Moved classes into the Metasploit3 space
I'm just worried about all those naked classes just hanging around in the top namespace. This shouldn't impact functionality at all. While most modules don't define their own classes (this is usually the job of Msf::Exploit and Rex), I can't think of a reason why you shouldn't (well, aside from reusability). And yet, very rarely do modules do it. It's not unknown, though -- the drda.rb capture module defines a bunch of Constants, and the post/windows/gather/credentials/bulletproof_ftp.rb module defines some more interesting things. So, this should be okay, as long as things are defined in the context of the Metasploit module proper.bug/bundler_fix
parent
4e166f3da4
commit
f4fc0ef3fb
|
@ -7,95 +7,95 @@
|
||||||
|
|
||||||
require 'msf/core'
|
require 'msf/core'
|
||||||
|
|
||||||
#Helper Classes copy/paste from Rails4
|
|
||||||
class MessageVerifier
|
|
||||||
|
|
||||||
class InvalidSignature < StandardError; end
|
|
||||||
|
|
||||||
def initialize(secret, options = {})
|
|
||||||
@secret = secret
|
|
||||||
@digest = options[:digest] || 'SHA1'
|
|
||||||
@serializer = options[:serializer] || Marshal
|
|
||||||
end
|
|
||||||
|
|
||||||
def generate(value)
|
|
||||||
data = ::Base64.strict_encode64(@serializer.dump(value))
|
|
||||||
"#{data}--#{generate_digest(data)}"
|
|
||||||
end
|
|
||||||
|
|
||||||
def generate_digest(data)
|
|
||||||
require 'openssl' unless defined?(OpenSSL)
|
|
||||||
OpenSSL::HMAC.hexdigest(OpenSSL::Digest.const_get(@digest).new, @secret, data)
|
|
||||||
end
|
|
||||||
|
|
||||||
end
|
|
||||||
|
|
||||||
class MessageEncryptor
|
|
||||||
|
|
||||||
module NullSerializer #:nodoc:
|
|
||||||
|
|
||||||
def self.load(value)
|
|
||||||
value
|
|
||||||
end
|
|
||||||
|
|
||||||
def self.dump(value)
|
|
||||||
value
|
|
||||||
end
|
|
||||||
|
|
||||||
end
|
|
||||||
|
|
||||||
class InvalidMessage < StandardError; end
|
|
||||||
|
|
||||||
OpenSSLCipherError = OpenSSL::Cipher::CipherError
|
|
||||||
|
|
||||||
def initialize(secret, *signature_key_or_options)
|
|
||||||
options = signature_key_or_options.extract_options!
|
|
||||||
sign_secret = signature_key_or_options.first
|
|
||||||
@secret = secret
|
|
||||||
@sign_secret = sign_secret
|
|
||||||
@cipher = options[:cipher] || 'aes-256-cbc'
|
|
||||||
@verifier = MessageVerifier.new(@sign_secret || @secret, :serializer => NullSerializer)
|
|
||||||
# @serializer = options[:serializer] || Marshal
|
|
||||||
end
|
|
||||||
|
|
||||||
def encrypt_and_sign(value)
|
|
||||||
@verifier.generate(_encrypt(value))
|
|
||||||
end
|
|
||||||
|
|
||||||
def _encrypt(value)
|
|
||||||
cipher = new_cipher
|
|
||||||
cipher.encrypt
|
|
||||||
cipher.key = @secret
|
|
||||||
# Rely on OpenSSL for the initialization vector
|
|
||||||
iv = cipher.random_iv
|
|
||||||
#encrypted_data = cipher.update(@serializer.dump(value))
|
|
||||||
encrypted_data = cipher.update(value)
|
|
||||||
encrypted_data << cipher.final
|
|
||||||
[encrypted_data, iv].map {|v| ::Base64.strict_encode64(v)}.join("--")
|
|
||||||
end
|
|
||||||
|
|
||||||
def new_cipher
|
|
||||||
OpenSSL::Cipher::Cipher.new(@cipher)
|
|
||||||
end
|
|
||||||
|
|
||||||
end
|
|
||||||
|
|
||||||
class KeyGenerator
|
|
||||||
|
|
||||||
def initialize(secret, options = {})
|
|
||||||
@secret = secret
|
|
||||||
@iterations = options[:iterations] || 2**16
|
|
||||||
end
|
|
||||||
|
|
||||||
def generate_key(salt, key_size=64)
|
|
||||||
OpenSSL::PKCS5.pbkdf2_hmac_sha1(@secret, salt, @iterations, key_size)
|
|
||||||
end
|
|
||||||
|
|
||||||
end
|
|
||||||
|
|
||||||
class Metasploit3 < Msf::Exploit::Remote
|
class Metasploit3 < Msf::Exploit::Remote
|
||||||
Rank = ExcellentRanking
|
Rank = ExcellentRanking
|
||||||
|
|
||||||
|
#Helper Classes copy/paste from Rails4
|
||||||
|
class MessageVerifier
|
||||||
|
|
||||||
|
class InvalidSignature < StandardError; end
|
||||||
|
|
||||||
|
def initialize(secret, options = {})
|
||||||
|
@secret = secret
|
||||||
|
@digest = options[:digest] || 'SHA1'
|
||||||
|
@serializer = options[:serializer] || Marshal
|
||||||
|
end
|
||||||
|
|
||||||
|
def generate(value)
|
||||||
|
data = ::Base64.strict_encode64(@serializer.dump(value))
|
||||||
|
"#{data}--#{generate_digest(data)}"
|
||||||
|
end
|
||||||
|
|
||||||
|
def generate_digest(data)
|
||||||
|
require 'openssl' unless defined?(OpenSSL)
|
||||||
|
OpenSSL::HMAC.hexdigest(OpenSSL::Digest.const_get(@digest).new, @secret, data)
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
|
class MessageEncryptor
|
||||||
|
|
||||||
|
module NullSerializer #:nodoc:
|
||||||
|
|
||||||
|
def self.load(value)
|
||||||
|
value
|
||||||
|
end
|
||||||
|
|
||||||
|
def self.dump(value)
|
||||||
|
value
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
|
class InvalidMessage < StandardError; end
|
||||||
|
|
||||||
|
OpenSSLCipherError = OpenSSL::Cipher::CipherError
|
||||||
|
|
||||||
|
def initialize(secret, *signature_key_or_options)
|
||||||
|
options = signature_key_or_options.extract_options!
|
||||||
|
sign_secret = signature_key_or_options.first
|
||||||
|
@secret = secret
|
||||||
|
@sign_secret = sign_secret
|
||||||
|
@cipher = options[:cipher] || 'aes-256-cbc'
|
||||||
|
@verifier = MessageVerifier.new(@sign_secret || @secret, :serializer => NullSerializer)
|
||||||
|
# @serializer = options[:serializer] || Marshal
|
||||||
|
end
|
||||||
|
|
||||||
|
def encrypt_and_sign(value)
|
||||||
|
@verifier.generate(_encrypt(value))
|
||||||
|
end
|
||||||
|
|
||||||
|
def _encrypt(value)
|
||||||
|
cipher = new_cipher
|
||||||
|
cipher.encrypt
|
||||||
|
cipher.key = @secret
|
||||||
|
# Rely on OpenSSL for the initialization vector
|
||||||
|
iv = cipher.random_iv
|
||||||
|
#encrypted_data = cipher.update(@serializer.dump(value))
|
||||||
|
encrypted_data = cipher.update(value)
|
||||||
|
encrypted_data << cipher.final
|
||||||
|
[encrypted_data, iv].map {|v| ::Base64.strict_encode64(v)}.join("--")
|
||||||
|
end
|
||||||
|
|
||||||
|
def new_cipher
|
||||||
|
OpenSSL::Cipher::Cipher.new(@cipher)
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
|
class KeyGenerator
|
||||||
|
|
||||||
|
def initialize(secret, options = {})
|
||||||
|
@secret = secret
|
||||||
|
@iterations = options[:iterations] || 2**16
|
||||||
|
end
|
||||||
|
|
||||||
|
def generate_key(salt, key_size=64)
|
||||||
|
OpenSSL::PKCS5.pbkdf2_hmac_sha1(@secret, salt, @iterations, key_size)
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
include Msf::Exploit::CmdStagerTFTP
|
include Msf::Exploit::CmdStagerTFTP
|
||||||
include Msf::Exploit::Remote::HttpClient
|
include Msf::Exploit::Remote::HttpClient
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue