CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/lib/metasploit/framework/login_scanner/cisco_firepower.rb
Views: 1904
1
require 'metasploit/framework/login_scanner/http'

2
require 'digest'

3


4
module Metasploit

5
  module Framework

6
    module LoginScanner

7


8
      class CiscoFirepower < HTTP

9


10
        DEFAULT_PORT  = 443

11
        PRIVATE_TYPES = [ :password ]

12
        LOGIN_STATUS  = Metasploit::Model::Login::Status # Shorter name

13


14
        def check_setup

15
          res = send_request({

16
            'method' => 'GET',

17
            'uri'    => normalize_uri("#{uri}login.cgi")

18
          })

19


20
          if res && res.code == 200 && res.body.include?('/img/favicon.png?v=6.0.1-1213')

21
            return true

22
          end

23


24
          false

25
        end

26


27
        def do_login(cred)

28
          console_user = cred.public

29
          console_pass = cred.private

30


31
          res = send_request({

32
            'method' => 'POST',

33
            'uri'    => normalize_uri("#{uri}login.cgi"),

34
            'vars_post' => {

35
            'username' => console_user,

36
            'password' => console_pass,

37
            'target'   => ''

38
            }

39
          })

40


41
          unless res

42
            return {status: LOGIN_STATUS::UNABLE_TO_CONNECT, proof: 'Connection timed out for login.cig'}

43
          end

44


45
          if res.code == 302 && res.get_cookies.include?('CGISESSID')

46
            return {status: LOGIN_STATUS::SUCCESSFUL, proof: res.body}

47
          end

48


49
          {status: LOGIN_STATUS::INCORRECT, proof: res.body}

50
        end

51


52
        # Attempts to login to Cisco. This is called first.

53
        #

54
        # @param credential [Metasploit::Framework::Credential] The credential object

55
        # @return [Result] A Result object indicating success or failure

56
        def attempt_login(credential)

57
          result_opts = {

58
            credential: credential,

59
            status: Metasploit::Model::Login::Status::INCORRECT,

60
            proof: nil,

61
            host: host,

62
            port: port,

63
            protocol: 'tcp'

64
          }

65


66
          begin

67
            result_opts.merge!(do_login(credential))

68
          rescue ::Rex::ConnectionError => e

69
            # Something went wrong during login. 'e' knows what's up.

70
            result_opts.merge!(status: LOGIN_STATUS::UNABLE_TO_CONNECT, proof: e.message)

71
          end

72


73
          Result.new(result_opts)

74
        end

75


76
      end

77
    end

78
  end

79
end

80


81


82