background image

132

Chapter 9

In the prior example, we search for “foursquare”  , issue the 

use

 com-

mand   to select the auxiliary module, and display the information   for 
the selected module. Based on the options presented above, we need to con-
figure a few of them first.

 msf auxiliary(foursquare) > 

set VENUEID 2584421

VENUEID => 2584421
msf auxiliary(foursquare) > 

set USERNAME msf@elwood.net

USERNAME => metasploit
msf auxiliary(foursquare) > 

set PASSWORD ilovemetasploit

PASSWORD => ilovemetasploit

 msf auxiliary(foursquare) > 

run

[*] Base64 Encoded User/Pass: bXNmQGVsd29vZC5uZXQ6aWxvdmVtZXRhc3Bsb2l0
[*] Base64 Decoded User/Pass: msf@elwood.net:ilovemetasploit
[*] HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Date: Sat, 08 May 2010 07:42:09 GMT
Content-Length: 1400
Server: nginx/0.7.64
Connection: keep-alive

<?xml version="1.0" encoding="UTF-8"?>
<checkin><id>40299544</id><created>Sat, 08 May 10 07:42:09 +0000</created><message>OK! 
We've got you @ Washington DC Union Station. This is your 1st checkin here!</message>
<venue><id>2584421</id><name>Washington DC Union Station</name><primarycategory><id>79283</
id><fullpathname>Travel:Train Station</fullpathname><nodename>Train Station</nodename>
<iconurl>http://foursquare.com/img/categories/travel/trainstation.png</iconurl></primary
category><address>Union Station</address><city>Washington</city><state>DC</state><geolat>
38.89777986957695</geolat><geolong>-77.0060920715332</geolong></venue><mayor><type>nochange
</type><checkins>4</checkins><user><id>685446</id><firstname>Ron</firstname><photo>http://
playfoursquare.s3.amazonaws.com/userpix_thumbs/ELOW44QHXJFB4PWZ.jpg</photo><gender>male</
gender></user><message>Ron is The Mayor of Washington DC Union Station.</message></mayor>
<badges><badge><id>1</id><name>Newbie</name><icon>http://foursquare.com/img/badge/newbie
.png</icon><description>Congrats on your first check-in!</description></badge></badges>
<scoring><score><points>1</points><icon>http://foursquare.com/img/scoring/2.png</icon>
<message>First stop tonight </message></score><score><points>5</points><icon>http://
foursquare.com/img/scoring/1.png</icon><message>First time @ Washington DC Union Station!</
message></score></scoring></checkin>  

In order to run this module successfully, we need a valid set of Four-

square credentials to do the check-in. We first define the VenueID that we 
find online with a bit of Googling  , and then we set our Foursquare creden-
tials   and run the module. We get a successful result with the Foursquare 
service confirming our check-in and giving us five points  . 

In this case, we have submitted a request to “check in” at Union Station 

in Washington, DC, on the Foursquare service (see Figure 9-1).

Figure 9-1: A successful check-in at Union Station