remove old dependency on net-ssh moneykpatch
the ssh_login_pubkey scanner relied on functionality that was monkeypatched into our vendored copy. this was an uneeded solution in the first palce, and we now use a more sane method of accomplishing the same thing
This commit is contained in:
parent
b6dff719f3
commit
20947cd6cd
|
@ -7,6 +7,8 @@ require 'msf/core'
|
||||||
require 'net/ssh'
|
require 'net/ssh'
|
||||||
require 'metasploit/framework/login_scanner/ssh'
|
require 'metasploit/framework/login_scanner/ssh'
|
||||||
require 'metasploit/framework/credential_collection'
|
require 'metasploit/framework/credential_collection'
|
||||||
|
require 'sshkey'
|
||||||
|
require 'net/ssh/command_stream'
|
||||||
|
|
||||||
class MetasploitModule < Msf::Auxiliary
|
class MetasploitModule < Msf::Auxiliary
|
||||||
|
|
||||||
|
@ -140,7 +142,7 @@ class MetasploitModule < Msf::Auxiliary
|
||||||
return cleartext_keys
|
return cleartext_keys
|
||||||
end
|
end
|
||||||
|
|
||||||
def session_setup(result, ssh_socket)
|
def session_setup(result, ssh_socket, fingerprint)
|
||||||
return unless ssh_socket
|
return unless ssh_socket
|
||||||
|
|
||||||
# Create a new session from the socket
|
# Create a new session from the socket
|
||||||
|
@ -157,7 +159,7 @@ class MetasploitModule < Msf::Auxiliary
|
||||||
'KEY_PATH' => nil
|
'KEY_PATH' => nil
|
||||||
}
|
}
|
||||||
|
|
||||||
info = "SSH #{result.credential.public}:#{ssh_socket.auth_info[:pubkey_id]} (#{ip}:#{rport})"
|
info = "SSH #{result.credential.public}:#{fingerprint} (#{ip}:#{rport})"
|
||||||
s = start_session(self, info, merge_me, false, conn.lsock)
|
s = start_session(self, info, merge_me, false, conn.lsock)
|
||||||
self.sockets.delete(ssh_socket.transport.socket)
|
self.sockets.delete(ssh_socket.transport.socket)
|
||||||
|
|
||||||
|
@ -229,7 +231,9 @@ class MetasploitModule < Msf::Auxiliary
|
||||||
credential_core = create_credential(credential_data)
|
credential_core = create_credential(credential_data)
|
||||||
credential_data[:core] = credential_core
|
credential_data[:core] = credential_core
|
||||||
create_credential_login(credential_data)
|
create_credential_login(credential_data)
|
||||||
session_setup(result, scanner.ssh_socket)
|
tmp_key = result.credential.private
|
||||||
|
ssh_key = SSHKey.new tmp_key
|
||||||
|
session_setup(result, scanner.ssh_socket, ssh_key.fingerprint)
|
||||||
:next_user
|
:next_user
|
||||||
when Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
|
when Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
|
||||||
if datastore['VERBOSE']
|
if datastore['VERBOSE']
|
||||||
|
|
Loading…
Reference in New Issue