Now importing creds dumps inside msf zips

MSP-9948

Gemfile.lock

@@ -18,9 +18,9 @@ PATH
 PATH
   remote: /Users/trevor/rapid7/metasploit-credential
   specs:
-    metasploit-credential (0.5.5.pre.electro.pre.release)
+    metasploit-credential (0.6.1.pre.electro.pre.release)
       metasploit-concern (~> 0.1.0)
-      metasploit-model (>= 0.25.1, < 0.26)
+      metasploit-model (>= 0.25.3, < 0.26)
       metasploit_data_models (>= 0.18.0.pre.compatibility, < 0.19)
       rubyntlm
       rubyzip (~> 1.1)
@@ -62,12 +62,12 @@ GEM
       railties (>= 3.0.0)
     fivemat (1.2.1)
     hike (1.2.3)
-    i18n (0.6.9)
+    i18n (0.6.11)
     journey (1.0.4)
     json (1.8.1)
     metasploit-concern (0.1.1)
       activesupport (~> 3.0, >= 3.0.0)
-    metasploit-model (0.25.2)
+    metasploit-model (0.25.3)
       activesupport
     metasploit_data_models (0.18.0)
       activerecord (>= 3.2.13, < 4.0.0)

lib/msf/core/db.rb

@@ -3628,6 +3628,7 @@ class DBManager
     data.entries.each do |e|
       target = ::File.join(@import_filedata[:zip_tmp],e.name)
       data.extract(e,target)
+
       if target =~ /^.*.xml$/
         target_data = ::File.open(target, "rb") {|f| f.read 1024}
         if import_filetype_detect(target_data) == :msf_xml
@@ -3636,6 +3637,16 @@ class DBManager
       end
     end
 
+    # Import any creds if there are some in the import file
+    Dir.entries(@import_filedata[:zip_tmp]).each do |entry|
+      if entry =~ /^.*#{Regexp.quote(Metasploit::Credential::Exporter::Core::CREDS_DUMP_FILE_IDENTIFIER)}.*/
+        manifest_file_path = File.join(@import_filedata[:zip_tmp], entry, Metasploit::Credential::Importer::Zip::MANIFEST_FILE_NAME)
+        if File.exists? manifest_file_path
+          import_msf_cred_dump(manifest_file_path)
+        end
+      end
+    end
+
     # This will kick the newly-extracted XML file through
     # the import_file process all over again.
     if @import_filedata[:zip_extracted_xml]
@@ -3802,6 +3813,17 @@ class DBManager
     end
   end
 
+  # Import credentials given a path to a valid manifest file
+  # @param creds_dump_manifest_path [String]
+  # @return [void]
+  def import_msf_cred_dump(creds_dump_manifest_path)
+    manifest_file = File.open(creds_dump_manifest_path)
+    origin = Metasploit::Credential::Origin::Import.create!(filename: File.basename(creds_dump_manifest_path))
+    importer = Metasploit::Credential::Importer::Core.new(workspace: workspace, input: manifest_file, origin: origin)
+    importer.import!
+  end
+
+
   # @param report [REXML::Element] to be imported
   # @param args [Hash]
   # @param base_dir [String]

lib/msf/core/db_manager/import_msf_xml.rb

@@ -352,6 +352,7 @@ module Msf
 
           ## Handle old-style (pre 4.10) XML files
           if btag == "MetasploitV4"
+            if host.elements['creds'].present?
               unless host.elements['creds'].elements.empty?
                 origin = Metasploit::Credential::Origin::Import.create(filename: "console-import-#{Time.now.to_i}")
 
@@ -380,6 +381,7 @@ module Msf
                 end
               end
             end
+          end
 
 
           host.elements.each('sessions/session') do |sess|