auxiliary/scanner/http/softing_sis_login no longer supports modern versions

[bwatters-r7]

Softing Secure Integration Server 1.30.0.48080 no longer works with the softing_sis_login scanner. Based on some packet captures, the protocol has changed for logging in:

msf6 auxiliary(scanner/http/softing_sis_login) > show options

Module options (auxiliary/scanner/http/softing_sis_login):

   Name              Current Setting  Required  Description
   ----              ---------------  --------  -----------
   ANONYMOUS_LOGIN   false            yes       Attempt to login with a blank username and password
   BLANK_PASSWORDS   false            no        Try blank passwords for all users
   BRUTEFORCE_SPEED  5                yes       How fast to bruteforce, from 0 to 5
   DB_ALL_CREDS      false            no        Try each user/password couple stored in the current database
   DB_ALL_PASS       false            no        Add all passwords in the current database to the list
   DB_ALL_USERS      false            no        Add all users in the current database to the list
   DB_SKIP_EXISTING  none             no        Skip existing credentials stored in the current database (Accepted: none, user, use
                                                r&realm)
   PASSWORD          admin            no        The password to specify for authentication.
   PASS_FILE                          no        File containing passwords, one per line
   Proxies                            no        A proxy chain of format type:host:port[,type:host:port][...]
   RHOSTS                             yes       The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/us
                                                ing-metasploit.html
   RPORT             8099             yes       The target port (TCP)
   SSL               false            no        Negotiate SSL/TLS for outgoing connections
   STOP_ON_SUCCESS   false            yes       Stop guessing when a credential works for a host
   THREADS           1                yes       The number of concurrent threads (max one per host)
   USERNAME          admin            no        The username to specify for authentication.
   USERPASS_FILE                      no        File containing users and passwords separated by space, one pair per line
   USER_AS_PASS      false            no        Try the username as the password for all users
   USER_FILE                          no        File containing usernames, one per line
   VERBOSE           true             yes       Whether to print output for all attempts
   VHOST                              no        HTTP server virtual host


View the full module info with the info, or info -d command.

msf6 auxiliary(scanner/http/softing_sis_login) > set rhost 10.5.132.111
rhost => 10.5.132.111
msf6 auxiliary(scanner/http/softing_sis_login) > set username admin
username => admin
msf6 auxiliary(scanner/http/softing_sis_login) > set password admin
password => admin
msf6 auxiliary(scanner/http/softing_sis_login) > set verbose true
verbose => true
msf6 auxiliary(scanner/http/softing_sis_login) > run

[+] 10.5.132.111:8099 - Softing Secure Integration Server 1.22.0.8686
[+] 10.5.132.111:8099 - Success: 'admin:admin'
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

msf6 auxiliary(scanner/http/softing_sis_login) > set rhost 10.5.132.111
rhost => 10.5.132.111
msf6 auxiliary(scanner/http/softing_sis_login) > set username admin
username => admin
msf6 auxiliary(scanner/http/softing_sis_login) > set password admin
password => admin
msf6 auxiliary(scanner/http/softing_sis_login) > set password v3Mpassword
password => v3Mpassword
msf6 auxiliary(scanner/http/softing_sis_login) > set verbose true
verbose => true
msf6 auxiliary(scanner/http/softing_sis_login) > run

[+] 10.5.132.111:8099 - Softing Secure Integration Server 1.30.0.48080
[-] 10.5.132.111:8099 - Failed: 'admin:v3Mpassword'
[!] No active DB -- Credential data will not be saved!
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/http/softing_sis_login) > 

msf6 > use auxiliary/scanner/http/softing_sis_login
msf6 auxiliary(scanner/http/softing_sis_login) > set rhost 10.5.132.111
rhost => 10.5.132.111
msf6 auxiliary(scanner/http/softing_sis_login) > set username admin
username => admin
msf6 auxiliary(scanner/http/softing_sis_login) > set password admin
password => admin
msf6 auxiliary(scanner/http/softing_sis_login) > set password v3Mpassword
password => v3Mpassword
msf6 auxiliary(scanner/http/softing_sis_login) > set verbose true
verbose => true
msf6 auxiliary(scanner/http/softing_sis_login) > run

[+] 10.5.132.111:8099 - Softing Secure Integration Server 1.30.0.48080
[-] 10.5.132.111:8099 - Failed: 'admin:v3Mpassword'
[!] No active DB -- Credential data will not be saved!
[] Scanned 1 of 1 hosts (100% complete)
[] Auxiliary module execution completed
msf6 auxiliary(scanner/http/softing_sis_login) >

Found while testing https://github.com/rapid7/metasploit-framework/pull/19075

[github-actions]

Hi!

This issue has been left open with no activity for a while now.

We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

[github-actions]

Hi again!

It’s been 60 days since anything happened on this issue, so we are going to close it.
Please keep in mind that I’m only a robot, so if I’ve closed this issue in error please feel free to reopen this issue or create a new one if you need anything else.

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.