CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/lib/metasploit/framework/login_scanner/octopusdeploy.rb
Views: 1904
require 'metasploit/framework/login_scanner/http'1require 'json'23module Metasploit4module Framework5module LoginScanner67# Octopus Deploy login scanner8class OctopusDeploy < HTTP910# Inherit LIKELY_PORTS,LIKELY_SERVICE_NAMES, and REALM_KEY from HTTP11CAN_GET_SESSION = true12DEFAULT_PORT = 8013PRIVATE_TYPES = [ :password ]1415# (see Base#set_sane_defaults)16def set_sane_defaults17uri = '/api/users/login' if uri.nil?18method = 'POST' if method.nil?1920super21end2223def attempt_login(credential)24result_opts = {25credential: credential,26host: host,27port: port,28protocol: 'tcp'29}30if ssl31result_opts[:service_name] = 'https'32else33result_opts[:service_name] = 'http'34end35begin36json_post_data = JSON.pretty_generate({ Username: credential.public, Password: credential.private })37res = send_request({38'method' => 'POST',39'uri' => uri,40'ctype' => 'application/json',41'data' => json_post_data42})4344body = JSON.parse(res.body)45if res && res.code == 200 && body.key?('IsActive') && body['IsActive']46result_opts.merge!(status: Metasploit::Model::Login::Status::SUCCESSFUL, proof: res.body)47else48result_opts.merge!(status: Metasploit::Model::Login::Status::INCORRECT, proof: res)49end50rescue ::JSON::ParserError51result_opts.merge!(status: Metasploit::Model::Login::Status::INCORRECT, proof: res.body)52rescue ::EOFError, Errno::ETIMEDOUT, Rex::ConnectionError, ::Timeout::Error53result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT)54end55Result.new(result_opts)56end57end58end59end60end616263