Adding stop on success option.

61aefbba · Marcin Bury · 0212c827 · 61aefbba · 61aefbba · 61aefbba
Commit 61aefbba authored Apr 29, 2016 by Marcin Bury
11 changed files
--- a/routersploit/modules/creds/ftp_bruteforce.py
+++ b/routersploit/modules/creds/ftp_bruteforce.py
@@ -35,6 +35,7 @@ class Exploit(exploits.Exploit):
    usernames = exploits.Option('admin', 'Username or file with usernames (file://)')
    passwords = exploits.Option(wordlists.passwords, 'Password or file with passwords (file://)')
    verbosity = exploits.Option('yes', 'Display authentication attempts')
+    stop_on_success = exploits.Option('yes', 'Stop on first valid authentication attempt')

    credentials = []

@@ -107,7 +108,9 @@ class Exploit(exploits.Exploit):
                try:
                    ftp.login(user, password)

+                    if boolify(self.stop_on_success):
                        running.clear()
+
                    print_success("Target: {}:{} {}: Authentication succeed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=module_verbosity)
                    self.credentials.append((self.target, self.port, user, password))
                except:

--- a/routersploit/modules/creds/ftp_default.py
+++ b/routersploit/modules/creds/ftp_default.py
@@ -33,6 +33,7 @@ class Exploit(exploits.Exploit):
    threads = exploits.Option(8, 'Numbers of threads')
    defaults = exploits.Option(wordlists.defaults, 'User:Pass pair or file with default credentials (file://)')
    verbosity = exploits.Option('yes', 'Display authentication attempts')
+    stop_on_success = exploits.Option('yes', 'Stop on first valid authentication attempt')

    credentials = []

@@ -99,7 +100,9 @@ class Exploit(exploits.Exploit):
                try:
                    ftp.login(user, password)

+                    if boolify(self.stop_on_success):
                        running.clear()
+
                    print_success("Target: {}:{} {}: Authentication Succeed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=module_verbosity)
                    self.credentials.append((self.target, self.port, user, password))
                except:

--- a/routersploit/modules/creds/http_basic_bruteforce.py
+++ b/routersploit/modules/creds/http_basic_bruteforce.py
@@ -36,6 +36,7 @@ class Exploit(exploits.Exploit):
    passwords = exploits.Option(wordlists.passwords, 'Password or file with passwords (file://)')
    path = exploits.Option('/', 'URL Path')
    verbosity = exploits.Option('yes', 'Display authentication attempts')
+    stop_on_success = exploits.Option('yes', 'Stop on first valid authentication attempt')

    credentials = []

@@ -92,7 +93,9 @@ class Exploit(exploits.Exploit):
                response = http_request(method="GET", url=url, auth=(user, password))

                if response.status_code != 401:
+                    if boolify(self.stop_on_success):
                        running.clear()
+
                    print_success("Target: {}:{} {}: Authentication Succeed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=module_verbosity)
                    self.credentials.append((self.target, self.port, user, password))
                else:

--- a/routersploit/modules/creds/http_basic_default.py
+++ b/routersploit/modules/creds/http_basic_default.py
@@ -33,6 +33,7 @@ class Exploit(exploits.Exploit):
    defaults = exploits.Option(wordlists.defaults, 'User:Pass or file with default credentials (file://)')
    path = exploits.Option('/', 'URL Path')
    verbosity = exploits.Option('yes', 'Display authentication attempts')
+    stop_on_success = exploits.Option('yes', 'Stop on first valid authentication attempt')

    credentials = []

@@ -85,7 +86,9 @@ class Exploit(exploits.Exploit):
                response = http_request(method="GET", url=url, auth=(user, password))

                if response.status_code != 401:
+                    if boolify(self.stop_on_success):
                        running.clear()
+
                    print_success("Target: {}:{} {}: Authentication Succeed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=module_verbosity)
                    self.credentials.append((self.target, self.port, user, password))
                else:

--- a/routersploit/modules/creds/http_form_bruteforce.py
+++ b/routersploit/modules/creds/http_form_bruteforce.py
@@ -38,6 +38,7 @@ class Exploit(exploits.Exploit):
    path = exploits.Option('/login.php', 'URL Path')
    form_path = exploits.Option('same', 'same as path or URL Form Path')
    verbosity = exploits.Option('yes', 'Display authentication attempts')
+    stop_on_success = exploits.Option('yes', 'Stop on first valid authentication attempt')

    credentials = []
    data = ""
@@ -172,7 +173,9 @@ class Exploit(exploits.Exploit):
                l = len(r.text)

                if l < self.invalid["min"] or l > self.invalid["max"]:
+                    if boolify(self.stop_on_success):
                        running.clear()
+
                    print_success("Target: {}:{} {}: Authentication Succeed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=module_verbosity)
                    self.credentials.append((self.target, self.port, user, password))
                else:

--- a/routersploit/modules/creds/http_form_default.py
+++ b/routersploit/modules/creds/http_form_default.py
@@ -36,6 +36,7 @@ class Exploit(exploits.Exploit):
    path = exploits.Option('/login.php', 'URL Path')
    form_path = exploits.Option('same', 'same as path or URL Form Path')
    verbosity = exploits.Option('yes', 'Display authentication attempts')
+    stop_on_success = exploits.Option('yes', 'Stop on first valid authentication attempt')

    credentials = []
    data = ""
@@ -165,7 +166,9 @@ class Exploit(exploits.Exploit):
                l = len(r.text)

                if l < self.invalid["min"] or l > self.invalid["max"]:
+                    if boolify(self.stop_on_success):
                        running.clear()
+
                    print_success("Target: {}:{} {}: Authentication Succeed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=module_verbosity)
                    self.credentials.append((self.target, self.port, user, password))
                else:

--- a/routersploit/modules/creds/snmp_bruteforce.py
+++ b/routersploit/modules/creds/snmp_bruteforce.py
@@ -29,7 +29,7 @@ class Exploit(exploits.Exploit):
    threads = exploits.Option(8, 'Number of threads')
    snmp = exploits.Option(wordlists.snmp, 'Community string or file with community strings (file://)')
    verbosity = exploits.Option('yes', 'Display authentication attempts')
-    exit_on_success = exploits.Option('yes', 'Exit on first valid community string')
+    stop_on_success = exploits.Option('yes', 'Stop on first valid community string')
    strings = []

    def run(self):
@@ -76,7 +76,7 @@ class Exploit(exploits.Exploit):
                if errorIndication or errorStatus:
                    print_error("Target: {}:{} {}: Invalid community string - String: '{}'".format(self.target, self.port, name, string), verbose=module_verbosity)
                else:
-                    if boolify(self.exit_on_success):
+                    if boolify(self.stop_on_success):
                        running.clear()
                    print_success("Target: {}:{} {}: Valid community string found - String: '{}'".format(self.target, self.port, name, string), verbose=module_verbosity)
                    self.strings.append((self.target, self.port, string))

--- a/routersploit/modules/creds/ssh_bruteforce.py
+++ b/routersploit/modules/creds/ssh_bruteforce.py
@@ -33,6 +33,7 @@ class Exploit(exploits.Exploit):
    usernames = exploits.Option('admin', 'Username or file with usernames (file://)')
    passwords = exploits.Option(wordlists.passwords, 'Password or file with passwords (file://)')
    verbosity = exploits.Option('yes', 'Display authentication attempts')
+    stop_on_success = exploits.Option('yes', 'Stop on first valid authentication attempt')

    credentials = []

@@ -95,10 +96,10 @@ class Exploit(exploits.Exploit):
                ssh.close()
                print_error("Target: {}:{} {}: {} Username: '{}' Password: '{}'".format(self.target, self.port, name, err, user, password), verbose=module_verbosity)
            else:
+                if boolify(self.stop_on_success):
                    running.clear()

                print_success("Target: {}:{} {} Authentication Succeed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=module_verbosity)
-
                self.credentials.append((self.target, self.port, user, password))

        print_status(name, 'thread is terminated.', verbose=module_verbosity)
--- a/routersploit/modules/creds/ssh_default.py
+++ b/routersploit/modules/creds/ssh_default.py
@@ -32,6 +32,7 @@ class Exploit(exploits.Exploit):
    threads = exploits.Option(8, 'Numbers of threads')
    defaults = exploits.Option(wordlists.defaults, 'User:Pass or file with default credentials (file://)')
    verbosity = exploits.Option('yes', 'Display authentication attempts')
+    stop_on_success = exploits.Option('yes', 'Stop on first valid authentication attempt')

    credentials = []

@@ -90,10 +91,10 @@ class Exploit(exploits.Exploit):

                print_error("Target: {}:{} {}: {} Username: '{}' Password: '{}'".format(self.target, self.port, name, err, user, password), verbose=module_verbosity)
            else:
+                if boolify(self.stop_on_success):
                    running.clear()

                print_success("Target: {}:{} {} Authentication Succeed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=module_verbosity)
-
                self.credentials.append((self.target, self.port, user, password))

        print_status(name, 'process is terminated.', verbose=module_verbosity)
--- a/routersploit/modules/creds/telnet_bruteforce.py
+++ b/routersploit/modules/creds/telnet_bruteforce.py
@@ -32,6 +32,7 @@ class Exploit(exploits.Exploit):
    usernames = exploits.Option('admin', 'Username or file with usernames (file://)')
    passwords = exploits.Option(wordlists.passwords, 'Password or file with passwords (file://)')
    verbosity = exploits.Option('yes', 'Display authentication attempts')
+    stop_on_success = exploits.Option('yes', 'Stop on first valid authentication attempt')

    credentials = []

@@ -100,7 +101,9 @@ class Exploit(exploits.Exploit):
                            print_error("Target: {}:{} {}: Authentication Failed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=module_verbosity)
                        else:
                            if any(map(lambda x: x in res, ["#", "$", ">"])) or len(res) > 500:  # big banner e.g. mikrotik
+                                if boolify(self.stop_on_success):
                                    running.clear()
+
                                print_success("Target: {}:{} {}: Authentication Succeed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=module_verbosity)
                                self.credentials.append((self.target, self.port, user, password))
                        tn.close()

--- a/routersploit/modules/creds/telnet_default.py
+++ b/routersploit/modules/creds/telnet_default.py
@@ -32,6 +32,7 @@ class Exploit(exploits.Exploit):
    threads = exploits.Option(8, 'Numbers of threads')
    defaults = exploits.Option(wordlists.defaults, 'User:Pass or file with default credentials (file://)')
    verbosity = exploits.Option('yes', 'Display authentication attempts')
+    stop_on_success = exploits.Option('yes', 'Stop on first valid authentication attempt')

    credentials = []

@@ -94,7 +95,9 @@ class Exploit(exploits.Exploit):
                            print_error("Target: {}:{} {}: Authentication Failed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=module_verbosity)
                        else:
                            if any(map(lambda x: x in res, ["#", "$", ">"])) or len(res) > 500:  # big banner e.g. mikrotik
+                                if boolify(self.stop_on_success):
                                    running.clear()
+
                                print_success("Target: {}:{} {}: Authentication Succeed - Username: '{}' Password: '{}'".format(self.target, self.port, name, user, password), verbose=module_verbosity)
                                self.credentials.append((self.target, self.port, user, password))
                        tn.close()