Class: Metasploit::Framework::LoginScanner::VarnishCLI

Inherits:

Object

• Object
• Metasploit::Framework::LoginScanner::VarnishCLI

Includes:

Base, RexSocket, Tcp::Client, Varnish::Client

Defined in:

lib/metasploit/framework/login_scanner/varnish.rb

Overview

This is the LoginScanner class for dealing with Varnish CLI.

Constant Summary

DEFAULT_PORT =

6082

LIKELY_PORTS =

[ DEFAULT_PORT ]

LIKELY_SERVICE_NAMES =

[ 'varnishcli' ]

PRIVATE_TYPES =

[ :password ]

REALM_KEY =

nil

Instance Attribute Summary

Attributes included from Tcp::Client

#max_send_size, #send_delay, #sock

Instance Method Summary

• #attempt_login(credential) ⇒ Object
• #set_sane_defaults ⇒ Object

Methods included from Varnish::Client

#close_session, #login, #require_auth?

Methods included from Tcp::Client

#chost, #connect, #cport, #disconnect, #proxies, #rhost, #rport, #set_tcp_evasions, #ssl, #ssl_version

Instance Method Details

#attempt_login(credential) ⇒ Object

# File 'lib/metasploit/framework/login_scanner/varnish.rb', line 24

def attempt_login(credential)
  begin
    connect
    success = login(credential.private)
    close_session
    disconnect
  rescue RuntimeError => e
    return {:status => Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, :proof => e.message}
  rescue Rex::ConnectionError, EOFError, Timeout::Error
    status = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
  end
  status = (success == true) ? Metasploit::Model::Login::Status::SUCCESSFUL : Metasploit::Model::Login::Status::INCORRECT

  result = Result.new(credential: credential, status: status)
  result.host         = host
  result.port         = port
  result.protocol     = 'tcp'
  result.service_name = 'varnishcli'
  result
end

#set_sane_defaults ⇒ Object

# File 'lib/metasploit/framework/login_scanner/varnish.rb', line 45

def set_sane_defaults
  self.connection_timeout ||= 30
  self.port               ||= DEFAULT_PORT
  self.max_send_size      ||= 0
  self.send_delay         ||= 0
end