Gather Kademlia server info

[jhart-r7]

Kademlia is a DHT used by various P2P servers/applications, including *mule (amule, emule, etc) and bittorrent.

This module uses the bootstrap and ping messages to locate and extract information from Kademlia peers, and includes some base Rex code for dealing with the protocol.

Validation

• Confirm that specs pass
• Find a public server exposing Kademlia, try the PING and BOOTSTRAP actions against it, confirming module usability and services output.

Finding a Kademlia server does take a little work. You could also just build/install/etc amule/emule and point this module at the right port. Alternatively, get the nodes.dat file from http://www.nodes-dat.com/, decode it and then pick one of the servers.

Sample output:

msf auxiliary(server_info) > run

[+] a:4672 ID 953C16E580E765DD98586B3B3030BB59, TCP port 4662, version 8, 20 peers
[+] b:4672 ID AEC91215D4039A031FBCED9134B580F5, TCP port 4662, version 9, 20 peers
[+] c:4672 ID B74C6EBD1B0E968DFE99C7166A716A18, TCP port 4662, version 9, 20 peers
[+] d:4672 ID 951171F9F3F724C7A4560A1D6D42FCBE, TCP port 4662, version 8, 20 peers
[+] e:4672 ID 97239F2AE11F60C609187739B942B225, TCP port 4662, version 9, 20 peers
[+] e:4672 ID B74C8001B8EF7EBF64FF98DD4BE31FDE, TCP port 4662, version 8, 20 peers
...
msf auxiliary(server_info) > set ACTION PING
ACTION => PING
rmsf auxiliary(server_info) > run

[+] a:4672 PONG
[+] b:4672 PONG
[+] c:4672 PONG
[+] d:4672 PONG
[+] e:4672 PONG
[+] f:4672 PONG