1
mirror of https://github.com/rapid7/metasploit-framework synced 2024-10-29 18:07:27 +01:00

Watch out, the style police is in da house

git-svn-id: file:///home/svn/framework3/trunk@14083 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
Wei Chen 2011-10-26 23:31:12 +00:00
parent 6ba153c9f5
commit 5d8c3e956e
5 changed files with 150 additions and 160 deletions

View File

@ -22,7 +22,9 @@ class Metasploit3 < Msf::Auxiliary
acquired from the mssql_hashdump module. Passwords that have been successfully
cracked are then saved as propper credentials
},
'Author' => ['TheLightCosine <thelightcosine[at]gmail.com>',
'Author' =>
[
'TheLightCosine <thelightcosine[at]gmail.com>',
'hdm'
],
'License' => MSF_LICENSE # JtR itself is GPLv2, but this wrapper is MSF (BSD)
@ -39,9 +41,6 @@ class Metasploit3 < Msf::Auxiliary
print_status("Cracking MSSQL05 Hashes")
crack("mssql05")
end
def build_seed
@ -67,7 +66,6 @@ class Metasploit3 < Msf::Auxiliary
# Seed the wordlist with usernames, passwords, and hostnames
myworkspace.hosts.find(:all).each {|o| seed << john_expand_word( o.name ) if o.name }
myworkspace.creds.each do |o|
seed << john_expand_word( o.user ) if o.user
@ -131,4 +129,3 @@ class Metasploit3 < Msf::Auxiliary
end
end

View File

@ -16,13 +16,15 @@ class Metasploit3 < Msf::Auxiliary
def initialize
super(
'Name' => 'John the Ripper MySQL Password Cracker (Fast Mode)',
'Version' => '$$',
'Version' => '$Revision$',
'Description' => %Q{
This module uses John the Ripper to identify weak passwords that have been
acquired from the mysql_hashdump module. Passwords that have been successfully
cracked are then saved as propper credentials
},
'Author' => ['TheLightCosine <thelightcosine[at]gmail.com>',
'Author' =>
[
'TheLightCosine <thelightcosine[at]gmail.com>',
'hdm'
] ,
'License' => MSF_LICENSE # JtR itself is GPLv2, but this wrapper is MSF (BSD)
@ -92,7 +94,6 @@ class Metasploit3 < Msf::Auxiliary
print_status("#{cracked[:cracked]} hashes were cracked!")
cracked[:users].each_pair do |k,v|
print_good("Host: #{v[1]} Port: #{v[2]} User: #{k} Pass: #{v[0]}")
report_auth_info(
@ -106,7 +107,6 @@ class Metasploit3 < Msf::Auxiliary
end
end
def build_seed
@ -132,7 +132,6 @@ class Metasploit3 < Msf::Auxiliary
# Seed the wordlist with usernames, passwords, and hostnames
myworkspace.hosts.find(:all).each {|o| seed << john_expand_word( o.name ) if o.name }
myworkspace.creds.each do |o|
seed << john_expand_word( o.user ) if o.user
@ -150,10 +149,8 @@ class Metasploit3 < Msf::Auxiliary
end
# huh?
def crack(format)
end
end

View File

@ -1,3 +1,7 @@
##
# $Id$
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
@ -16,13 +20,15 @@ class Metasploit3 < Msf::Auxiliary
def initialize
super(
'Name' => 'John the Ripper Oracle Password Cracker (Fast Mode)',
'Version' => '$$',
'Version' => "$Revision$",
'Description' => %Q{
This module uses John the Ripper to identify weak passwords that have been
acquired from the oracle_hashdump module. Passwords that have been successfully
cracked are then saved as propper credentials
},
'Author' => ['TheLightCosine <thelightcosine[at]gmail.com>',
'Author' =>
[
'TheLightCosine <thelightcosine[at]gmail.com>',
'hdm'
] ,
'License' => MSF_LICENSE # JtR itself is GPLv2, but this wrapper is MSF (BSD)
@ -36,10 +42,6 @@ class Metasploit3 < Msf::Auxiliary
@wordlist.close
crack("oracle")
crack("oracle11g")
end
def build_seed
@ -129,4 +131,3 @@ class Metasploit3 < Msf::Auxiliary
end
end

View File

@ -1,3 +1,7 @@
##
# $Id$
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
@ -9,7 +13,6 @@
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::Auxiliary::JohnTheRipper
@ -17,7 +20,7 @@ class Metasploit3 < Msf::Auxiliary
def initialize
super(
'Name' => 'Unix Unshadow Utility',
'Version' => '$$',
'Version' => "$Revision$",
'Description' => %Q{
This module takes a passwd and shadow file and 'unshadows'
them and saves them as linux.hashes loot.
@ -26,11 +29,12 @@ class Metasploit3 < Msf::Auxiliary
'License' => MSF_LICENSE
)
register_options([OptPath.new('passwd', [true, 'The path to the passwd file']),
register_options(
[
OptPath.new('passwd', [true, 'The path to the passwd file']),
OptPath.new('shadow', [true, 'The path to the shadow file']),
OptAddress.new('IP', [true, 'The IP address if the host the shadow file came from']),
])
], self.class)
end
def run
@ -42,12 +46,6 @@ class Metasploit3 < Msf::Auxiliary
lootfile = store_loot("linux.hashes", "text/plain", datastore['IP'], unshadow, filename, "Linux Hashes")
print_status("Saved unshadowed file: #{lootfile}")
end
end
end

View File

@ -1,3 +1,7 @@
##
# $Id$
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
@ -29,9 +33,12 @@ class Metasploit3 < Msf::Auxiliary
'License' => MSF_LICENSE
)
register_options([OptPath.new('Wordlist', [false, 'The path to an optional Wordlist']),
register_options(
[
OptPath.new('Wordlist', [false, 'The path to an optional Wordlist']),
OptBool.new('Munge',[false, 'Munge the Wordlist (Slower)', false])
])
deregister_options('JOHN_BASE','JOHN_PATH')
end
@ -68,14 +75,10 @@ class Metasploit3 < Msf::Auxiliary
end
end
end
def crack_hash(username,hash)
@seed.each do |word|
tmphash = Digest::MD5.hexdigest("#{word}#{username}")
if tmphash == hash
@ -111,7 +114,6 @@ class Metasploit3 < Msf::Auxiliary
# Seed the wordlist with usernames, passwords, and hostnames
myworkspace.hosts.find(:all).each {|o| seed << john_expand_word( o.name ) if o.name }
myworkspace.creds.each do |o|
seed << john_expand_word( o.user ) if o.user
@ -125,7 +127,6 @@ class Metasploit3 < Msf::Auxiliary
john = File.open(john_wordlist_path, "r")
john.each_line{|line| seed << line.chomp}
if datastore['Wordlist']
wordlist= File.open(datastore['Wordlist'], "r")
wordlist.each_line{|line| seed << line.chomp}
@ -147,14 +148,10 @@ class Metasploit3 < Msf::Auxiliary
seed << mungedseed
seed.flatten!
seed.uniq!
end
end
return seed
end
end