respect DB_ALL_USERS & DB_ALL_PASS

fix last few things in authbrute and make the CredentialCollections understand the additional seperate components MSP-11986
2015-01-07 11:41:41 -06:00 · 2015-01-07 11:41:41 -06:00 · 702511dbc5
parent 7ff2ba0725
commit 702511dbc5
2 changed files with 33 additions and 3 deletions
--- a/lib/metasploit/framework/credential_collection.rb
+++ b/lib/metasploit/framework/credential_collection.rb
@ -71,7 +71,9 @@ class Metasploit::Framework::CredentialCollection
    opts.each do |attribute, value|
      public_send("#{attribute}=", value)
    end
-    self.prepended_creds ||= []
+    self.prepended_creds     ||= []
+    self.additional_privates ||= []
+    self.additional_publics  ||= []
  end

  # Adds a string as an addition private credential
@ -131,6 +133,9 @@ class Metasploit::Framework::CredentialCollection
        end
        pass_fd.seek(0)
      end
+      additional_privates.each do |add_private|
+        yield Metasploit::Framework::Credential.new(public: username, private: add_private, realm: realm, private_type: private_type(add_private))
+      end
    end

    if user_file.present?
@ -153,6 +158,9 @@ class Metasploit::Framework::CredentialCollection
            end
            pass_fd.seek(0)
          end
+          additional_privates.each do |add_private|
+            yield Metasploit::Framework::Credential.new(public: user_from_file, private: add_private, realm: realm, private_type: private_type(add_private))
+          end
        end
      end
    end
@ -171,6 +179,28 @@ class Metasploit::Framework::CredentialCollection
      end
    end

+    additional_publics.each do |add_public|
+      if password.present?
+        yield Metasploit::Framework::Credential.new(public: add_public, private: password, realm: realm, private_type: private_type(password) )
+      end
+      if user_as_pass
+        yield Metasploit::Framework::Credential.new(public: add_public, private: user_from_file, realm: realm, private_type: :password)
+      end
+      if blank_passwords
+        yield Metasploit::Framework::Credential.new(public: add_public, private: "", realm: realm, private_type: :password)
+      end
+      if pass_fd
+        pass_fd.each_line do |pass_from_file|
+          pass_from_file.chomp!
+          yield Metasploit::Framework::Credential.new(public: add_public, private: pass_from_file, realm: realm, private_type: private_type(pass_from_file))
+        end
+        pass_fd.seek(0)
+      end
+      additional_privates.each do |add_private|
+        yield Metasploit::Framework::Credential.new(public: add_public, private: add_private, realm: realm, private_type: private_type(add_private))
+      end
+    end
+
  ensure
    pass_fd.close if pass_fd && !pass_fd.closed?
  end
--- a/lib/msf/core/auxiliary/auth_brute.rb
+++ b/lib/msf/core/auxiliary/auth_brute.rb
@ -112,7 +112,7 @@ module Auxiliary::AuthBrute
  #    the credential collection to add to
  # @return [Metasploit::Framework::CredentialCollection] the modified Credentialcollection
  def prepend_db_keys(cred_collection)
-    if datastore['DB_ALL_CREDS'] && framework.db.active
+    if prepend_db_creds?
      each_ssh_cred do |cred|
        process_cred_for_collection(cred_collection,cred)
      end
@ -127,7 +127,7 @@ module Auxiliary::AuthBrute
  #    the credential collection to add to
  # @return [Metasploit::Framework::CredentialCollection] the modified Credentialcollection
  def prepend_db_passwords(cred_collection)
-    if datastore['DB_ALL_CREDS'] && framework.db.active
+    if prepend_db_creds?
      each_password_cred do |cred|
        process_cred_for_collection(cred_collection,cred)
      end