Skip to content

Commit a14f499

Browse files
sgonzalez-r7sgonzalez-r7
committed
Merge branch 'landing-7074' into upstream-master
2 parents 1e0dcb9 + 1164c02 commit a14f499

File tree

9 files changed

+509
-344
lines changed

9 files changed

+509
-344
lines changed

Gemfile.lock

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,6 @@ PATH
3636
rex-text
3737
rex-zip
3838
robots
39-
rubyntlm
4039
rubyzip
4140
sqlite3
4241
sshkey

lib/metasploit/framework/mssql/client.rb

Lines changed: 157 additions & 126 deletions
Large diffs are not rendered by default.

lib/msf/core/exploit/http/client.rb

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,10 @@
22

33
require 'uri'
44
require 'digest'
5+
require 'rex/proto/ntlm/crypt'
6+
require 'rex/proto/ntlm/constants'
7+
require 'rex/proto/ntlm/utils'
8+
require 'rex/proto/ntlm/exceptions'
59
module Msf
610

711
###
@@ -12,6 +16,15 @@ module Msf
1216
###
1317
module Exploit::Remote::HttpClient
1418
include Msf::Auxiliary::Report
19+
include Exploit::Remote::NTLM::Client
20+
21+
#
22+
# Constants
23+
#
24+
NTLM_CRYPT = Rex::Proto::NTLM::Crypt
25+
NTLM_CONST = Rex::Proto::NTLM::Constants
26+
NTLM_UTILS = Rex::Proto::NTLM::Utils
27+
NTLM_XCEPT = Rex::Proto::NTLM::Exceptions
1528

1629
#
1730
# Initializes an exploit module that exploits a vulnerability in an HTTP
@@ -180,6 +193,12 @@ def connect(opts={})
180193
'uri_fake_end' => datastore['HTTP::uri_fake_end'],
181194
'uri_fake_params_start' => datastore['HTTP::uri_fake_params_start'],
182195
'header_folding' => datastore['HTTP::header_folding'],
196+
'usentlm2_session' => datastore['NTLM::UseNTLM2_session'],
197+
'use_ntlmv2' => datastore['NTLM::UseNTLMv2'],
198+
'send_lm' => datastore['NTLM::SendLM'],
199+
'send_ntlm' => datastore['NTLM::SendNTLM'],
200+
'SendSPN' => datastore['NTLM::SendSPN'],
201+
'UseLMKey' => datastore['NTLM::UseLMKey'],
183202
'domain' => datastore['DOMAIN'],
184203
'DigestAuthIIS' => datastore['DigestAuthIIS']
185204
)
@@ -236,6 +255,12 @@ def configure_http_login_scanner(conf)
236255
evade_uri_fake_end: datastore['HTTP::uri_fake_end'],
237256
evade_uri_fake_params_start: datastore['HTTP::uri_fake_params_start'],
238257
evade_header_folding: datastore['HTTP::header_folding'],
258+
ntlm_use_ntlmv2_session: datastore['NTLM::UseNTLM2_session'],
259+
ntlm_use_ntlmv2: datastore['NTLM::UseNTLMv2'],
260+
ntlm_send_lm: datastore['NTLM::SendLM'],
261+
ntlm_send_ntlm: datastore['NTLM::SendNTLM'],
262+
ntlm_send_spn: datastore['NTLM::SendSPN'],
263+
ntlm_use_lm_key: datastore['NTLM::UseLMKey'],
239264
ntlm_domain: datastore['DOMAIN'],
240265
digest_auth_iis: datastore['DigestAuthIIS']
241266
}.merge(conf)

0 commit comments

Comments
 (0)