From c7f15ca940717d193fc1f4f9706425f6bc858e62 Mon Sep 17 00:00:00 2001 From: Fernando Arias Date: Mon, 14 Sep 2015 12:18:47 -0500 Subject: [PATCH] Rework how match results get created MSP-13119 * Create match result when we create vuln attempt --- lib/msf/core/db_manager/exploit_attempt.rb | 20 +++++++++++++++++++ lib/msf/core/db_manager/session.rb | 9 +-------- lib/msf/core/exploit.rb | 9 --------- lib/msf/core/exploit_driver.rb | 1 + lib/msf/core/module.rb | 12 ----------- spec/lib/msf/core/module_spec.rb | 11 ---------- .../shared/examples/msf/db_manager/session.rb | 5 ----- 7 files changed, 22 insertions(+), 45 deletions(-) diff --git a/lib/msf/core/db_manager/exploit_attempt.rb b/lib/msf/core/db_manager/exploit_attempt.rb index 36c99012f7..2082c68c44 100644 --- a/lib/msf/core/db_manager/exploit_attempt.rb +++ b/lib/msf/core/db_manager/exploit_attempt.rb @@ -153,6 +153,8 @@ module Msf::DBManager::ExploitAttempt attempt_info[:vuln_id] = vuln.id vuln.vuln_attempts.create(attempt_info) + create_match_result(vuln,opts) + # Correct the vuln's associated service if necessary if svc and vuln.service_id.nil? vuln.service = svc @@ -176,4 +178,22 @@ module Msf::DBManager::ExploitAttempt } end + + def create_match_result(vuln, opts) + match = vuln.matches.last + if match + run = MetasploitDataModels::AutomaticExploitation::Run.where(match_set_id: match.match_set_id).first + if opts[:session_id] + state = MetasploitDataModels::AutomaticExploitation::MatchResult::SUCCEEDED + else + state = MetasploitDataModels::AutomaticExploitation::MatchResult::FAILED + end + MetasploitDataModels::AutomaticExploitation::MatchResult.create!( + match: match, + run: run, + state: state + ) + end + end + end diff --git a/lib/msf/core/db_manager/session.rb b/lib/msf/core/db_manager/session.rb index fc2afe3373..ff57c959b1 100644 --- a/lib/msf/core/db_manager/session.rb +++ b/lib/msf/core/db_manager/session.rb @@ -92,14 +92,7 @@ module Msf::DBManager::Session wspace = s.workspace if session - if session.exploit.user_data_is_match? - MetasploitDataModels::AutomaticExploitation::MatchResult.create!( - match: session.exploit.user_data[:match], - run: session.exploit.user_data[:run], - state: MetasploitDataModels::AutomaticExploitation::MatchResult::SUCCEEDED, - ) - infer_vuln_from_session(session, wspace) - elsif session.via_exploit + if session.via_exploit # This is a live session, we know the host is vulnerable to something. infer_vuln_from_session(session, wspace) end diff --git a/lib/msf/core/exploit.rb b/lib/msf/core/exploit.rb index 41d6bea30d..086d7f6403 100644 --- a/lib/msf/core/exploit.rb +++ b/lib/msf/core/exploit.rb @@ -1284,15 +1284,6 @@ class Exploit < Msf::Module end end - if user_data_is_match? - MetasploitDataModels::AutomaticExploitation::MatchResult.create!( - match: user_data[:match], - run: user_data[:run], - state: MetasploitDataModels::AutomaticExploitation::MatchResult::FAILED, - ) - end - - framework.db.report_exploit_failure(info) end diff --git a/lib/msf/core/exploit_driver.rb b/lib/msf/core/exploit_driver.rb index 4be621a9e5..846fd6569f 100644 --- a/lib/msf/core/exploit_driver.rb +++ b/lib/msf/core/exploit_driver.rb @@ -210,6 +210,7 @@ protected # Wait for session, but don't wait long. delay = 0.01 end + exploit.handle_exception e end diff --git a/lib/msf/core/module.rb b/lib/msf/core/module.rb index 7fb958617b..fda6eebe8c 100644 --- a/lib/msf/core/module.rb +++ b/lib/msf/core/module.rb @@ -59,10 +59,6 @@ class Module # datastore, consumed by #replicant to allow clean override of MSF module methods. REPLICANT_EXTENSION_DS_KEY = 'ReplicantExtensions' - # The set of keys in {#user_data} that make {#user_data_is_match?} return - # true - MATCH_KEYS = Set.new([ :match, :match_set, :run ]) - # Make include public so we can runtime extend public_class_method :include @@ -295,13 +291,6 @@ class Module raise RuntimeError, "#{reason.to_s}: #{msg}" end - # Whether {#user_data} contains everything necessary to make a - # `MetasploitDataModels::AutomaticExploitation::MatchResult` - # - # @return [bool] - def user_data_is_match? - user_data.kind_of?(Hash) && Set.new(user_data.keys).superset?(MATCH_KEYS) - end ## # @@ -347,7 +336,6 @@ class Module # {Msf::Simple::Auxiliary#run_simple} for correlating where modules came # from. # - # @see #user_data_is_match? attr_accessor :user_data protected diff --git a/spec/lib/msf/core/module_spec.rb b/spec/lib/msf/core/module_spec.rb index 6666933e45..35b83bc7b1 100644 --- a/spec/lib/msf/core/module_spec.rb +++ b/spec/lib/msf/core/module_spec.rb @@ -46,17 +46,6 @@ describe Msf::Module do it { is_expected.to respond_to :is_usable } end - describe '#user_data_is_match?' do - subject(:msf_module) { - msf_module = described_class.new - msf_module.user_data = { match: 'match', match_set: 'match_set', run: 'run' } - msf_module - } - specify do - expect(msf_module.user_data_is_match?).to eq(true) - end - end - describe "cloning modules into replicants" do module MsfExtensionTestFoo; def my_test1; true; end; end; module MsfExtensionTestBar; def my_test2; true; end; end; diff --git a/spec/support/shared/examples/msf/db_manager/session.rb b/spec/support/shared/examples/msf/db_manager/session.rb index 5d2f01bd00..acc5734635 100644 --- a/spec/support/shared/examples/msf/db_manager/session.rb +++ b/spec/support/shared/examples/msf/db_manager/session.rb @@ -46,7 +46,6 @@ shared_examples_for 'Msf::DBManager::Session' do framework: framework, name: name ) - allow(d).to receive(:user_data_is_match?).and_return(false) d end @@ -137,10 +136,6 @@ shared_examples_for 'Msf::DBManager::Session' do } end - before do - allow(module_instance).to receive(:user_data_is_match?).and_return(true) - end - it 'should make a MatchResult' do expect { report_session