Class: Msf::Analyze::Result

Inherits:
Object
  • Object
show all
Defined in:
lib/msf/core/analyze/result.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(host:, mod:, framework:, available_creds: nil, payloads: nil, datastore: nil) ⇒ Result

Returns a new instance of Result.


10
11
12
13
14
15
16
17
18
19
20
21
22
# File 'lib/msf/core/analyze/result.rb', line 10

def initialize(host:, mod:, framework:, available_creds: nil, payloads: nil, datastore: nil)
  @host = host
  @mod = mod
  @required = []
  @missing = []
  @invalid = []
  @datastore = datastore&.transform_keys(&:downcase) || Hash.new
  @available_creds = available_creds
  @wanted_payloads = payloads
  @framework = framework

  determine_likely_compatibility
end

Instance Attribute Details

#datastoreObject (readonly)

Returns the value of attribute datastore.


3
4
5
# File 'lib/msf/core/analyze/result.rb', line 3

def datastore
  @datastore
end

#hostObject (readonly)

Returns the value of attribute host.


4
5
6
# File 'lib/msf/core/analyze/result.rb', line 4

def host
  @host
end

#invalidObject (readonly)

Returns the value of attribute invalid.


5
6
7
# File 'lib/msf/core/analyze/result.rb', line 5

def invalid
  @invalid
end

#missingObject (readonly)

Returns the value of attribute missing.


6
7
8
# File 'lib/msf/core/analyze/result.rb', line 6

def missing
  @missing
end

#modObject (readonly)

Returns the value of attribute mod.


7
8
9
# File 'lib/msf/core/analyze/result.rb', line 7

def mod
  @mod
end

#requiredObject (readonly)

Returns the value of attribute required.


8
9
10
# File 'lib/msf/core/analyze/result.rb', line 8

def required
  @required
end

Instance Method Details

#descriptionObject

Returns state for module readiness.

Returns:

  • :String detailed sentence form description of result evaluation.


74
75
76
77
78
79
80
81
82
83
84
85
86
87
# File 'lib/msf/core/analyze/result.rb', line 74

def description
  if ready_for_test?
    "ready for testing"
  elsif @missing.empty? && @invalid.empty?
    # TODO? confirm vuln match in this class
    "has matching reference"
  else
    if missing_message.empty? || invalid_message.empty?
      missing_message + invalid_message
    else
      [missing_message, invalid_message].join(', ')
    end
  end
end

#evaluate(with: @datastore, payloads: @wanted_payloads) ⇒ Object


24
25
26
27
28
29
30
# File 'lib/msf/core/analyze/result.rb', line 24

def evaluate(with: @datastore, payloads: @wanted_payloads)
  @datastore = with
  @wanted_payloads = payloads

  determine_prerequisites
  self
end

#match?Boolean

Returns:

  • (Boolean)

89
90
91
# File 'lib/msf/core/analyze/result.rb', line 89

def match?
  !@missing.include? :os_match
end

#ready_for_test?Boolean

Returns:

  • (Boolean)

93
94
95
# File 'lib/msf/core/analyze/result.rb', line 93

def ready_for_test?
  @prerequisites_evaluated && @missing.empty? && @invalid.empty?
end

#stateObject

Returns state for module readiness.

| State | Detailed Reason | |————————-|——————————————————————————————————————————————————————————–| | READY_FOR_TEST | Ready for Test - All required options have defaults | | REQUIRES_CRED | Requires DB Credentials - Required options have defaults except credential values - if db contains known credentials for required fields validation is possible | | REUSE_PREVIOUS_OPTIONS | Reuse Previous Options- Taken as an analysis option, process existing module runs to gather options set for same module on other hosts | | MISSING_REQUIRED_OPTION | Missing Required Options - Some options are not available requiring manual configuration | | MISSING_PAYLOAD | Missing Compatible Payload - Known host details and payload restrictions exclude all payloads | | REQUIRES_SESSION | Requires Session - Modules that require an existing session can cannot be executed as first entry point on targets | | NEEDS_TARGET_ACTION | Needs target action - Module that either start a service and need the target to respond in a way that may require user interaction. (Browser exploit, needs target reboot.…) | | INVALID_OPTION | Options used in Result evaluation are invalid | | NOT_APPLICABLE | Module is not applicable to the host |

Returns:

  • :sym the stateful result one of:

    • :READY_FOR_TEST, :REQUIRES_CRED, :REUSE_PREVIOUS_OPTIONS, :MISSING_REQUIRED_OPTION, :MISSING_PAYLOAD, :REQUIRES_SESSION, :NEEDS_TARGET_ACTION, :INVALID_OPTION, :NOT_APPLICABLE


48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# File 'lib/msf/core/analyze/result.rb', line 48

def state
  if ready_for_test? || (@missing.empty? && @invalid.empty?)
    :READY_FOR_TEST
    # TODO: result eval can look for previous attempts to determine :REUSE_PREVIOUS_OPTIONS state
  else
    unless @missing.empty?
      if @missing.include?(:credential)
        :REQUIRES_CRED
      elsif @missing.include?(:payload_match)
        :MISSING_PAYLOAD
      elsif @missing.include?(:session)
        :REQUIRES_SESSION
      elsif @missing.include?(:os_match)
        :NOT_APPLICABLE
        # TODO: result eval check for module stance to determine :NEEDS_TARGET_ACTION state?
      else
        :MISSING_REQUIRED_OPTION
      end
    else
      :INVALID_OPTION
    end
  end
end