comfusion
/
metasploit-framework
mirror of https://github.com/rapid7/metasploit-framework
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 640 Wiki Activity
Browse Source

Land #6528, tilde expansion and more for OptPath

William Vu 3 years ago
parent
7b024d1a72 a23ce05752
commit
3dfdf1d936
No account linked to committer's email address
3 changed files with 18 additions and 7 deletions
Split View Show Diff Stats
  1. 5
    1
      lib/msf/core/opt_path.rb
  2. 12
    6
      modules/auxiliary/scanner/ssh/ssh_identify_pubkeys.rb
  3. 1
    0
      spec/lib/msf/core/opt_path_spec.rb

+ 5
- 1
lib/msf/core/opt_path.rb View File 

@@ -12,6 +12,10 @@ class OptPath < OptBase
12 12 
     return 'path'
13 13 
   end
14 14
15 
+  def normalize(value)
16 
+    value.nil? ? value : File.expand_path(value)
17 
+  end
18 
+
15 19 
   def validate_on_assignment?
16 20 
     false
17 21 
   end
 
@@ -23,7 +27,7 @@ class OptPath < OptBase
23 27 
       if value =~ /^memory:\s*([0-9]+)/i
24 28 
         return false unless check_memory_location($1)
25 29 
       else
26 
-        unless File.exist?(value)
30 
+        unless File.exist?(File.expand_path(value))
27 31 
           return false
28 32 
         end
29 33 
       end

+ 12
- 6
modules/auxiliary/scanner/ssh/ssh_identify_pubkeys.rb View File 

@@ -46,7 +46,7 @@ class MetasploitModule < Msf::Auxiliary
46 46 
       [
47 47 
         Opt::RPORT(22),
48 48 
         OptPath.new('KEY_FILE', [false, 'Filename of one or several cleartext public keys.'])
49 
-      ], self.class
49 
+      ]
50 50 
     )
51 51
52 52 
     register_advanced_options(
 
@@ -59,7 +59,9 @@ class MetasploitModule < Msf::Auxiliary
59 59 
       ]
60 60 
     )
61 61
62 
-    deregister_options('RHOST','PASSWORD','PASS_FILE','BLANK_PASSWORDS','USER_AS_PASS')
62 
+    deregister_options(
63 
+      'RHOST','PASSWORD','PASS_FILE','BLANK_PASSWORDS','USER_AS_PASS', 'USERPASS_FILE', 'DB_ALL_PASS', 'DB_ALL_CREDS'
64 
+    )
63 65
64 66 
     @good_credentials = {}
65 67 
     @good_key = ''
 
@@ -71,6 +73,10 @@ class MetasploitModule < Msf::Auxiliary
71 73 
     datastore['KEY_DIR']
72 74 
   end
73 75
76 
+  def key_file
77 
+    datastore['KEY_FILE']
78 
+  end
79 
+
74 80 
   def rport
75 81 
     datastore['RPORT']
76 82 
   end
 
@@ -95,8 +101,8 @@ class MetasploitModule < Msf::Auxiliary
95 101 
     this_key = []
96 102 
     in_key = false
97 103 
     keyfile.split("\n").each do |line|
98 
-      if line =~ /ssh-(dss|rsa)\s+/
99 
-        keys << line
104 
+      if /(?<key>ssh-(?:dss|rsa)\s+.*)/ =~ line
105 
+        keys << key
100 106 
         next
101 107 
       end
102 108 
       in_key = true if(line =~ /^-----BEGIN [RD]SA (PRIVATE|PUBLIC) KEY-----/)
 
@@ -162,8 +168,8 @@ class MetasploitModule < Msf::Auxiliary
162 168
163 169 
   def do_login(ip, port, user)
164 170
165 
-    if datastore['KEY_FILE'] and File.readable?(datastore['KEY_FILE'])
166 
-      keys = read_keyfile(datastore['KEY_FILE'])
171 
+    if key_file && File.readable?(key_file)
172 
+      keys = read_keyfile(key_file)
167 173 
       cleartext_keys = pull_cleartext_keys(keys)
168 174 
       msg = "#{ip}:#{rport} SSH - Trying #{cleartext_keys.size} cleartext key#{(cleartext_keys.size > 1) ? "s" : ""} per user."
169 175 
     elsif datastore['SSH_KEYFILE_B64'] && !datastore['SSH_KEYFILE_B64'].empty?

+ 1
- 0
spec/lib/msf/core/opt_path_spec.rb View File 

@@ -6,6 +6,7 @@ require 'msf/core/option_container'
6 6 
 RSpec.describe Msf::OptPath do
7 7 
   valid_values = [
8 8 
     { :value => __FILE__, :normalized => __FILE__   },
9 
+    { :value => '~', :normalized => ::File.expand_path('~')  },
9 10 
   ]
10 11 
   invalid_values = [
11 12 
     { :value => "yer mom", },

Write Preview
Loading…
Cancel
Save