Class: Metasploit::Credential::Pkcs12

Inherits:
Private
  • Object
show all
Defined in:
app/models/metasploit/credential/pkcs12.rb

Overview

A private Pkcs12 file.

Instance Attribute Summary collapse

Attributes inherited from Private

#cores, #created_at, #id, #type, #updated_at

Instance Method Summary collapse

Instance Attribute Details

#dataString

A private pkcs12 file, base64 encoded - i.e. starting with ‘MIIMhgIBAzCCDFAGCSqGSIb3DQEHAaCC.…’

Returns:

  • (String)

# File 'app/models/metasploit/credential/pkcs12.rb', line 11

#metadataJSONB

Metadata for this Pkcs12:

adcs_ca: The Certificate Authority that issued the certificate
adcs_template: The certificate template used to issue the certificate
pkcs12_password: The password to decrypt the Pkcs12

Returns:

  • (JSONB)

# File 'app/models/metasploit/credential/pkcs12.rb', line 16

Instance Method Details

#adcs_caString

The CA that issued the certificate

Returns:

  • (String)

55
56
57
# File 'app/models/metasploit/credential/pkcs12.rb', line 55

def adcs_ca
  ['adcs_ca']
end

#adcs_templateString

The certificate template used to issue the certificate

Returns:

  • (String)

62
63
64
# File 'app/models/metasploit/credential/pkcs12.rb', line 62

def adcs_template
  ['adcs_template']
end

#openssl_pkcs12OpenSSL::PKCS12

Converts the private pkcs12 data in #data to an ‘OpenSSL::PKCS12` instance.

Returns:

  • (OpenSSL::PKCS12)

Raises:

  • (ArgumentError)

    if #data cannot be loaded


84
85
86
87
88
89
90
91
92
93
# File 'app/models/metasploit/credential/pkcs12.rb', line 84

def openssl_pkcs12
  if data
    begin
      password = .fetch('pkcs12_password', '')
      OpenSSL::PKCS12.new(Base64.strict_decode64(data), password)
    rescue OpenSSL::PKCS12::PKCS12Error => error
      raise ArgumentError.new(error)
    end
  end
end

#pkcs12_passwordString

The password to decrypt the Pkcs12

Returns:

  • (String)

69
70
71
# File 'app/models/metasploit/credential/pkcs12.rb', line 69

def pkcs12_password
  ['pkcs12_password']
end

#statusString

The status if the certificate (active or inactive)

Returns:

  • (String)

76
77
78
# File 'app/models/metasploit/credential/pkcs12.rb', line 76

def status
  ['status']
end

#to_sString

The key data‘s fingerprint, suitable for displaying to the user. The Pkcs12 password is voluntarily not included.

Returns:

  • (String)

99
100
101
102
103
104
105
106
107
108
109
# File 'app/models/metasploit/credential/pkcs12.rb', line 99

def to_s
  return '' unless data

  cert = openssl_pkcs12.certificate
  result = []
  result << "subject:#{cert.subject.to_s}"
  result << "issuer:#{cert.issuer.to_s}"
  result << "ADCS CA:#{['adcs_ca']}" if ['adcs_ca']
  result << "ADCS template:#{['adcs_template']}" if ['adcs_template']
  result.join(',')
end