|
3 | 3 | # Current source: https://github.com/rapid7/metasploit-framework
|
4 | 4 | ##
|
5 | 5 |
|
| 6 | +require 'English' |
6 | 7 | class MetasploitModule < Msf::Auxiliary
|
7 | 8 | include Msf::Auxiliary::Report
|
8 | 9 | include Msf::Auxiliary::Scanner
|
9 | 10 | include Msf::Exploit::Remote::AFP
|
10 | 11 |
|
11 |
| - def initialize(info={}) |
12 |
| - super(update_info(info, |
13 |
| - 'Name' => 'Apple Filing Protocol Info Enumerator', |
14 |
| - 'Description' => %q{ |
15 |
| - This module fetches AFP server information, including server name, |
16 |
| - network address, supported AFP versions, signature, machine type, |
17 |
| - and server flags. |
18 |
| - }, |
19 |
| - 'References' => |
20 |
| - [ |
| 12 | + def initialize(info = {}) |
| 13 | + super( |
| 14 | + update_info( |
| 15 | + info, |
| 16 | + 'Name' => 'Apple Filing Protocol Info Enumerator', |
| 17 | + 'Description' => %q{ |
| 18 | + This module fetches AFP server information, including server name, |
| 19 | + network address, supported AFP versions, signature, machine type, |
| 20 | + and server flags. |
| 21 | + }, |
| 22 | + 'References' => [ |
21 | 23 | [ 'URL', 'https://web.archive.org/web/20130309051753/https://developer.apple.com/library/mac/#documentation/Networking/Reference/AFP_Reference/Reference/reference.html' ]
|
22 | 24 | ],
|
23 |
| - 'Author' => [ 'Gregory Man <man.gregory[at]gmail.com>' ], |
24 |
| - 'License' => MSF_LICENSE |
25 |
| - )) |
| 25 | + 'Author' => [ 'Gregory Man <man.gregory[at]gmail.com>' ], |
| 26 | + 'License' => MSF_LICENSE, |
| 27 | + 'Notes' => { |
| 28 | + 'Stability' => [CRASH_SAFE], |
| 29 | + 'SideEffects' => [], |
| 30 | + 'Reliability' => [] |
| 31 | + } |
| 32 | + ) |
| 33 | + ) |
26 | 34 | end
|
27 | 35 |
|
28 | 36 | def run_host(ip)
|
29 | 37 | print_status("AFP #{ip} Scanning...")
|
30 |
| - begin |
31 |
| - connect |
32 |
| - response = get_info |
33 |
| - report(response) |
34 |
| - rescue ::Timeout::Error |
35 |
| - rescue ::Interrupt |
36 |
| - raise $! |
37 |
| - rescue ::Rex::ConnectionError, ::IOError, ::Errno::ECONNRESET, ::Errno::ENOPROTOOPT |
38 |
| - rescue ::Exception |
39 |
| - raise $! |
40 |
| - print_error("AFP #{rhost}:#{rport} #{$!.class} #{$!}") |
41 |
| - ensure |
42 |
| - disconnect |
43 |
| - end |
| 38 | + connect |
| 39 | + response = get_info |
| 40 | + report(response) |
| 41 | + rescue ::Timeout::Error => e |
| 42 | + vprint_error(e.message) |
| 43 | + rescue ::Rex::ConnectionError, ::IOError, ::Errno::ECONNRESET, ::Errno::ENOPROTOOPT => e |
| 44 | + vprint_error(e.message) |
| 45 | + rescue ::Interrupt |
| 46 | + raise $ERROR_INFO |
| 47 | + rescue StandardError |
| 48 | + print_error("AFP #{rhost}:#{rport} #{$ERROR_INFO.class} #{$ERROR_INFO}") |
| 49 | + raise $ERROR_INFO |
| 50 | + ensure |
| 51 | + disconnect |
44 | 52 | end
|
45 | 53 |
|
46 | 54 | def report(response)
|
47 |
| - report_info = "AFP #{rhost}:#{rport} Server Name: #{response[:server_name]} \n" + |
48 |
| - "AFP #{rhost}:#{rport} Server Flags: \n" + |
49 |
| - format_flags_report(response[:server_flags]) + |
50 |
| - "AFP #{rhost}:#{rport} Machine Type: #{response[:machine_type]} \n" + |
51 |
| - "AFP #{rhost}:#{rport} AFP Versions: #{response[:versions].join(', ')} \n" + |
52 |
| - "AFP #{rhost}:#{rport} UAMs: #{response[:uams].join(', ')}\n" + |
53 |
| - "AFP #{rhost}:#{rport} Server Signature: #{response[:signature]}\n" + |
54 |
| - "AFP #{rhost}:#{rport} Server Network Address: \n" + |
55 |
| - format_addresses_report(response[:network_addresses]) + |
56 |
| - "AFP #{rhost}:#{rport} UTF8 Server Name: #{response[:utf8_server_name]}" |
57 |
| - |
| 55 | + report_info = "AFP #{rhost}:#{rport} Server Name: #{response[:server_name]} \n" \ |
| 56 | + "AFP #{rhost}:#{rport} Server Flags: \n" + |
| 57 | + format_flags_report(response[:server_flags]) + |
| 58 | + "AFP #{rhost}:#{rport} Machine Type: #{response[:machine_type]} \n" \ |
| 59 | + "AFP #{rhost}:#{rport} AFP Versions: #{response[:versions].join(', ')} \n" \ |
| 60 | + "AFP #{rhost}:#{rport} UAMs: #{response[:uams].join(', ')}\n" \ |
| 61 | + "AFP #{rhost}:#{rport} Server Signature: #{response[:signature]}\n" \ |
| 62 | + "AFP #{rhost}:#{rport} Server Network Address: \n" + |
| 63 | + format_addresses_report(response[:network_addresses]) + |
| 64 | + "AFP #{rhost}:#{rport} UTF8 Server Name: #{response[:utf8_server_name]}" |
58 | 65 |
|
59 | 66 | lines = "AFP #{rhost}:#{rport}:#{rport} AFP:\n#{report_info}"
|
60 | 67 |
|
61 | 68 | lines.split(/\n/).each do |line|
|
62 | 69 | print_status(line)
|
63 | 70 | end
|
64 | 71 |
|
65 |
| - report_note(:host => datastore['RHOST'], |
66 |
| - :proto => 'tcp', |
67 |
| - :port => datastore['RPORT'], |
68 |
| - :type => 'afp_server_info', |
69 |
| - :data => { :server_info => response }) |
70 |
| - |
71 |
| - report_service( |
72 |
| - :host => datastore['RHOST'], |
73 |
| - :port => datastore['RPORT'], |
74 |
| - :proto => 'tcp', |
75 |
| - :name => "afp", |
76 |
| - :info => "AFP name: #{response[:utf8_server_name]}, Versions: #{response[:versions].join(', ')}" |
77 |
| - ) |
| 72 | + report_note( |
| 73 | + host: datastore['RHOST'], |
| 74 | + proto: 'tcp', |
| 75 | + port: datastore['RPORT'], |
| 76 | + type: 'afp_server_info', |
| 77 | + data: { server_info: response } |
| 78 | + ) |
78 | 79 |
|
| 80 | + report_service( |
| 81 | + host: datastore['RHOST'], |
| 82 | + port: datastore['RPORT'], |
| 83 | + proto: 'tcp', |
| 84 | + name: 'afp', |
| 85 | + info: "AFP name: #{response[:utf8_server_name]}, Versions: #{response[:versions].join(', ')}" |
| 86 | + ) |
79 | 87 | end
|
80 | 88 |
|
81 | 89 | def format_flags_report(parsed_flags)
|
82 | 90 | report = ''
|
83 | 91 | parsed_flags.each do |flag, val|
|
84 |
| - report << "AFP #{rhost}:#{rport} * #{flag}: #{val.to_s} \n" |
| 92 | + report << "AFP #{rhost}:#{rport} * #{flag}: #{val} \n" |
85 | 93 | end
|
86 | 94 | return report
|
87 | 95 | end
|
88 | 96 |
|
89 | 97 | def format_addresses_report(parsed_network_addresses)
|
90 | 98 | report = ''
|
91 | 99 | parsed_network_addresses.each do |val|
|
92 |
| - report << "AFP #{rhost}:#{rport} * #{val.to_s} \n" |
| 100 | + report << "AFP #{rhost}:#{rport} * #{val} \n" |
93 | 101 | end
|
94 | 102 | return report
|
95 | 103 | end
|
|
0 commit comments