Skip to content

Commit a30711d

Browse files
bwatters-r7bwatters-r7
committed
Land rapid7#7279, Use the rubyntlm gem (again)
2 parents 24bb6b1 + 11685b7 commit a30711d

File tree

9 files changed

+346
-509
lines changed

9 files changed

+346
-509
lines changed

Gemfile.lock

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,7 @@ PATH
4747
rex-text
4848
rex-zip
4949
robots
50+
rubyntlm
5051
rubyzip
5152
sqlite3
5253
sshkey

lib/metasploit/framework/mssql/client.rb

Lines changed: 126 additions & 157 deletions
Large diffs are not rendered by default.

lib/msf/core/exploit/http/client.rb

Lines changed: 0 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -2,10 +2,6 @@
22

33
require 'uri'
44
require 'digest'
5-
require 'rex/proto/ntlm/crypt'
6-
require 'rex/proto/ntlm/constants'
7-
require 'rex/proto/ntlm/utils'
8-
require 'rex/proto/ntlm/exceptions'
95
module Msf
106

117
###
@@ -16,15 +12,6 @@ module Msf
1612
###
1713
module Exploit::Remote::HttpClient
1814
include Msf::Auxiliary::Report
19-
include Exploit::Remote::NTLM::Client
20-
21-
#
22-
# Constants
23-
#
24-
NTLM_CRYPT = Rex::Proto::NTLM::Crypt
25-
NTLM_CONST = Rex::Proto::NTLM::Constants
26-
NTLM_UTILS = Rex::Proto::NTLM::Utils
27-
NTLM_XCEPT = Rex::Proto::NTLM::Exceptions
2815

2916
#
3017
# Initializes an exploit module that exploits a vulnerability in an HTTP
@@ -194,12 +181,6 @@ def connect(opts={})
194181
'uri_fake_end' => datastore['HTTP::uri_fake_end'],
195182
'uri_fake_params_start' => datastore['HTTP::uri_fake_params_start'],
196183
'header_folding' => datastore['HTTP::header_folding'],
197-
'usentlm2_session' => datastore['NTLM::UseNTLM2_session'],
198-
'use_ntlmv2' => datastore['NTLM::UseNTLMv2'],
199-
'send_lm' => datastore['NTLM::SendLM'],
200-
'send_ntlm' => datastore['NTLM::SendNTLM'],
201-
'SendSPN' => datastore['NTLM::SendSPN'],
202-
'UseLMKey' => datastore['NTLM::UseLMKey'],
203184
'domain' => datastore['DOMAIN'],
204185
'DigestAuthIIS' => datastore['DigestAuthIIS']
205186
)
@@ -256,12 +237,6 @@ def configure_http_login_scanner(conf)
256237
evade_uri_fake_end: datastore['HTTP::uri_fake_end'],
257238
evade_uri_fake_params_start: datastore['HTTP::uri_fake_params_start'],
258239
evade_header_folding: datastore['HTTP::header_folding'],
259-
ntlm_use_ntlmv2_session: datastore['NTLM::UseNTLM2_session'],
260-
ntlm_use_ntlmv2: datastore['NTLM::UseNTLMv2'],
261-
ntlm_send_lm: datastore['NTLM::SendLM'],
262-
ntlm_send_ntlm: datastore['NTLM::SendNTLM'],
263-
ntlm_send_spn: datastore['NTLM::SendSPN'],
264-
ntlm_use_lm_key: datastore['NTLM::UseLMKey'],
265240
ntlm_domain: datastore['DOMAIN'],
266241
digest_auth_iis: datastore['DigestAuthIIS']
267242
}.merge(conf)

0 commit comments

Comments
 (0)