Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updates report summary mixin with an additional fallback when finding creds #19610

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Updates report summary mixin with an additional fallback when finding creds #19610

wants to merge 1 commit into from

Conversation

cgranleese-r7
Copy link
Contributor

Fixes an issue where if credential_data[:username] and credential_data[:private_data] where not populated the report summary would be blank even with a successful login.

Before

msf6 auxiliary(scanner/smb/smb_login) > run

[*] <IP>:445   - <IP>:445 - Starting SMB login bruteforce
[+] <IP>:445   - <IP>:445 - Success: '.\Administrator:Password1' Administrator
[*] <IP>:445   - Scanned 1 of 1 hosts (100% complete)
[*] <IP>:445   - Scan completed, 1 credential was successful.

Successful logins
=================

    Host             Public         Private
    ----             ------         -------
    <IP>            


[*] <IP>:445   - Bruteforce completed, 1 credential was successful.
[*] <IP>:445   - You can open an SMB session with these credentials and CreateSession set to true
[*] Auxiliary module execution completed

After

msf6 auxiliary(scanner/smb/smb_login) > run

[*] <IP>:445   - <IP>:445 - Starting SMB login bruteforce
[+] <IP>:445   - <IP>:445 - Success: '.\Administrator:Password1' Administrator
[*] <IP>:445   - Scanned 1 of 1 hosts (100% complete)
[*] <IP>:445   - Scan completed, 1 credential was successful.

Successful logins
=================

    Host             Public         Private
    ----             ------         -------
    <IP>             Administrator  Password1


[*] <IP>:445   - Bruteforce completed, 1 credential was successful.
[*] <IP>:445   - You can open an SMB session with these credentials and CreateSession set to true
[*] Auxiliary module execution completed

Verification

  • Start msfconsole
  • Run use scanner/smb/smb_login
  • Verify the module now returns credentials
  • Verify other modules that rely on the mixin still report as expected e.g. scanner/ldap/ldap_login

@cgranleese-r7 cgranleese-r7 added the rn-fix release notes fix label Nov 1, 2024
@cgranleese-r7 cgranleese-r7 marked this pull request as ready for review November 1, 2024 10:46
@cgranleese-r7 cgranleese-r7 force-pushed the fixes-report-summary branch 2 times, most recently from 293b830 to e4ea81b Compare November 1, 2024 15:15
@cgranleese-r7 cgranleese-r7 marked this pull request as draft November 1, 2024 15:17
@cgranleese-r7 cgranleese-r7 force-pushed the fixes-report-summary branch 2 times, most recently from a3cf379 to 43f3b1b Compare November 1, 2024 15:25
@cgranleese-r7 cgranleese-r7 marked this pull request as ready for review November 1, 2024 15:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
rn-fix release notes fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@cgranleese-r7