Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
rapid7
GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/lib/metasploit/framework/login_scanner.rb
19778 views
1
require 'metasploit/framework/credential'

2


3
module Metasploit

4
  module Framework

5
    # This module provides the namespace for all LoginScanner classes.

6
    # LoginScanners are the classes that provide functionality for testing

7
    # authentication against various different protocols and mechanisms.

8
    module LoginScanner

9
      require 'metasploit/framework/login_scanner/result'

10
      require 'metasploit/framework/login_scanner/invalid'

11


12
      # Gather a list of LoginScanner classes that can potentially be

13
      # used for a given `service`, which should usually be an

14
      # `Mdm::Service` object, but can be anything that responds to

15
      # #name and #port.

16
      #

17
      # @param service [Mdm::Service,#port,#name]

18
      # @return [Array<LoginScanner::Base>] A collection of LoginScanner

19
      #   classes that will probably give useful results when run

20
      #   against `service`.

21
      def self.classes_for_service(service)

22
        require_login_scanners

23


24
        self.constants.map{|sym| const_get(sym)}.select do |const|

25
          next unless const.kind_of?(Class)

26


27
          (

28
            const.const_defined?(:LIKELY_PORTS) &&

29
            const.const_get(:LIKELY_PORTS).include?(service.port)

30
          ) || (

31
            const.const_defined?(:LIKELY_SERVICE_NAMES) &&

32
            const.const_get(:LIKELY_SERVICE_NAMES).include?(service.name)

33
          )

34
        end

35
      end

36


37
      # Gather a list of LoginScanner classes that can potentially be

38
      # used against an HTTP service

39
      #

40
      # @return [Array<LoginScanner::Base>] A collection of LoginScanner

41
      #   classes that will probably give useful results when run

42
      #   against an HTTP service

43
      def self.all_http_classes

44
        require_login_scanners

45


46
        http_base_class = Metasploit::Framework::LoginScanner::HTTP

47
        Metasploit::Framework::LoginScanner.constants.sort.filter_map do |sym|

48
          const = Metasploit::Framework::LoginScanner.const_get(sym)

49
          next unless const.kind_of?(Class) && const.ancestors.include?(http_base_class) && const != http_base_class

50


51
          const

52
        end

53
      end

54


55
      def self.all_service_names

56
        require_login_scanners

57


58
        service_names = Set.new

59
        self.constants.map{|sym| const_get(sym)}.select do |const|

60
          next unless const.kind_of?(Class)

61
          next unless const.const_defined?(:LIKELY_SERVICE_NAMES)

62


63
          const.const_get(:LIKELY_SERVICE_NAMES).each do |service_name|

64
            service_names << service_name

65
          end

66
        end

67


68
        service_names

69
      end

70


71
      private

72


73
      def self.require_login_scanners

74
        unless @required

75
          # Make sure we've required all the scanner classes

76
          dir = File.expand_path("../login_scanner/", __FILE__)

77
          Dir.glob(File.join(dir, "*.rb")).each do |f|

78
            require f if File.file?(f)

79
          end

80
          @required = true

81
        end

82
      end

83
    end

84
  end

85
end

86


87