1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Auxiliary
7
  include Msf::Exploit::Remote::DB2
8
  include Msf::Auxiliary::Scanner
9
  include Msf::Auxiliary::Report
10

11
  def initialize
12
    super(
13
      'Name' => 'DB2 Probe Utility',
14
      'Description' => 'This module queries a DB2 instance information.',
15
      'Author' => ['todb'],
16
      'License' => MSF_LICENSE,
17
      'Notes' => {
18
        'Stability' => [CRASH_SAFE],
19
        'SideEffects' => [],
20
        'Reliability' => []
21
      }
22
    )
23
    register_options(
24
      [
25
        OptInt.new('TIMEOUT', [true, 'Timeout for the DB2 probe', 5])
26
      ]
27
    )
28

29
    deregister_options('USERNAME', 'PASSWORD')
30
  end
31

32
  def to
33
    return 5 if datastore['TIMEOUT'].to_i.zero?
34

35
    datastore['TIMEOUT'].to_i
36
  end
37

38
  def run_host(ip)
39
    info = db2_probe(to)
40
    if info[:excsatrd]
41
      inst = info[:instance_name]
42
      plat = info[:platform]
43
      ver = info[:version]
44
      pta = info[:plaintext_auth]
45
      report_info = "Platform: #{plat}, Version: #{ver}, Instance: #{inst}, Plain-Authentication: #{pta ? 'OK' : 'NO'}"
46
      print_good("#{ip}:#{rport} DB2 - #{report_info}")
47
      report_service(
48
        host: rhost,
49
        port: rport,
50
        name: 'db2',
51
        info: report_info
52
      )
53
    end
54
    disconnect
55
  rescue ::Rex::ConnectionRefused
56
    vprint_error("#{rhost}:#{rport} : Cannot connect to host")
57
    return :done
58
  rescue ::Rex::ConnectionError
59
    vprint_error("#{rhost}:#{rport} : Unable to attempt probe")
60
    return :done
61
  rescue ::Rex::Proto::DRDA::RespError => e
62
    vprint_error("#{rhost}:#{rport} : Error in connecting to DB2 instance: #{e}")
63
    return :error
64
  end
65
end
66

67