Permalink
Browse files

cleanup

  • Loading branch information...
1 parent e4fa85b commit 722e3fe669cc27145f25353be9dfe9d352b3d902 @bka bka committed Dec 1, 2011
@@ -4,10 +4,6 @@ module PreludeDB
class DetectTime < FIDIUS::PreludeDB::Connection
set_primary_key :_message_ident
set_table_name "Prelude_DetectTime"
- #def self.table_name
- # puts "HALLO"
- # "Prelude_DetectTime"
- #end
end
end
end
@@ -12,8 +12,6 @@ def config(conf)
end
def begin_record
- #a = FIDIUS::PreludeDB::Alert.find(:first,:joins => [:detect_time],:order=>"time DESC")
- #last_event = FIDIUS::PreludeDB::PreludeEvent.new(a)
t = FIDIUS::PreludeDB::DetectTime.find(:first,:order=>"time DESC")
@start_time = t.time
end
@@ -24,9 +22,6 @@ def get_events
sleep 3
$logger.debug "alert.find(:all,:joins=>[:detect_time],time > #{@start_time})"
-
- #events = FIDIUS::PreludeDB::Alert.find(:all,:joins => [:detect_time],:order=>"time DESC",:conditions=>["time > :d",{:d => @start_time}])
-
detect_times = FIDIUS::PreludeDB::DetectTime.find(:all,:order=>"time DESC",:conditions=>["time > :d",{:d => @start_time}])
events = []
detect_times.each do |dt|
@@ -41,7 +36,7 @@ def get_events
if @local_ip
if (ev.source_ip == @local_ip || ev.dest_ip == @local_ip)
$logger.debug "adding #{ev.inspect} to events "
- res << ev
+ res << ev
end
else
$logger.debug "adding #{ev.inspect} to events "
@@ -75,4 +70,3 @@ def fetch_events(module_instance=nil)
$logger.debug "loading #{rb}"
require rb
end
-
@@ -27,13 +27,6 @@ def self.create_if_not_exists(text,sort=0)
rescue
puts $!.message
end
- # try again without ignore maybe our database does not support ignore
- #SQLite3::SQLException: near "IGNORE"
- #h = Digest::MD5.hexdigest(text)
- #rule = self.find_or_create_by_rule_hash(h)
- #rule.rule_text=text
- #rule.sort = sort
- #rule.save
end
end
end
@@ -10,8 +10,6 @@
# ORDER BY a.attnum
# provided @http://s3.amazonaws.com/activereload-lighthouse/assets/a3d9b3646f58246ef6ffe027001dd643cca7aade/postgresql-support-capitalized-table-names.diff?AWSAccessKeyId=1AJ9W2TX1B2Z7C2KYB82&Expires=1290010522&Signature=ignfCi9%2Bm37oHijccGBsbJj298w%3D
-puts ">> Loading Postgres patch"
-
module ActiveRecord
module ConnectionAdapters
class PostgreSQLAdapter < AbstractAdapter
@@ -21,4 +19,3 @@ def quote_table_name(name)
end
end
end
-
@@ -1,20 +1,13 @@
module FIDIUS
module EvasionDB
# This recorder provides an interface for the metasploit console
- # it is used to have callbacks when modules are executed.
- #
+ # it is used to have callbacks when modules are executed.
+ #
# @see {file:msf-plugins/evasiondb.rb}
module MsfRecorder
def module_started(module_instance)
# use rule_fetcher if the module starts
@@current_exploit = FIDIUS::EvasionDB::Knowledge::AttackModule.find_or_create_by_name_and_options(module_instance.fullname,module_instance.datastore)
- #begin
- # if FIDIUS::EvasionDB.current_rule_fetcher
- # FIDIUS::EvasionDB.current_rule_fetcher.fetch_rules(@@current_exploit)
- # end
- #rescue
- # puts $!.message+":"+$!.backtrace.to_s
- #end
FIDIUS::EvasionDB.current_fetcher.begin_record
end
@@ -35,7 +28,7 @@ def module_completed(module_instance)
if module_instance && module_instance.respond_to?("fullname")
$logger.debug "idmef_events << #{idmef_event}"
@@current_exploit.idmef_events << idmef_event
- # meterpreter is not a module and does not respond to fullname
+ # meterpreter is not a module and does not respond to fullname
# we handle this seperatly
elsif module_instance == "Meterpreter"
$logger.debug "attack_payload.idmef_events << #{idmef_event}"
@@ -56,17 +49,15 @@ def module_error(module_instance,exception)
def log_packet(module_instance,data,socket)
begin
- # set local ip, if there is no
- #FIDIUS::EvasionDB.current_fetcher.local_ip = FIDIUS::Common.get_my_ip(socket.peerhost)
$logger.debug "logged module_instance: #{module_instance} with #{data.size} bytes payload"
- # TODO: what shall we do with meterpreter?
+ # TODO: what shall we do with meterpreter?
# it has not options and no fullname, logger assigns only the string "meterpreter"
if module_instance.respond_to?("fullname")
unless @@current_exploit.finished
@@current_exploit.packets << FIDIUS::EvasionDB::Knowledge::Packet.create(:payload=>data,:src_addr=>socket.localhost,:src_port=>socket.localport,:dest_addr=>socket.peerhost,:dest_port=>socket.peerport)
@@current_exploit.save
end
- # meterpreter is not a module and does not respond to fullname
+ # meterpreter is not a module and does not respond to fullname
# we handle this seperatly
elsif module_instance == "Meterpreter"
$logger.debug "module_instance is meterpreter"
@@ -77,8 +68,8 @@ def log_packet(module_instance,data,socket)
$logger.debug "LOG: #{module_instance} #{data.size} Bytes on #{socket}"
rescue ActiveRecord::StatementInvalid
$logger.error "StatementInvalid"
- rescue
- $logger.error "error:" # "#{$!.message}" ##{$!.inspect}:#{$!.backtrace}"
+ rescue
+ $logger.error "error:"
end
end
end
@@ -3,7 +3,7 @@
rescue
raise "can not find snortor gem. Please gem install snortor"
end
-#require 'evasion-db/vendor/bitfield'
+
require File.join(FIDIUS::EvasionDB::GEM_BASE, 'evasion-db', 'vendor', 'bitfield')
module FIDIUS
@@ -52,15 +52,12 @@ def fetch_rules(attack_module)
ruleset.save
end
- # fetches rules with snortor
+ # fetches rules with snortor
# and stores them all into db
def import_rules
raise "rules imported already" if FIDIUS::EvasionDB::Knowledge::IdsRule.all.size > 0
import_rules_to_snortor
- start_time = Time.now
- puts "rules exported save to db now"
-
i = 0
insert_query = []
Snortor.rules.each do |rule|
@@ -79,8 +76,6 @@ def import_rules
puts $!.message+":"+$!.backtrace.to_s
end
end
- end_time = Time.now
- puts "Import needed #{end_time-start_time} seconds"
end
def config(conf)
@@ -1,4 +1,3 @@
-puts "loading snort_fetcher"
FIDIUS::EvasionDB.rule_fetcher "Snortrule-Fetcher" do
install do
require (File.join File.dirname(__FILE__), 'lib', 'snort.rb')
@@ -52,7 +52,7 @@ def to_hex_dump(str, from=-1, to=-1)
snl = false
lst = 0
rclosed = true
- while (idx < str.length)
+ while (idx < str.length)
chunk = str[idx, width]
line = chunk.unpack("H*")[0].scan(/../).join(" ")
if from >= idx && from < idx+width
@@ -184,7 +184,7 @@ def cmd_config_exploit(*args)
def cmd_show_packet(*args)
raise "please provide packet_id" if args.size != 1
packet = FIDIUS::EvasionDB::Knowledge::Packet.find(args[0].to_i)
-
+
hex = to_hex_dump(packet.payload)
print_line hex
end
@@ -203,7 +203,7 @@ def cmd_show_event(*args)
print_line "#{packet[:packet].payload.size} bytes"
print_line "match #{packet[:index]} - #{packet[:index]+packet[:length]-1}"
hex = to_hex_dump(packet[:packet].payload,packet[:index],packet[:index]+packet[:length]-1)
- print_line hex
+ print_line hex
else
print_line "no packets available"
end
@@ -213,7 +213,6 @@ def cmd_show_event(*args)
end
def cmd_fetch_events(*args)
- #events = FIDIUS::EvasionDB::Knowledge.fetch_events
FIDIUS::EvasionDB.current_fetcher.local_ip = nil
events = FIDIUS::EvasionDB.current_fetcher.fetch_events
if events
@@ -286,7 +285,7 @@ def self.log_packet(socket,data,module_instance=nil)
end
def self.inspect_socket(socket)
- "#{socket.localhost}:#{socket.localport} -> #{socket.peerhost}:#{socket.peerport}"
+ "#{socket.localhost}:#{socket.localport} -> #{socket.peerhost}:#{socket.peerport}"
end
class MySocketEventHandler
@@ -339,7 +338,7 @@ def on_module_error(instance, exception)
end #FIDIUS
# This extends the PacketDispatcher from Rex
-# with Logging
+# with Logging
# Original Source is: lib/rex/post/meterpreter/packet_dispatcher.rb
module Rex::Post::Meterpreter::PacketDispatcher
def send_packet(packet, completion_routine = nil, completion_param = nil)
@@ -362,7 +361,7 @@ def send_packet(packet, completion_routine = nil, completion_param = nil)
@finish = true
# Reraise the error to the top-level caller
- raise e
+ raise e
end
end

0 comments on commit 722e3fe

Please sign in to comment.