github/metasploit-framework
1
Fork 0
mirror of https://github.com/rapid7/metasploit-framework synced 2024-10-09 04:26:11 +02:00
Code Releases Activity

Update deprecated report_auth_info method call in various modules in data/exploits/psnuffle/

Browse Source
This commit is contained in:
errorxyz 2023-09-25 02:51:08 +05:30
parent 9f10f9402c
commit f5d5541e73
4 changed files with 175 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
data/exploits/psnuffle/ftp.rb
View File

@ -40,7 +40,15 @@ class SnifferFTP < BaseProtocolParser
when :login_fail
if(s[:user] and s[:pass])
report_auth_info(s.merge({:active => false}))
report_cred(
:ip => s[:host],
:port => 21,
:service_name => s[:sname],
:user => s[:user],
:password => s[:pass],
:proof => "Response code 5 from server",
:status => Metasploit::Model::Login::Status::INCORRECT
)
print_status("Failed FTP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]}")
s[:pass] = ""
@ -49,7 +57,15 @@ class SnifferFTP < BaseProtocolParser
when :login_pass
if(s[:user] and s[:pass])
report_auth_info(s)
report_cred(
:ip => s[:host],
:port => 21,
:service_name => s[:sname],
:user => s[:user],
:password => s[:pass],
:proof => "Response code 230 from server",
:status => Metasploit::Model::Login::Status::SUCCESSFUL
)
print_status("Successful FTP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]}")
# Remove it form the session objects so freeup memory
sessions.delete(s[:session])
@ -74,5 +90,31 @@ class SnifferFTP < BaseProtocolParser
end # end of each_key
end # end of parse
def report_cred(opts)
service_data = {
address: opts[:ip],
port: opts[:port],
service_name: opts[:service_name],
protocol: 'tcp',
workspace_id: myworkspace_id
}
credential_data = {
origin_type: :service,
module_fullname: fullname,
username: opts[:user],
private_data: opts[:password],
private_type: :password
}.merge(service_data)
login_data = {
core: create_credential(credential_data),
status: opts[:status],
proof: opts[:proof]
}.merge(service_data)
create_credential_login(login_data)
end
end

56
data/exploits/psnuffle/imap.rb
View File

@ -44,7 +44,15 @@ class SnifferIMAP < BaseProtocolParser
when :login_pass
report_auth_info(s)
report_cred(
:ip => s[:host],
:port => 143,
:service_name => s[:sname],
:user => s[:user],
:password => s[:pass],
:proof => "Capability OK reponse from server",
:status => Metasploit::Model::Login::Status::SUCCESSFUL
)
print_status("Successful IMAP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
# Remove it form the session objects so freeup
@ -52,14 +60,30 @@ class SnifferIMAP < BaseProtocolParser
when :login_fail
report_auth_info(s.merge({:active => false}))
report_cred(
:ip => s[:host],
:port => 143,
:service_name => s[:sname],
:user => s[:user],
:password => s[:pass],
:proof => "Capability NO response from server",
:status => Metasploit::Model::Login::Status::INCORRECT
)
print_status("Failed IMAP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
# Remove it form the session objects so freeup
sessions.delete(s[:session])
when :login_bad
report_auth_info(s.merge({:active => false}))
report_cred(
:ip => s[:host],
:port => 143,
:service_name => s[:sname],
:user => s[:user],
:password => s[:pass],
:proof => "Capability BAD response from server",
:status => Metasploit::Model::Login::Status::INCORRECT
)
print_status("Bad IMAP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
# Remove it form the session objects so freeup
@ -76,5 +100,31 @@ class SnifferIMAP < BaseProtocolParser
end # end case matched
end # end of each_key
end # end of parse
def report_cred(opts)
service_data = {
address: opts[:ip],
port: opts[:port],
service_name: opts[:service_name],
protocol: 'tcp',
workspace_id: myworkspace_id
}
credential_data = {
origin_type: :service,
module_fullname: fullname,
username: opts[:user],
private_data: opts[:password],
private_type: :password
}.merge(service_data)
login_data = {
core: create_credential(credential_data),
status: opts[:status],
proof: opts[:proof]
}.merge(service_data)
create_credential_login(login_data)
end
end

46
data/exploits/psnuffle/pop3.rb
View File

@ -52,7 +52,15 @@ class SnifferPOP3 < BaseProtocolParser
s[:proto] = "tcp"
s[:name] = "pop3"
s[:extra] = "Successful Login. Banner: #{s[:banner]}"
report_auth_info(s)
report_cred(
:ip => s[:host],
:port => 110,
:service_name => s[:sname],
:user => s[:user],
:password => s[:pass],
:proof => "OK response after PASS response from server",
:status => Metasploit::Model::Login::Status::SUCCESSFUL
)
print_status("Successful POP3 Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
# Remove it form the session objects so freeup
@ -72,7 +80,15 @@ class SnifferPOP3 < BaseProtocolParser
s[:proto]="pop3"
s[:extra]="Failed Login. Banner: #{s[:banner]}"
report_auth_info(s)
report_cred(
:ip => s[:host],
:port => 110,
:service_name => s[:sname],
:user => s[:user],
:password => s[:pass],
:proof => "ERR response after PASS response from server",
:status => Metasploit::Model::Login::Status::INCORRECT
)
print_status("Invalid POP3 Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
s[:pass]=""
end
@ -84,5 +100,31 @@ class SnifferPOP3 < BaseProtocolParser
end # end case matched
end # end of each_key
end # end of parse
def report_cred(opts)
service_data = {
address: opts[:ip],
port: opts[:port],
service_name: opts[:service_name],
protocol: 'tcp',
workspace_id: myworkspace_id
}
credential_data = {
origin_type: :service,
module_fullname: fullname,
username: opts[:user],
private_data: opts[:password],
private_type: :password
}.merge(service_data)
login_data = {
core: create_credential(credential_data),
status: opts[:status],
proof: opts[:proof]
}.merge(service_data)
create_credential_login(login_data)
end
end

35
data/exploits/psnuffle/url.rb
View File

@ -44,7 +44,14 @@ class SnifferURL < BaseProtocolParser
end
if s[:basic_auth]
s[:user], s[:pass] = Rex::Text.decode_base64(s[:basic_auth]).split(':', 2)
report_auth_info s
report_cred(
:ip => s[:host],
:port => 80,
:service_name => s[:sname],
:user => s[:user],
:password => s[:pass],
:proof => "Session: #{s[:session]} Basic Auth: #{s[:basic_auth]}",
)
print_status "HTTP Basic Authentication: #{s[:session]} >> #{s[:user]} / #{s[:pass]}"
end
when nil
@ -52,4 +59,30 @@ class SnifferURL < BaseProtocolParser
end # end case matched
end # end of each_key
end # end of parse
def report_cred(opts)
service_data = {
address: opts[:ip],
port: opts[:port],
service_name: opts[:service_name],
protocol: 'tcp',
workspace_id: myworkspace_id
}
credential_data = {
origin_type: :service,
module_fullname: fullname,
username: opts[:user],
private_data: opts[:password],
private_type: :password
}.merge(service_data)
login_data = {
core: create_credential(credential_data),
status: Metasploit::Model::Login::Status::UNTRIED,
proof: opts[:proof]
}.merge(service_data)
create_credential_login(login_data)
end
end # end of URL sniffer