Removes mixin

rapid7 · Sep 21, 2023 · 6fdcc43 · 6fdcc43
1 parent 461e661
commit 6fdcc43
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 58 deletions.
diff --git a/lib/msf/core/post/dns.rb b/lib/msf/core/post/dns.rb
diff --git a/lib/msf/core/post/dns/resolve_host.rb b/lib/msf/core/post/dns/resolve_host.rb
diff --git a/modules/post/windows/gather/enum_computers.rb b/modules/post/windows/gather/enum_computers.rb
@@ -7,7 +7,6 @@ class MetasploitModule < Msf::Post
   include Msf::Post::File
   include Msf::Post::Windows::Accounts
   include Msf::Post::Windows::Registry
-  include Msf::Post::DNS::ResolveHost
 
   def initialize(info = {})
     super(
@@ -57,10 +56,42 @@ def run
     list_computers(netbios_domain_name, hostname_list)
   end
 
-  def gethost(hostname)
-    ## get IP for host
-    vprint_status("Looking up IP for #{hostname}")
-    resolve_host(hostname)
+  # Takes the host name and makes use of nsloopup to resolve the IP
+  #
+  # @param [String] host Hostname
+  # @return [String] ip The resolved IP
+  def resolve_host(host)
+    vprint_status("Looking up IP for #{host}")
+    return host if Rex::Socket.dotted_ip?(host)
+
+    ip = []
+    if client.respond_to?(:net) && client.commands.include?(Rex::Post::Meterpreter::Extensions::Stdapi::COMMAND_ID_STDAPI_NET_RESOLVE_HOST)
+      begin
+        # client.net.resolve.resolve_host returns an exception in the scenario of non-existent host names
+        result = client.net.resolve.resolve_host(host)
+      rescue Rex::Post::Meterpreter::RequestError
+        return 'Not resolvable'
+      end
+      ip << result[:ip]
+    else
+      data = cmd_exec("nslookup #{host}")
+      if data =~ /Name/
+        # Remove unnecessary data and get the section with the addresses
+        returned_data = data.split(/Name:/)[1]
+        # check each element of the array to see if they are IP
+        returned_data.gsub(/\r\n\t |\r\n|Aliases:|Addresses:|Address:/, ' ').split(' ').each do |e|
+          if Rex::Socket.dotted_ip?(e)
+            ip << e
+          end
+        end
+      end
+    end
+
+    if ip.blank?
+      'Not resolvable'
+    else
+      ip.join(', ')
+    end
   end
 
   def get_domain_computers
@@ -91,7 +122,7 @@ def list_computers(domain, hosts)
         ]
     )
     hosts.each do |hostname|
-      hostip = gethost(hostname)
+      hostip = resolve_host(hostname)
       tbl << [domain, hostname, hostip]
     end