metasploit-framework/lib/metasploit/framework/credential.rb

115 lines
3.4 KiB
Ruby
Raw Normal View History

require 'active_model'
module Metasploit
module Framework
# This class provides an in-memory representation of a conceptual Credential
#
# It contains the public, private, and realm if any.
class Credential
include ActiveModel::Validations
# @!attribute paired
# @return [Boolean] Whether BOTH a public and private are required
# (defaults to `true`)
attr_accessor :paired
# @!attribute parent
# @return [Object] the parent object that had .to_credential called on it to create this object
attr_accessor :parent
# @!attribute private
# The private credential component (e.g. username)
#
# @return [String] if {#paired} is `true` or {#private} is `nil`
# @return [String, nil] if {#paired} is `false` or {#private} is not `nil`.
attr_accessor :private
# @!attribute private_type
# The type of private credential this object represents, e.g. a
# password or an NTLM hash.
#
# @return [String]
attr_accessor :private_type
# @!attribute public
# The public credential component (e.g. password)
#
# @return [String] if {#paired} is `true` or {#public} is `nil`
# @return [String, nil] if {#paired} is `false` or {#public} is not `nil`.
attr_accessor :public
# @!attribute realm
# @return [String,nil] The realm credential component (e.g domain name)
attr_accessor :realm
# @!attribute realm
# @return [String,nil] The type of {#realm}
attr_accessor :realm_key
validates :paired,
inclusion: { in: [true, false] }
# If we have no public we MUST have a private (e.g. SNMP Community String)
validates :private,
exclusion: { in: [nil] },
if: "public.nil? or paired"
# These values should be #demodularized from subclasses of
# `Metasploit::Credential::Private`
validates :private_type,
inclusion: { in: [ :password, :ntlm_hash, :ssh_key ] },
if: "private_type.present?"
# If we have no private we MUST have a public
validates :public,
presence: true,
if: "private.nil? or paired"
# @param attributes [Hash{Symbol => String,nil}]
def initialize(attributes={})
attributes.each do |attribute, value|
public_send("#{attribute}=", value)
end
self.paired = true if self.paired.nil?
end
def inspect
"#<#{self.class} \"#{self}\" >"
end
def to_s
if realm && realm_key == Metasploit::Model::Realm::Key::ACTIVE_DIRECTORY_DOMAIN
"#{self.realm}\\#{self.public}:#{self.private}"
else
"#{self.public}:#{self.private}#{at_realm}"
end
end
2014-06-05 16:37:48 +00:00
def ==(other)
other.respond_to?(:public) && other.public == self.public &&
other.respond_to?(:private) && other.private == self.private &&
other.respond_to?(:realm) && other.realm == self.realm
2014-06-05 16:37:48 +00:00
end
def to_credential
self
end
def to_hash
{
private_data: private,
private_type: private_type,
username: public,
realm_key: realm_key,
realm_value: realm
}
end
private
def at_realm
if self.realm.present?
"@#{self.realm}"
else
""
end
end
end
end
end