Mirror of metasploit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

iax2.rb 2.9KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119
  1. # -*- coding: binary -*-
  2. require 'rex/proto/iax2/client'
  3. module Msf
  4. ###
  5. #
  6. # This module provides methods for working with the IAX2 protocol
  7. #
  8. ###
  9. module Auxiliary::IAX2
  10. #
  11. # Initializes an instance of an auxiliary module that uses IAX2
  12. #
  13. def initialize(info = {})
  14. super
  15. register_options(
  16. [
  17. OptAddress.new('IAX_HOST', [true, 'The IAX2 server to communicate with']),
  18. OptPort.new('IAX_PORT', [true, 'The IAX2 server port', 4569]),
  19. OptString.new('IAX_USER', [false, 'An optional IAX2 username']),
  20. OptString.new('IAX_PASS', [false, 'An optional IAX2 password']),
  21. OptString.new('IAX_CID_NAME', [false, 'The default caller ID name', '']),
  22. OptString.new('IAX_CID_NUMBER', [true, 'The default caller ID number', '15555555555'])
  23. ], Msf::Auxiliary::IAX2 )
  24. register_advanced_options(
  25. [
  26. OptBool.new('IAX_DEBUG', [false, 'Enable IAX2 debugging messages', false])
  27. ], Msf::Auxiliary::IAX2 )
  28. end
  29. def connect
  30. @iax.shutdown if @iax
  31. @iax = Rex::Proto::IAX2::Client.new(
  32. :server_host => datastore['IAX_HOST'],
  33. :username => datastore['IAX_USER'],
  34. :password => datastore['IAX_PASS'],
  35. :caller_name => datastore['IAX_CID_NAME'],
  36. :caller_number => datastore['IAX_CID_NUMBER'],
  37. :debugging => datastore['IAX_DEBUG'],
  38. :context => {
  39. 'Msf' => framework,
  40. 'MsfExploit' => self
  41. }
  42. )
  43. @iax_reg = @iax.create_call()
  44. r = @iax_reg.register
  45. if not r
  46. @iax.shutdown
  47. @iax = nil
  48. raise RuntimeError, "Failed to register with the server"
  49. end
  50. end
  51. def create_call
  52. if not @iax
  53. raise RuntimeError, "No active IAX2 connection"
  54. end
  55. @iax.create_call
  56. end
  57. def cleanup
  58. super
  59. @iax.shutdown if @iax
  60. end
  61. # General purpose phone number mangling routines
  62. # Convert 123456XXXX to an array of expanded numbers
  63. def crack_phone_range(range)
  64. crack_phone_ranges([range])
  65. end
  66. def crack_phone_ranges(masks)
  67. res = {}
  68. masks.each do |mask|
  69. mask = mask.strip
  70. if(mask.index(':'))
  71. next if mask.index('X')
  72. rbeg,rend = mask.split(':').map{|c| c.gsub(/[^\d]/, '').to_i }
  73. rbeg.upto(rend) do |n|
  74. res[n.to_s] = {}
  75. end
  76. next
  77. end
  78. incdigits = 0
  79. mask.each_char do |c|
  80. incdigits += 1 if c =~ /^[X#]$/i
  81. end
  82. max = (10**incdigits)-1
  83. (0..max).each do |num|
  84. number = mask.dup # copy the mask
  85. numstr = sprintf("%0#{incdigits}d", num) # stringify our incrementing number
  86. j = 0 # index for numstr
  87. for i in 0..number.length-1 do # step through the number (mask)
  88. if number[i].chr =~ /^[X#]$/i
  89. number[i] = numstr[j] # replaced masked indexes with digits from incrementing number
  90. j += 1
  91. end
  92. end
  93. res[number] = {}
  94. end
  95. end
  96. return res.keys.sort
  97. end
  98. end
  99. end