CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Auxiliary
7

8
  # Exploit mixins should be called first
9
  include Msf::Exploit::Remote::HttpClient
10
  include Msf::Auxiliary::Report
11

12
  def initialize
13
    super(
14
      'Name'        	=> 'Discover External IP via Ifconfig.me',
15
      'Description'	=> %q{
16
        This module checks for the public source IP address of the current
17
        route to the RHOST by querying the public web application at ifconfig.me.
18
        It should be noted this module will register activity on ifconfig.me,
19
        which is not affiliated with Metasploit.
20
      },
21
      'Author'        => ['RageLtMan <rageltman[at]sempervictus>'],
22
      'License'	=> MSF_LICENSE,
23
      'References'	=>
24
        [
25
          [ 'URL', 'http://ifconfig.me/ip' ],
26
        ],
27
      'DefaultOptions' => { 'VHOST' => 'ifconfig.me' }
28
    )
29

30
    register_options(
31
      [
32
        Opt::RHOST('ifconfig.me'),
33
        OptBool.new('REPORT_HOST', [false, 'Add the found IP to the database', false])
34
      ])
35
end
36

37
  def run
38
    connect
39
    res = send_request_cgi({'uri' => '/ip', 'method' => 'GET' })
40

41
    if res.nil?
42
      print_error("Connection timed out")
43
      return
44
    end
45

46
    our_addr = res.body.strip
47
    if Rex::Socket.is_ipv4?(our_addr) or Rex::Socket.is_ipv6?(our_addr)
48
      print_good("Source ip to #{rhost} is #{our_addr}")
49
      report_host(our_addr) if datastore['REPORT_HOST']
50
    end
51
  end
52
end
53

54