infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #11113, fixes for vuln and credential APIs

GSoC/Meterpreter_Web_Console
Matthew Kienow 2019-01-04 17:05:12 -05:00
parent 9ac96b213f 1b29e17827
commit b5c4ac6af3
No known key found for this signature in database
GPG Key ID: 40787F8B1EAC6E41
7 changed files with 43 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
documentation/api/v1/vuln_api_doc.rb
View File

@ -15,10 +15,9 @@ module VulnApiDoc
ORIGIN_ID_DESC = 'ID of the associated origin record.'
ORIGIN_TYPE_DESC = 'The origin type of this vuln.'
REFS_DESC = 'An array of public reference IDs for this vuln.'
REF_ID_DESC = 'The ID of the related Mdm::ModuleRef or Mdm::VulnRef associated with this vuln.'
REF_ID_DESC = 'The ID of the related Mdm::Ref associated with this vuln.'
REF_NAME_DESC = 'Designation for external reference. May include a prefix for the authority, such as \'CVE-\', in which case the rest of the name is the designation assigned by that authority.'
REFS_EXAMPLE = ['CVE-2008-4250','OSVDB-49243','MSB-MS08-067']
MODULE_REF_DETAIL_ID_DESC = 'The ID of the Mdm::Module::Detail record this ModuleRef is associated with.'
# Swagger documentation for vulns model
swagger_schema :Vuln do
@ -32,24 +31,12 @@ module VulnApiDoc
property :vuln_attempt_count, type: :integer, format: :int32, description: VULN_ATTEMPT_COUNT
property :origin_id, type: :integer, format: :int32, description: ORIGIN_ID_DESC
property :origin_type, type: :string, description: ORIGIN_TYPE_DESC
property :vuln_refs do
key :type, :array
items do
key :'$ref', :VulnRef
end
end
property :refs do
key :type, :array
items do
key :'$ref', :Ref
end
end
property :module_refs do
key :type, :array
items do
key :'$ref', :ModuleRef
end
end
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
end
@ -63,21 +50,6 @@ module VulnApiDoc
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
end
swagger_schema :ModuleRef do
key :required, [:name]
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :detail_id, type: :integer, format: :int32, description: MODULE_REF_DETAIL_ID_DESC
property :name, type: :string, required: true, description: REF_NAME_DESC
end
swagger_schema :VulnRef do
key :required, [:ref_id, :vuln_id]
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :ref_id, type: :integer, format: :int32, description: RootApiDoc::CREATED_AT_DESC
property :vuln_id, type: :integer, format: :int32, description: RootApiDoc::UPDATED_AT_DESC
end
swagger_path '/api/v1/vulns' do
# Swagger documentation for /api/v1/vulns GET
operation :get do

14
lib/metasploit/framework/data_service/remote/http/remote_credential_data_service.rb
View File

@ -11,19 +11,19 @@ module RemoteCredentialDataService
path = get_path_select(opts, CREDENTIAL_API_PATH)
data = self.get_data(path, nil, opts)
rv = json_to_mdm_object(data, CREDENTIAL_MDM_CLASS, [])
parsed_body = JSON.parse(data.response.body).symbolize_keys
parsed_body = JSON.parse(data.response.body, symbolize_names: true)
data = parsed_body[:data]
data.each do |cred|
if cred['public']
public_object = to_ar(cred['public']['type'].constantize, cred['public'])
if cred[:public]
public_object = to_ar(cred[:public][:type].constantize, cred[:public])
rv[data.index(cred)].public = public_object
end
if cred['private']
private_object = to_ar(cred['private']['type'].constantize, cred['private'])
if cred[:private]
private_object = to_ar(cred[:private][:type].constantize, cred[:private])
rv[data.index(cred)].private = private_object
end
if cred['origin']
origin_object = to_ar(cred['origin']['type'].constantize, cred['origin'])
if cred[:origin]
origin_object = to_ar(cred[:origin][:type].constantize, cred[:origin])
rv[data.index(cred)].origin = origin_object
end
end

10
lib/metasploit/framework/data_service/remote/http/response_data_helper.rb
View File

@ -49,7 +49,7 @@ module ResponseDataHelper
begin
body = process_response(response_wrapper)
if !body.nil? && !body.empty?
parsed_body = JSON.parse(body).symbolize_keys
parsed_body = JSON.parse(body, symbolize_names: true)
data = Array.wrap(parsed_body[:data])
rv = []
data.each do |json_object|
@ -99,7 +99,7 @@ module ResponseDataHelper
# @return [ActiveRecord::Base] A klass object, which inherits from ActiveRecord::Base.
def to_ar(klass, val, base_object = nil)
return nil unless val
data = val.class == Hash ? val.dup : JSON.parse(val)
data = val.class == Hash ? val.dup : JSON.parse(val, symbolize_names: true)
obj = base_object || klass.new
obj_associations = klass.reflect_on_all_associations(:has_many).reduce({}) do |reflection, i|
@ -107,7 +107,9 @@ module ResponseDataHelper
reflection
end
data.except(*obj.attributes.keys).each do |k, v|
obj_attribute_names = obj.attributes.transform_keys(&:to_sym).keys
data.except(*obj_attribute_names).each do |k, v|
association = klass.reflect_on_association(k)
next unless association
@ -133,7 +135,7 @@ module ResponseDataHelper
end
end
end
obj.assign_attributes(data.slice(*obj.attributes.keys))
obj.assign_attributes(data.slice(*obj_attribute_names))
obj.instance_eval do
# prevent save

12
lib/msf/core/db_manager/ref.rb
View File

@ -4,10 +4,16 @@ module Msf::DBManager::Ref
#
def find_or_create_ref(opts)
ret = {}
ret[:ref] = get_ref(opts[:name])
return ret[:ref] if ret[:ref]
::ActiveRecord::Base.connection_pool.with_connection {
if opts[:id] && !opts[:id].to_s.empty?
return Mdm::Ref.find(opts[:id])
end
if opts[:ref]
return get_ref(opts[:name])
end
ref = ::Mdm::Ref.where(name: opts[:name]).first_or_initialize
begin
@ -20,7 +26,7 @@ module Msf::DBManager::Ref
if ref and ref.changed?
ref.save!
end
ret[:ref] = ref
ref
}
end

5
lib/msf/core/db_manager/vuln.rb
View File

@ -262,8 +262,9 @@ module Msf::DBManager::Vuln
::ActiveRecord::Base.connection_pool.with_connection {
wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework, false)
opts[:workspace] = wspace if wspace
id = opts.delete(:id)
Mdm::Vuln.update(id, opts)
v = Mdm::Vuln.find(opts.delete(:id))
v.update!(opts)
v
}
end

18
lib/msf/core/web_services/servlet/vuln_servlet.rb
View File

@ -1,5 +1,7 @@
module VulnServlet
JSON_INCLUDES = [:host, :refs, :module_refs]
def self.api_path
'/api/v1/vulns'
end
@ -25,9 +27,8 @@ module VulnServlet
begin
sanitized_params = sanitize_params(params, env['rack.request.query_hash'])
data = get_db.vulns(sanitized_params)
includes = [:host, :vulns_refs, :refs, :module_refs]
data = data.first if is_single_object?(data, sanitized_params)
set_json_data_response(response: data, includes: includes)
set_json_data_response(response: data, includes: JSON_INCLUDES)
rescue => e
print_error_and_create_response(error: e, message: 'There was an error retrieving vulns:', code: 500)
end
@ -51,8 +52,17 @@ module VulnServlet
opts = parse_json_request(request, false)
tmp_params = sanitize_params(params)
opts[:id] = tmp_params[:id] if tmp_params[:id]
# update_vuln requires refs to be of type Mdm::Ref
# Find or create the Mdm::Ref object before moving on to the update
if opts[:refs]
refs = []
opts[:refs].each do |r|
refs << get_db.find_or_create_ref(r)
end
opts[:refs] = refs
end
data = get_db.update_vuln(opts)
set_json_data_response(response: data)
set_json_data_response(response: data, includes: JSON_INCLUDES)
rescue => e
print_error_and_create_response(error: e, message: 'There was an error updating the vuln:', code: 500)
end
@ -65,7 +75,7 @@ module VulnServlet
begin
opts = parse_json_request(request, false)
data = get_db.delete_vuln(opts)
set_json_data_response(response: data)
set_json_data_response(response: data, includes: JSON_INCLUDES)
rescue => e
print_error_and_create_response(error: e, message: 'There was an error deleting the vulns:', code: 500)
end