## https://sploitus.com/exploit?id=PACKETSTORM:180910
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Auxiliary::Report
include Msf::Auxiliary::UDPScanner
include Rex::Proto::Quake
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Gather Quake Server Information',
'Description' => %q(
This module uses the getstatus or getinfo request to obtain
information from a Quakeserver.
),
'Author' => 'Jon Hart <jon_hart[at]rapid7.com>',
'References' =>
[
['URL', 'ftp://ftp.idsoftware.com/idstuff/quake3/docs/server.txt']
],
'License' => MSF_LICENSE,
'Actions' => [
['status', 'Description' => 'Use the getstatus command'],
['info', 'Description' => 'Use the getinfo command']
],
'DefaultAction' => 'status'
)
)
register_options(
[
Opt::RPORT(27960)
])
end
def build_probe
@probe ||= case action.name
when 'status'
getstatus
when 'info'
getinfo
end
end
def decode_stuff(response)
case action.name
when 'info'
stuff = decode_info(response)
when 'status'
stuff = decode_status(response)
else
stuff = {}
end
if datastore['VERBOSE']
# get everything
stuff
else
# try to get the host name, game name and version
stuff.select { |k, _| %w(hostname sv_hostname gamename com_gamename version).include?(k) }
end
end
def scanner_process(response, src_host, src_port)
stuff = decode_stuff(response)
return unless stuff
@results[src_host] ||= {}
print_good("#{src_host}:#{src_port} found '#{stuff}'")
@results[src_host].merge!(stuff)
end
def scanner_postscan(_batch)
@results.each_pair do |host, stuff|
report_host(host: host)
report_service(
host: host,
proto: 'udp',
port: rport,
name: 'Quake',
info: stuff.inspect
)
end
end
end