MS-2910: Remote Vuln Read Update Delete

[mkienow-r7]

Adds support for vuln read, update and delete operations when using a remote data store. The vulns command was modified to output the vuln data in table format to be consistent with the other commands. An undocumented vulns command option for delete was added:

• vulns --delete - Delete vulns that match the address range and search term

In addition, this PR fixes an existing issue in the report_vuln method where multiple calls for the same vuln results in the creation of duplicate VulnRef records, except for the CVE refs.

Verification

• Start msfconsole
• Start msfdb_ws on a remote system
• Connect to the remote data service data_services --add <address>
• Create a vuln inferred via a session by using an exploit. For example, use exploit/unix/irc/unreal_ircd_3281_backdoor against Metasploitable3 VM.
• Verify the output of vulns and vulns --info show the newly added vulnerabilities
• Create a vuln that uses the report_vuln method in lib/msf/core/auxiliary/report.rb. For example, use auxiliary/scanner/ssl/openssl_heartbleed against a vulnerable VM.
• Verify the output of vulns and vulns --info show the newly added vulnerabilities
• Delete a specific vuln by using the search (vulns --delete --search <search term>) or delete all vulns (vulns --delete)
• Verify the output of vulns shows the correct vulnerabilities after the delete operation
• Update a vuln record using cURL, for example, curl -H "Content-Type: application/json" -X PUT -d '{"info": "test update"}' {server}:{port}/api/v1/vulns/{id}
• Verify the JSON response and that the output of vulns --info shows the correct vulnerability data after the update operation

[clee-r7]

🚢 IT