Module: Msf::Exploit::Remote::HTTP::ManageEngineAdauditPlus::JsonPostData

Included in:

Msf::Exploit::Remote::HTTP::ManageEngineAdauditPlus

Defined in:

lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus/json_post_data.rb

Instance Method Summary

• #generate_gpo_watcher_data_json(options) ⇒ String

  Generates a JSON hash according to the format required by the GPOWatcherData endpoint.

• #generate_ver_file_name ⇒ String

  Returns a String matching the VER_FILE_NAME format used by ADAudit Plus.

Instance Method Details

#generate_gpo_watcher_data_json(options) ⇒ String

Generates a JSON hash according to the format required by the GPOWatcherData endpoint

Parameters:

• options (Hash) —

  Hash containing parameters to include in the JSON hash.

Options Hash (options):

• :isGPOData (Boolean) —

  Is the data GPO data? This is set to true if so, otherwise its set to false.

• :DOMAIN_NAME (String) —

  Name of the domain being targeted.

• :GPO_GUID (String) —

  The GPO GUID to use.

• :GPO_VERSION (Integer) —

  The version number of the GPO GUID in use, or a random number from 1 to 9 if one is not supplied.

• :VER_FILE_NAME (String) —

  The version file name in a format that matches ADAudit Plus's VER_FILE_NAME format.

• :xmlReport (String) —

  An XML string containing the header to use for the report.

• :Html_fileName (String) —

  The filename to use for the post request if provided.

• :htmlReport (String) —

  The location to save the HTML report if provided.

Returns:

• (String) —

  A string representation of the JSON hash matching the format required by the GPOWatcherData endpoint. Will be an empty string if the options param is invalid.

# File 'lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus/json_post_data.rb', line 18

def generate_gpo_watcher_data_json(options)
  post_data = {}
  return post_data.to_json unless options.is_a?(Hash)

  post_data['isGPOData'] = options['isGPOData'] || true
  post_data['DOMAIN_NAME'] = options['DOMAIN_NAME'] || ''
  post_data['GPO_GUID'] = options['GPO_GUID'] || Rex::Proto::MsDtyp::MsDtypGuid.random_generate
  post_data['GPO_VERSION'] = options['GPO_VERSION'] || rand(1..9)
  post_data['VER_FILE_NAME'] = options['VER_FILE_NAME'] || generate_ver_file_name
  post_data['xmlReport'] = options['xmlReport'] || '<?xml version="1.0" encoding="utf-16"?>'

  html_fileName = options['Html_fileName']
  post_data['Html_fileName'] = html_fileName if html_fileName

  html_report = options['htmlReport']
  post_data['htmlReport'] = html_report if html_report

  post_data.to_json
end

#generate_ver_file_name ⇒ String

Returns a String matching the VER_FILE_NAME format used by ADAudit Plus

Returns:

• (String) —

  Randomly generated String matching the VER_FILE_NAME format used by ADAudit Plus

# File 'lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus/json_post_data.rb', line 41

def generate_ver_file_name
  "#{rand(1..9)}_#{Rex::Text.rand_text_alphanumeric(18)}".downcase + '.xml'
end