From e22334343e44c966ed0323f1ddaff5d26052f758 Mon Sep 17 00:00:00 2001 From: William Vu Date: Wed, 7 Jun 2017 23:49:44 -0500 Subject: [PATCH] Use store_valid_credential in my modules I used report_note because using the creds API was a pain in the ass. --- modules/auxiliary/gather/qnap_backtrace_admin_hash.rb | 9 ++++----- modules/exploits/linux/ssh/ubiquiti_airos_file_upload.rb | 9 ++++----- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/modules/auxiliary/gather/qnap_backtrace_admin_hash.rb b/modules/auxiliary/gather/qnap_backtrace_admin_hash.rb index 597ea66365..d687794b49 100644 --- a/modules/auxiliary/gather/qnap_backtrace_admin_hash.rb +++ b/modules/auxiliary/gather/qnap_backtrace_admin_hash.rb @@ -90,11 +90,10 @@ class MetasploitModule < Msf::Auxiliary if admin_hash print_good("Hopefully this is your hash: #{admin_hash}") - report_note( - host: rhost, - port: rport, - type: 'qnap.admin.hash', - data: admin_hash + store_valid_credential( + user: 'admin', + private: admin_hash, + private_type: :nonreplayable_hash ) else print_error('Looks like we didn\'t find the hash :(') diff --git a/modules/exploits/linux/ssh/ubiquiti_airos_file_upload.rb b/modules/exploits/linux/ssh/ubiquiti_airos_file_upload.rb index 53faeb8daa..97b02fc97c 100644 --- a/modules/exploits/linux/ssh/ubiquiti_airos_file_upload.rb +++ b/modules/exploits/linux/ssh/ubiquiti_airos_file_upload.rb @@ -148,11 +148,10 @@ class MetasploitModule < Msf::Exploit::Remote refs: self.references, info: ssh.transport.server_version.version ) - report_note( - host: rhost, - port: datastore['SSH_PORT'], - type: 'airos.ssh.key', - data: private_key + store_valid_credential( + user: username, + private: private_key, + private_type: :ssh_key ) return Net::SSH::CommandStream.new(ssh, '/bin/sh', true) end