From 1f007bf3c995c750c92cef141f27b7070eee54bc Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 22 Jul 2014 15:46:27 -0500 Subject: [PATCH 1/4] start adding new rpc calls Signed-off-by: David Maloney --- lib/msf/core/rpc/v10/rpc_db.rb | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/lib/msf/core/rpc/v10/rpc_db.rb b/lib/msf/core/rpc/v10/rpc_db.rb index b22eeac670..522fcea90c 100644 --- a/lib/msf/core/rpc/v10/rpc_db.rb +++ b/lib/msf/core/rpc/v10/rpc_db.rb @@ -4,6 +4,9 @@ module RPC class RPC_Db < RPC_Base private + + include Metasploit::Credential::Creation + def db self.framework.db.active end @@ -88,6 +91,12 @@ private public + def rpc_create_credential(xopts) + create_credential(xopts) + end + + + def rpc_hosts(xopts) ::ActiveRecord::Base.connection_pool.with_connection { opts, wspace = init_db_opts_workspace(xopts) From e29b2aed9b52881cb35f2a220950d8bc666940b8 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Mon, 28 Jul 2014 14:49:35 -0500 Subject: [PATCH 2/4] add credential rpc calls --- lib/msf/core/rpc/v10/rpc_db.rb | 47 ++++++++++++++++++++++++++++++++-- 1 file changed, 45 insertions(+), 2 deletions(-) diff --git a/lib/msf/core/rpc/v10/rpc_db.rb b/lib/msf/core/rpc/v10/rpc_db.rb index 522fcea90c..adff167416 100644 --- a/lib/msf/core/rpc/v10/rpc_db.rb +++ b/lib/msf/core/rpc/v10/rpc_db.rb @@ -18,6 +18,21 @@ private self.framework.db.workspace end + def fix_cred_options(opts) + new_opts = fix_options(opts) + + # Convert some of are data back to symbols + if new_opts[:origin_type] + new_opts[:origin_type] = new_opts[:origin_type].to_sym + end + + if new_opts[:private_type] + new_opts[:private_type] = new_opts[:private_type].to_sym + end + + new_opts + end + def fix_options(opts) newopts = {} opts.each do |k,v| @@ -91,11 +106,39 @@ private public - def rpc_create_credential(xopts) - create_credential(xopts) + def rpc_create_cracked_credential(xopts) + opts = fix_cred_options(xopts) + create_credential(opts) end + def rpc_create_credential(xopts) + opts = fix_cred_options(xopts) + core = create_credential(opts) + ret = { + username: core.public.try(:username), + private: core.private.try(:data), + private_type: core.private.try(:type), + realm_value: core.realm.try(:value), + realm_key: core.realm.try(:key) + } + + if opts[:last_attempted_at] && opts[:status] + opts[:core] = core + opts[:last_attempted_at] = opts[:last_attempted_at].to_datetime + login = create_credential_login(opts) + + ret[:host] = login.service.host.address, + ret[:sname] = login.service.name + ret[:status] = login.status + end + ret + end + + def rpc_invalidate_login(xopts) + opts = fix_cred_options(xopts) + invalidate_login(opts) + end def rpc_hosts(xopts) ::ActiveRecord::Base.connection_pool.with_connection { From c9d231b48b8500d3db95193a4898bb464310a021 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Mon, 28 Jul 2014 14:52:53 -0500 Subject: [PATCH 3/4] remove old rpc methods added rpc methods to create new creds removing the old methods for the obsolete cred models --- lib/msf/core/rpc/v10/rpc_db.rb | 45 ---------------------------------- 1 file changed, 45 deletions(-) diff --git a/lib/msf/core/rpc/v10/rpc_db.rb b/lib/msf/core/rpc/v10/rpc_db.rb index adff167416..e5db68edca 100644 --- a/lib/msf/core/rpc/v10/rpc_db.rb +++ b/lib/msf/core/rpc/v10/rpc_db.rb @@ -542,15 +542,6 @@ public } end - def rpc_report_auth_info(xopts) - ::ActiveRecord::Base.connection_pool.with_connection { - opts, wspace = init_db_opts_workspace(xopts) - res = self.framework.db.report_auth_info(opts) - return { :result => 'success' } if(res) - { :result => 'failed' } - } - end - def rpc_get_auth_info(xopts) ::ActiveRecord::Base.connection_pool.with_connection { opts, wspace = init_db_opts_workspace(xopts) @@ -880,42 +871,6 @@ public } end - # requires host, port, user, pass, ptype, and active - def rpc_report_cred(xopts) - ::ActiveRecord::Base.connection_pool.with_connection { - opts, wspace = init_db_opts_workspace(xopts) - res = framework.db.find_or_create_cred(opts) - return { :result => 'success' } if res - { :result => 'failed' } - } - end - - #right now workspace is the only option supported - def rpc_creds(xopts) - ::ActiveRecord::Base.connection_pool.with_connection { - opts, wspace = init_db_opts_workspace(xopts) - limit = opts.delete(:limit) || 100 - offset = opts.delete(:offset) || 0 - - ret = {} - ret[:creds] = [] - ::Mdm::Cred.find(:all, :include => {:service => :host}, :conditions => ["hosts.workspace_id = ?", - framework.db.workspace.id ], :limit => limit, :offset => offset).each do |c| - cred = {} - cred[:host] = c.service.host.address if(c.service.host) - cred[:updated_at] = c.updated_at.to_i - cred[:port] = c.service.port - cred[:proto] = c.service.proto - cred[:sname] = c.service.name - cred[:type] = c.ptype - cred[:user] = c.user - cred[:pass] = c.pass - cred[:active] = c.active - ret[:creds] << cred - end - ret - } - end def rpc_import_data(xopts) ::ActiveRecord::Base.connection_pool.with_connection { From 3870b598732d1a3458e0151ca2bf2e52b5f31e54 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Mon, 28 Jul 2014 15:13:03 -0500 Subject: [PATCH 4/4] remove rpg_get_auth_info this is an rpc call that calls a method that does not even exist... WAT?! --- lib/msf/core/rpc/v10/rpc_db.rb | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/lib/msf/core/rpc/v10/rpc_db.rb b/lib/msf/core/rpc/v10/rpc_db.rb index e5db68edca..32da0c8829 100644 --- a/lib/msf/core/rpc/v10/rpc_db.rb +++ b/lib/msf/core/rpc/v10/rpc_db.rb @@ -542,24 +542,6 @@ public } end - def rpc_get_auth_info(xopts) - ::ActiveRecord::Base.connection_pool.with_connection { - opts, wspace = init_db_opts_workspace(xopts) - ret = {} - ret[:auth_info] = [] - # XXX: This method doesn't exist... - ai = self.framework.db.get_auth_info(opts) - ai.each do |i| - info = {} - i.each do |k,v| - info[k.to_sym] = v - end - ret[:auth_info] << info - end - ret - } - end - def rpc_get_ref(name) ::ActiveRecord::Base.connection_pool.with_connection { db_check