File tree Expand file tree Collapse file tree 2 files changed +131
-94
lines changed
ui/console/command_dispatcher Expand file tree Collapse file tree 2 files changed +131
-94
lines changed Original file line number Diff line number Diff line change 22
33require 'rex/post/meterpreter/extensions/kiwi/tlv'
44require 'rexml/document'
5+ require 'set'
56
67module Rex
78module Post
@@ -283,9 +284,12 @@ def scrape_passwords(pwd_id)
283284 request . add_tlv ( TLV_TYPE_KIWI_PWD_ID , pwd_id )
284285 response = client . send_request ( request )
285286
287+ # keep track of unique entries
288+ uniques = Set . new
289+
286290 results = [ ]
287291 response . each ( TLV_TYPE_KIWI_PWD_RESULT ) do |r |
288- results << {
292+ result = {
289293 :username => r . get_tlv_value ( TLV_TYPE_KIWI_PWD_USERNAME ) ,
290294 :domain => r . get_tlv_value ( TLV_TYPE_KIWI_PWD_DOMAIN ) ,
291295 :password => r . get_tlv_value ( TLV_TYPE_KIWI_PWD_PASSWORD ) ,
@@ -294,6 +298,17 @@ def scrape_passwords(pwd_id)
294298 :lm => r . get_tlv_value ( TLV_TYPE_KIWI_PWD_LMHASH ) ,
295299 :ntlm => r . get_tlv_value ( TLV_TYPE_KIWI_PWD_NTLMHASH )
296300 }
301+
302+ # generate a "unique" set identifier based on the domain/user/pass. We
303+ # don't use the whole object because the auth hi/low might be different
304+ # but everything else might be the same. Join with non-printable, as this
305+ # can't appear in passwords anyway.
306+ set_id = [ result [ :domain ] , result [ :username ] , result [ :password ] ] . join ( "\x01 " )
307+
308+ # only add to the result list if we don't already have it
309+ if uniques . add? ( set_id )
310+ results << result
311+ end
297312 end
298313
299314 return results
You can’t perform that action at this time.
0 commit comments