Land rapid7#9436 - Fix cerberus_sftp_enumusers undefined method start for nil

wchen-r7 · wchen-r7 · commit 38d056b9308e · 2018-01-22T11:07:23.000-06:00
Land rapid7#9436 Thanks Steve!
diff --git a/modules/auxiliary/scanner/ssh/cerberus_sftp_enumusers.rb b/modules/auxiliary/scanner/ssh/cerberus_sftp_enumusers.rb
@@ -71,6 +71,8 @@ def check_vulnerable(ip)
       auth_methods:  ['password', 'keyboard-interactive'],
       use_agent:     false,
       config:        false,
+      password_prompt: Net::SSH::Prompt.new,
+      non_interactive: true,
       proxies:       datastore['Proxies']
     }
 
@@ -116,7 +118,10 @@ def check_user(ip, user, port)
 
     begin
       ::Timeout.timeout(datastore['SSH_TIMEOUT']) do
-        auth.authenticate("ssh-connection", user, pass)
+        begin
+          auth.authenticate("ssh-connection", user, pass)
+        rescue NoMethodError
+        end
         auth_method = auth.allowed_auth_methods.join('|')
         if auth_method != ''
           :success
