diff --git a/lib/msf/core/db_manager/cred.rb b/lib/msf/core/db_manager/cred.rb index 603492b3d6..ef183de0ec 100644 --- a/lib/msf/core/db_manager/cred.rb +++ b/lib/msf/core/db_manager/cred.rb @@ -2,8 +2,14 @@ module Msf::DBManager::Cred # This methods returns a list of all credentials in the database def creds(opts) query = nil - wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework) ::ActiveRecord::Base.connection_pool.with_connection { + # If we have the ID, there is no point in creating a complex query. + if opts[:id] && !opts[:id].empty? + return Array.wrap(Metasploit::Credential::Core.find(opts[:id])) + end + + wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework) + query = Metasploit::Credential::Core.where( workspace_id: wspace.id ) query = query.includes(:private, :public, :logins).references(:private, :public, :logins) query = query.includes(logins: [ :service, { service: :host } ]) diff --git a/lib/msf/core/db_manager/event.rb b/lib/msf/core/db_manager/event.rb index 6ba12f88dd..18def5fc4f 100644 --- a/lib/msf/core/db_manager/event.rb +++ b/lib/msf/core/db_manager/event.rb @@ -1,6 +1,11 @@ module Msf::DBManager::Event def events(wspace=workspace) ::ActiveRecord::Base.connection_pool.with_connection { + # If we have the ID, there is no point in creating a complex query. + if opts[:id] && !opts[:id].empty? + return Array.wrap(Mdm::Event.find(opts[:id])) + end + wspace.events.find :all, :order => 'created_at ASC' } end diff --git a/lib/msf/core/db_manager/host.rb b/lib/msf/core/db_manager/host.rb index e55cb4a035..1cbc4441a5 100644 --- a/lib/msf/core/db_manager/host.rb +++ b/lib/msf/core/db_manager/host.rb @@ -128,12 +128,16 @@ module Msf::DBManager::Host # Returns a list of all hosts in the database def hosts(opts) ::ActiveRecord::Base.connection_pool.with_connection { + # If we have the ID, there is no point in creating a complex query. + if opts[:id] && !opts[:id].empty? + return Array.wrap(Mdm::Host.find(opts[:id])) + end + wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework) conditions = {} conditions[:state] = [Msf::HostState::Alive, Msf::HostState::Unknown] if opts[:non_dead] conditions[:address] = opts[:address] if opts[:address] && !opts[:address].empty? - conditions[:id] = opts[:id] if opts[:id] && !opts[:id].empty? if opts[:search_term] && !opts[:search_term].empty? column_search_conditions = Msf::Util::DBManager.create_all_column_search_conditions(Mdm::Host, opts[:search_term]) diff --git a/lib/msf/core/db_manager/http/servlet/loot_servlet.rb b/lib/msf/core/db_manager/http/servlet/loot_servlet.rb index da2497f29f..d56737ca12 100644 --- a/lib/msf/core/db_manager/http/servlet/loot_servlet.rb +++ b/lib/msf/core/db_manager/http/servlet/loot_servlet.rb @@ -9,7 +9,7 @@ module LootServlet end def self.registered(app) - app.get LootServlet.api_path, &get_loot + app.get LootServlet.api_path_with_id, &get_loot app.post LootServlet.api_path, &report_loot app.put LootServlet.api_path_with_id, &update_loot app.delete LootServlet.api_path, &delete_loot diff --git a/lib/msf/core/db_manager/http/servlet/service_servlet.rb b/lib/msf/core/db_manager/http/servlet/service_servlet.rb index c83c12c252..f33c4632db 100644 --- a/lib/msf/core/db_manager/http/servlet/service_servlet.rb +++ b/lib/msf/core/db_manager/http/servlet/service_servlet.rb @@ -9,7 +9,7 @@ module ServiceServlet end def self.registered(app) - app.get ServiceServlet.api_path, &get_services + app.get ServiceServlet.api_path_with_id, &get_services app.post ServiceServlet.api_path, &report_service app.put ServiceServlet.api_path_with_id, &update_service app.delete ServiceServlet.api_path, &delete_service diff --git a/lib/msf/core/db_manager/http/servlet/session_event_servlet.rb b/lib/msf/core/db_manager/http/servlet/session_event_servlet.rb index 7657492be2..1bb03f6b81 100644 --- a/lib/msf/core/db_manager/http/servlet/session_event_servlet.rb +++ b/lib/msf/core/db_manager/http/servlet/session_event_servlet.rb @@ -4,8 +4,12 @@ module SessionEventServlet '/api/v1/session-events' end + def self.api_path_with_id + "#{SessionEventServlet.api_path}/?:id?" + end + def self.registered(app) - app.get SessionEventServlet.api_path, &get_session_event + app.get SessionEventServlet.api_path_with_id, &get_session_event app.post SessionEventServlet.api_path, &report_session_event end diff --git a/lib/msf/core/db_manager/loot.rb b/lib/msf/core/db_manager/loot.rb index 5af116ad20..d2671285d2 100644 --- a/lib/msf/core/db_manager/loot.rb +++ b/lib/msf/core/db_manager/loot.rb @@ -17,6 +17,11 @@ module Msf::DBManager::Loot search_term = opts.delete(:search_term) ::ActiveRecord::Base.connection_pool.with_connection { + # If we have the ID, there is no point in creating a complex query. + if opts[:id] && !opts[:id].empty? + return Array.wrap(Mdm::Loot.find(opts[:id])) + end + wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework) opts[:workspace_id] = wspace.id diff --git a/lib/msf/core/db_manager/note.rb b/lib/msf/core/db_manager/note.rb index 0c85e243e9..4ce53e0eb4 100644 --- a/lib/msf/core/db_manager/note.rb +++ b/lib/msf/core/db_manager/note.rb @@ -23,6 +23,11 @@ module Msf::DBManager::Note # def notes(opts) ::ActiveRecord::Base.connection_pool.with_connection { + # If we have the ID, there is no point in creating a complex query. + if opts[:id] && !opts[:id].empty? + return Array.wrap(Mdm::Note.find(opts[:id])) + end + wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework) data = opts.delete(:data) diff --git a/lib/msf/core/db_manager/service.rb b/lib/msf/core/db_manager/service.rb index 64c80d8382..28049c65f7 100644 --- a/lib/msf/core/db_manager/service.rb +++ b/lib/msf/core/db_manager/service.rb @@ -143,14 +143,19 @@ module Msf::DBManager::Service # Returns a list of all services in the database def services(opts) - wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework) - search_term = opts.delete(:search_term) order_args = [:port] order_args.unshift(Mdm::Host.arel_table[:address]) if opts.key?(:hosts) ::ActiveRecord::Base.connection_pool.with_connection { + # If we have the ID, there is no point in creating a complex query. + if opts[:id] && !opts[:id].empty? + return Array.wrap(Mdm::Service.find(opts[:id])) + end + + wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework) + if search_term && !search_term.empty? column_search_conditions = Msf::Util::DBManager.create_all_column_search_conditions(Mdm::Service, search_term) wspace.services.includes(:host).where(opts).where(column_search_conditions).order(*order_args) diff --git a/lib/msf/core/db_manager/session.rb b/lib/msf/core/db_manager/session.rb index b33f8cd8ab..102396a03c 100644 --- a/lib/msf/core/db_manager/session.rb +++ b/lib/msf/core/db_manager/session.rb @@ -8,6 +8,11 @@ module Msf::DBManager::Session return if not active ::ActiveRecord::Base.connection_pool.with_connection { + # If we have the ID, there is no point in creating a complex query. + if opts[:id] && !opts[:id].empty? + return Array.wrap(Mdm::Session.find(opts[:id])) + end + wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework) search_term = opts.delete(:search_term) diff --git a/lib/msf/core/db_manager/session_event.rb b/lib/msf/core/db_manager/session_event.rb index 8b342ca398..2e915d8f1b 100644 --- a/lib/msf/core/db_manager/session_event.rb +++ b/lib/msf/core/db_manager/session_event.rb @@ -2,6 +2,10 @@ module Msf::DBManager::SessionEvent def session_events(opts) ::ActiveRecord::Base.connection_pool.with_connection { + # If we have the ID, there is no point in creating a complex query. + if opts[:id] && !opts[:id].empty? + return Array.wrap(Mdm::SessionEvent.find(opts[:id])) + end conditions = {} Mdm::SessionEvent.all diff --git a/lib/msf/core/db_manager/vuln.rb b/lib/msf/core/db_manager/vuln.rb index 742c748122..a000004ad3 100644 --- a/lib/msf/core/db_manager/vuln.rb +++ b/lib/msf/core/db_manager/vuln.rb @@ -236,6 +236,11 @@ module Msf::DBManager::Vuln # def vulns(opts) ::ActiveRecord::Base.connection_pool.with_connection { + # If we have the ID, there is no point in creating a complex query. + if opts[:id] && !opts[:id].empty? + return Array.wrap(Mdm::Vuln.find(opts[:id])) + end + wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework) search_term = opts.delete(:search_term) diff --git a/lib/msf/core/db_manager/vuln_attempt.rb b/lib/msf/core/db_manager/vuln_attempt.rb index b179b9d46f..59ae81adfa 100644 --- a/lib/msf/core/db_manager/vuln_attempt.rb +++ b/lib/msf/core/db_manager/vuln_attempt.rb @@ -23,6 +23,11 @@ module Msf::DBManager::VulnAttempt # def vuln_attempts(opts) ::ActiveRecord::Base.connection_pool.with_connection { + # If we have the ID, there is no point in creating a complex query. + if opts[:id] && !opts[:id].empty? + return Array.wrap(Mdm::VulnAttempt.find(opts[:id])) + end + # 'workspace' is not a valid attribute for Mdm::VulnAttempt. Remove it. Msf::Util::DBManager.delete_opts_workspace(opts) diff --git a/lib/msf/core/db_manager/workspace.rb b/lib/msf/core/db_manager/workspace.rb index 14f86a575f..e0b67b0819 100644 --- a/lib/msf/core/db_manager/workspace.rb +++ b/lib/msf/core/db_manager/workspace.rb @@ -47,6 +47,11 @@ module Msf::DBManager::Workspace def workspaces(opts = {}) ::ActiveRecord::Base.connection_pool.with_connection { + # If we have the ID, there is no point in creating a complex query. + if opts[:id] && !opts[:id].empty? + return Array.wrap(Mdm::Workspace.find(opts[:id])) + end + search_term = opts.delete(:search_term) # Passing these values to the search will cause exceptions, so remove them if they accidentally got passed in. Msf::Util::DBManager.delete_opts_workspace(opts)