Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update the creds command to allow viewing ssh key contents #17355

Merged
merged 1 commit into from
Dec 12, 2022
Merged

Update the creds command to allow viewing ssh key contents #17355

merged 1 commit into from
Dec 12, 2022

Conversation

adfoster-r7
Copy link
Contributor

@adfoster-r7 adfoster-r7 commented Dec 10, 2022
edited by gwillcox-r7

Improvement to #11058

Updates the creds command to show the full ssh key contents when running the creds -v command or when exporting to a file with creds -o output.txt. Previously only a shortened fingerprint string would be shown to the user.

Verification

List the steps needed to make sure this thing works

  • Ensure you have msfconsole's database setup
  • Start msfconsole
  • Create a pem file irb -e "File.binwrite('example.pem', OpenSSL::PKey::RSA.generate(2048).to_s)"
  • Import the cred creds add user:sshadmin ssh-key:./example.pem

Verify the creds output shows the to_s representation by default:

msf6 auxiliary(admin/dcerpc/icpr_cert) > creds
Credentials
===========

host  origin  service  public    private                                          realm  private_type  JtR Format
----  ------  -------  ------    -------                                          -----  ------------  ----------
                       sshadmin  b6:51:b0:bd:b5:98:97:fa:a8:75:db:c3:92:28:07:ed         SSH key

Verify the -v verbose/no truncate mode shows the full pem:

msf6 auxiliary(admin/dcerpc/icpr_cert) > creds -v
Credentials
===========

host  origin  service  public    private                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         realm  private_type  JtR Format
----  ------  -------  ------    -------                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         -----  ------------  ----------
                       sshadmin  -----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAzvM....etc...etc...YBczcfOK7W7Buz
Q8TtVUi1qwWKuDoW8Ec0zXxvQa4LupMAu8DIcvONoooBYujVHOBMmaY=
-----END RSA PRIVATE KEY-----         SSH key

Verify the -o flag exports the ssh key still:

msf6 auxiliary(admin/dcerpc/icpr_cert) > creds -o foo.txt
[*] Wrote creds to /Users/adfoster/Documents/code/metasploit-framework/foo.txt
msf6 auxiliary(admin/dcerpc/icpr_cert) > cat foo.txt
[*] exec: cat foo.txt

host,origin,service,public,private,realm,private_type,JtR Format
"","","","sshadmin","-----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEAzvM....etc...etc...YBczcfOK7W7Buz
Q8TtVUi1qwWKuDoW8Ec0zXxvQa4LupMAu8DIcvONoooBYujVHOBMmaY=","","SSH key",""

@adfoster-r7 adfoster-r7 mentioned this pull request Dec 10, 2022
Merged
@adfoster-r7 adfoster-r7 changed the title Show ssh key with verbose creds command Update the creds command to allow viewing ssh key contents Dec 10, 2022
@gwillcox-r7 gwillcox-r7 self-assigned this Dec 12, 2022
@gwillcox-r7
Copy link
Contributor 

msf6 > creds
Credentials
===========

host            origin          service        public                                                      private                                                                                              realm         private_type  JtR Format
----            ------          -------        ------                                                      -------                                                                                              -----         ------------  ----------
                                               sshadmin                                                    58:02:d4:2c:f7:88:b2:d9:35:df:4b:0c:3c:6d:87:02                                                                    SSH key

And the -v option:

msf6 > creds -v
Credentials
===========

host            origin          service        public                                                      private                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         realm         private_type  JtR Format
----            ------          -------        ------                                                      -------                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         -----         ------------  ----------
                                               sshadmin                                                    -----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAqE7Z1CjmZAMFUSeZhQz1/DNQOOKDgSMJ6y9biHwQTyb3rmRu
*truncated*
-----END RSA PRIVATE KEY-----                SSH key

Output also working well:

msf6 > creds -o foo.txt
[*] Wrote creds to /home/gwillcox/git/metasploit-framework/foo.txt
msf6 > cat foo.txt
[*] exec: cat foo.txt

host,origin,service,public,private,realm,private_type,JtR Format
* non relevant, cut for brevity *
"","","","sshadmin","-----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAqE7Z1CjmZAMFUSeZhQz1/DNQOOKDgSMJ6y9biHwQTyb3rmRu
*cut for brevity*
RfCjlAFYrhJ2buNzbmhe636BqgiHywe9mX1+1Zq8LaKAmvScarvexw== -----END RSA PRIVATE KEY-----","","SSH key",""
msf6 >

@gwillcox-r7
Copy link
Contributor

Will land this now, all looks good

@gwillcox-r7 gwillcox-r7 merged commit 2cb66a5 into rapid7:master Dec 12, 2022
@gwillcox-r7 gwillcox-r7 added enhancement rn-enhancement release notes enhancement labels Dec 12, 2022
@gwillcox-r7
Copy link
Contributor

Release Notes

The creds command has been updated to show the full SSH key contents when running the creds -v command or when exporting to a file with creds -o output.txt. Previously only a shortened fingerprint string would be shown to the user.

@adfoster-r7 adfoster-r7 mentioned this pull request Dec 13, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gwillcox-r7 gwillcox-r7 gwillcox-r7 approved these changes

@smcintyre-r7 smcintyre-r7 Awaiting requested review from smcintyre-r7

Assignees

@gwillcox-r7 gwillcox-r7

Labels
enhancement rn-enhancement release notes enhancement
Projects
Metasploit Kanban
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@adfoster-r7 @gwillcox-r7