From f7a4c577d613c7f369cb2b6579469cef72b0d90a Mon Sep 17 00:00:00 2001 From: Matthew Kienow Date: Mon, 16 Jul 2018 12:56:43 -0400 Subject: [PATCH] Add UserServlet and admin_api scope --- .../db_manager/http/metasploit_api_app.rb | 11 +++ .../db_manager/http/servlet/user_servlet.rb | 78 +++++++++++++++++++ 2 files changed, 89 insertions(+) create mode 100644 lib/msf/core/db_manager/http/servlet/user_servlet.rb diff --git a/lib/msf/core/db_manager/http/metasploit_api_app.rb b/lib/msf/core/db_manager/http/metasploit_api_app.rb index 5a7aa67d42..bc914e4f38 100644 --- a/lib/msf/core/db_manager/http/metasploit_api_app.rb +++ b/lib/msf/core/db_manager/http/metasploit_api_app.rb @@ -22,6 +22,7 @@ require 'msf/core/db_manager/http/servlet/credential_servlet' require 'msf/core/db_manager/http/servlet/nmap_servlet' require 'msf/core/db_manager/http/servlet/db_export_servlet' require 'msf/core/db_manager/http/servlet/vuln_attempt_servlet' +require 'msf/core/db_manager/http/servlet/user_servlet' class MetasploitApiApp < Sinatra::Base helpers ServletHelper @@ -45,6 +46,7 @@ class MetasploitApiApp < Sinatra::Base register NmapServlet register DbExportServlet register VulnAttemptServlet + register UserServlet configure do set :sessions, {key: 'msf-ws.session', expire_after: 300} @@ -54,6 +56,7 @@ class MetasploitApiApp < Sinatra::Base before do # store DBManager in request environment so that it is available to Warden request.env['DBManager'] = get_db + request.env['AuthInitialized'] ||= get_db.users({}).count > 0 end use Warden::Manager do |config| @@ -78,6 +81,14 @@ class MetasploitApiApp < Sinatra::Base strategies: [:api_token], # action (route) of the failure application action: AuthServlet.api_unauthenticated_path + + config.scope_defaults :admin_api, + # whether to persist the result in the session or not + store: false, + # list of strategies to use + strategies: [:admin_api_token], + # action (route) of the failure application + action: AuthServlet.api_unauthenticated_path end end \ No newline at end of file diff --git a/lib/msf/core/db_manager/http/servlet/user_servlet.rb b/lib/msf/core/db_manager/http/servlet/user_servlet.rb new file mode 100644 index 0000000000..7cc35430b4 --- /dev/null +++ b/lib/msf/core/db_manager/http/servlet/user_servlet.rb @@ -0,0 +1,78 @@ +module UserServlet + + def self.api_path + '/api/v1/user' + end + + def self.api_path_with_id + "#{UserServlet.api_path}/?:id?" + end + + def self.registered(app) + app.get UserServlet.api_path_with_id, &get_user + app.post UserServlet.api_path, &report_user + app.put UserServlet.api_path_with_id, &update_user + app.delete UserServlet.api_path, &delete_user + end + + ####### + private + ####### + + def self.get_user + lambda { + warden.authenticate!(scope: :admin_api) + begin + opts = parse_json_request(request, false) + sanitized_params = sanitize_params(params) + data = get_db.users(sanitized_params) + set_json_response(data) + rescue => e + set_error_on_response(e) + end + } + end + + def self.report_user + lambda { + warden.authenticate!(scope: :admin_api) + begin + job = lambda { |opts| + get_db.report_user(opts) + } + exec_report_job(request, &job) + rescue => e + set_error_on_response(e) + end + } + end + + def self.update_user + lambda { + warden.authenticate!(scope: :admin_api) + begin + opts = parse_json_request(request, false) + tmp_params = sanitize_params(params) + opts[:id] = tmp_params[:id] if tmp_params[:id] + data = get_db.update_user(opts) + set_json_response(data) + rescue => e + set_error_on_response(e) + end + } + end + + def self.delete_user + lambda { + warden.authenticate!(scope: :admin_api) + begin + opts = parse_json_request(request, false) + data = get_db.delete_user(opts) + set_json_response(data) + rescue => e + set_error_on_response(e) + end + } + end + +end \ No newline at end of file