Second verse, same as the first

bug/bundler_fix
James Lee 2015-03-27 09:59:10 -05:00
parent bf8146c8b5
commit 466ef4349e
No known key found for this signature in database
GPG Key ID: 2D6094C7CEA0A321
3 changed files with 17 additions and 28 deletions

View File

@ -44,15 +44,6 @@ module Msf::DBManager::ExploitAttempt
username = opts.delete(:username) username = opts.delete(:username)
mname = opts.delete(:module) mname = opts.delete(:module)
# Look up the host as appropriate
if not (host and host.kind_of? ::Mdm::Host)
if svc.kind_of? ::Mdm::Service
host = svc.host
else
host = get_host( :workspace => wspace, :address => host )
end
end
# Bail if we dont have a host object # Bail if we dont have a host object
return if not host return if not host
@ -153,19 +144,19 @@ module Msf::DBManager::ExploitAttempt
vuln = find_vuln_by_refs(ref_objs, host, svc) vuln = find_vuln_by_refs(ref_objs, host, svc)
end end
# We have match, lets create a vuln_attempt record
if vuln
attempt_info = { attempt_info = {
:vuln_id => vuln.id,
:attempted_at => timestamp || Time.now.utc, :attempted_at => timestamp || Time.now.utc,
:exploited => true, :exploited => true,
:module => mname,
:username => username || "unknown", :username => username || "unknown",
:module => mname
} }
attempt_info[:session_id] = opts[:session_id] if opts[:session_id] attempt_info[:session_id] = opts[:session_id] if opts[:session_id]
attempt_info[:loot_id] = opts[:loot_id] if opts[:loot_id] attempt_info[:loot_id] = opts[:loot_id] if opts[:loot_id]
# We have match, lets create a vuln_attempt record
if vuln
attempt_info[:vuln_id] = vuln.id,
vuln.vuln_attempts.create(attempt_info) vuln.vuln_attempts.create(attempt_info)
# Correct the vuln's associated service if necessary # Correct the vuln's associated service if necessary
@ -176,16 +167,6 @@ module Msf::DBManager::ExploitAttempt
end end
# Report an exploit attempt all the same # Report an exploit attempt all the same
attempt_info = {
:attempted_at => timestamp || Time.now.utc,
:exploited => true,
:username => username || "unknown",
:module => mname
}
attempt_info[:vuln_id] = vuln.id if vuln
attempt_info[:session_id] = opts[:session_id] if opts[:session_id]
attempt_info[:loot_id] = opts[:loot_id] if opts[:loot_id]
if svc if svc
attempt_info[:port] = svc.port attempt_info[:port] = svc.port

View File

@ -185,7 +185,7 @@ module Msf::DBManager::Session
end end
vuln_info = { vuln_info = {
:host => host.address, :host => host,
:name => mod_name, :name => mod_name,
:refs => mod.references, :refs => mod.references,
:workspace => wspace, :workspace => wspace,

View File

@ -138,6 +138,14 @@ shared_examples_for 'Msf::DBManager::Session' do
it 'should make a MatchResult' do it 'should make a MatchResult' do
expect { report_session }.to change(MetasploitDataModels::AutomaticExploitation::MatchResult, :count).by(1) expect { report_session }.to change(MetasploitDataModels::AutomaticExploitation::MatchResult, :count).by(1)
end end
it 'should not increase the host count' do
expect { report_session }.not_to change(Mdm::Host, :count)
end
it 'should not increase the vuln count' do
expect { report_session }.not_to change(Mdm::Vuln, :count)
end
end end
context 'without user_data' do context 'without user_data' do