Creds command throws id error when trying to delete creds from the database, leads to stack trace

[gwillcox-r7]

Found whilst testing #14882 and I was trying to clear my existing database of hashes.

Steps to reproduce

msf6 > creds
Credentials
===========

host            origin          service            public         private                                                            realm            private_type  JtR Format
----            ------          -------            ------         -------                                                            -----            ------------  ----------
92.130.197.119  92.130.197.119  10443/tcp (https)  admin          admin$123                                                                           Password      
172.27.145.59   172.29.199.4    445/tcp (smb)      Administrator  aad3b435b51404eeaad3b435b51404ee:76adfdfbf4f52000a1d5eb4ce6666c99  WIN-QKA9JKS5MVU  NTLM hash     nt,lm
172.29.199.4    172.29.199.4    445/tcp (smb)      Administrator  aad3b435b51404eeaad3b435b51404ee:76adfdfbf4f52000a1d5eb4ce6666c99  WIN-QKA9JKS5MVU  NTLM hash     nt,lm

msf6 > creds -c
[-] Invalid host parameter, -c.
msf6 > creds -d
[-] Error while running command creds: There was an error deleting the credential: Couldn't find Metasploit::Credential::Core with 'id'=71

Call stack:
/home/gwillcox/git/metasploit-framework/lib/metasploit/framework/data_service/remote/http/response_data_helper.rb:60:in `json_to_mdm_object'
/home/gwillcox/git/metasploit-framework/lib/metasploit/framework/data_service/remote/http/remote_credential_data_service.rb:42:in `delete_credentials'
/home/gwillcox/git/metasploit-framework/lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb:75:in `block in delete_credentials'
/home/gwillcox/git/metasploit-framework/lib/metasploit/framework/data_service/proxy/core.rb:164:in `data_service_operation'
/home/gwillcox/git/metasploit-framework/lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb:74:in `delete_credentials'
/home/gwillcox/git/metasploit-framework/lib/msf/ui/console/command_dispatcher/creds.rb:541:in `creds_search'
/home/gwillcox/git/metasploit-framework/lib/msf/ui/console/command_dispatcher/creds.rb:111:in `cmd_creds'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:542:in `run_command'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:491:in `block in run_single'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:485:in `each'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:485:in `run_single'
/home/gwillcox/git/metasploit-framework/lib/rex/ui/text/shell.rb:157:in `run'
/home/gwillcox/git/metasploit-framework/lib/metasploit/framework/command/console.rb:48:in `start'
/home/gwillcox/git/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in `start'
./msfconsole:23:in `<main>'
msf6 > creds
Credentials
===========

host  origin  service  public  private  realm  private_type  JtR Format
----  ------  -------  ------  -------  -----  ------------  ----------

msf6 > 

Were you following a specific guide/tutorial or reading documentation?

Found whilst testing #14882.

Expected behavior

All existing creds should be deleted.

Current behavior

Creds are deleted but we get a weird stack trace. Not a great user experience 😄

Metasploit version

6.0.34-dev-37eaf7944b

[h00die]

creds -d has been broken in this way since before I re-wrote the cracker modules. I'm sure i've noted it in places. From my experience, it only seemed to happen when windows hashes were involved.

[ryanpohlner]

Reproducible with:

creds add address:172.27.145.59 port:445 protocol:tcp service-name:smb user:Administrator ntlm:aad3b435b51404eeaad3b435b51404ee:76adfdfbf4f52000a1d5eb4ce6666c99 realm:WIN-QKA9JKS5MVU jtr:nt,lm
creds add address:172.29.199.4 port:445 protocol:tcp service-name:smb user:Administrator ntlm:aad3b435b51404eeaad3b435b51404ee:76adfdfbf4f52000a1d5eb4ce6666c99 realm:WIN-QKA9JKS5MVU jtr:nt,lm

msf6 > creds
Credentials
===========

host  origin  service  public  private  realm  private_type  JtR Format
----  ------  -------  ------  -------  -----  ------------  ----------

msf6 > 
msf6 > creds add address:172.27.145.59 port:445 protocol:tcp service-name:smb user:Administrator ntlm:aad3b435b51404eeaad3b435b51404ee:76adfdfbf4f52000a1d5eb4ce6666c99 realm:WIN-QKA9JKS5MVU jtr:nt,lm
msf6 > creds add address:172.29.199.4 port:445 protocol:tcp service-name:smb user:Administrator ntlm:aad3b435b51404eeaad3b435b51404ee:76adfdfbf4f52000a1d5eb4ce6666c99 realm:WIN-QKA9JKS5MVU jtr:nt,lm
msf6 > 
msf6 > creds -d
[-] Error while running command creds: Couldn't find Metasploit::Credential::Core with 'id'=52

Call stack:
/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/activerecord-5.2.4.5/lib/active_record/core.rb:177:in `find'
/usr/share/metasploit-framework/lib/msf/core/db_manager/cred.rb:277:in `block (2 levels) in delete_credentials'
/usr/share/metasploit-framework/lib/msf/core/db_manager/cred.rb:276:in `each'
/usr/share/metasploit-framework/lib/msf/core/db_manager/cred.rb:276:in `block in delete_credentials'
/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/activerecord-5.2.4.5/lib/active_record/connection_adapters/abstract/connection_pool.rb:416:in `with_connection'
/usr/share/metasploit-framework/lib/msf/core/db_manager/cred.rb:274:in `delete_credentials'
/usr/share/metasploit-framework/lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb:75:in `block in delete_credentials'
/usr/share/metasploit-framework/lib/metasploit/framework/data_service/proxy/core.rb:164:in `data_service_operation'
/usr/share/metasploit-framework/lib/metasploit/framework/data_service/proxy/credential_data_proxy.rb:74:in `delete_credentials'
/usr/share/metasploit-framework/lib/msf/ui/console/command_dispatcher/creds.rb:541:in `creds_search'
/usr/share/metasploit-framework/lib/msf/ui/console/command_dispatcher/creds.rb:111:in `cmd_creds'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:542:in `run_command'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:491:in `block in run_single'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:485:in `each'
/usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:485:in `run_single'
/usr/share/metasploit-framework/lib/rex/ui/text/shell.rb:157:in `run'
/usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:48:in `start'
/usr/share/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in `start'
/usr/bin/msfconsole:23:in `<main>'
msf6 > 

If you change one of the NTLM hashes by one character, the issue doesn't occur.

Side note, when writing the add commands, this error was confusing:
[-] Creating a login requires a address, a port, and a protocol. Missing params: ["host", "proto", "service-name"]
host is not an add parameter, address is. proto is not an add parameter, protocol is. help creds is missing documentation on specifying these parameters.