infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Control per-user config file

bug/bundler_fix
Jon Hart 2015-11-23 11:11:03 -08:00
parent 93bb31dfa0
commit 718e928fe3
No known key found for this signature in database
GPG Key ID: 2FA9F0A3AFA8E9D3
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
modules/post/multi/gather/rsyncd_creds.rb
View File

@ -26,7 +26,8 @@ class Metasploit3 < Msf::Post
register_options(
[
OptBool.new('USER_CONFIGS', [true, 'Get passwords from each local user\'s rsyncd.conf', true])
OptString.new('USER_CONFIG', [false, 'Attempt to passwords from this RSYNC ' \
'configuration file relative to each local user\'s home directory. Leave unset to disable.', 'rsyncd.conf'])
]
)
register_advanced_options(
@ -36,6 +37,10 @@ class Metasploit3 < Msf::Post
)
end
def setup
@user_config = datastore['USER_CONFIG'].blank? ? nil : datastore['USER_CONFIG']
end
def dump_rsync_secrets(config_file)
vprint_status("Attempting to get RSYNC creds from #{config_file}")
creds_table = Rex::Ui::Text::Table.new(
@ -79,7 +84,7 @@ class Metasploit3 < Msf::Post
# configuration files that may exist (rare)
config_path = datastore['RSYNCD_CONFIG']
config_files = Set.new([ config_path ])
config_files |= enum_user_directories.map { |d| ::File.join(d, ::File.basename(config_path)) } if datastore['USER_CONFIGS']
config_files |= enum_user_directories.map { |d| ::File.join(d, @user_config) } if @user_config
config_files.map { |config_file| dump_rsync_secrets(config_file) }
end
end