report cracked credentials

also makes mssql_hashdump report the credentials it logged in with
2014-06-19 12:16:49 -05:00 · 2014-06-19 12:16:49 -05:00 · d3c77b345c
parent 62f4054858
commit d3c77b345c
3 changed files with 43 additions and 1 deletions
--- a/2
+++ b/2
@ -7,7 +7,7 @@ group :db do
  # Needed for Msf::DbManager
  gem 'activerecord', '>= 3.0.0', '< 4.0.0'
  # Metasploit::Credential database models
-  gem 'metasploit-credential', git: 'github-metasploit-credential:rapid7/metasploit-credential.git', tag: 'v0.4.1-electro-release'
+  gem 'metasploit-credential', git: 'github-metasploit-credential:rapid7/metasploit-credential.git', tag: 'v0.4.5-electro-release'
  # Database models shared between framework and Pro.
  gem 'metasploit_data_models', '~> 0.17.1'
  # Needed for module caching in Mdm::ModuleDetails
--- a/modules/auxiliary/analyze/jtr_mssql_fast.rb
+++ b/modules/auxiliary/analyze/jtr_mssql_fast.rb
@ -43,6 +43,15 @@ class Metasploit3 < Msf::Auxiliary
      cracker.crack do |line|
        print_status line
      end
+
+      print_status "Cracked Passwords this run:"
+      cracker.each_cracked_password do |password_line|
+        next if password_line.blank?
+        next unless password_line =~ /\w+:\w+:\d+:/
+        username, password, core_id = password_line.split(':')
+        create_cracked_credential( username: username, password: password, core_id: core_id)
+        print_good password_line
+      end
    end

  end
--- a/modules/auxiliary/scanner/mssql/mssql_hashdump.rb
+++ b/modules/auxiliary/scanner/mssql/mssql_hashdump.rb
@ -35,6 +35,39 @@ class Metasploit3 < Msf::Auxiliary
      return
    end

+    service_data = {
+        address: ip,
+        port: rport,
+        service_name: 'mssql',
+        protocol: 'tcp',
+        workspace_id: myworkspace_id
+    }
+
+    credential_data = {
+        module_fullname: self.fullname,
+        origin_type: :service,
+        private_data: datastore['PASSWORD'],
+        private_type: :password,
+        username: datastore['USERNAME']
+    }
+
+    if datastore['USE_WINDOWS_AUTHENT']
+      credential_data[:realm_key] = Metasploit::Credential::Realm::Key::ACTIVE_DIRECTORY_DOMAIN
+      credential_data[:realm_value] = datastore['DOMAIN']
+    end
+    credential_data.merge!(service_data)
+
+    credential_core = create_credential(credential_data)
+
+    login_data = {
+        core: credential_core,
+        last_attempted_at: DateTime.now,
+        status: Metasploit::Credential::Login::Status::SUCCESSFUL
+    }
+    login_data.merge!(service_data)
+
+    create_credential_login(login_data)
+
    #Grabs the Instance Name and Version of MSSQL(2k,2k5,2k8)
    instancename= mssql_query(mssql_enumerate_servername())[:rows][0][0].split('\\')[1]
    print_status("Instance Name: #{instancename.inspect}")