Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star
lib/msf/core/db_manager/wmap.rb

Summary

Maintainability
A
1 hr
Test Coverage
# @note Wmap is a plugin and so these methods, that are only meant for that plugin, should not be part of the core
#   library.
module Msf::DBManager::WMAP
  # Create a request (by hand)
  def create_request(host,port,ssl,meth,path,headers,query,body,respcode,resphead,response)
  ::ApplicationRecord.connection_pool.with_connection {
    req = ::Mdm::WmapRequest.create(
        :host => host,
        :address => host,
        :port => port,
        :ssl => ssl,
        :meth => meth,
        :path => path,
        :headers => headers,
        :query => query,
        :body => body,
        :respcode => respcode,
        :resphead => resphead,
        :response => response
      )
    #framework.events.on_db_request(rec)
  }
  end

  # Create a target
  def create_target(host,port,ssl,sel)
  ::ApplicationRecord.connection_pool.with_connection {
    tar = ::Mdm::WmapTarget.create(
        :host => host,
        :address => host,
        :port => port,
        :ssl => ssl,
        :selected => sel
      )
    #framework.events.on_db_target(rec)
  }
  end

  # This methods deletes all targets from targets table in the database
  def delete_all_targets
  ::ApplicationRecord.connection_pool.with_connection {
    ::Mdm::WmapTarget.delete_all
  }
  end

  # This method iterates the requests table identifying possible targets
  # This method will be removed on second phase of db merging.
  def each_distinct_target(&block)
    request_distinct_targets.each do |target|
      block.call(target)
    end
  end

  # This method iterates the requests table calling the supplied block with the
  # request instance of each entry.
  def each_request(&block)
    requests.each do |request|
      block.call(request)
    end
  end

  # This method iterates the requests table returning a list of all requests of a specific target
  def each_request_target(&block)
    target_requests('').each do |req|
      block.call(req)
    end
  end

  # This method iterates the requests table returning a list of all requests of a specific target
  def each_request_target_with_body(&block)
    target_requests('AND wmap_requests.body IS NOT NULL').each do |req|
      block.call(req)
    end
  end

  # This method iterates the requests table returning a list of all requests of a specific target
  def each_request_target_with_headers(&block)
    target_requests('AND wmap_requests.headers IS NOT NULL').each do |req|
      block.call(req)
    end
  end

  # This method iterates the requests table returning a list of all requests of a specific target
  def each_request_target_with_path(&block)
    target_requests('AND wmap_requests.path IS NOT NULL').each do |req|
      block.call(req)
    end
  end

  # This method iterates the requests table returning a list of all requests of a specific target
  def each_request_target_with_query(&block)
    target_requests('AND wmap_requests.query IS NOT NULL').each do |req|
      block.call(req)
    end
  end

  # This method iterates the targets table calling the supplied block with the
  # target instance of each entry.
  def each_target(&block)
    targets.each do |target|
      block.call(target)
    end
  end

  # Find a target matching this id
  def get_target(id)
  ::ApplicationRecord.connection_pool.with_connection {
    target = ::Mdm::WmapTarget.where("id = ?", id).first()
    return target
  }
  end

  # This method returns a list of all possible targets available in requests
  # This method will be removed on second phase of db merging.
  def request_distinct_targets
  ::ApplicationRecord.connection_pool.with_connection {
    ::Mdm::WmapRequest.select('DISTINCT host,address,port,ssl')
  }
  end

  # This method allows to query directly the requests table. To be used mainly by modules
  def request_sql(host,port,extra_condition)
  ::ApplicationRecord.connection_pool.with_connection {
    ::Mdm::WmapRequest.where("wmap_requests.host = ? AND wmap_requests.port = ? #{extra_condition}", host , port)
  }
  end

  # This methods returns a list of all targets in the database
  def requests
  ::ApplicationRecord.connection_pool.with_connection {
    ::Mdm::WmapRequest.all
  }
  end

  # Selected host
  def selected_host
  ::ApplicationRecord.connection_pool.with_connection {
    selhost = ::Mdm::WmapTarget.where("selected != 0").first()
    if selhost
      return selhost.host
    else
      return
    end
  }
  end

  # Selected id
  def selected_id
    selected_wmap_target.object_id
  end

  # Selected port
  def selected_port
    selected_wmap_target.port
  end

  # Selected ssl
  def selected_ssl
    selected_wmap_target.ssl
  end

  # Selected target
  def selected_wmap_target
  ::ApplicationRecord.connection_pool.with_connection {
    ::Mdm::WmapTarget.find.where("selected != 0")
  }
  end

  # Quick way to query the database (used by wmap_sql)
  def sql_query(sqlquery)
  ::ApplicationRecord.connection_pool.with_connection {
    ApplicationRecord.connection.select_all(sqlquery)
  }
  end

  # This method returns a list of all requests from target
  def target_requests(extra_condition)
  ::ApplicationRecord.connection_pool.with_connection {
    ::Mdm::WmapRequest.where("wmap_requests.host = ? AND wmap_requests.port = ? #{extra_condition}",selected_host,selected_port)
  }
  end

  # This methods returns a list of all targets in the database
  def targets
  ::ApplicationRecord.connection_pool.with_connection {
    ::Mdm::WmapTarget.all
  }
  end
end