CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/lib/metasploit/framework/login_scanner/advantech_webaccess.rb
Views: 1904
require 'metasploit/framework/login_scanner/http'12module Metasploit3module Framework4module LoginScanner56class AdvantechWebAccess < HTTP78DEFAULT_PORT = 809PRIVATE_TYPES = [ :password ]10LOGIN_STATUS = Metasploit::Model::Login::Status # Shorter name1112def check_setup13uri = normalize_uri("#{uri}broadWeb/bwRoot.asp")1415res = send_request({16'method' => 'GET',17'uri' => uri18})1920if res && res.body =~ /Welcome to Advantech WebAccess/i21return true22end2324false25end2627def do_login(user, pass)28uri = normalize_uri("#{uri}broadweb/user/signin.asp")2930res = send_request({31'method' => 'POST',32'uri' => uri,33'vars_post' =>34{35'page' => '/',36'pos' => '',37'remMe' => '',38'submit1' => 'Login',39'username' => user,40'password' => pass41}42})4344unless res45return {status: LOGIN_STATUS::UNABLE_TO_CONNECT, proof: 'Connection timed out for signin.asp'}46end4748if res.headers['Location'] && res.headers['Location'] == '/broadweb/bwproj.asp'49return {status: LOGIN_STATUS::SUCCESSFUL, proof: res.body}50end5152{status: LOGIN_STATUS::INCORRECT, proof: res.body}53end5455# Attempts to login to Advantech WebAccess.56#57# @param credential [Metasploit::Framework::Credential] The credential object58# @return [Result] A Result object indicating success or failure59def attempt_login(credential)60result_opts = {61credential: credential,62status: Metasploit::Model::Login::Status::INCORRECT,63proof: nil,64host: host,65port: port,66protocol: 'tcp'67}6869begin70result_opts.merge!(do_login(credential.public, credential.private))71rescue ::Rex::ConnectionError => e72# Something went wrong during login. 'e' knows what's up.73result_opts.merge!(status: LOGIN_STATUS::UNABLE_TO_CONNECT, proof: e.message)74end7576Result.new(result_opts)77end7879end80end81end82end838485