Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Path: blob/master/modules/auxiliary/scanner/dcerpc/endpoint_mapper.rb
Views: 11784
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##45class MetasploitModule < Msf::Auxiliary67# Exploit mixins should be called first8include Msf::Exploit::Remote::DCERPC910include Msf::Auxiliary::Report1112# Scanner mixin should be near last13include Msf::Auxiliary::Scanner1415def initialize16super(17'Name' => 'Endpoint Mapper Service Discovery',18'Description' => %q{19This module can be used to obtain information from the20Endpoint Mapper service.21},22'Author' => 'hdm',23'License' => MSF_LICENSE24)2526register_options(27[28Opt::RPORT(135)29])30end3132# Obtain information about a single host33def run_host(ip)34begin3536ids = dcerpc_endpoint_list()37return if not ids38name = nil39ids.each do |id|40next if not id[:prot]41line = "#{id[:uuid]} v#{id[:vers]} "42line << "#{id[:prot].upcase} "43line << "(#{id[:port]}) " if id[:port]44line << "(#{id[:pipe]}) " if id[:pipe]45line << "#{id[:host]} " if id[:host]46line << "[#{id[:note]}]" if id[:note]47print_status(line)48if (id[:host] and id[:host][0,2] == "\\\\")49name = id[:host][2..-1]50end51if id[:prot].downcase == "tcp" or id[:prot].downcase == "udp"52report_service(53:host => ip,54:port => id[:port],55:proto => id[:prot].downcase,56:name => "dcerpc",57:info => "#{id[:uuid]} v#{id[:vers]} #{id[:note]}"58)59end60end61report_host(:host => ip, :name => name) if name62report_service(63:host => ip,64:port => rport,65:proto => 'tcp',66:name => "dcerpc",67:info => "Endpoint Mapper (#{ids.length} services)"68)6970rescue ::Interrupt71raise $!72rescue ::Rex::Proto::DCERPC::Exceptions::Fault73rescue ::Exception => e74print_error("#{ip}:#{rport} error: #{e}")75end76end777879end808182