Make the same changes for sonicwall

zeroSteiner · zeroSteiner · commit 446d0f3d8b14 · 2025-03-26T17:23:04.000-04:00
diff --git a/documentation/modules/auxiliary/scanner/sonicwall/sonicwall_login.md b/documentation/modules/auxiliary/scanner/sonicwall/sonicwall_login.md
@@ -1,15 +1,15 @@
 ## Description
 
-The module performs bruteforce attack against SonicWall NSv (Network Security Virtual).
-It allows to attack both regular SSLVPN user and admin as well. The module will automatically perform attack against SSLVPN user if `DOMAIN` parameter is not empty.
+The module will perform a bruteforce attack against SonicWall NSv (Network Security Virtual).
+It allows attacking both regular SSLVPN users and as well as admins. The module will automatically target SSLVPN users if the `DOMAIN` parameter is not empty.
 
 ## Vulnerable Application
 
 - [SonicWall](https://www.sonicwall.com/resources/trials-landing/sonicwall-nsv-next-gen-virtual-firewall-trial)
 
 ## Verification Steps
 
-1. `use auxiliary/scanner/sonicwall/login_scanner`
+1. `use auxiliary/scanner/sonicwall/sonicwall_login`
 2. `set RHOSTS [IP]`
 3. either `set USERNAME [username]` or `set USERPASS_FILE [usernames file]`
 4. either `set PASSWORD [password]` or `set PASS_FILE [passwords file]`
diff --git a/lib/metasploit/framework/login_scanner/sonicwall.rb b/lib/metasploit/framework/login_scanner/sonicwall.rb
@@ -16,8 +16,9 @@ class SonicWall < HTTP
         PRIVATE_TYPES = [:password]
         REALM_KEY = nil
 
-        def initialize(scanner_config, domain)
-          @domain = domain
+        attr_accessor :domain
+
+        def initialize(scanner_config)
           super(scanner_config)
         end
 
@@ -38,7 +39,7 @@ def auth_details_req
           # Admin and SSLVPN user login procedure differs only in usage of domain field in JSON data
           #
           params.merge!({
-            'data' => JSON.pretty_generate(@domain.empty? ? {
+            'data' => JSON.pretty_generate(@domain.blank? ? {
               'override' => false,
               'snwl' => true
             } : { 'domain' => @domain, 'override' => false, 'snwl' => true })
diff --git a/modules/auxiliary/scanner/sonicwall/sonicwall_login.rb b/modules/auxiliary/scanner/sonicwall/sonicwall_login.rb
@@ -8,6 +8,9 @@ class MetasploitModule < Msf::Auxiliary
   include Msf::Auxiliary::Report
   include Msf::Auxiliary::Scanner
 
+  include Msf::Exploit::Deprecated
+  moved_from 'auxiliary/scanner/sonicwall/login_scanner'
+
   def initialize(info = {})
     super(
       update_info(
@@ -47,9 +50,10 @@ def get_scanner(ip)
       cred_details: cred_collection,
       stop_on_success: datastore['STOP_ON_SUCCESS'],
       bruteforce_speed: datastore['BRUTEFORCE_SPEED'],
-      connection_timeout: datastore['HttpClientTimeout']
+      connection_timeout: datastore['HttpClientTimeout'],
+      domain: datastore['DOMAIN']
     )
-    Metasploit::Framework::LoginScanner::SonicWall.new(configuration, datastore['DOMAIN'])
+    Metasploit::Framework::LoginScanner::SonicWall.new(configuration)
   end
 
   def process_credential(credential_data)
