infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixes Cred Sourcing in report_auth_info() for post modules. 

git-svn-id: file:///home/svn/framework3/trunk@14187 4d416f70-5f16-0410-b530-b9f4589650da
unstable
David Maloney 2011-11-08 03:34:49 +00:00
parent 28c2408fdd
commit 2d80d1e144
14 changed files with 43 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
modules/post/windows/gather/credentials/coreftp.rb
View File

@ -59,9 +59,15 @@ class Metasploit3 < Msf::Post
print_good("Host: #{host} Port: #{port} User: #{user} Password: #{pass}") print_good("Host: #{host} Port: #{port} User: #{user} Password: #{pass}")
auth = auth =
{ {
:host => host, :port => port, :sname => 'ftp', :host => host,
:user => user, :pass => pass, :port => port,
:type => 'password', :active => true :sname => 'ftp',
:user => user,
:pass => pass,
:type => 'password',
:source_id => session.db_record.id,
:source_type => "exploit",
:active => true
} }
report_auth_info(auth) report_auth_info(auth)
end end

2
modules/post/windows/gather/credentials/credential_collector.rb
View File

@ -63,6 +63,8 @@ class Metasploit3 < Msf::Post
data[:user] = hash.user_name data[:user] = hash.user_name
data[:pass] = hash.lanman + ":" + hash.ntlm data[:pass] = hash.lanman + ":" + hash.ntlm
data[:type] = "smb_hash" data[:type] = "smb_hash"
data[:source_id] = session.db_record.id,
data[:source_type] = "exploit",
data[:active] = true data[:active] = true
print_line " Extracted: #{data[:user]}:#{data[:pass]}" print_line " Extracted: #{data[:user]}:#{data[:pass]}"

2
modules/post/windows/gather/credentials/enum_cred_store.rb
View File

@ -166,6 +166,8 @@ class Metasploit3 < Msf::Post
:user => cred["username"], :user => cred["username"],
:pass => cred["password"], :pass => cred["password"],
:type => 'password', :type => 'password',
:source_id => session.db_record.id,
:source_type => "exploit",
:active => true :active => true
} }

2
modules/post/windows/gather/credentials/epo_sql.rb
View File

@ -148,6 +148,8 @@ class Metasploit3 < Msf::Post
:sname => 'mssql', :sname => 'mssql',
:user => full_user, :user => full_user,
:pass => plaintext_passwd, :pass => plaintext_passwd,
:source_id => session.db_record.id,
:source_type => "exploit",
:active => true :active => true
) )
print_good("Added credentials to report database") print_good("Added credentials to report database")

4
modules/post/windows/gather/credentials/filezilla_server.rb
View File

@ -157,6 +157,8 @@ class Metasploit3 < Msf::Post
:user => cred['user'], :user => cred['user'],
:pass => cred['password'], :pass => cred['password'],
:ptype => "MD5 hash", :ptype => "MD5 hash",
:source_id => session.db_record.id,
:source_type => "exploit",
:target_host => config['ftp_bindip'], :target_host => config['ftp_bindip'],
:target_port => config['ftp_port'] :target_port => config['ftp_port']
) )
@ -190,6 +192,8 @@ class Metasploit3 < Msf::Post
:user => 'admin', :user => 'admin',
:pass => config['admin_pass'], :pass => config['admin_pass'],
:type => "password", :type => "password",
:source_id => session.db_record.id,
:source_type => "exploit",
:target_host => config['admin_bindip'], :target_host => config['admin_bindip'],
:target_port => config['admin_port'] :target_port => config['admin_port']
) )

2
modules/post/windows/gather/credentials/flashfxp.rb
View File

@ -93,6 +93,8 @@ class Metasploit3 < Msf::Post
:host => host, :host => host,
:port => port, :port => port,
:sname => 'FTP', :sname => 'FTP',
:source_id => session.db_record.id,
:source_type => "exploit",
:user => username, :user => username,
:pass => passwd) :pass => passwd)
end end

2
modules/post/windows/gather/credentials/ftpnavigator.rb
View File

@ -79,6 +79,8 @@ class Metasploit3 < Msf::Post
:host => server, :host => server,
:port => port, :port => port,
:sname => 'ftp', :sname => 'ftp',
:source_id => session.db_record.id,
:source_type => "exploit",
:user => username, :user => username,
:pass => dpass :pass => dpass
) )

2
modules/post/windows/gather/credentials/mremote.rb
View File

@ -91,6 +91,8 @@ class Metasploit3 < Msf::Post
:host => host, :host => host,
:port => port, :port => port,
:sname => proto, :sname => proto,
:source_id => session.db_record.id,
:source_type => "exploit",
:user => user, :user => user,
:pass => pass) :pass => pass)
end end

4
modules/post/windows/gather/credentials/outlook.rb
View File

@ -308,6 +308,8 @@ class Metasploit3 < Msf::Post
:host => host, :host => host,
:port => portnum, :port => portnum,
:sname => type, :sname => type,
:source_id => session.db_record.id,
:source_type => "exploit",
:user => user, :user => user,
:pass => pass) :pass => pass)
#print_status("CHK report_auth_info: host = #{host}, port= #{portnum}, sname= #{type}, user= #{user}, pass= #{pass}") #print_status("CHK report_auth_info: host = #{host}, port= #{portnum}, sname= #{type}, user= #{user}, pass= #{pass}")
@ -318,6 +320,8 @@ class Metasploit3 < Msf::Post
:host => smtp_server, :host => smtp_server,
:port => smtp_port, :port => smtp_port,
:sname => "SMTP", :sname => "SMTP",
:source_id => session.db_record.id,
:source_type => "exploit",
:user => smtp_user, :user => smtp_user,
:pass => smtp_decrypted_password) :pass => smtp_decrypted_password)
#print_status("SMTP report_auth_info: host = #{smtp_server}, port= #{smtp_port}, sname= SMTP, user= #{smtp_user}, pass= #{smtp_decrypted_password}") #print_status("SMTP report_auth_info: host = #{smtp_server}, port= #{smtp_port}, sname= SMTP, user= #{smtp_user}, pass= #{smtp_decrypted_password}")

2
modules/post/windows/gather/credentials/smartftp.rb
View File

@ -116,6 +116,8 @@ class Metasploit3 < Msf::Post
report_auth_info( report_auth_info(
:host => host, :host => host,
:port => port, :port => port,
:source_id => session.db_record.id,
:source_type => "exploit",
:user => user, :user => user,
:pass => pass :pass => pass
) )

2
modules/post/windows/gather/credentials/total_commander.rb
View File

@ -160,6 +160,8 @@ class Metasploit3 < Msf::Post
:host => host, :host => host,
:port => port, :port => port,
:sname => 'FTP', :sname => 'FTP',
:source_id => session.db_record.id,
:source_type => "exploit",
:user => username, :user => username,
:pass => passwd :pass => passwd
) )

4
modules/post/windows/gather/credentials/vnc.rb
View File

@ -231,6 +231,8 @@ class Metasploit3 < Msf::Post
:sname => 'vnc', :sname => 'vnc',
:pass => "#{e[:pass]}", :pass => "#{e[:pass]}",
:port => "#{e[:port]}", :port => "#{e[:port]}",
:source_id => session.db_record.id,
:source_type => "exploit",
:type => 'password' :type => 'password'
) )
end end
@ -241,6 +243,8 @@ class Metasploit3 < Msf::Post
:sname => 'vnc', :sname => 'vnc',
:viewonly_pass => "#{e[:viewonly_pass]}", :viewonly_pass => "#{e[:viewonly_pass]}",
:port => "#{e[:port]}", :port => "#{e[:port]}",
:source_id => session.db_record.id,
:source_type => "exploit",
:type => 'password_ro' :type => 'password_ro'
) )
end end

4
modules/post/windows/gather/credentials/winscp.rb
View File

@ -99,6 +99,8 @@ class Metasploit3 < Msf::Post
:host => host, :host => host,
:port => portnum, :port => portnum,
:sname => proto, :sname => proto,
:source_id => session.db_record.id,
:source_type => "exploit",
:user => user, :user => user,
:pass => pass :pass => pass
) )
@ -164,6 +166,8 @@ class Metasploit3 < Msf::Post
:host => host, :host => host,
:port => portnum, :port => portnum,
:sname => proto, :sname => proto,
:source_id => session.db_record.id,
:source_type => "exploit",
:user => user, :user => user,
:pass => pass :pass => pass
) )

2
modules/post/windows/gather/credentials/wsftp_client.rb
View File

@ -76,6 +76,8 @@ class Metasploit3 < Msf::Post
:host => host, :host => host,
:port => port, :port => port,
:sname => 'FTP', :sname => 'FTP',
:source_id => session.db_record.id,
:source_type => "exploit",
:user => username, :user => username,
:pass => passwd) :pass => passwd)
end end