diff --git a/lib/metasploit/framework/login_scanner/base.rb b/lib/metasploit/framework/login_scanner/base.rb index f3351a1b31..d199dfaf12 100644 --- a/lib/metasploit/framework/login_scanner/base.rb +++ b/lib/metasploit/framework/login_scanner/base.rb @@ -101,10 +101,15 @@ module Metasploit yield credential elsif credential.realm.present? && self.class::REALM_KEY.blank? second_cred = credential.dup + # Strip the realm off here, as we don't want it + credential.realm = nil + credential.realm_key = nil yield credential # Some services can take a domain in the username like this even though # they do not explicitly take a domain as part of the protocol. second_cred.public = "#{second_cred.realm}\\#{second_cred.public}" + second_cred.realm = nil + second_cred.realm_key = nil yield second_cred else yield credential diff --git a/spec/support/shared/examples/metasploit/framework/login_scanner/login_scanner_base.rb b/spec/support/shared/examples/metasploit/framework/login_scanner/login_scanner_base.rb index 3aec4f4968..0b659a71ae 100644 --- a/spec/support/shared/examples/metasploit/framework/login_scanner/login_scanner_base.rb +++ b/spec/support/shared/examples/metasploit/framework/login_scanner/login_scanner_base.rb @@ -325,7 +325,10 @@ shared_examples_for 'Metasploit::Framework::LoginScanner::Base' do | has_realm_k context 'when login_scanner has no REALM_KEY' do context 'when the credential has a realm' do it 'yields the original credential as well as one with the realm in the public' do - second_cred = ad_cred.dup + first_cred = ad_cred.dup + first_cred.realm = nil + first_cred.realm_key = nil + second_cred = first_cred.dup second_cred.public = "#{realm}\\#{public}" expect{ |b| login_scanner.each_cred_adjusted_for_realm(ad_cred, &b)}.to yield_successive_args(ad_cred,second_cred) end