respect DB_ALL_USERS & DB_ALL_PASS
fix last few things in authbrute and make the CredentialCollections understand the additional seperate components MSP-11986bug/bundler_fix
parent
7ff2ba0725
commit
702511dbc5
|
@ -71,7 +71,9 @@ class Metasploit::Framework::CredentialCollection
|
|||
opts.each do |attribute, value|
|
||||
public_send("#{attribute}=", value)
|
||||
end
|
||||
self.prepended_creds ||= []
|
||||
self.prepended_creds ||= []
|
||||
self.additional_privates ||= []
|
||||
self.additional_publics ||= []
|
||||
end
|
||||
|
||||
# Adds a string as an addition private credential
|
||||
|
@ -131,6 +133,9 @@ class Metasploit::Framework::CredentialCollection
|
|||
end
|
||||
pass_fd.seek(0)
|
||||
end
|
||||
additional_privates.each do |add_private|
|
||||
yield Metasploit::Framework::Credential.new(public: username, private: add_private, realm: realm, private_type: private_type(add_private))
|
||||
end
|
||||
end
|
||||
|
||||
if user_file.present?
|
||||
|
@ -153,6 +158,9 @@ class Metasploit::Framework::CredentialCollection
|
|||
end
|
||||
pass_fd.seek(0)
|
||||
end
|
||||
additional_privates.each do |add_private|
|
||||
yield Metasploit::Framework::Credential.new(public: user_from_file, private: add_private, realm: realm, private_type: private_type(add_private))
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -171,6 +179,28 @@ class Metasploit::Framework::CredentialCollection
|
|||
end
|
||||
end
|
||||
|
||||
additional_publics.each do |add_public|
|
||||
if password.present?
|
||||
yield Metasploit::Framework::Credential.new(public: add_public, private: password, realm: realm, private_type: private_type(password) )
|
||||
end
|
||||
if user_as_pass
|
||||
yield Metasploit::Framework::Credential.new(public: add_public, private: user_from_file, realm: realm, private_type: :password)
|
||||
end
|
||||
if blank_passwords
|
||||
yield Metasploit::Framework::Credential.new(public: add_public, private: "", realm: realm, private_type: :password)
|
||||
end
|
||||
if pass_fd
|
||||
pass_fd.each_line do |pass_from_file|
|
||||
pass_from_file.chomp!
|
||||
yield Metasploit::Framework::Credential.new(public: add_public, private: pass_from_file, realm: realm, private_type: private_type(pass_from_file))
|
||||
end
|
||||
pass_fd.seek(0)
|
||||
end
|
||||
additional_privates.each do |add_private|
|
||||
yield Metasploit::Framework::Credential.new(public: add_public, private: add_private, realm: realm, private_type: private_type(add_private))
|
||||
end
|
||||
end
|
||||
|
||||
ensure
|
||||
pass_fd.close if pass_fd && !pass_fd.closed?
|
||||
end
|
||||
|
|
|
@ -112,7 +112,7 @@ module Auxiliary::AuthBrute
|
|||
# the credential collection to add to
|
||||
# @return [Metasploit::Framework::CredentialCollection] the modified Credentialcollection
|
||||
def prepend_db_keys(cred_collection)
|
||||
if datastore['DB_ALL_CREDS'] && framework.db.active
|
||||
if prepend_db_creds?
|
||||
each_ssh_cred do |cred|
|
||||
process_cred_for_collection(cred_collection,cred)
|
||||
end
|
||||
|
@ -127,7 +127,7 @@ module Auxiliary::AuthBrute
|
|||
# the credential collection to add to
|
||||
# @return [Metasploit::Framework::CredentialCollection] the modified Credentialcollection
|
||||
def prepend_db_passwords(cred_collection)
|
||||
if datastore['DB_ALL_CREDS'] && framework.db.active
|
||||
if prepend_db_creds?
|
||||
each_password_cred do |cred|
|
||||
process_cred_for_collection(cred_collection,cred)
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue