Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
rapid7
GitHub Repository: rapid7/metasploit-framework
Path: blob/master/modules/auxiliary/scanner/http/chromecast_webserver.rb
19591 views
1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5
6
class MetasploitModule < Msf::Auxiliary
7
include Msf::Exploit::Remote::HttpClient
8
include Msf::Auxiliary::Scanner
9
include Msf::Auxiliary::Report
10
11
def initialize(info = {})
12
super(
13
update_info(
14
info,
15
'Name' => 'Chromecast Web Server Scanner',
16
'Description' => %q{
17
This module scans for the Chromecast web server on port 8008/TCP, and
18
can be used to discover devices which can be targeted by other Chromecast
19
modules, such as chromecast_youtube.
20
},
21
'Author' => ['wvu'],
22
'References' => [
23
['URL', 'https://store.google.com/product/chromecast?utm_source=chromecast.com&hl=en-US']
24
],
25
'License' => MSF_LICENSE,
26
'Notes' => {
27
'Reliability' => UNKNOWN_RELIABILITY,
28
'Stability' => UNKNOWN_STABILITY,
29
'SideEffects' => UNKNOWN_SIDE_EFFECTS
30
}
31
)
32
)
33
34
register_options([
35
Opt::RPORT(8008)
36
])
37
end
38
39
def run_host(ip)
40
res = send_request_raw(
41
'method' => 'GET',
42
'uri' => '/setup/eureka_info',
43
'agent' => Rex::Text.rand_text_english(rand(42) + 1)
44
)
45
46
return unless (res && res.code == 200)
47
48
json = res.get_json_document
49
name, ssid = json['name'], json['ssid']
50
51
if name && ssid
52
print_good(%Q{#{peer} - Chromecast "#{name}" is connected to #{ssid}})
53
report_service(
54
:host => ip,
55
:port => rport,
56
:proto => 'tcp',
57
:name => 'http',
58
:info => %Q{Chromecast "#{name}" connected to #{ssid}}
59
)
60
end
61
end
62
end
63
64