Land #5485, @wchen-r7 updates wordpress_login_enum to use the new cred API

2015-06-19 10:50:07 -05:00 · 2015-06-19 10:50:07 -05:00 · ebd376e0f3
parent 7f56b4635c dfae4bbbf0
commit ebd376e0f3
1 changed files with 51 additions and 14 deletions
--- a/modules/auxiliary/scanner/http/wordpress_login_enum.rb
+++ b/modules/auxiliary/scanner/http/wordpress_login_enum.rb
@ -100,18 +100,54 @@ class Metasploit3 < Msf::Auxiliary
    end
  end

+
+  def report_cred(opts)
+    service_data = {
+      address: opts[:ip],
+      port: opts[:port],
+      service_name: ssl ? 'https' : 'http',
+      protocol: 'tcp',
+      workspace_id: myworkspace_id
+    }
+
+    credential_data = {
+      origin_type: :service,
+      module_fullname: fullname,
+      username: opts[:user]
+    }.merge(service_data)
+
+    if opts[:password]
+      credential_data.merge!(
+        private_data: opts[:password],
+        private_type: :password
+      )
+    end
+
+    login_data = {
+      core: create_credential(credential_data),
+      status: opts[:status]
+    }.merge(service_data)
+
+    if opts[:attempt_time]
+      login_data.merge!(last_attempted_at: opts[:attempt_time])
+    end
+
+    create_credential_login(login_data)
+  end
+
+
  def validate_user(user=nil)
    print_status("#{target_uri} - WordPress User-Validation - Checking Username:'#{user}'")

    exists = wordpress_user_exists?(user)
    if exists
      print_good("#{target_uri} - WordPress User-Validation - Username: '#{user}' - is VALID")
-      report_auth_info(
-          :host => rhost,
-          :sname => (ssl ? 'https' : 'http'),
-          :user => user,
-          :port => rport,
-          :proof => "WEBAPP=\"Wordpress\", VHOST=#{vhost}"
+
+      report_cred(
+        ip: rhost,
+        port: rport,
+        user: user,
+        status: Metasploit::Model::Login::Status::UNTRIED
      )

      @users_found[user] = :reported
@ -130,15 +166,16 @@ class Metasploit3 < Msf::Auxiliary

    if cookie
      print_good("#{target_uri} - WordPress Brute Force - SUCCESSFUL login for '#{user}' : '#{pass}'")
-      report_auth_info(
-          :host => rhost,
-          :port => rport,
-          :sname => (ssl ? 'https' : 'http'),
-          :user => user,
-          :pass => pass,
-          :proof => "WEBAPP=\"Wordpress\", VHOST=#{vhost}, COOKIE=#{cookie}",
-          :active => true
+
+      report_cred(
+        ip: rhost,
+        port: rport,
+        user: user,
+        password: pass,
+        status: Metasploit::Model::Login::Status::SUCCESSFUL,
+        attempt_time: DateTime.now
      )
+
      return :next_user
    else
      vprint_error("#{target_uri} - WordPress Brute Force - Failed to login as '#{user}'")