Module: Msf::DBManager::ExploitAttempt

Included in:
Msf::DBManager
Defined in:
lib/msf/core/db_manager/exploit_attempt.rb

Instance Method Summary collapse

Instance Method Details

#report_exploit(opts = {}) ⇒ Object

report_exploit() used to be used to track sessions and which modules opened them. That information is now available with the session table directly. TODO: kill this completely some day – for now just warn if some other UI is actually using it.



6
7
8
9
10
11
# File 'lib/msf/core/db_manager/exploit_attempt.rb', line 6

def report_exploit(opts={})
  wlog("Deprecated method call: report_exploit()\n" +
    "report_exploit() options: #{opts.inspect}\n" +
    "report_exploit() call stack:\n\t#{caller.join("\n\t")}"
  )
end

#report_exploit_attempt(host, opts) ⇒ Object



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# File 'lib/msf/core/db_manager/exploit_attempt.rb', line 13

def report_exploit_attempt(host, opts)
::ApplicationRecord.connection_pool.with_connection {
  return if not host
  info = {}

  # Opts can be keyed by strings or symbols
  ::Mdm::VulnAttempt.column_names.each do |kn|
    k = kn.to_sym
    next if ['id', 'host_id'].include?(kn)
    info[k] = opts[kn] if opts[kn]
    info[k] = opts[k]  if opts[k]
  end

  host.exploit_attempts.create(info)
}
end

#report_exploit_failure(opts) ⇒ void

This method returns an undefined value.

Create an ‘Mdm::ExploitAttempt` (and possibly an `Mdm::VulnAttempt`, if the `vuln` option is passed).

Options Hash (opts):

  • :refs (Array<String>, Array<Msf::Module::Reference>)
  • :host (Mdm::Host)
  • :service (Mdm::Service)
  • :port (Integer) — default: nil
  • :proto ("tcp", "udp") — default: Msf::DBManager::DEFAULT_SERVICE_PROTO

    See ‘Mdm::Service::PROTOS`

  • :vuln (Mdm::Vuln) — default: nil
  • :timestamp (Time) — default: nil
  • :timestamp (Mdm::Vuln) — default: nil
  • :module (String) — default: nil


35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# File 'lib/msf/core/db_manager/exploit_attempt.rb', line 35

def report_exploit_failure(opts)
  return unless opts.has_key?(:refs) && !opts[:refs].blank?
  host   = opts[:host] || return

  wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework)
  port   = opts[:port]
  proto   = opts[:proto] || Msf::DBManager::DEFAULT_SERVICE_PROTO
  svc    = opts[:service]

  # Look up the service as appropriate
  if port and svc.nil?
    # only one result can be returned, as the +port+ field restricts potential results to a single service
    svc = services(:workspace => wspace,
                   :hosts => {address: host},
                   :proto => proto,
                   :port => port).first
  end

  # Look up the host as appropriate
  if !host || !host.kind_of?(::Mdm::Host)
    if svc.kind_of? ::Mdm::Service
      host = svc.host
    else
      host = get_host(workspace: wspace, address: host)
    end
  end

  # Bail if we dont have a host object
  return if not host

  opts = opts.clone()
  opts[:service] = svc
  opts[:host] = host

  do_report_failure_or_success(opts)
end

#report_exploit_success(opts) ⇒ void

This method returns an undefined value.

Create an ‘Mdm::ExploitAttempt` (and possibly an `Mdm::VulnAttempt`, if the `vuln` option is passed).



76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
# File 'lib/msf/core/db_manager/exploit_attempt.rb', line 76

def report_exploit_success(opts)
  return unless opts[:refs]
  host   = opts[:host] || return

  wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework)
  # it is rude to modify arguments in place
  opts = opts.clone()
  port   = opts[:port]
  prot   = opts[:proto] || Msf::DBManager::DEFAULT_SERVICE_PROTO
  svc    = opts[:service]

  # Look up or generate the service as appropriate
  if port and svc.nil?
    opts[:proto] ||= Msf::DBManager::DEFAULT_SERVICE_PROTO
    opts[:service] = report_service(
      workspace: wspace, host: host, port: port, proto: prot
    )
  end

  do_report_failure_or_success(opts)
end