CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/lib/msf/core/auxiliary/rservices.rb
Views: 1904
1
# -*- coding: binary -*-

2


3
##

4
#

5
# This Auxiliary Mixin provides functionality for dealing with BSD R*Services

6
#

7
##

8


9
module Msf

10
module Auxiliary::RServices

11


12
  def initialize(info = {})

13
    super

14


15
    register_options(

16
      [

17
        OptString.new('FROMUSER',      [ false, 'The username to login from' ]),

18
        OptPath.new(  'FROMUSER_FILE', [ false, 'File containing from usernames, one per line',

19
          File.join(Msf::Config.data_directory, "wordlists", "rservices_from_users.txt") ])

20
      ], Msf::Auxiliary::RServices)

21


22
    register_advanced_options(

23
      [

24
          OptBool.new('REMOVE_FROMUSER_FILE', [ true, "Automatically delete the FROMUSER_FILE on module completion", false])

25
      ], Msf::Auxiliary::RServices)

26
  end

27


28


29
  def connect_from_privileged_port(start_port = 1023)

30
    cport = start_port

31
    sd = nil

32
    while cport > 512

33
      #vprint_status("Trying to connect from port #{cport} ...")

34
      sd = nil

35
      begin

36
        sd = connect(true, { 'CPORT' => cport })

37


38
      rescue Rex::BindFailed

39
        # Ignore and try again

40
        #vprint_error("Unable to connect: #{$!}")

41


42
      rescue Rex::ConnectionError => e

43
        vprint_error("Unable to connect: #{$!}")

44
        return :refused if e.class == Rex::ConnectionRefused

45
        return :connection_error

46


47
      end

48


49
      break if sd

50
      cport -= 1

51
    end

52


53
    if not sd

54
      print_error("#{target_host}:#{rport} - Unable to bind to privileged port")

55
      return :bind_error

56
    end

57


58
    #vprint_status("Connected from #{cport}")

59
    return :connected

60
  end

61


62


63
  def load_fromuser_vars

64
    fromusers = extract_words(datastore['FROMUSER_FILE'])

65
    if datastore['FROMUSER']

66
      fromusers.unshift datastore['FROMUSER']

67
    end

68
    fromusers

69
  end

70


71


72
  def cleanup_files

73
    super

74


75
    path = datastore['FROMUSER_FILE']

76
    if path and datastore['REMOVE_FROMUSER_FILE']

77
      ::File.unlink(path) rescue nil

78
    end

79
  end

80


81
end

82
end

83


84