more cleanup work

some code and documentation DRY work
2014-04-22 11:38:24 -05:00 · 2014-04-22 11:38:24 -05:00 · a613d044f5
parent 36dd10e1c2
commit a613d044f5
2 changed files with 57 additions and 49 deletions
--- a/lib/metasploit/framework/login_scanner/result.rb
+++ b/lib/metasploit/framework/login_scanner/result.rb
@ -7,10 +7,20 @@ module Metasploit

      class Result

+        # @!attribute [r] private
+        #   @return [String] the private(e.g. password) component
        attr_reader :private
+        # @!attribute [r] proof
+        #   @return [String,nil] the proof that the lgoin was successful
        attr_reader :proof
+        # @!attribute [r] public
+        #   @return [String] the public(e.g. username) component
        attr_reader :public
+        # @!attribute [r] realm
+        #   @return [String] the realm(e.g. domain name) component
        attr_reader :realm
+        # @!attribute [r] status
+        #   @return [Symbol] the status of the attempt (e.g. success, failed, etc)
        attr_reader :status

        # @param [Hash] opts The options hash for the initializer
--- a/lib/metasploit/framework/login_scanner/ssh.rb
+++ b/lib/metasploit/framework/login_scanner/ssh.rb
@ -11,6 +11,17 @@ module Metasploit
      class SSH
        include ActiveModel::Validations

+        #
+        # CONSTANTS
+        #
+
+        VERBOSITIES = [
+            :debug,
+            :info,
+            :warn,
+            :error,
+            :fatal
+        ]

        # @!attribute connection_timeout
        #   @return [Fixnum] The timeout in seconds for a single SSH connection
@ -37,9 +48,22 @@ module Metasploit
        #   @return [Array] Array of results that successfully logged in
        attr_accessor :successes
        # @!attribute verbosity
-        #   @return [Symbol] The verbosity level for the SSH client.
+        #   The verbosity level for the SSH client.
+        #
+        #   @return [Symbol] An element of {VERBOSITIES}.
        attr_accessor :verbosity

+        validates :connection_timeout,
+                  presence: true,
+                  numericality: {
+                      only_integer:             true,
+                      greater_than_or_equal_to: 1
+                  }
+
+        validates :cred_details, presence: true
+
+        validates :host, presence: true
+
        validates :port,
          presence: true,
          numericality: {
@ -48,23 +72,12 @@ module Metasploit
              less_than_or_equal_to:    65535
          }

-        validates :connection_timeout,
-          presence: true,
-          numericality: {
-              only_integer:             true,
-              greater_than_or_equal_to: 1
-          }
-
-        validates :verbosity,
-          presence: true,
-          inclusion: { in: [:debug, :info, :warn, :error, :fatal] }
-
        validates :stop_on_success,
                  inclusion: { in: [true, false] }

-        validates :host, presence: true
-
-        validates :cred_details, presence: true
+        validates :verbosity,
+          presence: true,
+          inclusion: { in: VERBOSITIES }

        validate :host_address_must_be_valid

@ -75,8 +88,8 @@ module Metasploit
          attributes.each do |attribute, value|
            public_send("#{attribute}=", value)
          end
-          public_send("successes=", [])
-          public_send("failures=", [])
+          self.successes= []
+          self.failures=[]
        end

        def attempt_login(user, pass)
@ -90,6 +103,11 @@ module Metasploit
              :verbose       => verbosity
          }

+          result_options = {
+              private: pass,
+              public: user,
+              realm: nil
+          }
          begin
            ::Timeout.timeout(connection_timeout) do
              ssh_socket = Net::SSH.start(
@ -98,42 +116,22 @@ module Metasploit
                  opt_hash
              )
            end
-          rescue Rex::ConnectionError, Rex::AddressInUse, Net::SSH::Disconnect, ::EOFError, ::Timeout::Error
-            return ::Metasploit::Framework::LoginScanner::Result.new(
-                private: pass,
-                proof: nil,
-                public: user,
-                realm: nil,
-                status: :connection_error
-            )
+          rescue ::EOFError, Net::SSH::Disconnect, Rex::AddressInUse, Rex::ConnectionError, ::Timeout::Error
+            result_options.merge!( proof: nil, status: :connection_error)
          rescue Net::SSH::Exception
-            return ::Metasploit::Framework::LoginScanner::Result.new(
-                private: pass,
-                proof: nil,
-                public: user,
-                realm: nil,
-                status: :failed
-            )
+            result_options.merge!( proof: nil, status: :failed)
          end

+          unless result_options.has_key? :status
            if ssh_socket
              proof = gather_proof
-            ::Metasploit::Framework::LoginScanner::Result.new(
-                private: pass,
-                proof: proof,
-                public: user,
-                realm: nil,
-                status: :success
-            )
+              result_options.merge!( proof: proof, status: :success)
            else
-            ::Metasploit::Framework::LoginScanner::Result.new(
-                private: pass,
-                proof: nil,
-                public: user,
-                realm: nil,
-                status: :failed
-            )
+              result_options.merge!( proof: nil, status: :failed)
            end
+          end
+
+          ::Metasploit::Framework::LoginScanner::Result.new(result_options)

        end