diff --git a/modules/auxiliary/scanner/postgres/postgres_hashdump.rb b/modules/auxiliary/scanner/postgres/postgres_hashdump.rb index 93360ff4fb..096fd8595f 100644 --- a/modules/auxiliary/scanner/postgres/postgres_hashdump.rb +++ b/modules/auxiliary/scanner/postgres/postgres_hashdump.rb @@ -53,12 +53,6 @@ class Metasploit3 < Msf::Auxiliary print_status("Query appears to have run successfully") end - this_service = report_service( - :host => datastore['RHOST'], - :port => datastore['RPORT'], - :name => 'postgres', - :proto => 'tcp' - ) tbl = Rex::Ui::Text::Table.new( 'Header' => 'Postgres Server Hashes', @@ -66,6 +60,22 @@ class Metasploit3 < Msf::Auxiliary 'Columns' => ['Username', 'Hash'] ) + service_data = { + address: ::Rex::Socket.getaddress(rhost,true), + port: rport, + service_name: 'postgres', + protocol: 'tcp', + workspace_id: myworkspace_id + } + + credential_data = { + origin_type: :service, + jtr_format: 'raw-md5', + module_fullname: self.fullname, + private_type: :nonreplayable_hash + } + + credential_data.merge!(service_data) res[:complete].rows.each do |row| @@ -73,23 +83,24 @@ class Metasploit3 < Msf::Auxiliary next if row[0].empty? or row[1].empty? password = row[1] password.slice!(0,3) + + credential_data[:username] = row[0] + credential_data[:private_data] = password + + credential_core = create_credential(credential_data) + login_data = { + core: credential_core, + status: Metasploit::Credential::Login::Status::UNTRIED + } + login_data.merge!(service_data) + create_credential_login(login_data) + tbl << [row[0], password] end print_good("#{tbl.to_s}") - report_hash(tbl.to_csv,this_service) - end - #Reports the Stolen Hashes back to the Database for later cracking - def report_hash(hashtable,service) - filename= "#{datastore['RHOST']}-#{datastore['RPORT']}_postgreshashes.txt" - path = store_loot("postgres.hashes", "text/plain", datastore['RHOST'], hashtable, filename, "Postgres Hashes",service) - print_status("Hash Table has been saved: #{path}") - - end - - end