diff --git a/lib/msf/core/exploit/smb/client/psexec.rb b/lib/msf/core/exploit/smb/client/psexec.rb index 032815f069..7c11803849 100644 --- a/lib/msf/core/exploit/smb/client/psexec.rb +++ b/lib/msf/core/exploit/smb/client/psexec.rb @@ -418,49 +418,5 @@ module Exploit::Remote::SMB::Client::Psexec # Disconnect from the ADMIN$ simple.disconnect(share) end - - def report_auth - service_data = { - address: ::Rex::Socket.getaddress(datastore['RHOST'],true), - port: datastore['RPORT'], - service_name: 'smb', - protocol: 'tcp', - workspace_id: myworkspace_id - } - - credential_data = { - origin_type: :service, - module_fullname: self.fullname, - private_data: datastore['SMBPass'], - username: datastore['SMBUser'].downcase - } - - if datastore['SMBDomain'] and datastore['SMBDomain'] != 'WORKGROUP' - credential_data.merge!({ - realm_key: Metasploit::Model::Realm::Key::ACTIVE_DIRECTORY_DOMAIN, - realm_value: datastore['SMBDomain'] - }) - end - - if datastore['SMBPass'] =~ /[0-9a-fA-F]{32}:[0-9a-fA-F]{32}/ - credential_data.merge!({:private_type => :ntlm_hash}) - else - credential_data.merge!({:private_type => :password}) - end - - credential_data.merge!(service_data) - - credential_core = create_credential(credential_data) - - login_data = { - access_level: 'Admin', - core: credential_core, - last_attempted_at: DateTime.now, - status: Metasploit::Model::Login::Status::SUCCESSFUL - } - - login_data.merge!(service_data) - create_credential_login(login_data) - end end end diff --git a/modules/exploits/windows/smb/psexec.rb b/modules/exploits/windows/smb/psexec.rb index be923bd01a..a0572922e8 100644 --- a/modules/exploits/windows/smb/psexec.rb +++ b/modules/exploits/windows/smb/psexec.rb @@ -130,4 +130,48 @@ class MetasploitModule < Msf::Exploit::Remote handler disconnect end + + def report_auth + service_data = { + address: ::Rex::Socket.getaddress(datastore['RHOST'],true), + port: datastore['RPORT'], + service_name: 'smb', + protocol: 'tcp', + workspace_id: myworkspace_id + } + + credential_data = { + origin_type: :service, + module_fullname: self.fullname, + private_data: datastore['SMBPass'], + username: datastore['SMBUser'].downcase + } + + if datastore['SMBDomain'] and datastore['SMBDomain'] != 'WORKGROUP' + credential_data.merge!({ + realm_key: Metasploit::Model::Realm::Key::ACTIVE_DIRECTORY_DOMAIN, + realm_value: datastore['SMBDomain'] + }) + end + + if datastore['SMBPass'] =~ /[0-9a-fA-F]{32}:[0-9a-fA-F]{32}/ + credential_data.merge!({:private_type => :ntlm_hash}) + else + credential_data.merge!({:private_type => :password}) + end + + credential_data.merge!(service_data) + + credential_core = create_credential(credential_data) + + login_data = { + access_level: 'Admin', + core: credential_core, + last_attempted_at: DateTime.now, + status: Metasploit::Model::Login::Status::SUCCESSFUL + } + + login_data.merge!(service_data) + create_credential_login(login_data) + end end