Merge pull request #3576 from dmaloney-r7/feature/MSP-9641/cred-rpc-calls

Feature/msp 9641/cred roc calls

MSP-9641 #land
bug/bundler_fix
Trevor Rosen 2014-07-30 09:40:38 -05:00
commit d863ff907e
1 changed files with 52 additions and 63 deletions

View File

@ -4,6 +4,9 @@ module RPC
class RPC_Db < RPC_Base class RPC_Db < RPC_Base
private private
include Metasploit::Credential::Creation
def db def db
self.framework.db.active self.framework.db.active
end end
@ -15,6 +18,21 @@ private
self.framework.db.workspace self.framework.db.workspace
end end
def fix_cred_options(opts)
new_opts = fix_options(opts)
# Convert some of are data back to symbols
if new_opts[:origin_type]
new_opts[:origin_type] = new_opts[:origin_type].to_sym
end
if new_opts[:private_type]
new_opts[:private_type] = new_opts[:private_type].to_sym
end
new_opts
end
def fix_options(opts) def fix_options(opts)
newopts = {} newopts = {}
opts.each do |k,v| opts.each do |k,v|
@ -88,6 +106,40 @@ private
public public
def rpc_create_cracked_credential(xopts)
opts = fix_cred_options(xopts)
create_credential(opts)
end
def rpc_create_credential(xopts)
opts = fix_cred_options(xopts)
core = create_credential(opts)
ret = {
username: core.public.try(:username),
private: core.private.try(:data),
private_type: core.private.try(:type),
realm_value: core.realm.try(:value),
realm_key: core.realm.try(:key)
}
if opts[:last_attempted_at] && opts[:status]
opts[:core] = core
opts[:last_attempted_at] = opts[:last_attempted_at].to_datetime
login = create_credential_login(opts)
ret[:host] = login.service.host.address,
ret[:sname] = login.service.name
ret[:status] = login.status
end
ret
end
def rpc_invalidate_login(xopts)
opts = fix_cred_options(xopts)
invalidate_login(opts)
end
def rpc_hosts(xopts) def rpc_hosts(xopts)
::ActiveRecord::Base.connection_pool.with_connection { ::ActiveRecord::Base.connection_pool.with_connection {
opts, wspace = init_db_opts_workspace(xopts) opts, wspace = init_db_opts_workspace(xopts)
@ -490,33 +542,6 @@ public
} }
end end
def rpc_report_auth_info(xopts)
::ActiveRecord::Base.connection_pool.with_connection {
opts, wspace = init_db_opts_workspace(xopts)
res = self.framework.db.report_auth_info(opts)
return { :result => 'success' } if(res)
{ :result => 'failed' }
}
end
def rpc_get_auth_info(xopts)
::ActiveRecord::Base.connection_pool.with_connection {
opts, wspace = init_db_opts_workspace(xopts)
ret = {}
ret[:auth_info] = []
# XXX: This method doesn't exist...
ai = self.framework.db.get_auth_info(opts)
ai.each do |i|
info = {}
i.each do |k,v|
info[k.to_sym] = v
end
ret[:auth_info] << info
end
ret
}
end
def rpc_get_ref(name) def rpc_get_ref(name)
::ActiveRecord::Base.connection_pool.with_connection { ::ActiveRecord::Base.connection_pool.with_connection {
db_check db_check
@ -828,42 +853,6 @@ public
} }
end end
# requires host, port, user, pass, ptype, and active
def rpc_report_cred(xopts)
::ActiveRecord::Base.connection_pool.with_connection {
opts, wspace = init_db_opts_workspace(xopts)
res = framework.db.find_or_create_cred(opts)
return { :result => 'success' } if res
{ :result => 'failed' }
}
end
#right now workspace is the only option supported
def rpc_creds(xopts)
::ActiveRecord::Base.connection_pool.with_connection {
opts, wspace = init_db_opts_workspace(xopts)
limit = opts.delete(:limit) || 100
offset = opts.delete(:offset) || 0
ret = {}
ret[:creds] = []
::Mdm::Cred.find(:all, :include => {:service => :host}, :conditions => ["hosts.workspace_id = ?",
framework.db.workspace.id ], :limit => limit, :offset => offset).each do |c|
cred = {}
cred[:host] = c.service.host.address if(c.service.host)
cred[:updated_at] = c.updated_at.to_i
cred[:port] = c.service.port
cred[:proto] = c.service.proto
cred[:sname] = c.service.name
cred[:type] = c.ptype
cred[:user] = c.user
cred[:pass] = c.pass
cred[:active] = c.active
ret[:creds] << cred
end
ret
}
end
def rpc_import_data(xopts) def rpc_import_data(xopts)
::ActiveRecord::Base.connection_pool.with_connection { ::ActiveRecord::Base.connection_pool.with_connection {