From d1f7f93e4b2a71abb8f4c7d8402c4b9324548d86 Mon Sep 17 00:00:00 2001
From: David Maloney <DMaloney@rapid7.com>
Date: Wed, 4 Jun 2014 11:59:47 -0500
Subject: [PATCH] refactor mysql_hashdump

mysql_hashdump now uses Metasploit::Credential to
save hashes.
---
 .../auxiliary/scanner/mysql/mysql_hashdump.rb | 46 +++++++++----------
 1 file changed, 23 insertions(+), 23 deletions(-)

diff --git a/modules/auxiliary/scanner/mysql/mysql_hashdump.rb b/modules/auxiliary/scanner/mysql/mysql_hashdump.rb
index e249db4ff0..31d5f372f4 100644
--- a/modules/auxiliary/scanner/mysql/mysql_hashdump.rb
+++ b/modules/auxiliary/scanner/mysql/mysql_hashdump.rb
@@ -37,41 +37,41 @@ class Metasploit3 < Msf::Auxiliary
       return
     end
 
-    this_service = report_service(
-          :host  => datastore['RHOST'],
-          :port => datastore['RPORT'],
-          :name => 'mysql',
-          :proto => 'tcp'
-          )
+    service_data = {
+      address: ::Rex::Socket.getaddress(rhost,true),
+      port: rport,
+      service_name: 'mysql',
+      protocol: 'tcp',
+      workspace_id: myworkspace_id
+    }
 
+    credential_data = {
+        origin_type: :service,
+        jtr_format: 'mysql,mysql-sha1',
+        module_fullname: self.fullname,
+        private_type: :nonreplayable_hash
+    }
 
-    #create a table to store data
-    tbl = Rex::Ui::Text::Table.new(
-      'Header'  => 'MysQL Server Hashes',
-      'Indent'   => 1,
-      'Columns' => ['Username', 'Hash']
-    )
+    credential_data.merge!(service_data)
 
     if res.size > 0
       res.each do |row|
-        tbl << [row[0], row[1]]
+        credential_data[:username]     = row[0]
+        credential_data[:private_data] = row[1]
         print_good("Saving HashString as Loot: #{row[0]}:#{row[1]}")
+        credential_core = create_credential(credential_data)
+        login_data = {
+            core: credential_core,
+            status: Metasploit::Credential::Login::Status::UNTRIED
+        }
+        login_data.merge!(service_data)
+        create_credential_login(login_data)
       end
     end
 
-    report_hashes(tbl.to_csv, this_service) unless tbl.rows.empty?
-
-
   end
 
-  #Stores the Hash Table as Loot for Later Cracking
-  def report_hashes(hash_loot,service)
 
-    filename= "#{datastore['RHOST']}-#{datastore['RPORT']}_mysqlhashes.txt"
-    path = store_loot("mysql.hashes", "text/plain", datastore['RHOST'], hash_loot, filename, "MySQL Hashes",service)
-    print_status("Hash Table has been saved: #{path}")
-
-  end
 
 
 end