-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
post/multi/gather/ssh_creds should verify it has access to a file before reading it #12609
Comments
The module should use #
# See if +path+ on the remote system exists and is readable
#
# @param path [String] Remote path to check
#
# @return [Boolean] true if +path+ exists and is readable
#
def readable?(path)
raise "`readable?' method does not support Windows systems" if session.platform == 'windows'
cmd_exec("test -r '#{path}' && echo true").to_s.include? 'true'
end |
Okay, did it via cmd_exec on my own. See PR. |
Do not see "executable?" method defined. |
Two open PRs at the moment. |
Using the available mixin methods is preferred.
Agree that adding a However... why is it necessary to check if the directory is executable, rather than readable?
|
The read bit (r) allows the affected user to list the files within the directory
|
Steps to reproduce
[*] Looting 3 directories
[+] Downloaded /home/fox/.ssh/authorized_keys -> /root/.msf4/loot/20191119063443_default_10.28.175.104_ssh.authorized_k_668127.txt
[-] Could not load SSH Key: Neither PUB key nor PRIV key
[-] Post failed: Rex::Post::Meterpreter::RequestError stdapi_fs_ls: Operation failed: 1
[-] Call stack:
[-] /usr/share/metasploit-framework/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb:62:in
entries' [-] /usr/share/metasploit-framework/modules/post/multi/gather/ssh_creds.rb:47:in
block in download_loot'[-] /usr/share/metasploit-framework/modules/post/multi/gather/ssh_creds.rb:43:in
each' [-] /usr/share/metasploit-framework/modules/post/multi/gather/ssh_creds.rb:43:in
download_loot'[-] /usr/share/metasploit-framework/modules/post/multi/gather/ssh_creds.rb:38:in `run'
Expected behavior
Should not thrown an exception.
Read permission should be verified before accessing file.
System stuff
Metasploit version
5.0.59-dev
I installed Metasploit with:
OS
What OS are you running Metasploit on?
Kali 2019.4
The text was updated successfully, but these errors were encountered: