metasploit-credential 6.0.25 → 6.0.26

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3b79b3241ac24ff895337145ad3b35a0f2c46ae71007bbba47be325e18529e98
-  data.tar.gz: 53dd208977fa318604ac5daede336b55e9472780fb8f748321b6abfa4f1e2b86
+  metadata.gz: a24d66b6c06687dd8a034334c4456ae7734f390cac037bdc256a54fed0404e1b
+  data.tar.gz: 42ec665f5eb4d410c2da7b20a6a8bb288e0510febf87c97c03224ca5d085f74e
 SHA512:
-  metadata.gz: 8155a582f071242f7c33169c4eef45af5233c70cb6d01213d628fcbe765b026b42f136c663c307047ad5a1d566b0ffa2fd24a5d0b984cfa29f55f55caaef5fe6
-  data.tar.gz: 526d5baf8695f8d4e801397b790582d369827a354b2ff71e5cc38ea559b00daf48c7f9a695f176dc4707bf9f5c1465936067b2655622e6b780fe86bbeba5836c
+  metadata.gz: 2e9edb1ebc543d6da43c265bd5cd5dcf1e69e30a6152808c4b113ace8977b129bbcdb90fd18c0625d8f33dcbffa179810f3b435c812298e77945568d3115397e
+  data.tar.gz: 9903ec677370e44cecd5bba7b75936d6f3dfade5baa2946d80147788da71d293f2cb32596fa38bd33e98489a628a2b540f8b3e0bddffd07c42601c01a66452ba

data/lib/metasploit/credential/creation.rb

@@ -617,16 +617,74 @@ module Metasploit::Credential::Creation
     service_name     = opts.fetch(:service_name)
     protocol         = opts.fetch(:protocol)
     workspace_id     = opts.fetch(:workspace_id)
+    resource         = opts[:resource] || {}
 
     host_object    = Mdm::Host.where(address: address, workspace_id: workspace_id).first_or_create
     service_object = Mdm::Service.where(host_id: host_object.id, port: port, proto: protocol, name: service_name).first_or_initialize
 
+    parents = process_service_chain(host_object, opts.delete(:parents)) if opts[:parents]
+    if parents
+      parents.each do |parent|
+        service_object.parents << parent if parent && !service_object.parents.include?(parent)
+      end
+    end
+
+    service_object.resource = resource
     service_object.state = "open"
     service_object.save!
 
     service_object
   end
 
+  # This is copy-pasted from Metasploit Framework (with small tweaks right now to lalow for :name and :service_name, and :proto/:protocol):
+  # https://github.com/rapid7/metasploit-framework/blob/2dcfb985ea68ba2384f5309afdc9ec1a17cb80b9/lib/msf/core/db_manager/service.rb#L193
+  # In the future, we can potentially migrate this AND the Metasploit Framework code to metasploit_data_models, so that
+  # both Framework and Credential have access to the shared code.
+  def process_service_chain(host, services)
+    return unless host.is_a?(Mdm::Host)
+
+    return if services.nil?
+
+    services = [services] unless services.is_a?(Array)
+    services.map do |service|
+      case service
+      when ::Mdm::Service
+        service_obj = service
+      when ::Hash
+        next if service[:port].nil? || service[:proto].nil?
+
+        parents = nil
+        if service[:parents]&.any?
+          parents = process_service_chain(host, service[:parents])
+        end
+
+        service_info = {
+          port: service[:port].to_i,
+          proto: service[:proto].to_s.downcase,
+        }
+        service_info[:name] = service[:name].downcase if service[:name]
+        service_info[:resource] = service[:resource] if service[:resource]
+        service_obj = host.services.find_or_create_by(service_info)
+        if service_obj.id.nil?
+          # elog("Failed to create service #{service_info.inspect} for host #{host.name} (#{host.address})")
+          return
+        end
+        service_obj.state ||= 'open'
+        service_obj.info = service[:info] ? service[:info] : ''
+
+        if parents
+          parents.each do |parent|
+            service_obj.parents << parent if parent && !service_obj.parents.include?(parent)
+          end
+        end
+      else
+        next
+      end
+
+      service_obj
+    end.compact
+  end
+
   # This method checks to see if a {Metasploit::Credential::Login} exists for a given
   # set of details. If it does exists, we then appropriately set the status to one of our
   # failure statuses.

data/lib/metasploit/credential/version.rb

@@ -3,7 +3,7 @@
 module Metasploit
   module Credential
     # VERSION is managed by GemRelease
-    VERSION = '6.0.25'
+    VERSION = '6.0.26'
 
     # @return [String]
     #

data/spec/dummy/tmp/local_secret.txt

@@ -1 +1 @@
-b920c4bc020b25ab6c0840bf87217b4f4f56f260770237ead0da8fb6fbad1c3cf24d82231c9b683cfbeb71ba9e54cd576b7ea6e62788641f9f38c97107eb232b
+d35473b1badc957901eab5af80c9922037aa331ffa8df42e2f0287d5447dbb159cefe2b044bdcf047b03c2e3e5838bcd4c86f56e98a5ecc7735ee3c4bb63d74b

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: metasploit-credential
 version: !ruby/object:Gem::Version
-  version: 6.0.25
+  version: 6.0.26
 platform: ruby
 authors:
 - Metasploit Hackers
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2026-05-26 00:00:00.000000000 Z
+date: 2026-05-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: metasploit-concern