Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added code to assign CPORT value to the parent scanner object #7251

Merged
merged 1 commit into from Aug 30, 2016
Merged

Added code to assign CPORT value to the parent scanner object #7251

merged 1 commit into from Aug 30, 2016

Conversation

bwatters-r7
Copy link
Contributor

@bwatters-r7 bwatters-r7 commented Aug 29, 2016
edited by wvu

This fixes the bug reported in #7236

As it exists currently, the assigned CPORT value never gets passed to the parent scanner object. I imagine it was simply overlooked. This fix simply passes the value up the chain as it was supposed to do.

Verification

List the steps needed to make sure this thing works

  • Start msfconsole
  • use auxiliary/scanner/smb/smb_login
  • set rhosts <some_ip>
  • run
  • Verify the module uses a random source port
  • Start msfconsole
  • use auxiliary/scanner/smb/smb_login
  • `set rhosts <some_ip>'
  • set CPORT <some_port>
  • run
  • Verify the module uses the assigned source port

My tests.......

CPORT OFF

bwatters@ubuntu:~/rapid7/metasploit-framework$ ./msfconsole -q
msf > use auxiliary/scanner/smb/smb_login 
msf auxiliary(smb_login) > set rhosts <win8x64_IP>
rhosts => <win8x64_IP>
msf auxiliary(smb_login) > run

[*] <win8x64_IP>:445    - SMB - Starting SMB login bruteforce
[*] <win8x64_IP>:445    - This system does not accept authentication with any credentials, proceeding with brute force
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

cport_off

CPORT ON:

bwatters@ubuntu:~/rapid7/metasploit-framework$ ./msfconsole -q
msf > use auxiliary/scanner/smb/smb_login 
msf auxiliary(smb_login) > set rhosts <win8x64_IP>
rhosts => <win8x64_IP>
msf auxiliary(smb_login) > set cport 54321
cport => 54321
msf auxiliary(smb_login) > run

[*] <win8x64_IP>:445    - SMB - Starting SMB login bruteforce
[*] <win8x64_IP>:445    - This system does not accept authentication with any credentials, proceeding with brute force
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

cport_on

@wvu wvu self-assigned this Aug 30, 2016
@wvu
Copy link
Contributor

wvu commented Aug 30, 2016

Another solid fix, @bwatters-r7.

@wvu wvu merged commit b21ea2b into rapid7:master Aug 30, 2016
wvu added a commit that referenced this pull request Aug 30, 2016
@wvu
Land #7251, CPORT fix for smb_login
e403df5
@wvu
Copy link
Contributor

wvu commented Aug 30, 2016

Release Notes

This fixes the CPORT source port option for auxiliary/scanner/smb/smb_login. Previously, the local_port option wasn't being passed to Metasploit::Framework::LoginScanner::SMB. This PR corrects that behavior.

@wvu
Copy link
Contributor

wvu commented Aug 30, 2016

@bwatters-r7: For next time: https://github.com/blog/1506-closing-issues-via-pull-requests. :)

@tdoan-r7 tdoan-r7 added the rn-fix release notes fix label Sep 8, 2016
@bwatters-r7 bwatters-r7 deleted the fix_cport branch January 29, 2019 19:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@wvu wvu

Labels
bug easy rn-fix release notes fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@bwatters-r7 @wvu @tdoan-r7