Class: Metasploit::Framework::KeyCollection

Inherits:

CredentialCollection

• Object
• PrivateCredentialCollection
• CredentialCollection
• Metasploit::Framework::KeyCollection

Defined in:

lib/metasploit/framework/key_collection.rb

Instance Attribute Summary

• #error_list ⇒ Object

  Returns the value of attribute error_list.

• #key_data ⇒ Object

  Returns the value of attribute key_data.

• #key_path ⇒ Object

  Returns the value of attribute key_path.

• #private_key ⇒ Object

  Returns the value of attribute private_key.

• #ssh_keyfile_b64 ⇒ Object

  Returns the value of attribute ssh_keyfile_b64.

Attributes inherited from CredentialCollection

#additional_publics, #anonymous_login, #password_spray, #user_as_pass, #user_file, #username, #userpass_file

Attributes inherited from PrivateCredentialCollection

#additional_privates, #blank_passwords, #filter, #nil_passwords, #pass_file, #password, #prepended_creds

Instance Method Summary

• #each ⇒ Object
• #each_key ⇒ Object
• #has_privates? ⇒ Boolean

  Override CredentialCollection#has_privates?.

• #read_key(file_path) ⇒ Object
• #realm ⇒ Object
• #valid? ⇒ Boolean
• #validate_key_path(key_path) ⇒ Object
• #validate_private_key(private_key) ⇒ Object

Methods inherited from CredentialCollection

#add_public, #each_filtered, #each_password, #each_unfiltered, #each_unfiltered_password_first, #each_unfiltered_username_first, #each_user_pass_from_userpass_file, #each_username, #empty?, #has_users?, #initialize

Methods inherited from PrivateCredentialCollection

#add_private, #each_filtered, #each_unfiltered, #empty?, #filtered?, #initialize, #prepend_cred, #private_type

Constructor Details

This class inherits a constructor from Metasploit::Framework::CredentialCollection

Instance Attribute Details

#error_list ⇒ Object

Returns the value of attribute error_list.

# File 'lib/metasploit/framework/key_collection.rb', line 6

def error_list
  @error_list
end

#key_data ⇒ Object

Returns the value of attribute key_data.

# File 'lib/metasploit/framework/key_collection.rb', line 3

def key_data
  @key_data
end

#key_path ⇒ Object

Returns the value of attribute key_path.

# File 'lib/metasploit/framework/key_collection.rb', line 4

def key_path
  @key_path
end

#private_key ⇒ Object

Returns the value of attribute private_key.

# File 'lib/metasploit/framework/key_collection.rb', line 5

def private_key
  @private_key
end

#ssh_keyfile_b64 ⇒ Object

Returns the value of attribute ssh_keyfile_b64.

# File 'lib/metasploit/framework/key_collection.rb', line 7

def ssh_keyfile_b64
  @ssh_keyfile_b64
end

Instance Method Details

#each ⇒ Object

# File 'lib/metasploit/framework/key_collection.rb', line 78

def each
  prepended_creds.each { |c| yield c }

  if @user_file.present?
    File.open(@user_file, 'rb') do |user_fd|
      user_fd.each_line do |user_from_file|
        user_from_file.chomp!
        each_key do |key_data|
          yield Metasploit::Framework::Credential.new(public: user_from_file, private: key_data, realm: realm, private_type: :ssh_key)
        end
      end
    end
  end

  if @username.present?
    each_key do |key_data|
      yield Metasploit::Framework::Credential.new(public: @username, private: key_data, realm: realm, private_type: :ssh_key)
    end
  end
end

#each_key ⇒ Object

# File 'lib/metasploit/framework/key_collection.rb', line 99

def each_key
  @key_data.each do |data|
    yield data
  end
end

#has_privates? ⇒ Boolean

Override CredentialCollection#has_privates?

Returns:

• (Boolean)

# File 'lib/metasploit/framework/key_collection.rb', line 10

def has_privates?
  @key_data.present?
end

#read_key(file_path) ⇒ Object

# File 'lib/metasploit/framework/key_collection.rb', line 105

def read_key(file_path)
  @cache ||= {}
  @cache[file_path] ||= Net::SSH::KeyFactory.load_private_key(file_path, password, false)
  @cache[file_path]
end

#realm ⇒ Object

# File 'lib/metasploit/framework/key_collection.rb', line 14

def realm
  nil
end

#valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/metasploit/framework/key_collection.rb', line 18

def valid?
  @error_list = []
  @key_data = Set.new

  if @private_key.present?
    results = validate_private_key(@private_key)
  elsif @key_path.present?
    results = validate_key_path(@key_path)
  else
    @error_list << 'No key path or key provided'
    raise RuntimeError, 'No key path or key provided'
  end

  if results[:key_data].present?
    @key_data.merge(results[:key_data])
  else
    @error_list.concat(results[:error_list]) if results[:error_list].present?
  end

  @key_data.present?
end

#validate_key_path(key_path) ⇒ Object

# File 'lib/metasploit/framework/key_collection.rb', line 53

def validate_key_path(key_path)
  key_data = Set.new
  error_list = []

  if File.file?(key_path)
    key_files = [key_path]
  elsif File.directory?(key_path)
    key_files = Dir.entries(key_path).reject { |f| f =~ /^\x2e|\x2epub$/ }.map { |f| File.join(key_path, f) }
  else
    return {key_data: nil, error: "#{key_path} Invalid key path"}
  end

  key_files.each do |f|
    begin
      if read_key(f).present?
        key_data << File.read(f)
      end
    rescue StandardError => e
      error_list << "#{f}: #{e}"
    end
  end
  {key_data: key_data, error_list: error_list}
end

#validate_private_key(private_key) ⇒ Object

# File 'lib/metasploit/framework/key_collection.rb', line 40

def validate_private_key(private_key)
  key_data = Set.new
  error_list = []
  begin
    if Net::SSH::KeyFactory.load_data_private_key(private_key, @password, false).present?
      key_data << private_key
    end
  rescue StandardError => e
    error_list << "Error validating private key: #{e}"
  end
  {key_data: key_data, error_list: error_list}
end