-
Notifications
You must be signed in to change notification settings - Fork 13.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow settings the RPORT option for pipe_dcerpc_auditor #19529
base: master
Are you sure you want to change the base?
Conversation
Thanks for your pull request! Before this pull request can be merged, it must pass the checks of our automated linting tools. We use Rubocop and msftidy to ensure the quality of our code. This can be ran from the root directory of Metasploit:
You can automate most of these changes with the
Please update your branch after these have been made, and reach out if you have any problems. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks so much for the change!
This is an older module, so it is not quite up to the normal linting we hold, now. I know you have not changed all of it, but we'd really appreciate it if you could run this through Rubocop just to see how much of a lift it would be to bring it up.
datastore['RPORT'] = port | ||
check_uuids(ip) | ||
else | ||
if datastore['RPORT'].blank? || datastore['RPORT'] == 0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The RPORT is not registered here, so it could have a default already?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes it has default value as you can see in the below, which is 445:
msf6 > use auxiliary/scanner/smb/pipe_dcerpc_auditor
[*] New in Metasploit 6.4 - This module can target a SESSION or an RHOST
msf6 auxiliary(scanner/smb/pipe_dcerpc_auditor) > options
Module options (auxiliary/scanner/smb/pipe_dcerpc_auditor):
Name Current Setting Required Description
---- --------------- -------- -----------
SMBPIPE BROWSER yes The pipe name to use (BROWSER)
Used when connecting via an existing SESSION:
Name Current Setting Required Description
---- --------------- -------- -----------
SESSION no The session to run this module on
Used when making a new connection via RHOSTS:
Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS no The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
RPORT 445 no The target port (TCP)
SMBDomain . no The Windows domain to use for authentication
SMBPass no The password for the specified username
SMBUser no The username to authenticate as
THREADS 1 yes The number of concurrent threads (max one per host)
View the full module info with the info, or info -d command.
This PR adds the same pattern in #19163 to
pipe_dcerpc_auditor
.