remove old dependency on net-ssh moneykpatch

the ssh_login_pubkey scanner relied on functionality that
was monkeypatched into our vendored copy. this was an uneeded solution
in the first palce, and we now use a more sane method of accomplishing
the same thing
bug/bundler_fix
David Maloney 2016-08-22 10:54:09 -05:00
parent b6dff719f3
commit 20947cd6cd
No known key found for this signature in database
GPG Key ID: DEDBA9DC3A913DB2
1 changed files with 7 additions and 3 deletions

View File

@ -7,6 +7,8 @@ require 'msf/core'
require 'net/ssh'
require 'metasploit/framework/login_scanner/ssh'
require 'metasploit/framework/credential_collection'
require 'sshkey'
require 'net/ssh/command_stream'
class MetasploitModule < Msf::Auxiliary
@ -140,7 +142,7 @@ class MetasploitModule < Msf::Auxiliary
return cleartext_keys
end
def session_setup(result, ssh_socket)
def session_setup(result, ssh_socket, fingerprint)
return unless ssh_socket
# Create a new session from the socket
@ -157,7 +159,7 @@ class MetasploitModule < Msf::Auxiliary
'KEY_PATH' => nil
}
info = "SSH #{result.credential.public}:#{ssh_socket.auth_info[:pubkey_id]} (#{ip}:#{rport})"
info = "SSH #{result.credential.public}:#{fingerprint} (#{ip}:#{rport})"
s = start_session(self, info, merge_me, false, conn.lsock)
self.sockets.delete(ssh_socket.transport.socket)
@ -229,7 +231,9 @@ class MetasploitModule < Msf::Auxiliary
credential_core = create_credential(credential_data)
credential_data[:core] = credential_core
create_credential_login(credential_data)
session_setup(result, scanner.ssh_socket)
tmp_key = result.credential.private
ssh_key = SSHKey.new tmp_key
session_setup(result, scanner.ssh_socket, ssh_key.fingerprint)
:next_user
when Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
if datastore['VERBOSE']