Merge branch 'master' of github.com:rapid7/metasploit-framework into rapid7

2013-01-03 16:53:52 -06:00 · 2013-01-03 16:53:52 -06:00 · b190342e3f
parent aa9f7dac6a 2f0e4cbd39
commit b190342e3f
1 changed files with 25 additions and 6 deletions
--- a/lib/msf/core/db.rb
+++ b/lib/msf/core/db.rb
@ -676,6 +676,13 @@ class DBManager
 			sess_data[:desc] = sess_data[:desc][0,255]
 		end
    
+		# In the case of multi handler we cannot yet determine the true
+		# exploit responsible. But we can at least show the parent versus
+		# just the generic handler:
+		if session.via_exploit == "exploit/multi/handler"
+	  	sess_data[:via_exploit] = sess_data[:datastore]['ParentModule']
+		end
+
 		s = ::Mdm::Session.new(sess_data)
 		s.save!

@ -684,19 +691,26 @@ class DBManager
 		end

 		# If this is a live session, we know the host is vulnerable to something.
-		# If the exploit used was multi/handler, though, we don't know what
-		# it's vulnerable to, so it isn't really useful to save it.
-		if opts[:session] and session.via_exploit and session.via_exploit != "exploit/multi/handler"
+		if opts[:session] and session.via_exploit
 			return unless host

 			mod = framework.modules.create(session.via_exploit)
+
+			if session.via_exploit == "exploit/multi/handler"
+		  	mod_fullname = sess_data[:datastore]['ParentModule']
+		  	mod_name = ::Mdm::ModuleDetail.find_by_fullname(mod_fullname).name
+			else 
+				mod_name = mod.name
+				mod_fullname = mod.fullname
+			end
+
 			vuln_info = {
 				:host => host.address,
-				:name => mod.name,
+				:name => mod_name,
 				:refs => mod.references,
 				:workspace => wspace,
 				:exploited_at => Time.now.utc,
-				:info => "Exploited by #{mod.fullname} to create Session #{s.id}"
+				:info => "Exploited by #{mod_fullname} to create Session #{s.id}"
 			}

 			port    = session.exploit_datastore["RPORT"]
@ -706,10 +720,15 @@ class DBManager

 			vuln = framework.db.report_vuln(vuln_info)
 			
+			if session.via_exploit == "exploit/multi/handler"
+				via_exploit = sess_data[:datastore]['ParentModule']
+			else
+				via_exploit = session.via_exploit
+			end
 			attempt_info = {
 				:timestamp   => Time.now.utc,
 				:workspace   => wspace,
-				:module      => session.via_exploit,
+				:module      => via_exploit,
 				:username    => session.username,
 				:refs        => mod.references,
 				:session_id  => s.id,