CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/lib/metasploit/framework/login_scanner/mybook_live.rb
Views: 1904
require 'metasploit/framework/login_scanner/http'12module Metasploit3module Framework4module LoginScanner56# Western Digital MyBook Live login scanner7class MyBookLive < HTTP89# Inherit LIKELY_PORTS,LIKELY_SERVICE_NAMES, and REALM_KEY from HTTP10CAN_GET_SESSION = true11DEFAULT_PORT = 8012PRIVATE_TYPES = [ :password ]1314# (see Base#set_sane_defaults)15def set_sane_defaults16self.uri = '/UI/login' if self.uri.nil?17self.method = 'POST' if self.method.nil?1819super20end2122def attempt_login(credential)23result_opts = {24credential: credential,25host: host,26port: port,27protocol: 'tcp'28}29if ssl30result_opts[:service_name] = 'https'31else32result_opts[:service_name] = 'http'33end34begin35res = send_request({36'method' => method,37'uri' => uri,38'vars_post' => {39'data[Login][owner_name]' => 'admin',40'data[Login][owner_passwd]' => credential.private41}42})4344if res && res.code == 302 && res.headers['location'] && res.headers['location'].include?('UI')45result_opts.merge!(status: Metasploit::Model::Login::Status::SUCCESSFUL, proof: res.headers)46elsif res.nil?47result_opts.merge!(status: Metasploit::Model::Login::Status::INCORRECT, proof: 'No response')48else49result_opts.merge!(status: Metasploit::Model::Login::Status::INCORRECT, proof: res.headers)50end51rescue ::EOFError, Errno::ETIMEDOUT, Rex::ConnectionError, ::Timeout::Error52result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT)53end54Result.new(result_opts)55end56end57end58end59end606162