commit
f6e9ae6569
|
@ -98,10 +98,8 @@ module MetasploitDataModels::ActiveRecordModels::Host
|
|||
# Note that we're already restricting the query to this host by using
|
||||
# host.notes instead of Note, so don't need a host_id in the
|
||||
# conditions.
|
||||
fingers = host.notes.find(:all,
|
||||
:conditions => [ "ntype like '%%fingerprint'" ]
|
||||
)
|
||||
fingers.each do |fp|
|
||||
fingerprintable_notes = self.notes.where("ntype like '%%fingerprint'")
|
||||
fingerprintable_notes.each do |fp|
|
||||
next if not validate_fingerprint_data(fp)
|
||||
norm = normalize_scanner_fp(fp)
|
||||
wvers[norm[:os_sp]] = wvers[norm[:os_sp]].to_i + (100 * norm[:certainty])
|
||||
|
@ -124,8 +122,9 @@ module MetasploitDataModels::ActiveRecordModels::Host
|
|||
# has an opinion and which doesn't. It would also be nice to
|
||||
# identify "impossible" combinations of services and alert that
|
||||
# something funny is going on.
|
||||
host.services.each do |s|
|
||||
next if not s.info
|
||||
# XXX: This hack solves the memory leak generated by self.services.each {}
|
||||
fingerprintable_services = self.services.where("name is not null and name != '' and info is not null and info != ''")
|
||||
fingerprintable_services.each do |s|
|
||||
points = 0
|
||||
case s.name
|
||||
when 'smb'
|
||||
|
|
|
@ -10,6 +10,15 @@ module MetasploitDataModels::ActiveRecordModels::Loot
|
|||
|
||||
before_destroy :delete_file
|
||||
|
||||
scope :search, lambda { |*args|
|
||||
where(["loots.ltype ILIKE ? OR " +
|
||||
"loots.name ILIKE ? OR " +
|
||||
"loots.info ILIKE ? OR " +
|
||||
"loots.data ILIKE ?",
|
||||
"%#{args[0]}%", "%#{args[0]}%", "%#{args[0]}%", "%#{args[0]}%"
|
||||
])
|
||||
}
|
||||
|
||||
private
|
||||
|
||||
def delete_file
|
||||
|
|
|
@ -10,6 +10,13 @@ module MetasploitDataModels::ActiveRecordModels::Note
|
|||
|
||||
scope :flagged, where('critical = true AND seen = false')
|
||||
scope :visible, where(notes[:ntype].not_in(['web.form', 'web.url', 'web.vuln']))
|
||||
scope :search, lambda { |*args|
|
||||
where(["(data NOT ILIKE 'BAh7%' AND data LIKE ?)" +
|
||||
"OR (data ILIKE 'BAh7%' AND decode(data, 'base64') LIKE ?)" +
|
||||
"OR ntype ILIKE ?",
|
||||
"%#{args[0]}%", "%#{args[0]}%", "%#{args[0]}%"
|
||||
])
|
||||
}
|
||||
|
||||
|
||||
after_save :normalize
|
||||
|
|
|
@ -23,8 +23,9 @@ module MetasploitDataModels::ActiveRecordModels::Service
|
|||
where([
|
||||
"services.name ILIKE ? OR " +
|
||||
"services.info ILIKE ? OR " +
|
||||
"services.proto ILIKE ? OR " +
|
||||
"services.port = ? ",
|
||||
"%#{args[0]}%", "%#{args[0]}%", (args[0].to_i > 0) ? args[0].to_i : 99999
|
||||
"%#{args[0]}%", "%#{args[0]}%", "%#{args[0]}%", (args[0].to_i > 0) ? args[0].to_i : 99999
|
||||
])
|
||||
}
|
||||
|
||||
|
|
|
@ -10,17 +10,24 @@ module MetasploitDataModels::ActiveRecordModels::Session
|
|||
|
||||
scope :alive, where("closed_at IS NULL")
|
||||
scope :dead, where("closed_at IS NOT NULL")
|
||||
scope :upgradeable, where("closed_at IS NULL AND stype = 'shell' and platform ILIKE '%win%'")
|
||||
|
||||
serialize :datastore, ::MetasploitDataModels::Base64Serializer.new
|
||||
|
||||
before_destroy :stop
|
||||
|
||||
def upgradeable?
|
||||
(self.platform =~ /win/ and self.stype == 'shell')
|
||||
end
|
||||
|
||||
|
||||
private
|
||||
|
||||
def stop
|
||||
c = Pro::Client.get rescue nil
|
||||
c.session_stop(self.local_id) rescue nil # ignore exceptions (XXX - ideally, stopped an already-stopped session wouldn't throw XMLRPCException)
|
||||
end
|
||||
|
||||
}
|
||||
end
|
||||
end
|
||||
|
|
|
@ -10,6 +10,13 @@ module MetasploitDataModels::ActiveRecordModels::Vuln
|
|||
|
||||
after_update :save_refs
|
||||
|
||||
scope :search, lambda { |*args|
|
||||
where(["(vulns.name ILIKE ? or vulns.info ILIKE ? or refs.name ILIKE ?)",
|
||||
"%#{args[0]}%", "%#{args[0]}%", "%#{args[0]}%"
|
||||
]).
|
||||
joins("LEFT OUTER JOIN vulns_refs ON vulns_refs.vuln_id=vulns.id LEFT OUTER JOIN refs ON refs.id=vulns_refs.ref_id")
|
||||
}
|
||||
|
||||
private
|
||||
|
||||
def save_refs
|
||||
|
|
|
@ -6,14 +6,14 @@ Gem::Specification.new do |s|
|
|||
|
||||
s.required_rubygems_version = Gem::Requirement.new("> 1.3.1") if s.respond_to? :required_rubygems_version=
|
||||
s.authors = ["Trevor Rosen"]
|
||||
s.date = "2012-04-24"
|
||||
s.date = "2012-05-18"
|
||||
s.description = "Implements minimal ActiveRecord models and database helper code used in both the Metasploit Framework (MSF) and Metasploit commercial editions."
|
||||
s.email = ["trevor_rosen@rapid7.com"]
|
||||
s.executables = ["mdm_console"]
|
||||
s.files = ["bin/mdm_console"]
|
||||
s.homepage = ""
|
||||
s.require_paths = ["lib"]
|
||||
s.rubygems_version = "1.8.21"
|
||||
s.rubygems_version = "1.8.15"
|
||||
s.summary = "Database code for MSF and Metasploit Pro"
|
||||
|
||||
if s.respond_to? :specification_version then
|
||||
|
|
Loading…
Reference in New Issue