@@ -31,8 +31,8 @@ def initialize
31
31
[
32
32
OptBool . new ( 'AUTODISCOVER' , [ false , "Automatically discover domain URI" , true ] ) ,
33
33
OptString . new ( 'AD_DOMAIN' , [ false , "The Active Directory domain name" , nil ] ) ,
34
- OptString . new ( 'TARGET_URI ' , [ false , "The location of the NTLM service" , nil ] ) ,
35
- OptInt . new ( 'RPORT' , [ true , "The target port" , 443 ] ) ,
34
+ OptString . new ( 'TARGETURI ' , [ false , "The location of the NTLM service" , nil ] ) ,
35
+ OptInt . new ( 'RPORT' , [ true , "The target port" , 443 ] )
36
36
] , self . class )
37
37
end
38
38
@@ -46,18 +46,18 @@ def run_host(ip)
46
46
47
47
if datastore [ 'AUTODISCOVER' ]
48
48
domain , uri = autodiscover ( cli )
49
- if domain and uri
49
+ if domain && uri
50
50
print_good ( "Found NTLM service at #{ uri } for domain #{ domain } ." )
51
51
else
52
52
print_error ( "Failed to autodiscover - try manually" )
53
53
return
54
54
end
55
- elsif datastore [ 'AD_DOMAIN' ] and datastore [ 'TARGET_URI ' ]
55
+ elsif datastore [ 'AD_DOMAIN' ] && datastore [ 'TARGETURI ' ]
56
56
domain = datastore [ 'AD_DOMAIN' ]
57
- uri = datastore [ 'TARGET_URI ' ]
57
+ uri = datastore [ 'TARGETURI ' ]
58
58
uri << "/" unless uri . chars . last == "/"
59
59
else
60
- print_error ( "You must set AD_DOMAIN and TARGET_URI if not using autodiscover." )
60
+ print_error ( "You must set AD_DOMAIN and TARGETURI if not using autodiscover." )
61
61
return
62
62
end
63
63
@@ -107,11 +107,11 @@ def run_host(ip)
107
107
108
108
def autodiscover ( cli )
109
109
uris = %w[ /ews/ /rpc/ /public/ ]
110
- uris . each do |u |
110
+ uris . each do |uri |
111
111
begin
112
112
req = cli . request_raw ( {
113
113
'encode' => true ,
114
- 'uri' => u ,
114
+ 'uri' => uri ,
115
115
'method' => 'GET' ,
116
116
'headers' => { 'Authorization' => 'NTLM TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw==' }
117
117
} )
@@ -122,15 +122,15 @@ def autodiscover(cli)
122
122
next
123
123
end
124
124
125
- if not res
125
+ unless res
126
126
print_error ( "HTTP Connection Timeout" )
127
127
next
128
128
end
129
129
130
130
if res && res . code == 401 && res . headers . has_key? ( 'WWW-Authenticate' ) && res . headers [ 'WWW-Authenticate' ] . match ( /^NTLM/i )
131
131
hash = res [ 'WWW-Authenticate' ] . split ( 'NTLM ' ) [ 1 ]
132
132
domain = Rex ::Proto ::NTLM ::Message . parse ( Rex ::Text . decode_base64 ( hash ) ) [ :target_name ] . value ( ) . gsub ( /\0 / , '' )
133
- return domain , u
133
+ return domain , uri
134
134
end
135
135
end
136
136
0 commit comments