Class: Metasploit::Framework::LoginScanner::VarnishCLI

Inherits:
Object
  • Object
show all
Includes:
Base, RexSocket, Tcp::Client, Varnish::Client
Defined in:
lib/metasploit/framework/login_scanner/varnish.rb

Overview

This is the LoginScanner class for dealing with Varnish CLI.

Constant Summary collapse

DEFAULT_PORT =
6082
LIKELY_PORTS =
[ DEFAULT_PORT ]
LIKELY_SERVICE_NAMES =
[ 'varnishcli' ]
PRIVATE_TYPES =
[ :password ]
REALM_KEY =
nil

Instance Attribute Summary

Attributes included from Tcp::Client

#max_send_size, #send_delay, #sock

Instance Method Summary collapse

Methods included from Varnish::Client

#close_session, #login, #require_auth?

Methods included from Tcp::Client

#chost, #connect, #cport, #disconnect, #proxies, #rhost, #rport, #set_tcp_evasions, #ssl, #ssl_version

Instance Method Details

#attempt_login(credential) ⇒ Object


24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
# File 'lib/metasploit/framework/login_scanner/varnish.rb', line 24

def (credential)
  begin
    connect
    success = (credential.private)
    close_session
    disconnect
  rescue RuntimeError => e
    return {:status => Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, :proof => e.message}
  rescue Rex::ConnectionError, EOFError, Timeout::Error
    status = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
  end
  status = (success == true) ? Metasploit::Model::Login::Status::SUCCESSFUL : Metasploit::Model::Login::Status::INCORRECT

  result = Result.new(credential: credential, status: status)
  result.host         = host
  result.port         = port
  result.protocol     = 'tcp'
  result.service_name = 'varnishcli'
  result
end

#set_sane_defaultsObject


45
46
47
48
49
50
# File 'lib/metasploit/framework/login_scanner/varnish.rb', line 45

def set_sane_defaults
  self.connection_timeout ||= 30
  self.port               ||= DEFAULT_PORT
  self.max_send_size      ||= 0
  self.send_delay         ||= 0
end