Second verse, same as the first
parent
bf8146c8b5
commit
466ef4349e
|
@ -44,15 +44,6 @@ module Msf::DBManager::ExploitAttempt
|
||||||
username = opts.delete(:username)
|
username = opts.delete(:username)
|
||||||
mname = opts.delete(:module)
|
mname = opts.delete(:module)
|
||||||
|
|
||||||
# Look up the host as appropriate
|
|
||||||
if not (host and host.kind_of? ::Mdm::Host)
|
|
||||||
if svc.kind_of? ::Mdm::Service
|
|
||||||
host = svc.host
|
|
||||||
else
|
|
||||||
host = get_host( :workspace => wspace, :address => host )
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
# Bail if we dont have a host object
|
# Bail if we dont have a host object
|
||||||
return if not host
|
return if not host
|
||||||
|
|
||||||
|
@ -153,19 +144,19 @@ module Msf::DBManager::ExploitAttempt
|
||||||
vuln = find_vuln_by_refs(ref_objs, host, svc)
|
vuln = find_vuln_by_refs(ref_objs, host, svc)
|
||||||
end
|
end
|
||||||
|
|
||||||
# We have match, lets create a vuln_attempt record
|
|
||||||
if vuln
|
|
||||||
attempt_info = {
|
attempt_info = {
|
||||||
:vuln_id => vuln.id,
|
|
||||||
:attempted_at => timestamp || Time.now.utc,
|
:attempted_at => timestamp || Time.now.utc,
|
||||||
:exploited => true,
|
:exploited => true,
|
||||||
|
:module => mname,
|
||||||
:username => username || "unknown",
|
:username => username || "unknown",
|
||||||
:module => mname
|
|
||||||
}
|
}
|
||||||
|
|
||||||
attempt_info[:session_id] = opts[:session_id] if opts[:session_id]
|
attempt_info[:session_id] = opts[:session_id] if opts[:session_id]
|
||||||
attempt_info[:loot_id] = opts[:loot_id] if opts[:loot_id]
|
attempt_info[:loot_id] = opts[:loot_id] if opts[:loot_id]
|
||||||
|
|
||||||
|
# We have match, lets create a vuln_attempt record
|
||||||
|
if vuln
|
||||||
|
attempt_info[:vuln_id] = vuln.id,
|
||||||
|
|
||||||
vuln.vuln_attempts.create(attempt_info)
|
vuln.vuln_attempts.create(attempt_info)
|
||||||
|
|
||||||
# Correct the vuln's associated service if necessary
|
# Correct the vuln's associated service if necessary
|
||||||
|
@ -176,16 +167,6 @@ module Msf::DBManager::ExploitAttempt
|
||||||
end
|
end
|
||||||
|
|
||||||
# Report an exploit attempt all the same
|
# Report an exploit attempt all the same
|
||||||
attempt_info = {
|
|
||||||
:attempted_at => timestamp || Time.now.utc,
|
|
||||||
:exploited => true,
|
|
||||||
:username => username || "unknown",
|
|
||||||
:module => mname
|
|
||||||
}
|
|
||||||
|
|
||||||
attempt_info[:vuln_id] = vuln.id if vuln
|
|
||||||
attempt_info[:session_id] = opts[:session_id] if opts[:session_id]
|
|
||||||
attempt_info[:loot_id] = opts[:loot_id] if opts[:loot_id]
|
|
||||||
|
|
||||||
if svc
|
if svc
|
||||||
attempt_info[:port] = svc.port
|
attempt_info[:port] = svc.port
|
||||||
|
|
|
@ -185,7 +185,7 @@ module Msf::DBManager::Session
|
||||||
end
|
end
|
||||||
|
|
||||||
vuln_info = {
|
vuln_info = {
|
||||||
:host => host.address,
|
:host => host,
|
||||||
:name => mod_name,
|
:name => mod_name,
|
||||||
:refs => mod.references,
|
:refs => mod.references,
|
||||||
:workspace => wspace,
|
:workspace => wspace,
|
||||||
|
|
|
@ -138,6 +138,14 @@ shared_examples_for 'Msf::DBManager::Session' do
|
||||||
it 'should make a MatchResult' do
|
it 'should make a MatchResult' do
|
||||||
expect { report_session }.to change(MetasploitDataModels::AutomaticExploitation::MatchResult, :count).by(1)
|
expect { report_session }.to change(MetasploitDataModels::AutomaticExploitation::MatchResult, :count).by(1)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it 'should not increase the host count' do
|
||||||
|
expect { report_session }.not_to change(Mdm::Host, :count)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'should not increase the vuln count' do
|
||||||
|
expect { report_session }.not_to change(Mdm::Vuln, :count)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'without user_data' do
|
context 'without user_data' do
|
||||||
|
|
Loading…
Reference in New Issue