refactor afp_login

2014-08-01 12:10:52 -05:00 · 2014-08-01 12:10:52 -05:00 · 0fffb179fa
parent c3691ba056
commit 0fffb179fa
2 changed files with 14 additions and 35 deletions
--- a/lib/metasploit/framework/login_scanner/afp.rb
+++ b/lib/metasploit/framework/login_scanner/afp.rb
@ -35,7 +35,12 @@ module Metasploit
            status = (success == true) ? Metasploit::Model::Login::Status::SUCCESSFUL : Metasploit::Model::Login::Status::INCORRECT
          end

-          Result.new(credential: credential, status: status)
+          result = Result.new(credential: credential, status: status)
+          result.host         = host
+          result.port         = port
+          result.protocol     = 'tcp'
+          result.service_name = 'afp'
+          result
        end

        def set_sane_defaults
--- a/modules/auxiliary/scanner/afp/afp_login.rb
+++ b/modules/auxiliary/scanner/afp/afp_login.rb
@ -63,46 +63,20 @@ class Metasploit3 < Msf::Auxiliary
        connection_timeout: 30
    )

-    service_data = {
-        address: ip,
-        port: rport,
-        service_name: 'afp',
-        protocol: 'tcp',
-        workspace_id: myworkspace_id
-    }
-
    scanner.scan! do |result|
+      credential_data = result.to_h
+      credential_data.merge!(
+          module_fullname: self.fullname,
+          workspace_id: myworkspace_id
+      )
      if result.success?
-        credential_data = {
-            module_fullname: self.fullname,
-            origin_type: :service,
-            private_data: result.credential.private,
-            private_type: :password,
-            username: result.credential.public
-        }
-        credential_data.merge!(service_data)
-
        credential_core = create_credential(credential_data)
+        credential_data[:core] = credential_core
+        create_credential_login(credential_data)

-        login_data = {
-            core: credential_core,
-            last_attempted_at: DateTime.now,
-            status: Metasploit::Model::Login::Status::SUCCESSFUL
-        }
-        login_data.merge!(service_data)
-
-        create_credential_login(login_data)
        print_good "#{ip}:#{rport} - LOGIN SUCCESSFUL: #{result.credential}"
      else
-        invalidate_login(
-            address: ip,
-            port: rport,
-            protocol: 'tcp',
-            public: result.credential.public,
-            private: result.credential.private,
-            realm_key: nil,
-            realm_value: nil,
-            status: result.status)
+        invalidate_login(credential_data)
        print_status "#{ip}:#{rport} - LOGIN FAILED: #{result.credential} (#{result.status}: #{result.proof})"
      end
    end