metasploit-credential 5.0.5 → 5.0.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/app/models/metasploit/credential/nonreplayable_hash.rb +112 -11
- data/app/models/metasploit/credential/ntlm_hash.rb +17 -0
- data/lib/metasploit/credential/version.rb +1 -1
- data/spec/factories/metasploit/credential/ssh_keys.rb +1 -1
- data/spec/models/metasploit/credential/ssh_key_spec.rb +1 -1
- data/spec/spec_helper.rb +5 -0
- data/spec/support/openssl.conf +14 -0
- data.tar.gz.sig +0 -0
- metadata +4 -2
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 160c796cde281dc16f28a82c485aefc9e5514c6c316e524e70f1078f19bea454
|
4
|
+
data.tar.gz: da7444e3d488aa8c96dee9390b03e75ae1b0db1a2bf4bfa3732217fb2112ee4f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9eb83198d92396fda14da456a595e012759aece87af7b60b68e20ef6569c77b2563db450050d12f4d79b9cb9d6495319a9649f0bffcfb9948e6ee7994ba19add
|
7
|
+
data.tar.gz: cc9e76bd3341a68dfddb03bafdfbecd6d0fcf404082830118f0535205d16b56a77f4df97289c362e9a22708c56e47f69780952f6362caa17d88f64539dc9df8f
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
@@ -10,17 +10,118 @@ class Metasploit::Credential::NonreplayableHash < Metasploit::Credential::Passwo
|
|
10
10
|
# The names of John the Ripper supported formats, from the "jumbo" edition.
|
11
11
|
# Listed in the format section of the output of +john --help+ on the CLI
|
12
12
|
# Current as of 2014-06-12
|
13
|
-
VALID_JTR_FORMATS = %w(
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
13
|
+
VALID_JTR_FORMATS = %w(
|
14
|
+
afs
|
15
|
+
bf
|
16
|
+
bf-opencl
|
17
|
+
bfegg
|
18
|
+
bsdi
|
19
|
+
crc32
|
20
|
+
des
|
21
|
+
django
|
22
|
+
dmd5
|
23
|
+
dominosec
|
24
|
+
dragonfly3-32
|
25
|
+
dragonfly3-64
|
26
|
+
dragonfly4-32
|
27
|
+
dragonfly4-64
|
28
|
+
drupal7
|
29
|
+
dummy
|
30
|
+
dynamic_n
|
31
|
+
epi
|
32
|
+
episerver
|
33
|
+
gost
|
34
|
+
hdaa
|
35
|
+
hmac-md5
|
36
|
+
hmac-sha1
|
37
|
+
hmac-sha224
|
38
|
+
hmac-sha256
|
39
|
+
hmac-sha384
|
40
|
+
hmac-sha512
|
41
|
+
hmailserver
|
42
|
+
ipb2
|
43
|
+
keepass
|
44
|
+
keychain
|
45
|
+
krb4
|
46
|
+
krb5
|
47
|
+
lm
|
48
|
+
lotus5
|
49
|
+
md4-gen
|
50
|
+
md5
|
51
|
+
md5crypt-opencl
|
52
|
+
md5ns
|
53
|
+
mediawiki
|
54
|
+
mscash
|
55
|
+
mscash2
|
56
|
+
mscash2-opencl
|
57
|
+
mschapv2
|
58
|
+
mskrb5
|
59
|
+
mssql
|
60
|
+
mssql05
|
61
|
+
mysql
|
62
|
+
mysql-sha1
|
63
|
+
mysql-sha1-opencl
|
64
|
+
nethalflm
|
65
|
+
netlm
|
66
|
+
netlmv2
|
67
|
+
netntlm
|
68
|
+
netntlmv2
|
69
|
+
nsldap
|
70
|
+
nt
|
71
|
+
nt-opencl
|
72
|
+
nt2
|
73
|
+
odf
|
74
|
+
office
|
75
|
+
oracle
|
76
|
+
oracle11
|
77
|
+
osc
|
78
|
+
pdf
|
79
|
+
phpass
|
80
|
+
phpass-opencl
|
81
|
+
phps
|
82
|
+
pix-md5
|
83
|
+
pkzip
|
84
|
+
po
|
85
|
+
pwsafe
|
86
|
+
pwsafe-opencl
|
87
|
+
racf
|
88
|
+
rar
|
89
|
+
raw-md4
|
90
|
+
raw-md4-opencl
|
91
|
+
raw-md5
|
92
|
+
raw-md5-opencl
|
93
|
+
raw-md5u
|
94
|
+
raw-sha
|
95
|
+
raw-sha1
|
96
|
+
raw-sha1-linkedin
|
97
|
+
raw-sha1-ng
|
98
|
+
raw-sha1-opencl
|
99
|
+
raw-sha224
|
100
|
+
raw-sha256
|
101
|
+
raw-sha384
|
102
|
+
raw-sha512
|
103
|
+
raw-sha512-opencl
|
104
|
+
salted-sha1
|
105
|
+
sapb
|
106
|
+
sapg
|
107
|
+
sha1-gen
|
108
|
+
sha256crypt
|
109
|
+
sha512crypt
|
110
|
+
sha512crypt-opencl
|
111
|
+
sip
|
112
|
+
ssh
|
113
|
+
ssha-opencl
|
114
|
+
sybasease
|
115
|
+
trip
|
116
|
+
vnc
|
117
|
+
wbb3
|
118
|
+
wpapsk
|
119
|
+
wpapsk-opencl
|
120
|
+
xsha
|
121
|
+
xsha512
|
122
|
+
xsha512-opencl
|
123
|
+
zip
|
124
|
+
)
|
24
125
|
|
25
126
|
#
|
26
127
|
# Attributes
|
@@ -1,5 +1,22 @@
|
|
1
1
|
require 'net/ntlm'
|
2
2
|
|
3
|
+
# TODO: Revert once available in rubyntlm
|
4
|
+
# https://github.com/WinRb/rubyntlm/pull/51
|
5
|
+
module Net
|
6
|
+
module NTLM
|
7
|
+
class << self
|
8
|
+
def apply_des(plain, keys)
|
9
|
+
keys.map {|k|
|
10
|
+
dec = OpenSSL::Cipher.new("des-cbc").encrypt
|
11
|
+
dec.padding = 0
|
12
|
+
dec.key = k
|
13
|
+
dec.update(plain) + dec.final
|
14
|
+
}
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
3
20
|
# A {Metasploit::Credential::PasswordHash password hash} that can be {Metasploit::Credential::ReplayableHash replayed}
|
4
21
|
# to authenticate to SMB. It is composed of two hash hex digests (where the hash bytes are printed as a
|
5
22
|
# hexadecimal string where 2 characters represent a byte of the original hash with the high nibble first): (1)
|
data/spec/spec_helper.rb
CHANGED
data.tar.gz.sig
CHANGED
Binary file
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: metasploit-credential
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.0.
|
4
|
+
version: 5.0.8
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Metasploit Hackers
|
@@ -93,7 +93,7 @@ cert_chain:
|
|
93
93
|
EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
|
94
94
|
9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
|
95
95
|
-----END CERTIFICATE-----
|
96
|
-
date:
|
96
|
+
date: 2022-08-02 00:00:00.000000000 Z
|
97
97
|
dependencies:
|
98
98
|
- !ruby/object:Gem::Dependency
|
99
99
|
name: metasploit-concern
|
@@ -407,6 +407,7 @@ files:
|
|
407
407
|
- spec/models/metasploit_data_models/search/visitor/relation_spec.rb
|
408
408
|
- spec/spec_helper.rb
|
409
409
|
- spec/support/matchers/validate_non_nilness_of.rb
|
410
|
+
- spec/support/openssl.conf
|
410
411
|
- spec/support/shared/contexts/metasploit/credential/exporter/export_objects.rb
|
411
412
|
- spec/support/shared/contexts/metasploit/credential/importer/zip/file.rb
|
412
413
|
- spec/support/shared/contexts/metasploit/credential/search/operation/type.rb
|
@@ -535,6 +536,7 @@ test_files:
|
|
535
536
|
- spec/models/metasploit_data_models/search/visitor/relation_spec.rb
|
536
537
|
- spec/spec_helper.rb
|
537
538
|
- spec/support/matchers/validate_non_nilness_of.rb
|
539
|
+
- spec/support/openssl.conf
|
538
540
|
- spec/support/shared/contexts/metasploit/credential/exporter/export_objects.rb
|
539
541
|
- spec/support/shared/contexts/metasploit/credential/importer/zip/file.rb
|
540
542
|
- spec/support/shared/contexts/metasploit/credential/search/operation/type.rb
|
metadata.gz.sig
CHANGED
Binary file
|