Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add default service mapping to imports #10940

Merged
merged 2 commits into from
Dec 7, 2018
Merged

add default service mapping to imports #10940

merged 2 commits into from
Dec 7, 2018

Conversation

jmartin-tech
Copy link
Contributor

@jmartin-tech jmartin-tech commented Nov 9, 2018
edited by busterb
Loading

When importing hosts details from external sources, the vendors sometimes do not provide linking between vulnerabilities and services exposed on a host.

This change attempts to fill that gap by connecting any reported vulnerability without service to reported a service when an existing metasploit module references the same vulnerability and reports default ports the service may be running on. This is prone to possible false mapping, however this change only attempt so fill in gaps. This in my opinion make it a reasonable post processing task.

Verification

  • Start msfconsole
  • db_import <test_file_path>.xml
  • vulns -p 445
  • Verify the CVE-2017-0146 vulnerability reported in the sample export attached is mapped to exposed port 445 on the host imported.

m3_report.xml.zip

bcoles
bcoles reviewed Nov 10, 2018
View reviewed changes
lib/msf/core/db_manager/import.rb Outdated Show resolved Hide resolved
lib/msf/core/db_manager/import.rb Outdated Show resolved Hide resolved
lib/msf/core/modules/metadata/maps.rb Outdated Show resolved Hide resolved
lib/msf/core/db_manager/import.rb Show resolved Hide resolved
lib/msf/core/db_manager/import.rb Outdated Show resolved Hide resolved
lib/msf/core/db_manager/import.rb Outdated Show resolved Hide resolved
lib/msf/core/db_manager/import.rb Outdated Show resolved Hide resolved
lib/msf/core/modules/metadata/maps.rb Outdated Show resolved Hide resolved
lib/msf/core/modules/metadata/maps.rb Show resolved Hide resolved
@busterb busterb self-assigned this Dec 7, 2018
@busterb
Copy link
Member

busterb commented Dec 7, 2018 

msf5 auxiliary(scanner/snmp/snmp_login) > vulns -p 445

Vulnerabilities
===============

Timestamp                Host            Name                        References
---------                ----            ----                        ----------
2018-12-07 03:03:12 UTC  192.168.18.118  SMB signing disabled        URL-http://blogs.technet.com/b/josebda/archive/2010/12/01/the-basics-of-smb-signing-covering-both-smb1-and-smb2.aspx,NEXPOSE-cifs-smb-signing-disabled
2018-12-07 03:03:12 UTC  192.168.18.118  SMB signing not required    URL-http://blogs.technet.com/b/josebda/archive/2010/12/01/the-basics-of-smb-signing-covering-both-smb1-and-smb2.aspx,NEXPOSE-cifs-smb-signing-not-required
2018-12-07 03:03:12 UTC  192.168.18.118  SMBv2 signing not required  URL-https://blogs.technet.com/b/josebda/archive/2010/12/01/the-basics-of-smb-signing-covering-both-smb1-and-smb2.aspx,NEXPOSE-cifs-smb2-signing-not-required

@busterb busterb merged commit d2a78ce into rapid7:master Dec 7, 2018
busterb added a commit that referenced this pull request Dec 7, 2018
@busterb
Land #10940, add default service mapping to imports
9e110eb
@busterb
Copy link
Member

busterb commented Dec 7, 2018

Release Notes

When vulnerabilities are imported from an external scanner, Metasploit will now automatically link a vulnerability to a service port if there is a known module that connects the two. This allows an inferred service-to-vulnerability mapping even when the external scanner did not specify service information.

jmartin-tech pushed a commit that referenced this pull request Dec 8, 2018
@busterb @jmartin-tech
Land #10940, add default service mapping to imports
fe53537
@jmartin-tech jmartin-tech mentioned this pull request Dec 13, 2018
Merged
3 tasks
@gdavidson-r7 gdavidson-r7 added the rn-enhancement release notes enhancement label Dec 18, 2018
@jmartin-tech jmartin-tech deleted the add_default_service_mapping branch April 7, 2019 13:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bcoles bcoles bcoles left review comments

Assignees

@busterb busterb

Labels
enhancement library rn-enhancement release notes enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@jmartin-tech @busterb @bcoles @gdavidson-r7