CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/lib/metasploit/framework/login_scanner/amqp.rb
Views: 1904
require 'metasploit/framework/login_scanner/base'1require 'metasploit/framework/login_scanner/rex_socket'2require 'rex/proto/amqp'34module Metasploit5module Framework6module LoginScanner78class AMQP9include Metasploit::Framework::LoginScanner::Base10include Metasploit::Framework::LoginScanner::RexSocket1112DEFAULT_PORT = 567113LIKELY_PORTS = [ DEFAULT_PORT, 5672 ]14LIKELY_SERVICE_NAMES = [ 'amqp', 'amqps' ]15PRIVATE_TYPES = [ :password ]16REALM_KEY = nil1718# (see Base#attempt_login)19def attempt_login(credential)20result_options = {21credential: credential22}2324begin25result_options.merge!(connect_login(credential.public, credential.private))26rescue Rex::Proto::Amqp::Error::NegotiationError => e27result_options[:status] = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT28result_options[:proof] = e.message29rescue Rex::Proto::Amqp::Error::AmqpError30result_options[:status] = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT31rescue ::EOFError, Errno::ECONNRESET, Rex::ConnectionError, Rex::ConnectionTimeout, ::Timeout::Error32result_options[:status] = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT33end3435result = ::Metasploit::Framework::LoginScanner::Result.new(result_options)36result.host = host37result.port = port38result.protocol = 'tcp'39result.service_name = "amqp#{ssl ? 's' : ''}"40result41end4243private4445def connect_login(username, password)46result = {}47amqp_client = Rex::Proto::Amqp::Version091::Client.new(48host,49port: port,50context: { 'Msf' => framework, 'MsfExploit' => framework_module },51ssl: ssl,52ssl_version: ssl_version53)54amqp_client.connect(connection_timeout)55amqp_client.send_protocol_header56amqp_client.connection_start(username, password)57resp = amqp_client.recv_frame5859unless resp.is_a?(Rex::Proto::Amqp::Version091::Frames::AmqpVersion091MethodFrame)60raise Rex::Proto::Amqp::Error::UnexpectedReplyError.new(resp)61end6263if resp.class_id == Rex::Proto::Amqp::Version091::Frames::MethodArguments::AmqpVersion091ConnectionClose::CLASS_ID && \64resp.method_id == Rex::Proto::Amqp::Version091::Frames::MethodArguments::AmqpVersion091ConnectionClose::METHOD_ID65result[:status] = Metasploit::Model::Login::Status::INCORRECT66result[:proof] = resp.arguments.reply_text67return result68end6970unless resp.class_id == Rex::Proto::Amqp::Version091::Frames::MethodArguments::AmqpVersion091ConnectionTune::CLASS_ID && \71resp.method_id == Rex::Proto::Amqp::Version091::Frames::MethodArguments::AmqpVersion091ConnectionTune::METHOD_ID72raise Rex::Proto::Amqp::Error::UnexpectedReplyError.new(resp)73end7475result[:status] = Metasploit::Model::Login::Status::SUCCESSFUL76result77ensure78amqp_client.close79end8081def set_sane_defaults82self.connection_timeout ||= 3083self.port ||= DEFAULT_PORT84end85end86end87end88end899091