fix user enumeration methods, be more robust
parent
e1ec0ec899
commit
c89d8f8fb7
|
@ -27,14 +27,15 @@ module Msf::Post::OSX::System
|
||||||
def get_users
|
def get_users
|
||||||
cmd_output = cmd_exec("/usr/bin/dscacheutil -q user")
|
cmd_output = cmd_exec("/usr/bin/dscacheutil -q user")
|
||||||
users = []
|
users = []
|
||||||
users_arry = cmd_output.split("\n\n")
|
users_arry = cmd_output.tr("\r", "").split("\n\n")
|
||||||
users_arry.each do |u|
|
users_arry.each do |u|
|
||||||
entry = Hash.new
|
entry = Hash.new
|
||||||
u.each_line do |l|
|
u.each_line do |l|
|
||||||
field,val = l.chomp.split(": ")
|
field,val = l.chomp.split(": ")
|
||||||
next if field == "password"
|
next if field == "password"
|
||||||
entry[field] = val.chomp
|
unless val.nil?
|
||||||
|
entry[field] = val.strip
|
||||||
|
end
|
||||||
end
|
end
|
||||||
users << entry
|
users << entry
|
||||||
end
|
end
|
||||||
|
@ -48,15 +49,17 @@ module Msf::Post::OSX::System
|
||||||
def get_system_accounts
|
def get_system_accounts
|
||||||
cmd_output = cmd_exec("/usr/bin/dscacheutil -q user")
|
cmd_output = cmd_exec("/usr/bin/dscacheutil -q user")
|
||||||
users = []
|
users = []
|
||||||
users_arry = cmd_output.split("\n\n")
|
users_arry = cmd_output.tr("\r", "").split("\n\n")
|
||||||
users_arry.each do |u|
|
users_arry.each do |u|
|
||||||
entry = {}
|
entry = {}
|
||||||
u.each_line do |l|
|
u.each_line do |l|
|
||||||
field,val = l.chomp.split(": ")
|
field,val = l.chomp.split(": ")
|
||||||
next if field == "password"
|
next if field == "password"
|
||||||
entry[field] = val.chomp
|
unless val.nil?
|
||||||
|
entry[field] = val.strip
|
||||||
|
end
|
||||||
end
|
end
|
||||||
next if entry["name"] !~ /^_/
|
next if entry["name"][0] != '_'
|
||||||
users << entry
|
users << entry
|
||||||
end
|
end
|
||||||
return users
|
return users
|
||||||
|
@ -69,15 +72,17 @@ module Msf::Post::OSX::System
|
||||||
def get_nonsystem_accounts
|
def get_nonsystem_accounts
|
||||||
cmd_output = cmd_exec("/usr/bin/dscacheutil -q user")
|
cmd_output = cmd_exec("/usr/bin/dscacheutil -q user")
|
||||||
users = []
|
users = []
|
||||||
users_arry = cmd_output.split("\n\n")
|
users_arry = cmd_output.tr("\r", "").split("\n\n")
|
||||||
users_arry.each do |u|
|
users_arry.each do |u|
|
||||||
entry = {}
|
entry = {}
|
||||||
u.each_line do |l|
|
u.each_line do |l|
|
||||||
field,val = l.chomp.split(": ")
|
field,val = l.chomp.split(": ")
|
||||||
next if field == "password"
|
next if field == "password"
|
||||||
entry[field] = val.chomp
|
unless val.nil?
|
||||||
|
entry[field] = val.strip
|
||||||
|
end
|
||||||
end
|
end
|
||||||
next if entry["name"] =~ /^_/
|
next if entry["name"][0] == '_'
|
||||||
users << entry
|
users << entry
|
||||||
end
|
end
|
||||||
return users
|
return users
|
||||||
|
@ -96,8 +101,9 @@ module Msf::Post::OSX::System
|
||||||
u.each_line do |l|
|
u.each_line do |l|
|
||||||
field,val = l.chomp.split(": ")
|
field,val = l.chomp.split(": ")
|
||||||
next if field == "password"
|
next if field == "password"
|
||||||
entry[field] = val.chomp
|
unless val.nil?
|
||||||
|
entry[field] = val.strip
|
||||||
|
end
|
||||||
end
|
end
|
||||||
groups << entry
|
groups << entry
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue