Land #18978, Add user affordance for scanner modules that can create …

…a new session

modules/auxiliary/scanner/mssql/mssql_login.rb

@@ -56,6 +56,19 @@ def create_session?
     end
   end
 
+  def run
+    results = super
+    logins = results.flat_map { |_k, v| v[:successful_logins] }
+    sessions = results.flat_map { |_k, v| v[:successful_sessions] }
+    print_status("Bruteforce completed, #{logins.size} #{logins.size == 1 ? 'credential was' : 'credentials were'} successful.")
+    if datastore['CreateSession']
+      print_status("#{sessions.size} MSSQL #{sessions.size == 1 ? 'session was' : 'sessions were'} opened successfully.")
+    else
+      print_status('You can open an MSSQL session with these credentials and %grnCreateSession%clr set to true')
+    end
+    results
+  end
+
   def run_host(ip)
     print_status("#{rhost}:#{rport} - MSSQL - Starting authentication scanner.")
 
@@ -102,7 +115,8 @@ def run_host(ip)
         local_port: datastore['CPORT'],
         local_host: datastore['CHOST']
     )
-
+    successful_logins = []
+    successful_sessions = []
     scanner.scan! do |result|
       credential_data = result.to_h
       credential_data.merge!(
@@ -114,11 +128,12 @@ def run_host(ip)
         credential_data[:core] = credential_core
         create_credential_login(credential_data)
         print_good "#{ip}:#{rport} - Login Successful: #{result.credential}"
+        successful_logins << result
 
         if create_session?
           begin
             mssql_client = result.proof
-            session_setup(result, mssql_client)
+            successful_sessions << session_setup(result, mssql_client)
           rescue ::StandardError => e
             elog('Failed: ', error: e)
             print_error(e)
@@ -130,6 +145,7 @@ def run_host(ip)
         vprint_error "#{ip}:#{rport} - LOGIN FAILED: #{result.credential} (#{result.status}: #{result.proof})"
       end
     end
+    { successful_logins: successful_logins, successful_sessions: successful_sessions }
   end
 
   def session_setup(result, client)

modules/auxiliary/scanner/mysql/mysql_login.rb

@@ -60,6 +60,18 @@ def target
     [rhost,rport].join(":")
   end
 
+  def run
+    results = super
+    logins = results.flat_map { |_k, v| v[:successful_logins] }
+    sessions = results.flat_map { |_k, v| v[:successful_sessions] }
+    print_status("Bruteforce completed, #{logins.size} #{logins.size == 1 ? 'credential was' : 'credentials were'} successful.")
+    if datastore['CreateSession']
+      print_status("#{sessions.size} MySQL #{sessions.size == 1 ? 'session was' : 'sessions were'} opened successfully.")
+    else
+      print_status('You can open an MySQL session with these credentials and %grnCreateSession%clr set to true')
+    end
+    results
+  end
 
   def run_host(ip)
     begin
@@ -90,6 +102,8 @@ def run_host(ip)
             local_host: datastore['CHOST']
         )
 
+        successful_logins = []
+        successful_sessions = []
         scanner.scan! do |result|
           credential_data = result.to_h
           credential_data.merge!(
@@ -102,11 +116,12 @@ def run_host(ip)
             create_credential_login(credential_data)
 
             print_brute :level => :good, :ip => ip, :msg => "Success: '#{result.credential}'"
+            successful_logins << result
 
             if create_session?
               begin
                 mysql_client = result.proof
-                session_setup(result, mysql_client)
+                successful_sessions << session_setup(result, mysql_client)
               rescue ::StandardError => e
                 elog('Failed: ', error: e)
                 print_error(e)
@@ -125,6 +140,7 @@ def run_host(ip)
     rescue ::Rex::ConnectionError, ::EOFError => e
       vprint_error "#{target} - Unable to connect: #{e.to_s}"
     end
+    { successful_logins: successful_logins, successful_sessions: successful_sessions }
   end
 
   # Tmtm's rbmysql is only good for recent versions of mysql, according

modules/auxiliary/scanner/postgres/postgres_login.rb

@@ -64,6 +64,19 @@ def create_session?
     end
   end
 
+  def run
+    results = super
+    logins = results.flat_map { |_k, v| v[:successful_logins] }
+    sessions = results.flat_map { |_k, v| v[:successful_sessions] }
+    print_status("Bruteforce completed, #{logins.size} #{logins.size == 1 ? 'credential was' : 'credentials were'} successful.")
+    if datastore['CreateSession']
+      print_status("#{sessions.size} Postgres #{sessions.size == 1 ? 'session was' : 'sessions were'} opened successfully.")
+    else
+      print_status('You can open a Postgres session with these credentials and %grnCreateSession%clr set to true')
+    end
+    results
+  end
+
   # Loops through each host in turn. Note the current IP address is both
   # ip and datastore['RHOST']
   def run_host(ip)
@@ -85,7 +98,8 @@ def run_host(ip)
       framework_module: self,
       use_client_as_proof: create_session?
     )
-
+    successful_logins = []
+    successful_sessions = []
     scanner.scan! do |result|
       credential_data = result.to_h
       credential_data.merge!(
@@ -98,11 +112,12 @@ def run_host(ip)
         create_credential_login(credential_data)
 
         print_good "#{ip}:#{rport} - Login Successful: #{result.credential}"
+        successful_logins << result
 
         if create_session?
           begin
             postgresql_client = result.proof
-            session_setup(result, postgresql_client)
+            successful_sessions << session_setup(result, postgresql_client)
           rescue ::StandardError => e
             elog('Failed: ', error: e)
             print_error(e)
@@ -114,7 +129,7 @@ def run_host(ip)
         vprint_error "#{ip}:#{rport} - LOGIN FAILED: #{result.credential} (#{result.status}: #{result.proof})"
       end
     end
-
+    { successful_logins: successful_logins, successful_sessions: successful_sessions }
   end
 
   # Alias for RHOST

modules/auxiliary/scanner/smb/smb_login.rb

@@ -88,6 +88,19 @@ def create_session?
     end
   end
 
+  def run
+    results = super
+    logins = results.flat_map { |_k, v| v[:successful_logins] }
+    sessions = results.flat_map { |_k, v| v[:successful_sessions] }
+    print_status("Bruteforce completed, #{logins.size} #{logins.size == 1 ? 'credential was' : 'credentials were'} successful.")
+    if datastore['CreateSession']
+      print_status("#{sessions.size} SMB #{sessions.size == 1 ? 'session was' : 'sessions were'} opened successfully.")
+    else
+      print_status('You can open an SMB session with these credentials and %grnCreateSession%clr set to true')
+    end
+    results
+  end
+
   def run_host(ip)
     print_brute(level: :vstatus, ip: ip, msg: 'Starting SMB login bruteforce')
 
@@ -156,7 +169,8 @@ def run_host(ip)
     cred_collection = prepend_db_hashes(cred_collection)
 
     @scanner.cred_details = cred_collection
-
+    successful_logins = []
+    successful_sessions = []
     @scanner.scan! do |result|
       case result.status
       when Metasploit::Model::Login::Status::LOCKED_OUT
@@ -173,11 +187,12 @@ def run_host(ip)
         :next_user
       when Metasploit::Model::Login::Status::SUCCESSFUL
         print_brute level: :good, ip: ip, msg: "Success: '#{result.credential}' #{result.access_level}"
+        successful_logins << result
         report_creds(ip, rport, result)
         if create_session?
           begin
             smb_client = result.proof
-            session_setup(result, smb_client)
+            successful_sessions << session_setup(result, smb_client)
           rescue StandardError => e
             elog('Failed to setup the session', error: e)
             print_brute level: :error, ip: ip, msg: "Failed to setup the session - #{e.class} #{e.message}"
@@ -217,6 +232,7 @@ def run_host(ip)
         )
       end
     end
+    { successful_logins: successful_logins, successful_sessions: successful_sessions }
   end
 
   # This logic is not universal ie a local account will not care about workgroup