CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

1
module Metasploit
2
  module Framework
3
    module LoginScanner
4

5
      # The Result class provides a standard structure in which
6
      # LoginScanners can return the result of a login attempt
7

8
      class Result
9
        include ActiveModel::Validations
10

11
        # @!attribute access_level
12
        #   @return [String] the access level gained
13
        attr_accessor :access_level
14
        # @!attribute credential
15
        #   @return [Credential] the Credential object the result is for
16
        attr_accessor :credential
17
        # @!attribute host
18
        #   @return [String] the address of the target host for this result
19
        attr_accessor :host
20
        # @!attribute port
21
        #   @return [Integer] the port number of the service for this result
22
        attr_accessor :port
23
        # @!attribute proof
24
        #   @return [#to_s] the proof of the login's success or failure
25
        attr_accessor :proof
26
        # @!attribute protocol
27
        #   @return [String] the transport protocol used for this result (tcp/udp)
28
        attr_accessor :protocol
29
        # @!attribute service_name
30
        #   @return [String] the name to give the service for this result
31
        attr_accessor :service_name
32
        # @!attribute status
33
        #   @return [String] the status of the attempt. Should be a member of `Metasploit::Model::Login::Status::ALL`
34
        attr_accessor :status
35
        # @!attribute connection
36
        #   @return [Object] the post-authenticated connection object (if the scanner chooses to leave it open)
37
        attr_accessor :connection
38

39
        validates :status,
40
          inclusion: {
41
              in: Metasploit::Model::Login::Status::ALL
42
          }
43

44
        # @param attributes [Hash{Symbol => String,nil}]
45
        def initialize(attributes={})
46
          attributes.each do |attribute, value|
47
            public_send("#{attribute}=", value)
48
          end
49
        end
50

51
        def inspect
52
          "#<#{self.class} #{credential.public}:#{credential.private}@#{credential.realm} #{status} >"
53
        end
54

55
        def success?
56
          status == Metasploit::Model::Login::Status::SUCCESSFUL || status == Metasploit::Model::Login::Status::NO_AUTH_REQUIRED
57
        end
58

59
        # This method takes all the data inside the Result object
60
        # and spits out a hash compatible with #create_credential
61
        # and #create_credential_login.
62
        #
63
        # @return [Hash] the hash to use with #create_credential and #create_credential_login
64
        def to_h
65
          result_hash = credential.to_h
66
          result_hash.merge!(
67
              access_level: access_level,
68
              address: host,
69
              last_attempted_at: DateTime.now,
70
              origin_type: :service,
71
              port: port,
72
              proof: proof,
73
              protocol: protocol,
74
              service_name: service_name,
75
              status: status
76
          )
77
          result_hash.delete_if { |k,v| v.nil? }
78
        end
79

80
      end
81

82
    end
83
  end
84
end
85

86