New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

improve fingerprinting for Cisco ASA VPN scanner #11035

Merged
merged 1 commit into from Nov 29, 2018

Conversation

Projects
None yet
3 participants
@busterb
Contributor

busterb commented Nov 28, 2018

This fixes some issues running the Cisco ASA SSL VPN scanner against different firmware versions. In particular, the initial login page will not always return a 302 redirect prompting the need for setting a GET variable ahead of time. Rather than doing a check and hoping for a redirect, this revises the code to simply set the GET variable in the first place.

The rest of the changes are simply minor refactoring so we don't repeat this initial connection twice, and some ruby style changes.

Fixes MS-3654

Verification

  • Start msfconsole
  • use auxiliary/scanner/http/cisco_ssl_vpn
  • target a number of different ASA targets (I have a few) they should all be fingerprinted positively
  • Verify that you are then able to scan and bruteforce the targets

@jrobles-r7 jrobles-r7 self-assigned this Nov 29, 2018

@jrobles-r7 jrobles-r7 merged commit bff2616 into rapid7:master Nov 29, 2018

3 checks passed

Metasploit Automation - Sanity Test Execution Successfully completed all tests.
Details
Metasploit Automation - Test Execution Successfully completed all tests.
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

jrobles-r7 added a commit that referenced this pull request Nov 29, 2018

msjenkins-r7 added a commit that referenced this pull request Nov 29, 2018

@jrobles-r7

This comment has been minimized.

Contributor

jrobles-r7 commented Nov 29, 2018

Release Notes

This improves Cisco SSL VPN fingerprinting for the auxiliary/scanner/http/cisco_ssl_vpn module.

@gdavidson-r7 gdavidson-r7 added the rn-fix label Dec 4, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment