infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

converting enable password to create_credentials

bug/bundler_fix
darkbushido 2016-07-27 10:49:33 -05:00
parent 9fa1c597b1
commit 40240662db
2 changed files with 64 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
lib/msf/core/auxiliary/cisco.rb
View File

@ -9,7 +9,6 @@ module Msf
module Auxiliary::Cisco
include Msf::Auxiliary::Report
def cisco_ios_decrypt7(inp)
xlat = [
0x64, 0x73, 0x66, 0x64, 0x3b, 0x6b, 0x66, 0x6f,
@ -39,19 +38,29 @@ module Auxiliary::Cisco
#
# Create a template hash for cred reporting
#
cred_info = {
:host => thost,
:port => tport,
:user => "",
:pass => "",
:type => "",
:collect_type => "",
:active => true
# cred_info = {
# :host => thost,
# :port => tport,
# :user => "",
# :pass => "",
# :type => "",
# :collect_type => "",
# :active => true
# }
credential_data = {
address: thost,
port: tport,
protocol: 'tcp',
workspace_id: myworkspace_id,
origin_type: :service,
module_fullname: self.fullname,
}
# Default SNMP to UDP
if tport == 161
cred_info[:proto] = 'udp'
credential_data[:protocol] = 'udp'
end
store_loot("cisco.ios.config", "text/plain", thost, config.strip, "config.txt", "Cisco IOS Configuration")
@ -76,34 +85,32 @@ module Auxiliary::Cisco
print_good("#{thost}:#{tport} Enable Password: #{shash}")
store_loot("cisco.ios.enable_pass", "text/plain", thost, shash, "enable_password.txt", "Cisco IOS Enable Password")
cred = cred_info.dup
cred[:pass] = shash
cred[:type] = "password"
cred[:collect_type] = "password"
store_cred(cred)
cred = credential_data.dup
cred[:private_data] = shash
cred[:private_type] = :password_hash
create_credential(cred)
end
if stype == 7
shash = cisco_ios_decrypt7(shash) rescue shash
print_good("#{thost}:#{tport} Decrypted Enable Password: #{shash}")
store_loot("cisco.ios.enable_pass", "text/plain", thost, shash, "enable_password.txt", "Cisco IOS Enable Password")
cred = cred_info.dup
cred[:pass] = shash
cred[:type] = "password"
cred[:collect_type] = "password"
store_cred(cred)
cred = credential_data.dup
cred[:private_data] = shash
cred[:private_type] = :password
create_credential(cred)
end
when /^\s*enable password (.*)/i
spass = $1.strip
print_good("#{thost}:#{tport} Unencrypted Enable Password: #{spass}")
cred = cred_info.dup
cred[:pass] = spass
cred[:type] = "password"
cred[:collect_type] = "password"
store_cred(cred)
cred = credential_data.dup
cred[:private_data] = spass
cred[:private_type] = :password
create_credential(cred)
#
# SNMP

56
spec/lib/msf/core/auxiliary/cisco_spec.rb
View File

@ -14,10 +14,13 @@ RSpec.describe Msf::Auxiliary::Cisco do
)
end
def print_good(str=nil)
raise StandardError("This method needs to be stubbed.")
raise StandardError.new("This method needs to be stubbed.")
end
def store_cred(hsh=nil)
raise StandardError("This method needs to be stubbed.")
raise StandardError.new("This method needs to be stubbed.")
end
def fullname
"Dummy Class / Dummy Ref"
end
end
@ -55,15 +58,16 @@ RSpec.describe Msf::Auxiliary::Cisco do
expect(aux_cisco).to receive(:store_loot).with(
"cisco.ios.config", "text/plain", "127.0.0.1", "enable password 0 password0", "config.txt", "Cisco IOS Configuration"
)
expect(aux_cisco).to receive(:store_cred).with(
expect(aux_cisco).to receive(:create_credential).with(
{
:host=>"127.0.0.1",
:port=>1337,
:user=>"",
:pass=>"password0",
:type=>"password",
:collect_type=>"password",
:active=>true
address: "127.0.0.1",
port: 1337,
protocol: "tcp",
workspace_id: nil,
origin_type: :service,
module_fullname: "Dummy Class / Dummy Ref",
private_data: "password0",
private_type: :password
}
)
aux_cisco.cisco_ios_config_eater('127.0.0.1',1337,'enable password 0 password0')
@ -82,15 +86,16 @@ RSpec.describe Msf::Auxiliary::Cisco do
expect(aux_cisco).to receive(:store_loot).with(
"cisco.ios.config", "text/plain", "127.0.0.1", "enable password 7 1511021F0725", "config.txt", "Cisco IOS Configuration"
)
expect(aux_cisco).to receive(:store_cred).with(
expect(aux_cisco).to receive(:create_credential).with(
{
:host=>"127.0.0.1",
:port=>1337,
:user=>"",
:pass=>"cisco",
:type=>"password",
:collect_type=>"password",
:active=>true
address: "127.0.0.1",
port: 1337,
protocol: "tcp",
workspace_id: nil,
origin_type: :service,
module_fullname: "Dummy Class / Dummy Ref",
private_data: "cisco",
private_type: :password
}
)
aux_cisco.cisco_ios_config_eater('127.0.0.1',1337,'enable password 7 1511021F0725')
@ -103,15 +108,16 @@ RSpec.describe Msf::Auxiliary::Cisco do
expect(aux_cisco).to receive(:store_loot).with(
"cisco.ios.config", "text/plain", "127.0.0.1", "enable password 1511021F0725", "config.txt", "Cisco IOS Configuration"
)
expect(aux_cisco).to receive(:store_cred).with(
expect(aux_cisco).to receive(:create_credential).with(
{
host: "127.0.0.1",
address: "127.0.0.1",
port: 1337,
user: "",
pass: "1511021F0725",
type: "password",
collect_type: "password",
active: true
protocol: "tcp",
workspace_id: nil,
origin_type: :service,
module_fullname: "Dummy Class / Dummy Ref",
private_data: "1511021F0725",
private_type: :password
}
)
aux_cisco.cisco_ios_config_eater('127.0.0.1',1337,'enable password 1511021F0725')