Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Auxiliary
7
  include Msf::Exploit::Remote::DB2
8
  include Msf::Auxiliary::Scanner
9
  include Msf::Auxiliary::Report
10

11
  def initialize
12
    super(
13
      'Name'           => 'DB2 Probe Utility',
14
      'Description'    => 'This module queries a DB2 instance information.',
15
      'Author'         => ['todb'],
16
      'License'        => MSF_LICENSE
17
    )
18
    register_options(
19
      [
20
        OptInt.new('TIMEOUT', [true, 'Timeout for the DB2 probe', 5])
21
    ])
22

23
    deregister_options('USERNAME' , 'PASSWORD')
24
  end
25

26
  def to
27
    return 5 if datastore['TIMEOUT'].to_i.zero?
28
    datastore['TIMEOUT'].to_i
29
  end
30

31
  def run_host(ip)
32
    begin
33

34
      info = db2_probe(to)
35
      if info[:excsatrd]
36
        inst,plat,ver,pta = info[:instance_name],info[:platform],info[:version],info[:plaintext_auth]
37
        report_info = "Platform: #{plat}, Version: #{ver}, Instance: #{inst}, Plain-Authentication: #{pta ? "OK" : "NO"}"
38
        print_good("#{ip}:#{rport} DB2 - #{report_info}")
39
        report_service(
40
          :host => rhost,
41
          :port => rport,
42
          :name => "db2",
43
          :info => report_info
44
        )
45
      end
46
      disconnect
47

48
    rescue ::Rex::ConnectionRefused
49
      vprint_error("#{rhost}:#{rport} : Cannot connect to host")
50
      return :done
51
    rescue ::Rex::ConnectionError
52
      vprint_error("#{rhost}:#{rport} : Unable to attempt probe")
53
      return :done
54
    rescue ::Rex::Proto::DRDA::RespError => e
55
      vprint_error("#{rhost}:#{rport} : Error in connecting to DB2 instance: #{e}")
56
      return :error
57
    end
58
  end
59
end
60

61