CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/lib/metasploit/framework/login_scanner/varnish.rb
Views: 1904
1
require 'metasploit/framework/tcp/client'

2
require 'metasploit/framework/varnish/client'

3
require 'metasploit/framework/login_scanner/base'

4
require 'metasploit/framework/login_scanner/rex_socket'

5


6
module Metasploit

7
  module Framework

8
    module LoginScanner

9


10
      # This is the LoginScanner class for dealing with Varnish CLI.

11


12
      class VarnishCLI

13
        include Metasploit::Framework::LoginScanner::Base

14
        include Metasploit::Framework::LoginScanner::RexSocket

15
        include Metasploit::Framework::Tcp::Client

16
        include Metasploit::Framework::Varnish::Client

17


18
        DEFAULT_PORT         = 6082

19
        LIKELY_PORTS         = [ DEFAULT_PORT ]

20
        LIKELY_SERVICE_NAMES = [ 'varnishcli' ]

21
        PRIVATE_TYPES        = [ :password ]

22
        REALM_KEY           = nil

23


24
        def attempt_login(credential)

25
          begin

26
            connect

27
            success = login(credential.private)

28
            close_session

29
            disconnect

30
          rescue RuntimeError => e

31
            return {:status => Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, :proof => e.message}

32
          rescue Rex::ConnectionError, EOFError, Timeout::Error

33
            status = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT

34
          end

35
          status = (success == true) ? Metasploit::Model::Login::Status::SUCCESSFUL : Metasploit::Model::Login::Status::INCORRECT

36


37
          result = Result.new(credential: credential, status: status)

38
          result.host         = host

39
          result.port         = port

40
          result.protocol     = 'tcp'

41
          result.service_name = 'varnishcli'

42
          result

43
        end

44


45
        def set_sane_defaults

46
          self.connection_timeout ||= 30

47
          self.port               ||= DEFAULT_PORT

48
          self.max_send_size      ||= 0

49
          self.send_delay         ||= 0

50
        end

51


52
      end

53
    end

54
  end

55
end

56


57