Successfully storing creds remotely

jbarnett-r7 · jbarnett-r7 · commit ffcec527a70d · 2017-10-23T11:30:50.000-05:00
diff --git a/lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb b/lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb
@@ -3,9 +3,6 @@ module CredentialDataProxy
   def create_credential(opts)
     begin
       data_service = self.get_data_service()
-      if !data_service.is_a?(Msf::DBManager)
-        opts[:data] = Base64.urlsafe_encode64(opts[:data]) if opts[:data]
-      end
       data_service.create_credential(opts)
     rescue Exception => e
       puts "Call to #{data_service.class}#create_credential threw exception: #{e.message}"
diff --git a/lib/metasploit/framework/data_service/remote/http/remote_session_data_service.rb b/lib/metasploit/framework/data_service/remote/http/remote_session_data_service.rb
@@ -3,18 +3,24 @@ module RemoteSessionDataService
   SESSION_API_PATH = '/api/1/msf/session'
 
   def report_session(opts)
-    if (opts[:session].kind_of? Msf::Session)
-      opts = convert_msf_session_to_hash(opts[:session])
+    session = opts[:session]
+    if (session.kind_of? Msf::Session)
+      opts = convert_msf_session_to_hash(session)
       opts[:session_dto] = true
     elsif (opts[:host])
       opts[:host] = opts[:host].address
     end
 
     #TODO: Fix
     opts[:time_stamp] = Time.now.utc
-    self.post_data_async(SESSION_API_PATH, opts)
+    sess_db = json_to_open_struct_object(self.post_data(SESSION_API_PATH, opts))
+    session.db_record = sess_db
   end
 
+  # def get_session(opts = {})
+  #   json_to_open_struct_object(self.get_data(SESSION_API_PATH, opts), [])
+  # end
+
   #######
   private
   #######
diff --git a/lib/msf/core/db_manager/http/job_processor.rb b/lib/msf/core/db_manager/http/job_processor.rb
@@ -22,6 +22,7 @@ def start_processor_thread()
           wrapper.job.call(wrapper.job_args)
         rescue Exception => e
           puts "Error executing job #{e.message}"
+          e.backtrace.each { |line| puts "#{line}\n"}
         end
       end
     }
diff --git a/lib/msf/core/db_manager/http/servlet/credential_servlet.rb b/lib/msf/core/db_manager/http/servlet/credential_servlet.rb
@@ -35,7 +35,11 @@ def self.get_credentials
 
   def self.create_credential
     lambda {
-      job = lambda { |opts| get_db().report_cred(opts) }
+      job = lambda { |opts|
+        opts[:origin_type] = opts[:origin_type].to_sym
+        opts[:private_type] = opts[:private_type].to_sym
+        get_db().create_credential(opts)
+      }
       exec_report_job(request, &job)
     }
   end
diff --git a/lib/msf/core/db_manager/session.rb b/lib/msf/core/db_manager/session.rb
@@ -156,6 +156,7 @@ def report_session_dto(session_dto)
         # This is a live session, we know the host is vulnerable to something.
         infer_vuln_from_session_dto(session_dto, session_db_record, workspace)
       end
+      session_db_record
     }
   end
 

Original file line number	Diff line number	Diff line change
`@@ -22,6 +22,7 @@ def start_processor_thread()`
`22`	`22`	`wrapper.job.call(wrapper.job_args)`
`23`	`23`	`rescue Exception => e`
`24`	`24`	`puts "Error executing job #{e.message}"`
	`25`	`+ e.backtrace.each { \|line\| puts "#{line}\n"}`
`25`	`26`	`end`
`26`	`27`	`end`
`27`	`28`	`}`
Original file line number	Diff line number	Diff line change
`@@ -156,6 +156,7 @@ def report_session_dto(session_dto)`
`156`	`156`	`# This is a live session, we know the host is vulnerable to something.`
`157`	`157`	`infer_vuln_from_session_dto(session_dto, session_db_record, workspace)`
`158`	`158`	`end`
	`159`	`+ session_db_record`
`159`	`160`	`}`
`160`	`161`	`end`
`161`	`162`