-
Notifications
You must be signed in to change notification settings - Fork 13.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Optionally store enumerated SMB usernames in DB #12929
Conversation
Currently, the user names are not getting added to the
I submitted a PR to fix that particular issue. Hopefully, once those changes are in master, you can update your branch and test against the changes. If you don't get the error, then I'll go ahead and land. Thanks for taking this issue on! |
Hey @0x44434241, my changes have been landed, so when you get the chance, could you pull in the new changes and test them with your changes? Thanks! |
Sure, I'll test them today. Thanks for sharing what some of the contributing factors were, I'll take a look at the details of your PR and see what I was missing! |
Rebased against upstream/master, looks like it works to me:
Unfortunately the smb_login module won't try each database credential object with the provided SMBPass, but that's probably out of scope for this PR/issue? It makes sense that it does not, that is how DB_ALL_CREDS works.
|
This responds to issue rapid7#12359, where it was noted that enumerated usernames from this module were not being stored in the database. Since they are not a credential pair of user:pass, I have made it an optional feature with 'DB_ALL_USERS', which is consistent with other scanning modules.
The commit history got a little messed up, so I went ahead and force-pushed to your branch.
I think that's expected. I've been testing with |
Testing the new option:
|
Release NotesThis adds the |
No problem, clearly I messed up the rebase somehow? Will look into it. Thanks for catching my error. Thanks for merging! |
This responds to issue #12359, where it was noted that enumerated usernames from this module were not being stored in the database. Since they are not a credential pair of user:pass, I have made it an optional feature with 'DB_ALL_USERS', which is consistent with other scanning modules.
Verification
Default functionality (unchanged):
Set
DB_ALL_USERS
to true in order to save the usernames in the database:Possible Bug?
Now, I would expect that I should be able to use these enumerated usernames in
auxiliary/scanner/smb/smb_login
in the same fashion I can with the SSH equivalents. However, this is what currently happens:So disclaimer, I'm a very new contributor to Metasploit and a Ruby newbie in general. Poking around at the source of the LoginScanner and AuthBrute modules kinda make me think that its more likely I'm putting the data in the database wrong, but I'm not quite sure what I'm missing - feedback or suggestions of 'go and look at this bit' are welcome. I did note that if I make the module insert a fixed string like so:
meterpreter was pretty happy with that:
Thoughts? If you know what I might be getting wrong please point me in the right direction and I'll try and fix it up in this PR - but asking for feedback is better than not doing so. This is only my second PR, constructive feedback and suggestions welcome. Thanks!