Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ensure selected cracker is available and viable #14669

Merged
merged 3 commits into from
Feb 5, 2021
Merged

ensure selected cracker is available and viable #14669

merged 3 commits into from
Feb 5, 2021

Conversation

jmartin-tech
Copy link
Contributor

When no password cracker is installed cracker_version returns nil.
Guard against nil in the version check and consolidate detection of
a viable environment and application as a responsibility of the factory
that provides the instance.

Verification

List the steps needed to make sure this thing works

  • Start msfconsole on a system without john or hashcat installed and a empty database available
  • db_disconnect
  • use crack_linux (or any other auxiliary/analyze/crack_* module)
  • run
  • Verify Failure is reported with database requirement noted.
  • Start msfconsole on a system without john or hashcat installed
  • db_connect
  • use crack_linux
  • run
  • Verify Failure is reported noting no binary found.
  • install john without jumbo patch
  • use crack_linux
  • run
  • Verify Failure is reported noting jumbo patch is required.
  • install john with jumbo patch
  • use crack_linux
  • run
  • Verify Result reports no credentials cracked since none exist in the database.
  • use crack_linux
  • set action hashcat
  • run
  • Verify Failure is reported noting no binary found.
  • install hashcat
  • use crack_linux
  • set action hashcat
  • run
  • Verify Result reports no credentials cracked since none exist in the database.

@jmartin-tech
ensure selected cracker is available and viable
6f7f1db 
When no password cracker is installed `cracker_version` returns `nil`.
Guard against `nil` in the version check and consolidate detection of
a viable environment and application as a responsibility of the factory
that provides the instance.
h00die
h00die reviewed Feb 1, 2021
View reviewed changes
Copy link
Contributor

@h00die h00die left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

untested, but that does clean the code up!

modules/auxiliary/analyze/crack_databases.rb Outdated Show resolved Hide resolved
adfoster-r7
adfoster-r7 approved these changes Feb 5, 2021
View reviewed changes
Copy link
Contributor

@adfoster-r7 adfoster-r7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Everything looks good to me; Just want to confirm that open question then I can land this 👍

@adfoster-r7 adfoster-r7 self-assigned this Feb 5, 2021
@adfoster-r7 adfoster-r7 merged commit b3da14e into rapid7:master Feb 5, 2021
@adfoster-r7 adfoster-r7 added the rn-enhancement release notes enhancement label Feb 5, 2021
@adfoster-r7
Copy link
Contributor

adfoster-r7 commented Feb 5, 2021
edited by pbarry-r7
Loading

Release Notes

Improved error message feedback when using the auxiliary/analyze/crack_* modules. Examples include notifying the user that the database needs to be active and having JohnTheRipper Jumbo patch installed.

@jmartin-tech jmartin-tech deleted the guard-version-check branch April 3, 2021 01:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@h00die h00die h00die left review comments

@adfoster-r7 adfoster-r7 adfoster-r7 approved these changes

@pbarry-r7 pbarry-r7 Awaiting requested review from pbarry-r7

Assignees

@adfoster-r7 adfoster-r7

Labels
rn-enhancement release notes enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jmartin-tech @adfoster-r7 @h00die