comments adjustments & enum better

Author: jmartin-tech

lib/msf/core/module/auth.rb

@@ -5,30 +5,27 @@ def store_valid_credential(user:, private:, private_type: :password, proof: nil)
       service_data = service_details
     end
 
-    cdata = {
+    creation_data = {
         module_fullname: self.fullname,
-        origin_type: :service,
         username: user,
         private_data: private,
         private_type: private_type,
         workspace_id: myworkspace_id
     }.merge(service_data)
 
     if service_data.empty?
-      cdata[:origin_type] = :import
-      cdata[:filename] ='msfconsole' # default as values provided on the console
-    end
-
-
-    core = create_credential(cdata)
-    unless service_data.empty?
+      cred_data = {
+        origin_type: :import,
+        filename: 'msfconsole' # default as values provided on the console
+      }.merge(creation_data)
+      create_credential(cred_data)
+    else
       login_data = {
-        core: core,
         proof: proof,
         last_attempted_at: DateTime.now,
         status: Metasploit::Model::Login::Status::SUCCESSFUL
-      }.merge(cdata)
-      create_credential_login(login_data)
+      }.merge(creation_data)
+      create_credential_and_login(login_data)
     end
 
     nil

modules/auxiliary/admin/http/wp_custom_contact_forms.rb

@@ -62,21 +62,6 @@ def get_table_prefix
     table_prefix
   end
 
-  def service_details
-    {
-      address: rhost,
-      port: rport,
-      service_name: (ssl ? "https": "http"), # changed from "WorkPress" here
-      protocol: 'tcp',
-      workspace_id: myworkspace_id,
-      module_fullname: fullname,
-      origin_type: :service
-      # moved to Msf::Module::Auth
-      # last_attempted_at: DateTime.now,
-      # status: Metasploit::Model::Login::Status::SUCCESSFUL
-    }
-  end
-
   def run
     username = Rex::Text.rand_text_alpha(10)
     password = Rex::Text.rand_text_alpha(20)

modules/auxiliary/dos/http/wordpress_long_password_dos.rb

@@ -66,20 +66,6 @@ def timeout
     datastore['TIMEOUT']
   end
 
-  def service_details
-    {
-        service_name: (ssl ? 'https' : 'http'),
-        address: rhost,
-        port: rport,
-        protocol: 'tcp',
-        origin_type: :service,
-        module_fullname: fullname
-        # moved to Msf::Module::Auth
-        # last_attempted_at: DateTime.now,
-        # status: Metasploit::Model::Login::Status::SUCCESSFUL
-    }
-  end
-
   def user_exists(user)
     exists = wordpress_user_exists?(user)
     if exists

modules/auxiliary/scanner/http/cisco_ironport_enum.rb

@@ -116,14 +116,7 @@ def is_app_ironport?
   end
 
   def service_details
-    {
-      address: rhost,
-      port: rport,
-      service_name: 'Cisco IronPort Appliance',
-      protocol: 'tcp',
-      origin_type: :service,
-      module_fullname: fullname
-    }
+    super.merge({service_name: 'Cisco IronPort Appliance'})
   end
 
   #

modules/auxiliary/scanner/http/wordpress_login_enum.rb

@@ -100,30 +100,19 @@ def run_host(ip)
     end
   end
 
-  def service_details
-    {
-        address: rhost,
-        port: rport,
-        service_name: ssl ? 'https' : 'http',
-        protocol: 'tcp',
-        workspace_id: myworkspace_id,
-        module_fullname: fullname,
-        origin_type: :service,
-        last_attempted_at: DateTime.now,
-        # infer status from state when called
-        status: (@validate_only ? Metasploit::Model::Login::Status::UNTRIED : Metasploit::Model::Login::Status::SUCCESSFUL)
-    }
-  end
-
   def validate_user(user=nil)
     print_status("#{target_uri} - WordPress User-Validation - Checking Username:'#{user}'")
 
     exists = wordpress_user_exists?(user)
     if exists
       print_good("#{target_uri} - WordPress User-Validation - Username: '#{user}' - is VALID")
-      @validate_only = true
-      store_valid_credential(user: user, private: nil)
-      @validate_only = false
+      connection_details = {
+        module_fullname: self.fullname,
+        username: user,
+        workspace_id: myworkspace_id,
+        status: Metasploit::Model::Login::Status::UNTRIED
+      }.merge(service_details)
+      create_credential_and_login(connection_details)
       @users_found[user] = :reported
       return :next_user
     else