diff --git a/modules/auxiliary/scanner/mysql/mysql_hashdump.rb b/modules/auxiliary/scanner/mysql/mysql_hashdump.rb index e249db4ff0..31d5f372f4 100644 --- a/modules/auxiliary/scanner/mysql/mysql_hashdump.rb +++ b/modules/auxiliary/scanner/mysql/mysql_hashdump.rb @@ -37,41 +37,41 @@ class Metasploit3 < Msf::Auxiliary return end - this_service = report_service( - :host => datastore['RHOST'], - :port => datastore['RPORT'], - :name => 'mysql', - :proto => 'tcp' - ) + service_data = { + address: ::Rex::Socket.getaddress(rhost,true), + port: rport, + service_name: 'mysql', + protocol: 'tcp', + workspace_id: myworkspace_id + } + credential_data = { + origin_type: :service, + jtr_format: 'mysql,mysql-sha1', + module_fullname: self.fullname, + private_type: :nonreplayable_hash + } - #create a table to store data - tbl = Rex::Ui::Text::Table.new( - 'Header' => 'MysQL Server Hashes', - 'Indent' => 1, - 'Columns' => ['Username', 'Hash'] - ) + credential_data.merge!(service_data) if res.size > 0 res.each do |row| - tbl << [row[0], row[1]] + credential_data[:username] = row[0] + credential_data[:private_data] = row[1] print_good("Saving HashString as Loot: #{row[0]}:#{row[1]}") + credential_core = create_credential(credential_data) + login_data = { + core: credential_core, + status: Metasploit::Credential::Login::Status::UNTRIED + } + login_data.merge!(service_data) + create_credential_login(login_data) end end - report_hashes(tbl.to_csv, this_service) unless tbl.rows.empty? - - end - #Stores the Hash Table as Loot for Later Cracking - def report_hashes(hash_loot,service) - filename= "#{datastore['RHOST']}-#{datastore['RPORT']}_mysqlhashes.txt" - path = store_loot("mysql.hashes", "text/plain", datastore['RHOST'], hash_loot, filename, "MySQL Hashes",service) - print_status("Hash Table has been saved: #{path}") - - end end