metasploit-credential 5.0.6 → 5.0.9

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 86a500eec0075de53cd66a150f8ac92c5ff93cb7a86deba97d7232704ad61683
4
- data.tar.gz: 73e8dae5337c8608070417445ec99fb4b5e1de340baab42a8d723a7ecb262a61
3
+ metadata.gz: 9ff754feda3fa62cc3f74f11d85fbb537f04c4ffa80ae49c81c07bf31b733418
4
+ data.tar.gz: 0e517d89e0f3e37eca70b8b2d6a07cd4610f92f35a61d122a859dc9a37e12f10
5
5
  SHA512:
6
- metadata.gz: 1cca1af29a6b39d79be942d49f21377f127f881c344b9827765f1d54da2d41e16a94b8d706ff5234bf47d65cc9c8058fd2367f3c0731db19f1383b319882ec07
7
- data.tar.gz: 6f1ee1774ce0215d50af37b9e861fdedc41bf056c9e47621cd21b3c3914fa8044515227112a12802f1e5b1c4a80ab61f714b073c7f92aa2fd0681650e9be2618
6
+ metadata.gz: 680d7bed0f50aeea5a00e1b0b6b585cefe4735f2a2d573abbc03c04b21e78de44c3684ddcc4e7bcdd4146146ba8e9d3b0781a67d1b75e48281305811f666e965
7
+ data.tar.gz: 8c2b2e632ce7009286f96df6795bcf4db812b394cdb9f6aef54de175f7c24950b223d3519ad02add8718210b077f2085f877a617b2388e0349680bd3c67f51f4
checksums.yaml.gz.sig CHANGED
Binary file
@@ -10,17 +10,118 @@ class Metasploit::Credential::NonreplayableHash < Metasploit::Credential::Passwo
10
10
  # The names of John the Ripper supported formats, from the "jumbo" edition.
11
11
  # Listed in the format section of the output of +john --help+ on the CLI
12
12
  # Current as of 2014-06-12
13
- VALID_JTR_FORMATS = %w(afs bf bf-opencl bfegg bsdi crc32 des django dmd5 dominosec dragonfly3-32 dragonfly3-64
14
- dragonfly4-32 dragonfly4-64 drupal7 dummy dynamic_n epi episerver gost hdaa hmac-md5 hmac-sha1
15
- hmac-sha224 hmac-sha256 hmac-sha384 hmac-sha512 hmailserver ipb2 keepass keychain krb4 krb5 lm
16
- lotus5 md4-gen md5 md5crypt-opencl md5ns mediawiki mscash mscash2 mscash2-opencl mschapv2
17
- mskrb5 mssql mssql05 mysql mysql-sha1 mysql-sha1-opencl nethalflm netlm netlmv2 netntlm
18
- netntlmv2 nsldap nt nt-opencl nt2 odf office oracle oracle11 osc pdf phpass phpass-opencl phps
19
- pix-md5 pkzip po pwsafe pwsafe-opencl racf rar raw-md4 raw-md4-opencl raw-md5 raw-md5-opencl
20
- raw-md5u raw-sha raw-sha1 raw-sha1-linkedin raw-sha1-ng raw-sha1-opencl raw-sha224 raw-sha256
21
- raw-sha384 raw-sha512 raw-sha512-opencl salted-sha1 sapb sapg sha1-gen sha256crypt sha512crypt
22
- sha512crypt-opencl sip ssh ssha-opencl sybasease trip vnc wbb3 wpapsk wpapsk-opencl xsha
23
- xsha512 xsha512-opencl zip)
13
+ VALID_JTR_FORMATS = %w(
14
+ afs
15
+ bf
16
+ bf-opencl
17
+ bfegg
18
+ bsdi
19
+ crc32
20
+ des
21
+ django
22
+ dmd5
23
+ dominosec
24
+ dragonfly3-32
25
+ dragonfly3-64
26
+ dragonfly4-32
27
+ dragonfly4-64
28
+ drupal7
29
+ dummy
30
+ dynamic_n
31
+ epi
32
+ episerver
33
+ gost
34
+ hdaa
35
+ hmac-md5
36
+ hmac-sha1
37
+ hmac-sha224
38
+ hmac-sha256
39
+ hmac-sha384
40
+ hmac-sha512
41
+ hmailserver
42
+ ipb2
43
+ keepass
44
+ keychain
45
+ krb4
46
+ krb5
47
+ lm
48
+ lotus5
49
+ md4-gen
50
+ md5
51
+ md5crypt-opencl
52
+ md5ns
53
+ mediawiki
54
+ mscash
55
+ mscash2
56
+ mscash2-opencl
57
+ mschapv2
58
+ mskrb5
59
+ mssql
60
+ mssql05
61
+ mysql
62
+ mysql-sha1
63
+ mysql-sha1-opencl
64
+ nethalflm
65
+ netlm
66
+ netlmv2
67
+ netntlm
68
+ netntlmv2
69
+ nsldap
70
+ nt
71
+ nt-opencl
72
+ nt2
73
+ odf
74
+ office
75
+ oracle
76
+ oracle11
77
+ osc
78
+ pdf
79
+ phpass
80
+ phpass-opencl
81
+ phps
82
+ pix-md5
83
+ pkzip
84
+ po
85
+ pwsafe
86
+ pwsafe-opencl
87
+ racf
88
+ rar
89
+ raw-md4
90
+ raw-md4-opencl
91
+ raw-md5
92
+ raw-md5-opencl
93
+ raw-md5u
94
+ raw-sha
95
+ raw-sha1
96
+ raw-sha1-linkedin
97
+ raw-sha1-ng
98
+ raw-sha1-opencl
99
+ raw-sha224
100
+ raw-sha256
101
+ raw-sha384
102
+ raw-sha512
103
+ raw-sha512-opencl
104
+ salted-sha1
105
+ sapb
106
+ sapg
107
+ sha1-gen
108
+ sha256crypt
109
+ sha512crypt
110
+ sha512crypt-opencl
111
+ sip
112
+ ssh
113
+ ssha-opencl
114
+ sybasease
115
+ trip
116
+ vnc
117
+ wbb3
118
+ wpapsk
119
+ wpapsk-opencl
120
+ xsha
121
+ xsha512
122
+ xsha512-opencl
123
+ zip
124
+ )
24
125
 
25
126
  #
26
127
  # Attributes
@@ -1,5 +1,22 @@
1
1
  require 'net/ntlm'
2
2
 
3
+ # TODO: Revert once available in rubyntlm
4
+ # https://github.com/WinRb/rubyntlm/pull/51
5
+ module Net
6
+ module NTLM
7
+ class << self
8
+ def apply_des(plain, keys)
9
+ keys.map {|k|
10
+ dec = OpenSSL::Cipher.new("des-cbc").encrypt
11
+ dec.padding = 0
12
+ dec.key = k
13
+ dec.update(plain) + dec.final
14
+ }
15
+ end
16
+ end
17
+ end
18
+ end
19
+
3
20
  # A {Metasploit::Credential::PasswordHash password hash} that can be {Metasploit::Credential::ReplayableHash replayed}
4
21
  # to authenticate to SMB. It is composed of two hash hex digests (where the hash bytes are printed as a
5
22
  # hexadecimal string where 2 characters represent a byte of the original hash with the high nibble first): (1)
@@ -3,7 +3,7 @@
3
3
  module Metasploit
4
4
  module Credential
5
5
  # VERSION is managed by GemRelease
6
- VERSION = '5.0.6'
6
+ VERSION = '5.0.9'
7
7
 
8
8
  # @return [String]
9
9
  #
@@ -4,7 +4,7 @@ FactoryBot.define do
4
4
  transient do
5
5
  key_type { generate :metasploit_credential_ssh_key_key_type }
6
6
  # key size tuned for speed. DO NOT use for production, it is below current recommended key size of 2048
7
- key_size { 512 }
7
+ key_size { 1024 }
8
8
  end
9
9
 
10
10
  data {
@@ -7,7 +7,7 @@ RSpec.describe Metasploit::Credential::SSHKey, type: :model do
7
7
 
8
8
  let(:key_size) do
9
9
  # key size tuned for speed. DO NOT use for production, it is below current recommended key size of 2048
10
- 512
10
+ 1024
11
11
  end
12
12
 
13
13
  context 'factories' do
data/spec/spec_helper.rb CHANGED
@@ -1,3 +1,8 @@
1
+ # Enable legacy providers
2
+ ENV['OPENSSL_CONF'] = File.expand_path(
3
+ File.join(File.dirname(__FILE__), 'support', 'openssl.conf')
4
+ )
5
+
1
6
  # This file is copied to spec/ when you run 'rails generate rspec:install'
2
7
  ENV["RAILS_ENV"] ||= 'test'
3
8
 
@@ -0,0 +1,14 @@
1
+ openssl_conf = openssl_init
2
+
3
+ [openssl_init]
4
+ providers = provider_sect
5
+
6
+ [provider_sect]
7
+ default = default_sect
8
+ legacy = legacy_sect
9
+
10
+ [default_sect]
11
+ activate = 1
12
+
13
+ [legacy_sect]
14
+ activate = 1
data.tar.gz.sig CHANGED
Binary file
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: metasploit-credential
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.0.6
4
+ version: 5.0.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Metasploit Hackers
@@ -93,7 +93,7 @@ cert_chain:
93
93
  EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
94
94
  9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
95
95
  -----END CERTIFICATE-----
96
- date: 2022-04-05 00:00:00.000000000 Z
96
+ date: 2022-09-01 00:00:00.000000000 Z
97
97
  dependencies:
98
98
  - !ruby/object:Gem::Dependency
99
99
  name: metasploit-concern
@@ -407,6 +407,7 @@ files:
407
407
  - spec/models/metasploit_data_models/search/visitor/relation_spec.rb
408
408
  - spec/spec_helper.rb
409
409
  - spec/support/matchers/validate_non_nilness_of.rb
410
+ - spec/support/openssl.conf
410
411
  - spec/support/shared/contexts/metasploit/credential/exporter/export_objects.rb
411
412
  - spec/support/shared/contexts/metasploit/credential/importer/zip/file.rb
412
413
  - spec/support/shared/contexts/metasploit/credential/search/operation/type.rb
@@ -535,6 +536,7 @@ test_files:
535
536
  - spec/models/metasploit_data_models/search/visitor/relation_spec.rb
536
537
  - spec/spec_helper.rb
537
538
  - spec/support/matchers/validate_non_nilness_of.rb
539
+ - spec/support/openssl.conf
538
540
  - spec/support/shared/contexts/metasploit/credential/exporter/export_objects.rb
539
541
  - spec/support/shared/contexts/metasploit/credential/importer/zip/file.rb
540
542
  - spec/support/shared/contexts/metasploit/credential/search/operation/type.rb
metadata.gz.sig CHANGED
@@ -1 +1,2 @@
1
- ��o����it�ω�4�Ϻ�y�3�D ���(��]�Z��5�s�J�C�� f��L'�ɳ�Y�f6���X�E9�*]�##��ix=o������d��!(��*�HNr}����)"Zyg���:Odm ��iԘ�!��흳��n������e钸#РK�
1
+ )S鞲�+�M8ۚp~��g���|9�ڝ�� �B�$�^��7N.���d��4���5�ť��Q,��pX8��=ߍd�����(��Iυ/0wQ����JWi{q
2
+ y�65�ư^Ϣ:?d��x�$-j�r�wv7�F����=q��� .�pG�|��%�Lqqt�ǎ����I��ƌ&oM�zxL����,����Xr�P�t��V-S�7��y�r�V�{t