infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #9533, Add output file support to the vulns command

MS-2855/keylogger-mettle-extension
Brent Cook 2018-02-15 15:52:25 -06:00
parent 67dc579fd3 b9faa9e92b
commit 2d3aef9031
No known key found for this signature in database
GPG Key ID: 1FFAA0B24B708F96
2 changed files with 38 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
lib/msf/ui/console/command_dispatcher/db.rb
View File

@ -777,6 +777,7 @@ class Db
print_line "Usage: vulns [addr range]"
print_line
print_line " -h,--help Show this help information"
print_line " -o <file> Send output to a file in csv format"
print_line " -p,--port <portspec> List vulns matching this port spec"
print_line " -s <svc names> List vulns matching these service names"
print_line " -R,--rhosts Set RHOSTS from the results of the search"
@ -801,6 +802,7 @@ class Db
search_term = nil
show_info = false
set_rhosts = false
output_file = nil
# Short-circuit help
if args.delete "-h"
@ -817,6 +819,14 @@ class Db
when "-h","--help"
cmd_vulns_help
return
when "-o", "--output"
output_file = args.shift
if output_file
output_file = File.expand_path(output_file)
else
print_error("Invalid output filename")
return
end
when "-p","--port"
unless (arg_port_range(args.shift, port_ranges, true))
return
@ -846,6 +856,10 @@ class Db
host_ranges.push(nil) if host_ranges.empty?
ports = port_ranges.flatten.uniq
svcs.flatten!
tbl = Rex::Text::Table.new(
'Header' => 'Vulnerabilities',
'Columns' => ['Timestamp', 'Host', 'Name', 'References', 'Information']
)
each_host_range_chunk(host_ranges) do |host_search|
framework.db.hosts(framework.db.workspace, false, host_search).each do |host|
@ -857,19 +871,34 @@ class Db
)
end
reflist = vuln.refs.map { |r| r.name }
if(vuln.service)
# Skip this one if the user specified a port and it
# doesn't match.
next unless ports.empty? or ports.include? vuln.service.port
# Same for service names
next unless svcs.empty? or svcs.include?(vuln.service.name)
print_status("Time: #{vuln.created_at} Vuln: host=#{host.address} name=#{vuln.name} refs=#{reflist.join(',')} #{(show_info && vuln.info) ? "info=#{vuln.info}" : ""}")
else
# This vuln has no service, so it can't match
next unless ports.empty? and svcs.empty?
print_status("Time: #{vuln.created_at} Vuln: host=#{host.address} name=#{vuln.name} refs=#{reflist.join(',')} #{(show_info && vuln.info) ? "info=#{vuln.info}" : ""}")
end
print_status("Time: #{vuln.created_at} Vuln: host=#{host.address} name=#{vuln.name} refs=#{reflist.join(',')} #{(show_info && vuln.info) ? "info=#{vuln.info}" : ""}")
if output_file
row = []
row << vuln.created_at
row << host.address
row << vuln.name
row << reflist * ","
if show_info && vuln.info
row << "info=#{vuln.info}"
else
row << ''
end
tbl << row
end
if set_rhosts
addr = (host.scope ? host.address + '%' + host.scope : host.address)
rhosts << addr
@ -878,6 +907,11 @@ class Db
end
end
if output_file
File.write(output_file, tbl.to_csv)
print_status("Wrote vulnerability information to #{output_file}")
end
# Finally, handle the case where the user wants the resulting list
# of hosts to go into RHOSTS.
set_rhosts_from_addrs(rhosts.uniq) if set_rhosts

1
spec/lib/msf/ui/console/command_dispatcher/db_spec.rb
View File

@ -265,6 +265,7 @@ RSpec.describe Msf::Ui::Console::CommandDispatcher::Db do
"Print all vulnerabilities in the database",
"Usage: vulns [addr range]",
" -h,--help Show this help information",
" -o <file> Send output to a file in csv format",
" -p,--port <portspec> List vulns matching this port spec",
" -s <svc names> List vulns matching these service names",
" -R,--rhosts Set RHOSTS from the results of the search",