From 681a4c43c6172e92072b3b1f1bc553ec8785e779 Mon Sep 17 00:00:00 2001
From: James Barnett <James_Barnett@rapid7.com>
Date: Wed, 17 Apr 2019 12:37:59 -0500
Subject: [PATCH 1/2] Make user and pass options on cred lookup literal

Fixes #11555
---
 lib/msf/core/db_manager/cred.rb                | 4 ++--
 lib/msf/ui/console/command_dispatcher/creds.rb | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/msf/core/db_manager/cred.rb b/lib/msf/core/db_manager/cred.rb
index ad23f14a14..efffd84622 100644
--- a/lib/msf/core/db_manager/cred.rb
+++ b/lib/msf/core/db_manager/cred.rb
@@ -29,12 +29,12 @@ module Msf::DBManager::Cred
 
       if opts[:user].present?
         # If we have a user regex, only include those that match
-        query = query.where('"metasploit_credential_publics"."username" ~* ?', opts[:user])
+        query = query.where('"metasploit_credential_publics"."username" = ?', opts[:user])
       end
 
       if opts[:pass].present?
         # If we have a password regex, only include those that match
-        query = query.where('"metasploit_credential_privates"."data" ~* ?', opts[:pass])
+        query = query.where('"metasploit_credential_privates"."data" = ?', opts[:pass])
       end
 
       if opts[:host_ranges] || opts[:ports] || opts[:svcs]
diff --git a/lib/msf/ui/console/command_dispatcher/creds.rb b/lib/msf/ui/console/command_dispatcher/creds.rb
index 49937e33f4..3901fc44c0 100644
--- a/lib/msf/ui/console/command_dispatcher/creds.rb
+++ b/lib/msf/ui/console/command_dispatcher/creds.rb
@@ -172,10 +172,10 @@ class Creds
     print_line "  -d,--delete           Delete one or more credentials"
     print_line
     print_line "Filter options for listing"
-    print_line "  -P,--password <regex> List passwords that match this regex"
+    print_line "  -P,--password <text>  List passwords that match this text"
     print_line "  -p,--port <portspec>  List creds with logins on services matching this port spec"
     print_line "  -s <svc names>        List creds matching comma-separated service names"
-    print_line "  -u,--user <regex>     List users that match this regex"
+    print_line "  -u,--user <text>      List users that match this text"
     print_line "  -t,--type <type>      List creds that match the following types: #{allowed_cred_types.join(',')}"
     print_line "  -O,--origins <IP>     List creds that match these origins"
     print_line "  -R,--rhosts           Set RHOSTS from the results of the search"

From 0c1d63c0ce21098dcba326531a629909c7289242 Mon Sep 17 00:00:00 2001
From: James Barnett <James_Barnett@rapid7.com>
Date: Wed, 17 Apr 2019 13:00:42 -0500
Subject: [PATCH 2/2] Update comments as regex is no longer supported

---
 lib/msf/core/db_manager/cred.rb | 2 --
 1 file changed, 2 deletions(-)

diff --git a/lib/msf/core/db_manager/cred.rb b/lib/msf/core/db_manager/cred.rb
index efffd84622..ca94d78953 100644
--- a/lib/msf/core/db_manager/cred.rb
+++ b/lib/msf/core/db_manager/cred.rb
@@ -28,12 +28,10 @@ module Msf::DBManager::Cred
       end
 
       if opts[:user].present?
-        # If we have a user regex, only include those that match
         query = query.where('"metasploit_credential_publics"."username" = ?', opts[:user])
       end
 
       if opts[:pass].present?
-        # If we have a password regex, only include those that match
         query = query.where('"metasploit_credential_privates"."data" = ?', opts[:pass])
       end