Pass password_prompt and non_interactive to fix rapid7#8970

wchen-r7 · wchen-r7 · commit 85d018096b50 · 2018-01-22T11:06:12.000-06:00
Fix rapid7#8970
diff --git a/modules/auxiliary/scanner/ssh/cerberus_sftp_enumusers.rb b/modules/auxiliary/scanner/ssh/cerberus_sftp_enumusers.rb
@@ -71,6 +71,8 @@ def check_vulnerable(ip)
       auth_methods:  ['password', 'keyboard-interactive'],
       use_agent:     false,
       config:        false,
+      password_prompt: Net::SSH::Prompt.new,
+      non_interactive: true,
       proxies:       datastore['Proxies']
     }
 
@@ -81,10 +83,7 @@ def check_vulnerable(ip)
     end
 
     auth = Net::SSH::Authentication::Session.new(transport, opt_hash)
-    begin
-      auth.authenticate("ssh-connection", Rex::Text.rand_text_alphanumeric(8), Rex::Text.rand_text_alphanumeric(8))
-    rescue NoMethodError
-    end
+    auth.authenticate("ssh-connection", Rex::Text.rand_text_alphanumeric(8), Rex::Text.rand_text_alphanumeric(8))
     auth_method = auth.allowed_auth_methods.join('|')
     print_good "#{peer(ip)} Server Version: #{auth.transport.server_version.version}"
     report_service(
