CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/lib/metasploit/framework/login_scanner/pop3.rb
Views: 1904
require 'metasploit/framework/login_scanner/base'1require 'metasploit/framework/login_scanner/rex_socket'2require 'metasploit/framework/tcp/client'34module Metasploit5module Framework6module LoginScanner78# This is the LoginScanner class for dealing with POP3.9# It is responsible for taking a single target, and a list of credentials10# and attempting them. It then saves the results.11class POP312include Metasploit::Framework::LoginScanner::Base13include Metasploit::Framework::LoginScanner::RexSocket14include Metasploit::Framework::Tcp::Client1516DEFAULT_PORT = 11017LIKELY_PORTS = [ 110, 995 ]18LIKELY_SERVICE_NAMES = [ 'pop3', 'pop3s' ]19PRIVATE_TYPES = [ :password ]20REALM_KEY = nil2122# This method attempts a single login with a single credential against the target23# @param credential [Credential] The credential object to attempt to login with24# @return [Metasploit::Framework::LoginScanner::Result] The LoginScanner Result object25def attempt_login(credential)26result_options = {27credential: credential,28status: Metasploit::Model::Login::Status::INCORRECT,29host: host,30port: port,31protocol: 'tcp',32service_name: 'pop3'33}3435disconnect if self.sock3637begin38connect39select([sock],nil,nil,0.4)4041# Check to see if we received an OK?42result_options[:proof] = sock.get_once43if result_options[:proof] && result_options[:proof][/^\+OK.*/]44# If we received an OK we should send the USER45sock.put("USER #{credential.public}\r\n")46result_options[:proof] = sock.get_once4748if result_options[:proof] && result_options[:proof][/^\+OK.*/]49# If we got an OK after the username we can send the PASS50sock.put("PASS #{credential.private}\r\n")51# Dovecot has a failed-auth penalty system that maxes at52# sleeping for 15 seconds before sending responses to the53# PASS command, so bump the timeout to 16.54result_options[:proof] = sock.get_once(-1, 16)5556if result_options[:proof] && result_options[:proof][/^\+OK.*/]57# if the pass gives an OK, were good to go58result_options[:status] = Metasploit::Model::Login::Status::SUCCESSFUL59end60end61end6263rescue Rex::ConnectionError, EOFError, Timeout::Error, Errno::EPIPE => e64result_options.merge!(65proof: e,66status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT67)68end6970disconnect if self.sock7172Result.new(result_options)73end7475private7677# (see Base#set_sane_defaults)78def set_sane_defaults79self.connection_timeout ||= 3080self.port ||= DEFAULT_PORT81self.max_send_size ||= 082self.send_delay ||= 083end8485end8687end88end89end90919293