allow for balnk passwords

have to alter validation slightly to allow for blank passwords
2014-04-21 18:57:28 -05:00 · 2014-04-21 18:57:28 -05:00 · 1a6ef8dced
parent fd1777a79f
commit 1a6ef8dced
2 changed files with 13 additions and 1 deletions
--- a/lib/metasploit/framework/login_scanner/cred_detail.rb
+++ b/lib/metasploit/framework/login_scanner/cred_detail.rb
@ -27,7 +27,7 @@ module Metasploit

        # If we have no public we MUST have a private (e.g. SNMP Community String)
        validates :private,
-          presence: true,
+          exclusion: { in: [nil] },
          if: "public.nil? or paired"


--- a/spec/lib/metasploit/framework/login_scanner/cred_detail_spec.rb
+++ b/spec/lib/metasploit/framework/login_scanner/cred_detail_spec.rb
@ -52,6 +52,18 @@ describe Metasploit::Framework::LoginScanner::CredDetail do
        cred_detail.private = 'toor'
        expect(cred_detail).to_not be_valid
      end
+
+      it 'is invalid with empty string for public' do
+        cred_detail.public = ''
+        cred_detail.private = 'toor'
+        expect(cred_detail).to_not be_valid
+      end
+
+      it 'is valid with empty string for private' do
+        cred_detail.public = 'root'
+        cred_detail.private = ''
+        expect(cred_detail).to be_valid
+      end
    end