CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Auxiliary
7
  include Msf::Auxiliary::Report
8
  include Msf::Auxiliary::UDPScanner
9

10
  def initialize
11
    super(
12
      'Name'        => 'UDP Empty Prober',
13
      'Description' => 'Detect UDP services that reply to empty probes',
14
      'Author'      => 'Jon Hart <jon_hart[at]rapid7.com>',
15
      'License'     => MSF_LICENSE
16
    )
17
    register_options([
18
      OptString.new('PORTS', [true, 'Ports to probe', '1-1024,1194,2000,2049,4353,5060,5061,5351,8443'])
19
    ])
20
  end
21

22
  def setup
23
    super
24
    @ports = Rex::Socket.portspec_crack(datastore['PORTS'])
25
    raise Msf::OptionValidateError.new(['PORTS']) if @ports.empty?
26
  end
27

28
  def scanner_prescan(batch)
29
    print_status("Sending #{@ports.length} empty probes to #{batch[0]}->#{batch[-1]} (#{batch.length} hosts)")
30
  end
31

32
  def scan_host(ip)
33
    @ports.each do |port|
34
      scanner_send('', ip, port)
35
    end
36
  end
37

38
  def scanner_process(data, shost, sport)
39
    print_good("Received #{data.inspect} from #{shost}:#{sport}/udp")
40
    report_service(:host => shost, :port => sport, :proto => 'udp', :info => data.inspect)
41
  end
42
end
43

44