||||
end
|
||||
|
|
|
@ -79,7 +79,6 @@ class Metasploit3 < Msf::Auxiliary
|
|||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
last_attempted_at: DateTime.now,
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
}.merge(service_data)
|
||||
|
|
|
@ -66,6 +66,33 @@ class Metasploit3 < Msf::Auxiliary
|
|||
end
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :nonreplayable_hash
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
last_attempted_at: Time.now,
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def do_login(user='nxadmin', pass='nxadmin')
|
||||
vprint_status("Trying username:'#{user}' with password:'#{pass}'")
|
||||
headers = {
|
||||
|
@ -100,16 +127,14 @@ class Metasploit3 < Msf::Auxiliary
|
|||
if res.body =~ /LoginResponse.*success="1"/
|
||||
print_good("SUCCESSFUL LOGIN. '#{user}' : '#{pass}'")
|
||||
|
||||
report_hash = {
|
||||
:host => datastore['RHOST'],
|
||||
:port => datastore['RPORT'],
|
||||
:sname => 'nexpose',
|
||||
:user => user,
|
||||
:pass => pass,
|
||||
:active => true,
|
||||
:type => 'password'}
|
||||
|
||||
report_auth_info(report_hash)
|
||||
report_cred(
|
||||
ip: datastore['RHOST'],
|
||||
port: datastore['RPORT'],
|
||||
service_name: 'nexpose',
|
||||
user: user,
|
||||
password: pass,
|
||||
proof: res.code.to_s
|
||||
)
|
||||
return :next_user
|
||||
end
|
||||
end
|
||||
|
|
|
@ -101,22 +101,46 @@ class Metasploit3 < Msf::Auxiliary
|
|||
if res.code == 303
|
||||
print_good("#{msg} SUCCESSFUL LOGIN. '#{user}' : '#{pass}'")
|
||||
|
||||
report_hash = {
|
||||
:host => datastore['RHOST'],
|
||||
:port => datastore['RPORT'],
|
||||
:sname => 'openvas-gsa',
|
||||
:user => user,
|
||||
:pass => pass,
|
||||
:active => true,
|
||||
:type => 'password'}
|
||||
|
||||
report_auth_info(report_hash)
|
||||
report_cred(
|
||||
ip: datastore['RHOST'],
|
||||
port: datastore['RPORT'],
|
||||
service_name: 'openvas-gsa',
|
||||
user: user,
|
||||
password: pass,
|
||||
proof: res.code.to_s
|
||||
)
|
||||
return :next_user
|
||||
end
|
||||
vprint_error("#{msg} FAILED LOGIN. '#{user}' : '#{pass}'")
|
||||
return :skip_pass
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :nonreplayable_hash
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def msg
|
||||
"#{vhost}:#{rport} OpenVAS gsad -"
|
||||
end
|
||||
|
|
|
@ -60,6 +60,33 @@ class Metasploit3 < Msf::Auxiliary
|
|||
end
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :nonreplayable_hash
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
last_attempted_at: Time.now,
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def do_login(user=nil,pass=nil)
|
||||
begin
|
||||
vprint_status("#{msg} Trying user:'#{user}' with password:'#{pass}'")
|
||||
|
@ -67,14 +94,13 @@ class Metasploit3 < Msf::Auxiliary
|
|||
omp_send(cmd,true) # send hello
|
||||
if @result =~ /<authenticate_response.*status="200"/is
|
||||
print_good("#{msg} SUCCESSFUL login for '#{user}' : '#{pass}'")
|
||||
report_auth_info(
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:sname => 'openvas-omp',
|
||||
:user => user,
|
||||
:pass => pass,
|
||||
:source_type => "user_supplied",
|
||||
:active => true
|
||||
report_cred(
|
||||
ip: rhost,
|
||||
port: rport,
|
||||
service_name: 'openvas-omp',
|
||||
user: user,
|
||||
password: pass,
|
||||
proof: @result
|
||||
)
|
||||
disconnect
|
||||
@connected = false
|
||||
|
|
|
@ -61,6 +61,33 @@ class Metasploit3 < Msf::Auxiliary
|
|||
end
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :nonreplayable_hash
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
last_attempted_at: Time.now,
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::SUCCESSFUL,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def do_login(user=nil,pass=nil)
|
||||
begin
|
||||
otp_send("< OTP/1.0 >\n",true) # send hello
|
||||
|
@ -81,14 +108,13 @@ class Metasploit3 < Msf::Auxiliary
|
|||
otp_send("#{pass}\n",!@connected)
|
||||
if @result =~ /SERVER <|>.*<|> SERVER/is
|
||||
print_good("#{msg} SUCCESSFUL login for '#{user}' : '#{pass}'")
|
||||
report_auth_info(
|
||||
:host => rhost,
|
||||
:port => rport,
|
||||
:sname => 'openvas-otp',
|
||||
:user => user,
|
||||
:pass => pass,
|
||||
:source_type => "user_supplied",
|
||||
:active => true
|
||||
report_cred(
|
||||
ip: rhost,
|
||||
port: rport,
|
||||
service_name: 'openvas-otp',
|
||||
user: user,
|
||||
password: pass,
|
||||
proof: @result
|
||||
)
|
||||
disconnect
|
||||
@connected = false
|
||||
|
|
|
@ -114,19 +114,45 @@ class Metasploit3 < Msf::Auxiliary
|
|||
next if not res
|
||||
|
||||
print_good "#{rhost}:#{rport} - KOYO - Found passcode: #{passcode}"
|
||||
report_auth_info(
|
||||
:host => rhost,
|
||||
:port => rport.to_i,
|
||||
:proto => 'udp',
|
||||
:user => '',
|
||||
:pass => passcode, # NOTE: Human readable
|
||||
:active => true
|
||||
report_cred(
|
||||
ip: rhost,
|
||||
port: rport.to_i,
|
||||
service_name: 'koyo',
|
||||
user: '',
|
||||
password: passcode,
|
||||
proof: res
|
||||
)
|
||||
break
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'udp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :nonreplayable_hash
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def crc16(buf, crc=0)
|
||||
buf.each_byte{|x| crc = ((crc << 8) ^ @@CCITT_16[( crc >> 8) ^ x]) & 0xffff }
|
||||
[crc].pack("v")
|
||||
|
|
|
@ -216,14 +216,13 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
if @state[c][:user] and @state[c][:pass]
|
||||
print_status("DRDA LOGIN #{@state[c][:name]} Database: #{@state[c][:database]}; #{@state[c][:user]} / #{@state[c][:pass]}")
|
||||
report_auth_info(
|
||||
:host => @state[c][:ip],
|
||||
:port => datastore['SRVPORT'],
|
||||
:sname => 'db2_client',
|
||||
:user => @state[c][:user],
|
||||
:pass => @state[c][:pass],
|
||||
:source_type => "captured",
|
||||
:active => true
|
||||
report_cred(
|
||||
ip: @state[c][:ip],
|
||||
port: datastore['SRVPORT'],
|
||||
service_name: 'db2_client',
|
||||
user: @state[c][:user],
|
||||
password: @state[c][:pass],
|
||||
proof: @state.inspect
|
||||
)
|
||||
|
||||
params = []
|
||||
|
@ -238,6 +237,32 @@ class Metasploit3 < Msf::Auxiliary
|
|||
end
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :nonreplayable_hash
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def on_client_close(c)
|
||||
@state.delete(c)
|
||||
end
|
||||
|
|
|
@ -51,6 +51,32 @@ class Metasploit3 < Msf::Auxiliary
|
|||
c.put "220 FTP Server Ready\r\n"
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :nonreplayable_hash
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def on_client_data(c)
|
||||
data = c.get_once
|
||||
return if not data
|
||||
|
@ -71,14 +97,13 @@ class Metasploit3 < Msf::Auxiliary
|
|||
if(cmd.upcase == "PASS")
|
||||
@state[c][:pass] = arg
|
||||
|
||||
report_auth_info(
|
||||
:host => @state[c][:ip],
|
||||
:port => datastore['SRVPORT'],
|
||||
:sname => 'ftp',
|
||||
:user => @state[c][:user],
|
||||
:pass => @state[c][:pass],
|
||||
:source_type => "captured",
|
||||
:active => true
|
||||
report_cred(
|
||||
ip: @state[c][:ip],
|
||||
port: datastore['SRVPORT'],
|
||||
service_name: 'ftp',
|
||||
user: @state[c][:user],
|
||||
password: @state[c][:pass],
|
||||
proof: arg
|
||||
)
|
||||
|
||||
print_status("FTP LOGIN #{@state[c][:name]} #{@state[c][:user]} / #{@state[c][:pass]}")
|
||||
|
|
|
@ -58,19 +58,44 @@ class Metasploit3 < Msf::Auxiliary
|
|||
exploit
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :nonreplayable_hash
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def on_request_uri(cli, req)
|
||||
if(req['Authorization'] and req['Authorization'] =~ /basic/i)
|
||||
basic,auth = req['Authorization'].split(/\s+/)
|
||||
user,pass = Rex::Text.decode_base64(auth).split(':', 2)
|
||||
|
||||
report_auth_info(
|
||||
:host => cli.peerhost,
|
||||
:port => datastore['SRVPORT'],
|
||||
:sname => 'HTTP',
|
||||
:user => user,
|
||||
:pass => pass,
|
||||
:source_type => "captured",
|
||||
:active => true
|
||||
report_cred(
|
||||
ip: cli.peerhost,
|
||||
port: datastore['SRVPORT'],
|
||||
service_name: 'HTTP',
|
||||
user: user,
|
||||
password: pass,
|
||||
proof: req['Authorization']
|
||||
)
|
||||
|
||||
print_good("#{cli.peerhost} - Credential collected: \"#{user}:#{pass}\" => #{req.resource}")
|
||||
|
|
|
@ -56,6 +56,32 @@ class Metasploit3 < Msf::Auxiliary
|
|||
c.put "+OK\r\n"
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :nonreplayable_hash
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def on_client_data(c)
|
||||
data = c.get_once
|
||||
return if not data
|
||||
|
@ -71,14 +97,13 @@ class Metasploit3 < Msf::Auxiliary
|
|||
if(cmd.upcase == "PASS")
|
||||
@state[c][:pass] = arg
|
||||
|
||||
report_auth_info(
|
||||
:host => @state[c][:ip],
|
||||
:port => @myport,
|
||||
:sname => 'pop3',
|
||||
:user => @state[c][:user],
|
||||
:pass => @state[c][:pass],
|
||||
:source_type => "captured",
|
||||
:active => true
|
||||
report_cred(
|
||||
ip: @state[c][:ip],
|
||||
port: @myport,
|
||||
service_name: 'pop3',
|
||||
user: @state[c][:user],
|
||||
password: @state[c][:pass],
|
||||
proof: arg
|
||||
)
|
||||
print_status("POP3 LOGIN #{@state[c][:name]} #{@state[c][:user]} / #{@state[c][:pass]}")
|
||||
@state[c][:pass] = data.strip
|
||||
|
|
|
@ -42,6 +42,32 @@ class Metasploit3 < Msf::Auxiliary
|
|||
exploit()
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :nonreplayable_hash
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def on_client_connect(c)
|
||||
@state[c] = {
|
||||
:name => "#{c.peerhost}:#{c.peerport}",
|
||||
|
@ -74,16 +100,13 @@ class Metasploit3 < Msf::Auxiliary
|
|||
# Password message
|
||||
data.slice!(0, 5).unpack("N")[0] # skip over length
|
||||
@state[c][:password] = data.slice!(0, data.index("\x00") + 1).unpack("Z*")[0]
|
||||
report_auth_info(
|
||||
:host => c.peerhost,
|
||||
:port => datastore['SRVPORT'],
|
||||
:sname => 'psql_client',
|
||||
:user => @state[c][:username],
|
||||
:pass => @state[c][:password],
|
||||
:type => "PostgreSQL credentials",
|
||||
:proof => @state[c][:database],
|
||||
:source_type => "captured",
|
||||
:active => true
|
||||
report_cred(
|
||||
ip: c.peerhost,
|
||||
port: datastore['SRVPORT'],
|
||||
service_name: 'psql_client',
|
||||
user: @state[c][:username],
|
||||
password: @state[c][:password],
|
||||
proof: @state[c][:database]
|
||||
)
|
||||
print_status("PostgreSQL LOGIN #{@state[c][:name]} #{@state[c][:username]} / #{@state[c][:password]} / #{@state[c][:database]}")
|
||||
# send failure message
|
||||
|
|
|
@ -104,6 +104,32 @@ class Metasploit3 < Msf::Auxiliary
|
|||
return addr
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :nonreplayable_hash
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def run
|
||||
begin
|
||||
@port = datastore['SRVPORT'].to_i
|
||||
|
@ -141,16 +167,13 @@ class Metasploit3 < Msf::Auxiliary
|
|||
proof = "client: #{client_ip}; username: #{username}; nonce: #{datastore['NONCE']}; response: #{response}; algorithm: #{algorithm}"
|
||||
print_status("SIP LOGIN: #{proof}")
|
||||
|
||||
report_auth_info(
|
||||
:host => @requestor[:ip],
|
||||
:port => @requestor[:port],
|
||||
:sname => 'sip_client',
|
||||
:user => username,
|
||||
:pass => response + ":" + auth_tokens['nonce'] + ":" + algorithm,
|
||||
:type => "sip_hash",
|
||||
:proof => proof,
|
||||
:source_type => "captured",
|
||||
:active => true
|
||||
report_cred(
|
||||
ip: @requestor[:ip],
|
||||
port: @requestor[:port],
|
||||
service_name: 'sip_client',
|
||||
user: username,
|
||||
password: response + ":" + auth_tokens['nonce'] + ":" + algorithm,
|
||||
proof: proof
|
||||
)
|
||||
|
||||
if datastore['JOHNPWFILE']
|
||||
|
|
|
@ -118,14 +118,13 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
@state[c][:pass] = arg
|
||||
|
||||
report_auth_info(
|
||||
:host => @state[c][:ip],
|
||||
:port => datastore['SRVPORT'],
|
||||
:sname => 'pop3',
|
||||
:user => @state[c][:user],
|
||||
:pass => @state[c][:pass],
|
||||
:source_type => "captured",
|
||||
:active => true
|
||||
report_cred(
|
||||
ip: @state[c][:ip],
|
||||
port: datastore['SRVPORT'],
|
||||
service_name: 'pop3',
|
||||
user: @state[c][:user],
|
||||
password: @state[c][:pass],
|
||||
proof: arg
|
||||
)
|
||||
print_status("SMTP LOGIN #{@state[c][:name]} #{@state[c][:user]} / #{@state[c][:pass]}")
|
||||
end
|
||||
|
@ -135,6 +134,32 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :password
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def on_client_close(c)
|
||||
@state.delete(c)
|
||||
end
|
||||
|
|
|
@ -61,6 +61,32 @@ class Metasploit3 < Msf::Auxiliary
|
|||
c.put "RFB 003.007\n"
|
||||
end
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :nonreplayable_hash
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
|
||||
def on_client_data(c)
|
||||
data = c.get_once
|
||||
return if not data
|
||||
|
@ -91,16 +117,13 @@ class Metasploit3 < Msf::Auxiliary
|
|||
c.close
|
||||
print_status("#{peer} - Challenge: #{@challenge.unpack('H*')[0]}; Response: #{data.unpack('H*')[0]}")
|
||||
hash_line = "$vnc$*#{@state[c][:chall].unpack("H*")[0]}*#{data.unpack('H*')[0]}"
|
||||
report_auth_info(
|
||||
:host => c.peerhost,
|
||||
:port => datastore['SRVPORT'],
|
||||
:sname => 'vnc_client',
|
||||
:user => "",
|
||||
:pass => hash_line,
|
||||
:type => "vnc_hash",
|
||||
:proof => hash_line,
|
||||
:source_type => "captured",
|
||||
:active => true
|
||||
report_cred(
|
||||
ip: c.peerhost,
|
||||
port: datastore['SRVPORT'],
|
||||
service_name: 'vnc_client',
|
||||
user: '',
|
||||
password: hash_line,
|
||||
proof: hash_line
|
||||
)
|
||||
|
||||
if(datastore['JOHNPWFILE'])
|
||||
|
|
|
@ -9,7 +9,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
FAKE_IP = '192.168.12.123'
|
||||
FAKE_PORT = 80
|
||||
FAKE_USER = 'username'
|
||||
FAKE_USER = 'user'
|
||||
FAKE_PASS = 'password'
|
||||
|
||||
def initialize(info = {})
|
||||
|
@ -123,6 +123,269 @@ class Metasploit3 < Msf::Auxiliary
|
|||
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, user: FAKE_USER, password: FAKE_PASS)
|
||||
end
|
||||
|
||||
def test_hp_imc_som_create_account
|
||||
mod = framework.auxiliary.create('admin/hp/hp_imc_som_create_account')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'https',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_dlink_dir_645_password_extractor
|
||||
mod = framework.auxiliary.create('admin/http/dlink_dir_645_password_extractor')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'http',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_dlink_dsl320b_password_extractor
|
||||
mod = framework.auxiliary.create('admin/http/dlink_dsl320b_password_extractor')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'http',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_nexpose_xxe_file_read
|
||||
mod = framework.auxiliary.create('admin/http/nexpose_xxe_file_read')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'http',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_vbulletin_upgrade_admin
|
||||
mod = framework.auxiliary.create('admin/http/vbulletin_upgrade_admin')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'http',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_wp_custom_contact_forms
|
||||
mod = framework.auxiliary.create('admin/http/wp_custom_contact_forms')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
service_name: 'WordPress',
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_zyxel_admin_password_extractor
|
||||
mod = framework.auxiliary.create('admin/http/zyxel_admin_password_extractor')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'ZyXEL GS1510-16',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_sercomm_dump_config
|
||||
mod = framework.auxiliary.create('admin/misc/sercomm_dump_config')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
service_name: 'sercomm',
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_vnc
|
||||
mod = framework.auxiliary.create('server/capture/vnc')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'vnc_client',
|
||||
user: '',
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_smtp
|
||||
mod = framework.auxiliary.create('server/capture/smtp')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'pop3',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_sip
|
||||
mod = framework.auxiliary.create('server/capture/sip')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'sip_client',
|
||||
user:FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_oracle_login
|
||||
mod = framework.auxiliary.create('admin/oracle/oracle_login')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'oracle',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS
|
||||
)
|
||||
end
|
||||
|
||||
def test_postgresql
|
||||
mod = framework.auxiliary.create('server/capture/postgresql')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'psql_client',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_pop3
|
||||
mod = framework.auxiliary.create('server/capture/pop3')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'pop3',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_http_basic
|
||||
mod = framework.auxiliary.create('server/capture/http_basic')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'HTTP',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_ftp
|
||||
mod = framework.auxiliary.create('server/capture/ftp')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'ftp',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_drda
|
||||
mod = framework.auxiliary.create('server/capture/drda')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'db2_client',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_koyo_login
|
||||
mod = framework.auxiliary.create('scanner/scada/koyo_login')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'koyo',
|
||||
user: '',
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_openvas_otp_login
|
||||
mod = framework.auxiliary.create('scanner/openvas/openvas_otp_login')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'openvas-otp',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_openvas_omp_login
|
||||
mod = framework.auxiliary.create('scanner/openvas/openvas_omp_login')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'openvas-omp',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: @result
|
||||
)
|
||||
end
|
||||
|
||||
def test_openvas_gsad_login
|
||||
mod = framework.auxiliary.create('scanner/openvas/openvas_gsad_login')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'openvas-gsa',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def test_nexpose_api_login
|
||||
mod = framework.auxiliary.create('scanner/nexpose/nexpose_api_login')
|
||||
mod.report_cred(
|
||||
ip: FAKE_IP,
|
||||
port: FAKE_PORT,
|
||||
service_name: 'nexpose',
|
||||
user: FAKE_USER,
|
||||
password: FAKE_PASS,
|
||||
proof: ''
|
||||
)
|
||||
end
|
||||
|
||||
def run
|
||||
self.methods.each do |m|
|
||||
next if m.to_s !~ /^test_.+/
|
||||
|
|
Loading…
Reference in New Issue