Land rapid7#6950, avoid printing rhost:rport twice when using Msf::Exploit::Remote::SMB::Client

Author: Brent Cook

lib/msf/core/auxiliary/auth_brute.rb

@@ -593,8 +593,7 @@ def build_brute_message(host_ip,host_port,proto,msg,legacy)
       old_msg = msg.to_s.strip
       msg_regex = /(#{ip})(:#{port})?(\s*-?\s*)(#{proto.to_s})?(\s*-?\s*)(.*)/ni
       if old_msg.match(msg_regex) and !old_msg.match(msg_regex)[6].to_s.strip.empty?
-        complete_message = [ip,port].join(":")
-        (complete_message << " ") if ip
+        complete_message = ''
         complete_message << (old_msg.match(msg_regex)[4] || proto).to_s
         complete_message << " - "
         progress = tried_over_total(ip,port)
@@ -604,8 +603,7 @@ def build_brute_message(host_ip,host_port,proto,msg,legacy)
         complete_message = msg.to_s.strip
       end
     else
-      complete_message = [ip,port].join(":")
-      (complete_message << " ") if ip
+      complete_message = ''
       complete_message << "#{proto.to_s.strip} - " if proto
       progress = tried_over_total(ip,port)
       complete_message << progress if progress

modules/auxiliary/admin/smb/check_dir_file.rb

@@ -64,11 +64,11 @@ def check_path(path)
       when "STATUS_OBJECT_PATH_NOT_FOUND"
         vprint_error("Object PATH \\\\#{rhost}\\#{datastore['SMBSHARE']}\\#{path} NOT found!")
       when "STATUS_ACCESS_DENIED"
-        vprint_error("Host #{rhost} reports access denied.")
+        vprint_error("Host reports access denied.")
       when "STATUS_BAD_NETWORK_NAME"
-        vprint_error("Host #{rhost} is NOT connected to #{datastore['SMBDomain']}!")
+        vprint_error("Host is NOT connected to #{datastore['SMBDomain']}!")
       when "STATUS_INSUFF_SERVER_RESOURCES"
-        vprint_error("Host #{rhost} rejected with insufficient resources!")
+        vprint_error("Host rejected with insufficient resources!")
       when "STATUS_OBJECT_NAME_INVALID"
         vprint_error("opeining \\#{path} bad filename")
       else
@@ -92,13 +92,13 @@ def run_host(ip)
         check_path(path.chomp)
       end #end do
     rescue ::Rex::HostUnreachable
-      vprint_error("Host #{rhost} offline.")
+      vprint_error("Host offline.")
     rescue ::Rex::Proto::SMB::Exceptions::LoginError
-      print_error("Host #{rhost} login error.")
+      print_error("Host login error.")
     rescue ::Rex::ConnectionRefused
-      print_error "Host #{rhost} unable to connect - connection refused"
+      print_error "Unable to connect - connection refused"
     rescue ::Rex::Proto::SMB::Exceptions::ErrorCode
-      print_error "Host #{rhost} unable to connect to share #{datastore['SMBSHARE']}"
+      print_error "Unable to connect to share #{datastore['SMBSHARE']}"
     end # end begin
   end # end def
 end

modules/auxiliary/admin/smb/delete_file.rb

@@ -41,22 +41,22 @@ def initialize
   end
 
   def smb_delete_files
-    vprint_status("#{peer}: Connecting to the server...")
+    vprint_status("Connecting to the server...")
     connect()
     smb_login()
 
-    vprint_status("#{peer}: Mounting the remote share \\\\#{datastore['RHOST']}\\#{datastore['SMBSHARE']}'...")
+    vprint_status("Mounting the remote share \\\\#{datastore['RHOST']}\\#{datastore['SMBSHARE']}'...")
     self.simple.connect("\\\\#{rhost}\\#{datastore['SMBSHARE']}")
 
     remote_paths.each do |remote_path|
       begin
         simple.delete("\\#{remote_path}")
 
         # If there's no exception raised at this point, we assume the file has been removed.
-        print_good("#{peer}: Deleted: #{remote_path}")
+        print_good("Deleted: #{remote_path}")
       rescue Rex::Proto::SMB::Exceptions::ErrorCode => e
         elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
-        print_error("#{peer}: Cannot delete #{remote_path}: #{e.message}")
+        print_error("Cannot delete #{remote_path}: #{e.message}")
       end
     end
   end
@@ -66,7 +66,7 @@ def run_host(_ip)
       smb_delete_files
     rescue Rex::Proto::SMB::Exceptions::LoginError => e
       elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
-      print_error("#{peer}: Unable to login: #{e.message}")
+      print_error("Unable to login: #{e.message}")
     end
   end
 

modules/auxiliary/admin/smb/download_file.rb

@@ -41,7 +41,7 @@ def initialize
   end
 
   def smb_download
-    vprint_status("#{peer}: Connecting...")
+    vprint_status("Connecting...")
     connect()
     smb_login()
 
@@ -50,7 +50,7 @@ def smb_download
 
     remote_paths.each do |remote_path|
       begin
-        vprint_status("#{peer}: Trying to download #{remote_path}...")
+        vprint_status("Trying to download #{remote_path}...")
 
         data = ''
         fd = simple.open("\\#{remote_path}", 'ro')
@@ -62,10 +62,10 @@ def smb_download
 
         fname = remote_path.split("\\")[-1]
         path = store_loot("smb.shares.file", "application/octet-stream", rhost, data, fname)
-        print_good("#{peer}: #{remote_path} saved as: #{path}")
+        print_good("#{remote_path} saved as: #{path}")
       rescue Rex::Proto::SMB::Exceptions::ErrorCode => e
         elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
-        print_error("#{peer} Unable to download #{remote_path}: #{e.message}")
+        print_error("Unable to download #{remote_path}: #{e.message}")
       end
     end
   end
@@ -75,7 +75,7 @@ def run_host(ip)
       smb_download
     rescue Rex::Proto::SMB::Exceptions::LoginError => e
       elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
-      print_error("#{peer} Unable to login: #{e.message}")
+      print_error("Unable to login: #{e.message}")
     end
   end
 

modules/auxiliary/admin/smb/upload_file.rb

@@ -49,32 +49,38 @@ def initialize
 
   def run_host(_ip)
     begin
-      vprint_status("#{peer}: Connecting to the server...")
+      vprint_status("Connecting to the server...")
       connect()
       smb_login()
 
-      vprint_status("#{peer}: Mounting the remote share \\\\#{datastore['RHOST']}\\#{datastore['SMBSHARE']}'...")
+      vprint_status("Mounting the remote share \\\\#{datastore['RHOST']}\\#{datastore['SMBSHARE']}'...")
       self.simple.connect("\\\\#{rhost}\\#{datastore['SMBSHARE']}")
 
       remote_path = remote_paths.first
+
+      if local_paths.nil?
+        print_error("Local paths not specified")
+        return
+      end
+
       local_paths.each do |local_path|
         begin
-          vprint_status("#{peer}: Trying to upload #{local_path} to #{remote_path}...")
+          vprint_status("Trying to upload #{local_path} to #{remote_path}...")
 
           fd = simple.open("\\#{remote_path}", 'rwct')
           data = ::File.read(datastore['LPATH'], ::File.size(datastore['LPATH']))
           fd.write(data)
           fd.close
 
-          print_good("#{peer}: #{local_path} uploaded to #{remote_path}")
+          print_good("#{local_path} uploaded to #{remote_path}")
         rescue Rex::Proto::SMB::Exceptions::ErrorCode => e
           elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
-          print_error("#{peer} Unable to upload #{local_path} to #{remote_path} : #{e.message}")
+          print_error("Unable to upload #{local_path} to #{remote_path} : #{e.message}")
         end
       end
     rescue Rex::Proto::SMB::Exceptions::LoginError => e
       elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
-      print_error("#{peer} Unable to login: #{e.message}")
+      print_error("Unable to login: #{e.message}")
     end
   end
 end

modules/auxiliary/gather/windows_deployment_services_shares.rb

@@ -60,7 +60,7 @@ def srvsvc_netshareenum
     begin
       dcerpc_bind(handle)
     rescue Rex::Proto::SMB::Exceptions::ErrorCode => e
-      print_error("#{rhost} : #{e.message}")
+      print_error(e.message)
       return
     end
 
@@ -148,7 +148,7 @@ def run_host(ip)
         share_type = share[1]
 
         if share_type == "DISK" && (share_name == "REMINST" || share_comm == "MDT Deployment Share")
-          vprint_good("#{ip}:#{rport} Identified deployment share #{share_name} #{share_comm}")
+          vprint_good("Identified deployment share #{share_name} #{share_comm}")
           deploy_shares << share_name
         end
       end
@@ -164,12 +164,12 @@ def run_host(ip)
 
   def query_share(share)
     share_path = "\\\\#{rhost}\\#{share}"
-    vprint_status("#{rhost}:#{rport} Enumerating #{share}...")
+    vprint_status("Enumerating #{share}...")
 
     begin
       simple.connect(share_path)
     rescue Rex::Proto::SMB::Exceptions::ErrorCode => e
-      print_error("#{rhost}:#{rport} Could not access share: #{share} - #{e}")
+      print_error("Could not access share: #{share} - #{e}")
       return
     end
 
@@ -188,7 +188,7 @@ def query_share(share)
         next unless cred['password'].to_s.length > 0
 
         report_creds(cred['domain'].to_s, cred['username'], cred['password'])
-        print_good("#{rhost}:#{rport} Credentials: " +
+        print_good("Credentials: " +
           "Path=#{share_path}#{file_path} " +
           "Username=#{cred['domain'].to_s}\\#{cred['username'].to_s} " +
           "Password=#{cred['password'].to_s}"
@@ -238,7 +238,7 @@ def parse_client_unattend(data)
   def loot_unattend(data)
     return if data.empty?
     path = store_loot('windows.unattend.raw', 'text/plain', rhost, data, "Windows Deployment Services")
-    print_status("#{rhost}:#{rport} Stored unattend.xml in #{path}")
+    print_status("Stored unattend.xml in #{path}")
   end
 
   def report_creds(domain, user, pass)

modules/auxiliary/scanner/smb/pipe_auditor.rb

@@ -89,7 +89,7 @@ def run_host(ip)
     end
 
     if(pass.length > 0)
-      print_status("#{ip} - Pipes: #{pass.map{|c| "\\#{c}"}.join(", ")}")
+      print_status("Pipes: #{pass.map{|c| "\\#{c}"}.join(", ")}")
       # Add Report
       report_note(
         :host	=> ip,

modules/auxiliary/scanner/smb/pipe_dcerpc_auditor.rb

@@ -274,7 +274,7 @@ def run_host(ip)
 
         begin
           dcerpc_bind(handle)
-          print_line("#{ip} - UUID #{uuid[0]} #{uuid[1]} OPEN VIA #{datastore['SMBPIPE']}")
+          print_line("UUID #{uuid[0]} #{uuid[1]} OPEN VIA #{datastore['SMBPIPE']}")
           # Add Report
           report_note(
             :host	=> ip,

modules/auxiliary/scanner/smb/smb_enum_gpp.rb

@@ -62,11 +62,11 @@ def check_path(ip, path)
       when 'STATUS_OBJECT_PATH_NOT_FOUND'
         vprint_error("Object PATH \\\\#{ip}\\#{datastore['SMBSHARE']}\\#{path} NOT found!")
       when 'STATUS_ACCESS_DENIED'
-       vprint_error("Host #{ip} reports access denied.")
+       vprint_error("Host reports access denied.")
       when 'STATUS_BAD_NETWORK_NAME'
-        vprint_error("Host #{ip} is NOT connected to #{datastore['SMBDomain']}!")
+        vprint_error("Host is NOT connected to #{datastore['SMBDomain']}!")
       when 'STATUS_INSUFF_SERVER_RESOURCES'
-        vprint_error("Host #{ip} rejected with insufficient resources!")
+        vprint_error("Host rejected with insufficient resources!")
       when 'STATUS_OBJECT_NAME_INVALID'
         vprint_error("opening \\#{path} bad filename")
       else

modules/auxiliary/scanner/smb/smb_enumshares.rb

@@ -187,7 +187,7 @@ def lanman_netshareenum(ip, rport, info)
         ))
     rescue ::Rex::Proto::SMB::Exceptions::ErrorCode => e
       if e.error_code == 0xC00000BB
-        vprint_error("#{ip}:#{rport} - Got 0xC00000BB while enumerating shares, switching to srvsvc...")
+        vprint_error("Got 0xC00000BB while enumerating shares, switching to srvsvc...")
         @srvsvc = true # Make sure the module is aware of this state
         return srvsvc_netshareenum(ip)
       end
@@ -224,7 +224,7 @@ def srvsvc_netshareenum(ip)
     begin
       dcerpc_bind(handle)
     rescue Rex::Proto::SMB::Exceptions::ErrorCode => e
-      vprint_error("#{ip} : #{e.message}")
+      vprint_error(e.message)
       return []
     end
 
@@ -336,7 +336,7 @@ def get_files_info(ip, rport, shares, info)
         next
       end
       if not datastore['ShowFiles']
-        print_status("#{ip}:#{rport} - Spidering #{x}.")
+        print_status("Spidering #{x}.")
       end
       subdirs = [""]
       if x.strip() == "C$" and datastore['SpiderProfiles']
@@ -361,7 +361,7 @@ def get_files_info(ip, rport, shares, info)
             subdirs.shift
             next
           end
-          header = "#{ip}:#{rport}"
+          header = ""
           if simple.client.default_domain and simple.client.default_name
             header << " \\\\#{simple.client.default_domain}"
           end
@@ -408,18 +408,18 @@ def get_files_info(ip, rport, shares, info)
         end
         subdirs.shift
       end
-    print_status("#{ip}:#{rport} - Spider #{x} complete.") unless datastore['ShowFiles']
+    print_status("Spider #{x} complete.") unless datastore['ShowFiles']
     end
     unless detailed_tbl.rows.empty?
       if datastore['LogSpider'] == '1'
         p = store_loot('smb.enumshares', 'text/csv', ip, detailed_tbl.to_csv)
-        print_good("#{ip} - info saved in: #{p.to_s}")
+        print_good("info saved in: #{p.to_s}")
       elsif datastore['LogSpider'] == '2'
         p = store_loot('smb.enumshares', 'text/plain', ip, detailed_tbl)
-        print_good("#{ip} - info saved in: #{p.to_s}")
+        print_good("info saved in: #{p.to_s}")
       elsif datastore['LogSpider'] == '3'
         p = store_loot('smb.enumshares', 'text/plain', ip, logdata)
-        print_good("#{ip} - info saved in: #{p.to_s}")
+        print_good("info saved in: #{p.to_s}")
       end
     end
   end
@@ -453,12 +453,12 @@ def run_host(ip)
         end
 
         os_info     = get_os_info(ip, rport)
-        print_status("#{ip}:#{rport} - #{os_info}") if os_info
+        print_status(os_info) if os_info
 
         if shares.empty?
-          print_status("#{ip}:#{rport} - No shares collected")
+          print_status("No shares collected")
         else
-          shares_info = shares.map{|x| "#{ip}:#{rport} - #{x[0]} - (#{x[1]}) #{x[2]}" }.join(", ")
+          shares_info = shares.map{|x| "#{x[0]} - (#{x[1]}) #{x[2]}" }.join(", ")
           shares_info.split(", ").each { |share|
             print_good share
           }
@@ -482,15 +482,15 @@ def run_host(ip)
         raise $!
       rescue ::Rex::Proto::SMB::Exceptions::LoginError,
         ::Rex::Proto::SMB::Exceptions::ErrorCode => e
-        print_error("#{ip}:#{rport} - #{e.message}")
+        print_error(e.message)
         return if e.message =~ /STATUS_ACCESS_DENIED/
       rescue Errno::ECONNRESET,
         ::Rex::Proto::SMB::Exceptions::InvalidType,
         ::Rex::Proto::SMB::Exceptions::ReadPacket,
         ::Rex::Proto::SMB::Exceptions::InvalidCommand,
         ::Rex::Proto::SMB::Exceptions::InvalidWordCount,
         ::Rex::Proto::SMB::Exceptions::NoReply => e
-        vprint_error("#{ip}:#{rport} - #{e.message}")
+        vprint_error(e.message)
         next if not shares.empty? and rport == 139 # no results, try again
       rescue Errno::ENOPROTOOPT
         print_status("Wait 5 seconds before retrying...")
@@ -499,7 +499,7 @@ def run_host(ip)
       rescue ::Exception => e
         next if e.to_s =~ /execution expired/
         next if not shares.empty? and rport == 139
-        vprint_error("#{ip}:#{rport} - Error: '#{ip}' '#{e.class}' '#{e.to_s}'")
+        vprint_error("Error: '#{ip}' '#{e.class}' '#{e.to_s}'")
       ensure
         disconnect
       end