Browse Source

Land #6528, tilde expansion and more for OptPath

William Vu 3 years ago
parent
commit
3dfdf1d936
No account linked to committer's email address

+ 5
- 1
lib/msf/core/opt_path.rb View File

@@ -12,6 +12,10 @@ class OptPath < OptBase
12 12
     return 'path'
13 13
   end
14 14
 
15
+  def normalize(value)
16
+    value.nil? ? value : File.expand_path(value)
17
+  end
18
+
15 19
   def validate_on_assignment?
16 20
     false
17 21
   end
@@ -23,7 +27,7 @@ class OptPath < OptBase
23 27
       if value =~ /^memory:\s*([0-9]+)/i
24 28
         return false unless check_memory_location($1)
25 29
       else
26
-        unless File.exist?(value)
30
+        unless File.exist?(File.expand_path(value))
27 31
           return false
28 32
         end
29 33
       end

+ 12
- 6
modules/auxiliary/scanner/ssh/ssh_identify_pubkeys.rb View File

@@ -46,7 +46,7 @@ class MetasploitModule < Msf::Auxiliary
46 46
       [
47 47
         Opt::RPORT(22),
48 48
         OptPath.new('KEY_FILE', [false, 'Filename of one or several cleartext public keys.'])
49
-      ], self.class
49
+      ]
50 50
     )
51 51
 
52 52
     register_advanced_options(
@@ -59,7 +59,9 @@ class MetasploitModule < Msf::Auxiliary
59 59
       ]
60 60
     )
61 61
 
62
-    deregister_options('RHOST','PASSWORD','PASS_FILE','BLANK_PASSWORDS','USER_AS_PASS')
62
+    deregister_options(
63
+      'RHOST','PASSWORD','PASS_FILE','BLANK_PASSWORDS','USER_AS_PASS', 'USERPASS_FILE', 'DB_ALL_PASS', 'DB_ALL_CREDS'
64
+    )
63 65
 
64 66
     @good_credentials = {}
65 67
     @good_key = ''
@@ -71,6 +73,10 @@ class MetasploitModule < Msf::Auxiliary
71 73
     datastore['KEY_DIR']
72 74
   end
73 75
 
76
+  def key_file
77
+    datastore['KEY_FILE']
78
+  end
79
+
74 80
   def rport
75 81
     datastore['RPORT']
76 82
   end
@@ -95,8 +101,8 @@ class MetasploitModule < Msf::Auxiliary
95 101
     this_key = []
96 102
     in_key = false
97 103
     keyfile.split("\n").each do |line|
98
-      if line =~ /ssh-(dss|rsa)\s+/
99
-        keys << line
104
+      if /(?<key>ssh-(?:dss|rsa)\s+.*)/ =~ line
105
+        keys << key
100 106
         next
101 107
       end
102 108
       in_key = true if(line =~ /^-----BEGIN [RD]SA (PRIVATE|PUBLIC) KEY-----/)
@@ -162,8 +168,8 @@ class MetasploitModule < Msf::Auxiliary
162 168
 
163 169
   def do_login(ip, port, user)
164 170
 
165
-    if datastore['KEY_FILE'] and File.readable?(datastore['KEY_FILE'])
166
-      keys = read_keyfile(datastore['KEY_FILE'])
171
+    if key_file && File.readable?(key_file)
172
+      keys = read_keyfile(key_file)
167 173
       cleartext_keys = pull_cleartext_keys(keys)
168 174
       msg = "#{ip}:#{rport} SSH - Trying #{cleartext_keys.size} cleartext key#{(cleartext_keys.size > 1) ? "s" : ""} per user."
169 175
     elsif datastore['SSH_KEYFILE_B64'] && !datastore['SSH_KEYFILE_B64'].empty?

+ 1
- 0
spec/lib/msf/core/opt_path_spec.rb View File

@@ -6,6 +6,7 @@ require 'msf/core/option_container'
6 6
 RSpec.describe Msf::OptPath do
7 7
   valid_values = [
8 8
     { :value => __FILE__, :normalized => __FILE__   },
9
+    { :value => '~', :normalized => ::File.expand_path('~')  },
9 10
   ]
10 11
   invalid_values = [
11 12
     { :value => "yer mom", },

Loading…
Cancel
Save