move\ vuln\ reporting\ out\ of\ the\ console\ so\ it works in all\ UIs
git-svn-id: file:///home/svn/framework3/trunk@8855 4d416f70-5f16-0410-b530-b9f4589650daunstable
James Lee
parent
24934444b6
commit
1678a0f74a
|
|
@ -258,11 +258,22 @@ class FrameworkEventSubscriber
|
|||
# Generic handler for session events
|
||||
#
|
||||
def session_event(name, session, opts={})
|
||||
address = session.tunnel_peer[0, session.tunnel_peer.rindex(":") || session.tunnel_peer.length ]
|
||||
if session.respond_to? :peerhost
|
||||
address = session.peerhost
|
||||
elsif session.respond_to? :tunnel_peer
|
||||
address = session.tunnel_peer[0, session.tunnel_peer.rindex(":") || session.tunnel_peer.length ]
|
||||
elsif session.respond_to? :target_host
|
||||
address = session.target_host
|
||||
else
|
||||
elog("Session with no peerhost/tunnel_peer")
|
||||
dlog("#{session.inspect}", LEV_3)
|
||||
return
|
||||
end
|
||||
|
||||
if framework.db.active
|
||||
ws = framework.db.find_workspace(session.workspace)
|
||||
event = {
|
||||
:workspace => framework.db.find_workspace(session.workspace),
|
||||
:workspace => ws,
|
||||
:username => session.username,
|
||||
:name => name,
|
||||
:host => address,
|
||||
|
|
@ -285,6 +296,31 @@ class FrameworkEventSubscriber
|
|||
def on_session_open(session)
|
||||
opts = { :datastore => session.exploit_datastore.to_h }
|
||||
session_event('session_open', session, opts)
|
||||
if framework.db.active
|
||||
# Copy/paste ftw
|
||||
if session.respond_to? :peerhost
|
||||
address = session.peerhost
|
||||
elsif session.respond_to? :tunnel_peer
|
||||
address = session.tunnel_peer[0, session.tunnel_peer.rindex(":") || session.tunnel_peer.length ]
|
||||
elsif session.respond_to? :target_host
|
||||
address = session.target_host
|
||||
else
|
||||
elog("Session with no peerhost/tunnel_peer")
|
||||
dlog("#{session.inspect}", LEV_3)
|
||||
return
|
||||
end
|
||||
# Since we got a session, we know the host is vulnerable to something.
|
||||
# If the exploit used was multi/handler, though, we don't know what
|
||||
# it's vulnerable to, so it isn't really useful to save it.
|
||||
if session.via_exploit and session.via_exploit != "exploit/multi/handler"
|
||||
info = {
|
||||
:host => address,
|
||||
:name => session.via_exploit,
|
||||
:workspace => framework.db.find_workspace(session.workspace)
|
||||
}
|
||||
framework.db.report_vuln(info)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def on_session_close(session, reason='')
|
||||
|
|
|
|||
|
|
@ -30,21 +30,9 @@ module FrameworkEventManager
|
|||
#
|
||||
def on_session_open(session)
|
||||
output.print_status("#{session.desc} session #{session.name} opened (#{session.tunnel_to_s})")
|
||||
|
||||
if (Msf::Logging.session_logging_enabled? == true)
|
||||
Msf::Logging.start_session_log(session)
|
||||
end
|
||||
# Since we got a session, we know the host is vulnerable to something.
|
||||
# If the exploit used was multi/handler, though, we don't know what
|
||||
# it's vulnerable to, so it isn't really useful to save it.
|
||||
if framework.db.active and session.via_exploit and session.via_exploit != "multi/handler"
|
||||
info = {
|
||||
:host => session.tunnel_peer.sub(/:\d+$/, ''), # strip off the port
|
||||
:name => session.via_exploit,
|
||||
:workspace => framework.db.find_workspace(session.workspace)
|
||||
}
|
||||
framework.db.report_vuln(info)
|
||||
end
|
||||
end
|
||||
|
||||
#
|
||||
|
|
|
|||
Loading…
Reference in New Issue