RubyGems - metasploit-credential - Versions diffs - 0.14.3 → 0.14.4 - Mend

metasploit-credential 0.14.3 → 0.14.4

Files changed (16) hide show

checksums.yaml +4 -4
data/lib/metasploit/credential.rb +20 -0
data/lib/metasploit/credential/core_validations.rb +103 -107
data/lib/metasploit/credential/creation.rb +482 -489
data/lib/metasploit/credential/engine.rb +32 -27
data/lib/metasploit/credential/exporter.rb +1 -0
data/lib/metasploit/credential/exporter/base.rb +29 -37
data/lib/metasploit/credential/importer.rb +2 -1
data/lib/metasploit/credential/importer/base.rb +54 -61
data/lib/metasploit/credential/origin.rb +8 -0
data/lib/metasploit/credential/search.rb +8 -0
data/lib/metasploit/credential/search/operation.rb +6 -0
data/lib/metasploit/credential/search/operator.rb +6 -0
data/lib/metasploit/credential/version.rb +4 -2
data/spec/dummy/config/database.yml +11 -13
metadata +7 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3caf1e01c95c4947f2c603797a4654900e229504
-  data.tar.gz: 2de5cef5ee46f4de3ad2f2f0f7a43721141109f8
+  metadata.gz: fbe2434217b52c3bac09f0768a85e6b18fd12b8e
+  data.tar.gz: 29a368a665d73fc777b043f87fcfb8743a18792e
 SHA512:
-  metadata.gz: dc65764ac31197bf9bf972ecf67366d95862806a5e812b27dec64b5d083fdd4538f262a5a70f0386be8159aa9a2467bdf1db6761bf15ad0758f1b4b83220f746
-  data.tar.gz: c56fdbf1b7c4536195effa385260f59cbf5a1f4e8e59e32e17e0c05ae1f1865afd91ca3ec7909ec676af28de3fc6b84b0539f61630f637b7e7714853398e8ac9
+  metadata.gz: 7cf0f29712e070a36008dd3080eb2dcccb496cd0dfd63977d096615a09575d01f4da8fa6039efbe955aa93b5248e0090cc03e0405648c6abfbceb65c68236151
+  data.tar.gz: 4335440dec2ea65b8be23d68019f50a7900cf33562cdfd01be166958f1c5de437738be0d4f8d2aade5b65fda436e013a040976db45aa79ef7eced976f12979ba

data/lib/metasploit/credential.rb CHANGED Viewed

@@ -16,6 +16,8 @@ require 'zip'
 # Project
 #
+autoload :NonNilValidator, 'non_nil_validator'
 # Shared namespace for metasploit gems; used in {https://github.com/rapid7/metasploit-credential metasploit-credential},
 # {https://github.com/rapid7/metasploit-framework metasploit-framework}, and
 # {https://github.com/rapid7/metasploit-model metasploit-model}
@@ -24,13 +26,31 @@ module Metasploit
   module Credential
     extend ActiveSupport::Autoload
+    autoload :BlankPassword
+    autoload :BlankUsername
+    autoload :Core
+    autoload :CoreValidations
     autoload :Creation
+    autoload :Engine
     autoload :EntityRelationshipDiagram
     autoload :Exporter
     autoload :Importer
+    autoload :Login
     autoload :Migrator
+    autoload :NonreplayableHash
+    autoload :NTLMHash
     autoload :Origin
+    autoload :Password
+    autoload :PasswordHash
+    autoload :PostgresMD5
+    autoload :Private
+    autoload :Public
+    autoload :Realm
+    autoload :ReplayableHash
+    autoload :Search
+    autoload :SSHKey
     autoload :Text
+    autoload :Username
     # The prefix for all `ActiveRecord::Base#table_name`s for `ActiveRecord::Base` subclasses under this namespace.
     #

data/lib/metasploit/credential/core_validations.rb CHANGED Viewed

@@ -1,119 +1,115 @@
-module Metasploit
-  module Credential
-    # This mixin is intended to provide all of the common validations sued by {Metasploit::Credential::Core} and
-    # anything that mimics it's behaviour by tying together {Metasploit::Credential::Public}, {Metasploit::Credential::Private},
-    # and {Metasploit::Credential::Realm} objects.
-    module CoreValidations
-      extend ActiveSupport::Concern
+# This mixin is intended to provide all of the common validations sued by {Metasploit::Credential::Core} and anything
+# that mimics it's behaviour by tying together {Metasploit::Credential::Public}, {Metasploit::Credential::Private},
+# and {Metasploit::Credential::Realm} objects.
+module Metasploit::Credential::CoreValidations
+  extend ActiveSupport::Concern
-      included do
+  included do
-        validate :minimum_presence
-        validate :public_for_ssh_key
+    validate :minimum_presence
+    validate :public_for_ssh_key
-        #
-        # Attribute Validations
-        #
+    #
+    # Attribute Validations
+    #
-        # replicates 'unique_private_metasploit_credential_cores' index
-        validates :private_id,
-                  uniqueness: {
-                      message: 'is already taken for credential cores with only a private credential',
-                      scope: [
-                                   :workspace_id,
-                                   # realm_id and public_id need to be included in scope so validator uses IS NULL.
-                                   :realm_id,
-                                   :public_id
-                               ]
-                  },
-                  if: '!realm.present? && !public.present? && private.present?'
-        # replicates 'unique_public_metasploit_credential_cores' index
-        validates :public_id,
-                  uniqueness: {
-                      message: 'is already taken for credential cores with only a public credential',
-                      scope: [
-                                   :workspace_id,
-                                   # realm_id and private_id need to be included in scope so validator uses IS NULL.
-                                   :realm_id,
-                                   :private_id
-                               ]
-                  },
-                  if: '!realm.present? && public.present? && !private.present?'
-        # replicates 'unique_realmless_metasploit_credential_cores' index
-        validates :private_id,
-                  uniqueness: {
-                      message: 'is already taken for credential cores without a credential realm',
-                      scope: [
-                                   :workspace_id,
-                                   # realm_id needs to be included in scope so validator uses IS NULL.
-                                   :realm_id,
-                                   :public_id
-                               ]
-                  },
-                  if: '!realm.present? && public.present? && private.present?'
-        # replicates 'unique_publicless_metasploit_credential_cores' index
-        validates :private_id,
-                  uniqueness: {
-                      message: 'is already taken for credential cores without a public credential',
-                      scope: [
-                                   :workspace_id,
-                                   :realm_id,
-                                   # public_id needs to be included in scope so validator uses IS NULL.
-                                   :public_id
-                               ]
-                  },
-                  if: 'realm.present? && !public.present? && private.present?'
-        # replicates 'unique_privateless_metasploit_credential_cores' index
-        validates :public_id,
-                  uniqueness: {
-                      message: 'is already taken for credential cores without a private credential',
-                      scope: [
-                                   :workspace_id,
-                                   :realm_id,
-                                   # private_id needs to be included in scope so validator uses IS NULL.
-                                   :private_id
-                               ]
-                  },
-                  if: 'realm.present? && public.present? && !private.present?'
-        # replicates 'unique_complete_metasploit_credential_cores' index
-        validates :private_id,
-                  uniqueness: {
-                      message: 'is already taken for complete credential cores',
-                      scope: [
-                                   :workspace_id,
-                                   :realm_id,
-                                   :public_id
-                               ]
-                  },
-                  if: 'realm.present? && public.present? && private.present?'
-        validates :workspace,
-                  presence: true
+    # replicates 'unique_private_metasploit_credential_cores' index
+    validates :private_id,
+              uniqueness: {
+                  message: 'is already taken for credential cores with only a private credential',
+                  scope: [
+                      :workspace_id,
+                      # realm_id and public_id need to be included in scope so validator uses IS NULL.
+                      :realm_id,
+                      :public_id
+                  ]
+              },
+              if: '!realm.present? && !public.present? && private.present?'
+    # replicates 'unique_public_metasploit_credential_cores' index
+    validates :public_id,
+              uniqueness: {
+                  message: 'is already taken for credential cores with only a public credential',
+                  scope: [
+                      :workspace_id,
+                      # realm_id and private_id need to be included in scope so validator uses IS NULL.
+                      :realm_id,
+                      :private_id
+                  ]
+              },
+              if: '!realm.present? && public.present? && !private.present?'
+    # replicates 'unique_realmless_metasploit_credential_cores' index
+    validates :private_id,
+              uniqueness: {
+                  message: 'is already taken for credential cores without a credential realm',
+                  scope: [
+                      :workspace_id,
+                      # realm_id needs to be included in scope so validator uses IS NULL.
+                      :realm_id,
+                      :public_id
+                  ]
+              },
+              if: '!realm.present? && public.present? && private.present?'
+    # replicates 'unique_publicless_metasploit_credential_cores' index
+    validates :private_id,
+              uniqueness: {
+                  message: 'is already taken for credential cores without a public credential',
+                  scope: [
+                      :workspace_id,
+                      :realm_id,
+                      # public_id needs to be included in scope so validator uses IS NULL.
+                      :public_id
+                  ]
+              },
+              if: 'realm.present? && !public.present? && private.present?'
+    # replicates 'unique_privateless_metasploit_credential_cores' index
+    validates :public_id,
+              uniqueness: {
+                  message: 'is already taken for credential cores without a private credential',
+                  scope: [
+                      :workspace_id,
+                      :realm_id,
+                      # private_id needs to be included in scope so validator uses IS NULL.
+                      :private_id
+                  ]
+              },
+              if: 'realm.present? && public.present? && !private.present?'
+    # replicates 'unique_complete_metasploit_credential_cores' index
+    validates :private_id,
+              uniqueness: {
+                  message: 'is already taken for complete credential cores',
+                  scope: [
+                      :workspace_id,
+                      :realm_id,
+                      :public_id
+                  ]
+              },
+              if: 'realm.present? && public.present? && private.present?'
+    validates :workspace,
+              presence: true
-        private
+    private
-        # Validates that at least one of {#private}, {#public}, or {#realm} is present.
-        #
-        # @return [void]
-        def minimum_presence
-          any_present = [:private, :public, :realm].any? { |attribute|
-            send(attribute).present?
-          }
-          unless any_present
-            errors.add(:base, :minimum_presence)
-          end
-        end
-        # Validates that a Core's Private of type {Metasploit::Credential::SSHKey} has a {Metasploit::Credential::Public}
-        def public_for_ssh_key
-          if private.present? && private.type == Metasploit::Credential::SSHKey.name
-            errors.add(:base, :public_for_ssh_key) unless public.present?
-          end
-        end
+    # Validates that at least one of {#private}, {#public}, or {#realm} is present.
+    #
+    # @return [void]
+    def minimum_presence
+      any_present = [:private, :public, :realm].any? { |attribute|
+        send(attribute).present?
+      }
+      unless any_present
+        errors.add(:base, :minimum_presence)
+      end
+    end
+    # Validates that a Core's Private of type {Metasploit::Credential::SSHKey} has a {Metasploit::Credential::Public}
+    def public_for_ssh_key
+      if private.present? && private.type == Metasploit::Credential::SSHKey.name
+        errors.add(:base, :public_for_ssh_key) unless public.present?
       end
     end
   end
-end
+end

data/lib/metasploit/credential/creation.rb CHANGED Viewed

@@ -1,549 +1,542 @@
 # Implements a set of "convenience methods" for creating credentials and related portions of the object graph.  Creates
 # {Metasploit::Credential::Core} objects and their attendant relationships as well as {Metasploit::Credential::Login}
 # objects and their attendant {Mdm::Host} and {Mdm::Service} objects.
-module Metasploit
-  module Credential
-    # Helper methods for finding or creating a tree of credentials.  The method ensure that duplicate credentials are
-    # not created.
-    module Creation
-      # Returns true if ActiveRecord has an active database connection, false otherwise.
-      # @return [Boolean]
-      def active_db?
-        ActiveRecord::Base.connected?
-      end
+module Metasploit::Credential::Creation
-      # This method takes a few simple parameters and creates a new username/password
-      # credential that was obtained by cracking a hash. It reuses the relevant
-      # components form the originating {Metasploit::Credential::Core} and builds new
-      # {Metasploit::Credential::Login} objects based on the ones attached to the originating
-      # {Metasploit::Credential::Core}
-      #
-      # @option opts [String] :username the username to find or create the {Metasploit::Credential::Public} from
-      # @option opts [String] :password the password to find or create the {Metasploit::Credential::Password} from
-      # @option opts [Fixnum] :core_id the id for the originating {Metasploit::Credential::Core}
-      def create_cracked_credential(opts={})
-        return nil unless active_db?
-        if self.respond_to?(:[]) and self[:task]
-          opts[:task_id] ||= self[:task].record.id
-        end
+  # Returns true if ActiveRecord has an active database connection, false otherwise.
+  # @return [Boolean]
+  def active_db?
+    ActiveRecord::Base.connected?
+  end
-        username = opts.fetch(:username)
-        password = opts.fetch(:password)
-        core_id  = opts.fetch(:core_id)
+  # This method takes a few simple parameters and creates a new username/password
+  # credential that was obtained by cracking a hash. It reuses the relevant
+  # components form the originating {Metasploit::Credential::Core} and builds new
+  # {Metasploit::Credential::Login} objects based on the ones attached to the originating
+  # {Metasploit::Credential::Core}
+  #
+  # @option opts [String] :username the username to find or create the {Metasploit::Credential::Public} from
+  # @option opts [String] :password the password to find or create the {Metasploit::Credential::Password} from
+  # @option opts [Fixnum] :core_id the id for the originating {Metasploit::Credential::Core}
+  def create_cracked_credential(opts={})
+    return nil unless active_db?
+    if self.respond_to?(:[]) and self[:task]
+      opts[:task_id] ||= self[:task].record.id
+    end
-        private  = nil
-        public   = nil
-        old_core = nil
-        old_realm_id = nil
+    username = opts.fetch(:username)
+    password = opts.fetch(:password)
+    core_id  = opts.fetch(:core_id)
-        retry_transaction do
-          private  = Metasploit::Credential::Password.where(data: password).first_or_create!
-          public   = Metasploit::Credential::Public.where(username: username).first_or_create!
-          old_core = Metasploit::Credential::Core.find(core_id)
-          old_realm_id = old_core.realm.id if old_core.realm
-        end
+    private  = nil
+    public   = nil
+    old_core = nil
+    old_realm_id = nil
-        core = nil
+    retry_transaction do
+      private  = Metasploit::Credential::Password.where(data: password).first_or_create!
+      public   = Metasploit::Credential::Public.where(username: username).first_or_create!
+      old_core = Metasploit::Credential::Core.find(core_id)
+      old_realm_id = old_core.realm.id if old_core.realm
+    end
-        retry_transaction do
-          core = Metasploit::Credential::Core.where(public_id: public.id, private_id: private.id, realm_id: old_realm_id, workspace_id: old_core.workspace_id).first_or_initialize
-          if core.origin_id.nil?
-            origin      = Metasploit::Credential::Origin::CrackedPassword.where(metasploit_credential_core_id: core_id).first_or_create!
-            core.origin = origin
-          end
-          if opts[:task_id]
-            core.tasks << Mdm::Task.find(opts[:task_id])
-          end
-          core.save!
-        end
+    core = nil
-        old_core.logins.each do |login|
-          service_id = login.service_id
-          new_login = Metasploit::Credential::Login.where(core_id: core.id, service_id: service_id).first_or_initialize
-          if new_login.status.blank?
-            new_login.status =  Metasploit::Model::Login::Status::UNTRIED
-          end
-          new_login.save!
-        end
-        core
+    retry_transaction do
+      core = Metasploit::Credential::Core.where(public_id: public.id, private_id: private.id, realm_id: old_realm_id, workspace_id: old_core.workspace_id).first_or_initialize
+      if core.origin_id.nil?
+        origin      = Metasploit::Credential::Origin::CrackedPassword.where(metasploit_credential_core_id: core_id).first_or_create!
+        core.origin = origin
+      end
+      if opts[:task_id]
+        core.tasks << Mdm::Task.find(opts[:task_id])
       end
+      core.save!
+    end
+    old_core.logins.each do |login|
+      service_id = login.service_id
+      new_login = Metasploit::Credential::Login.where(core_id: core.id, service_id: service_id).first_or_initialize
+      if new_login.status.blank?
+        new_login.status =  Metasploit::Model::Login::Status::UNTRIED
+      end
+      new_login.save!
+    end
+    core
+  end
-      # This method is responsible for creation {Metasploit::Credential::Core} objects
-      # and all sub-objects that it is dependent upon.
-      #
-      # @option opts [String] :jtr_format The format for John the ripper to use to try and crack this
-      # @option opts [Symbol] :origin_type The Origin type we are trying to create
-      # @option opts [String] :address The address of the `Mdm::Host` to link this Origin to
-      # @option opts [Fixnum] :port The port number of the `Mdm::Service` to link this Origin to
-      # @option opts [String] :service_name The service name to use for the `Mdm::Service`
-      # @option opts [String] :protocol The protocol type of the `Mdm::Service` to link this Origin to
-      # @option opts [String] :module_fullname The fullname of the Metasploit Module to link this Origin to
-      # @option opts [Fixnum] :workspace_id The ID of the `Mdm::Workspace` to use for the `Mdm::Host`
-      # @option opts [Fixnum] :task_id The ID of the `Mdm::Task` to link this Origin and Core to
-      # @option opts [String] :filename The filename of the file that was imported
-      # @option opts [Fixnum] :user_id The ID of the `Mdm::User` to link this Origin to
-      # @option opts [Fixnum] :session_id The ID of the `Mdm::Session` to link this Origin to
-      # @option opts [String] :post_reference_name The reference name of the Metasploit Post module to link the origin to
-      # @option opts [String] :private_data The actual data for the private (e.g. password, hash, key etc)
-      # @option opts [Symbol] :private_type The type of {Metasploit::Credential::Private} to create
-      # @option opts [String] :username The username to use for the {Metasploit::Credential::Public}
-      # @raise [KeyError] if a required option is missing
-      # @raise [ArgumentError] if an invalid :private_type is specified
-      # @raise [ArgumentError] if an invalid :origin_type is specified
-      # @return [NilClass] if there is no active database connection
-      # @return [Metasploit::Credential::Core]
-      # @example Reporting a Bruteforced Credential
-      #     create_credential(
-      #       origin_type: :service,
-      #       address: '192.168.1.100',
-      #       port: 445,
-      #       service_name: 'smb',
-      #       protocol: 'tcp',
-      #       module_fullname: 'auxiliary/scanner/smb/smb_login',
-      #       workspace_id: myworkspace.id,
-      #       private_data: 'password1',
-      #       private_type: :password,
-      #       username: 'Administrator'
-      #     )
-      def create_credential(opts={})
-        return nil unless active_db?
-        if self.respond_to?(:[]) and self[:task]
-          opts[:task_id] ||= self[:task].record.id
-        end
-        if opts[:origin]
-          origin = opts[:origin]
-        else
-          origin = create_credential_origin(opts)
-        end
+  # This method is responsible for creation {Metasploit::Credential::Core} objects
+  # and all sub-objects that it is dependent upon.
+  #
+  # @option opts [String] :jtr_format The format for John the ripper to use to try and crack this
+  # @option opts [Symbol] :origin_type The Origin type we are trying to create
+  # @option opts [String] :address The address of the `Mdm::Host` to link this Origin to
+  # @option opts [Fixnum] :port The port number of the `Mdm::Service` to link this Origin to
+  # @option opts [String] :service_name The service name to use for the `Mdm::Service`
+  # @option opts [String] :protocol The protocol type of the `Mdm::Service` to link this Origin to
+  # @option opts [String] :module_fullname The fullname of the Metasploit Module to link this Origin to
+  # @option opts [Fixnum] :workspace_id The ID of the `Mdm::Workspace` to use for the `Mdm::Host`
+  # @option opts [Fixnum] :task_id The ID of the `Mdm::Task` to link this Origin and Core to
+  # @option opts [String] :filename The filename of the file that was imported
+  # @option opts [Fixnum] :user_id The ID of the `Mdm::User` to link this Origin to
+  # @option opts [Fixnum] :session_id The ID of the `Mdm::Session` to link this Origin to
+  # @option opts [String] :post_reference_name The reference name of the Metasploit Post module to link the origin to
+  # @option opts [String] :private_data The actual data for the private (e.g. password, hash, key etc)
+  # @option opts [Symbol] :private_type The type of {Metasploit::Credential::Private} to create
+  # @option opts [String] :username The username to use for the {Metasploit::Credential::Public}
+  # @raise [KeyError] if a required option is missing
+  # @raise [ArgumentError] if an invalid :private_type is specified
+  # @raise [ArgumentError] if an invalid :origin_type is specified
+  # @return [NilClass] if there is no active database connection
+  # @return [Metasploit::Credential::Core]
+  # @example Reporting a Bruteforced Credential
+  #     create_credential(
+  #       origin_type: :service,
+  #       address: '192.168.1.100',
+  #       port: 445,
+  #       service_name: 'smb',
+  #       protocol: 'tcp',
+  #       module_fullname: 'auxiliary/scanner/smb/smb_login',
+  #       workspace_id: myworkspace.id,
+  #       private_data: 'password1',
+  #       private_type: :password,
+  #       username: 'Administrator'
+  #     )
+  def create_credential(opts={})
+    return nil unless active_db?
+    if self.respond_to?(:[]) and self[:task]
+      opts[:task_id] ||= self[:task].record.id
+    end
-        core_opts = {
-            origin: origin,
-            workspace_id: opts.fetch(:workspace_id)
-        }
+    if opts[:origin]
+      origin = opts[:origin]
+    else
+      origin = create_credential_origin(opts)
+    end
-        if opts.has_key?(:realm_key) && opts.has_key?(:realm_value)
-          core_opts[:realm] = create_credential_realm(opts)
-        end
+    core_opts = {
+        origin: origin,
+        workspace_id: opts.fetch(:workspace_id)
+    }
-        if opts.has_key?(:private_type) && opts.has_key?(:private_data)
-          core_opts[:private] = create_credential_private(opts)
-        end
+    if opts.has_key?(:realm_key) && opts.has_key?(:realm_value)
+      core_opts[:realm] = create_credential_realm(opts)
+    end
-        if opts.has_key?(:username)
-          core_opts[:public] = create_credential_public(opts)
-        end
+    if opts.has_key?(:private_type) && opts.has_key?(:private_data)
+      core_opts[:private] = create_credential_private(opts)
+    end
-        if opts.has_key?(:task_id)
-          core_opts[:task_id] = opts[:task_id]
-        end
+    if opts.has_key?(:username)
+      core_opts[:public] = create_credential_public(opts)
+    end
-        create_credential_core(core_opts)
-      end
+    if opts.has_key?(:task_id)
+      core_opts[:task_id] = opts[:task_id]
+    end
-      # This method is responsible for creating {Metasploit::Credential::Core} objects.
-      #
-      # @option opts [Metasploit::Credential::Origin] :origin The origin object to tie the core to
-      # @option opts [Metasploit::Credential::Public] :public The {Metasploit::Credential::Public} component
-      # @option opts [Metasploit::Credential::Private] :private The {Metasploit::Credential::Private} component
-      # @option opts [Metasploit::Credential::Realm] :realm The {Metasploit::Credential::Realm} component
-      # @option opts [Fixnum] :workspace_id The ID of the `Mdm::Workspace` to tie the Core to
-      # @option opts [Fixnum] :task_id The ID of the `Mdm::Task` to link this Core to
-      # @return [NilClass] if there is no active database connection
-      # @return [Metasploit::Credential::Core]
-      def create_credential_core(opts={})
-        return nil unless active_db?
-        if self.respond_to?(:[]) and self[:task]
-          opts[:task_id] ||= self[:task].record.id
-        end
+    create_credential_core(core_opts)
+  end
-        origin       = opts.fetch(:origin)
-        workspace_id = opts.fetch(:workspace_id)
+  # This method is responsible for creating {Metasploit::Credential::Core} objects.
+  #
+  # @option opts [Metasploit::Credential::Origin] :origin The origin object to tie the core to
+  # @option opts [Metasploit::Credential::Public] :public The {Metasploit::Credential::Public} component
+  # @option opts [Metasploit::Credential::Private] :private The {Metasploit::Credential::Private} component
+  # @option opts [Metasploit::Credential::Realm] :realm The {Metasploit::Credential::Realm} component
+  # @option opts [Fixnum] :workspace_id The ID of the `Mdm::Workspace` to tie the Core to
+  # @option opts [Fixnum] :task_id The ID of the `Mdm::Task` to link this Core to
+  # @return [NilClass] if there is no active database connection
+  # @return [Metasploit::Credential::Core]
+  def create_credential_core(opts={})
+    return nil unless active_db?
+    if self.respond_to?(:[]) and self[:task]
+      opts[:task_id] ||= self[:task].record.id
+    end
-        private_id   = opts[:private].try(:id)
-        public_id    = opts[:public].try(:id)
-        realm_id     = opts[:realm].try(:id)
+    origin       = opts.fetch(:origin)
+    workspace_id = opts.fetch(:workspace_id)
-        core = nil
-        retry_transaction do
-          core = Metasploit::Credential::Core.where(private_id: private_id, public_id: public_id, realm_id: realm_id, workspace_id: workspace_id).first_or_initialize
-          if core.origin_id.nil?
-            core.origin = origin
-          end
-          if opts[:task_id]
-            core.tasks << Mdm::Task.find(opts[:task_id])
-          end
-          core.save!
-        end
+    private_id   = opts[:private].try(:id)
+    public_id    = opts[:public].try(:id)
+    realm_id     = opts[:realm].try(:id)
-        core
+    core = nil
+    retry_transaction do
+      core = Metasploit::Credential::Core.where(private_id: private_id, public_id: public_id, realm_id: realm_id, workspace_id: workspace_id).first_or_initialize
+      if core.origin_id.nil?
+        core.origin = origin
       end
+      if opts[:task_id]
+        core.tasks << Mdm::Task.find(opts[:task_id])
+      end
+      core.save!
+    end
-      # This method is responsible for creating a {Metasploit::Credential::Login} object
-      # which ties a {Metasploit::Credential::Core} to the `Mdm::Service` it is a valid
-      # credential for.
-      #
-      # @option opts [String] :access_level The access level to assign to this login if we know it
-      # @option opts [String] :address The address of the `Mdm::Host` to link this Login to
-      # @option opts [DateTime] :last_attempted_at The last time this Login was attempted
-      # @option opts [Metasploit::Credential::Core] :core The {Metasploit::Credential::Core} to link this login to
-      # @option opts [Fixnum] :port The port number of the `Mdm::Service` to link this Login to
-      # @option opts [String] :service_name The service name to use for the `Mdm::Service`
-      # @option opts [String] :status The status for the Login object
-      # @option opts [String] :protocol The protocol type of the `Mdm::Service` to link this Login to
-      # @option opts [Fixnum] :workspace_id The ID of the `Mdm::Workspace` to use for the `Mdm::Host`
-      # @option opts [Fixnum] :task_id The ID of the `Mdm::Task` to link this Login to
-      # @raise [KeyError] if a required option is missing
-      # @return [NilClass] if there is no active database connection
-      # @return [Metasploit::Credential::Login]
-      def create_credential_login(opts={})
-        return nil unless active_db?
-        if self.respond_to?(:[]) and self[:task]
-          opts[:task_id] ||= self[:task].record.id
-        end
+    core
+  end
-        core               = opts.fetch(:core)
-        access_level       = opts.fetch(:access_level, nil)
-        last_attempted_at  = opts.fetch(:last_attempted_at, nil)
-        status             = opts.fetch(:status, Metasploit::Model::Login::Status::UNTRIED)
+  # This method is responsible for creating a {Metasploit::Credential::Login} object
+  # which ties a {Metasploit::Credential::Core} to the `Mdm::Service` it is a valid
+  # credential for.
+  #
+  # @option opts [String] :access_level The access level to assign to this login if we know it
+  # @option opts [String] :address The address of the `Mdm::Host` to link this Login to
+  # @option opts [DateTime] :last_attempted_at The last time this Login was attempted
+  # @option opts [Metasploit::Credential::Core] :core The {Metasploit::Credential::Core} to link this login to
+  # @option opts [Fixnum] :port The port number of the `Mdm::Service` to link this Login to
+  # @option opts [String] :service_name The service name to use for the `Mdm::Service`
+  # @option opts [String] :status The status for the Login object
+  # @option opts [String] :protocol The protocol type of the `Mdm::Service` to link this Login to
+  # @option opts [Fixnum] :workspace_id The ID of the `Mdm::Workspace` to use for the `Mdm::Host`
+  # @option opts [Fixnum] :task_id The ID of the `Mdm::Task` to link this Login to
+  # @raise [KeyError] if a required option is missing
+  # @return [NilClass] if there is no active database connection
+  # @return [Metasploit::Credential::Login]
+  def create_credential_login(opts={})
+    return nil unless active_db?
+    if self.respond_to?(:[]) and self[:task]
+      opts[:task_id] ||= self[:task].record.id
+    end
-        login_object = nil
-        retry_transaction do
-          service_object = create_credential_service(opts)
-          login_object = Metasploit::Credential::Login.where(core_id: core.id, service_id: service_object.id).first_or_initialize
+    core               = opts.fetch(:core)
+    access_level       = opts.fetch(:access_level, nil)
+    last_attempted_at  = opts.fetch(:last_attempted_at, nil)
+    status             = opts.fetch(:status, Metasploit::Model::Login::Status::UNTRIED)
-          if opts[:task_id]
-            login_object.tasks << Mdm::Task.find(opts[:task_id])
-          end
+    login_object = nil
+    retry_transaction do
+      service_object = create_credential_service(opts)
+      login_object = Metasploit::Credential::Login.where(core_id: core.id, service_id: service_object.id).first_or_initialize
-          login_object.access_level      = access_level if access_level
-          login_object.last_attempted_at = last_attempted_at if last_attempted_at
-          if status == Metasploit::Model::Login::Status::UNTRIED
-            if login_object.last_attempted_at.nil?
-              login_object.status = status
-            end
-          else
-            login_object.status = status
-          end
-          login_object.save!
-        end
-        login_object
+      if opts[:task_id]
+        login_object.tasks << Mdm::Task.find(opts[:task_id])
       end
-      # This method is responsible for creating the various Credential::Origin objects.
-      # It takes a key for the Origin type and delegates to the correct sub-method.
-      #
-      # @option opts [Symbol] :origin_type The Origin type we are trying to create
-      # @option opts [String] :address The address of the `Mdm::Host` to link this Origin to
-      # @option opts [Fixnum] :port The port number of the `Mdm::Service` to link this Origin to
-      # @option opts [String] :service_name The service name to use for the `Mdm::Service`
-      # @option opts [String] :protocol The protocol type of the `Mdm::Service` to link this Origin to
-      # @option opts [String] :module_fullname The fullname of the Metasploit Module to link this Origin to
-      # @option opts [Fixnum] :workspace_id The ID of the `Mdm::Workspace` to use for the `Mdm::Host`
-      # @option opts [Fixnum] :task_id The ID of the `Mdm::Task` to link this Origin to
-      # @option opts [String] :filename The filename of the file that was imported
-      # @option opts [Fixnum] :user_id The ID of the `Mdm::User` to link this Origin to
-      # @option opts [Fixnum] :session_id The ID of the `Mdm::Session` to link this Origin to
-      # @option opts [String] :post_reference_name The reference name of the Metasploit Post module to link the origin to
-      # @raise [ArgumentError] if an invalid origin_type was provided
-      # @raise [KeyError] if a required option is missing
-      # @return [NilClass] if there is no connected database
-      # @return [Metasploit::Credential::Origin::Manual] if :origin_type was :manual
-      # @return [Metasploit::Credential::Origin::Import] if :origin_type was :import
-      # @return [Metasploit::Credential::Origin::Service] if :origin_type was :service
-      # @return [Metasploit::Credential::Origin::Session] if :origin_type was :session
-      def create_credential_origin(opts={})
-        return nil unless active_db?
-        case opts[:origin_type]
-          when :cracked_password
-            create_credential_origin_cracked_password(opts)
-          when :import
-            create_credential_origin_import(opts)
-          when :manual
-            create_credential_origin_manual(opts)
-          when :service
-            create_credential_origin_service(opts)
-          when :session
-            create_credential_origin_session(opts)
-          else
-            raise ArgumentError, "Unknown Origin Type #{opts[:origin_type]}"
+      login_object.access_level      = access_level if access_level
+      login_object.last_attempted_at = last_attempted_at if last_attempted_at
+      if status == Metasploit::Model::Login::Status::UNTRIED
+        if login_object.last_attempted_at.nil?
+          login_object.status = status
         end
+      else
+        login_object.status = status
       end
+      login_object.save!
+    end
-      # This method is responsible for creating {Metasploit::Credential::Origin::CrackedPassword} objects.
-      # These are the origins that show that a password Credential was obtained by cracking a hash Credential
-      # that previously existed in the database.
-      #
-      # @option opts [Fixnum] :originating_core_id The ID of the originating Credential core.
-      # @return [NilClass] if there is no connected database
-      # @return [Metasploit::Credential::Origin::CrackedPassword] The created {Metasploit::Credential::Origin::CrackedPassword} object
-      def create_credential_origin_cracked_password(opts={})
-        return nil unless active_db?
-        originating_core_id = opts.fetch(:originating_core_id)
-        retry_transaction do
-          Metasploit::Credential::Origin::CrackedPassword.where(metasploit_credential_core_id: originating_core_id ).first_or_create!
-        end
-      end
+    login_object
+  end
-      # This method is responsible for creating {Metasploit::Credential::Origin::Import} objects.
-      #
-      # @option opts [String] :filename The filename of the file that was imported
-      # @raise [KeyError] if a required option is missing
-      # @return [NilClass] if there is no connected database
-      # @return [Metasploit::Credential::Origin::Manual] The created {Metasploit::Credential::Origin::Import} object
-      def create_credential_origin_import(opts={})
-        return nil unless active_db?
-        filename = opts.fetch(:filename)
-        retry_transaction do
-          Metasploit::Credential::Origin::Import.where(filename: filename).first_or_create!
-        end
-      end
+  # This method is responsible for creating the various Credential::Origin objects.
+  # It takes a key for the Origin type and delegates to the correct sub-method.
+  #
+  # @option opts [Symbol] :origin_type The Origin type we are trying to create
+  # @option opts [String] :address The address of the `Mdm::Host` to link this Origin to
+  # @option opts [Fixnum] :port The port number of the `Mdm::Service` to link this Origin to
+  # @option opts [String] :service_name The service name to use for the `Mdm::Service`
+  # @option opts [String] :protocol The protocol type of the `Mdm::Service` to link this Origin to
+  # @option opts [String] :module_fullname The fullname of the Metasploit Module to link this Origin to
+  # @option opts [Fixnum] :workspace_id The ID of the `Mdm::Workspace` to use for the `Mdm::Host`
+  # @option opts [Fixnum] :task_id The ID of the `Mdm::Task` to link this Origin to
+  # @option opts [String] :filename The filename of the file that was imported
+  # @option opts [Fixnum] :user_id The ID of the `Mdm::User` to link this Origin to
+  # @option opts [Fixnum] :session_id The ID of the `Mdm::Session` to link this Origin to
+  # @option opts [String] :post_reference_name The reference name of the Metasploit Post module to link the origin to
+  # @raise [ArgumentError] if an invalid origin_type was provided
+  # @raise [KeyError] if a required option is missing
+  # @return [NilClass] if there is no connected database
+  # @return [Metasploit::Credential::Origin::Manual] if :origin_type was :manual
+  # @return [Metasploit::Credential::Origin::Import] if :origin_type was :import
+  # @return [Metasploit::Credential::Origin::Service] if :origin_type was :service
+  # @return [Metasploit::Credential::Origin::Session] if :origin_type was :session
+  def create_credential_origin(opts={})
+    return nil unless active_db?
+    case opts[:origin_type]
+    when :cracked_password
+      create_credential_origin_cracked_password(opts)
+    when :import
+      create_credential_origin_import(opts)
+    when :manual
+      create_credential_origin_manual(opts)
+    when :service
+      create_credential_origin_service(opts)
+    when :session
+      create_credential_origin_session(opts)
+    else
+      raise ArgumentError, "Unknown Origin Type #{opts[:origin_type]}"
+    end
+  end
-      # This method is responsible for creating {Metasploit::Credential::Origin::Manual} objects.
-      #
-      # @option opts [Fixnum] :user_id The ID of the `Mdm::User` to link this Origin to
-      # @raise [KeyError] if a required option is missing
-      # @return [NilClass] if there is no connected database
-      # @return [Metasploit::Credential::Origin::Manual] The created {Metasploit::Credential::Origin::Manual} object
-      def create_credential_origin_manual(opts={})
-        return nil unless active_db?
-        user_id = opts.fetch(:user_id)
-        retry_transaction do
-          Metasploit::Credential::Origin::Manual.where(user_id: user_id).first_or_create!
-        end
-      end
+  # This method is responsible for creating {Metasploit::Credential::Origin::CrackedPassword} objects.
+  # These are the origins that show that a password Credential was obtained by cracking a hash Credential
+  # that previously existed in the database.
+  #
+  # @option opts [Fixnum] :originating_core_id The ID of the originating Credential core.
+  # @return [NilClass] if there is no connected database
+  # @return [Metasploit::Credential::Origin::CrackedPassword] The created {Metasploit::Credential::Origin::CrackedPassword} object
+  def create_credential_origin_cracked_password(opts={})
+    return nil unless active_db?
+    originating_core_id = opts.fetch(:originating_core_id)
+    retry_transaction do
+      Metasploit::Credential::Origin::CrackedPassword.where(metasploit_credential_core_id: originating_core_id ).first_or_create!
+    end
+  end
-      # This method is responsible for creating {Metasploit::Credential::Origin::Service} objects.
-      # If there is not a matching `Mdm::Host` it will create it. If there is not a matching
-      # `Mdm::Service` it will create that too.
-      #
-      # @option opts [String] :address The address of the `Mdm::Host` to link this Origin to
-      # @option opts [Fixnum] :port The port number of the `Mdm::Service` to link this Origin to
-      # @option opts [String] :service_name The service name to use for the `Mdm::Service`
-      # @option opts [String] :protocol The protocol type of the `Mdm::Service` to link this Origin to
-      # @option opts [String] :module_fullname The fullname of the Metasploit Module to link this Origin to
-      # @raise [KeyError] if a required option is missing
-      # @return [NilClass] if there is no connected database
-      # @return [Metasploit::Credential::Origin::Service] The created {Metasploit::Credential::Origin::Service} object
-      def create_credential_origin_service(opts={})
-        return nil unless active_db?
-        module_fullname  = opts.fetch(:module_fullname)
-        service_object = create_credential_service(opts)
-        retry_transaction do
-          Metasploit::Credential::Origin::Service.where(service_id: service_object.id, module_full_name: module_fullname).first_or_create!
-        end
+  # This method is responsible for creating {Metasploit::Credential::Origin::Import} objects.
+  #
+  # @option opts [String] :filename The filename of the file that was imported
+  # @raise [KeyError] if a required option is missing
+  # @return [NilClass] if there is no connected database
+  # @return [Metasploit::Credential::Origin::Manual] The created {Metasploit::Credential::Origin::Import} object
+  def create_credential_origin_import(opts={})
+    return nil unless active_db?
+    filename = opts.fetch(:filename)
+    retry_transaction do
+      Metasploit::Credential::Origin::Import.where(filename: filename).first_or_create!
+    end
+  end
-      end
+  # This method is responsible for creating {Metasploit::Credential::Origin::Manual} objects.
+  #
+  # @option opts [Fixnum] :user_id The ID of the `Mdm::User` to link this Origin to
+  # @raise [KeyError] if a required option is missing
+  # @return [NilClass] if there is no connected database
+  # @return [Metasploit::Credential::Origin::Manual] The created {Metasploit::Credential::Origin::Manual} object
+  def create_credential_origin_manual(opts={})
+    return nil unless active_db?
+    user_id = opts.fetch(:user_id)
+    retry_transaction do
+      Metasploit::Credential::Origin::Manual.where(user_id: user_id).first_or_create!
+    end
+  end
-      # This method is responsible for creating {Metasploit::Credential::Origin::Session} objects.
-      #
-      # @option opts [Fixnum] :session_id The ID of the `Mdm::Session` to link this Origin to
-      # @option opts [String] :post_reference_name The reference name of the Metasploit Post module to link the origin to
-      # @raise [KeyError] if a required option is missing
-      # @return [NilClass] if there is no connected database
-      # @return [Metasploit::Credential::Origin::Session] The created {Metasploit::Credential::Origin::Session} object
-      def create_credential_origin_session(opts={})
-        return nil unless active_db?
-        session_id           = opts.fetch(:session_id)
-        post_reference_name  = opts.fetch(:post_reference_name)
-        retry_transaction do
-          Metasploit::Credential::Origin::Session.where(session_id: session_id, post_reference_name: post_reference_name).first_or_create!
-        end
-      end
+  # This method is responsible for creating {Metasploit::Credential::Origin::Service} objects.
+  # If there is not a matching `Mdm::Host` it will create it. If there is not a matching
+  # `Mdm::Service` it will create that too.
+  #
+  # @option opts [String] :address The address of the `Mdm::Host` to link this Origin to
+  # @option opts [Fixnum] :port The port number of the `Mdm::Service` to link this Origin to
+  # @option opts [String] :service_name The service name to use for the `Mdm::Service`
+  # @option opts [String] :protocol The protocol type of the `Mdm::Service` to link this Origin to
+  # @option opts [String] :module_fullname The fullname of the Metasploit Module to link this Origin to
+  # @raise [KeyError] if a required option is missing
+  # @return [NilClass] if there is no connected database
+  # @return [Metasploit::Credential::Origin::Service] The created {Metasploit::Credential::Origin::Service} object
+  def create_credential_origin_service(opts={})
+    return nil unless active_db?
+    module_fullname  = opts.fetch(:module_fullname)
+    service_object = create_credential_service(opts)
+    retry_transaction do
+      Metasploit::Credential::Origin::Service.where(service_id: service_object.id, module_full_name: module_fullname).first_or_create!
+    end
-      # This method is responsible for the creation of {Metasploit::Credential::Private} objects.
-      # It will create the correct subclass based on the type.
-      #
-      # @option opts [String] :jtr_format The format for John the ripper to use to try and crack this
-      # @option opts [String] :private_data The actual data for the private (e.g. password, hash, key etc)
-      # @option opts [Symbol] :private_type The type of {Metasploit::Credential::Private} to create
-      # @raise [ArgumentError] if a valid type is not supplied
-      # @raise [KeyError] if a required option is missing
-      # @return [NilClass] if there is no active database connection
-      # @return [Metasploit::Credential::Password] if the private_type was :password
-      # @return [Metasploit::Credential::SSHKey] if the private_type was :ssh_key
-      # @return [Metasploit::Credential::NTLMHash] if the private_type was :ntlm_hash
-      # @return [Metasploit::Credential::NonreplayableHash] if the private_type was :nonreplayable_hash
-      def create_credential_private(opts={})
-        return nil unless active_db?
-        private_data = opts.fetch(:private_data)
-        private_type = opts.fetch(:private_type)
-        private_object = nil
-        retry_transaction do
-          if private_data.blank?
-            private_object = Metasploit::Credential::BlankPassword.where(data:'').first_or_create
-          else
-            case private_type
-              when :password
-                private_object = Metasploit::Credential::Password.where(data: private_data).first_or_create
-              when :ssh_key
-                private_object = Metasploit::Credential::SSHKey.where(data: private_data).first_or_create
-              when :ntlm_hash
-                private_object = Metasploit::Credential::NTLMHash.where(data: private_data).first_or_create
-                private_object.jtr_format = 'nt,lm'
-              when :postgres_md5
-                private_object = Metasploit::Credential::PostgresMD5.where(data: private_data).first_or_create
-                private_object.jtr_format = 'raw-md5,postgres'
-              when :nonreplayable_hash
-                private_object = Metasploit::Credential::NonreplayableHash.where(data: private_data).first_or_create
-                if opts[:jtr_format].present?
-                  private_object.jtr_format = opts[:jtr_format]
-                end
-              else
-                raise ArgumentError, "Invalid Private type: #{private_type}"
-            end
-          end
-          private_object.save!
-        end
-        private_object
-      end
+  end
-      # This method is responsible for the creation of {Metasploit::Credential::Public} objects.
-      #
-      # @option opts [String] :username The username to use for the {Metasploit::Credential::Public}
-      # @raise [KeyError] if a required option is missing
-      # @return [NilClass] if there is no active database connection
-      # @return [Metasploit::Credential::Public]
-      def create_credential_public(opts={})
-        return nil unless active_db?
-        username = opts.fetch(:username)
-        retry_transaction do
-          if username.blank?
-            Metasploit::Credential::BlankUsername.where(username:'').first_or_create!
-          else
-            Metasploit::Credential::Username.where(username: username).first_or_create!
+  # This method is responsible for creating {Metasploit::Credential::Origin::Session} objects.
+  #
+  # @option opts [Fixnum] :session_id The ID of the `Mdm::Session` to link this Origin to
+  # @option opts [String] :post_reference_name The reference name of the Metasploit Post module to link the origin to
+  # @raise [KeyError] if a required option is missing
+  # @return [NilClass] if there is no connected database
+  # @return [Metasploit::Credential::Origin::Session] The created {Metasploit::Credential::Origin::Session} object
+  def create_credential_origin_session(opts={})
+    return nil unless active_db?
+    session_id           = opts.fetch(:session_id)
+    post_reference_name  = opts.fetch(:post_reference_name)
+    retry_transaction do
+      Metasploit::Credential::Origin::Session.where(session_id: session_id, post_reference_name: post_reference_name).first_or_create!
+    end
+  end
+  # This method is responsible for the creation of {Metasploit::Credential::Private} objects.
+  # It will create the correct subclass based on the type.
+  #
+  # @option opts [String] :jtr_format The format for John the ripper to use to try and crack this
+  # @option opts [String] :private_data The actual data for the private (e.g. password, hash, key etc)
+  # @option opts [Symbol] :private_type The type of {Metasploit::Credential::Private} to create
+  # @raise [ArgumentError] if a valid type is not supplied
+  # @raise [KeyError] if a required option is missing
+  # @return [NilClass] if there is no active database connection
+  # @return [Metasploit::Credential::Password] if the private_type was :password
+  # @return [Metasploit::Credential::SSHKey] if the private_type was :ssh_key
+  # @return [Metasploit::Credential::NTLMHash] if the private_type was :ntlm_hash
+  # @return [Metasploit::Credential::NonreplayableHash] if the private_type was :nonreplayable_hash
+  def create_credential_private(opts={})
+    return nil unless active_db?
+    private_data = opts.fetch(:private_data)
+    private_type = opts.fetch(:private_type)
+    private_object = nil
+    retry_transaction do
+      if private_data.blank?
+        private_object = Metasploit::Credential::BlankPassword.where(data:'').first_or_create
+      else
+        case private_type
+        when :password
+          private_object = Metasploit::Credential::Password.where(data: private_data).first_or_create
+        when :ssh_key
+          private_object = Metasploit::Credential::SSHKey.where(data: private_data).first_or_create
+        when :ntlm_hash
+          private_object = Metasploit::Credential::NTLMHash.where(data: private_data).first_or_create
+          private_object.jtr_format = 'nt,lm'
+        when :postgres_md5
+          private_object = Metasploit::Credential::PostgresMD5.where(data: private_data).first_or_create
+          private_object.jtr_format = 'raw-md5,postgres'
+        when :nonreplayable_hash
+          private_object = Metasploit::Credential::NonreplayableHash.where(data: private_data).first_or_create
+          if opts[:jtr_format].present?
+            private_object.jtr_format = opts[:jtr_format]
           end
+        else
+          raise ArgumentError, "Invalid Private type: #{private_type}"
         end
       end
+      private_object.save!
+    end
+    private_object
+  end
-      # This method is responsible for creating the {Metasploit::Credential::Realm} objects
-      # that may be required.
-      #
-      # @option opts [String] :realm_key The type of Realm this is (e.g. 'Active Directory Domain')
-      # @option opts [String] :realm_value The actual Realm name (e.g. contosso)
-      # @raise [KeyError] if a required option is missing
-      # @return [NilClass] if there is no active database connection
-      # @return [Metasploit::Credential::Realm] if it successfully creates or finds the object
-      def create_credential_realm(opts={})
-        return nil unless active_db?
-        realm_key   = opts.fetch(:realm_key)
-        realm_value = opts.fetch(:realm_value)
-        retry_transaction do
-          Metasploit::Credential::Realm.where(key: realm_key, value: realm_value).first_or_create!
-        end
+  # This method is responsible for the creation of {Metasploit::Credential::Public} objects.
+  #
+  # @option opts [String] :username The username to use for the {Metasploit::Credential::Public}
+  # @raise [KeyError] if a required option is missing
+  # @return [NilClass] if there is no active database connection
+  # @return [Metasploit::Credential::Public]
+  def create_credential_public(opts={})
+    return nil unless active_db?
+    username = opts.fetch(:username)
+    retry_transaction do
+      if username.blank?
+        Metasploit::Credential::BlankUsername.where(username:'').first_or_create!
+      else
+        Metasploit::Credential::Username.where(username: username).first_or_create!
       end
+    end
+  end
+  # This method is responsible for creating the {Metasploit::Credential::Realm} objects
+  # that may be required.
+  #
+  # @option opts [String] :realm_key The type of Realm this is (e.g. 'Active Directory Domain')
+  # @option opts [String] :realm_value The actual Realm name (e.g. contosso)
+  # @raise [KeyError] if a required option is missing
+  # @return [NilClass] if there is no active database connection
+  # @return [Metasploit::Credential::Realm] if it successfully creates or finds the object
+  def create_credential_realm(opts={})
+    return nil unless active_db?
+    realm_key   = opts.fetch(:realm_key)
+    realm_value = opts.fetch(:realm_value)
+    retry_transaction do
+      Metasploit::Credential::Realm.where(key: realm_key, value: realm_value).first_or_create!
+    end
+  end
-      # This method is responsible for creating a barebones `Mdm::Service` object
-      # for use by Credential object creation.
-      #
-      # @option opts [String] :address The address of the `Mdm::Host`
-      # @option opts [Fixnum] :port The port number of the `Mdm::Service`
-      # @option opts [String] :service_name The service name to use for the `Mdm::Service`
-      # @option opts [String] :protocol The protocol type of the `Mdm::Service``
-      # @option opts [Fixnum] :workspace_id The ID of the `Mdm::Workspace` to use for the `Mdm::Host`
-      # @raise [KeyError] if a required option is missing
-      # @return [NilClass] if there is no connected database
-      # @return [Mdm::Service]
-      def create_credential_service(opts={})
-        return nil unless active_db?
-        address          = opts.fetch(:address)
-        port             = opts.fetch(:port)
-        service_name     = opts.fetch(:service_name)
-        protocol         = opts.fetch(:protocol)
-        workspace_id     = opts.fetch(:workspace_id)
-        host_object    = Mdm::Host.where(address: address, workspace_id: workspace_id).first_or_create
-        service_object = Mdm::Service.where(host_id: host_object.id, port: port, proto: protocol).first_or_initialize
-        service_object.name  = service_name
-        service_object.state = "open"
-        service_object.save!
-        service_object
-      end
-      # This method checks to see if a {Metasploit::Credential::Login} exists for a given
-      # set of details. If it does exists, we then appropriately set the status to one of our
-      # failure statuses.
-      #
-      # @option opts [String] :address The address of the host we attempted
-      # @option opts [Fixnum] :port the port of the service we attempted
-      # @option opts [String] :protocol the transport protocol of the service we attempted
-      # @option opts [String] :public A string representation of the public we tried
-      # @option opts [String] :private A string representation of the private we tried
-      # @option opts [Symbol] :status The status symbol from the {Metasploit::Framework::LoginScanner::Result}
-      # @raise [KeyError] if any of the above options are missing
-      # @return [void] Do not worry about the return value from this method
-      def invalidate_login(opts = {})
-        return nil unless active_db?
-        address     = opts.fetch(:address)
-        port        = opts.fetch(:port)
-        protocol    = opts.fetch(:protocol)
-        public      = opts.fetch(:username, nil)
-        private     = opts.fetch(:private_data, nil)
-        realm_key   = opts.fetch(:realm_key, nil)
-        realm_value = opts.fetch(:realm_value, nil)
-        status      = opts.fetch(:status)
-        pub_obj = Metasploit::Credential::Public.where(username: public).first.try(:id)
-        priv_obj = Metasploit::Credential::Private.where(data: private).first.try(:id)
-        realm_obj = Metasploit::Credential::Realm.where(key: realm_key, value: realm_value).first.try(:id)
-        core = Metasploit::Credential::Core.where(public_id: pub_obj, private_id: priv_obj, realm_id: realm_obj).first
-        # Do nothing else if we have no matching core. Otherwise look for a Login.
-        if core.present?
-          login = core.logins.joins(service: :host).where(services: { port: port, proto: protocol } ).where( hosts: {address: address}).readonly(false).first
-          if login.present?
-            login.status = status
-            login.last_attempted_at = DateTime.now
-            login.save!
-          end
-        end
+  # This method is responsible for creating a barebones `Mdm::Service` object
+  # for use by Credential object creation.
+  #
+  # @option opts [String] :address The address of the `Mdm::Host`
+  # @option opts [Fixnum] :port The port number of the `Mdm::Service`
+  # @option opts [String] :service_name The service name to use for the `Mdm::Service`
+  # @option opts [String] :protocol The protocol type of the `Mdm::Service``
+  # @option opts [Fixnum] :workspace_id The ID of the `Mdm::Workspace` to use for the `Mdm::Host`
+  # @raise [KeyError] if a required option is missing
+  # @return [NilClass] if there is no connected database
+  # @return [Mdm::Service]
+  def create_credential_service(opts={})
+    return nil unless active_db?
+    address          = opts.fetch(:address)
+    port             = opts.fetch(:port)
+    service_name     = opts.fetch(:service_name)
+    protocol         = opts.fetch(:protocol)
+    workspace_id     = opts.fetch(:workspace_id)
+    host_object    = Mdm::Host.where(address: address, workspace_id: workspace_id).first_or_create
+    service_object = Mdm::Service.where(host_id: host_object.id, port: port, proto: protocol).first_or_initialize
+    service_object.name  = service_name
+    service_object.state = "open"
+    service_object.save!
+    service_object
+  end
+  # This method checks to see if a {Metasploit::Credential::Login} exists for a given
+  # set of details. If it does exists, we then appropriately set the status to one of our
+  # failure statuses.
+  #
+  # @option opts [String] :address The address of the host we attempted
+  # @option opts [Fixnum] :port the port of the service we attempted
+  # @option opts [String] :protocol the transport protocol of the service we attempted
+  # @option opts [String] :public A string representation of the public we tried
+  # @option opts [String] :private A string representation of the private we tried
+  # @option opts [Symbol] :status The status symbol from the {Metasploit::Framework::LoginScanner::Result}
+  # @raise [KeyError] if any of the above options are missing
+  # @return [void] Do not worry about the return value from this method
+  def invalidate_login(opts = {})
+    return nil unless active_db?
+    address     = opts.fetch(:address)
+    port        = opts.fetch(:port)
+    protocol    = opts.fetch(:protocol)
+    public      = opts.fetch(:username, nil)
+    private     = opts.fetch(:private_data, nil)
+    realm_key   = opts.fetch(:realm_key, nil)
+    realm_value = opts.fetch(:realm_value, nil)
+    status      = opts.fetch(:status)
+    pub_obj = Metasploit::Credential::Public.where(username: public).first.try(:id)
+    priv_obj = Metasploit::Credential::Private.where(data: private).first.try(:id)
+    realm_obj = Metasploit::Credential::Realm.where(key: realm_key, value: realm_value).first.try(:id)
+    core = Metasploit::Credential::Core.where(public_id: pub_obj, private_id: priv_obj, realm_id: realm_obj).first
+    # Do nothing else if we have no matching core. Otherwise look for a Login.
+    if core.present?
+      login = core.logins.joins(service: :host).where(services: { port: port, proto: protocol } ).where( hosts: {address: address}).readonly(false).first
+      if login.present?
+        login.status = status
+        login.last_attempted_at = DateTime.now
+        login.save!
       end
+    end
-      private
-      # This method wraps a block in a retry if we get a RecordNotUnique validation error.
-      # This helps guard against race conditions.
-      def retry_transaction(&block)
-        tries = 3
-        begin
-          yield
-        rescue ActiveRecord::RecordInvalid, ActiveRecord::RecordNotUnique
-          tries -= 1
-          if tries > 0
-            retry
-          else
-            raise
-          end
-        end
-      end
+  end
+  private
+  # This method wraps a block in a retry if we get a RecordNotUnique validation error.
+  # This helps guard against race conditions.
+  def retry_transaction(&block)
+    tries = 3
+    begin
+      yield
+    rescue ActiveRecord::RecordInvalid, ActiveRecord::RecordNotUnique
+      tries -= 1
+      if tries > 0
+        retry
+      else
+        raise
+      end
     end
   end
 end