Module: Msf::Exploit::Remote::HTTP::Nifi::Auth
- Includes:
- Msf::Exploit::Remote::HttpClient
- Included in:
- Msf::Exploit::Remote::HTTP::Nifi
- Defined in:
- lib/msf/core/exploit/remote/http/nifi/auth.rb
Instance Attribute Summary
Attributes included from Msf::Exploit::Remote::HttpClient
Instance Method Summary collapse
-
#retrieve_login_token ⇒ String
Attempts a login with username and password to retrieve a bearer token for APIs.
-
#supports_login? ⇒ Boolean
Determines if the Apache Nifi instance supports login.
Methods included from Msf::Exploit::Remote::HttpClient
#basic_auth, #cleanup, #configure_http_login_scanner, #connect, #connect_ws, #deregister_http_client_options, #disconnect, #download, #full_uri, #handler, #http_fingerprint, #initialize, #lookup_http_fingerprints, #normalize_uri, #path_from_uri, #peer, #proxies, #reconfig_redirect_opts!, #request_opts_from_url, #request_url, #rhost, #rport, #send_request_cgi, #send_request_cgi!, #send_request_raw, #service_details, #setup, #ssl, #ssl_version, #strip_tags, #target_uri, #validate_fingerprint, #vhost
Methods included from Auxiliary::Report
#active_db?, #create_cracked_credential, #create_credential, #create_credential_and_login, #create_credential_login, #db, #db_warning_given?, #get_client, #get_host, #inside_workspace_boundary?, #invalidate_login, #mytask, #myworkspace, #myworkspace_id, #report_auth_info, #report_client, #report_exploit, #report_host, #report_loot, #report_note, #report_service, #report_vuln, #report_web_form, #report_web_page, #report_web_site, #report_web_vuln, #store_cred, #store_local, #store_loot
Methods included from Metasploit::Framework::Require
optionally, optionally_active_record_railtie, optionally_include_metasploit_credential_creation, #optionally_include_metasploit_credential_creation, optionally_require_metasploit_db_gem_engines
Instance Method Details
#retrieve_login_token ⇒ String
Attempts a login with username and password to retrieve a bearer token for APIs
31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
# File 'lib/msf/core/exploit/remote/http/nifi/auth.rb', line 31 def retrieve_login_token vprint_status('Attempting to login') res = send_request_cgi( { 'method' => 'POST', 'uri' => normalize_uri(target_uri.path, 'nifi-api', 'access', 'token'), 'vars_post' => { 'username' => datastore['USERNAME'], 'password' => datastore['PASSWORD'] } } ) if res.nil? print_bad("#{peer} - Could not connect to web service - no response") return nil end if res.code == 400 print_bad('Invalid Credentials') return nil elsif res.code != 201 print_bad("Unexpected response code: #{res.code}") return nil end res.body end |
#supports_login? ⇒ Boolean
Determines if the Apache Nifi instance supports login.
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
# File 'lib/msf/core/exploit/remote/http/nifi/auth.rb', line 9 def supports_login? vprint_status('Attempting to retrieve access configuration') res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri(target_uri.path, 'nifi-api', 'access', 'config') }) if res.nil? print_bad("#{peer} - Could not connect to web service - no response") return nil end unless res.code == 200 print_bad("Unexpected response code: #{res.code}") return nil end res.get_json_document.dig('config', 'supportsLogin') end |