infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Search functionality for db dispatcher commands

unstable
RageLtMan 2012-01-15 00:49:25 -05:00 committed by James Lee
parent aab493259f
commit 3270976d7b
1 changed files with 61 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
lib/msf/ui/console/command_dispatcher/db.rb
View File

@ -162,6 +162,7 @@ class Db
delete_count = 0
host_ranges = []
search_term = ''
output = nil
default_columns = ::Msf::DBManager::Host.column_names.sort
@ -197,6 +198,8 @@ class Db
when '-R','--rhosts'
set_rhosts = true
rhosts = []
when '-S', '--search'
search_term = args.shift
when '-h','--help'
print_line "Usage: hosts [ options ] [addr1 addr2 ...]"
@ -209,6 +212,7 @@ class Db
print_line " -u,--up Only show hosts which are up"
print_line " -o <file> Send output to a file in csv format"
print_line " -R,--rhosts Set RHOSTS from the results of the search"
print_line " -S,--search Search string to filter by"
print_line
print_line "Available columns: #{default_columns.join(", ")}"
print_line
@ -234,7 +238,7 @@ class Db
print_status("Time: #{host.created_at} Host: host=#{host.address}")
if set_rhosts
# only unique addresses
addr = (host.scope ? host.address + '%' + host.scope : host.address )
addr = (host.scope ? host.address + '%' + host.scope : host.address )
rhosts << addr unless rhosts.include?(addr)
end
end
@ -252,9 +256,13 @@ class Db
# Sentinal value meaning all
host_ranges.push(nil) if host_ranges.empty?
search_term = '.' if search_term.empty?
each_host_range_chunk(host_ranges) do |host_search|
framework.db.hosts(framework.db.workspace, onlyup, host_search).each do |host|
next unless host.attribute_names.any? {
|a| host[a.to_sym].to_s.downcase.match(/#{search_term.downcase}/)
}
columns = col_names.map do |n|
# Deal with the special cases
if virtual_columns.include?(n)
@ -271,7 +279,7 @@ class Db
tbl << columns
if set_rhosts
addr = (host.scope ? host.address + '%' + host.scope : host.address )
addr = (host.scope ? host.address + '%' + host.scope : host.address )
rhosts << addr unless rhosts.include?(addr)
end
if mode == :delete
@ -316,6 +324,7 @@ class Db
host_ranges = []
port_ranges = []
delete_count = 0
search_term = ''
# option parsing
while (arg = args.shift)
@ -367,6 +376,8 @@ class Db
when '-R','--rhosts'
set_rhosts = true
rhosts = []
when '-S', '--search'
search_term = args.shift
when '-h','--help'
print_line
@ -382,6 +393,7 @@ class Db
print_line " -u,--up Only show services which are up"
print_line " -o <file> Send output to a file in csv format"
print_line " -R,--rhosts Set RHOSTS from the results of the search"
print_line " -S,--search Search string to filter by"
print_line
print_line "Available columns: #{default_columns.join(", ")}"
print_line
@ -435,18 +447,25 @@ class Db
# Sentinal value meaning all
host_ranges.push(nil) if host_ranges.empty?
ports = nil if ports.empty?
search_term = '.' if search_term.empty?
each_host_range_chunk(host_ranges) do |host_search|
framework.db.services(framework.db.workspace, onlyup, proto, host_search, ports, names).each do |service|
host = service.host
next unless host.attribute_names.any? {
|a| host[a.to_sym].to_s.downcase.match(/#{search_term.downcase}/)
} or service.attribute_names.any? {
|a| service[a.to_sym].to_s.downcase.match(/#{search_term.downcase}/)
}
columns = [host.address] + col_names.map { |n| service[n].to_s || "" }
tbl << columns
if set_rhosts
addr = (host.scope ? host.address + '%' + host.scope : host.address )
addr = (host.scope ? host.address + '%' + host.scope : host.address )
rhosts << addr unless rhosts.include?(addr)
end
if (mode == :delete)
service.destroy
delete_count += 1
@ -479,6 +498,7 @@ class Db
print_line " -h,--help Show this help information"
print_line " -p,--port <portspec> List vulns matching this port spec"
print_line " -s <svc names> List vulns matching these service names"
print_line " -S,--search Search string to filter by"
print_line
print_line "Examples:"
print_line " vulns -p 1-65536 # only vulns with associated services"
@ -493,6 +513,7 @@ class Db
host_ranges = []
port_ranges = []
svcs = []
search_term = ''
# Short-circuit help
if args.delete "-h"
@ -521,6 +542,8 @@ class Db
return
end
svcs = service.split(/[\s]*,[\s]*/)
when '-S', '--search'
search_term = args.shift
else
# Anything that wasn't an option is a host to search for
unless (arg_host_range(arg, host_ranges))
@ -533,10 +556,16 @@ class Db
host_ranges.push(nil) if host_ranges.empty?
ports = port_ranges.flatten.uniq
svcs.flatten!
search_term = '.' if search_term.empty?
each_host_range_chunk(host_ranges) do |host_search|
framework.db.hosts(framework.db.workspace, false, host_search).each do |host|
host.vulns.each do |vuln|
next unless vuln.attribute_names.any? {
|a| vuln[a.to_sym].to_s.downcase.match(/#{search_term.downcase}/)
} or vuln.host.attribute_names.any? {
|a| vuln.host[a.to_sym].to_s.downcase.match(/#{search_term.downcase}/)
}
reflist = vuln.refs.map { |r| r.name }
if(vuln.service)
# Skip this one if the user specified a port and it
@ -570,6 +599,7 @@ class Db
print_line " -u,--user Add a cred for this user (only with -a). Default: blank"
print_line " -P,--password Add a cred with this password (only with -a). Default: blank"
print_line " -R,--rhosts Set RHOSTS from the results of the search"
print_line " -S,--search Search string to filter by"
print_line
print_line "Examples:"
print_line " creds # Default, returns all active credentials"
@ -597,6 +627,7 @@ class Db
host_ranges = []
port_ranges = []
svcs = []
search_term = ''
user = nil
@ -649,6 +680,8 @@ class Db
when "-R"
set_rhosts = true
rhosts = []
when '-S', '--search'
search_term = args.shift
when "-u","--user"
user = args.shift
if (!user)
@ -698,6 +731,7 @@ class Db
# normalize
ports = port_ranges.flatten.uniq
svcs.flatten!
search_term = '.' if search_term.empty?
tbl = Rex::Ui::Text::Table.new({
'Header' => "Credentials",
@ -709,7 +743,9 @@ class Db
framework.db.each_cred(framework.db.workspace) do |cred|
# skip if it's inactive and user didn't ask for all
next unless (cred.active or inactive_ok)
next unless cred.attribute_names.any? {
|a| cred[a.to_sym].to_s.downcase.match(/#{search_term.downcase}/)
}
# Also skip if the user is searching for something and this
# one doesn't match
includes = false
@ -738,7 +774,7 @@ class Db
cred.destroy
end
if set_rhosts
addr = (cred.service.host.scope ? cred.service.host.address + '%' + cred.service.host.scope : cred.service.host.address )
addr = (cred.service.host.scope ? cred.service.host.address + '%' + cred.service.host.scope : cred.service.host.address )
rhosts << addr unless rhosts.include?(addr)
end
creds_returned += 1
@ -766,6 +802,7 @@ class Db
print_line " -t <type1,type2> Search for a list of types"
print_line " -h,--help Show this help information"
print_line " -R,--rhosts Set RHOSTS from the results of the search"
print_line " -S,--search Search string to filter by"
print_line
print_line "Examples:"
print_line " notes --add -t apps -n 'winzip' 10.1.1.34 10.1.20.41"
@ -781,6 +818,7 @@ class Db
set_rhosts = false
host_ranges = []
search_term = ''
while (arg = args.shift)
case arg
@ -804,6 +842,8 @@ class Db
when '-R','--rhosts'
set_rhosts = true
rhosts = []
when '-S', '--search'
search_term = args.shift
when '-h','--help'
cmd_notes_help
return
@ -835,6 +875,7 @@ class Db
end
note_list = []
search_term = '.' if search_term.empty?
delete_count = 0
if host_ranges.empty? # No host specified - collect all notes
note_list = framework.db.notes
@ -845,6 +886,10 @@ class Db
end
end
end
note_list.keep_if {|n| n.attribute_names.any? {
|a| n[a.to_sym].to_s.downcase =~ /#{search_term.downcase}/
}
}
# Now display them
note_list.each do |note|
next if(types and types.index(note.ntype).nil?)
@ -853,7 +898,7 @@ class Db
host = note.host
msg << " host=#{note.host.address}"
if set_rhosts
addr = (host.scope ? host.address + '%' + host.scope : host.address )
addr = (host.scope ? host.address + '%' + host.scope : host.address )
rhosts << addr unless rhosts.include?(addr)
end
end
@ -881,6 +926,7 @@ class Db
print_line
print_line " -t <type1,type2> Search for a list of types"
print_line " -h,--help Show this help information"
print_line " -S,--search Search string to filter by"
print_line
end
@ -890,6 +936,7 @@ class Db
host_ranges = []
types = nil
delete_count = 0
search_term = ''
while (arg = args.shift)
case arg
@ -902,6 +949,8 @@ class Db
return
end
types = typelist.strip().split(",")
when '-S', '--search'
search_term = args.shift
when '-h','--help'
cmd_loot_help
return
@ -925,6 +974,11 @@ class Db
framework.db.hosts(framework.db.workspace, false, host_search).each do |host|
host.loots.each do |loot|
next if(types and types.index(loot.ltype).nil?)
next unless loot.attribute_names.any? {
|a| loot[a.to_sym].to_s.downcase.match(/#{search_term.downcase}/)
} or loot.host.attribute_names.any? {
|a| loot.host[a.to_sym].to_s.downcase.match(/#{search_term.downcase}/)
}
row = []
row.push( (loot.host ? loot.host.address : "") )
if (loot.service)