From ac94f8e861969bfa83b9f99e248e289f8bea6cda Mon Sep 17 00:00:00 2001 From: William Vu Date: Wed, 11 Jun 2014 13:04:58 -0500 Subject: [PATCH] Refactor bulletproof_ftp creds --- .../gather/credentials/bulletproof_ftp.rb | 43 +++++++++++-------- 1 file changed, 26 insertions(+), 17 deletions(-) diff --git a/modules/post/windows/gather/credentials/bulletproof_ftp.rb b/modules/post/windows/gather/credentials/bulletproof_ftp.rb index fb253f037c..f60bf65c85 100644 --- a/modules/post/windows/gather/credentials/bulletproof_ftp.rb +++ b/modules/post/windows/gather/credentials/bulletproof_ftp.rb @@ -182,12 +182,6 @@ class Metasploit3 < Msf::Post def report_findings(entries) - if session.db_record - source_id = session.db_record.id - else - source_id = nil - end - entries.each{ |entry| @credentials << [ entry[:site_name], @@ -199,17 +193,32 @@ class Metasploit3 < Msf::Post entry[:local_dir] ] - report_auth_info( - :host => entry[:site_address], - :port => entry[:port], - :proto => 'tcp', - :sname => 'ftp', - :user => entry[:login], - :pass => entry[:password], - :ptype => 'password', - :source_id => source_id, - :source_type => "exploit" - ) + service_data = { + address: Rex::Socket.getaddress(entry[:site_address]), + port: entry[:port], + protocol: "tcp", + service_name: "ftp", + workspace_id: myworkspace_id + } + + credential_data = { + origin_type: :session, + session_id: session_db_id, + post_reference_name: self.refname, + username: entry[:login], + private_data: entry[:password], + private_type: :password + } + + credential_core = create_credential(credential_data.merge(service_data)) + + login_data = { + core: credential_core, + access_level: "User", + status: Metasploit::Credential::Login::Status::UNTRIED + } + + create_credential_login(login_data.merge(service_data)) } end