capture ephone creds

lib/msf/core/auxiliary/cisco.rb

@@ -280,6 +280,20 @@ module Auxiliary::Cisco
             create_credential_and_login(cred)
           end
 
+        # This regex captures ephones from Cisco Unified Communications Manager Express (CUE) which come in forms like:
+        # username "phonefour" password 444444
+        # username test password test
+        # This is used for the voicemail system
+        when /^\s*username (?:")([^\s]+)(?:") password ([^\s]+)/i
+          user  = $1
+          spass = $2
+          print_good("#{thost}:#{tport} Phone Username '#{user}' with Password: #{spass}")
+          store_loot("cisco.ios.ephone.username_password", "text/plain", thost, "#{user}:#{spass}", "ephone_username_password.txt", "Cisco IOS ephone Username and Password")
+            cred = credential_data.dup
+            cred[:private_data] = spass
+            cred[:private_type] = :nonreplayable_hash
+            create_credential_and_login(cred)
+
         when /^\s*username ([^\s]+) (secret|password) (\d+) ([^\s]+)/i
           user  = $1
           stype = $3.to_i