Save creds

Author: wchen-r7

modules/exploits/multi/http/glassfish_deployer.rb

@@ -659,6 +659,34 @@ def my_target_host
     my_target_host = "http://#{rhost.to_s}:#{rport.to_s}#{normalize_uri(datastore['PATH'])}"
   end
 
+
+  def report_cred(opts)
+    service_data = {
+      address: rhost,
+      port: rport,
+      service_name: 'glassfish',
+      protocol: 'tcp',
+      workspace_id: myworkspace_id
+    }
+
+    credential_data = {
+      module_fullname: fullname,
+      post_reference_name: self.refname,
+      private_data: opts[:password],
+      origin_type: :service,
+      private_type: :password,
+      username: opts[:user]
+    }.merge(service_data)
+
+    login_data = {
+      core: create_credential(credential_data),
+      status: Metasploit::Model::Login::Status::SUCCESSFUL,
+      last_attempted_at: DateTime.now
+    }.merge(service_data)
+
+    create_credential_login(login_data)
+  end
+
   def try_normal_login(version)
     init_loginscanner
 
@@ -693,6 +721,7 @@ def try_normal_login(version)
       print_status("Trying to login as #{cred.public}:#{cred.private}")
       result = @scanner.attempt_login(cred)
       if result.status == Metasploit::Model::Login::Status::SUCCESSFUL
+        report_cred(user: cred.public, password: cred.private)
         return @scanner.jsession
       end
     end