diff --git a/lib/msf/core/post/dns.rb b/lib/msf/core/post/dns.rb deleted file mode 100644 index 3034a9f84761..000000000000 --- a/lib/msf/core/post/dns.rb +++ /dev/null @@ -1,4 +0,0 @@ -# -*- coding: binary -*- - -module Msf::Post::DNS -end diff --git a/lib/msf/core/post/dns/resolve_host.rb b/lib/msf/core/post/dns/resolve_host.rb deleted file mode 100644 index 79909018a39c..000000000000 --- a/lib/msf/core/post/dns/resolve_host.rb +++ /dev/null @@ -1,48 +0,0 @@ -# -*- coding: binary -*- - -module Msf - class Post - module DNS - ### - # - # This module resolves session DNS - # - ### - module ResolveHost - # Takes the host name and makes use of nsloopup to resolve the IP - # - # @param [String] host Hostname - # @return [String, nil] ip The resolved IP - def resolve_host(host) - ip = nil - - if client.respond_to?(:net) && client.commands.include?(Rex::Post::Meterpreter::Extensions::Stdapi::COMMAND_ID_STDAPI_NET_RESOLVE_HOST) - result = client.net.resolve.resolve_host(host) - - return if result[:ip].blank? - - ip = result[:ip] - else - data = cmd_exec("nslookup #{host}") - if data =~ /Name/ - # Remove unnecessary data and get the section with the addresses - returned_data = data.split(/Name:/)[1] - # check each element of the array to see if they are IP - returned_data.gsub(/\r\n\t |\r\n|Aliases:|Addresses:|Address:/, ' ').split(' ').each do |e| - if Rex::Socket.dotted_ip?(e) - ip = e - end - end - end - end - - if ip.nil? - print_error("Could not resolve IP for #{host}") - else - ip - end - end - end - end - end -end diff --git a/modules/post/windows/gather/enum_computers.rb b/modules/post/windows/gather/enum_computers.rb index 0965fea8311e..7b79c1c4351f 100644 --- a/modules/post/windows/gather/enum_computers.rb +++ b/modules/post/windows/gather/enum_computers.rb @@ -7,7 +7,6 @@ class MetasploitModule < Msf::Post include Msf::Post::File include Msf::Post::Windows::Accounts include Msf::Post::Windows::Registry - include Msf::Post::DNS::ResolveHost def initialize(info = {}) super( @@ -57,10 +56,42 @@ def run list_computers(netbios_domain_name, hostname_list) end - def gethost(hostname) - ## get IP for host - vprint_status("Looking up IP for #{hostname}") - resolve_host(hostname) + # Takes the host name and makes use of nsloopup to resolve the IP + # + # @param [String] host Hostname + # @return [String] ip The resolved IP + def resolve_host(host) + vprint_status("Looking up IP for #{host}") + return host if Rex::Socket.dotted_ip?(host) + + ip = [] + if client.respond_to?(:net) && client.commands.include?(Rex::Post::Meterpreter::Extensions::Stdapi::COMMAND_ID_STDAPI_NET_RESOLVE_HOST) + begin + # client.net.resolve.resolve_host returns an exception in the scenario of non-existent host names + result = client.net.resolve.resolve_host(host) + rescue Rex::Post::Meterpreter::RequestError + return 'Not resolvable' + end + ip << result[:ip] + else + data = cmd_exec("nslookup #{host}") + if data =~ /Name/ + # Remove unnecessary data and get the section with the addresses + returned_data = data.split(/Name:/)[1] + # check each element of the array to see if they are IP + returned_data.gsub(/\r\n\t |\r\n|Aliases:|Addresses:|Address:/, ' ').split(' ').each do |e| + if Rex::Socket.dotted_ip?(e) + ip << e + end + end + end + end + + if ip.blank? + 'Not resolvable' + else + ip.join(', ') + end end def get_domain_computers @@ -91,7 +122,7 @@ def list_computers(domain, hosts) ] ) hosts.each do |hostname| - hostip = gethost(hostname) + hostip = resolve_host(hostname) tbl << [domain, hostname, hostip] end