Merge branch 'master' of github.com:rapid7/metasploit-framework

Author: sinn3r

lib/msf/core/db.rb

@@ -675,6 +675,13 @@ def report_session(opts)
 		if sess_data[:desc]
 			sess_data[:desc] = sess_data[:desc][0,255]
 		end
+    
+		# In the case of multi handler we cannot yet determine the true
+		# exploit responsible. But we can at least show the parent versus
+		# just the generic handler:
+		if session.via_exploit == "exploit/multi/handler"
+	  	sess_data[:via_exploit] = sess_data[:datastore]['ParentModule']
+		end
 
 		s = ::Mdm::Session.new(sess_data)
 		s.save!
@@ -684,19 +691,26 @@ def report_session(opts)
 		end
 
 		# If this is a live session, we know the host is vulnerable to something.
-		# If the exploit used was multi/handler, though, we don't know what
-		# it's vulnerable to, so it isn't really useful to save it.
-		if opts[:session] and session.via_exploit and session.via_exploit != "exploit/multi/handler"
+		if opts[:session] and session.via_exploit
 			return unless host
 
 			mod = framework.modules.create(session.via_exploit)
+
+			if session.via_exploit == "exploit/multi/handler"
+		  	mod_fullname = sess_data[:datastore]['ParentModule']
+		  	mod_name = ::Mdm::ModuleDetail.find_by_fullname(mod_fullname).name
+			else 
+				mod_name = mod.name
+				mod_fullname = mod.fullname
+			end
+
 			vuln_info = {
 				:host => host.address,
-				:name => mod.name,
+				:name => mod_name,
 				:refs => mod.references,
 				:workspace => wspace,
 				:exploited_at => Time.now.utc,
-				:info => "Exploited by #{mod.fullname} to create Session #{s.id}"
+				:info => "Exploited by #{mod_fullname} to create Session #{s.id}"
 			}
 
 			port    = session.exploit_datastore["RPORT"]
@@ -706,10 +720,15 @@ def report_session(opts)
 
 			vuln = framework.db.report_vuln(vuln_info)
 
+			if session.via_exploit == "exploit/multi/handler"
+				via_exploit = sess_data[:datastore]['ParentModule']
+			else
+				via_exploit = session.via_exploit
+			end
 			attempt_info = {
 				:timestamp   => Time.now.utc,
 				:workspace   => wspace,
-				:module      => session.via_exploit,
+				:module      => via_exploit,
 				:username    => session.username,
 				:refs        => mod.references,
 				:session_id  => s.id,

modules/auxiliary/admin/2wire/xslt_password_reset.rb

@@ -1,7 +1,3 @@
-##
-# $Id$
-##
-
 ##
 # This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
@@ -24,7 +20,6 @@ def initialize(info={})
 				configuration changes (such as resetting the password) as administrators.
 			},
 			'License'        => MSF_LICENSE,
-			'Version'        => "$Revision$",
 			'Author'         =>
 				[
 					'hkm [at] hakim.ws',              #Initial discovery, poc

modules/auxiliary/admin/backupexec/dump.rb

@@ -1,7 +1,3 @@
-##
-# $Id$
-##
-
 ##
 # This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
@@ -30,7 +26,6 @@ def initialize(info = {})
 			},
 			'Author'         => [ 'hdm', 'Unknown' ],
 			'License'        => MSF_LICENSE,
-			'Version'        => '$Revision$',
 			'References'     =>
 				[
 					['CVE', '2005-2611'],

modules/auxiliary/admin/backupexec/registry.rb

@@ -1,7 +1,3 @@
-##
-# $Id$
-##
-
 ##
 # This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
@@ -30,7 +26,6 @@ def initialize(info = {})
 			},
 			'Author'         => [ 'hdm' ],
 			'License'        => MSF_LICENSE,
-			'Version'        => '$Revision$',
 			'References'     =>
 				[
 					[ 'OSVDB', '17627' ],

modules/auxiliary/admin/cisco/cisco_secure_acs_bypass.rb

@@ -1,7 +1,3 @@
-##
-# $Id$
-##
-
 ##
 # This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
@@ -20,7 +16,6 @@ class Metasploit4 < Msf::Auxiliary
 	def initialize(info = {})
 		super(update_info(info,
 			'Name'         => 'Cisco Secure ACS Version < 5.1.0.44.5 or 5.2.0.26.2 Unauthorized Password Change',
-			'Version'      => '$Revision$',
 			'Description'  => %q{
 				This module exploits an authentication bypass issue which allows arbitrary
 				password change requests to be issued for any user in the local store.

modules/auxiliary/admin/cisco/vpn_3000_ftp_bypass.rb

@@ -1,7 +1,3 @@
-##
-# $Id$
-##
-
 ##
 # This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
@@ -30,7 +26,6 @@ def initialize(info = {})
 			},
 			'Author'		=> [ 'patrick' ],
 			'License'		=> MSF_LICENSE,
-			'Version'		=> '$Revision$',
 			'References'	=>
 				[
 					[ 'BID', '19680' ],

modules/auxiliary/admin/db2/db2rcmd.rb

@@ -1,7 +1,3 @@
-##
-# $Id$
-##
-
 ##
 # This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
@@ -26,7 +22,6 @@ def initialize(info = {})
 			},
 			'Author'         => [ 'MC' ],
 			'License'        => MSF_LICENSE,
-			'Version'        => '$Revision$',
 			'References'     =>
 				[
 					[ 'CVE', '2004-0795' ],

modules/auxiliary/admin/edirectory/edirectory_dhost_cookie.rb

@@ -1,7 +1,3 @@
-##
-# $Id$
-##
-
 ##
 # This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
@@ -31,8 +27,7 @@ def initialize(info = {})
 					['OSVDB', '60035'],
 				],
 			'Author'         => 'hdm',
-			'License'        => MSF_LICENSE,
-			'Version'        => '$Revision$'
+			'License'        => MSF_LICENSE
 		))
 
 		register_options([

modules/auxiliary/admin/emc/alphastor_devicemanager_exec.rb

@@ -1,7 +1,3 @@
-##
-# $Id$
-##
-
 ##
 # This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
@@ -25,7 +21,6 @@ def initialize(info = {})
 			},
 			'Author'         => [ 'MC' ],
 			'License'        => MSF_LICENSE,
-			'Version'        => '$Revision$',
 			'References'     =>
 				[
 					[ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=703' ],

modules/auxiliary/admin/emc/alphastor_librarymanager_exec.rb

@@ -1,7 +1,3 @@
-##
-# $Id$
-##
-
 ##
 # This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
@@ -25,7 +21,6 @@ def initialize(info = {})
 			},
 			'Author'         => [ 'MC' ],
 			'License'        => MSF_LICENSE,
-			'Version'        => '$Revision$',
 			'References'     =>
 				[
 					[ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=703' ],