CoCalc -- query.rb

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/modules/auxiliary/scanner/llmnr/query.rb
¹⁹⁶⁶⁴ views
1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Auxiliary
7
  include Msf::Auxiliary::Report
8
  include Msf::Auxiliary::UDPScanner
9
  include Msf::Auxiliary::LLMNR
10

11
  def initialize(info = {})
12
    super(
13
      update_info(
14
        info,
15
        'Name' => 'LLMNR Query',
16
        'Description' => %q{
17
          This module sends LLMNR queries, which are really just normal UDP DNS
18
          queries done (usually) over multicast on a different port, 5355.
19
          Targets other than the default RHOSTS' 224.0.0.252 should not respond
20
          but may anyway.
21
        },
22
        'Author' => [
23
          'Jon Hart <jon_hart[at]rapid7.com>'
24
        ],
25
        'License' => MSF_LICENSE,
26
        'Notes' => {
27
          'Reliability' => UNKNOWN_RELIABILITY,
28
          'Stability' => UNKNOWN_STABILITY,
29
          'SideEffects' => UNKNOWN_SIDE_EFFECTS
30
        }
31
      )
32
    )
33
  end
34

35
  def scanner_prescan(batch)
36
    print_status("Sending LLMNR #{query_type_name}/#{query_class_name} queries for #{query_name} to #{batch[0]}->#{batch[-1]} port #{rport} (#{batch.length} hosts)")
37
    @results = {}
38
  end
39

40
  def scanner_postscan(_batch)
41
    found = {}
42
    @results.each_pair do |peer, resps|
43
      resps.each do |resp|
44
        found[peer] ||= {}
45
        next if found[peer][resp]
46

47
        response_info = describe_response(resp)
48
        print_good("#{peer} responded with #{response_info}")
49
        report_service(host: peer, port: rport, proto: "udp", name: "llmnr", info: response_info)
50
        found[peer][resp] = true
51
      end
52
    end
53
  end
54
end
55

56
Product

Resources

Company
