Checking in missing reporting stuff for bruteforce. Namely, report_exploit, also changes ftp's pw type to just "password" and re-opens newly verified sessions.

git-svn-id: file:///home/svn/framework3/trunk@10205 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-31 20:33:16 +00:00 · 2010-08-31 20:33:16 +00:00 · 21540e22ed
parent ace873a37a
commit 21540e22ed
3 changed files with 10 additions and 1 deletions
--- a/lib/msf/core/auxiliary/report.rb
+++ b/lib/msf/core/auxiliary/report.rb
@ -92,6 +92,12 @@ module Auxiliary::Report
 		framework.db.report_vuln(opts)
 	end

+	def report_exploit(opts={})
+		return if not db
+		opts = {:workspace => myworkspace}.merge(opts)
+		framework.db.report_exploit(opts)
+	end
+
 	def report_loot(opts={})
 		return if not db
 		opts = {:workspace => myworkspace}.merge(opts)
--- a/lib/msf/core/db.rb
+++ b/lib/msf/core/db.rb
@ -650,6 +650,9 @@ class DBManager
 			cred.source_type = source_type if source_type
 			cred.active = active

+			# Ensure the updated_at is touched any time report_auth_info is called
+			cred.updated_at = Time.now.utc
+
 			# Safe proof (lazy way) -- doesn't chop expanded
 			# characters correctly, but shouldn't ever be a problem.
 			unless proof.nil?
--- a/modules/auxiliary/scanner/ftp/ftp_login.rb
+++ b/modules/auxiliary/scanner/ftp/ftp_login.rb
@ -152,7 +152,7 @@ class Metasploit3 < Msf::Auxiliary
 			:sname => 'ftp',
 			:user => user,
 			:pass => pass,
-			:type => "password_#{access == :write ? "rw" : "ro" }",
+			:type => "password#{access == :read ? "_ro" : "" }",
 			:active => true
 		)
 	end