Class: Metasploit::Framework::LoginScanner::SSH
- Inherits:
-
Object
- Object
- Metasploit::Framework::LoginScanner::SSH
- Includes:
- Base, Msf::Exploit::Remote::SSH
- Defined in:
- lib/metasploit/framework/login_scanner/ssh.rb
Overview
This is the LoginScanner class for dealing with the Secure Shell protocol. It is responsible for taking a single target, and a list of credentials and attempting them. It then saves the results.
Constant Summary collapse
- CAN_GET_SESSION =
CONSTANTS
true- DEFAULT_PORT =
22- LIKELY_PORTS =
[ DEFAULT_PORT ]
- LIKELY_SERVICE_NAMES =
[ 'ssh' ]
- PRIVATE_TYPES =
[ :password, :ssh_key ]
- REALM_KEY =
nil- VERBOSITIES =
[ :debug, :info, :warn, :error, :fatal ]
Instance Attribute Summary collapse
-
#skip_gather_proof ⇒ Boolean
Whether to skip calling gather_proof.
-
#ssh_socket ⇒ Net::SSH::Connection::Session
The current SSH connection.
-
#verbosity ⇒ Symbol
The verbosity level for the SSH client.
Instance Method Summary collapse
Methods included from Msf::Exploit::Remote::SSH
#ssh_client_defaults, #ssh_socket_factory
Methods included from Msf::Exploit::Remote::SSH::Options
#initialize, #peer, #rhost, #rport
Instance Attribute Details
#skip_gather_proof ⇒ Boolean
Returns Whether to skip calling gather_proof.
45 46 47 |
# File 'lib/metasploit/framework/login_scanner/ssh.rb', line 45 def skip_gather_proof @skip_gather_proof end |
#ssh_socket ⇒ Net::SSH::Connection::Session
Returns The current SSH connection.
37 38 39 |
# File 'lib/metasploit/framework/login_scanner/ssh.rb', line 37 def ssh_socket @ssh_socket end |
#verbosity ⇒ Symbol
The verbosity level for the SSH client.
42 43 44 |
# File 'lib/metasploit/framework/login_scanner/ssh.rb', line 42 def verbosity @verbosity end |
Instance Method Details
#attempt_login(credential) ⇒ Object
Note:
The caller must close #ssh_socket
53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 |
# File 'lib/metasploit/framework/login_scanner/ssh.rb', line 53 def attempt_login(credential) self.ssh_socket = nil opt_hash = ssh_client_defaults.merge({ :port => port, :verbose => verbosity }) case credential.private_type when :password, nil opt_hash.update( :auth_methods => ['password','keyboard-interactive'], :password => credential.private, ) when :ssh_key opt_hash.update( :auth_methods => ['publickey'], :key_data => credential.private, ) end = { credential: credential } begin ::Timeout.timeout(connection_timeout) do self.ssh_socket = Net::SSH.start( host, credential.public, opt_hash ) end rescue OpenSSL::Cipher::CipherError, ::EOFError, Net::SSH::Disconnect, Rex::ConnectionError, ::Timeout::Error, Errno::ECONNRESET, Errno::EPIPE => e .merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: e) rescue Net::SSH::Exception => e status = Metasploit::Model::Login::Status::INCORRECT status = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT if e..split("\n").first == 'could not settle on kex algorithm' .merge!(status: status, proof: e) end unless .has_key? :status if ssh_socket begin proof = gather_proof unless skip_gather_proof rescue StandardError => e elog('Failed to gather SSH proof', error: e) proof = nil end .merge!(status: Metasploit::Model::Login::Status::SUCCESSFUL, proof: proof) else .merge!(status: Metasploit::Model::Login::Status::INCORRECT, proof: nil) end end result = ::Metasploit::Framework::LoginScanner::Result.new() result.host = host result.port = port result.protocol = 'tcp' result.service_name = 'ssh' result end |
#get_platform(proof) ⇒ Object
130 131 132 |
# File 'lib/metasploit/framework/login_scanner/ssh.rb', line 130 def get_platform(proof) Metasploit::Framework::Ssh::Platform.get_platform_from_info(proof) end |