CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/lib/metasploit/framework/login_scanner/nessus.rb
Views: 1904
1require 'metasploit/framework/login_scanner/http'23module Metasploit4module Framework5module LoginScanner67class Nessus < HTTP89DEFAULT_PORT = 883410PRIVATE_TYPES = [ :password ]11LIKELY_SERVICE_NAMES = [ 'nessus' ]12LOGIN_STATUS = Metasploit::Model::Login::Status # Shorter name131415# Checks if the target is a Tenable Nessus server.16#17# @return [Boolean] TrueClass if target is Nessus server, otherwise FalseClass18def check_setup19login_uri = "/server/properties"20res = send_request({'uri'=> login_uri})21if res && res.body.include?('Nessus')22return true23end2425false26end2728# Actually doing the login. Called by #attempt_login29#30# @param username [String] The username to try31# @param password [String] The password to try32# @return [Hash]33# * :status [Metasploit::Model::Login::Status]34# * :proof [String] the HTTP response body35def get_login_state(username, password)36login_uri = "#{uri}"3738res = send_request({39'uri' => login_uri,40'method' => 'POST',41'vars_post' => {42'username' => username,43'password' => password44}45})4647unless res48return {:status => LOGIN_STATUS::UNABLE_TO_CONNECT, :proof => res.to_s}49end50if res.code == 200 && res.body =~ /token/51return {:status => LOGIN_STATUS::SUCCESSFUL, :proof => res.body.to_s}52end5354{:status => LOGIN_STATUS::INCORRECT, :proof => res.to_s}55end565758# Attempts to login to Nessus.59#60# @param credential [Metasploit::Framework::Credential] The credential object61# @return [Result] A Result object indicating success or failure62def attempt_login(credential)63result_opts = {64credential: credential,65status: Metasploit::Model::Login::Status::INCORRECT,66proof: nil,67host: host,68port: port,69protocol: 'tcp'70}7172begin73result_opts.merge!(get_login_state(credential.public, credential.private))74rescue ::Rex::ConnectionError => e75# Something went wrong during login. 'e' knows what's up.76result_opts.merge!(status: LOGIN_STATUS::UNABLE_TO_CONNECT, proof: e.message)77end7879Result.new(result_opts)80end8182def set_sane_defaults83super84# nessus_rest_login has the same default in TARGETURI, but rspec doesn't check nessus_rest_login85# so we have to set the default here, too.86self.uri = '/session'87end8889end90end91end92end93949596