infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

wordlist enumerators with some specs 

started the enumerators on the wordlist class
and began adding the specs for them
bug/bundler_fix
David Maloney 2014-06-15 13:37:50 -05:00
parent a00ff5aeef
commit 897b0b1ee5
No known key found for this signature in database
GPG Key ID: DEDBA9DC3A913DB2
4 changed files with 198 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

178
lib/metasploit/framework/jtr/wordlist.rb
View File

@ -77,23 +77,169 @@ module Metasploit
end
end
def each_word
# Make sure are attributes are all valid first!
valid!
# This method searches all saved Credentials in the database
# and yields all passwords, usernames, and realm names it finds.
#
# @yieldparam word [String] the expanded word
# @return [void]
def each_cred_word
Metasploit::Credential::Password.all.each do |password|
yield password.data
end
# Yield the expanded form of each line of the custom wordlist if one was given
if custom_wordlist.present?
::File.open(custom_wordlist, "rb") do |fd|
fd.each_line do |line|
expanded_words(line) do |word|
Metasploit::Credential::Public.all.each do |public|
yield public.username
end
Metasploit::Credential::Realm.all.each do |realm|
yield realm.value
end
end
# This method reads the file provided as custom_wordlist and yields
# the expanded form of each word in the list.
#
# @yieldparam word [String] the expanded word
# @return [void]
def each_custom_word
::File.open(custom_wordlist, "rb") do |fd|
fd.each_line do |line|
expanded_words(line) do |word|
yield word
end
end
end
end
# This method searches the notes in the current workspace
# for DB instance names, database names, table names, and
# column names gathered from live database servers. It yields
# each one that it finds.
#
# @yieldparam word [String] the expanded word
# @return [void]
def each_database_word
# Yield database, table and column names from any looted database schemas
myworkspace.notes.where('ntype like ?', '%.schema%').each do |note|
expanded_words(note.data['DBName']) do |word|
yield word
end
note.data['Tables'].each do |table|
expanded_words(table['TableName']) do |word|
yield word
end
table['Columns'].each do |column|
expanded_words(column['ColumnName']) do |word|
yield word
end
end
end
end
# Yield any capture MSSQL Instance names
myworkspace.notes.find(:all, :conditions => ['ntype=?', 'mssql.instancename']).each do |note|
expanded_words(note.data['InstanceName']) do |word|
yield word
end
end
end
# This method yields expanded words taken from the default john
# wordlist that we ship in the data directory.
#
# @yieldparam word [String] the expanded word
# @return [void]
def each_default_word
::File.open(default_wordlist_path, "rb") do |fd|
fd.each_line do |line|
expanded_words(line) do |word|
yield word
end
end
end
end
# This method yields the expanded words out of all the hostnames
# found in the current workspace.
#
# @yieldparam word [String] the expanded word
# @return [void]
def each_hostname_word
myworkspace.hosts.all.each do |host|
unless host.name.nil?
expanded_words(host.name) do |word|
yield nil
end
end
end
end
# This method reads the common_roots.txt wordlist
# expands any words in the list and yields them.
#
# @yieldparam word [String] the expanded word
# @return [void]
def each_root_word
::File.open(common_root_words_path, "rb") do |fd|
fd.each_line do |line|
expanded_words(line) do |word|
yield word
end
end
end
end
# This method checks all the attributes set on the object and calls
# the appropriate enumerators for each option and yields the results back
# up the call-chain.
#
# @yieldparam word [String] the expanded word
# @return [void]
def each_word
# Make sure are attributes are all valid first!
valid!
# Yield the expanded form of each line of the custom wordlist if one was given
if custom_wordlist.present?
each_custom_word do |word|
yield word
end
end
# Yield each word from the common root words list if it was selected
if use_common_root
each_root_word do |word|
yield word
end
end
# If the user has selected use_creds we yield each password, username, and realm name
# that currently exists in the database.
if use_creds
each_cred_word do |word|
yield word
end
end
if use_db_info
each_database_word do |word|
yield word
end
end
if use_default_wordlist
each_default_word do |word|
yield word
end
end
if use_hostnames
each_hostname_word do |word|
yield word
end
end
end
@ -121,6 +267,22 @@ module Metasploit
nil
end
private
# This method returns the path to the common_roots.txt wordlist
#
# @return [String] the file path to the common_roots.txt file
def common_root_words_path
::File.join(Msf::Config.data_directory, 'john', 'wordlists', 'common_roots.txt')
end
# This method returns the path to the passwords.lst wordlist
#
# @return [String] the file path to the passwords.lst file
def default_wordlist_path
::File.join(Msf::Config.data_directory, 'john', 'wordlists', 'password.lst')
end
end
end

3
spec/file_fixtures/fake_common_roots.txt Normal file
View File

@ -0,0 +1,3 @@
password
root
toor

3
spec/file_fixtures/fake_default_wordlist.txt Normal file
View File

@ -0,0 +1,3 @@
changeme
summer123
admin

30
spec/lib/metasploit/framework/jtr/wordlist_spec.rb
View File

@ -7,6 +7,8 @@ describe Metasploit::Framework::JtR::Wordlist do
let(:custom_wordlist) { File.expand_path('string_list.txt',FILE_FIXTURES_PATH) }
let(:expansion_word) { 'Foo bar_baz-bat.bam\\foo//bar' }
let(:common_root_path) { File.expand_path('fake_common_roots.txt',FILE_FIXTURES_PATH) }
let(:default_wordlist_path) { File.expand_path('fake_default_wordlist.txt',FILE_FIXTURES_PATH) }
it { should respond_to :appenders }
it { should respond_to :custom_wordlist }
@ -70,17 +72,29 @@ describe Metasploit::Framework::JtR::Wordlist do
end
end
describe '#each_word' do
before(:each) do
expect(wordlist).to receive(:valid!)
describe '#each_custom_word' do
it 'yields each word in that wordlist' do
wordlist.custom_wordlist = custom_wordlist
expect{ |b| wordlist.each_custom_word(&b) }.to yield_successive_args('foo', 'bar','baz')
end
context 'when given a custom wordlist' do
it 'yields each word in that wordlist' do
wordlist.custom_wordlist = custom_wordlist
expect{ |b| wordlist.each_word(&b) }.to yield_successive_args('foo', 'bar','baz')
end
end
describe '#each_root_word' do
it 'yields each word in the common_roots.txt list' do
expect(wordlist).to receive(:common_root_words_path).and_return common_root_path
expect { |b| wordlist.each_root_word(&b) }.to yield_successive_args('password', 'root', 'toor')
end
end
describe '#each_default_word' do
it 'yields each word in the passwords.lst list' do
expect(wordlist).to receive(:default_wordlist_path).and_return default_wordlist_path
expect { |b| wordlist.each_default_word(&b) }.to yield_successive_args('changeme', 'summer123', 'admin')
end
end
end