adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Address PR feedback

Browse Source
This commit is contained in:
cgranleese-r7
2025-09-11 15:15:55 +01:00
parent dbb631ffb6
commit f26c14f05a
4 changed files with 26 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/metasploit/framework/login_scanner/postgres.rb
+19 -4
View File
@@ -1,6 +1,4 @@
require 'metasploit/framework/login_scanner/base'
require 'metasploit/framework/login_scanner/rex_socket'
require 'metasploit/framework/tcp/client'
require 'postgres_msf'
module Metasploit
@@ -12,8 +10,25 @@ module Metasploit
# and attempting them. It then saves the results.
class Postgres
include Metasploit::Framework::LoginScanner::Base
include Metasploit::Framework::LoginScanner::RexSocket
include Metasploit::Framework::Tcp::Client
# @!attribute ssl
# @return [Boolean] Whether the connection should use SSL
attr_accessor :ssl
# @!attribute ssl_version
# @return [String] The version of SSL to implement
attr_accessor :ssl_version
# @!attribute ssl_verify_mode
# @return [String] the SSL certification verification mechanism
attr_accessor :ssl_verify_mode
# @!attribute ssl_cipher
# @return [String] The SSL cipher to use for the context
attr_accessor :ssl_cipher
# @!attribute max_send_size
# @return [Integer] The max size of the data to encapsulate in a single packet
attr_accessor :max_send_size
# @!attribute send_delay
# @return [Integer] The delay between sending packets
attr_accessor :send_delay
# @returns [Boolean] If a login is successful and this attribute is true - a Msf::Db::PostgresPR::Connection instance is used as proof,
# and the socket is not immediately closed
lib/metasploit/framework/tcp/client.rb
-5
View File
@@ -80,11 +80,6 @@ module Metasploit
dossl = ssl
end
# For Postgres, always connect with SSL disabled; SSL is enabled after the initial connection is made
if defined?(self) && self.class.name =~ /Postgres/
dossl = false
end
nsock = Rex::Socket::Tcp.create(
'PeerHost' => opts['RHOST'] || rhost,
'PeerHostname' => opts['SSLServerNameIndication'] || opts['RHOSTNAME'],
lib/postgres/postgres-pr/connection.rb
+4 -3
View File
@@ -358,13 +358,14 @@ class Connection
'Proxies' => proxies
)
if ssl
# Send SSLRequest packet
ssl_request = [8, 80877103].pack('N2')
@conn.write(ssl_request)
ssl_request_message = SSLRequest.new(80877103)
@conn.write(ssl_request_message.dump)
response = @conn.read(1)
if response == 'S'
ssl_context = OpenSSL::SSL::SSLContext.new
ssl_socket = OpenSSL::SSL::SSLSocket.new(@conn, ssl_context)
# Ensure the underlying TCP socket is closed when the SSL socket is closed
# This prevents resource leaks and ensures proper cleanup of the connection
ssl_socket.sync_close = true
ssl_socket.connect
@conn = ssl_socket
spec/lib/metasploit/framework/login_scanner/postgres_spec.rb
+3 -2
View File
@@ -5,6 +5,7 @@ RSpec.describe Metasploit::Framework::LoginScanner::Postgres do
let(:public) { 'root' }
let(:private) { 'toor' }
let(:realm) { 'template1' }
let(:host) { '127.0.0.1' }
let(:full_cred) {
Metasploit::Framework::Credential.new(
@@ -23,7 +24,7 @@ RSpec.describe Metasploit::Framework::LoginScanner::Postgres do
)
}
subject(:login_scanner) { described_class.new }
subject(:login_scanner) { described_class.new(host: host) }
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: true
@@ -40,7 +41,7 @@ RSpec.describe Metasploit::Framework::LoginScanner::Postgres do
context 'when there is no realm on the credential' do
it 'uses template1 as the default realm' do
expect(Msf::Db::PostgresPR::Connection).to receive(:new).with('template1', 'root', 'toor', 'tcp://:', nil, nil)
expect(Msf::Db::PostgresPR::Connection).to receive(:new).with('template1', 'root', 'toor', 'tcp://127.0.0.1:5432', nil, nil)
login_scanner.attempt_login(cred_no_realm)
end
end