Guess service name and port

jvazquez-r7 · jvazquez-r7 · commit 9d6e0664a42e · 2014-11-07T20:56:01.000-06:00
diff --git a/modules/auxiliary/gather/eventlog_cred_disclosure.rb b/modules/auxiliary/gather/eventlog_cred_disclosure.rb
@@ -152,17 +152,27 @@ def run
 
           cred_table << [host_ipaddress, type, subtype, domain_name, username, password]
 
+          if type == 'Windows'
+            service_name = 'epmap'
+            port = 135
+          elsif type == 'IBM AS/400'
+            service_name = 'as-servermap'
+            port = 449
+          else
+            next
+          end
+
           credential_core = report_credential_core({
              password: password,
              username: username,
            })
 
           host_login_data = {
             address: host_ipaddress,
-            service_name: type,
+            service_name: service_name,
             workspace_id: myworkspace_id,
             protocol: 'tcp',
-            port: 0, # can be any port, so just set to 0 else the cred api screams
+            port: port,
             core: credential_core,
             status: Metasploit::Model::Login::Status::UNTRIED
           }
