working snmp_login module

David Maloney · David Maloney · commit e54f5e8ee7c8 · 2014-07-22T12:44:21.000-05:00
diff --git a/lib/metasploit/framework/community_string_collection.rb b/lib/metasploit/framework/community_string_collection.rb
@@ -41,16 +41,21 @@ def initialize(opts = {})
       # @yieldparam credential [Metasploit::Framework::Credential]
       # @return [void]
       def each
-        if pass_file.present?
-          pass_fd = File.open(pass_file, 'r:binary')
-          pass_fd.each_line do |line|
-            line.chomp!
-            yield Metasploit::Framework::Credential.new(public: line, paired: false)
+        begin
+          if pass_file.present?
+            pass_fd = File.open(pass_file, 'r:binary')
+            pass_fd.each_line do |line|
+              line.chomp!
+              yield Metasploit::Framework::Credential.new(public: line, paired: false)
+            end
+          end
+
+          if password.present?
+            yield Metasploit::Framework::Credential.new(public: password, paired: false)
           end
-        end
 
-        if password.present?
-          yield Metasploit::Framework::Credential.new(public: password, paired: false)
+        ensure
+          pass_fd.close if pass_fd && !pass_fd.closed?
         end
       end
 
diff --git a/modules/auxiliary/scanner/snmp/snmp_login.rb b/modules/auxiliary/scanner/snmp/snmp_login.rb
@@ -5,8 +5,8 @@
 
 
 require 'msf/core'
-require 'openssl'
-require 'snmp'
+require 'metasploit/framework/community_string_collection'
+require 'metasploit/framework/login_scanner/snmp'
 
 class Metasploit3 < Msf::Auxiliary
 
@@ -50,11 +50,64 @@ def run_batch_size
   def run_batch(batch)
 
     batch.each do |ip|
-
-
-
+      collection = Metasploit::Framework::CommunityStringCollection.new(
+          pass_file: datastore['PASS_FILE'],
+          password: datastore['PASSWORD']
+      )
+
+      scanner = Metasploit::Framework::LoginScanner::SNMP.new(
+          host: ip,
+          port: rport,
+          cred_details: collection,
+          stop_on_success: datastore['STOP_ON_SUCCESS'],
+          connection_timeout: 2
+      )
+
+      service_data = {
+          address: ip,
+          port: rport,
+          service_name: 'snmp',
+          protocol: 'udp',
+          workspace_id: myworkspace_id
+      }
+
+      scanner.scan! do |result|
+        if result.success?
+          credential_data = {
+              module_fullname: self.fullname,
+              origin_type: :service,
+              username: result.credential.public
+          }
+          credential_data.merge!(service_data)
+
+          credential_core = create_credential(credential_data)
+
+          login_data = {
+              core: credential_core,
+              last_attempted_at: DateTime.now,
+              status: Metasploit::Model::Login::Status::SUCCESSFUL
+          }
+          login_data.merge!(service_data)
+
+          create_credential_login(login_data)
+          print_good "#{ip}:#{rport} - LOGIN SUCCESSFUL: #{result.credential}"
+        else
+          invalidate_data = {
+              public: result.credential.public,
+              private: result.credential.private,
+              realm_key: result.credential.realm_key,
+              realm_value: result.credential.realm,
+              status: result.status
+          } .merge(service_data)
+          invalidate_login(invalidate_data)
+          print_status "#{ip}:#{rport} - LOGIN FAILED: #{result.credential} (#{result.status}: #{result.proof})"
+        end
+      end
     end
+  end
 
+  def rport
+    datastore['RPORT']
   end
 
 
