Skip to content

Commit cbbb57d

Browse files
committed
Land rapid7#8526, Refactor QNAP and airOS modules for creds
2 parents bb9d1a6 + a40e716 commit cbbb57d

File tree

2 files changed

+21
-11
lines changed

2 files changed

+21
-11
lines changed

modules/auxiliary/gather/qnap_backtrace_admin_hash.rb

Lines changed: 9 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -90,12 +90,15 @@ def run
9090

9191
if admin_hash
9292
print_good("Hopefully this is your hash: #{admin_hash}")
93-
report_note(
94-
host: rhost,
95-
port: rport,
96-
type: 'qnap.admin.hash',
97-
data: admin_hash
98-
)
93+
credential_data = {
94+
workspace_id: myworkspace_id,
95+
module_fullname: self.fullname,
96+
username: 'admin',
97+
private_data: admin_hash,
98+
private_type: :nonreplayable_hash,
99+
jtr_format: 'md5crypt'
100+
}.merge(service_details)
101+
create_credential(credential_data)
99102
else
100103
print_error('Looks like we didn\'t find the hash :(')
101104
end

modules/exploits/linux/ssh/ubiquiti_airos_file_upload.rb

Lines changed: 12 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -148,18 +148,25 @@ def ssh_login
148148
refs: self.references,
149149
info: ssh.transport.server_version.version
150150
)
151-
report_note(
152-
host: rhost,
153-
port: datastore['SSH_PORT'],
154-
type: 'airos.ssh.key',
155-
data: private_key
151+
store_valid_credential(
152+
user: username,
153+
private: private_key,
154+
private_type: :ssh_key
156155
)
157156
return Net::SSH::CommandStream.new(ssh, '/bin/sh', true)
158157
end
159158

160159
nil
161160
end
162161

162+
# This is for store_valid_credential above
163+
def service_details
164+
super.merge(
165+
port: datastore['SSH_PORT'],
166+
service_name: 'ssh'
167+
)
168+
end
169+
163170
#
164171
# Persistence and cleanup methods
165172
#

0 commit comments

Comments
 (0)