From f37ac44380b89620784bfd742fa989b8e1949fb4 Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Tue, 23 Sep 2014 05:23:13 +0000
Subject: [PATCH] Move brute.Account to creds.Account

In addition to fitting better (brute library is the verb, creds library
is the noun), this will allow creds.lua to use creds.Account internally
where necessary (see subsequent commits)

Also change old references to string argument "OPEN" into
creds.State.VALID.
---
 nselib/brute.lua                    | 42 ++---------------------------
 nselib/creds.lua                    | 29 ++++++++++++++++++++
 scripts/ajp-brute.nse               |  2 +-
 scripts/backorifice-brute.nse       |  4 +--
 scripts/cassandra-brute.nse         |  2 +-
 scripts/cvs-brute-repository.nse    |  3 ++-
 scripts/cvs-brute.nse               |  2 +-
 scripts/domcon-brute.nse            |  4 +--
 scripts/dpap-brute.nse              |  2 +-
 scripts/ftp-brute.nse               |  2 +-
 scripts/http-brute.nse              |  2 +-
 scripts/http-form-brute.nse         |  2 +-
 scripts/http-joomla-brute.nse       |  4 +--
 scripts/http-proxy-brute.nse        |  2 +-
 scripts/http-wordpress-brute.nse    |  2 +-
 scripts/iax2-brute.nse              |  2 +-
 scripts/imap-brute.nse              |  4 +--
 scripts/informix-brute.nse          |  6 ++---
 scripts/irc-brute.nse               |  2 +-
 scripts/irc-sasl-brute.nse          |  2 +-
 scripts/iscsi-brute.nse             |  2 +-
 scripts/membase-brute.nse           |  2 +-
 scripts/metasploit-msgrpc-brute.nse |  2 +-
 scripts/metasploit-xmlrpc-brute.nse |  2 +-
 scripts/mmouse-brute.nse            |  2 +-
 scripts/mongodb-brute.nse           |  2 +-
 scripts/mysql-brute.nse             |  2 +-
 scripts/mysql-enum.nse              |  2 +-
 scripts/nessus-brute.nse            |  2 +-
 scripts/nessus-xmlrpc-brute.nse     |  2 +-
 scripts/nexpose-brute.nse           |  2 +-
 scripts/nping-brute.nse             |  2 +-
 scripts/omp2-brute.nse              |  2 +-
 scripts/openvas-otp-brute.nse       |  2 +-
 scripts/oracle-brute-stealth.nse    |  4 +--
 scripts/oracle-brute.nse            |  8 +++---
 scripts/pcanywhere-brute.nse        |  2 +-
 scripts/pop3-brute.nse              |  5 ++--
 scripts/redis-brute.nse             |  2 +-
 scripts/rexec-brute.nse             |  2 +-
 scripts/rlogin-brute.nse            |  2 +-
 scripts/rpcap-brute.nse             |  2 +-
 scripts/rsync-brute.nse             |  2 +-
 scripts/sip-brute.nse               |  2 +-
 scripts/sip-enum-users.nse          |  7 ++---
 scripts/smtp-brute.nse              |  4 +--
 scripts/socks-brute.nse             |  2 +-
 scripts/svn-brute.nse               |  4 +--
 scripts/telnet-brute.nse            |  7 ++---
 scripts/vmauthd-brute.nse           |  2 +-
 scripts/vnc-brute.nse               |  4 +--
 scripts/xmpp-brute.nse              |  4 +--
 52 files changed, 103 insertions(+), 110 deletions(-)

diff --git a/nselib/brute.lua b/nselib/brute.lua
index a84e499ff..00ee8cee0 100644
--- a/nselib/brute.lua
+++ b/nselib/brute.lua
@@ -7,9 +7,6 @@
 -- the brute.threads argument, it defaults to 10.
 --
 -- The library contains the following classes:
--- * <code>Account</code>
--- ** Implements a simple account class, that converts account "states" to common text representation.
--- ** The state can be either of the following: OPEN, LOCKED or DISABLED
 -- * <code>Engine</code>
 -- ** The actual engine doing the brute-forcing .
 -- * <code>Error</code>
@@ -31,7 +28,7 @@
 --
 -- The <code>login</code> method does not need a lot of explanation. The login
 -- function should return two parameters. If the login was successful it should
--- return true and an <code>Account</code>. If the login was a failure it
+-- return true and a <code>creds.Account</code>. If the login was a failure it
 -- should return false and an <code>Error</code>. The driver can signal the
 -- Engine to retry a set of credentials by calling the Error objects
 -- <code>setRetry</code> method. It may also signal the Engine to abort all
@@ -106,7 +103,7 @@
 --     status, data = self.socket:receive_bytes(1)
 --
 --     if ( data:match("SUCCESS") ) then
---       return true, brute.Account:new(username, password, "OPEN")
+--       return true, creds.Account:new(username, password, creds.State.VALID)
 --     end
 --     return false, brute.Error:new( "login failed" )
 --   end,
@@ -288,41 +285,6 @@ Options = {
 }
 
 -- The account object which is to be reported back from each driver
-Account =
-{
-  --- Creates a new instance of the Account class
-  --
-  -- @param username containing the user's name
-  -- @param password containing the user's password
-  -- @param state containing the account state and should be one of the
-  --        following <code>OPEN</code>, <code>LOCKED</code>,
-  --        <code>DISABLED</code>.
-  new = function(self, username, password, state)
-    local o = { username = username, password = password, state = state }
-    setmetatable(o, self)
-    self.__index = self
-    return o
-  end,
-
-  --- Converts an account object to a printable script
-  --
-  -- @return string representation of object
-  toString = function( self )
-    local c
-    if ( #self.username > 0 ) then
-      c = ("%s:%s"):format( self.username, #self.password > 0 and self.password or "<empty>" )
-    else
-      c = ("%s"):format( ( self.password and #self.password > 0 ) and self.password or "<empty>" )
-    end
-    if ( creds.StateMsg[self.state] ) then
-      return ( "%s - %s"):format(c, creds.StateMsg[self.state] )
-    else
-      return ("%s"):format(c)
-    end
-  end,
-
-}
-
 -- The Error class, is currently only used to flag for retries
 -- It also contains the error message, if one was returned from the driver.
 Error =
diff --git a/nselib/creds.lua b/nselib/creds.lua
index e9a595639..089786a7c 100644
--- a/nselib/creds.lua
+++ b/nselib/creds.lua
@@ -235,6 +235,35 @@ RegStorage = {
 
 }
 
+Account = {
+  --- Creates a new instance of the Account class
+  --
+  -- @param username containing the user's name
+  -- @param password containing the user's password
+  -- @param state A <code>creds.State</code> account state
+  -- @return A new <code>creds.Account</code> object
+  -- @name Account.new
+  new = function(self, username, password, state)
+    local o = { username = username, password = password, state = state }
+    setmetatable(o, self)
+    self.__index = self
+    return o
+  end,
+
+  --- Converts an account object to a printable script
+  --
+  -- @return string representation of object
+  -- @name Account.__tostring
+  __tostring = function( self )
+    return (
+      (self.user and self.user .. ":" or "") ..
+      (self.pass ~= "" and self.pass or "<empty>") ..
+      (self.state and " - " .. self.state or "")
+      )
+  end,
+}
+
+
 -- The credentials class
 Credentials = {
 
diff --git a/scripts/ajp-brute.nse b/scripts/ajp-brute.nse
index adf68a319..117368fe7 100644
--- a/scripts/ajp-brute.nse
+++ b/scripts/ajp-brute.nse
@@ -69,7 +69,7 @@ Driver = {
       err:setRetry( true )
       return false, err
     elseif( response.status ~= 401 ) then
-      return true, brute.Account:new(user, pass, creds.State.VALID)
+      return true, creds.Account:new(user, pass, creds.State.VALID)
     end
     return false, brute.Error:new( "Incorrect password" )
   end,
diff --git a/scripts/backorifice-brute.nse b/scripts/backorifice-brute.nse
index 7565cf028..c0c3d36cc 100644
--- a/scripts/backorifice-brute.nse
+++ b/scripts/backorifice-brute.nse
@@ -261,7 +261,7 @@ local Driver =
   -- @param username string containing username which is disregarded
   -- @param password string containing login password
   -- @return brute.Error object on failure
-  --         brute.Account object on success
+  --         creds.Account object on success
   login = function( self, username, password )
     local status, msg = self.bo:try_password(password,nil)
     if status then
@@ -272,7 +272,7 @@ local Driver =
         nmap.registry.credentials['backorifice'] = {}
       end
       table.insert( nmap.registry.credentials.backorifice, { password = password } )
-      return true, brute.Account:new("", password, creds.State.VALID)
+      return true, creds.Account:new("", password, creds.State.VALID)
     else
       -- The only indication that the password is incorrect is a timeout
       local err = brute.Error:new( "Incorrect password" )
diff --git a/scripts/cassandra-brute.nse b/scripts/cassandra-brute.nse
index 9eaf9a8af..d9289ba88 100644
--- a/scripts/cassandra-brute.nse
+++ b/scripts/cassandra-brute.nse
@@ -80,7 +80,7 @@ Driver = {
 
     if (magic == cassandra.LOGINSUCC) then
       stdnse.debug3("Account SUCCESS: "..combo)
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     elseif (magic == cassandra.LOGINFAIL) then
       stdnse.debug3("Account FAIL: "..combo)
       return false, brute.Error:new( "Incorrect password" )
diff --git a/scripts/cvs-brute-repository.nse b/scripts/cvs-brute-repository.nse
index 3dcb23597..8c8d1a29f 100644
--- a/scripts/cvs-brute-repository.nse
+++ b/scripts/cvs-brute-repository.nse
@@ -1,5 +1,6 @@
 local brute = require "brute"
 local coroutine = require "coroutine"
+local creds = require "creds"
 local cvs = require "cvs"
 local io = require "io"
 local nmap = require "nmap"
@@ -68,7 +69,7 @@ Driver =
       -- script can use them later.
       self.host.registry.cvs_repos = self.host.registry.cvs_repos or {}
       table.insert(self.host.registry.cvs_repos, password)
-      return true, brute.Account:new(username, password, 0)
+      return true, creds.Account:new(username, password, 0)
     end
     return false, brute.Error:new( "Incorrect password" )
   end,
diff --git a/scripts/cvs-brute.nse b/scripts/cvs-brute.nse
index 28d304848..6fb5adbd2 100644
--- a/scripts/cvs-brute.nse
+++ b/scripts/cvs-brute.nse
@@ -58,7 +58,7 @@ Driver =
   login = function( self, username, password )
     local status, err = self.helper:login( self.repo, username, password )
     if ( status ) then
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
 
     -- This error seems to indicate that the user does not exist
diff --git a/scripts/domcon-brute.nse b/scripts/domcon-brute.nse
index 213f36547..6793743eb 100644
--- a/scripts/domcon-brute.nse
+++ b/scripts/domcon-brute.nse
@@ -120,7 +120,7 @@ Driver =
   -- @param password string containing the login password
   -- @return status, true on success, false on failure
   -- @return brute.Error object on failure
-  --         brute.Account object on success
+  --         creds.Account object on success
   login = function( self, username, password )
     local data = ("#UI %s,%s\n"):format(username,password)
     local status
@@ -141,7 +141,7 @@ Driver =
     if ( status and data:match("NOT_REG_ADMIN") ) then
       not_admins[username] = true
     elseif( status and data:match("VALID_USER") ) then
-      return true, brute.Account:new( username, password, creds.State.VALID)
+      return true, creds.Account:new( username, password, creds.State.VALID)
     end
 
     return false, brute.Error:new( "Incorrect password" )
diff --git a/scripts/dpap-brute.nse b/scripts/dpap-brute.nse
index e61140eea..1007c493e 100644
--- a/scripts/dpap-brute.nse
+++ b/scripts/dpap-brute.nse
@@ -76,7 +76,7 @@ Driver = {
     end
 
     if ( data:match("^HTTP/1.1 200 OK") ) then
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
 
     return false, brute.Error:new( "Incorrect password" )
diff --git a/scripts/ftp-brute.nse b/scripts/ftp-brute.nse
index 977c7ff33..6f25e0320 100644
--- a/scripts/ftp-brute.nse
+++ b/scripts/ftp-brute.nse
@@ -85,7 +85,7 @@ Driver = {
       stdnse.debug1("Received: %s", line)
       if(string.match(line, "^230")) then
         stdnse.debug1("Successful login: %s/%s", user, pass)
-        return true, brute.Account:new( user, pass, creds.State.VALID)
+        return true, creds.Account:new( user, pass, creds.State.VALID)
       elseif(string.match(line, "^530")) then
         return false,  brute.Error:new( "Incorrect password" )
       elseif(string.match(line, "^220")) then
diff --git a/scripts/http-brute.nse b/scripts/http-brute.nse
index 6c5004492..2bfb1d348 100644
--- a/scripts/http-brute.nse
+++ b/scripts/http-brute.nse
@@ -97,7 +97,7 @@ Driver = {
         nmap.registry.credentials['http'] = {}
       end
       table.insert( nmap.registry.credentials.http, { username = username, password = password } )
-      return true, brute.Account:new( username, password, creds.State.VALID)
+      return true, creds.Account:new( username, password, creds.State.VALID)
     end
     return false, brute.Error:new( "Incorrect password" )
   end,
diff --git a/scripts/http-form-brute.nse b/scripts/http-form-brute.nse
index 2496888fb..a15674efb 100644
--- a/scripts/http-form-brute.nse
+++ b/scripts/http-form-brute.nse
@@ -138,7 +138,7 @@ Driver = {
       nmap.registry['credentials'] = nmap.registry['credentials'] or {}
       nmap.registry.credentials['http'] = nmap.registry.credentials['http'] or {}
       table.insert( nmap.registry.credentials.http, { username = username, password = password } )
-      return true, brute.Account:new( username, password, creds.State.VALID)
+      return true, creds.Account:new( username, password, creds.State.VALID)
     end
 
     return false, brute.Error:new( "Incorrect password" )
diff --git a/scripts/http-joomla-brute.nse b/scripts/http-joomla-brute.nse
index 6bcf2ede0..6e286fd2b 100644
--- a/scripts/http-joomla-brute.nse
+++ b/scripts/http-joomla-brute.nse
@@ -95,9 +95,7 @@ Driver = {
 
     if response.body and not( response.body:match('name=[\'"]*'..self.options.passvar ) ) then
       stdnse.debug2("Response:\n%s", response.body)
-      local c = creds.Credentials:new(SCRIPT_NAME, self.host, self.port )
-      c:add(username, password, creds.State.VALID )
-      return true, brute.Account:new( username, password, "OPEN")
+      return true, creds.Account:new( username, password, creds.State.VALID)
     end
     return false, brute.Error:new( "Incorrect password" )
   end,
diff --git a/scripts/http-proxy-brute.nse b/scripts/http-proxy-brute.nse
index 1657c73c1..945fe9053 100644
--- a/scripts/http-proxy-brute.nse
+++ b/scripts/http-proxy-brute.nse
@@ -63,7 +63,7 @@ Driver = {
     -- if we didn't get a 407 error, assume the credentials
     -- were correct. we should probably do some more checks here
     if ( response.status ~= 407 ) then
-      return true, brute.Account:new( username, password, creds.State.VALID)
+      return true, creds.Account:new( username, password, creds.State.VALID)
     end
 
     return false, brute.Error:new( "Incorrect password" )
diff --git a/scripts/http-wordpress-brute.nse b/scripts/http-wordpress-brute.nse
index b25c4f936..31691fd2d 100644
--- a/scripts/http-wordpress-brute.nse
+++ b/scripts/http-wordpress-brute.nse
@@ -93,7 +93,7 @@ Driver = {
     if response.status == 302 then
       local c = creds.Credentials:new( SCRIPT_NAME, self.host, self.port )
       c:add(username, password, creds.State.VALID )
-      return true, brute.Account:new( username, password, "OPEN")
+      return true, creds.Account:new( username, password, creds.State.VALID)
     end
 
     return false, brute.Error:new( "Incorrect password" )
diff --git a/scripts/iax2-brute.nse b/scripts/iax2-brute.nse
index 24ed10bc6..ff52b1cba 100644
--- a/scripts/iax2-brute.nse
+++ b/scripts/iax2-brute.nse
@@ -52,7 +52,7 @@ Driver = {
   login = function(self, username, password)
     local status, resp = self.helper:regRelease(username, password)
     if ( status ) then
-      return true, brute.Account:new( username, password, creds.State.VALID )
+      return true, creds.Account:new( username, password, creds.State.VALID )
     elseif ( resp == "Release failed" ) then
       return false, brute.Error:new( "Incorrect password" )
     else
diff --git a/scripts/imap-brute.nse b/scripts/imap-brute.nse
index 65cf35663..2c4f14be4 100644
--- a/scripts/imap-brute.nse
+++ b/scripts/imap-brute.nse
@@ -72,13 +72,13 @@ Driver =
   -- @param username string containing the username
   -- @param password string containing the password
   -- @return status true on success, false on failure
-  -- @return brute.Error on failure and brute.Account on success
+  -- @return brute.Error on failure and creds.Account on success
   login = function( self, username, password )
     local status, err = self.helper:login( username, password, mech )
     if ( status ) then
       self.helper:close()
       self.helper:connect()
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
     if ( err:match("^ERROR: Failed to .* data$") ) then
       self.helper:close()
diff --git a/scripts/informix-brute.nse b/scripts/informix-brute.nse
index 2b27b92b2..01a16ee2d 100644
--- a/scripts/informix-brute.nse
+++ b/scripts/informix-brute.nse
@@ -73,7 +73,7 @@ Driver =
   -- @param password string containing the login password
   -- @return status, true on success, false on failure
   -- @return brute.Error object on failure
-  --         brute.Account object on success
+  --         creds.Account object on success
   login = function( self, username, password )
     local status, data = self.helper:Login( username, password, {} )
 
@@ -82,10 +82,10 @@ Driver =
         nmap.registry['informix-brute'] = {}
       end
       table.insert( nmap.registry['informix-brute'], { ["username"] = username, ["password"] = password } )
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
       -- Check for account locked message
     elseif ( data:match("INFORMIXSERVER does not match either DBSERVERNAME or DBSERVERALIASES") ) then
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
 
     return false, brute.Error:new( data )
diff --git a/scripts/irc-brute.nse b/scripts/irc-brute.nse
index 489c72047..436be1459 100644
--- a/scripts/irc-brute.nse
+++ b/scripts/irc-brute.nse
@@ -80,7 +80,7 @@ Driver = {
     until(not(status))
 
     if (success) then
-      return true, brute.Account:new("", password, creds.State.VALID)
+      return true, creds.Account:new("", password, creds.State.VALID)
     end
     return false, brute.Error:new("Incorrect password")
   end,
diff --git a/scripts/irc-sasl-brute.nse b/scripts/irc-sasl-brute.nse
index b1579c653..0e0d878da 100644
--- a/scripts/irc-sasl-brute.nse
+++ b/scripts/irc-sasl-brute.nse
@@ -123,7 +123,7 @@ Driver = {
     until (not status)
 
     if (success) then
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
     return false, brute.Error:new("Incorrect username or password")
   end,
diff --git a/scripts/iscsi-brute.nse b/scripts/iscsi-brute.nse
index d3e6a30cf..38f841ffd 100644
--- a/scripts/iscsi-brute.nse
+++ b/scripts/iscsi-brute.nse
@@ -50,7 +50,7 @@ Driver = {
     local status = self.helper:login( self.target, username, password, "CHAP")
 
     if ( status ) then
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
 
     return false, brute.Error:new( "Incorrect password" )
diff --git a/scripts/membase-brute.nse b/scripts/membase-brute.nse
index 4a4c58238..a5e3ba81d 100644
--- a/scripts/membase-brute.nse
+++ b/scripts/membase-brute.nse
@@ -58,7 +58,7 @@ Driver = {
       err:setRetry( true )
       return false, err
     end
-    return true, brute.Account:new( arg_bucketname or username, password, creds.State.VALID)
+    return true, creds.Account:new( arg_bucketname or username, password, creds.State.VALID)
   end,
 
   disconnect = function(self)
diff --git a/scripts/metasploit-msgrpc-brute.nse b/scripts/metasploit-msgrpc-brute.nse
index b6693e293..85709268c 100644
--- a/scripts/metasploit-msgrpc-brute.nse
+++ b/scripts/metasploit-msgrpc-brute.nse
@@ -88,7 +88,7 @@ Driver = {
     data = http.post(self.host,self.port, "/api/",options, nil , encode(user,pass))
     if data and data.status and tostring( data.status ):match( "200" )  then
       if string.find(data.body,"success") then
-        return true, brute.Account:new( user, pass, creds.State.VALID)
+        return true, creds.Account:new( user, pass, creds.State.VALID)
       else
         return false,  brute.Error:new( "Incorrect username or password" )
       end
diff --git a/scripts/metasploit-xmlrpc-brute.nse b/scripts/metasploit-xmlrpc-brute.nse
index 45fe9bff2..84622f66e 100644
--- a/scripts/metasploit-xmlrpc-brute.nse
+++ b/scripts/metasploit-xmlrpc-brute.nse
@@ -70,7 +70,7 @@ Driver =
     elseif (string.match(response,"<name>result</name><value><string>success</string></value>")) then
 
       stdnse.debug1("Good login: %s/%s", username, password)
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
     stdnse.debug1("WARNING: Unhandled response: %s", response)
     return false, brute.Error:new( "unhandled response" )
diff --git a/scripts/mmouse-brute.nse b/scripts/mmouse-brute.nse
index 35d356599..aaadd11bd 100644
--- a/scripts/mmouse-brute.nse
+++ b/scripts/mmouse-brute.nse
@@ -71,7 +71,7 @@ Driver = {
     if (data:match("^CONNECTED\30([^\30]*)") == "NO" ) then
       return false, brute.Error:new( "Incorrect password" )
     elseif ( data:match("^CONNECTED\30([^\30]*)") == "YES" ) then
-      return true, brute.Account:new("", password, creds.State.VALID)
+      return true, creds.Account:new("", password, creds.State.VALID)
     end
 
     local err = brute.Error:new("An unexpected error occurred, retrying ...")
diff --git a/scripts/mongodb-brute.nse b/scripts/mongodb-brute.nse
index 2f5438270..e5419c9dc 100644
--- a/scripts/mongodb-brute.nse
+++ b/scripts/mongodb-brute.nse
@@ -49,7 +49,7 @@ Driver = {
   login = function(self, username, password)
     local status, resp = mongodb.login(self.sock, arg_db, username, password)
     if ( status ) then
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     elseif ( resp ~= "Authentication failed" ) then
       local err = brute.Error:new( resp )
       err:setRetry( true )
diff --git a/scripts/mysql-brute.nse b/scripts/mysql-brute.nse
index b224ddd74..2348f6cff 100644
--- a/scripts/mysql-brute.nse
+++ b/scripts/mysql-brute.nse
@@ -73,7 +73,7 @@ Driver = {
         nmap.registry.mysqlusers = {}
       end
       nmap.registry.mysqlusers[user]=pass
-      return true, brute.Account:new( user, pass, creds.State.VALID)
+      return true, creds.Account:new( user, pass, creds.State.VALID)
     end
     return false,brute.Error:new( "Incorrect password" )
   end,
diff --git a/scripts/mysql-enum.nse b/scripts/mysql-enum.nse
index c2212c1b5..13a93870f 100644
--- a/scripts/mysql-enum.nse
+++ b/scripts/mysql-enum.nse
@@ -87,7 +87,7 @@ Driver = {
     end
     if string.find(response,"Access denied for user") == nil then
       -- found it
-      return true, brute.Account:new( pass, nil, creds.State.VALID)
+      return true, creds.Account:new( pass, nil, creds.State.VALID)
     else
       return false,brute.Error:new( "Incorrect username" )
     end
diff --git a/scripts/nessus-brute.nse b/scripts/nessus-brute.nse
index c7b911602..6686e6b74 100644
--- a/scripts/nessus-brute.nse
+++ b/scripts/nessus-brute.nse
@@ -128,7 +128,7 @@ Driver =
     end
 
     if ( line:match("SERVER <|> PREFERENCES_ERRORS <|>") ) then
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
 
     return false, brute.Error:new( "Incorrect password" )
diff --git a/scripts/nessus-xmlrpc-brute.nse b/scripts/nessus-xmlrpc-brute.nse
index 8beedfbb5..9ac5a23f4 100644
--- a/scripts/nessus-xmlrpc-brute.nse
+++ b/scripts/nessus-xmlrpc-brute.nse
@@ -83,7 +83,7 @@ Driver =
     local status, response = authenticate(self.host, self.port, username, password)
     if ( status and response ) then
       if ( response:match("^HTTP/1.1 200 OK.*<status>OK</status>") ) then
-        return true, brute.Account:new(username, password, creds.State.VALID)
+        return true, creds.Account:new(username, password, creds.State.VALID)
       elseif ( response:match("^HTTP/1.1 200 OK.*<status>ERROR</status>") ) then
         return false, brute.Error:new("incorrect login")
       end
diff --git a/scripts/nexpose-brute.nse b/scripts/nexpose-brute.nse
index 19ea5e13f..218110138 100644
--- a/scripts/nexpose-brute.nse
+++ b/scripts/nexpose-brute.nse
@@ -63,7 +63,7 @@ Driver =
       return false, brute.Error:new( "Bad login" )
     elseif (response.body:match('<LoginResponse.*success="1"')) then
       stdnse.debug1("Good login: %s/%s", username, password)
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
     stdnse.debug1("WARNING: Unhandled response: %s", response.body)
     return false, brute.Error:new( "incorrect response from server" )
diff --git a/scripts/nping-brute.nse b/scripts/nping-brute.nse
index 668677975..5e3056d93 100644
--- a/scripts/nping-brute.nse
+++ b/scripts/nping-brute.nse
@@ -133,7 +133,7 @@ Driver =
 
   login = function(self, _, password)
     if self:testpass(password) then
-      return true, brute.Account:new("", password, creds.State.VALID)
+      return true, creds.Account:new("", password, creds.State.VALID)
     end
     return false, brute.Error:new("Incorrect password")
   end,
diff --git a/scripts/omp2-brute.nse b/scripts/omp2-brute.nse
index 488d90584..8336d2ebe 100644
--- a/scripts/omp2-brute.nse
+++ b/scripts/omp2-brute.nse
@@ -64,7 +64,7 @@ Driver = {
     if self.session:authenticate(username, password) then
       -- store the account for possible future use
       omp2.add_account(self.host, username, password)
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     else
       return false, brute.Error:new("login failed")
     end
diff --git a/scripts/openvas-otp-brute.nse b/scripts/openvas-otp-brute.nse
index 9c345afaa..fe5c0c134 100644
--- a/scripts/openvas-otp-brute.nse
+++ b/scripts/openvas-otp-brute.nse
@@ -90,7 +90,7 @@ Driver =
     elseif (string.match(line,"SERVER <|>")) then
 
       stdnse.debug1("Good login: %s/%s", username, password)
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
 
     stdnse.debug1("WARNING: Unhandled response: %s", line)
diff --git a/scripts/oracle-brute-stealth.nse b/scripts/oracle-brute-stealth.nse
index 98c8bab57..85cb20434 100644
--- a/scripts/oracle-brute-stealth.nse
+++ b/scripts/oracle-brute-stealth.nse
@@ -117,7 +117,7 @@ Driver =
   -- @param password string containing the login password
   -- @return status, true on success, false on failure
   -- @return brute.Error object on failure
-  --         brute.Account object on success
+  --         creds.Account object on success
   login = function( self, username, password )
     local status, data = self.helper:StealthLogin( username, password )
 
@@ -126,7 +126,7 @@ Driver =
       if ( johnfile ) then
         johnfile:write(("%s:%s\n"):format(username,hash))
       end
-      return true, brute.Account:new(username, hash, creds.State.HASHED)
+      return true, creds.Account:new(username, hash, creds.State.HASHED)
     else
       return false, brute.Error:new( data )
     end
diff --git a/scripts/oracle-brute.nse b/scripts/oracle-brute.nse
index 3ff78bc31..33035bbee 100644
--- a/scripts/oracle-brute.nse
+++ b/scripts/oracle-brute.nse
@@ -133,7 +133,7 @@ Driver =
   -- @param password string containing the login password
   -- @return status, true on success, false on failure
   -- @return brute.Error object on failure
-  --         brute.Account object on success
+  --         creds.Account object on success
   login = function( self, username, password )
     local status, data = self.helper:Login( username, password )
 
@@ -144,14 +144,14 @@ Driver =
     if ( status ) then
       self.helper:Close()
       ConnectionPool[coroutine.running()] = nil
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     -- Check for account locked message
     elseif ( data:match("ORA[-]28000") ) then
-      return true, brute.Account:new(username, password, creds.State.LOCKED)
+      return true, creds.Account:new(username, password, creds.State.LOCKED)
     -- Check for account is SYSDBA message
     elseif ( data:match("ORA[-]28009") ) then
       sysdba[username] = true
-      return true, brute.Account:new(username .. " as sysdba", password, creds.State.VALID)
+      return true, creds.Account:new(username .. " as sysdba", password, creds.State.VALID)
     -- check for any other message
     elseif ( data:match("ORA[-]%d+")) then
       stdnse.debug3("username: %s, password: %s, error: %s", username, password, data )
diff --git a/scripts/pcanywhere-brute.nse b/scripts/pcanywhere-brute.nse
index 94432d221..eb4788cf6 100644
--- a/scripts/pcanywhere-brute.nse
+++ b/scripts/pcanywhere-brute.nse
@@ -137,7 +137,7 @@ Driver = {
 
     if status then
       retry = true -- now the server is in "locked mode", we need to retry next connection a few times
-      return true, brute.Account:new( user, pass, creds.State.VALID)
+      return true, creds.Account:new( user, pass, creds.State.VALID)
     end
     return false,brute.Error:new( "Incorrect password" )
   end,
diff --git a/scripts/pop3-brute.nse b/scripts/pop3-brute.nse
index b27b659a8..e077827c0 100644
--- a/scripts/pop3-brute.nse
+++ b/scripts/pop3-brute.nse
@@ -1,5 +1,6 @@
 local brute = require "brute"
 local comm = require "comm"
+local creds = require "creds"
 local nmap = require "nmap"
 local pop3 = require "pop3"
 local shortport = require "shortport"
@@ -73,13 +74,13 @@ Driver = {
   -- @param password string containing the login password
   -- @return status, true on success, false on failure
   -- @return brute.Error object on failure
-  --         brute.Account object on success
+  --         creds.Account object on success
   login = function(self, username, password)
     local pstatus
     local perror
     pstatus, perror = self.login_function(self.socket, username, password, self.additional)
     if pstatus then
-      return true, brute.Account:new(username, password, "OPEN")
+      return true, creds.Account:new(username, password, creds.State.VALID)
     elseif (perror == pop3.err.pwError) then
       return false, brute.Error:new("Wrong password.")
     elseif (perror == pop3.err.userError) then
diff --git a/scripts/redis-brute.nse b/scripts/redis-brute.nse
index a0ea0f3ea..0a5ee75c3 100644
--- a/scripts/redis-brute.nse
+++ b/scripts/redis-brute.nse
@@ -54,7 +54,7 @@ Driver = {
       return false, brute.Error:new( "Incorrect password" )
     elseif ( status and response.type == redis.Response.Type.STATUS and
       "+OK" ) then
-      return true, brute.Account:new( "", password, creds.State.VALID)
+      return true, creds.Account:new( "", password, creds.State.VALID)
     else
       local err = brute.Error:new( response.data )
       err:setRetry( true )
diff --git a/scripts/rexec-brute.nse b/scripts/rexec-brute.nse
index b1678dff9..18fac6562 100644
--- a/scripts/rexec-brute.nse
+++ b/scripts/rexec-brute.nse
@@ -73,7 +73,7 @@ Driver = {
     local response
     status, response = self.socket:receive()
     if ( status ) then
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
     return false, brute.Error:new( "Incorrect password" )
   end,
diff --git a/scripts/rlogin-brute.nse b/scripts/rlogin-brute.nse
index ab53172c0..bcf467a4d 100644
--- a/scripts/rlogin-brute.nse
+++ b/scripts/rlogin-brute.nse
@@ -130,7 +130,7 @@ Driver = {
       return false, brute.Error:new( "Incorrect password" )
     end
 
-    return true, brute.Account:new(username, password, creds.State.VALID)
+    return true, creds.Account:new(username, password, creds.State.VALID)
   end,
 
   disconnect = function(self)
diff --git a/scripts/rpcap-brute.nse b/scripts/rpcap-brute.nse
index 51ec51b06..6669ec7d8 100644
--- a/scripts/rpcap-brute.nse
+++ b/scripts/rpcap-brute.nse
@@ -46,7 +46,7 @@ Driver = {
   login = function(self, username, password)
     local status, resp = self.helper:login(username, password)
     if ( status ) then
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
     return false, brute.Error:new( "Incorrect password" )
   end,
diff --git a/scripts/rsync-brute.nse b/scripts/rsync-brute.nse
index 11a02f551..9e2ce00a6 100644
--- a/scripts/rsync-brute.nse
+++ b/scripts/rsync-brute.nse
@@ -58,7 +58,7 @@ Driver = {
     elseif ( not(status) ) then
       return false, brute.Error:new( "Login failed" )
     else
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
   end,
 
diff --git a/scripts/sip-brute.nse b/scripts/sip-brute.nse
index cee4630d2..1c374f6a4 100644
--- a/scripts/sip-brute.nse
+++ b/scripts/sip-brute.nse
@@ -65,7 +65,7 @@ Driver = {
       end
       return false, brute.Error:new( "Incorrect password" )
     end
-    return true, brute.Account:new(username, password, creds.State.VALID)
+    return true, creds.Account:new(username, password, creds.State.VALID)
   end,
 
   disconnect = function(self) return self.helper:close() end,
diff --git a/scripts/sip-enum-users.nse b/scripts/sip-enum-users.nse
index 516ff5abe..a5db30155 100644
--- a/scripts/sip-enum-users.nse
+++ b/scripts/sip-enum-users.nse
@@ -7,6 +7,7 @@ local stdnse = require "stdnse"
 local table = require "table"
 local math = require "math"
 local brute = require "brute"
+local creds = require "creds"
 local unpwdb = require "unpwdb"
 
 description = [[
@@ -192,17 +193,17 @@ Driver = {
       -- requires authentication
       if responsecode == sip.Error.UNAUTHORIZED or
         responsecode == sip.Error.PROXY_AUTH_REQUIRED then
-        return true, brute.Account:new(password, " Auth required", '')
+        return true, creds.Account:new(password, " Auth required", '')
 
         -- If response status code is 200, then extension exists
         -- and requires no authentication
       elseif responsecode == sip.Error.OK then
-        return true, brute.Account:new(password, " No auth", '')
+        return true, creds.Account:new(password, " No auth", '')
         -- If response status code is 200, then extension exists
         -- but access is forbidden.
 
       elseif responsecode == sip.Error.FORBIDDEN then
-        return true, brute.Account:new(password, " Forbidden", '')
+        return true, creds.Account:new(password, " Forbidden", '')
       end
       return false,brute.Error:new( "Not found" )
     else
diff --git a/scripts/smtp-brute.nse b/scripts/smtp-brute.nse
index c82495140..f30364bf3 100644
--- a/scripts/smtp-brute.nse
+++ b/scripts/smtp-brute.nse
@@ -73,13 +73,13 @@ Driver =
   -- @param username string containing the username
   -- @param password string containing the password
   -- @return status true on success, false on failure
-  -- @return brute.Error on failure and brute.Account on success
+  -- @return brute.Error on failure and creds.Account on success
   login = function( self, username, password )
     local status, err = smtp.login( self.socket, username, password, mech )
     if ( status ) then
       smtp.quit(self.socket)
       ConnectionPool[coroutine.running()] = nil
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
     if ( err:match("^ERROR: Failed to .*") ) then
       self.socket:close()
diff --git a/scripts/socks-brute.nse b/scripts/socks-brute.nse
index 1927cb39b..eccb2f30d 100644
--- a/scripts/socks-brute.nse
+++ b/scripts/socks-brute.nse
@@ -57,7 +57,7 @@ Driver = {
       return false, err
     end
 
-    return true, brute.Account:new(username, password, creds.State.VALID)
+    return true, creds.Account:new(username, password, creds.State.VALID)
   end,
 
   disconnect = function( self )
diff --git a/scripts/svn-brute.nse b/scripts/svn-brute.nse
index bef622054..1436ee58c 100644
--- a/scripts/svn-brute.nse
+++ b/scripts/svn-brute.nse
@@ -199,7 +199,7 @@ Driver =
   -- @param password string containing the login password
   -- @return status, true on success, false on failure
   -- @return brute.Error object on failure
-  --         brute.Account object on success
+  --         creds.Account object on success
   login = function( self, username, password )
     local status, msg
 
@@ -213,7 +213,7 @@ Driver =
       self.invalid_users[username] = true
       return false, brute.Error:new("Username not found")
     elseif ( status and msg:match("success") ) then
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     else
       return false, brute.Error:new( "Incorrect password" )
     end
diff --git a/scripts/telnet-brute.nse b/scripts/telnet-brute.nse
index b2832ced0..9b0e0196a 100644
--- a/scripts/telnet-brute.nse
+++ b/scripts/telnet-brute.nse
@@ -1,5 +1,6 @@
 local comm = require "comm"
 local coroutine = require "coroutine"
+local creds = require "creds"
 local nmap = require "nmap"
 local re = require "re"
 local U = require "lpeg-utility"
@@ -525,7 +526,7 @@ end
 --
 -- @param self Driver object
 -- @return Status (true or false)
--- @return instance of brute.Account if the operation was successful;
+-- @return instance of creds.Account if the operation was successful;
 --         instance of brute.Error otherwise
 Driver.methods.login = function (self, username, password)
   assert(self.conn, "Attempt to use disconnected driver")
@@ -567,13 +568,13 @@ Driver.methods.login = function (self, username, password)
   local login_success = function ()
     local msg = "Login succeeded"
     debug(detail_debug, msg .. loc)
-    return true, brute.Account:new(username, password, "OPEN")
+    return true, creds.Account:new(username, password, creds.State.VALID)
   end
 
   local login_no_password = function ()
     local msg = "Login succeeded without password"
     debug(detail_debug, msg .. loc)
-    return true, brute.Account:new(username, "<none>", "OPEN")
+    return true, creds.Account:new(username, "", creds.State.VALID)
   end
 
   debug(detail_debug, "Login attempt %s:%s%s", username, password, loc)
diff --git a/scripts/vmauthd-brute.nse b/scripts/vmauthd-brute.nse
index 19ab4868f..0f9dc762e 100644
--- a/scripts/vmauthd-brute.nse
+++ b/scripts/vmauthd-brute.nse
@@ -73,7 +73,7 @@ Driver = {
     status, response = self.socket:receive_buf("\r\n", false)
 
     if ( response:match("^230") ) then
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
 
     return false, brute.Error:new( "Login incorrect" )
diff --git a/scripts/vnc-brute.nse b/scripts/vnc-brute.nse
index 76bc4a168..cc9a20e11 100644
--- a/scripts/vnc-brute.nse
+++ b/scripts/vnc-brute.nse
@@ -68,7 +68,7 @@ Driver =
   -- @param password string containing the login password
   -- @return status, true on success, false on failure
   -- @return brute.Error object on failure
-  --         brute.Account object on success
+  --         creds.Account object on success
   login = function( self, username, password )
 
     local status, data = self.vnc:handshake()
@@ -87,7 +87,7 @@ Driver =
     status, data = self.vnc:login( nil, password )
 
     if ( status ) then
-      return true, brute.Account:new("", password, creds.State.VALID)
+      return true, creds.Account:new("", password, creds.State.VALID)
     elseif ( not( data:match("Authentication failed") ) ) then
       local err = brute.Error:new( data )
       -- This might be temporary, set the retry flag
diff --git a/scripts/xmpp-brute.nse b/scripts/xmpp-brute.nse
index e3d9647c9..b1c330f44 100644
--- a/scripts/xmpp-brute.nse
+++ b/scripts/xmpp-brute.nse
@@ -75,13 +75,13 @@ Driver =
   -- @param username string containing the username
   -- @param password string containing the password
   -- @return status true on success, false on failure
-  -- @return brute.Error on failure and brute.Account on success
+  -- @return brute.Error on failure and creds.Account on success
   login = function( self, username, password )
     local status, err = self.helper:login( username, password, mech )
     if ( status ) then
       self.helper:close()
       self.helper:connect()
-      return true, brute.Account:new(username, password, creds.State.VALID)
+      return true, creds.Account:new(username, password, creds.State.VALID)
     end
     if ( err:match("^ERROR: Failed to .* data$") ) then
       self.helper:close()