Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Path: blob/master/lib/metasploit/framework/credential.rb
Views: 11777
require 'active_model'12module Metasploit3module Framework4# This class provides an in-memory representation of a conceptual Credential5#6# It contains the public, private, and realm if any.7class Credential8include ActiveModel::Validations910# @!attribute paired11# @return [Boolean] Whether BOTH a public and private are required12# (defaults to `true`)13attr_accessor :paired14# @!attribute parent15# @return [Object] the parent object that had .to_credential called on it to create this object16attr_accessor :parent17# @!attribute private18# The private credential component (e.g. password)19#20# @return [String] if {#paired} is `true` or {#private} is `nil`21# @return [String, nil] if {#paired} is `false` or {#private} is not `nil`.22attr_accessor :private23# @!attribute private_type24# The type of private credential this object represents, e.g. a25# password or an NTLM hash.26#27# @return [String]28attr_accessor :private_type29# @!attribute public30# The public credential component (e.g. username)31#32# @return [String] if {#paired} is `true` or {#public} is `nil`33# @return [String, nil] if {#paired} is `false` or {#public} is not `nil`.34attr_accessor :public35# @!attribute realm36# @return [String,nil] The realm credential component (e.g domain name)37attr_accessor :realm38# @!attribute realm_key39# @return [String,nil] The type of {#realm}40attr_accessor :realm_key4142validates :paired,43inclusion: { in: [true, false] }4445# If we have no public we MUST have a private (e.g. SNMP Community String)46validates :private,47exclusion: { in: [nil] },48if: -> { public.nil? or paired }4950# These values should be #demodularized from subclasses of51# `Metasploit::Credential::Private`52validates :private_type,53inclusion: { in: [ :password, :ntlm_hash, :postgres_md5, :ssh_key ] },54if: -> { private_type.present? }5556# If we have no private we MUST have a public57validates :public,58presence: true,59if: -> { private.nil? or paired }6061# @param attributes [Hash{Symbol => String,nil}]62def initialize(attributes={})63attributes.each do |attribute, value|64public_send("#{attribute}=", value)65end6667self.paired = true if self.paired.nil?68end6970def inspect71"#<#{self.class} \"#{self}\" >"72end7374def to_s75if realm && realm_key == Metasploit::Model::Realm::Key::ACTIVE_DIRECTORY_DOMAIN76"#{self.realm}\\#{self.public}:#{self.private}"77elsif self.private78"#{self.public}:#{self.private}#{at_realm}"79else80self.public81end82end8384def ==(other)85other.respond_to?(:public) && other.public == self.public &&86other.respond_to?(:private) && other.private == self.private &&87other.respond_to?(:realm) && other.realm == self.realm88end8990def to_credential91self.parent = self92self93end9495# This method takes all of the attributes of the {Credential} and spits96# them out in a hash compatible with the create_credential calls.97#98# @return [Hash] a hash compatible with #create_credential99def to_h100{101private_data: private,102private_type: private_type,103username: public,104realm_key: realm_key,105realm_value: realm106}107end108109private110111def at_realm112if self.realm.present?113"@#{self.realm}"114else115""116end117end118end119end120end121122123