Module: Metasploit::Framework::LoginScanner

Defined in:
lib/metasploit/framework/login_scanner.rb,
lib/metasploit/framework/login_scanner/afp.rb,
lib/metasploit/framework/login_scanner/db2.rb,
lib/metasploit/framework/login_scanner/ftp.rb,
lib/metasploit/framework/login_scanner/smb.rb,
lib/metasploit/framework/login_scanner/smh.rb,
lib/metasploit/framework/login_scanner/ssh.rb,
lib/metasploit/framework/login_scanner/vnc.rb,
lib/metasploit/framework/login_scanner/acpp.rb,
lib/metasploit/framework/login_scanner/base.rb,
lib/metasploit/framework/login_scanner/http.rb,
lib/metasploit/framework/login_scanner/mqtt.rb,
lib/metasploit/framework/login_scanner/ntlm.rb,
lib/metasploit/framework/login_scanner/pop3.rb,
lib/metasploit/framework/login_scanner/snmp.rb,
lib/metasploit/framework/login_scanner/axis2.rb,
lib/metasploit/framework/login_scanner/mssql.rb,
lib/metasploit/framework/login_scanner/mysql.rb,
lib/metasploit/framework/login_scanner/redis.rb,
lib/metasploit/framework/login_scanner/winrm.rb,
lib/metasploit/framework/login_scanner/caidao.rb,
lib/metasploit/framework/login_scanner/gitlab.rb,
lib/metasploit/framework/login_scanner/nessus.rb,
lib/metasploit/framework/login_scanner/result.rb,
lib/metasploit/framework/login_scanner/telnet.rb,
lib/metasploit/framework/login_scanner/tomcat.rb,
lib/metasploit/framework/login_scanner/zabbix.rb,
lib/metasploit/framework/login_scanner/buffalo.rb,
lib/metasploit/framework/login_scanner/invalid.rb,
lib/metasploit/framework/login_scanner/ipboard.rb,
lib/metasploit/framework/login_scanner/jenkins.rb,
lib/metasploit/framework/login_scanner/jupyter.rb,
lib/metasploit/framework/login_scanner/varnish.rb,
lib/metasploit/framework/login_scanner/vmauthd.rb,
lib/metasploit/framework/login_scanner/postgres.rb,
lib/metasploit/framework/login_scanner/glassfish.rb,
lib/metasploit/framework/login_scanner/chef_webui.rb,
lib/metasploit/framework/login_scanner/phpmyadmin.rb,
lib/metasploit/framework/login_scanner/rex_socket.rb,
lib/metasploit/framework/login_scanner/directadmin.rb,
lib/metasploit/framework/login_scanner/mybook_live.rb,
lib/metasploit/framework/login_scanner/octopusdeploy.rb,
lib/metasploit/framework/login_scanner/wordpress_rpc.rb,
lib/metasploit/framework/login_scanner/cisco_firepower.rb,
lib/metasploit/framework/login_scanner/bavision_cameras.rb,
lib/metasploit/framework/login_scanner/advantech_webaccess.rb,
lib/metasploit/framework/login_scanner/wordpress_multicall.rb,
lib/metasploit/framework/login_scanner/symantec_web_gateway.rb,
lib/metasploit/framework/login_scanner/manageengine_desktop_central.rb

Overview

This module provides the namespace for all LoginScanner classes. LoginScanners are the classes that provide functionality for testing authentication against various different protocols and mechanisms.

Defined Under Namespace

Modules: Base, NTLM, RexSocket Classes: ACPP, AFP, AdvantechWebAccess, Axis2, BavisionCameras, BavisionCamerasException, Buffalo, Caidao, ChefWebUI, CiscoFirepower, DB2, DirectAdmin, FTP, GitLab, Glassfish, HTTP, IPBoard, Invalid, Jenkins, Jupyter, MQTT, MSSQL, ManageEngineDesktopCentral, MyBookLive, MySQL, Nessus, OctopusDeploy, POP3, PhpMyAdmin, Postgres, Redis, Result, SMB, SNMP, SSH, Smh, SymantecWebGateway, Telnet, Tomcat, VMAUTHD, VNC, VarnishCLI, WinRM, WordpressMulticall, WordpressRPC, Zabbix

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.classes_for_service(service) ⇒ Array<LoginScanner::Base>

Gather a list of LoginScanner classes that can potentially be used for a given `service`, which should usually be an `Mdm::Service` object, but can be anything that responds to #name and #port.

Parameters:

  • service (Mdm::Service, #port, #name)

Returns:

  • (Array<LoginScanner::Base>)

    A collection of LoginScanner classes that will probably give useful results when run against `service`.


21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
# File 'lib/metasploit/framework/login_scanner.rb', line 21

def self.classes_for_service(service)

  unless @required
    # Make sure we've required all the scanner classes
    dir = File.expand_path("../login_scanner/", __FILE__)
    Dir.glob(File.join(dir, "*.rb")).each do |f|
      require f if File.file?(f)
    end
    @required = true
  end

  self.constants.map{|sym| const_get(sym)}.select do |const|
    next unless const.kind_of?(Class)

    (
      const.const_defined?(:LIKELY_PORTS) &&
      const.const_get(:LIKELY_PORTS).include?(service.port)
    ) || (
      const.const_defined?(:LIKELY_SERVICE_NAMES) &&
      const.const_get(:LIKELY_SERVICE_NAMES).include?(service.name)
    )
  end
end

Instance Method Details

#set_sane_defaultsObject


83
84
85
86
# File 'lib/metasploit/framework/login_scanner/postgres.rb', line 83

def set_sane_defaults
  self.connection_timeout ||= 30
  self.port               ||= DEFAULT_PORT
end