adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Follow @bcoles recommendations for 'check' function.

Browse Source
This commit is contained in:
Quentin Kaiser
2019-03-28 15:59:22 +01:00
parent 92e4393025
commit 8ec5a124b4
1 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/exploits/linux/snmp/awind_snmp_exec.rb
+9 -3
View File
@@ -58,9 +58,15 @@ class MetasploitModule < Msf::Exploit::Remote
sys_description = snmp.get_value('1.3.6.1.2.1.1.1.0').to_s
print_status("Target system is #{sys_description}")
# AM-100 and AM-101 considered EOL, no fix so no need to check version.
return Exploit::CheckCode::Vulnerable if sys_description.include? "Crestron Electronics AM-100" or sys.description.include? "Crestron Electronics AM-101"
# TODO: insert description check for other vulnerable models (that I don't have)
# In the meantime, we return 'unknown'.
model = sys_description.scan(/Crestron Electronics (AM-100|AM-101)/).flatten.first
case model
when 'AM-100', 'AM-101'
return CheckCode::Vulnerable
else
# TODO: insert description check for other vulnerable models (that I don't have)
# In the meantime, we return 'safe'.
return CheckCode::Safe
end
rescue SNMP::RequestTimeout
print_error("#{ip} SNMP request timeout.")
rescue Rex::ConnectionError