Update match result creation logic

MSP-13119

* Look up match on match set for the run
* If no match exists in the match set for the vuln, attempt to create a match for the vuln
bug/bundler_fix
Fernando Arias 2015-09-22 00:24:38 -05:00
parent 359306a1a4
commit 9230b04674
No known key found for this signature in database
GPG Key ID: 89EC07CE01DF79A1
1 changed files with 19 additions and 28 deletions

View File

@ -183,17 +183,17 @@ module Msf::DBManager::ExploitAttempt
# @option opts [Integer] :run_id # @option opts [Integer] :run_id
# @return [void] # @return [void]
def create_match_result_for_vuln(vuln, opts) def create_match_result_for_vuln(vuln, opts)
run_id = opts[:run_id] run = MetasploitDataModels::AutomaticExploitation::Run.where(id:opts[:run_id]).last
match = MetasploitDataModels::AutomaticExploitation::Match.by_run_id(run_id).last
# If no match found for run, create a run if a vuln has a match if run.present?
unless match.present? match = MetasploitDataModels::AutomaticExploitation::Match.by_run_and_vuln(run,vuln).last
match, run = create_run_for_vuln(vuln,opts)
end
# If no match found
unless match.present?
match = create_match_for_vuln(vuln,opts.merge(run:run))
end
# Only create a match result if a match exists
if match.present?
run ||= MetasploitDataModels::AutomaticExploitation::Run.find(run_id)
create_match_result(opts.merge(match:match,run:run)) create_match_result(opts.merge(match:match,run:run))
end end
end end
@ -216,30 +216,21 @@ module Msf::DBManager::ExploitAttempt
) )
end end
# Create a MetasploitDataModels::AutomaticExploitation::Run for the given vuln # Create a MetasploitDataModels::AutomaticExploitation::Match for the given vuln
# @option vuln [Mdm::Vuln] :vuln # @option vuln [Mdm::Vuln] :vuln
# @option opts [Mdm::Workspace] :workspace # @option opts [Mdm::Workspace] :workspace
# @option opts [String] :username # @option opts [String] :username
# @return [ MetasploitDataModels::AutomaticExploitation::Match, MetasploitDataModels::AutomaticExploitation::Run] # @return [ MetasploitDataModels::AutomaticExploitation::Match, MetasploitDataModels::AutomaticExploitation::Run]
def create_run_for_vuln(vuln,opts) def create_match_for_vuln(vuln,opts)
wspace = opts[:workspace] || workspace wspace = opts[:workspace] || workspace
username = opts[:username] run = opts[:run]
module_fullname = opts[:module]
match = vuln.matches.last run.match_set.create_match_for_vuln(
vuln,
#Only create a run if the vuln has a match workspace: wspace,
if match.present? module_fullname: module_fullname
match_set = match.match_set )
user = Mdm::User.where(username: username).first
automatic_exploitation_run = MetasploitDataModels::AutomaticExploitation::Run.new
automatic_exploitation_run.workspace = wspace
automatic_exploitation_run.user = user
match_set.runs << automatic_exploitation_run
automatic_exploitation_run.save!
[match, automatic_exploitation_run]
end
end end
end end