Class: Metasploit::Framework::LoginScanner::WowzaStreamingEngineManager

Inherits:

HTTP

• Object
• HTTP
• Metasploit::Framework::LoginScanner::WowzaStreamingEngineManager

Defined in:

lib/metasploit/framework/login_scanner/wowza_streaming_engine_manager.rb

Constant Summary

DEFAULT_PORT =

8088

PRIVATE_TYPES =

[ :password ].freeze

LOGIN_STATUS =

Metasploit::Model::Login::Status

Constants inherited from HTTP

HTTP::AUTHORIZATION_HEADER, HTTP::DEFAULT_HTTP_NOT_AUTHED_CODES, HTTP::DEFAULT_HTTP_SUCCESS_CODES, HTTP::DEFAULT_REALM, HTTP::DEFAULT_SSL_PORT, HTTP::LIKELY_PORTS, HTTP::LIKELY_SERVICE_NAMES, HTTP::REALM_KEY

Instance Attribute Summary

Attributes inherited from HTTP

#digest_auth_iis, #evade_header_folding, #evade_method_random_case, #evade_method_random_invalid, #evade_method_random_valid, #evade_pad_fake_headers, #evade_pad_fake_headers_count, #evade_pad_get_params, #evade_pad_get_params_count, #evade_pad_method_uri_count, #evade_pad_method_uri_type, #evade_pad_post_params, #evade_pad_post_params_count, #evade_pad_uri_version_count, #evade_pad_uri_version_type, #evade_shuffle_get_params, #evade_shuffle_post_params, #evade_uri_dir_fake_relative, #evade_uri_dir_self_reference, #evade_uri_encode_mode, #evade_uri_fake_end, #evade_uri_fake_params_start, #evade_uri_full_url, #evade_uri_use_backslashes, #evade_version_random_invalid, #evade_version_random_valid, #http_password, #http_success_codes, #http_username, #keep_connection_alive, #kerberos_authenticator_factory, #method, #ntlm_domain, #ntlm_send_lm, #ntlm_send_ntlm, #ntlm_send_spn, #ntlm_use_lm_key, #ntlm_use_ntlmv2, #ntlm_use_ntlmv2_session, #uri, #user_agent, #vhost

Instance Method Summary

• #attempt_login(credential) ⇒ Result

  Attempts to login to Wowza Streaming Engine server via Manager web interface.

• #check_setup ⇒ Boolean

  Checks if the target is Wowza Streaming Engine Manager.

Methods inherited from HTTP

#authentication_required?, #send_request

Instance Method Details

#attempt_login(credential) ⇒ Result

Attempts to login to Wowza Streaming Engine server via Manager web interface

Parameters:

• credential (Metasploit::Framework::Credential) —

  The credential object

Returns:

• (Result) —

  A Result object indicating success or failure

# File 'lib/metasploit/framework/login_scanner/wowza_streaming_engine_manager.rb', line 31

def attempt_login(credential)
  result_opts = {
    credential: credential,
    status: Metasploit::Model::Login::Status::INCORRECT,
    proof: nil,
    host: host,
    port: port,
    protocol: 'tcp'
  }

  res = send_request({
    'method' => 'POST',
    'uri' => normalize_uri('/enginemanager/j_spring_security_check'),
    'vars_post' => {
      'wowza-page-redirect' => '',
      'j_username' => credential.public.to_s,
      'j_password' => credential.private.to_s,
      'host' => 'http://localhost:8087'
    }
  })

  unless res
    result_opts.merge!({ status: LOGIN_STATUS::UNABLE_TO_CONNECT })
  end

  if res && res.code == 302 && res['location'].to_s.include?('Home.htm')
    cookie = res.get_cookies
    result_opts.merge!({ status: LOGIN_STATUS::SUCCESSFUL, proof: cookie.to_s }) unless cookie.blank?
  end

  Result.new(result_opts)
end

#check_setup ⇒ Boolean

Checks if the target is Wowza Streaming Engine Manager. The login module should call this.

Returns:

• (Boolean) —

  TrueClass if target is Wowza Streaming Engine Manager, otherwise FalseClass

# File 'lib/metasploit/framework/login_scanner/wowza_streaming_engine_manager.rb', line 15

def check_setup
  res = send_request({ 'uri' => normalize_uri('/enginemanager/login.htm') })

  if res && res.code == 200 && res.body.include?('Wowza Streaming Engine Manager')
    return false
  end

  'Unable to locate "Wowza Streaming Engine Manager" in body. (Is this really Wowza Streaming Engine Manager?)'
end