adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
metasploit-gs/modules/auxiliary/scanner/dcerpc/management.rb
T
Brent Cook ddef5b4961 MSF5: Remove unneeded RHOST deregister in scanners 
With Metasploit 5, RHOST and RHOSTS are aliases, so no need to
deregister one or the other, as they are the same option. Deregistering
one deregisters both.
2019-03-05 13:04:49 -06:00

86 lines
2.1 KiB
Ruby
Raw Blame History

##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
# Exploit mixins should be called first
include Msf::Exploit::Remote::DCERPC
include Msf::Auxiliary::Report
# Scanner mixin should be near last
include Msf::Auxiliary::Scanner
def initialize
super(
'Name' => 'Remote Management Interface Discovery',
'Description' => %q{
This module can be used to obtain information from the Remote
Management Interface DCERPC service.
},
'Author' => 'hdm',
'License' => MSF_LICENSE
)
register_options(
[
Opt::RPORT(135)
])
end
# Obtain information about a single host
def run_host(ip)
begin
ids = dcerpc_mgmt_inq_if_ids(rport)
return if not ids
ids.each do |id|
print_status("UUID #{id[0]} v#{id[1]}")
reportdata = ""
stats = dcerpc_mgmt_inq_if_stats(rport)
if stats
print_status("\t stats: " + stats.map{|i| "0x%.8x" % i}.join(", "))
reportdata << "stats: " + stats.map{|i| "0x%.8x" % i}.join(", ") + " "
end
live = dcerpc_mgmt_is_server_listening(rport)
if live
print_status("\t listening: %.8x" % live)
#reportdata << "listening: %.8x" % live + " "
end
dead = dcerpc_mgmt_stop_server_listening(rport)
if dead
print_status("\t killed: %.8x" % dead)
#reportdata << "killed: %.8x" % dead + " "
end
princ = dcerpc_mgmt_inq_princ_name(rport)
if princ
print_status("\t name: #{princ.unpack("H*")[0]}")
#reportdata << "name: #{princ.unpack("H*")[0]}"
end
# Add Report
report_note(
:host => ip,
:proto => 'tcp',
:port => datastore['RPORT'],
:type => "DCERPC UUID #{id[0]} v#{id[1]}",
:data => reportdata
)
end
rescue ::Interrupt
raise $!
rescue ::Exception => e
print_error("Error: #{e}")
end
end
end
Reference in New Issue View Git Blame Copy Permalink