first attempt of reporting implementation.
git-svn-id: file:///home/svn/framework3/trunk@5771 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
c34bbae344
commit
7e73ed8c15
|
@ -87,8 +87,9 @@ drop table reports;
|
||||||
create table reports (
|
create table reports (
|
||||||
'id' INTEGER PRIMARY KEY NOT NULL,
|
'id' INTEGER PRIMARY KEY NOT NULL,
|
||||||
'target_id' INTEGER,
|
'target_id' INTEGER,
|
||||||
|
'parent_id' INTEGER,
|
||||||
'entity' VARCHAR(50),
|
'entity' VARCHAR(50),
|
||||||
'type' VARCHAR(50),
|
'etype' VARCHAR(50),
|
||||||
'value' BLOB,
|
'value' BLOB,
|
||||||
'notes' VARCHAR,
|
'notes' VARCHAR,
|
||||||
'source' VARCHAR,
|
'source' VARCHAR,
|
||||||
|
|
|
@ -6,6 +6,8 @@ module Msf
|
||||||
###
|
###
|
||||||
|
|
||||||
module Auxiliary::WMAPModule
|
module Auxiliary::WMAPModule
|
||||||
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Initializes an instance of a WMAP module
|
# Initializes an instance of a WMAP module
|
||||||
#
|
#
|
||||||
|
@ -23,7 +25,32 @@ module Auxiliary::WMAPModule
|
||||||
nil
|
nil
|
||||||
end
|
end
|
||||||
|
|
||||||
#modified from CGI.rb as we dont use arrays, this function may need to be included in proto/http
|
def wmap_base_report_id(host,port,ssl)
|
||||||
|
if not ssl
|
||||||
|
num_ssl = 0
|
||||||
|
else
|
||||||
|
num_ssl = 1
|
||||||
|
end
|
||||||
|
|
||||||
|
framework.db.last_report_id(host,port,num_ssl)
|
||||||
|
end
|
||||||
|
|
||||||
|
#
|
||||||
|
# This method is used to add a new entry to the report table
|
||||||
|
# It return the id to be used to add context to additional data
|
||||||
|
#
|
||||||
|
def wmap_report(parent_id,entity,etype,value,notes)
|
||||||
|
framework.db.create_report(parent_id,entity,etype,value,notes,self.name)
|
||||||
|
end
|
||||||
|
|
||||||
|
#
|
||||||
|
# Report if report exists
|
||||||
|
#
|
||||||
|
def wmap_report_exists?
|
||||||
|
framework.db.report_exists?
|
||||||
|
end
|
||||||
|
|
||||||
|
#modified from CGI.rb as we dont use arrays
|
||||||
def headersparse(qheaders)
|
def headersparse(qheaders)
|
||||||
params = Hash.new()
|
params = Hash.new()
|
||||||
|
|
||||||
|
@ -38,7 +65,7 @@ module Auxiliary::WMAPModule
|
||||||
params
|
params
|
||||||
end
|
end
|
||||||
|
|
||||||
#modified from CGI.rb as we dont use arrays, this function may need to be included in proto/http
|
#modified from CGI.rb as we dont use arrays
|
||||||
def queryparse(query)
|
def queryparse(query)
|
||||||
params = Hash.new()
|
params = Hash.new()
|
||||||
|
|
||||||
|
|
|
@ -95,7 +95,6 @@ end
|
||||||
###
|
###
|
||||||
class DBManager
|
class DBManager
|
||||||
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Determines if the database is functional
|
# Determines if the database is functional
|
||||||
#
|
#
|
||||||
|
@ -407,6 +406,14 @@ class DBManager
|
||||||
Target.find(:first, :conditions => ["selected > 0"] ).ssl
|
Target.find(:first, :conditions => ["selected > 0"] ).ssl
|
||||||
end
|
end
|
||||||
|
|
||||||
|
#
|
||||||
|
# WMAP
|
||||||
|
# Selected id
|
||||||
|
#
|
||||||
|
def selected_id
|
||||||
|
Target.find(:first, :conditions => ["selected > 0"] ).id
|
||||||
|
end
|
||||||
|
|
||||||
#
|
#
|
||||||
# WMAP
|
# WMAP
|
||||||
# This method iterates the requests table identifiying possible targets
|
# This method iterates the requests table identifiying possible targets
|
||||||
|
@ -545,7 +552,56 @@ class DBManager
|
||||||
#framework.events.on_db_target(context, rec)
|
#framework.events.on_db_target(context, rec)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
#
|
||||||
|
# WMAP
|
||||||
|
# Store data in report table
|
||||||
|
# First attempt for reporting. parent_id to point to other report entries
|
||||||
|
# to define context.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
def create_report(parent_id,entity,etype,value,notes,source)
|
||||||
|
rep = Report.create(
|
||||||
|
:target_id => self.selected_id,
|
||||||
|
:parent_id => parent_id,
|
||||||
|
:entity => entity,
|
||||||
|
:etype => etype,
|
||||||
|
:value => value,
|
||||||
|
:notes => notes,
|
||||||
|
:source => source,
|
||||||
|
:created => Time.now
|
||||||
|
)
|
||||||
|
rep.save
|
||||||
|
|
||||||
|
return rep.id
|
||||||
|
#framework.events.on_db_target(context, rec)
|
||||||
|
end
|
||||||
|
|
||||||
|
#
|
||||||
|
# WMAP
|
||||||
|
# Last report available for the target to store new report entries.
|
||||||
|
#
|
||||||
|
def last_report_id(host,port,ssl)
|
||||||
|
rep = Report.find(:first, :order => 'id desc', :conditions => [ "parent_id = ? and value = ?",0,"#{host},#{port},#{ssl}"])
|
||||||
|
|
||||||
|
if (not rep)
|
||||||
|
rep_id = framework.db.create_report(0,'WMAP','REPORT',"#{host},#{port},#{ssl}","Metasploit WMAP Report",'WMAP Scanner')
|
||||||
|
else
|
||||||
|
rep_id = rep.id
|
||||||
|
end
|
||||||
|
|
||||||
|
return rep_id
|
||||||
|
end
|
||||||
|
|
||||||
|
#
|
||||||
|
# Quick way to identify if the report database is available
|
||||||
|
#
|
||||||
|
def report_exists?
|
||||||
|
begin
|
||||||
|
Report.table_exists?
|
||||||
|
rescue
|
||||||
|
false
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -108,6 +108,10 @@ class Target < ::ActiveRecord::Base
|
||||||
# Magic.
|
# Magic.
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# WMAP Report object definition
|
||||||
|
class Report < ::ActiveRecord::Base
|
||||||
|
include DBSave
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -128,6 +128,9 @@ module Wmap
|
||||||
mode |= WMAP_SHOW
|
mode |= WMAP_SHOW
|
||||||
when '-e'
|
when '-e'
|
||||||
mode |= WMAP_EXPL
|
mode |= WMAP_EXPL
|
||||||
|
|
||||||
|
# Create report entry
|
||||||
|
framework.db.create_report(0,'WMAP','REPORT',"#{selected_host},#{selected_port},#{selected_ssl}","Metasploit WMAP Report",'WMAP Scanner')
|
||||||
when '-h'
|
when '-h'
|
||||||
print_status("Usage: wmap_run [options]")
|
print_status("Usage: wmap_run [options]")
|
||||||
print_line("\t-h Display this help text")
|
print_line("\t-h Display this help text")
|
||||||
|
|
|
@ -46,11 +46,21 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
if (res and res.headers['Server'])
|
if (res and res.headers['Server'])
|
||||||
extra = http_fingerprint(res)
|
extra = http_fingerprint(res)
|
||||||
print_status("#{ip} is running #{res.headers['Server']}#{extra}")
|
print_status("#{ip} is running #{res.headers['Server']}#{extra}")
|
||||||
|
|
||||||
|
if wmap_report_exists?
|
||||||
|
rep_id = wmap_base_report_id(
|
||||||
|
self.target_host,
|
||||||
|
self.target_port,
|
||||||
|
self.ssl
|
||||||
|
)
|
||||||
|
wmap_report(rep_id,'WEB_SERVER','TYPE',"#{res.headers['Server']}#{extra}",nil)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
|
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
|
||||||
rescue ::Timeout::Error, ::Errno::EPIPE
|
rescue ::Timeout::Error, ::Errno::EPIPE
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
#
|
#
|
||||||
|
|
|
@ -49,7 +49,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
if (res and res.code >= 200 and res.code < 300)
|
if (res and res.code >= 200 and res.code < 300)
|
||||||
if res.to_s.include? "<title>Index of /" and res.to_s.include? "<h1>Index of /"
|
if res.to_s.include? "<title>Index of /" and res.to_s.include? "<h1>Index of /"
|
||||||
print_status("Found Directoty Listing http://#{target_host}:#{datastore['RPORT']}#{tpath}")
|
print_status("Found Directory Listing http://#{target_host}:#{datastore['RPORT']}#{tpath}")
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
print_status("NOT Vulnerable to directoy listing http://#{target_host}:#{datastore['RPORT']}#{tpath}")
|
print_status("NOT Vulnerable to directoy listing http://#{target_host}:#{datastore['RPORT']}#{tpath}")
|
||||||
|
@ -58,7 +58,6 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
|
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
|
||||||
rescue ::Timeout::Error, ::Errno::EPIPE
|
rescue ::Timeout::Error, ::Errno::EPIPE
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue