Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Land #5340, @wchen-r7's change to the symantec_web_gateway_login writ…

…ing style
  • Loading branch information...
commit dd5060e08cfc497c1c7584fddacecc81ba941629 2 parents 5cf6d28 + cf5fa67
@jvazquez-r7 jvazquez-r7 authored
Showing with 47 additions and 54 deletions.
  1. +47 −54 modules/auxiliary/scanner/http/symantec_web_gateway_login.rb
View
101 modules/auxiliary/scanner/http/symantec_web_gateway_login.rb
@@ -32,33 +32,32 @@ def initialize(info={})
end
- # Initializes CredentialCollection and SymantecWebGateway
- def init(ip)
- @cred_collection = Metasploit::Framework::CredentialCollection.new(
- blank_passwords: datastore['BLANK_PASSWORDS'],
- pass_file: datastore['PASS_FILE'],
- password: datastore['PASSWORD'],
- user_file: datastore['USER_FILE'],
- userpass_file: datastore['USERPASS_FILE'],
- username: datastore['USERNAME'],
- user_as_pass: datastore['USER_AS_PASS']
- )
-
- @scanner = Metasploit::Framework::LoginScanner::SymantecWebGateway.new(
- configure_http_login_scanner(
- host: ip,
- port: datastore['RPORT'],
- cred_details: @cred_collection,
- stop_on_success: datastore['STOP_ON_SUCCESS'],
- bruteforce_speed: datastore['BRUTEFORCE_SPEED'],
- connection_timeout: 5
+ def scanner(ip)
+ @scanner ||= lambda {
+ cred_collection = Metasploit::Framework::CredentialCollection.new(
+ blank_passwords: datastore['BLANK_PASSWORDS'],
+ pass_file: datastore['PASS_FILE'],
+ password: datastore['PASSWORD'],
+ user_file: datastore['USER_FILE'],
+ userpass_file: datastore['USERPASS_FILE'],
+ username: datastore['USERNAME'],
+ user_as_pass: datastore['USER_AS_PASS']
)
- )
- end
+
+ return Metasploit::Framework::LoginScanner::SymantecWebGateway.new(
+ configure_http_login_scanner(
+ host: ip,
+ port: datastore['RPORT'],
+ cred_details: cred_collection,
+ stop_on_success: datastore['STOP_ON_SUCCESS'],
+ bruteforce_speed: datastore['BRUTEFORCE_SPEED'],
+ connection_timeout: 5
+ ))
+ }.call
+end
- # Reports a good login credential
- def do_report(ip, port, result)
+ def report_good_cred(ip, port, result)
service_data = {
address: ip,
port: port,
@@ -86,39 +85,34 @@ def do_report(ip, port, result)
end
+ def report_bad_cred(ip, rport, result)
+ invalidate_login(
+ address: ip,
+ port: rport,
+ protocol: 'tcp',
+ public: result.credential.public,
+ private: result.credential.private,
+ realm_key: result.credential.realm_key,
+ realm_value: result.credential.realm,
+ status: result.status,
+ proof: result.proof
+ )
+ end
+
+
# Attempts to login
def bruteforce(ip)
- @scanner.scan! do |result|
+ scanner(ip).scan! do |result|
case result.status
when Metasploit::Model::Login::Status::SUCCESSFUL
- print_brute :level => :good, :ip => ip, :msg => "Success: '#{result.credential}'"
- do_report(ip, rport, result)
+ print_brute(:level => :good, :ip => ip, :msg => "Success: '#{result.credential}'")
+ report_good_cred(ip, rport, result)
when Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
- vprint_brute :level => :verror, :ip => ip, :msg => result.proof
- invalidate_login(
- address: ip,
- port: rport,
- protocol: 'tcp',
- public: result.credential.public,
- private: result.credential.private,
- realm_key: result.credential.realm_key,
- realm_value: result.credential.realm,
- status: result.status,
- proof: result.proof
- )
+ vprint_brute(:level => :verror, :ip => ip, :msg => result.proof)
+ report_bad_cred(ip, rport, result)
when Metasploit::Model::Login::Status::INCORRECT
- vprint_brute :level => :verror, :ip => ip, :msg => "Failed: '#{result.credential}'"
- invalidate_login(
- address: ip,
- port: rport,
- protocol: 'tcp',
- public: result.credential.public,
- private: result.credential.private,
- realm_key: result.credential.realm_key,
- realm_value: result.credential.realm,
- status: result.status,
- proof: result.proof
- )
+ vprint_brute(:level => :verror, :ip => ip, :msg => "Failed: '#{result.credential}'")
+ report_bad_cred(ip, rport, result)
end
end
end
@@ -126,9 +120,8 @@ def bruteforce(ip)
# Start here
def run_host(ip)
- init(ip)
- unless @scanner.check_setup
- print_brute :level => :error, :ip => ip, :msg => 'Target is not Symantec Web Gateway'
+ unless scanner(ip).check_setup
+ print_brute(:level => :error, :ip => ip, :msg => 'Target is not Symantec Web Gateway')
return
end
Please sign in to comment.
Something went wrong with that request. Please try again.