CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/lib/metasploit/framework/login_scanner/telnet.rb
Views: 1904
require 'metasploit/framework/telnet/client'1require 'metasploit/framework/login_scanner/base'2require 'metasploit/framework/login_scanner/rex_socket'34module Metasploit5module Framework6module LoginScanner7# This is the LoginScanner class for dealing with Telnet remote terminals.8# It is responsible for taking a single target, and a list of credentials9# and attempting them. It then saves the results.10class Telnet1112include Metasploit::Framework::LoginScanner::Base13include Metasploit::Framework::LoginScanner::RexSocket14include Metasploit::Framework::Telnet::Client1516CAN_GET_SESSION = true17DEFAULT_PORT = 2318LIKELY_PORTS = [ DEFAULT_PORT ]19LIKELY_SERVICE_NAMES = [ 'telnet' ]20PRIVATE_TYPES = [ :password ]21REALM_KEY = nil2223# @!attribute verbosity24# The timeout to wait for the telnet banner.25#26# @return [Integer]27attr_accessor :banner_timeout2829# @!attribute verbosity30# The timeout to wait for the response from a telnet command.31#32# @return [Integer]33attr_accessor :telnet_timeout3435# @!attribute verbosity36# Prepend code to call before checking for a user login37#38# @return [Proc]39attr_accessor :pre_login4041validates :banner_timeout,42presence: true,43numericality: {44only_integer: true,45greater_than_or_equal_to: 146}4748validates :telnet_timeout,49presence: true,50numericality: {51only_integer: true,52greater_than_or_equal_to: 153}5455# (see {Base#attempt_login})56def attempt_login(credential)57result_options = {58credential: credential,59host: host,60port: port,61protocol: 'tcp',62service_name: 'telnet'63}6465begin66if connect_reset_safe == :refused67result_options[:status] = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT68else69if busy_message?70self.sock.close unless self.sock.closed?71result_options[:status] = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT72end73end7475unless result_options[:status]76if pre_login77pre_login.call(self)78end7980unless password_prompt?81send_user(credential.public)82end8384recvd_sample = @recvd.dup85# Allow for slow echos861.upto(10) do87recv_telnet(self.sock, 0.10) unless @recvd.nil? || password_prompt?(@recvd)88end8990if password_prompt?(credential.public)91send_pass(credential.private)9293# Allow for slow echos941.upto(10) do95recv_telnet(self.sock, 0.10) if @recvd == recvd_sample96end97end9899if login_succeeded?100result_options[:status] = Metasploit::Model::Login::Status::SUCCESSFUL101else102result_options[:status] = Metasploit::Model::Login::Status::INCORRECT103end104105end106rescue ::EOFError, Errno::ECONNRESET, Rex::ConnectionError, Rex::ConnectionTimeout, ::Timeout::Error107result_options[:status] = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT108end109110::Metasploit::Framework::LoginScanner::Result.new(result_options)111end112113private114115# This method sets the sane defaults for things116# like timeouts and TCP evasion options117def set_sane_defaults118self.connection_timeout ||= 30119self.port ||= DEFAULT_PORT120self.banner_timeout ||= 25121self.telnet_timeout ||= 10122self.pre_login ||= nil123self.connection_timeout ||= 30124self.max_send_size ||= 0125self.send_delay ||= 0126# Shim to set up the ivars from the old Login mixin127create_login_ivars128end129130def print_error(message)131return unless @parent132@parent.print_error(message)133end134135alias_method :print_bad, :print_error136137end138end139end140end141142143