Metasploit mailing list archives
Re: ERROR: invalid input when using new Credential API
From: Pedro Ribeiro <pedrib () gmail com>
Date: Fri, 3 Oct 2014 09:15:20 +0100
Isn't that too limiting? What if you are collecting the creds for a host which is inside a private network, but you can only see the externally facing host? Or in other words, what would you do in this case? The host name might be the same as the rhost, but not on all cases and we can't know that from the exploit. Regards Pedro
On 3 Oct 2014 01:37, "HD Moore" <x () hdm io> wrote:The database is keyed off IP addresses, so you are correct in that any
reported credential with an address field needs to have an associated IP (or the hostname must resolve).
-HD-----Original Message----- From: framework [mailto:framework-bounces () spool metasploit com] On Behalf Of Pedro Ribeiro Sent: Thursday, October 2, 2014 5:19 PM To: Metasploit List Subject: [framework] ERROR: invalid input when using new Credential API Hi, I'm building an aux module that gets the SQL database credentials from
a
target. These credentials are provided in the form hostname-username- password. I'm using the new Credential API and doing the following: service_data = { address: loot[database_server_name].split('\\')[0], # port is 0 because we can't get it from the packet_reply port: 0, service_name: loot[database_type], protocol: 'tcp', workspace_id: myworkspace_id } (full code in [1]) However, when I run the module I get the stack trace on [2]. It seems I cannot set the address to a hostname, only numeric IP
values?
Or am I doing something wrong? Thanks for the help. Regards, Pedro [1]: service_data = { address: loot[database_server_name].split('\\')[0], # port is 0 because we can't get it from the packet_reply port: 0, service_name: loot[database_type], protocol: 'tcp', workspace_id: myworkspace_id } credential_data = { origin_type: :service, module_fullname: self.fullname, private_type: :password, private_data: loot[database_pw], username: loot[schema_owner] , # We store the SID for Oracle or the instance name for SQL
Server.
# There's no realm_key for SQL Server so store it as Oracle
anyway.
realm_key:
Metasploit::Model::Realm::Key::ORACLE_SYSTEM_IDENTIFIER,
realm_value: loot[database_server_name].split('\\')[1] } credential_data.merge!(service_data) credential_core = create_credential(credential_data) login_data = { core: credential_core, status: Metasploit::Model::Login::Status::UNTRIED } login_data.merge!(service_data) create_credential_login(login_data) [2]: [-] Auxiliary failed: ActiveRecord::StatementInvalid PG::InvalidTextRepresentation: ERROR: invalid input syntax for type inet: "SVR-KIT-TI" LINE 1: ..."hosts".* FROM "hosts" WHERE "hosts"."address" =
'SVR-KIT-T...
^ : SELECT "hosts".* FROM "hosts" WHERE "hosts"."address" =
'SVR-KIT-TI' AND
"hosts"."workspace_id" = 1 LIMIT 1 [-] Call stack: [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:1163:in
`async_exec' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:1163:in
`exec_no_cache' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:660:in
`block in exec_query' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/connection_adapters/abstract_adapter.rb:280:in `block in log' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activesupport-
3.2.17/lib/active_support/notifications/instrumenter.rb:20:in `instrument' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/connection_adapters/abstract_adapter.rb:275:in `log' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:659:in
`exec_query' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:1262:in
`select' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/connection_adapters/abstract/database_statements.r
b:18:in `select_all' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/connection_adapters/abstract/query_cache.rb:63:in
`select_all' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/querying.rb:38:in `block in find_by_sql' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/explain.rb:26:in `logging_query_plan' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/querying.rb:37:in `find_by_sql' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/relation.rb:171:in `exec_queries' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/relation.rb:160:in `block in to_a' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/explain.rb:26:in `logging_query_plan' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/relation.rb:159:in `to_a' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/relation/finder_methods.rb:381:in `find_first' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/relation/finder_methods.rb:122:in `first' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-
3.2.17/lib/active_record/relation.rb:119:in `first_or_create' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/metasploit-
credential-0.10.1/lib/metasploit/credential/creation.rb:430:in `create_credential_service' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/metasploit-
credential-0.10.1/lib/metasploit/credential/creation.rb:309:in `create_credential_origin_service' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/metasploit-
credential-0.10.1/lib/metasploit/credential/creation.rb:239:in `create_credential_origin' [-]
/opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/metasploit-
credential-0.10.1/lib/metasploit/credential/creation.rb:104:in `create_credential' _______________________________________________ https://dev.metasploit.com/mailman/listinfo/framework_______________________________________________ https://dev.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://dev.metasploit.com/mailman/listinfo/framework
Current thread:
- ERROR: invalid input when using new Credential API Pedro Ribeiro (Oct 02)
- Re: ERROR: invalid input when using new Credential API HD Moore (Oct 02)
- Message not available
- Re: ERROR: invalid input when using new Credential API Pedro Ribeiro (Oct 03)
- Message not available
- Re: ERROR: invalid input when using new Credential API Pedro Ribeiro (Oct 07)
- Re: ERROR: invalid input when using new Credential API HD Moore (Oct 02)