WIP: proxy credentials

jbarnett-r7 · jbarnett-r7 · commit 4c164fafb08e · 2017-10-10T13:52:30.000-05:00
diff --git a/lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb b/lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb
@@ -0,0 +1,25 @@
+module CredentialDataProxy
+
+  def create_credential(opts)
+    begin
+      data_service = self.get_data_service()
+      if !data_service.is_a?(Msf::DBManager)
+        opts[:data] = Base64.urlsafe_encode64(opts[:data]) if opts[:data]
+      end
+      data_service.create_credential(opts)
+    rescue Exception => e
+      puts "Call to #{data_service.class}#create_credential threw exception: #{e.message}"
+    end
+  end
+
+  def credentials(opts = {})
+    begin
+      data_service = self.get_data_service
+      opts[:wspace] = wspace
+      data_service.loot(opts)
+    rescue Exception => e
+      puts "Call to #{data_service.class}#credentials threw exception: #{e.message}"
+      e.backtrace.each { |line| puts "#{line}\n" }
+    end
+  end
+end
diff --git a/lib/metasploit/framework/data_service/proxy/data_proxy_auto_loader.rb b/lib/metasploit/framework/data_service/proxy/data_proxy_auto_loader.rb
@@ -14,6 +14,7 @@ module DataProxyAutoLoader
   autoload :ExploitDataProxy, 'metasploit/framework/data_service/proxy/exploit_data_proxy'
   autoload :LootDataProxy, 'metasploit/framework/data_service/proxy/loot_data_proxy'
   autoload :SessionEventDataProxy, 'metasploit/framework/data_service/proxy/session_event_data_proxy'
+  autoload :CredentialDataProxy, 'metasploit/framework/data_service/proxy/credential_data_proxy'
   include ServiceDataProxy
   include HostDataProxy
   include VulnDataProxy
@@ -25,4 +26,5 @@ module DataProxyAutoLoader
   include ExploitDataProxy
   include LootDataProxy
   include SessionEventDataProxy
+  include CredentialDataProxy
 end
diff --git a/lib/metasploit/framework/data_service/remote/http/data_service_auto_loader.rb b/lib/metasploit/framework/data_service/remote/http/data_service_auto_loader.rb
@@ -13,6 +13,7 @@ module DataServiceAutoLoader
   autoload :RemoteExploitDataService, 'metasploit/framework/data_service/remote/http/remote_exploit_data_service'
   autoload :RemoteLootDataService, 'metasploit/framework/data_service/remote/http/remote_loot_data_service'
   autoload :RemoteSessionEventDataService, 'metasploit/framework/data_service/remote/http/remote_session_event_data_service'
+  autoload :RemoteCredentialDataService, 'metasploit/framework/data_service/remote/http/remote_credential_data_service'
   include RemoteHostDataService
   include RemoteEventDataService
   include RemoteNoteDataService
@@ -24,4 +25,5 @@ module DataServiceAutoLoader
   include RemoteExploitDataService
   include RemoteLootDataService
   include RemoteSessionEventDataService
+  include RemoteCredentialDataService
 end
diff --git a/lib/metasploit/framework/data_service/remote/http/remote_credential_data_service.rb b/lib/metasploit/framework/data_service/remote/http/remote_credential_data_service.rb
@@ -0,0 +1,15 @@
+require 'metasploit/framework/data_service/remote/http/response_data_helper'
+
+module RemoteCredentialDataService
+  include ResponseDataHelper
+
+  CREDENTIAL_PATH = '/api/1/msf/credential'
+
+  def credential(opts = {})
+    json_to_open_struct_object(self.get_data(CREDENTIAL_PATH, opts), [])
+  end
+
+  def create_credential(opts)
+    self.post_data_async(CREDENTIAL_PATH, opts)
+  end
+end
diff --git a/lib/msf/core/auxiliary/report.rb b/lib/msf/core/auxiliary/report.rb
@@ -31,7 +31,8 @@ def create_cracked_credential(opts={})
 
   def create_credential(opts={})
     if active_db?
-      super(opts)
+      framework.db.create_credential(opts)
+      #super(opts)
     elsif !db_warning_given?
       vprint_warning('No active DB -- Credential data will not be saved!')
     end
diff --git a/lib/msf/core/db_manager/http/servlet/credential_servlet.rb b/lib/msf/core/db_manager/http/servlet/credential_servlet.rb
@@ -0,0 +1,34 @@
+module CredentialServlet
+
+  def self.api_path
+    '/api/1/msf/credential'
+  end
+
+  def self.registered(app)
+    app.get LootServlet.api_path, &get_credentials
+    app.post LootServlet.api_path, &create_credentail
+  end
+
+  #######
+  private
+  #######
+
+  def self.get_loot
+    lambda {
+      begin
+        opts = parse_json_request(request, false)
+        data = get_db().credentials(opts)
+        set_json_response(data)
+      rescue Exception => e
+        set_error_on_response(e)
+      end
+    }
+  end
+
+  def self.create_credential
+    lambda {
+      job = lambda { |opts| get_db().report_host(opts) }
+      exec_report_job(request, &job)
+    }
+  end
+end
diff --git a/lib/msf/core/db_manager/http/sinatra_app.rb b/lib/msf/core/db_manager/http/sinatra_app.rb
@@ -13,6 +13,7 @@
 require 'msf/core/db_manager/http/servlet/exploit_servlet'
 require 'msf/core/db_manager/http/servlet/loot_servlet'
 require 'msf/core/db_manager/http/servlet/session_event_servlet'
+require 'msf/core/db_manager/http/servlet/credential_servlet'
 
 class SinatraApp < Sinatra::Base
 
@@ -33,5 +34,5 @@ class SinatraApp < Sinatra::Base
   register ExploitServlet
   register LootServlet
   register SessionEventServlet
-
+  register CredentialServlet
 end
