Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Xymon Daemon Gather Information module #12032

Merged
merged 6 commits into from Aug 8, 2019

Conversation

@bcoles
Copy link
Contributor

commented Jun 29, 2019

Add Xymon Daemon Gather Information module.

    This module retrieves information from a Xymon daemon service
    (formerly Hobbit, based on Big Brother), including server
    configuration information, a list of monitored hosts, and
    associated client log for each host.

There's probably not a lot of these services around these days.

Returns a lot of data about the target system(s). As useful, if not more so, than read-only SNMP.

msf5 > use auxiliary/gather/xymon_info 
msf5 auxiliary(gather/xymon_info) > set rhosts 172.16.191.250
rhosts => 172.16.191.250
msf5 auxiliary(gather/xymon_info) > run
[*] Running module against 172.16.191.250
[*] 172.16.191.250:1984 - Xymon daemon version 4.3.28
[*] 172.16.191.250:1984 - Retrieving configuration files ...
[+] 172.16.191.250:1984 - xymonserver.cfg (18347 bytes) stored in /root/.msf4/loot/20190629235042_default_172.16.191.250_xymon.config.xym_136371.txt
[+] 172.16.191.250:1984 - hosts.cfg (745 bytes) stored in /root/.msf4/loot/20190629235042_default_172.16.191.250_xymon.config.hos_647070.txt
[*] 172.16.191.250:1984 - Retrieving host list ...
[+] 172.16.191.250:1984 - Host info (127 bytes) stored in /root/.msf4/loot/20190629235042_default_172.16.191.250_xymon.hostinfo_254799.txt
[+] 172.16.191.250:1984 - Found 3 hosts
[*] 172.16.191.250:1984 - Retrieving client logs ...
[+] 172.16.191.250:1984 - debian-9-6-0-x64-xfce.local client log (87942 bytes) stored in /root/.msf4/loot/20190629235042_default_172.16.191.250_xymon.hosts.debi_671716.txt
[*] 172.16.191.250:1984 - test-host client log is empty
[*] 172.16.191.250:1984 - another-test-host client log is empty
[*] Auxiliary module execution completed

Depends on #12031

@bcoles bcoles changed the title Add Xymon Daemon Gather Client Host Information module Add Xymon Daemon Gather Information module Jun 30, 2019

@bcoles bcoles added docs and removed needs-docs labels Jun 30, 2019

@bcoles bcoles marked this pull request as ready for review Jul 1, 2019

@bcoles bcoles added the delayed label Jul 1, 2019

@bcoles

This comment has been minimized.

Copy link
Contributor Author

commented Jul 1, 2019

Adding delayed tag pending #12031.

bcoles added some commits Jul 1, 2019

@bcoles bcoles removed the delayed label Jul 12, 2019

@bcoles

This comment has been minimized.

Copy link
Contributor Author

commented Jul 16, 2019

@asoto-r7 if you've still got the Xymon test VM setup, this PR should hopefully (?) be an easy land.

@space-r7 space-r7 self-assigned this Aug 8, 2019

@space-r7

This comment has been minimized.

Copy link
Contributor

commented Aug 8, 2019

Set up Xymon on a Ubuntu vm and tested:

msf5 > use auxiliary/gather/xymon_info 
msf5 auxiliary(gather/xymon_info) > set rhosts 192.168.37.131
rhosts => 192.168.37.131
msf5 auxiliary(gather/xymon_info) > run
[*] Running module against 192.168.37.131

[*] 192.168.37.131:1984 - Xymon daemon version 4.3.28
[*] 192.168.37.131:1984 - Retrieving configuration files ...
[+] 192.168.37.131:1984 - xymonserver.cfg (18316 bytes) stored in /Users/space/.msf4/loot/20190808103246_default_192.168.37.131_xymon.config.xym_004619.txt
[+] 192.168.37.131:1984 - hosts.cfg (655 bytes) stored in /Users/space/.msf4/loot/20190808103246_default_192.168.37.131_xymon.config.hos_794350.txt
[+] 192.168.37.131:1984 - xymonpasswd (44 bytes) stored in /Users/space/.msf4/loot/20190808103246_default_192.168.37.131_xymon.config.xym_291056.txt
[+] 192.168.37.131:1984 - Credentials: admin : $apr1$ZhfTKttP$5p6V0qnKzC550vB8rtpCu/
[*] 192.168.37.131:1984 - Retrieving host list ...
[+] 192.168.37.131:1984 - Host info (36 bytes) stored in /Users/space/.msf4/loot/20190808103246_default_192.168.37.131_xymon.hostinfo_667036.txt
[+] 192.168.37.131:1984 - Found 1 hosts
[*] 192.168.37.131:1984 - Retrieving client logs ...
[+] 192.168.37.131:1984 - ubuntu client log (126592 bytes) stored in /Users/space/.msf4/loot/20190808103246_default_192.168.37.131_xymon.hosts.ubun_849800.txt
[*] Auxiliary module execution completed

Code looks good to me!

@space-r7 space-r7 merged commit cd1669f into rapid7:master Aug 8, 2019

3 checks passed

Metasploit Automation - Sanity Test Execution Successfully completed all tests.
Details
Metasploit Automation - Test Execution Successfully completed all tests.
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

space-r7 added a commit that referenced this pull request Aug 8, 2019

msjenkins-r7 added a commit that referenced this pull request Aug 8, 2019

@space-r7

This comment has been minimized.

Copy link
Contributor

commented Aug 8, 2019

Release Notes

The xymon_info module has been added to the framework. It targets Xymon daemon services and retrieves information such as server configuration information, a list of monitored hosts, and associated client log for each host.

@bcoles bcoles deleted the bcoles:xymon_info branch Aug 9, 2019

@jmartin-r7 jmartin-r7 added the msf5 label Aug 10, 2019

@jmartin-r7

This comment has been minimized.

Copy link
Contributor

commented Aug 10, 2019

Marked msf5 due to usage of hashes/identify not available in 4.x.

jmartin-r7 added a commit that referenced this pull request Aug 10, 2019

@tdoan-r7 tdoan-r7 added the rn-modules label Aug 20, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.