Cleanup wmap, add the missing database tables back, rename to have a wmap_prefix

git-svn-id: file:///home/svn/framework3/trunk@7837 4d416f70-5f16-0410-b530-b9f4589650da

data/sql/migrate/001_add_wmap_tables.rb

@@ -0,0 +1,35 @@
+class AddWmapTables < ActiveRecord::Migration
+	def self.up
+		create_table :wmap_targets do |t|
+			t.string  :host                  # vhost
+			t.string  :address, :limit => 16 # unique
+			t.string  :address6
+			t.integer :port
+			t.integer :ssl
+			t.integer :selected
+		end
+
+		create_table :wmap_requests do |t|
+			t.string  :host                  # vhost
+			t.string  :address, :limit => 16 # unique
+			t.string  :address6
+			t.integer :port
+			t.integer :ssl
+			t.string  :meth, :limit => 32
+			t.text    :path
+			t.text    :headers
+			t.text    :query
+			t.text    :body
+			t.string  :respcode, :limit => 16
+			t.text    :resphead
+			t.text    :response
+			t.timestamp :created
+		end
+	end
+
+	def self.down
+		drop_table :wmap_targets
+		drop_table :wmap_requests
+	end
+end
+

lib/msf/core/db.rb

@@ -488,7 +488,7 @@ class DBManager
 	# Selected host
 	#
 	def selected_host
-		selhost = Target.find(:first, :conditions => ["selected > 0"] )
+		selhost = WmapTarget.find(:first, :conditions => ["selected != 0"] )
 		if selhost
 			return selhost.host
 		else
@@ -501,7 +501,7 @@ class DBManager
 	# Selected port
 	#
 	def selected_port
-		Target.find(:first, :conditions => ["selected > 0"] ).port
+		WmapTarget.find(:first, :conditions => ["selected != 0"] ).port
 	end
 
 	#
@@ -509,7 +509,7 @@ class DBManager
 	# Selected ssl
 	#
 	def selected_ssl
-		Target.find(:first, :conditions => ["selected > 0"] ).ssl
+		WmapTarget.find(:first, :conditions => ["selected != 0"] ).ssl
 	end
 
 	#
@@ -517,7 +517,7 @@ class DBManager
 	# Selected id
 	#
 	def selected_id
-		Target.find(:first, :conditions => ["selected > 0"] ).object_id
+		WmapTarget.find(:first, :conditions => ["selected != 0"] ).object_id
 	end
 
 	#
@@ -537,7 +537,7 @@ class DBManager
 	# This method wiil be remove on second phase of db merging.
 	#
 	def request_distinct_targets
-		Request.find(:all, :select => 'DISTINCT host,port,ssl')
+		WmapRequest.find(:all, :select => 'DISTINCT host,address,port,ssl')
 	end
 
 	#
@@ -545,7 +545,7 @@ class DBManager
 	# This method iterates the requests table returning a list of all requests of a specific target
 	#
 	def each_request_target_with_path(&block)
-		target_requests('AND requests.path IS NOT NULL').each do |req|
+		target_requests('AND wmap_requests.path IS NOT NULL').each do |req|
 			block.call(req)
 		end
 	end
@@ -555,7 +555,7 @@ class DBManager
 	# This method iterates the requests table returning a list of all requests of a specific target
 	#
 	def each_request_target_with_query(&block)
-		target_requests('AND requests.query IS NOT NULL').each do |req|
+		target_requests('AND wmap_requests.query IS NOT NULL').each do |req|
 			block.call(req)
 		end
 	end
@@ -565,7 +565,7 @@ class DBManager
 	# This method iterates the requests table returning a list of all requests of a specific target
 	#
 	def each_request_target_with_body(&block)
-		target_requests('AND requests.body IS NOT NULL').each do |req|
+		target_requests('AND wmap_requests.body IS NOT NULL').each do |req|
 			block.call(req)
 		end
 	end
@@ -575,7 +575,7 @@ class DBManager
 	# This method iterates the requests table returning a list of all requests of a specific target
 	#
 	def each_request_target_with_headers(&block)
-		target_requests('AND requests.headers IS NOT NULL').each do |req|
+		target_requests('AND wmap_requests.headers IS NOT NULL').each do |req|
 			block.call(req)
 		end
 	end
@@ -595,7 +595,7 @@ class DBManager
 	# This method returns a list of all requests from target
 	#
 	def target_requests(extra_condition)
-		Request.find(:all, :conditions => ["requests.host = ? AND requests.port = ? #{extra_condition}",selected_host,selected_port])
+		WmapRequest.find(:all, :conditions => ["wmap_requests.host = ? AND wmap_requests.port = ? #{extra_condition}",selected_host,selected_port])
 	end
 
 	#
@@ -614,7 +614,7 @@ class DBManager
 	# This method allows to query directly the requests table. To be used mainly by modules
 	#
 	def request_sql(host,port,extra_condition)
-		Request.find(:all, :conditions => ["requests.host = ? AND requests.port = ? #{extra_condition}",host,port])
+		WmapRequest.find(:all, :conditions => ["wmap_requests.host = ? AND wmap_requests.port = ? #{extra_condition}",host,port])
 	end
 
 	#
@@ -622,7 +622,7 @@ class DBManager
 	# This methods returns a list of all targets in the database
 	#
 	def requests
-		Request.find(:all)
+		WmapRequest.find(:all)
 	end
 
 	#
@@ -641,7 +641,7 @@ class DBManager
 	# This methods returns a list of all targets in the database
 	#
 	def targets
-		Target.find(:all)
+		WmapTarget.find(:all)
 	end
 
 	#
@@ -649,7 +649,7 @@ class DBManager
 	# This methods deletes all targets from targets table in the database
 	#
 	def delete_all_targets
-		Target.delete_all
+		WmapTarget.delete_all
 	end
 
 	#
@@ -657,7 +657,7 @@ class DBManager
 	# Find a target matching this id
 	#
 	def get_target(id)
-		target = Target.find(:first, :conditions => [ "id = ?", id])
+		target = WmapTarget.find(:first, :conditions => [ "id = ?", id])
 		return target
 	end
 
@@ -666,8 +666,9 @@ class DBManager
 	# Create a target
 	#
 	def create_target(host,port,ssl,sel)
-		tar = Target.create(
+		tar = WmapTarget.create(
 				:host => host,
+				:address => host,
 				:port => port,
 				:ssl => ssl,
 				:selected => sel
@@ -681,8 +682,9 @@ class DBManager
 	# Create a request (by hand)
 	#
 	def create_request(host,port,ssl,meth,path,headers,query,body,respcode,resphead,response)
-		req = Request.create(
+		req = WmapRequest.create(
 				:host => host,
+				:address => host,
 				:port => port,
 				:ssl => ssl,
 				:meth => meth,
@@ -709,3 +711,4 @@ class DBManager
 end
 
 end
+

lib/msf/core/db_objects.rb

@@ -108,13 +108,13 @@ end
 
 
 # WMAP Request object definition
-class Request < ::ActiveRecord::Base
+class WmapRequest < ::ActiveRecord::Base
 	include DBSave
 	# Magic.
 end
 
 # WMAP Target object definition
-class Target < ::ActiveRecord::Base
+class WmapTarget < ::ActiveRecord::Base
 	include DBSave
 	# Magic.
 end

lib/msf/ui/console/command_dispatcher/wmap.rb

@@ -80,12 +80,18 @@ module Wmap
 					target_url = args.shift
 
 					if target_url == nil
-						print_error("URI required.")
+						print_error("URI required (http://<user:pass>@host</uri>)")
+						return
 					else
 						puri = uri_parse(target_url)
 
 						scheme, authority, path, query = puri[2], puri[4], puri[5], puri[7]
 
+						if(not authority)
+							print_error("URI required (http://<user:pass>@host</uri>)")
+							return
+						end
+
 						uri_ssl= 0
 						if scheme == 'https'
 							uri_ssl = 1
@@ -1267,7 +1273,7 @@ module Wmap
 
 			regexstr = '^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?'
 
-			regexurl = Regexp.new(regexstr, false, 'N')
+			regexurl = Regexp.new(regexstr, false)
 			ret = regexurl.match(uri)
 
 			return ret
@@ -1321,3 +1327,4 @@ end
 end
 end
 end
+

modules/auxiliary/scanner/http/wmap_dir_webdav_unicode_bypass.rb

@@ -45,7 +45,7 @@ class Metasploit3 < Msf::Auxiliary
 
 		register_options(
 			[
-				OptString.new('PATH', [ true,  "The path  to identify files", '/']),
+				OptString.new('PATH', [ true,  "The path to identify files", '/']),
 				OptInt.new('ERROR_CODE', [ true, "Error code for non existent directory", 404]),
 				OptPath.new('DICTIONARY',   [ false, "Path of word dictionary to use",
 						File.join(Msf::Config.install_root, "data", "wmap", "wmap_dirs.txt")
@@ -188,3 +188,4 @@ class Metasploit3 < Msf::Auxiliary
 
 	end
 end
+

modules/auxiliary/scanner/http/wmap_soap_xml.rb

@@ -155,6 +155,8 @@ class Metasploit3 < Msf::Auxiliary
 							res.message =~ /was not the expected type\s\'([^']+)'/
 							print_status("Set CONTENTTYPE to \"#{$1}\"")
 							return false
+						elsif (res.code == 404)
+							return false
 						else
 							print_status("Server responded to SOAPAction: #{v}#{n} with HTTP: #{res.code} #{res.message}.")
 							if datastore['DISPLAYHTML']
@@ -175,3 +177,4 @@ class Metasploit3 < Msf::Auxiliary
 		end
 	end
 end
+