Class: Msf::Exploit::Remote::Pkcs12::Storage
- Inherits:
-
Object
- Object
- Msf::Exploit::Remote::Pkcs12::Storage
- Includes:
- Auxiliary::Report
- Defined in:
- lib/msf/core/exploit/remote/pkcs12/storage.rb
Instance Attribute Summary collapse
-
#framework ⇒ Object
readonly
Returns the value of attribute framework.
-
#framework_module ⇒ Object
readonly
Returns the value of attribute framework_module.
Instance Method Summary collapse
-
#activate(ids:) ⇒ Array<StoredPkcs12>
Mark Pkcs12(s) as active.
-
#deactivate(ids:) ⇒ Array<StoredPkcs12>
Mark Pkcs12(s) as inactive.
- #delete(options = {}) ⇒ Object
-
#filter_pkcs12(options) ⇒ Array<Metasploit::Credential::Core>
Return the raw stored pkcs12.
-
#initialize(framework: nil, framework_module: nil) ⇒ Storage
constructor
A new instance of Storage.
-
#pkcs12(options = {}, &block) ⇒ Array<StoredPkcs12>
Get stored pkcs12 matching the options query.
- #read_pkcs12_cert_path(cert_path, cert_pass = '', workspace: nil) ⇒ Object
-
#workspace ⇒ String
The name of the workspace in which to operate.
Methods included from Auxiliary::Report
#active_db?, #create_cracked_credential, #create_credential, #create_credential_and_login, #create_credential_login, #db, #db_warning_given?, #get_client, #get_host, #inside_workspace_boundary?, #invalidate_login, #mytask, #myworkspace, #myworkspace_id, #report_auth_info, #report_client, #report_exploit, #report_host, #report_loot, #report_note, #report_service, #report_vuln, #report_web_form, #report_web_page, #report_web_site, #report_web_vuln, #store_cred, #store_local, #store_loot
Methods included from Metasploit::Framework::Require
optionally, optionally_active_record_railtie, optionally_include_metasploit_credential_creation, #optionally_include_metasploit_credential_creation, optionally_require_metasploit_db_gem_engines
Constructor Details
#initialize(framework: nil, framework_module: nil) ⇒ Storage
Returns a new instance of Storage.
14 15 16 17 |
# File 'lib/msf/core/exploit/remote/pkcs12/storage.rb', line 14 def initialize(framework: nil, framework_module: nil) @framework = framework || framework_module&.framework @framework_module = framework_module end |
Instance Attribute Details
#framework ⇒ Object (readonly)
Returns the value of attribute framework.
8 9 10 |
# File 'lib/msf/core/exploit/remote/pkcs12/storage.rb', line 8 def framework @framework end |
#framework_module ⇒ Object (readonly)
Returns the value of attribute framework_module.
12 13 14 |
# File 'lib/msf/core/exploit/remote/pkcs12/storage.rb', line 12 def framework_module @framework_module end |
Instance Method Details
#activate(ids:) ⇒ Array<StoredPkcs12>
Mark Pkcs12(s) as active
148 149 150 |
# File 'lib/msf/core/exploit/remote/pkcs12/storage.rb', line 148 def activate(ids:) set_status(ids: ids, status: 'active') end |
#deactivate(ids:) ⇒ Array<StoredPkcs12>
Mark Pkcs12(s) as inactive
140 141 142 |
# File 'lib/msf/core/exploit/remote/pkcs12/storage.rb', line 140 def deactivate(ids:) set_status(ids: ids, status: 'inactive') end |
#delete(options = {}) ⇒ Object
114 115 116 117 118 119 120 121 122 123 124 125 |
# File 'lib/msf/core/exploit/remote/pkcs12/storage.rb', line 114 def delete( = {}) if .keys == [:ids] # skip calling #filter_pkcs12 which issues a query when the IDs are specified ids = [:ids] else ids = filter_pkcs12().map(&:id) end framework.db.delete_credentials(ids: ids).map do |stored_pkcs12| StoredPkcs12.new(stored_pkcs12) end end |
#filter_pkcs12(options) ⇒ Array<Metasploit::Credential::Core>
Return the raw stored pkcs12.
68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 |
# File 'lib/msf/core/exploit/remote/pkcs12/storage.rb', line 68 def filter_pkcs12() return [] unless active_db? filter = {} filter[:id] = [:id] if [:id].present? creds = framework.db.creds( workspace: .fetch(:workspace) { workspace }, type: 'Metasploit::Credential::Pkcs12', **filter ).select do |cred| # this is needed since if a filter is provided (e.g. `id:`) framework.db.creds will ignore the type: next false unless cred.private.type == 'Metasploit::Credential::Pkcs12' if [:username].present? next false if [:username].casecmp(cred.public.username) != 0 end if [:realm].present? && cred.realm next false if [:realm].casecmp(cred.realm.value) != 0 end if [:status].present? # If status is not set on the credential, considere it is `active` status = cred.private.status || 'active' next false if status != [:status] end cert = cred.private.openssl_pkcs12.certificate unless Time.now.between?(cert.not_before, cert.not_after) ilog("[filter_pkcs12] Found a matching certificate but it has expired") next false end if [:tls_auth] eku = cert.extensions.select { |c| c.oid == 'extendedKeyUsage' }.first unless eku&.value.include?('TLS Web Client Authentication') ilog("[filter_pkcs12] Found a matching certificate but it doesn't have the 'TLS Web Client Authentication' EKU") next false end end true end end |
#pkcs12(options = {}, &block) ⇒ Array<StoredPkcs12>
Get stored pkcs12 matching the options query.
52 53 54 55 56 57 58 59 60 61 62 |
# File 'lib/msf/core/exploit/remote/pkcs12/storage.rb', line 52 def pkcs12( = {}, &block) stored_pkcs12_array = filter_pkcs12().map do |pkcs12_entry| StoredPkcs12.new(pkcs12_entry) end stored_pkcs12_array.each do |stored_pkcs12| block.call(stored_pkcs12) if block_given? end stored_pkcs12_array end |
#read_pkcs12_cert_path(cert_path, cert_pass = '', workspace: nil) ⇒ Object
22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 |
# File 'lib/msf/core/exploit/remote/pkcs12/storage.rb', line 22 def read_pkcs12_cert_path(cert_path, cert_pass = '', workspace: nil) if cert_path&.start_with?('id:') core = framework.db.creds({ workspace: workspace, id: cert_path.delete_prefix('id:') }).first raise Msf::ValidationError, 'Invalid cert id provided' unless core raise Msf::ValidationError, 'Invalid cert id provided - not a pkcs12 credential' unless core.private.type == 'Metasploit::Credential::Pkcs12' data = Base64.decode64(core.private.data) else is_readable = ::File.file?(cert_path) && ::File.readable?(cert_path) raise Msf::ValidationError, 'Failed to load the PFX certificate file. The path was not a readable file.' unless is_readable data = File.binread(cert_path) end begin # TODO: Is it possible to read the cert pass from the db? pkcs12 = OpenSSL::PKCS12.new(data, cert_pass) rescue StandardError => e raise Msf::ValidationError, "Failed to load the PFX file (#{e})" end { path: cert_path, value: pkcs12 } end |
#workspace ⇒ String
Returns The name of the workspace in which to operate.
128 129 130 131 132 133 134 |
# File 'lib/msf/core/exploit/remote/pkcs12/storage.rb', line 128 def workspace if @framework_module return @framework_module.workspace elsif @framework&.db&.active return @framework.db.workspace&.name end end |