mirror of
https://github.com/rapid7/metasploit-framework
synced 2024-10-09 04:26:11 +02:00
Update deprecated report_auth_info method call in various modules in data/exploits/psnuffle/
This commit is contained in:
parent
9f10f9402c
commit
f5d5541e73
@ -40,7 +40,15 @@ class SnifferFTP < BaseProtocolParser
|
||||
|
||||
when :login_fail
|
||||
if(s[:user] and s[:pass])
|
||||
report_auth_info(s.merge({:active => false}))
|
||||
report_cred(
|
||||
:ip => s[:host],
|
||||
:port => 21,
|
||||
:service_name => s[:sname],
|
||||
:user => s[:user],
|
||||
:password => s[:pass],
|
||||
:proof => "Response code 5 from server",
|
||||
:status => Metasploit::Model::Login::Status::INCORRECT
|
||||
)
|
||||
print_status("Failed FTP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]}")
|
||||
|
||||
s[:pass] = ""
|
||||
@ -49,7 +57,15 @@ class SnifferFTP < BaseProtocolParser
|
||||
|
||||
when :login_pass
|
||||
if(s[:user] and s[:pass])
|
||||
report_auth_info(s)
|
||||
report_cred(
|
||||
:ip => s[:host],
|
||||
:port => 21,
|
||||
:service_name => s[:sname],
|
||||
:user => s[:user],
|
||||
:password => s[:pass],
|
||||
:proof => "Response code 230 from server",
|
||||
:status => Metasploit::Model::Login::Status::SUCCESSFUL
|
||||
)
|
||||
print_status("Successful FTP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]}")
|
||||
# Remove it form the session objects so freeup memory
|
||||
sessions.delete(s[:session])
|
||||
@ -74,5 +90,31 @@ class SnifferFTP < BaseProtocolParser
|
||||
|
||||
end # end of each_key
|
||||
end # end of parse
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :password
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: opts[:status],
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -44,7 +44,15 @@ class SnifferIMAP < BaseProtocolParser
|
||||
|
||||
when :login_pass
|
||||
|
||||
report_auth_info(s)
|
||||
report_cred(
|
||||
:ip => s[:host],
|
||||
:port => 143,
|
||||
:service_name => s[:sname],
|
||||
:user => s[:user],
|
||||
:password => s[:pass],
|
||||
:proof => "Capability OK reponse from server",
|
||||
:status => Metasploit::Model::Login::Status::SUCCESSFUL
|
||||
)
|
||||
print_status("Successful IMAP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
|
||||
|
||||
# Remove it form the session objects so freeup
|
||||
@ -52,14 +60,30 @@ class SnifferIMAP < BaseProtocolParser
|
||||
|
||||
when :login_fail
|
||||
|
||||
report_auth_info(s.merge({:active => false}))
|
||||
report_cred(
|
||||
:ip => s[:host],
|
||||
:port => 143,
|
||||
:service_name => s[:sname],
|
||||
:user => s[:user],
|
||||
:password => s[:pass],
|
||||
:proof => "Capability NO response from server",
|
||||
:status => Metasploit::Model::Login::Status::INCORRECT
|
||||
)
|
||||
print_status("Failed IMAP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
|
||||
|
||||
# Remove it form the session objects so freeup
|
||||
sessions.delete(s[:session])
|
||||
|
||||
when :login_bad
|
||||
report_auth_info(s.merge({:active => false}))
|
||||
report_cred(
|
||||
:ip => s[:host],
|
||||
:port => 143,
|
||||
:service_name => s[:sname],
|
||||
:user => s[:user],
|
||||
:password => s[:pass],
|
||||
:proof => "Capability BAD response from server",
|
||||
:status => Metasploit::Model::Login::Status::INCORRECT
|
||||
)
|
||||
print_status("Bad IMAP Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
|
||||
|
||||
# Remove it form the session objects so freeup
|
||||
@ -76,5 +100,31 @@ class SnifferIMAP < BaseProtocolParser
|
||||
end # end case matched
|
||||
end # end of each_key
|
||||
end # end of parse
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :password
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: opts[:status],
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -52,7 +52,15 @@ class SnifferPOP3 < BaseProtocolParser
|
||||
s[:proto] = "tcp"
|
||||
s[:name] = "pop3"
|
||||
s[:extra] = "Successful Login. Banner: #{s[:banner]}"
|
||||
report_auth_info(s)
|
||||
report_cred(
|
||||
:ip => s[:host],
|
||||
:port => 110,
|
||||
:service_name => s[:sname],
|
||||
:user => s[:user],
|
||||
:password => s[:pass],
|
||||
:proof => "OK response after PASS response from server",
|
||||
:status => Metasploit::Model::Login::Status::SUCCESSFUL
|
||||
)
|
||||
print_status("Successful POP3 Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
|
||||
|
||||
# Remove it form the session objects so freeup
|
||||
@ -72,7 +80,15 @@ class SnifferPOP3 < BaseProtocolParser
|
||||
|
||||
s[:proto]="pop3"
|
||||
s[:extra]="Failed Login. Banner: #{s[:banner]}"
|
||||
report_auth_info(s)
|
||||
report_cred(
|
||||
:ip => s[:host],
|
||||
:port => 110,
|
||||
:service_name => s[:sname],
|
||||
:user => s[:user],
|
||||
:password => s[:pass],
|
||||
:proof => "ERR response after PASS response from server",
|
||||
:status => Metasploit::Model::Login::Status::INCORRECT
|
||||
)
|
||||
print_status("Invalid POP3 Login: #{s[:session]} >> #{s[:user]} / #{s[:pass]} (#{s[:banner].strip})")
|
||||
s[:pass]=""
|
||||
end
|
||||
@ -84,5 +100,31 @@ class SnifferPOP3 < BaseProtocolParser
|
||||
end # end case matched
|
||||
end # end of each_key
|
||||
end # end of parse
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :password
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: opts[:status],
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -44,7 +44,14 @@ class SnifferURL < BaseProtocolParser
|
||||
end
|
||||
if s[:basic_auth]
|
||||
s[:user], s[:pass] = Rex::Text.decode_base64(s[:basic_auth]).split(':', 2)
|
||||
report_auth_info s
|
||||
report_cred(
|
||||
:ip => s[:host],
|
||||
:port => 80,
|
||||
:service_name => s[:sname],
|
||||
:user => s[:user],
|
||||
:password => s[:pass],
|
||||
:proof => "Session: #{s[:session]} Basic Auth: #{s[:basic_auth]}",
|
||||
)
|
||||
print_status "HTTP Basic Authentication: #{s[:session]} >> #{s[:user]} / #{s[:pass]}"
|
||||
end
|
||||
when nil
|
||||
@ -52,4 +59,30 @@ class SnifferURL < BaseProtocolParser
|
||||
end # end case matched
|
||||
end # end of each_key
|
||||
end # end of parse
|
||||
|
||||
def report_cred(opts)
|
||||
service_data = {
|
||||
address: opts[:ip],
|
||||
port: opts[:port],
|
||||
service_name: opts[:service_name],
|
||||
protocol: 'tcp',
|
||||
workspace_id: myworkspace_id
|
||||
}
|
||||
|
||||
credential_data = {
|
||||
origin_type: :service,
|
||||
module_fullname: fullname,
|
||||
username: opts[:user],
|
||||
private_data: opts[:password],
|
||||
private_type: :password
|
||||
}.merge(service_data)
|
||||
|
||||
login_data = {
|
||||
core: create_credential(credential_data),
|
||||
status: Metasploit::Model::Login::Status::UNTRIED,
|
||||
proof: opts[:proof]
|
||||
}.merge(service_data)
|
||||
|
||||
create_credential_login(login_data)
|
||||
end
|
||||
end # end of URL sniffer
|
||||
|
Loading…
Reference in New Issue
Block a user