diff --git a/lib/msf/core/auxiliary/auth_brute.rb b/lib/msf/core/auxiliary/auth_brute.rb index 6fd2150b0d..3dff745b3e 100644 --- a/lib/msf/core/auxiliary/auth_brute.rb +++ b/lib/msf/core/auxiliary/auth_brute.rb @@ -12,6 +12,8 @@ def initialize(info = {}) super register_options([ + OptString.new('USERNAME', [ false, 'A specific username to authenticate as' ]), + OptString.new('PASSWORD', [ false, 'A specific password to authenticate with' ]), OptPath.new('USER_FILE', [ false, "File containing usernames, one per line" ]), OptPath.new('PASS_FILE', [ false, "File containing passwords, one per line" ]), OptPath.new('USERPASS_FILE', [ false, "File containing users and passwords separated by space, one pair per line" ]), @@ -37,11 +39,25 @@ def each_user_pass(&block) credentials = extract_word_pair(datastore['USERPASS_FILE']) users = extract_words(datastore['USER_FILE']) passwords = extract_words(datastore['PASS_FILE']) + + if datastore['USERNAME'] + users << datastore['USERNAME'] + end + + if datastore['PASSWORD'] + passwords << datastore['PASSWORD'] + end + if datastore['BLANK_PASSWORDS'] credentials = gen_blank_passwords(users,credentials) + credentials end credentials.concat(combine_users_and_passwords(users,passwords)) credentials = just_uniq_passwords(credentials) if @strip_usernames + + if datastore['USERNAME'] + credentials.unshift( [datastore['USERNAME'], datastore['PASSWORD'].to_s] ) + end + credentials.each do |u,p| fq_user = "%s:%s:%s" % [datastore['RHOST'], datastore['RPORT'], u] userpass_sleep_interval unless @@credentials_tried.empty? diff --git a/modules/auxiliary/scanner/http/http_login.rb b/modules/auxiliary/scanner/http/http_login.rb index fdd4572efa..404a1aa350 100644 --- a/modules/auxiliary/scanner/http/http_login.rb +++ b/modules/auxiliary/scanner/http/http_login.rb @@ -37,8 +37,6 @@ class Metasploit3 < Msf::Auxiliary register_options( [ Opt::RPORT(80), - OptString.new('USERNAME', [ false, 'The username to authenticate as' ]), - OptString.new('PASSWORD', [ false, 'The password for the specified username' ]), OptPath.new('USERPASS_FILE', [ false, "File containing users and passwords separated by space, one pair per line", File.join(Msf::Config.install_root, "data", "wordlists", "http_default_userpass.txt") ]), OptPath.new('USER_FILE', [ false, "File containing users, one pair per line", diff --git a/modules/auxiliary/scanner/http/tomcat_mgr_login.rb b/modules/auxiliary/scanner/http/tomcat_mgr_login.rb index 9b2d6b0fb4..bb2bee34ac 100644 --- a/modules/auxiliary/scanner/http/tomcat_mgr_login.rb +++ b/modules/auxiliary/scanner/http/tomcat_mgr_login.rb @@ -45,9 +45,6 @@ class Metasploit3 < Msf::Auxiliary register_options( [ Opt::RPORT(8080), - OptBool.new('VERBOSE', [ true, 'Verbose output', false]), - OptString.new('USERNAME', [ false, 'The username to authenticate as' ]), - OptString.new('PASSWORD', [ false, 'The password for the specified username' ]), OptPath.new('USERPASS_FILE', [ false, "File containing users and passwords separated by space, one pair per line", File.join(Msf::Config.install_root, "data", "wordlists", "tomcat_mgr_default_userpass.txt") ]), OptPath.new('USER_FILE', [ false, "File containing users, one pair per line", @@ -98,8 +95,8 @@ class Metasploit3 < Msf::Auxiliary return :abort if (res.code == 404) srvhdr = res.headers['Server'] if res.code == 200 - # Could go with res.headers["Server"] =~ /Apache-Coyote/i - # as well but that seems like an element someone's more + # Could go with res.headers["Server"] =~ /Apache-Coyote/i + # as well but that seems like an element someone's more # likely to change success = true if(res.body.scan(/Tomcat/i).size >= 5) success @@ -127,3 +124,4 @@ class Metasploit3 < Msf::Auxiliary end end end + diff --git a/modules/auxiliary/scanner/ssh/ssh_login.rb b/modules/auxiliary/scanner/ssh/ssh_login.rb index 858962cce1..fb10377e30 100644 --- a/modules/auxiliary/scanner/ssh/ssh_login.rb +++ b/modules/auxiliary/scanner/ssh/ssh_login.rb @@ -39,8 +39,6 @@ class Metasploit3 < Msf::Auxiliary register_options( [ - OptString.new('USERNAME', [ false, 'The username to authenticate as' ]), - OptString.new('PASSWORD', [ false, 'The password for the specified username' ]), Opt::RPORT(22) ], self.class )