From 86671796b7058ef1f43a0177e2febbed81bc6fd9 Mon Sep 17 00:00:00 2001
From: William Vu <William_Vu@rapid7.com>
Date: Thu, 12 Jun 2014 13:54:52 -0500
Subject: [PATCH 1/6] Refactor autologin_password creds

---
 modules/post/osx/gather/autologin_password.rb | 31 ++++++++++++++-----
 1 file changed, 24 insertions(+), 7 deletions(-)

diff --git a/modules/post/osx/gather/autologin_password.rb b/modules/post/osx/gather/autologin_password.rb
index 25f14542f4..48710451f5 100644
--- a/modules/post/osx/gather/autologin_password.rb
+++ b/modules/post/osx/gather/autologin_password.rb
@@ -61,13 +61,30 @@ class Metasploit3 < Msf::Post
     end.join.sub(/\x00.*$/, '')
 
     # save in the database
-    report_auth_info(
-      :host   => session.session_host,
-      :sname  => 'login',
-      :user   => autouser,
-      :pass   => decoded,
-      :active => true
-    )
+    service_data = {
+      address: Rex::Socket.getaddress(session.session_host),
+      service_name: "login",
+      workspace_id: myworkspace_id
+    }
+
+    credential_data = {
+      origin_type: :session,
+      session_id: session_db_id,
+      post_reference_name: self.refname,
+      username: autouser,
+      private_data: decoded,
+      private_type: :password
+    }
+
+    credential_core = create_credential(credential_data.merge(service_data))
+
+    login_data = {
+      core: credential_core,
+      access_level: "User",
+      status: Metasploit::Credential::Login::Status::UNTRIED
+    }
+
+    create_credential_login(login_data.merge(service_data))
     print_good "Decoded autologin password: #{autouser}:#{decoded}"
   end
 

From 3a1578beadf1e3a85a6ec7b6b0a3900af78995fb Mon Sep 17 00:00:00 2001
From: William Vu <William_Vu@rapid7.com>
Date: Thu, 12 Jun 2014 18:29:46 -0500
Subject: [PATCH 2/6] Don't use getaddress with session.session_host

---
 modules/post/osx/gather/autologin_password.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/post/osx/gather/autologin_password.rb b/modules/post/osx/gather/autologin_password.rb
index 48710451f5..36790a3843 100644
--- a/modules/post/osx/gather/autologin_password.rb
+++ b/modules/post/osx/gather/autologin_password.rb
@@ -62,7 +62,7 @@ class Metasploit3 < Msf::Post
 
     # save in the database
     service_data = {
-      address: Rex::Socket.getaddress(session.session_host),
+      address: session.session_host,
       service_name: "login",
       workspace_id: myworkspace_id
     }

From 277c9d68bc25d4ab8708d8501543d93f639311e0 Mon Sep 17 00:00:00 2001
From: William Vu <William_Vu@rapid7.com>
Date: Thu, 12 Jun 2014 18:34:31 -0500
Subject: [PATCH 3/6] Remove service_name, since it doesn't make sense

---
 modules/post/osx/gather/autologin_password.rb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/modules/post/osx/gather/autologin_password.rb b/modules/post/osx/gather/autologin_password.rb
index 36790a3843..38ca482d49 100644
--- a/modules/post/osx/gather/autologin_password.rb
+++ b/modules/post/osx/gather/autologin_password.rb
@@ -63,7 +63,6 @@ class Metasploit3 < Msf::Post
     # save in the database
     service_data = {
       address: session.session_host,
-      service_name: "login",
       workspace_id: myworkspace_id
     }
 

From 72fdf6a60796ef16e9490b5c9d7c26e3b54ce99e Mon Sep 17 00:00:00 2001
From: William Vu <William_Vu@rapid7.com>
Date: Fri, 13 Jun 2014 15:45:13 -0500
Subject: [PATCH 4/6] Get rid of the rest of the service stuff

---
 modules/post/osx/gather/autologin_password.rb | 16 ++--------------
 1 file changed, 2 insertions(+), 14 deletions(-)

diff --git a/modules/post/osx/gather/autologin_password.rb b/modules/post/osx/gather/autologin_password.rb
index 38ca482d49..b82b191cbb 100644
--- a/modules/post/osx/gather/autologin_password.rb
+++ b/modules/post/osx/gather/autologin_password.rb
@@ -61,12 +61,8 @@ class Metasploit3 < Msf::Post
     end.join.sub(/\x00.*$/, '')
 
     # save in the database
-    service_data = {
-      address: session.session_host,
-      workspace_id: myworkspace_id
-    }
-
     credential_data = {
+      workspace_id: myworkspace_id
       origin_type: :session,
       session_id: session_db_id,
       post_reference_name: self.refname,
@@ -75,15 +71,7 @@ class Metasploit3 < Msf::Post
       private_type: :password
     }
 
-    credential_core = create_credential(credential_data.merge(service_data))
-
-    login_data = {
-      core: credential_core,
-      access_level: "User",
-      status: Metasploit::Credential::Login::Status::UNTRIED
-    }
-
-    create_credential_login(login_data.merge(service_data))
+    create_credential(credential_data.merge(service_data))
     print_good "Decoded autologin password: #{autouser}:#{decoded}"
   end
 

From 2f1032d617375ea7a496052740e5af957b99bddb Mon Sep 17 00:00:00 2001
From: William Vu <William_Vu@rapid7.com>
Date: Fri, 13 Jun 2014 15:48:14 -0500
Subject: [PATCH 5/6] Add a missing comma and a comment

---
 modules/post/osx/gather/autologin_password.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/modules/post/osx/gather/autologin_password.rb b/modules/post/osx/gather/autologin_password.rb
index b82b191cbb..9aefe34dc1 100644
--- a/modules/post/osx/gather/autologin_password.rb
+++ b/modules/post/osx/gather/autologin_password.rb
@@ -61,8 +61,9 @@ class Metasploit3 < Msf::Post
     end.join.sub(/\x00.*$/, '')
 
     # save in the database
+    # Don't record a Login, since we don't know what service to tie it to
     credential_data = {
-      workspace_id: myworkspace_id
+      workspace_id: myworkspace_id,
       origin_type: :session,
       session_id: session_db_id,
       post_reference_name: self.refname,

From 29f5344d2631799e0eefc20a91d7840ba12f10ad Mon Sep 17 00:00:00 2001
From: William Vu <William_Vu@rapid7.com>
Date: Mon, 16 Jun 2014 09:27:01 -0500
Subject: [PATCH 6/6] Drop merge of service_data, since it doesn't exist

---
 modules/post/osx/gather/autologin_password.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/post/osx/gather/autologin_password.rb b/modules/post/osx/gather/autologin_password.rb
index 9aefe34dc1..1136f69faa 100644
--- a/modules/post/osx/gather/autologin_password.rb
+++ b/modules/post/osx/gather/autologin_password.rb
@@ -72,7 +72,7 @@ class Metasploit3 < Msf::Post
       private_type: :password
     }
 
-    create_credential(credential_data.merge(service_data))
+    create_credential(credential_data)
     print_good "Decoded autologin password: #{autouser}:#{decoded}"
   end