Now importing creds dumps inside msf zips

MSP-9948

Gemfile.lock

@@ -18,9 +18,9 @@ PATH
 PATH
   remote: /Users/trevor/rapid7/metasploit-credential
   specs:
-    metasploit-credential (0.5.5.pre.electro.pre.release)
+    metasploit-credential (0.6.1.pre.electro.pre.release)
       metasploit-concern (~> 0.1.0)
-      metasploit-model (>= 0.25.1, < 0.26)
+      metasploit-model (>= 0.25.3, < 0.26)
       metasploit_data_models (>= 0.18.0.pre.compatibility, < 0.19)
       rubyntlm
       rubyzip (~> 1.1)
@@ -62,12 +62,12 @@ GEM
       railties (>= 3.0.0)
     fivemat (1.2.1)
     hike (1.2.3)
-    i18n (0.6.9)
+    i18n (0.6.11)
     journey (1.0.4)
     json (1.8.1)
     metasploit-concern (0.1.1)
       activesupport (~> 3.0, >= 3.0.0)
-    metasploit-model (0.25.2)
+    metasploit-model (0.25.3)
       activesupport
     metasploit_data_models (0.18.0)
       activerecord (>= 3.2.13, < 4.0.0)

lib/msf/core/db.rb

@@ -3628,6 +3628,7 @@ class DBManager
     data.entries.each do |e|
       target = ::File.join(@import_filedata[:zip_tmp],e.name)
       data.extract(e,target)
+
       if target =~ /^.*.xml$/
         target_data = ::File.open(target, "rb") {|f| f.read 1024}
         if import_filetype_detect(target_data) == :msf_xml
@@ -3636,6 +3637,16 @@ class DBManager
       end
     end
 
+    # Import any creds if there are some in the import file
+    Dir.entries(@import_filedata[:zip_tmp]).each do |entry|
+      if entry =~ /^.*#{Regexp.quote(Metasploit::Credential::Exporter::Core::CREDS_DUMP_FILE_IDENTIFIER)}.*/
+        manifest_file_path = File.join(@import_filedata[:zip_tmp], entry, Metasploit::Credential::Importer::Zip::MANIFEST_FILE_NAME)
+        if File.exists? manifest_file_path
+          import_msf_cred_dump(manifest_file_path)
+        end
+      end
+    end
+
     # This will kick the newly-extracted XML file through
     # the import_file process all over again.
     if @import_filedata[:zip_extracted_xml]
@@ -3802,6 +3813,17 @@ class DBManager
     end
   end
 
+  # Import credentials given a path to a valid manifest file
+  # @param creds_dump_manifest_path [String]
+  # @return [void]
+  def import_msf_cred_dump(creds_dump_manifest_path)
+    manifest_file = File.open(creds_dump_manifest_path)
+    origin = Metasploit::Credential::Origin::Import.create!(filename: File.basename(creds_dump_manifest_path))
+    importer = Metasploit::Credential::Importer::Core.new(workspace: workspace, input: manifest_file, origin: origin)
+    importer.import!
+  end
+
+
   # @param report [REXML::Element] to be imported
   # @param args [Hash]
   # @param base_dir [String]

lib/msf/core/db_manager/import_msf_xml.rb

@@ -352,31 +352,33 @@ module Msf
 
           ## Handle old-style (pre 4.10) XML files
           if btag == "MetasploitV4"
-            unless host.elements['creds'].elements.empty?
-              origin = Metasploit::Credential::Origin::Import.create(filename: "console-import-#{Time.now.to_i}")
+            if host.elements['creds'].present?
+              unless host.elements['creds'].elements.empty?
+                origin = Metasploit::Credential::Origin::Import.create(filename: "console-import-#{Time.now.to_i}")
 
-              host.elements.each('creds/cred') do |cred|
-                username = cred.elements['user'].try(:text)
-                proto    = cred.elements['proto'].try(:text)
-                sname    = cred.elements['sname'].try(:text)
-                port     = cred.elements['port'].try(:text)
+                host.elements.each('creds/cred') do |cred|
+                  username = cred.elements['user'].try(:text)
+                  proto    = cred.elements['proto'].try(:text)
+                  sname    = cred.elements['sname'].try(:text)
+                  port     = cred.elements['port'].try(:text)
 
-                # Handle blanks by resetting to sane default values
-                proto   = "tcp" if proto.blank?
-                pass     = cred.elements['pass'].try(:text)
-                pass     = "" if pass == "*MASKED*"
+                  # Handle blanks by resetting to sane default values
+                  proto   = "tcp" if proto.blank?
+                  pass     = cred.elements['pass'].try(:text)
+                  pass     = "" if pass == "*MASKED*"
 
-                private = create_credential_private(private_data: pass, private_type: :password)
-                public  = create_credential_public(username: username)
-                core    = create_credential_core(private: private, public: public, origin: origin, workspace_id: wspace.id)
+                  private = create_credential_private(private_data: pass, private_type: :password)
+                  public  = create_credential_public(username: username)
+                  core    = create_credential_core(private: private, public: public, origin: origin, workspace_id: wspace.id)
 
-                create_credential_login(core: core,
-                                        workspace_id: wspace.id,
-                                        address: hobj.address,
-                                        port: port,
-                                        protocol: proto,
-                                        service_name: sname,
-                                        status: Metasploit::Credential::Login::Status::UNTRIED)
+                  create_credential_login(core: core,
+                                          workspace_id: wspace.id,
+                                          address: hobj.address,
+                                          port: port,
+                                          protocol: proto,
+                                          service_name: sname,
+                                          status: Metasploit::Credential::Login::Status::UNTRIED)
+                end
               end
             end
           end