metasploit-framework icon indicating copy to clipboard operation
metasploit-framework copied to clipboard

Published 20 hours ago verified publisher icon rapid7

Unexpected PASSWORD_SPRAY and USER_AS_PASS Interaction

Open jetbennett opened this issue 1 year ago • 1 comments

Steps to reproduce

  1. use scanner/ssh/ssh_login
  2. set PASSWORD_SPRAY 1
  3. set USER_AS_PASS 1
  4. set USER_FILE ./usernames.txt
  5. set PASS_FILE ./passwords.txt
  6. set rhosts file:./targets.txt
  7. run

Expected behavior

If username.txt contains:

admin
root

And passwords.txt contains:

password

I expect the module to attempt the following credentials: admin:admin root:root admin:password root:password

Current behavior

Instead, makes the following attempts: password:password admin:password root:password

Metasploit version

6.4.20-dev

Additional Information

I believe the bug is related to the relatively recently implemented "PASSWORD_SPRAY" option.

jetbennett avatar Oct 01 '24 16:10 jetbennett

I managed to reproduce the issue on my side, and created a PR that seem to fix it. I am not familiar with the different steps for issues here, looking at this basecode for the first time, so not sure what the next steps are. (maybe this bug needed more triaging? 😓 )

Mathiou04 avatar Oct 10 '24 19:10 Mathiou04