Add report_host, report_service and report_vuln

Chocapikk · Oct 3, 2024 · 05c579f · 05c579f
1 parent f52cd8b
commit 05c579f
Showing 1 changed file with 26 additions and 2 deletions.
diff --git a/lib/msf/core/exploit/remote/http/wordpress/sqli.rb b/lib/msf/core/exploit/remote/http/wordpress/sqli.rb
@@ -1,5 +1,3 @@
-# -*- coding: binary -*-
-
 module Msf
   # This module provides reusable SQLi (SQL Injection) helper functions
   # for WordPress exploits in Metasploit Framework. These functions allow
@@ -154,6 +152,8 @@ def wordpress_sqli_get_users_credentials(count = 10)
           protocol: 'tcp',
           status: Metasploit::Model::Login::Status::UNTRIED
         })
+
+        print_good("{WPSQLi} Credential for user '#{user[0]}' created successfully.")
       end
 
       print_status('{WPSQLi} Dumped user data:')
@@ -170,6 +170,30 @@ def wordpress_sqli_get_users_credentials(count = 10)
 
       print_good("Loot saved to: #{loot_path}")
 
+      print_status('{WPSQLi} Reporting host...')
+      report_host(host: datastore['RHOST'])
+
+      print_status('{WPSQLi} Reporting service...')
+      report_service(
+        host: datastore['RHOST'],
+        port: datastore['RPORT'],
+        proto: 'tcp',
+        name: fullname,
+        info: description.strip
+      )
+
+      print_status('{WPSQLi} Reporting vulnerability...')
+      report_vuln(
+        host: datastore['RHOST'],
+        port: datastore['RPORT'],
+        proto: 'tcp',
+        name: fullname,
+        refs: references,
+        info: description.strip
+      )
+
+      print_good('{WPSQLi} Reporting completed successfully.')
+
       return data
     end
   end