Merge pull request rapid7#20092 from bcoles/rubocop-modules-post-windows-gather-credentials

modules/post/windows/gather/credentials: Resolve RuboCop violations

Author: adfoster-r7

modules/post/windows/gather/credentials/adi_irc.rb

@@ -4,7 +4,6 @@
 ##
 
 class MetasploitModule < Msf::Post
-  # this associative array defines the artifacts known to PackRat
   include Msf::Post::File
   include Msf::Post::Windows::UserProfiles
   include Msf::Post::Windows::Packrat
@@ -53,7 +52,7 @@ def initialize(info = {})
           PackRat is a post-exploitation module that gathers file and information artifacts from end users' systems.
           PackRat searches for and downloads files of interest (such as config files, and received and deleted emails) and extracts information (such as contacts and usernames and passwords), using regexp, JSON, XML, and SQLite queries.
           Further details can be found in the module documentation.
-          This is a module that searches for credentials stored on AdiIRC Client in a windows remote host.
+          This module searches for credentials stored on AdiIRC Client in a windows remote host.
         },
         'License' => MSF_LICENSE,
         'Author' => [
@@ -94,6 +93,6 @@ def run
       run_packrat(userprofile, ARTIFACTS)
     end
 
-    print_status 'PackRat credential sweep Completed'
+    print_status 'PackRat credential sweep completed'
   end
 end

modules/post/windows/gather/credentials/aim.rb

@@ -1,12 +1,9 @@
-# frozen_string_literal: true
-
 ##
 # This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
 class MetasploitModule < Msf::Post
-  # this associative array defines the artifacts known to PackRat
   include Msf::Post::File
   include Msf::Post::Windows::UserProfiles
   include Msf::Post::Windows::Packrat
@@ -79,7 +76,7 @@ def initialize(info = {})
           PackRat is a post-exploitation module that gathers file and information artifacts from end users' systems.
           PackRat searches for and downloads files of interest (such as config files, and received and deleted emails) and extracts information (such as contacts and usernames and passwords), using regexp, JSON, XML, and SQLite queries.
           Further details can be found in the module documentation.
-          This is a module that searches for Aim credentials on a windows remote host.
+          This module searches for Aim credentials on a Windows host.
         },
         'License' => MSF_LICENSE,
         'Author' => [
@@ -124,6 +121,6 @@ def run
       run_packrat(userprofile, ARTIFACTS)
     end
 
-    print_status 'PackRat credential sweep Completed'
+    print_status 'PackRat credential sweep completed'
   end
 end

modules/post/windows/gather/credentials/avira_password.rb

@@ -19,6 +19,11 @@ def initialize(info = {})
         'Author' => [ 'Robert Kugler / robertchrk'],
         'Platform' => [ 'win' ],
         'SessionTypes' => [ 'meterpreter' ],
+        'Notes' => {
+          'Stability' => [CRASH_SAFE],
+          'SideEffects' => [],
+          'Reliability' => []
+        },
         'Compat' => {
           'Meterpreter' => {
             'Commands' => %w[
@@ -35,8 +40,9 @@ def initialize(info = {})
   end
 
   def run
-    print_status('Checking default location...')
-    check_programdata('C:\\ProgramData\\Avira\\Antivirus\\CONFIG\\AVWIN.INI')
+    path = 'C:\\ProgramData\\Avira\\Antivirus\\CONFIG\\AVWIN.INI'
+    print_status("Checking default location (#{path}) ...")
+    check_programdata(path)
   end
 
   def check_programdata(path)

modules/post/windows/gather/credentials/bulletproof_ftp.rb

@@ -22,6 +22,11 @@ def initialize(info = {})
         'Author' => [ 'juan vazquez'],
         'Platform' => [ 'win' ],
         'SessionTypes' => [ 'meterpreter' ],
+        'Notes' => {
+          'Stability' => [CRASH_SAFE],
+          'SideEffects' => [],
+          'Reliability' => []
+        },
         'Compat' => {
           'Meterpreter' => {
             'Commands' => %w[

modules/post/windows/gather/credentials/carotdav_ftp.rb

@@ -4,7 +4,6 @@
 ##
 
 class MetasploitModule < Msf::Post
-  # this associative array defines the artifacts known to PackRat
   include Msf::Post::File
   include Msf::Post::Windows::UserProfiles
   include Msf::Post::Windows::Packrat
@@ -45,7 +44,7 @@ def initialize(info = {})
           PackRat is a post-exploitation module that gathers file and information artifacts from end users' systems.
           PackRat searches for and downloads files of interest (such as config files, and received and deleted emails) and extracts information (such as contacts and usernames and passwords), using regexp, JSON, XML, and SQLite queries.
           Further details can be found in the module documentation.
-          This is a module that searches for credentials stored on CarotDAV FTP Client in a windows remote host.
+          This module searches for credentials stored on CarotDAV FTP Client in a windows remote host.
         },
         'License' => MSF_LICENSE,
         'Author' => [
@@ -86,6 +85,6 @@ def run
       run_packrat(userprofile, ARTIFACTS)
     end
 
-    print_status 'PackRat credential sweep Completed'
+    print_status 'PackRat credential sweep completed'
   end
 end

modules/post/windows/gather/credentials/chrome.rb

@@ -1,16 +1,12 @@
-# frozen_string_literal: true
-
 ##
 # This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
 class MetasploitModule < Msf::Post
-  # this associative array defines the artifacts known to PackRat
   include Msf::Post::File
   include Msf::Post::Windows::UserProfiles
   include Msf::Post::Windows::Packrat
-
   include Msf::Exploit::Deprecated
 
   deprecated nil, 'The post/windows/gather/enum_browsers module now supersedes this module'
@@ -97,7 +93,7 @@ def initialize(info = {})
           PackRat is a post-exploitation module that gathers file and information artifacts from end users' systems.
           PackRat searches for and downloads files of interest (such as config files, and received and deleted emails) and extracts information (such as contacts and usernames and passwords), using regexp, JSON, XML, and SQLite queries.
           Further details can be found in the module documentation.
-          This is a module that searches for credentials stored on Chrome in a windows remote host.
+          This module searches for credentials stored on Chrome in a windows remote host.
         },
         'License' => MSF_LICENSE,
         'Author' => [
@@ -142,6 +138,6 @@ def run
       run_packrat(userprofile, ARTIFACTS)
     end
 
-    print_status 'PackRat credential sweep Completed'
+    print_status 'PackRat credential sweep completed'
   end
 end

modules/post/windows/gather/credentials/comodo.rb

@@ -1,15 +1,13 @@
-# frozen_string_literal: true
-
 ##
 # This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
 class MetasploitModule < Msf::Post
-  # this associative array defines the artifacts known to PackRat
   include Msf::Post::File
   include Msf::Post::Windows::UserProfiles
   include Msf::Post::Windows::Packrat
+
   ARTIFACTS =
     {
       application: 'comodo',
@@ -127,7 +125,7 @@ def initialize(info = {})
           PackRat is a post-exploitation module that gathers file and information artifacts from end users' systems.
           PackRat searches for and downloads files of interest (such as config files, and received and deleted emails) and extracts information (such as contacts and usernames and passwords), using regexp, JSON, XML, and SQLite queries.
           Further details can be found in the module documentation.
-          This is a module that searches for credentials stored in Comodo on a windows remote host.
+          This module searches for credentials stored in Comodo on a remote Windows host.
         },
         'License' => MSF_LICENSE,
         'Author' => [
@@ -153,9 +151,12 @@ def initialize(info = {})
         OptBool.new('EXTRACT_DATA', [false, 'Extract data and stores in a separate file', true]),
         # enumerates the options based on the artifacts that are defined below
         OptEnum.new('ARTIFACTS', [
-          false, 'Type of artifacts to collect', 'All', ARTIFACTS[:gatherable_artifacts].map do |k|
-                                                          k[:filetypes]
-                                                        end.uniq.unshift('All')
+          false,
+          'Type of artifacts to collect',
+          'All',
+          ARTIFACTS[:gatherable_artifacts].map do |k|
+            k[:filetypes]
+          end.uniq.unshift('All')
         ])
       ]
     )
@@ -172,6 +173,6 @@ def run
       run_packrat(userprofile, ARTIFACTS)
     end
 
-    print_status 'PackRat credential sweep Completed'
+    print_status('PackRat credential sweep completed')
   end
 end

modules/post/windows/gather/credentials/coolnovo.rb

@@ -1,12 +1,9 @@
-# frozen_string_literal: true
-
 ##
 # This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
 class MetasploitModule < Msf::Post
-  # this associative array defines the artifacts known to PackRat
   include Msf::Post::File
   include Msf::Post::Windows::UserProfiles
   include Msf::Post::Windows::Packrat
@@ -48,6 +45,7 @@ class MetasploitModule < Msf::Post
 
       ]
     }.freeze
+
   def initialize(info = {})
     super(
       update_info(
@@ -57,7 +55,7 @@ def initialize(info = {})
           PackRat is a post-exploitation module that gathers file and information artifacts from end users' systems.
           PackRat searches for and downloads files of interest (such as config files, and received and deleted emails) and extracts information (such as contacts and usernames and passwords), using regexp, JSON, XML, and SQLite queries.
           Further details can be found in the module documentation.
-          This is a module that searches for Coolnovo credentials on a windows remote host.
+          This module searches for Coolnovo credentials on a Windows host.
         },
         'License' => MSF_LICENSE,
         'Author' => [
@@ -102,6 +100,6 @@ def run
       run_packrat(userprofile, ARTIFACTS)
     end
 
-    print_status 'PackRat credential sweep Completed'
+    print_status 'PackRat credential sweep completed'
   end
 end

modules/post/windows/gather/credentials/coreftp.rb

@@ -21,7 +21,12 @@ def initialize(info = {})
         'License' => MSF_LICENSE,
         'Author' => ['theLightCosine'],
         'Platform' => [ 'win' ],
-        'SessionTypes' => [ 'meterpreter' ]
+        'SessionTypes' => [ 'meterpreter' ],
+        'Notes' => {
+          'Stability' => [CRASH_SAFE],
+          'SideEffects' => [],
+          'Reliability' => []
+        }
       )
     )
   end
@@ -81,7 +86,7 @@ def run
 
           # Merge in the service data and create our Login
           login_data.merge!(service_data)
-          login = create_credential_login(login_data)
+          create_credential_login(login_data)
         end
       rescue StandardError
         print_error("Cannot Access User SID: #{hive['HKU']}")

modules/post/windows/gather/credentials/credential_collector.rb

@@ -11,11 +11,18 @@ def initialize(info = {})
       update_info(
         info,
         'Name' => 'Windows Gather Credential Collector',
-        'Description' => %q{ This module harvests credentials found on the host and stores them in the database.},
+        'Description' => %q{
+          This module harvests credentials found on the host and stores them in the database.
+        },
         'License' => MSF_LICENSE,
         'Author' => [ 'tebo[at]attackresearch.com'],
         'Platform' => [ 'win' ],
         'SessionTypes' => [ 'meterpreter'],
+        'Notes' => {
+          'Stability' => [CRASH_SAFE],
+          'SideEffects' => [],
+          'Reliability' => []
+        },
         'Compat' => {
           'Meterpreter' => {
             'Commands' => %w[
@@ -28,15 +35,9 @@ def initialize(info = {})
     )
   end
 
-  # Run Method for when run command is issued
   def run
-    print_status("Running module against #{sysinfo['Computer']}")
-    # Collect even without a database to store them.
-    if session.framework.db.active
-      db_ok = true
-    else
-      db_ok = false
-    end
+    hostname = sysinfo.nil? ? cmd_exec('hostname') : sysinfo['Computer']
+    print_status("Running module against #{hostname} (#{session.session_host})")
 
     # Make sure we're rockin Priv and Incognito
     session.core.use('priv') if !session.priv
@@ -46,16 +47,15 @@ def run
     begin
       hashes = client.priv.sam_hashes
     rescue StandardError
-      print_error('Error accessing hashes, did you migrate to a process that matched the target\'s architecture?')
-      return
+      fail_with(Failure::Unknown, "Error accessing hashes, did you migrate to a process that matched the target's architecture?")
     end
 
     # Target infos for the db record
     addr = session.session_host
     # client.framework.db.report_host(:host => addr, :state => Msf::HostState::Alive)
 
     # Record hashes to the running db instance
-    print_good 'Collecting hashes...'
+    print_good('Collecting hashes...')
 
     hashes.each do |hash|
       # Build service information
@@ -107,7 +107,8 @@ def run
       data[:update] = :unique_data
 
       print_line "    #{data[:data]}"
-      report_note(data) if db_ok
+
+      report_note(data)
     end
   end
 end