Merge pull request #43 from rapid7/feature/MSP-9721/tomcat_deploy

Specs aside from known POP3 fail passing, functional steps passing.

MSP-9721 #land
MSP-9722 #land

modules/exploits/multi/http/tomcat_mgr_deploy.rb

@@ -118,15 +118,7 @@ class Metasploit3 < Msf::Exploit::Remote
       return CheckCode::Unknown
     end
 
-    report_auth_info(
-      :host   => rhost,
-      :port   => rport,
-      :sname  => (ssl ? "https" : "http"),
-      :user   => datastore['USERNAME'],
-      :pass   => datastore['PASSWORD'],
-      :proof  => "WEBAPP=\"Tomcat Manager App\", VHOST=#{vhost}, PATH=#{datastore['PATH']}",
-      :active => true
-    )
+    report_tomcat_credential
 
     vprint_status("Target is #{detect_platform(res.body)} #{detect_arch(res.body)}")
     return CheckCode::Appears
@@ -209,15 +201,7 @@ class Metasploit3 < Msf::Exploit::Remote
       fail_with(Failure::Unknown, "Upload failed on #{path_tmp} [#{res.code} #{res.message}]")
     end
 
-    report_auth_info(
-      :host   => rhost,
-      :port   => rport,
-      :sname  => (ssl ? "https" : "http"),
-      :user   => datastore['USERNAME'],
-      :pass   => datastore['PASSWORD'],
-      :proof  => "WEBAPP=\"Tomcat Manager App\", VHOST=#{vhost}, PATH=#{datastore['PATH']}",
-      :active => true
-    )
+    report_tomcat_credential
 
     #
     # EXECUTE
@@ -315,4 +299,35 @@ class Metasploit3 < Msf::Exploit::Remote
     }
   end
 
+  def report_tomcat_credential
+    service_data = {
+        address: ::Rex::Socket.getaddress(datastore['RHOST'],true),
+        port: datastore['RPORT'],
+        service_name: (ssl ? "https" : "http"),
+        protocol: 'tcp',
+        workspace_id: myworkspace_id
+    }
+
+    credential_data = {
+        origin_type: :service,
+        module_fullname: self.fullname,
+        private_type: :password,
+        private_data: datastore['USERNAME'],
+        username: datastore['PASSWORD'].downcase
+    }
+
+    credential_data.merge!(service_data)
+
+    credential_core = create_credential(credential_data)
+
+    login_data = {
+        access_level: 'Admin',
+        core: credential_core,
+        last_attempted_at: DateTime.now,
+        status: Metasploit::Credential::Login::Status::SUCCESSFUL
+    }
+    login_data.merge!(service_data)
+    create_credential_login(login_data)
+  end
+
 end

modules/exploits/multi/http/tomcat_mgr_upload.rb

@@ -126,15 +126,7 @@ class Metasploit3 < Msf::Exploit::Remote
 
     vprint_status("#{peer} - Tomcat Manager found running on #{plat} platform and #{arch} architecture")
 
-    report_auth_info(
-      :host   => rhost,
-      :port   => rport,
-      :sname  => (ssl ? "https" : "http"),
-      :user   => datastore['USERNAME'],
-      :pass   => datastore['PASSWORD'],
-      :proof  => "WEBAPP=\"Tomcat Manager App\", VHOST=#{vhost}, PATH=#{datastore['PATH']}",
-      :active => true
-    )
+    report_tomcat_credential
 
     return CheckCode::Appears
   end
@@ -156,15 +148,7 @@ class Metasploit3 < Msf::Exploit::Remote
     #
     print_status("#{peer} - Uploading and deploying #{@app_base}...")
     if upload_payload
-      report_auth_info(
-        :host   => rhost,
-        :port   => rport,
-        :sname  => (ssl ? "https" : "http"),
-        :user   => datastore['USERNAME'],
-        :pass   => datastore['PASSWORD'],
-        :proof  => "WEBAPP=\"Tomcat Manager App\", VHOST=#{vhost}, PATH=#{datastore['PATH']}",
-        :active => true
-      )
+      report_tomcat_credential
     else
       fail_with(Failure::Unknown, "Upload failed")
     end
@@ -423,4 +407,35 @@ class Metasploit3 < Msf::Exploit::Remote
     return true
   end
 
+  def report_tomcat_credential
+    service_data = {
+        address: ::Rex::Socket.getaddress(datastore['RHOST'],true),
+        port: datastore['RPORT'],
+        service_name: (ssl ? "https" : "http"),
+        protocol: 'tcp',
+        workspace_id: myworkspace_id
+    }
+
+    credential_data = {
+        origin_type: :service,
+        module_fullname: self.fullname,
+        private_type: :password,
+        private_data: datastore['USERNAME'],
+        username: datastore['PASSWORD'].downcase
+    }
+
+    credential_data.merge!(service_data)
+
+    credential_core = create_credential(credential_data)
+
+    login_data = {
+        access_level: 'Admin',
+        core: credential_core,
+        last_attempted_at: DateTime.now,
+        status: Metasploit::Credential::Login::Status::SUCCESSFUL
+    }
+    login_data.merge!(service_data)
+    create_credential_login(login_data)
+  end
+
 end