Class: Mdm::Cred Deprecated

Inherits:

ApplicationRecord

• Object
• ApplicationRecord
• Mdm::Cred

Defined in:

app/models/mdm/cred.rb

Overview

Deprecated.

Use metasploit-credential's Metasploit::Credential::Core.

A credential captured from a #service.

Constant Summary

KEY_ID_REGEX =

Checks if #proof is an SSH Key in #ssh_key_id.

/([0-9a-fA-F:]{47})/

PTYPES =

Maps #ptype_human to #ptype.

{
    'read/write password' => 'password_rw',
    'read-only password' => 'password_ro',
    'SMB hash' => 'smb_hash',
    'SSH private key' => 'ssh_key',
    'SSH public key' => 'ssh_pubkey'
}

Instance Attribute Summary

• #active ⇒ false, true

  Whether the credential is active.

• #created_at ⇒ DateTime

  When this credential was created.

• #pass ⇒ String^?

  Pass of credential.

• #proof ⇒ String

  Proof of credential capture.

• #ptype ⇒ String

  Type of #pass.

• #source_id ⇒ Integer^?

  Id of source of this credential.

• #source_type ⇒ String^?

  Type of source with #source_id.

• #updated_at ⇒ DateTime

  The last time this credential was updated.

• #user ⇒ String^?

  User name of credential.

Instance Method Summary

• #ptype_human ⇒ String^?

  Humanized #ptype.

• #ssh_key_id ⇒ String^?

  Returns SSH Key ID.

• #ssh_key_matches?(other_cred) ⇒ false, true

  Returns whether other's SSH private key or public key matches.

• #ssh_keys ⇒ ActiveRecord::Relation<Mdm::Cred>

  Returns all keys with matching key ids, including itself.

• #ssh_private_keys ⇒ ActiveRecord::Relation<Mdm::Cred>

  Returns all private keys with matching #ssh_key_id, including itself.

• #ssh_public_keys ⇒ ActiveRecord::Relation<Mdm::Cred>

  Returns all public keys with matching #ssh_key_id, including itself.

• #workspace ⇒ Mdm::Workspace

  Returns its workspace.

Instance Attribute Details

#active ⇒ false, true

Whether the credential is active.

Returns:

• (false) —

  if a captured credential cannot be used to log into #service.

• (true) —

  otherwise

# File 'app/models/mdm/cred.rb', line 49

#created_at ⇒ DateTime

When this credential was created.

Returns:

• (DateTime)

# File 'app/models/mdm/cred.rb', line 55

#pass ⇒ String^?

Pass of credential.

Returns:

• (String, nil)

# File 'app/models/mdm/cred.rb', line 60

#proof ⇒ String

Proof of credential capture.

Returns:

• (String)

# File 'app/models/mdm/cred.rb', line 65

#ptype ⇒ String

Type of #pass.

Returns:

• (String)

# File 'app/models/mdm/cred.rb', line 70

#source_id ⇒ Integer^?

Id of source of this credential.

Returns:

• (Integer, nil)

# File 'app/models/mdm/cred.rb', line 75

#source_type ⇒ String^?

Type of source with #source_id.

Returns:

• (String, nil)

# File 'app/models/mdm/cred.rb', line 80

#updated_at ⇒ DateTime

The last time this credential was updated.

Returns:

• (DateTime)

# File 'app/models/mdm/cred.rb', line 85

#user ⇒ String^?

User name of credential.

Returns:

• (String, nil)

# File 'app/models/mdm/cred.rb', line 90

Instance Method Details

#ptype_human ⇒ String^?

Humanized #ptype.

Returns:

• (String, nil)

# File 'app/models/mdm/cred.rb', line 109

def ptype_human
  humanized = PTYPES.select do |k, v|
    v == ptype
  end.keys[0]

  humanized ? humanized : ptype
end

#ssh_key_id ⇒ String^?

Returns SSH Key ID.

Returns:

• (String) —

  SSH Key Id if ssh-type key and #proof matches KEY_ID_REGEX.

• (nil) —

  otherwise

# File 'app/models/mdm/cred.rb', line 121

def ssh_key_id
  return nil unless self.ptype =~ /^ssh_/
  return nil unless self.proof =~ KEY_ID_REGEX
  $1.downcase # Can't run into NilClass problems.
end

#ssh_key_matches?(other_cred) ⇒ false, true

Returns whether other's SSH private key or public key matches.

Returns:

• (false) —

  if other is not same class as self.

• (false) —

  if #ptype does not match.

• (false) —

  if #ptype is neither "ssh_key" nor "ssh_pubkey".

• (false) —

  if #ssh_key_id is nil.

• (false) —

  if #ssh_key_id does not match.

• (true) —

  if #ssh_key_id matches.

# File 'app/models/mdm/cred.rb', line 135

def ssh_key_matches?(other_cred)
  return false unless other_cred.kind_of? self.class
  return false unless self.ptype == other_cred.ptype
  case self.ptype
    when "ssh_key"
      matches = self.ssh_private_keys
    when "ssh_pubkey"
      matches = self.ssh_public_keys
    else
      return false
  end
  matches.include?(self) and matches.include?(other_cred)
end

#ssh_keys ⇒ ActiveRecord::Relation<Mdm::Cred>

Returns all keys with matching key ids, including itself.

Returns:

• (ActiveRecord::Relation<Mdm::Cred>) —

  ssh_key and ssh_pubkey creds with matching #ssh_key_id.

# File 'app/models/mdm/cred.rb', line 152

def ssh_keys
  (self.ssh_private_keys | self.ssh_public_keys)
end

#ssh_private_keys ⇒ ActiveRecord::Relation<Mdm::Cred>

Returns all private keys with matching #ssh_key_id, including itself.

Returns:

• (ActiveRecord::Relation<Mdm::Cred>) —

  ssh_key creds with matching #ssh_key_id.

# File 'app/models/mdm/cred.rb', line 159

def ssh_private_keys
  return [] unless self.ssh_key_id
  matches = Mdm::Cred.where(
      "ptype = ? AND proof ILIKE ?", "ssh_key", "%#{self.ssh_key_id}%"
  ).to_a
  matches.select {|c| c.workspace == self.workspace}
end

#ssh_public_keys ⇒ ActiveRecord::Relation<Mdm::Cred>

Returns all public keys with matching #ssh_key_id, including itself.

Returns:

• (ActiveRecord::Relation<Mdm::Cred>) —

  ssh_pubkey creds with matching #ssh_key_id.

# File 'app/models/mdm/cred.rb', line 170

def ssh_public_keys
  return [] unless self.ssh_key_id
  matches = Mdm::Cred.where(
      "ptype = ? AND proof ILIKE ?", "ssh_pubkey", "%#{self.ssh_key_id}%"
  ).to_a
  matches.select {|c| c.workspace == self.workspace}
end

#workspace ⇒ Mdm::Workspace

Returns its workspace

Returns:

• (Mdm::Workspace)

# File 'app/models/mdm/cred.rb', line 181

def workspace
  self.service.host.workspace
end