Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix DB RPC issues #11786

Merged
merged 4 commits into from
May 1, 2019
Merged

Fix DB RPC issues #11786

merged 4 commits into from
May 1, 2019

Conversation

mkienow-r7
Copy link
Contributor

@mkienow-r7 mkienow-r7 commented Apr 26, 2019
edited by busterb
Loading

This fixes a number of issues found in Msf::RPC::RPC_Db.

  • Fix a number of incorrect method comments and examples

  • Update db.notes (Msf::RPC::RPC_Db#rpc_notes) and db.vulns (Msf::RPC::RPC_Db#rpc_vulns) opts usage to match the method comment (:address rather than :addresses)

  • Fix db.get_service (Msf::RPC::RPC_Db#rpc_get_service) finding a service to return
    Root cause: Mdm::Service::ActiveRecord_Associations_CollectionProxy is returned in some situations, however, the method only expects to process ::Mdm::Service or Array. This was fixed by converting the returned object to an Array.

    Before fix:

    >> rpc.call('db.get_service', {:workspace=>'default', :host => '127.0.0.1', :proto=>'tcp', :port=>80})
=> {"service"=>[{"host"=>"127.0.0.1", "created_at"=>1556298506, "updated_at"=>1556298506, "port"=>80, "proto"=>"tcp", "state"=>"open", "name"=>"http", "info"=>""}]}

>> rpc.call('db.get_service', {:workspace=>'default', :proto=>'tcp', :port=>80})
=> {"service"=>[]}

>> rpc.call('db.get_service', {:workspace=>'default', :host => '127.0.0.1'})
=> {"service"=>[]}

    After fix:

    >> rpc.call('db.get_service', {:workspace=>'default', :host => '127.0.0.1', :proto=>'tcp', :port=>80})
=> {"service"=>[{"host"=>"127.0.0.1", "created_at"=>1556298506, "updated_at"=>1556298506, "port"=>80, "proto"=>"tcp", "state"=>"open", "name"=>"http", "info"=>""}]}

>> rpc.call('db.get_service', {:workspace=>'default', :proto=>'tcp', :port=>80})
=> {"service"=>[{"host"=>"127.0.0.1", "created_at"=>1556298506, "updated_at"=>1556298506, "port"=>80, "proto"=>"tcp", "state"=>"open", "name"=>"http", "info"=>""}]}

>> rpc.call('db.get_service', {:workspace=>'default', :host => '127.0.0.1'})
=> {"service"=>[{"host"=>"127.0.0.1", "created_at"=>1556298506, "updated_at"=>1556298506, "port"=>80, "proto"=>"tcp", "state"=>"open", "name"=>"http", "info"=>""}]}

  • Fix Cannot delete vuln from DB via MSF RPC #11756 - db.del_vuln (Msf::RPC::RPC_Db#rpc_del_vuln) deleting a vuln
    Root cause: Mdm::Vuln::ActiveRecord_Associations_CollectionProxy is returned in some situations, however, the code only expects to process ::Mdm::Vuln or Array. This was fixed by converting the returned object to an Array.

    Before fix:

    >> rpc.call('db.vulns', {:workspace=>'default'})
=> {"vulns"=>[]}

>> rpc.call('db.report_vuln', {:workspace=>'default', :host=>'127.0.0.1', :name=>'test'})
=> {"result"=>"success"}

>> rpc.call('db.vulns', {:workspace=>'default'})
=> {"vulns"=>[{"port"=>nil, "proto"=>nil, "time"=>1556292072, "host"=>"127.0.0.1", "name"=>"test", "refs"=>""}]}

>> rpc.call('db.del_vuln', {:workspace=>'default', :host=>'127.0.0.1', :name=>'test'})
=> {"result"=>"success", "deleted"=>[]}

>> rpc.call('db.vulns', {:workspace=>'default'})
=> {"vulns"=>[{"port"=>nil, "proto"=>nil, "time"=>1556292072, "host"=>"127.0.0.1", "name"=>"test", "refs"=>""}]}

    After fix:

    >> rpc.call('db.vulns', {:workspace=>'default'})
=> {"vulns"=>[]}

>> rpc.call('db.report_vuln', {:workspace=>'default', :host=>'127.0.0.1', :name=>'test'})
=> {"result"=>"success"}

>> rpc.call('db.vulns', {:workspace=>'default'})
=> {"vulns"=>[{"port"=>nil, "proto"=>nil, "time"=>1556292072, "host"=>"127.0.0.1", "name"=>"test", "refs"=>""}]}

>> rpc.call('db.del_vuln', {:workspace=>'default', :host=>'127.0.0.1', :name=>'test'})
=> {"result"=>"success", "deleted"=>[{"address"=>"127.0.0.1", "name"=>"test"}]}

>> rpc.call('db.vulns', {:workspace=>'default'})
=> {"vulns"=>[]}

Verification

  • Use msfconsole or preferred method to create services and vulns in the database
  • Start MSFRPC daemon: ./msfrpcd -P complex_password -f
  • Start MSFRPC client: ./msfrpc -P complex_password -a 127.0.0.1
  • Test db.notes RPC call
  • Verify db.notes returns the correct notes based on the options provided
  • Test db.vulns RPC call
  • Verify db.vulns returns the correct notes based on the options provided
  • Test db.get_service RPC call (see above for test cases)
  • Verify db.get_service returns the correct service based on the options provided
  • Test db.del_vuln RPC call (see above for test cases)
  • Verify db.del_vuln deletes the correct vuln based on the options provided

@mkienow-r7
Fix incorrect method comments and examples
7a0681f
@mkienow-r7
Update opts usage to match the method comment
8173fd5 
Conditions assignment is to the singular hosts.address, so the plural
addresses doesn't make sense.
@mkienow-r7
Fix finding a service to return
a393e3f 
Convert fetched Mdm::Service::ActiveRecord_Associations_CollectionProxy
to an Array as the code only expects to process an Mdm::Service or
Array.
@mkienow-r7
Fix delete vuln
fbf7668 
Convert fetched Mdm::Vuln::ActiveRecord_Associations_CollectionProxy to
an Array as the code only expects to process an Mdm::Vuln or Array.
@mkienow-r7 mkienow-r7 mentioned this pull request Apr 26, 2019
Open
1 task
@busterb busterb self-assigned this May 1, 2019
@busterb busterb merged commit fbf7668 into rapid7:master May 1, 2019
busterb added a commit that referenced this pull request May 1, 2019
@busterb
Land #11786, Fix issues with DP RPC commands
def3112
@busterb
Copy link
Member

busterb commented May 1, 2019
edited by gdavidson-r7
Loading

Release Notes

This fixes a number of issues with manipulating the Metasploit database through RPC commands.

msjenkins-r7 pushed a commit that referenced this pull request May 1, 2019
@busterb @msjenkins-r7
Land #11786, Fix issues with DP RPC commands
d5cb3b5
@mkienow-r7 mkienow-r7 deleted the fix-rpc-db-issues branch May 1, 2019 23:17
@gdavidson-r7 gdavidson-r7 added the rn-fix release notes fix label May 14, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@busterb busterb

Labels
bug database rn-fix release notes fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Cannot delete vuln from DB via MSF RPC
3 participants
@mkienow-r7 @busterb @gdavidson-r7