Land #3746, reinstate DB_ALL_CREDS

bug/bundler_fix
James Lee 2014-09-08 17:24:12 -05:00
commit b8000517cf
No known key found for this signature in database
GPG Key ID: 2D6094C7CEA0A321
17 changed files with 87 additions and 2 deletions

View File

@ -49,6 +49,53 @@ module Auxiliary::AuthBrute
@@max_per_service = nil
end
# This method takes a {Metasploit::Framework::CredentialCollection} and prepends existing NTLMHashes
# from the database. This allows the users to use the DB_ALL_CREDS option.
#
# @param [Metasploit::Framework::CredentialCollection] the credential collection to add to
# @return [Metasploit::Framework::CredentialCollection] the modified Credentialcollection
def prepend_db_hashes(cred_collection)
if datastore['DB_ALL_CREDS'] && framework.db.active
creds = Metasploit::Credential::Core.joins(:private).where(metasploit_credential_privates: { type: 'Metasploit::Credential::NTLMHash' }, workspace_id: myworkspace.id)
creds.each do |cred|
cred_collection.prepend_cred(cred.to_credential)
end
end
cred_collection
end
# This method takes a {Metasploit::Framework::CredentialCollection} and prepends existing SSHKeys
# from the database. This allows the users to use the DB_ALL_CREDS option.
#
# @param [Metasploit::Framework::CredentialCollection] the credential collection to add to
# @return [Metasploit::Framework::CredentialCollection] the modified Credentialcollection
def prepend_db_keys(cred_collection)
if datastore['DB_ALL_CREDS'] && framework.db.active
creds = Metasploit::Credential::Core.joins(:private).where(metasploit_credential_privates: { type: 'Metasploit::Credential::SSHKey' }, workspace_id: myworkspace.id)
creds.each do |cred|
cred_collection.prepend_cred(cred.to_credential)
end
end
cred_collection
end
# This method takes a {Metasploit::Framework::CredentialCollection} and prepends existing Password Credentials
# from the database. This allows the users to use the DB_ALL_CREDS option.
#
# @param [Metasploit::Framework::CredentialCollection] the credential collection to add to
# @return [Metasploit::Framework::CredentialCollection] the modified Credentialcollection
def prepend_db_passwords(cred_collection)
if datastore['DB_ALL_CREDS'] && framework.db.active
creds = Metasploit::Credential::Core.joins(:private).where(metasploit_credential_privates: { type: 'Metasploit::Credential::Password' }, workspace_id: myworkspace.id)
creds.each do |cred|
cred_collection.prepend_cred(cred.to_credential)
end
end
cred_collection
end
# Checks all three files for usernames and passwords, and combines them into
# one credential list to apply against the supplied block. The block (usually
# something like do_login(user,pass) ) is responsible for actually recording

View File

@ -54,6 +54,8 @@ class Metasploit3 < Msf::Auxiliary
user_as_pass: datastore['USER_AS_PASS'],
)
cred_collection = prepend_db_passwords(cred_collection)
scanner = Metasploit::Framework::LoginScanner::AFP.new(
host: ip,
port: rport,

View File

@ -52,6 +52,8 @@ class Metasploit3 < Msf::Auxiliary
realm: datastore['DATABASE']
)
cred_collection = prepend_db_passwords(cred_collection)
scanner = Metasploit::Framework::LoginScanner::DB2.new(
host: ip,
port: rport,

View File

@ -66,6 +66,8 @@ class Metasploit3 < Msf::Auxiliary
prepended_creds: anonymous_creds
)
cred_collection = prepend_db_passwords(cred_collection)
scanner = Metasploit::Framework::LoginScanner::FTP.new(
host: ip,
port: rport,

View File

@ -72,6 +72,8 @@ class Metasploit3 < Msf::Auxiliary
user_as_pass: datastore['USER_AS_PASS'],
)
cred_collection = prepend_db_passwords(cred_collection)
scanner = Metasploit::Framework::LoginScanner::Axis2.new(
host: ip,
port: rport,

View File

@ -129,6 +129,8 @@ class Metasploit3 < Msf::Auxiliary
user_as_pass: datastore['USER_AS_PASS'],
)
cred_collection = prepend_db_passwords(cred_collection)
scanner = Metasploit::Framework::LoginScanner::HTTP.new(
host: ip,
port: rport,

View File

@ -103,13 +103,17 @@ class Metasploit3 < Msf::Auxiliary
user_as_pass: datastore['USER_AS_PASS'],
)
cred_collection = prepend_db_passwords(cred_collection)
scanner = Metasploit::Framework::LoginScanner::Tomcat.new(
host: ip,
port: rport,
proxies: datastore['PROXIES'],
cred_details: cred_collection,
stop_on_success: datastore['STOP_ON_SUCCESS'],
connection_timeout: 10
connection_timeout: 10,
user_agent: datastore['UserAgent'],
vhost: datastore['VHOST']
)
scanner.scan! do |result|

View File

@ -43,6 +43,8 @@ class Metasploit3 < Msf::Auxiliary
realm: datastore['DOMAIN']
)
cred_collection = prepend_db_passwords(cred_collection)
scanner = Metasploit::Framework::LoginScanner::MSSQL.new(
host: ip,
port: rport,

View File

@ -47,6 +47,8 @@ class Metasploit3 < Msf::Auxiliary
user_as_pass: datastore['USER_AS_PASS'],
)
cred_collection = prepend_db_passwords(cred_collection)
scanner = Metasploit::Framework::LoginScanner::MySQL.new(
host: ip,
port: rport,

View File

@ -62,6 +62,8 @@ class Metasploit3 < Msf::Auxiliary
user_as_pass: datastore['USER_AS_PASS'],
)
cred_collection = prepend_db_passwords(cred_collection)
scanner = Metasploit::Framework::LoginScanner::POP3.new(
host: ip,
port: rport,

View File

@ -60,6 +60,8 @@ class Metasploit3 < Msf::Auxiliary
realm: datastore['DATABASE']
)
cred_collection = prepend_db_passwords(cred_collection)
scanner = Metasploit::Framework::LoginScanner::Postgres.new(
host: ip,
port: rport,

View File

@ -96,6 +96,9 @@ class Metasploit3 < Msf::Auxiliary
realm: domain,
)
cred_collection = prepend_db_passwords(cred_collection)
cred_collection = prepend_db_hashes(cred_collection)
@scanner.cred_details = cred_collection
@scanner.scan! do |result|

View File

@ -107,6 +107,8 @@ class Metasploit3 < Msf::Auxiliary
user_as_pass: datastore['USER_AS_PASS'],
)
cred_collection = prepend_db_passwords(cred_collection)
scanner = Metasploit::Framework::LoginScanner::SSH.new(
host: ip,
port: rport,

View File

@ -196,6 +196,8 @@ class Metasploit3 < Msf::Auxiliary
username: datastore['USERNAME'],
)
keys = prepend_db_keys(keys)
print_brute :level => :vstatus, :ip => ip, :msg => "Testing #{keys.key_data.count} keys"
scanner = Metasploit::Framework::LoginScanner::SSH.new(
host: ip,
@ -236,7 +238,7 @@ class Metasploit3 < Msf::Auxiliary
end
class KeyCollection
class KeyCollection < Metasploit::Framework::CredentialCollection
attr_accessor :key_data
def initialize(opts={})
@ -272,6 +274,8 @@ class Metasploit3 < Msf::Auxiliary
end
def each
prepended_creds.each { |c| yield c }
if @user_file.present?
File.open(@user_file, 'rb') do |user_fd|
user_fd.each_line do |user_from_file|

View File

@ -57,6 +57,8 @@ class Metasploit3 < Msf::Auxiliary
user_as_pass: datastore['USER_AS_PASS'],
)
cred_collection = prepend_db_passwords(cred_collection)
scanner = Metasploit::Framework::LoginScanner::Telnet.new(
host: ip,
port: rport,

View File

@ -68,6 +68,8 @@ class Metasploit3 < Msf::Auxiliary
user_as_pass: datastore['USER_AS_PASS']
)
cred_collection = prepend_db_passwords(cred_collection)
scanner = Metasploit::Framework::LoginScanner::VNC.new(
host: ip,
port: rport,

View File

@ -50,6 +50,9 @@ class Metasploit3 < Msf::Auxiliary
user_as_pass: datastore['USER_AS_PASS'],
realm: datastore['DOMAIN'],
)
cred_collection = prepend_db_passwords(cred_collection)
scanner = Metasploit::Framework::LoginScanner::WinRM.new(
host: ip,
port: rport,