Skip to content

Commit 225b15f

Browse files
author
RageLtMan
committed
Add external IP discovery module
This module performs an HTTP request to ifconfig.me/ip. The body of the response contains the publicly routable IP from which the request originated. This can be useful in discovering routes on pivoted hosts and initial recon as a simple aux module.
1 parent 24c0da0 commit 225b15f

File tree

1 file changed

+59
-0
lines changed

1 file changed

+59
-0
lines changed

modules/auxiliary/scanner/discovery/external_ip.rb

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,59 @@
1+
##
2+
# This file is part of the Metasploit Framework and may be subject to
3+
# redistribution and commercial restrictions. Please see the Metasploit
4+
# Framework web site for more information on licensing and terms of use.
5+
# http://metasploit.com/framework/
6+
##
7+
8+
9+
require 'msf/core'
10+
11+
12+
class Metasploit3 < Msf::Auxiliary
13+
14+
# Exploit mixins should be called first
15+
include Msf::Exploit::Remote::HttpClient
16+
include Msf::Auxiliary::Report
17+
include Msf::Auxiliary::Scanner
18+
19+
def initialize
20+
super(
21+
'Name' => 'External IP',
22+
'Version' => '$Revision: $',
23+
'Description' => 'This module checks for the public source IP address of the current route to the RHOST',
24+
'Author' => ['RageLtMan'],
25+
'License' => MSF_LICENSE,
26+
'References' =>
27+
[
28+
[ 'URL', 'http://ifconfig.me/ip' ],
29+
]
30+
)
31+
32+
register_options(
33+
[
34+
OptEnum.new('RHOSTS', [true, 'The ifconfig.me server to use','49.212.202.172',['49.212.202.172','133.242.129.236']]),
35+
OptString.new('VHOST', [true, "The VHOST to use", 'ifconfig.me' ]),
36+
OptBool.new('REPORT_HOST', [false, 'Add the found IP to the database', false])
37+
], self.class)
38+
end
39+
40+
def run_host(ip)
41+
42+
43+
begin
44+
agent = datastore['UserAgent']
45+
connect
46+
res = send_request_raw({'uri' => '/ip', 'method' => 'GET' })
47+
our_addr = res.body.strip
48+
if Rex::Socket.is_ipv4?(our_addr) or Rex::Socket.is_ipv6?(our_addr)
49+
print_good("Source ip to #{ip} is #{our_addr}")
50+
report_host(our_addr) if datastore['REPORT_HOST']
51+
end
52+
53+
end
54+
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
55+
rescue Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Errno::ECONNABORTED, Errno::ECONNREFUSED, Errno::EHOSTUNREACH =>e
56+
puts e.message
57+
end
58+
end
59+

0 commit comments

Comments
 (0)