Improves UX for scanner/login modules #19199

cgranleese-r7 · 2024-05-23T15:16:24Z

This PR adds support for a summarised output to the end of login/scanner modules within Framework. The idea was that some scanners are either way to quite or way too noisy. So this implementation aims to add a module option that will be enabled by default but is configurable by the user, which will dictate if the table will be output or not.

Example output

When targeting a single host, the scanner is too quiet. Logic was added to check for when a single user is passed and change to verbose mode.

Verification

Start msfconsole
Use a login module
Test against a single host
Test against multiple hosts
Verify the table is output by default
Verify the table is not output when ShowSuccessLogins is set to false
Verify the module outputs the verbose output when ran against a single host

lib/msf/core/auxiliary/report_logins.rb

lib/msf/core/auxiliary/scanner.rb

lib/msf/core/feature_manager.rb

lib/msf/core/auxiliary/report_summary.rb

lib/msf/core/feature_manager.rb

lib/msf/core/auxiliary/report_summary.rb

adfoster-r7 · 2024-05-31T15:33:55Z

lib/msf/core/auxiliary/report_summary.rb

+        @report = {}
+        @report.extend(::Rex::Ref)
+        rhost_walker = Msf::RhostsWalker.new(datastore['RHOSTS'], datastore).to_enum
+        conditional_verbose_output(rhost_walker.count)


Not a blocker; This might still need opt out functionality, were folk do want a quiet scanner still for 1 target

lib/msf/core/auxiliary/report_summary.rb

adfoster-r7 · 2024-05-31T16:18:37Z

lib/msf/core/auxiliary/report_summary.rb

+        logins = report.flat_map { |_k, v| v[:successful_logins] }.compact
+        sessions = report.flat_map { |_k, v| v[:successful_sessions] }.compact
+
+        print_status("Bruteforce completed, #{logins.size} #{logins.size == 1 ? 'credential was' : 'credentials were'} successful.")


This might be used in contexts that aren't related to bruteforcing anything; so maybe we need to use different terminology here

Went with scan, let me know if that works, or if you had something else in mind.

Suggested change

print_status("Bruteforce completed, #{logins.size} #{logins.size == 1 ? 'credential was' : 'credentials were'} successful.")

print_status("Scan completed, #{logins.size} #{logins.size == 1 ? 'credential was' : 'credentials were'} successful.")

lib/msf/core/auxiliary/report_summary.rb

adfoster-r7 · 2024-05-31T16:31:39Z

Just to make testing easier, can we grab in this commit into this PR? #19220

adfoster-r7 · 2024-06-06T15:07:00Z

Release Notes

Updates brute force modules to output a summary of the credential discovered. This functionality is currently opt-in with the feature set show_successful_logins true msfconsole command

cgranleese-r7 force-pushed the improves-ux-for-scanner-modules branch from 962c015 to 6dd306e Compare May 23, 2024 15:17

cgranleese-r7 commented May 23, 2024

View reviewed changes

lib/msf/core/auxiliary/report_logins.rb Outdated Show resolved Hide resolved

cgranleese-r7 added enhancement rn-enhancement release notes enhancement labels May 23, 2024

adfoster-r7 reviewed May 29, 2024

View reviewed changes

lib/msf/core/auxiliary/scanner.rb Outdated Show resolved Hide resolved

cgranleese-r7 force-pushed the improves-ux-for-scanner-modules branch 2 times, most recently from a067770 to 7eb4ca6 Compare May 31, 2024 10:21

cgranleese-r7 mentioned this pull request May 31, 2024

<DRAFT> Updates login/scanner modules to make use of ReportSummary mixin #19220

Closed

7 tasks

cgranleese-r7 changed the title ~~Improves UX for scanner/login modules~~ <DRAFT> Improves UX for scanner/login modules May 31, 2024