Module: Msf::Ui::Console::CommandDispatcher::Analyze

Included in:
Db
Defined in:
lib/msf/ui/console/command_dispatcher/db/analyze.rb

Instance Method Summary collapse

Instance Method Details

#cmd_analyze(*args) ⇒ Object


8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
# File 'lib/msf/ui/console/command_dispatcher/db/analyze.rb', line 8

def cmd_analyze(*args)
  unless active?
    print_error "Not currently connected to a data service for analysis."
    return []
  end

  host_ranges = []
  print_empty = false

  found_vulns = false
  reported_module = false

  while (arg = args.shift)
    case arg
      when '-h','help'
        cmd_analyze_help
        return
      when '-a', '-v'
        print_empty = true
      when '-p'
        wanted_payloads = args.shift.split(',')
      else
        (arg_host_range(arg, host_ranges))
    end
  end

  host_ranges.push(nil) if host_ranges.empty?

  host_ids = []
  suggested_modules = {}
  each_host_range_chunk(host_ranges) do |host_search|
    next if host_search && host_search.empty?
    eval_hosts_ids = framework.db.hosts(address: host_search).map(&:id)
    if eval_hosts_ids
      eval_hosts_ids.each do |eval_id|
        host_ids.push(eval_id)
      end
    end
  end

  if host_ids.empty?
    print_status("No existing hosts stored to analyze.")
  else

    host_ids.each do |id|
      eval_host = framework.db.hosts(id: id).first
      next unless eval_host
      unless eval_host.vulns
        print_status("No suggestions for #{eval_host.address}.") if  print_empty
        next
      end
      found_vulns = true

      host_result = framework.analyze.host(eval_host, payloads: wanted_payloads)
      found_modules = host_result[:results]
      if found_modules.any?
        reported_module = true
        print_status("Analysis for #{eval_host.address} ->")
        found_modules.each do |res|
          print_status("  " + res.mod.fullname + " - " + res.description)
        end

        suggested_modules[eval_host.address] = found_modules
      elsif print_empty
        print_status("No suggestions for #{eval_host.address}.")
      end
    end

    if !print_empty
      if !found_vulns
        if host_ranges.any?
          print_status("No vulnerabilities found for given hosts.")
        else
          print_status("No vulnerabilities found for hosts in this workspace.")
        end
      elsif !reported_module
        print_status("No matching modules found.")
      end
    end
  end

  suggested_modules
end

#cmd_analyze_helpObject


3
4
5
6
# File 'lib/msf/ui/console/command_dispatcher/db/analyze.rb', line 3

def cmd_analyze_help
  print_line "Usage: analyze [OPTIONS] [addr1 addr2 ...]"
  print_line
end

#cmd_analyze_tabs(_str, words) ⇒ Object


92
93
94
95
96
97
98
99
100
101
# File 'lib/msf/ui/console/command_dispatcher/db/analyze.rb', line 92

def cmd_analyze_tabs(_str, words)
  return [] unless framework.db.active

  hosts = framework.db.hosts.map(&:address)

  # Limit completion to supplied host if it's the only one
  return [] if words.length > 1 && hosts.length == 1

  hosts
end