use the CredDetail class
now that we have the new CredDetail class, use it instead of hashesbug/bundler_fix
David Maloney
parent
1a6ef8dced
commit
9c6528f13f
|
|
@ -1,5 +1,6 @@
|
||||||
require 'metasploit/framework/login_scanner/invalid'
|
require 'metasploit/framework/login_scanner/invalid'
|
||||||
require 'metasploit/framework/login_scanner/result'
|
require 'metasploit/framework/login_scanner/result'
|
||||||
|
require 'metasploit/framework/login_scanner/cred_detail'
|
||||||
require 'net/ssh'
|
require 'net/ssh'
|
||||||
|
|
||||||
module Metasploit
|
module Metasploit
|
||||||
|
|
@ -14,7 +15,7 @@ module Metasploit
|
||||||
# @return [Fixnum] The timeout in seconds for a single SSH connection
|
# @return [Fixnum] The timeout in seconds for a single SSH connection
|
||||||
attr_accessor :connection_timeout
|
attr_accessor :connection_timeout
|
||||||
# @!attribute cred_details
|
# @!attribute cred_details
|
||||||
# @return [Array] An array of hashes containing the cred
|
# @return [Array] An array of CredDetail objects
|
||||||
attr_accessor :cred_details
|
attr_accessor :cred_details
|
||||||
# @!attribute successes
|
# @!attribute successes
|
||||||
# @return [Array] Array of of result objects that failed
|
# @return [Array] Array of of result objects that failed
|
||||||
|
|
@ -66,7 +67,7 @@ module Metasploit
|
||||||
|
|
||||||
validate :host_address_must_be_valid
|
validate :host_address_must_be_valid
|
||||||
|
|
||||||
validate :cred_details_must_be_array_of_hashes
|
validate :validate_cred_details
|
||||||
|
|
||||||
# @param attributes [Hash{Symbol => String,nil}]
|
# @param attributes [Hash{Symbol => String,nil}]
|
||||||
def initialize(attributes={})
|
def initialize(attributes={})
|
||||||
|
|
@ -138,7 +139,7 @@ module Metasploit
|
||||||
def scan!
|
def scan!
|
||||||
valid!
|
valid!
|
||||||
cred_details.each do |credential|
|
cred_details.each do |credential|
|
||||||
result = attempt_login(credential[:public], credential[:private])
|
result = attempt_login(credential.public, credential.private)
|
||||||
if result.success?
|
if result.success?
|
||||||
successes << result
|
successes << result
|
||||||
break if stop_on_success
|
break if stop_on_success
|
||||||
|
|
@ -194,36 +195,23 @@ module Metasploit
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def cred_details_must_be_array_of_hashes
|
def validate_cred_details
|
||||||
if cred_details.kind_of? Array
|
if cred_details.kind_of? Array
|
||||||
cred_details.each do |detail|
|
cred_details.each do |detail|
|
||||||
validate_cred_detail(detail)
|
unless detail.kind_of? Metasploit::Framework::LoginScanner::CredDetail
|
||||||
|
errors.add(:cred_details, "has invalid element #{detail.inspect}")
|
||||||
|
next
|
||||||
|
end
|
||||||
|
unless detail.valid?
|
||||||
|
errors.add(:cred_details, "has invalid element #{detail.inspect}")
|
||||||
|
end
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
errors.add(:cred_details, "must be an array")
|
errors.add(:cred_details, "must be an array")
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def validate_cred_detail(detail)
|
|
||||||
if detail.kind_of? Hash
|
|
||||||
if detail.has_key? :public
|
|
||||||
unless detail[:public].kind_of? String
|
|
||||||
errors.add(:cred_details, "has invalid element, invalid public component #{detail.inspect}")
|
|
||||||
end
|
|
||||||
else
|
|
||||||
errors.add(:cred_details, "has invalid element, missing public component #{detail.inspect}")
|
|
||||||
end
|
|
||||||
if detail.has_key? :private
|
|
||||||
unless detail[:private].kind_of? String
|
|
||||||
errors.add(:cred_details, "has invalid element, invalid private component #{detail.inspect}")
|
|
||||||
end
|
|
||||||
else
|
|
||||||
errors.add(:cred_details, "has invalid element, missing private component #{detail.inspect}")
|
|
||||||
end
|
|
||||||
else
|
|
||||||
errors.add(:cred_details, "has invalid element #{detail.inspect}")
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -4,6 +4,43 @@ require 'metasploit/framework/login_scanner/ssh'
|
||||||
describe Metasploit::Framework::LoginScanner::SSH do
|
describe Metasploit::Framework::LoginScanner::SSH do
|
||||||
let(:public) { 'root' }
|
let(:public) { 'root' }
|
||||||
let(:private) { 'toor' }
|
let(:private) { 'toor' }
|
||||||
|
|
||||||
|
let(:pub_blank) {
|
||||||
|
Metasploit::Framework::LoginScanner::CredDetail.new(
|
||||||
|
paired: true,
|
||||||
|
public: public,
|
||||||
|
private: ''
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
|
let(:pub_pub) {
|
||||||
|
Metasploit::Framework::LoginScanner::CredDetail.new(
|
||||||
|
paired: true,
|
||||||
|
public: public,
|
||||||
|
private: public
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
|
let(:pub_pri) {
|
||||||
|
Metasploit::Framework::LoginScanner::CredDetail.new(
|
||||||
|
paired: true,
|
||||||
|
public: public,
|
||||||
|
private: private
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
|
let(:invalid_detail) {
|
||||||
|
Metasploit::Framework::LoginScanner::CredDetail.new(
|
||||||
|
paired: true,
|
||||||
|
public: nil,
|
||||||
|
private: nil
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
|
let(:detail_group) {
|
||||||
|
[ pub_blank, pub_pub, pub_pri]
|
||||||
|
}
|
||||||
|
|
||||||
subject(:ssh_scanner) {
|
subject(:ssh_scanner) {
|
||||||
described_class.new
|
described_class.new
|
||||||
}
|
}
|
||||||
|
|
@ -122,43 +159,19 @@ describe Metasploit::Framework::LoginScanner::SSH do
|
||||||
expect(ssh_scanner.errors[:cred_details]).to include "must be an array"
|
expect(ssh_scanner.errors[:cred_details]).to include "must be an array"
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'is not valid if any of the elements are not a hash' do
|
it 'is not valid if any of the elements are not a CredDetail' do
|
||||||
ssh_scanner.cred_details = [1,2]
|
ssh_scanner.cred_details = [1,2]
|
||||||
expect(ssh_scanner).to_not be_valid
|
expect(ssh_scanner).to_not be_valid
|
||||||
expect(ssh_scanner.errors[:cred_details]).to include "has invalid element 1"
|
expect(ssh_scanner.errors[:cred_details]).to include "has invalid element 1"
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'is not valid if any of the elements are missing a public component' do
|
it 'is not valid if any of the CredDetails are invalid' do
|
||||||
detail = { private: private}
|
ssh_scanner.cred_details = [pub_blank, invalid_detail]
|
||||||
ssh_scanner.cred_details = [detail]
|
|
||||||
expect(ssh_scanner).to_not be_valid
|
expect(ssh_scanner).to_not be_valid
|
||||||
expect(ssh_scanner.errors[:cred_details]).to include "has invalid element, missing public component #{detail}"
|
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'is not valid if any of the elements have an invalid public component' do
|
it 'is valid if all of the elements are valid' do
|
||||||
detail = { public: 5, private: private}
|
ssh_scanner.cred_details = [pub_blank, pub_pub, pub_pri]
|
||||||
ssh_scanner.cred_details = [detail]
|
|
||||||
expect(ssh_scanner).to_not be_valid
|
|
||||||
expect(ssh_scanner.errors[:cred_details]).to include "has invalid element, invalid public component #{detail}"
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'is not valid if any of the elements are missing a public component' do
|
|
||||||
detail = { public: public}
|
|
||||||
ssh_scanner.cred_details = [detail]
|
|
||||||
expect(ssh_scanner).to_not be_valid
|
|
||||||
expect(ssh_scanner.errors[:cred_details]).to include "has invalid element, missing private component #{detail}"
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'is not valid if any of the elements have an invalid public component' do
|
|
||||||
detail = { public: public, private: []}
|
|
||||||
ssh_scanner.cred_details = [detail]
|
|
||||||
expect(ssh_scanner).to_not be_valid
|
|
||||||
expect(ssh_scanner.errors[:cred_details]).to include "has invalid element, invalid private component #{detail}"
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'is valid if all of the lements are properly formed hashes' do
|
|
||||||
detail = { public: public, private: private}
|
|
||||||
ssh_scanner.cred_details = [detail]
|
|
||||||
expect(ssh_scanner.errors[:cred_details]).to be_empty
|
expect(ssh_scanner.errors[:cred_details]).to be_empty
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
@ -402,7 +415,7 @@ describe Metasploit::Framework::LoginScanner::SSH do
|
||||||
ssh_scanner.connection_timeout = 30
|
ssh_scanner.connection_timeout = 30
|
||||||
ssh_scanner.verbosity = :fatal
|
ssh_scanner.verbosity = :fatal
|
||||||
ssh_scanner.stop_on_success = false
|
ssh_scanner.stop_on_success = false
|
||||||
ssh_scanner.cred_details = [ { public: public, private: '' }, { public: public, private: public}, { public: public, private: private} ]
|
ssh_scanner.cred_details = detail_group
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'calls valid! before running' do
|
it 'calls valid! before running' do
|
||||||
|
|
@ -445,7 +458,7 @@ describe Metasploit::Framework::LoginScanner::SSH do
|
||||||
ssh_scanner.connection_timeout = 30
|
ssh_scanner.connection_timeout = 30
|
||||||
ssh_scanner.verbosity = :fatal
|
ssh_scanner.verbosity = :fatal
|
||||||
ssh_scanner.stop_on_success = true
|
ssh_scanner.stop_on_success = true
|
||||||
ssh_scanner.cred_details = [ { public: public, private: '' }, { public: public, private: public}, { public: public, private: private} ]
|
ssh_scanner.cred_details = detail_group
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'stops after the first successful login' do
|
it 'stops after the first successful login' do
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue