New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Raise exception in process_opts_workspace for more meaningful error messages #11059

Merged
merged 2 commits into from Dec 4, 2018

Conversation

Projects
None yet
2 participants
@mkienow-r7
Contributor

mkienow-r7 commented Dec 3, 2018

The Msf::Util::DBManager.process_opts_workspace method is heavily used in various DBManager models to get the workspace that is then used for subsequent queries. This modifies the method to raise an exception if the workspace is not found, thus allowing for a more meaningful error to make it back to the user.

Ticket: MS-3225

Example: Current

curl -k -X GET -H "accept: application/json" -H "Authorization: Bearer <token>"  "https://localhost:8080/api/v1/hosts?workspace=DNE" | python -m json.tool
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   110  100   110    0     0   1666      0 --:--:-- --:--:-- --:--:--  1666
{
    "error": {
        "code": 500,
        "message": "There was an error getting hosts: undefined method `hosts' for nil:NilClass"
    }
}

Example: Fixed

curl -k -X GET -H "accept: application/json" -H "Authorization: Bearer <token>"  "https://localhost:8080/api/v1/hosts?workspace=DNE" | python -m json.tool
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    96  100    96    0     0   3096      0 --:--:-- --:--:-- --:--:--  3096
{
    "error": {
        "code": 500,
        "message": "There was an error getting hosts: Couldn't find workspace DNE"
    }
}

Verification

  • Restart the database and MSF web service (data services) msfdb restart, and init/reinit if necessary.
  • Execute curl --insecure -H "Accept: application/json" -H "Authorization: Bearer <token>" https://localhost:8080/api/v1/hosts?workspace=DNE | python -m json.tool where DNE is the name of a workspace that doesn't exist in your database.
  • Verify the error message returned is the new more helpful message
  • Start msfconsole and connect to the data service started above if you didn't select the option to connect automatically during initialization. See Metasploit Web Service for more information.
  • Verify db_status reports Connection type: http. Connected to remote_data_service: (https://localhost:8080)
  • Perform various data operations (hosts, services, vulns, creds, loots, notes)
  • Verify data operations operate as expected

mkienow-r7 added some commits Dec 3, 2018

@jbarnett-r7 jbarnett-r7 self-assigned this Dec 4, 2018

@jbarnett-r7 jbarnett-r7 merged commit 4f08243 into rapid7:master Dec 4, 2018

2 checks passed

Metasploit Automation - Test Execution Successfully completed all tests.
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

jbarnett-r7 added a commit that referenced this pull request Dec 4, 2018

@mkienow-r7 mkienow-r7 deleted the mkienow-r7:MS-3225-add-exception-on-nil branch Dec 4, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment