Merge pull request #3576 from dmaloney-r7/feature/MSP-9641/cred-rpc-calls
Feature/msp 9641/cred roc calls MSP-9641 #landbug/bundler_fix
commit
d863ff907e
|
@ -4,6 +4,9 @@ module RPC
|
||||||
class RPC_Db < RPC_Base
|
class RPC_Db < RPC_Base
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
|
include Metasploit::Credential::Creation
|
||||||
|
|
||||||
def db
|
def db
|
||||||
self.framework.db.active
|
self.framework.db.active
|
||||||
end
|
end
|
||||||
|
@ -15,6 +18,21 @@ private
|
||||||
self.framework.db.workspace
|
self.framework.db.workspace
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def fix_cred_options(opts)
|
||||||
|
new_opts = fix_options(opts)
|
||||||
|
|
||||||
|
# Convert some of are data back to symbols
|
||||||
|
if new_opts[:origin_type]
|
||||||
|
new_opts[:origin_type] = new_opts[:origin_type].to_sym
|
||||||
|
end
|
||||||
|
|
||||||
|
if new_opts[:private_type]
|
||||||
|
new_opts[:private_type] = new_opts[:private_type].to_sym
|
||||||
|
end
|
||||||
|
|
||||||
|
new_opts
|
||||||
|
end
|
||||||
|
|
||||||
def fix_options(opts)
|
def fix_options(opts)
|
||||||
newopts = {}
|
newopts = {}
|
||||||
opts.each do |k,v|
|
opts.each do |k,v|
|
||||||
|
@ -88,6 +106,40 @@ private
|
||||||
|
|
||||||
public
|
public
|
||||||
|
|
||||||
|
def rpc_create_cracked_credential(xopts)
|
||||||
|
opts = fix_cred_options(xopts)
|
||||||
|
create_credential(opts)
|
||||||
|
end
|
||||||
|
|
||||||
|
def rpc_create_credential(xopts)
|
||||||
|
opts = fix_cred_options(xopts)
|
||||||
|
core = create_credential(opts)
|
||||||
|
|
||||||
|
ret = {
|
||||||
|
username: core.public.try(:username),
|
||||||
|
private: core.private.try(:data),
|
||||||
|
private_type: core.private.try(:type),
|
||||||
|
realm_value: core.realm.try(:value),
|
||||||
|
realm_key: core.realm.try(:key)
|
||||||
|
}
|
||||||
|
|
||||||
|
if opts[:last_attempted_at] && opts[:status]
|
||||||
|
opts[:core] = core
|
||||||
|
opts[:last_attempted_at] = opts[:last_attempted_at].to_datetime
|
||||||
|
login = create_credential_login(opts)
|
||||||
|
|
||||||
|
ret[:host] = login.service.host.address,
|
||||||
|
ret[:sname] = login.service.name
|
||||||
|
ret[:status] = login.status
|
||||||
|
end
|
||||||
|
ret
|
||||||
|
end
|
||||||
|
|
||||||
|
def rpc_invalidate_login(xopts)
|
||||||
|
opts = fix_cred_options(xopts)
|
||||||
|
invalidate_login(opts)
|
||||||
|
end
|
||||||
|
|
||||||
def rpc_hosts(xopts)
|
def rpc_hosts(xopts)
|
||||||
::ActiveRecord::Base.connection_pool.with_connection {
|
::ActiveRecord::Base.connection_pool.with_connection {
|
||||||
opts, wspace = init_db_opts_workspace(xopts)
|
opts, wspace = init_db_opts_workspace(xopts)
|
||||||
|
@ -490,33 +542,6 @@ public
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
def rpc_report_auth_info(xopts)
|
|
||||||
::ActiveRecord::Base.connection_pool.with_connection {
|
|
||||||
opts, wspace = init_db_opts_workspace(xopts)
|
|
||||||
res = self.framework.db.report_auth_info(opts)
|
|
||||||
return { :result => 'success' } if(res)
|
|
||||||
{ :result => 'failed' }
|
|
||||||
}
|
|
||||||
end
|
|
||||||
|
|
||||||
def rpc_get_auth_info(xopts)
|
|
||||||
::ActiveRecord::Base.connection_pool.with_connection {
|
|
||||||
opts, wspace = init_db_opts_workspace(xopts)
|
|
||||||
ret = {}
|
|
||||||
ret[:auth_info] = []
|
|
||||||
# XXX: This method doesn't exist...
|
|
||||||
ai = self.framework.db.get_auth_info(opts)
|
|
||||||
ai.each do |i|
|
|
||||||
info = {}
|
|
||||||
i.each do |k,v|
|
|
||||||
info[k.to_sym] = v
|
|
||||||
end
|
|
||||||
ret[:auth_info] << info
|
|
||||||
end
|
|
||||||
ret
|
|
||||||
}
|
|
||||||
end
|
|
||||||
|
|
||||||
def rpc_get_ref(name)
|
def rpc_get_ref(name)
|
||||||
::ActiveRecord::Base.connection_pool.with_connection {
|
::ActiveRecord::Base.connection_pool.with_connection {
|
||||||
db_check
|
db_check
|
||||||
|
@ -828,42 +853,6 @@ public
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
# requires host, port, user, pass, ptype, and active
|
|
||||||
def rpc_report_cred(xopts)
|
|
||||||
::ActiveRecord::Base.connection_pool.with_connection {
|
|
||||||
opts, wspace = init_db_opts_workspace(xopts)
|
|
||||||
res = framework.db.find_or_create_cred(opts)
|
|
||||||
return { :result => 'success' } if res
|
|
||||||
{ :result => 'failed' }
|
|
||||||
}
|
|
||||||
end
|
|
||||||
|
|
||||||
#right now workspace is the only option supported
|
|
||||||
def rpc_creds(xopts)
|
|
||||||
::ActiveRecord::Base.connection_pool.with_connection {
|
|
||||||
opts, wspace = init_db_opts_workspace(xopts)
|
|
||||||
limit = opts.delete(:limit) || 100
|
|
||||||
offset = opts.delete(:offset) || 0
|
|
||||||
|
|
||||||
ret = {}
|
|
||||||
ret[:creds] = []
|
|
||||||
::Mdm::Cred.find(:all, :include => {:service => :host}, :conditions => ["hosts.workspace_id = ?",
|
|
||||||
framework.db.workspace.id ], :limit => limit, :offset => offset).each do |c|
|
|
||||||
cred = {}
|
|
||||||
cred[:host] = c.service.host.address if(c.service.host)
|
|
||||||
cred[:updated_at] = c.updated_at.to_i
|
|
||||||
cred[:port] = c.service.port
|
|
||||||
cred[:proto] = c.service.proto
|
|
||||||
cred[:sname] = c.service.name
|
|
||||||
cred[:type] = c.ptype
|
|
||||||
cred[:user] = c.user
|
|
||||||
cred[:pass] = c.pass
|
|
||||||
cred[:active] = c.active
|
|
||||||
ret[:creds] << cred
|
|
||||||
end
|
|
||||||
ret
|
|
||||||
}
|
|
||||||
end
|
|
||||||
|
|
||||||
def rpc_import_data(xopts)
|
def rpc_import_data(xopts)
|
||||||
::ActiveRecord::Base.connection_pool.with_connection {
|
::ActiveRecord::Base.connection_pool.with_connection {
|
||||||
|
|
Loading…
Reference in New Issue