CoCalc -- nessus.rb

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/lib/metasploit/framework/login_scanner/nessus.rb
³²⁵³⁸ views
1

2
require 'metasploit/framework/login_scanner/http'
3

4
module Metasploit
5
  module Framework
6
    module LoginScanner
7

8
      class Nessus < HTTP
9

10
        DEFAULT_PORT  = 8834
11
        PRIVATE_TYPES = [ :password ]
12
        LIKELY_SERVICE_NAMES = self.superclass::LIKELY_SERVICE_NAMES + [ 'nessus' ]
13
        LOGIN_STATUS  = Metasploit::Model::Login::Status # Shorter name
14

15

16
        # Checks if the target is correct
17
        #
18
        # @return [false] Indicates there were no errors
19
        # @return [String] a human-readable error message describing why
20
        #   this scanner can't run
21
        def check_setup
22
          login_uri = "/server/properties"
23
          res = send_request({'uri'=> login_uri})
24
          if res && res.body.include?('Nessus')
25
            return false
26
          end
27

28
          'Unable to locate "Nessus" in body. (Is this really Nessus?)'
29
        end
30

31
        # Actually doing the login. Called by #attempt_login
32
        #
33
        # @param username [String] The username to try
34
        # @param password [String] The password to try
35
        # @return [Hash]
36
        #   * :status [Metasploit::Model::Login::Status]
37
        #   * :proof [String] the HTTP response body
38
        def get_login_state(username, password)
39
          login_uri = "#{uri}"
40

41
          res = send_request({
42
            'uri' => login_uri,
43
            'method' => 'POST',
44
            'vars_post' => {
45
              'username' => username,
46
              'password' => password
47
            }
48
          })
49

50
          unless res
51
            return {:status => LOGIN_STATUS::UNABLE_TO_CONNECT, :proof => res.to_s}
52
          end
53
          if res.code == 200 && res.body =~ /token/
54
            return {:status => LOGIN_STATUS::SUCCESSFUL, :proof => res.body.to_s}
55
          end
56

57
          {:status => LOGIN_STATUS::INCORRECT, :proof => res.to_s}
58
        end
59

60

61
        # Attempts to login to Nessus.
62
        #
63
        # @param credential [Metasploit::Framework::Credential] The credential object
64
        # @return [Result] A Result object indicating success or failure
65
        def attempt_login(credential)
66
          result_opts = {
67
            credential: credential,
68
            status: Metasploit::Model::Login::Status::INCORRECT,
69
            proof: nil,
70
            host: host,
71
            port: port,
72
            protocol: 'tcp'
73
          }
74

75
          begin
76
            result_opts.merge!(get_login_state(credential.public, credential.private))
77
          rescue ::Rex::ConnectionError => e
78
            # Something went wrong during login. 'e' knows what's up.
79
            result_opts.merge!(status: LOGIN_STATUS::UNABLE_TO_CONNECT, proof: e.message)
80
          end
81

82
          Result.new(result_opts)
83
        end
84

85
        def set_sane_defaults
86
          super
87
          # nessus_rest_login has the same default in TARGETURI, but rspec doesn't check nessus_rest_login
88
          # so we have to set the default here, too.
89
          self.uri = '/session'
90
        end
91

92
      end
93
    end
94
  end
95
end
96

97

98
Product

Resources

Company
