CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/lib/metasploit/framework/login_scanner/acpp.rb
Views: 1904
1
require 'metasploit/framework/tcp/client'

2
require 'metasploit/framework/login_scanner/base'

3
require 'metasploit/framework/login_scanner/rex_socket'

4


5
module Metasploit

6
  module Framework

7
    module LoginScanner

8
      # This is the LoginScanner class for dealing with the Apple Airport ACPP

9
      # protocol.  It is responsible for taking a single target, and a list of

10
      # credentials and attempting them. It then saves the results.

11
      class ACPP

12
        include Metasploit::Framework::LoginScanner::Base

13
        include Metasploit::Framework::LoginScanner::RexSocket

14
        include Metasploit::Framework::Tcp::Client

15


16
        #

17
        # CONSTANTS

18
        #

19
        DEFAULT_PORT         = Rex::Proto::ACPP::DEFAULT_PORT

20
        LIKELY_PORTS         = [ DEFAULT_PORT ]

21
        LIKELY_SERVICE_NAMES = [ 'acpp' ]

22
        PRIVATE_TYPES        = [ :password ]

23
        REALM_KEY            = nil

24


25


26
        # This method attempts a single login with a single credential against the target

27
        # @param credential [Credential] The credential object to attempt to login with

28
        # @return [Metasploit::Framework::LoginScanner::Result] The LoginScanner Result object

29
        def attempt_login(credential)

30
          result_options = {

31
              credential: credential,

32
              host: host,

33
              port: port,

34
              protocol: 'tcp',

35
              service_name: 'acpp'

36
          }

37


38
          begin

39
            # Make our initial socket to the target

40
            disconnect if self.sock

41
            connect

42


43
            client = Rex::Proto::ACPP::Client.new(sock)

44


45
            auth_response = client.authenticate(credential.private)

46
            if auth_response.successful?

47
              status = Metasploit::Model::Login::Status::SUCCESSFUL

48
            else

49
              status = Metasploit::Model::Login::Status::INCORRECT

50
            end

51
            result_options.merge!(

52
              proof: "Status code #{auth_response.status}",

53
              status: status

54
            )

55
          rescue ::EOFError, Errno::ENOTCONN, Rex::ConnectionError, ::Timeout::Error => e

56
            result_options.merge!(

57
              proof: e.message,

58
              status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT

59
            )

60
          ensure

61
            disconnect

62
          end

63


64
          ::Metasploit::Framework::LoginScanner::Result.new(result_options)

65
        end

66
      end

67
    end

68
  end

69
end

70


71