Class: Metasploit::Framework::PrivateCredentialCollection
- Inherits:
-
Object
- Object
- Metasploit::Framework::PrivateCredentialCollection
- Defined in:
- lib/metasploit/framework/credential_collection.rb
Direct Known Subclasses
Instance Attribute Summary collapse
-
#additional_privates ⇒ Array<String>
Additional private values that should be tried.
-
#blank_passwords ⇒ Boolean
Whether each username should be tried with a blank password.
-
#filter ⇒ Object
A block that can be used to filter credential objects.
-
#nil_passwords ⇒ Boolean
Whether each username should be tried with a nil password.
-
#pass_file ⇒ String
Path to a file containing passwords, one per line.
-
#password ⇒ String
The password that should be tried.
-
#prepended_creds ⇒ Array<Credential>
List of credentials to be tried before any others.
-
#realm ⇒ String
The authentication realm associated with this password.
Instance Method Summary collapse
-
#add_private(private_str = '') ⇒ void
Adds a string as an additional private credential to be combined in the collection.
- #each_filtered ⇒ Object (also: #each)
-
#each_unfiltered {|credential| ... } ⇒ void
Combines all the provided credential sources into a stream of Credential objects, yielding them one at a time.
-
#empty? ⇒ Boolean
Returns true when #each will have no results to iterate.
-
#filtered? ⇒ Boolean
Returns true when a filter is defined.
-
#has_privates? ⇒ Boolean
Returns true when there are any private values set.
-
#initialize(opts = {}) ⇒ PrivateCredentialCollection
constructor
A new instance of PrivateCredentialCollection.
-
#prepend_cred(cred) ⇒ self
Add credentials that will be yielded by #each.
-
#private_type(private) ⇒ Symbol
protected
Analyze a private value to determine its type by checking it against a known list of regular expressions.
Constructor Details
#initialize(opts = {}) ⇒ PrivateCredentialCollection
Returns a new instance of PrivateCredentialCollection.
57 58 59 60 61 62 63 64 |
# File 'lib/metasploit/framework/credential_collection.rb', line 57 def initialize(opts = {}) opts.each do |attribute, value| public_send("#{attribute}=", value) end self.prepended_creds ||= [] self.additional_privates ||= [] self.filter = nil end |
Instance Attribute Details
#additional_privates ⇒ Array<String>
Additional private values that should be tried
9 10 11 |
# File 'lib/metasploit/framework/credential_collection.rb', line 9 def additional_privates @additional_privates end |
#blank_passwords ⇒ Boolean
Whether each username should be tried with a blank password
14 15 16 |
# File 'lib/metasploit/framework/credential_collection.rb', line 14 def blank_passwords @blank_passwords end |
#filter ⇒ Object
A block that can be used to filter credential objects
45 46 47 |
# File 'lib/metasploit/framework/credential_collection.rb', line 45 def filter @filter end |
#nil_passwords ⇒ Boolean
Whether each username should be tried with a nil password
19 20 21 |
# File 'lib/metasploit/framework/credential_collection.rb', line 19 def nil_passwords @nil_passwords end |
#pass_file ⇒ String
Path to a file containing passwords, one per line
24 25 26 |
# File 'lib/metasploit/framework/credential_collection.rb', line 24 def pass_file @pass_file end |
#password ⇒ String
The password that should be tried
29 30 31 |
# File 'lib/metasploit/framework/credential_collection.rb', line 29 def password @password end |
#prepended_creds ⇒ Array<Credential>
List of credentials to be tried before any others
36 37 38 |
# File 'lib/metasploit/framework/credential_collection.rb', line 36 def prepended_creds @prepended_creds end |
#realm ⇒ String
The authentication realm associated with this password
41 42 43 |
# File 'lib/metasploit/framework/credential_collection.rb', line 41 def realm @realm end |
Instance Method Details
#add_private(private_str = '') ⇒ void
This method returns an undefined value.
Adds a string as an additional private credential to be combined in the collection.
71 72 73 |
# File 'lib/metasploit/framework/credential_collection.rb', line 71 def add_private(private_str='') additional_privates << private_str end |
#each_filtered ⇒ Object Also known as: each
85 86 87 88 89 90 91 |
# File 'lib/metasploit/framework/credential_collection.rb', line 85 def each_filtered each_unfiltered do |credential| next unless self.filter.nil? || self.filter.call(credential) yield credential end end |
#each_unfiltered {|credential| ... } ⇒ void
This method returns an undefined value.
Combines all the provided credential sources into a stream of Credential objects, yielding them one at a time
98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 |
# File 'lib/metasploit/framework/credential_collection.rb', line 98 def each_unfiltered if pass_file.present? pass_fd = File.open(pass_file, 'r:binary') end prepended_creds.each { |c| yield c } if password.present? yield Metasploit::Framework::Credential.new(private: password, realm: realm, private_type: private_type(password)) end if blank_passwords yield Metasploit::Framework::Credential.new(private: "", realm: realm, private_type: :password) end if pass_fd pass_fd.each_line do |pass_from_file| pass_from_file.chomp! yield Metasploit::Framework::Credential.new(private: pass_from_file, realm: realm, private_type: private_type(pass_from_file)) end pass_fd.seek(0) end additional_privates.each do |add_private| yield Metasploit::Framework::Credential.new(private: add_private, realm: realm, private_type: private_type(add_private)) end ensure pass_fd.close if pass_fd && !pass_fd.closed? end |
#empty? ⇒ Boolean
Returns true when #each will have no results to iterate
129 130 131 |
# File 'lib/metasploit/framework/credential_collection.rb', line 129 def empty? prepended_creds.empty? && !has_privates? end |
#filtered? ⇒ Boolean
Returns true when a filter is defined
136 137 138 |
# File 'lib/metasploit/framework/credential_collection.rb', line 136 def filtered? !self.filter.nil? end |
#has_privates? ⇒ Boolean
Returns true when there are any private values set
143 144 145 |
# File 'lib/metasploit/framework/credential_collection.rb', line 143 def has_privates? password.present? || pass_file.present? || !additional_privates.empty? || blank_passwords || nil_passwords end |
#prepend_cred(cred) ⇒ self
Add credentials that will be yielded by #each
80 81 82 83 |
# File 'lib/metasploit/framework/credential_collection.rb', line 80 def prepend_cred(cred) prepended_creds.unshift cred self end |
#private_type(private) ⇒ Symbol (protected)
Analyze a private value to determine its type by checking it against a known list of regular expressions
155 156 157 158 159 160 161 162 163 |
# File 'lib/metasploit/framework/credential_collection.rb', line 155 def private_type(private) if private =~ /[0-9a-f]{32}:[0-9a-f]{32}/ :ntlm_hash elsif private =~ /^md5([a-f0-9]{32})$/ :postgres_md5 else :password end end |