Updates report summary mixin to have additional fallback when looking…

… for creds
rapid7 · Nov 1, 2024 · 43f3b1b · 43f3b1b
1 parent 9e0b0f5
commit 43f3b1b
Showing 1 changed file with 30 additions and 10 deletions.
diff --git a/lib/msf/core/auxiliary/report_summary.rb b/lib/msf/core/auxiliary/report_summary.rb
@@ -39,19 +39,43 @@ def run
         result
       end
 
+      # Take credentials hash and check data for username and password and then returns a hash for those values
+      #
+      # @param [Hash] credential_data
+      # @return [Hash]
+      def login_credentials(credential_data)
+        active_db = framework.db&.active
+        core_available = active_db && credential_data[:core]
+
+        # If the database is active and core is populated then grab the creds from there, otherwise
+        # fallback and check in credentials data's top layer
+        if active_db && core_available
+          {
+            public: credential_data[:core].public,
+            private_data: credential_data[:core].private
+          }
+        elsif credential_data[:username] && credential_data[:private_data]
+          {
+            public: credential_data[:username],
+            private_data: credential_data[:private_data]
+          }
+        else
+          {
+            public: 'credentials could not be reported',
+            private_data: 'credentials could not be reported'
+          }
+        end
+      end
+
       # Creates a credential and adds to to the DB if one is present
       #
       # @param [Hash] credential_data
       # @return [Metasploit::Credential::Login]
       def create_credential_login(credential_data)
         return super unless framework.features.enabled?(Msf::FeatureManager::SHOW_SUCCESSFUL_LOGINS) && datastore['ShowSuccessfulLogins'] && @report
 
-        credential = {
-          public: credential_data[:username],
-          private_data: credential_data[:private_data]
-        }
         @report[rhost] = { successful_logins: [] }
-        @report[rhost][:successful_logins] << credential
+        @report[rhost][:successful_logins] << login_credentials(credential_data)
         super
       end
 
@@ -69,12 +93,8 @@ def create_credential_login(credential_data)
       def create_credential_and_login(credential_data)
         return super unless framework.features.enabled?(Msf::FeatureManager::SHOW_SUCCESSFUL_LOGINS) && datastore['ShowSuccessfulLogins'] && @report
 
-        credential = {
-          public: credential_data[:username],
-          private_data: credential_data[:private_data]
-        }
         @report[rhost] = { successful_logins: [] }
-        @report[rhost][:successful_logins] << credential
+        @report[rhost][:successful_logins] << login_credentials(credential_data)
         super
       end