metasploit-credential 2.0.9 → 2.0.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/lib/metasploit/credential/creation.rb +10 -6
- data/lib/metasploit/credential/version.rb +1 -1
- data/spec/dummy/config/database.yml +2 -2
- metadata +16 -2
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1807d97661a3efe9045a071a3d29403adb5547ed
|
4
|
+
data.tar.gz: 6c1894e7fdbebc31283a313789029a4b21bd6803
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6f9083b61fae53212cbffc74e6cb612d235a1efa8d6d4353a860a987717470bef9a8c13a617c563e17c4d02f276e4adc588f59956b521a009a4f20ffbea616a9
|
7
|
+
data.tar.gz: 82d256807c57c226980b6fc560a3db344c389c3f12d6b07d531ebd3b584ecf27f530f3ae6568d8d759a2345e283229612b9566c98d147a2bb8e8f7cdf6e587d0
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data.tar.gz.sig
CHANGED
Binary file
|
@@ -1,3 +1,5 @@
|
|
1
|
+
require 'rex/socket'
|
2
|
+
|
1
3
|
# Implements a set of "convenience methods" for creating credentials and related portions of the object graph. Creates
|
2
4
|
# {Metasploit::Credential::Core} objects and their attendant relationships as well as {Metasploit::Credential::Login}
|
3
5
|
# objects and their attendant `Mdm::Host` and `Mdm::Service` objects.
|
@@ -116,6 +118,7 @@ module Metasploit::Credential::Creation
|
|
116
118
|
else
|
117
119
|
origin = create_credential_origin(opts)
|
118
120
|
end
|
121
|
+
return nil if origin.nil?
|
119
122
|
|
120
123
|
core_opts = {
|
121
124
|
origin: origin,
|
@@ -125,7 +128,7 @@ module Metasploit::Credential::Creation
|
|
125
128
|
if opts.has_key?(:realm_key) && opts.has_key?(:realm_value)
|
126
129
|
core_opts[:realm] = create_credential_realm(opts)
|
127
130
|
end
|
128
|
-
|
131
|
+
|
129
132
|
if opts.has_key?(:private_type) && opts.has_key?(:private_data)
|
130
133
|
core_opts[:private] = create_credential_private(opts)
|
131
134
|
end
|
@@ -140,7 +143,7 @@ module Metasploit::Credential::Creation
|
|
140
143
|
|
141
144
|
create_credential_core(core_opts)
|
142
145
|
end
|
143
|
-
|
146
|
+
|
144
147
|
# This method is responsible for creation {Metasploit::Credential::Core} and
|
145
148
|
# {Metasploit::Credential::Login}.
|
146
149
|
# This method is responsible for creating a {Metasploit::Credential::Login} object
|
@@ -188,8 +191,6 @@ module Metasploit::Credential::Creation
|
|
188
191
|
# service_name: 'smb',
|
189
192
|
# status: status: Metasploit::Model::Login::Status::UNTRIED
|
190
193
|
# )
|
191
|
-
|
192
|
-
|
193
194
|
def create_credential_and_login(opts={})
|
194
195
|
return nil unless active_db?
|
195
196
|
|
@@ -205,6 +206,7 @@ module Metasploit::Credential::Creation
|
|
205
206
|
login_object = nil
|
206
207
|
retry_transaction do
|
207
208
|
service_object = create_credential_service(opts)
|
209
|
+
return nil if service_object.nil?
|
208
210
|
login_object = Metasploit::Credential::Login.where(core_id: core.id, service_id: service_object.id).first_or_initialize
|
209
211
|
|
210
212
|
if opts[:task_id]
|
@@ -297,6 +299,7 @@ module Metasploit::Credential::Creation
|
|
297
299
|
login_object = nil
|
298
300
|
retry_transaction do
|
299
301
|
service_object = create_credential_service(opts)
|
302
|
+
return nil if service_object.nil?
|
300
303
|
login_object = Metasploit::Credential::Login.where(core_id: core.id, service_id: service_object.id).first_or_initialize
|
301
304
|
|
302
305
|
if opts[:task_id]
|
@@ -419,13 +422,12 @@ module Metasploit::Credential::Creation
|
|
419
422
|
def create_credential_origin_service(opts={})
|
420
423
|
return nil unless active_db?
|
421
424
|
module_fullname = opts.fetch(:module_fullname)
|
422
|
-
|
423
425
|
service_object = create_credential_service(opts)
|
426
|
+
return nil if service_object.nil?
|
424
427
|
|
425
428
|
retry_transaction do
|
426
429
|
Metasploit::Credential::Origin::Service.where(service_id: service_object.id, module_full_name: module_fullname).first_or_create!
|
427
430
|
end
|
428
|
-
|
429
431
|
end
|
430
432
|
|
431
433
|
# This method is responsible for creating {Metasploit::Credential::Origin::Session} objects.
|
@@ -547,6 +549,7 @@ module Metasploit::Credential::Creation
|
|
547
549
|
def create_credential_service(opts={})
|
548
550
|
return nil unless active_db?
|
549
551
|
address = opts.fetch(:address)
|
552
|
+
return nil unless Rex::Socket.is_ipv4?(address) || Rex::Socket.is_ipv6?(address)
|
550
553
|
port = opts.fetch(:port)
|
551
554
|
service_name = opts.fetch(:service_name)
|
552
555
|
protocol = opts.fetch(:protocol)
|
@@ -577,6 +580,7 @@ module Metasploit::Credential::Creation
|
|
577
580
|
def invalidate_login(opts = {})
|
578
581
|
return nil unless active_db?
|
579
582
|
address = opts.fetch(:address)
|
583
|
+
return nil unless Rex::Socket.is_ipv4?(address) || Rex::Socket.is_ipv6?(address)
|
580
584
|
port = opts.fetch(:port)
|
581
585
|
protocol = opts.fetch(:protocol)
|
582
586
|
public = opts.fetch(:username, nil)
|
@@ -1,6 +1,6 @@
|
|
1
1
|
development: &pgsql
|
2
2
|
adapter: postgresql
|
3
|
-
database: metasploit-
|
3
|
+
database: metasploit-credential_development0
|
4
4
|
username: msf
|
5
5
|
password: pass123
|
6
6
|
host: localhost
|
@@ -10,4 +10,4 @@ development: &pgsql
|
|
10
10
|
min_messages: warning
|
11
11
|
test:
|
12
12
|
<<: *pgsql
|
13
|
-
database: metasploit-
|
13
|
+
database: metasploit-credential_test0
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: metasploit-credential
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.10
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Luke Imhoff
|
@@ -89,7 +89,7 @@ cert_chain:
|
|
89
89
|
G+Hmcg1v810agasPdoydE0RTVZgEOOMoQ07qu7JFXVWZ9ZQpHT7qJATWL/b2csFG
|
90
90
|
8mVuTXnyJOKRJA==
|
91
91
|
-----END CERTIFICATE-----
|
92
|
-
date: 2017-
|
92
|
+
date: 2017-06-09 00:00:00.000000000 Z
|
93
93
|
dependencies:
|
94
94
|
- !ruby/object:Gem::Dependency
|
95
95
|
name: metasploit-concern
|
@@ -175,6 +175,20 @@ dependencies:
|
|
175
175
|
- - ">="
|
176
176
|
- !ruby/object:Gem::Version
|
177
177
|
version: '0'
|
178
|
+
- !ruby/object:Gem::Dependency
|
179
|
+
name: rex-socket
|
180
|
+
requirement: !ruby/object:Gem::Requirement
|
181
|
+
requirements:
|
182
|
+
- - ">="
|
183
|
+
- !ruby/object:Gem::Version
|
184
|
+
version: '0'
|
185
|
+
type: :runtime
|
186
|
+
prerelease: false
|
187
|
+
version_requirements: !ruby/object:Gem::Requirement
|
188
|
+
requirements:
|
189
|
+
- - ">="
|
190
|
+
- !ruby/object:Gem::Version
|
191
|
+
version: '0'
|
178
192
|
- !ruby/object:Gem::Dependency
|
179
193
|
name: pg
|
180
194
|
requirement: !ruby/object:Gem::Requirement
|
metadata.gz.sig
CHANGED
Binary file
|