Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix DB RPC issues #11786

Merged
merged 4 commits into from May 1, 2019

Conversation

Projects
None yet
3 participants
@mkienow-r7
Copy link
Contributor

commented Apr 26, 2019

This fixes a number of issues found in Msf::RPC::RPC_Db.

  • Fix a number of incorrect method comments and examples

  • Update db.notes (Msf::RPC::RPC_Db#rpc_notes) and db.vulns (Msf::RPC::RPC_Db#rpc_vulns) opts usage to match the method comment (:address rather than :addresses)

  • Fix db.get_service (Msf::RPC::RPC_Db#rpc_get_service) finding a service to return
    Root cause: Mdm::Service::ActiveRecord_Associations_CollectionProxy is returned in some situations, however, the method only expects to process ::Mdm::Service or Array. This was fixed by converting the returned object to an Array.

    Before fix:

    >> rpc.call('db.get_service', {:workspace=>'default', :host => '127.0.0.1', :proto=>'tcp', :port=>80})
    => {"service"=>[{"host"=>"127.0.0.1", "created_at"=>1556298506, "updated_at"=>1556298506, "port"=>80, "proto"=>"tcp", "state"=>"open", "name"=>"http", "info"=>""}]}
    
    >> rpc.call('db.get_service', {:workspace=>'default', :proto=>'tcp', :port=>80})
    => {"service"=>[]}
    
    >> rpc.call('db.get_service', {:workspace=>'default', :host => '127.0.0.1'})
    => {"service"=>[]}
    

    After fix:

    >> rpc.call('db.get_service', {:workspace=>'default', :host => '127.0.0.1', :proto=>'tcp', :port=>80})
    => {"service"=>[{"host"=>"127.0.0.1", "created_at"=>1556298506, "updated_at"=>1556298506, "port"=>80, "proto"=>"tcp", "state"=>"open", "name"=>"http", "info"=>""}]}
    
    >> rpc.call('db.get_service', {:workspace=>'default', :proto=>'tcp', :port=>80})
    => {"service"=>[{"host"=>"127.0.0.1", "created_at"=>1556298506, "updated_at"=>1556298506, "port"=>80, "proto"=>"tcp", "state"=>"open", "name"=>"http", "info"=>""}]}
    
    >> rpc.call('db.get_service', {:workspace=>'default', :host => '127.0.0.1'})
    => {"service"=>[{"host"=>"127.0.0.1", "created_at"=>1556298506, "updated_at"=>1556298506, "port"=>80, "proto"=>"tcp", "state"=>"open", "name"=>"http", "info"=>""}]}
    
  • Fix #11756 - db.del_vuln (Msf::RPC::RPC_Db#rpc_del_vuln) deleting a vuln
    Root cause: Mdm::Vuln::ActiveRecord_Associations_CollectionProxy is returned in some situations, however, the code only expects to process ::Mdm::Vuln or Array. This was fixed by converting the returned object to an Array.

    Before fix:

    >> rpc.call('db.vulns', {:workspace=>'default'})
    => {"vulns"=>[]}
    
    >> rpc.call('db.report_vuln', {:workspace=>'default', :host=>'127.0.0.1', :name=>'test'})
    => {"result"=>"success"}
    
    >> rpc.call('db.vulns', {:workspace=>'default'})
    => {"vulns"=>[{"port"=>nil, "proto"=>nil, "time"=>1556292072, "host"=>"127.0.0.1", "name"=>"test", "refs"=>""}]}
    
    >> rpc.call('db.del_vuln', {:workspace=>'default', :host=>'127.0.0.1', :name=>'test'})
    => {"result"=>"success", "deleted"=>[]}
    
    >> rpc.call('db.vulns', {:workspace=>'default'})
    => {"vulns"=>[{"port"=>nil, "proto"=>nil, "time"=>1556292072, "host"=>"127.0.0.1", "name"=>"test", "refs"=>""}]}
    

    After fix:

    >> rpc.call('db.vulns', {:workspace=>'default'})
    => {"vulns"=>[]}
    
    >> rpc.call('db.report_vuln', {:workspace=>'default', :host=>'127.0.0.1', :name=>'test'})
    => {"result"=>"success"}
    
    >> rpc.call('db.vulns', {:workspace=>'default'})
    => {"vulns"=>[{"port"=>nil, "proto"=>nil, "time"=>1556292072, "host"=>"127.0.0.1", "name"=>"test", "refs"=>""}]}
    
    >> rpc.call('db.del_vuln', {:workspace=>'default', :host=>'127.0.0.1', :name=>'test'})
    => {"result"=>"success", "deleted"=>[{"address"=>"127.0.0.1", "name"=>"test"}]}
    
    >> rpc.call('db.vulns', {:workspace=>'default'})
    => {"vulns"=>[]}
    

Verification

  • Use msfconsole or preferred method to create services and vulns in the database
  • Start MSFRPC daemon: ./msfrpcd -P complex_password -f
  • Start MSFRPC client: ./msfrpc -P complex_password -a 127.0.0.1
  • Test db.notes RPC call
  • Verify db.notes returns the correct notes based on the options provided
  • Test db.vulns RPC call
  • Verify db.vulns returns the correct notes based on the options provided
  • Test db.get_service RPC call (see above for test cases)
  • Verify db.get_service returns the correct service based on the options provided
  • Test db.del_vuln RPC call (see above for test cases)
  • Verify db.del_vuln deletes the correct vuln based on the options provided

mkienow-r7 added some commits Apr 26, 2019

Update opts usage to match the method comment
Conditions assignment is to the singular hosts.address, so the plural
addresses doesn't make sense.
Fix finding a service to return
Convert fetched Mdm::Service::ActiveRecord_Associations_CollectionProxy
to an Array as the code only expects to process an Mdm::Service or
Array.
Fix delete vuln
Convert fetched Mdm::Vuln::ActiveRecord_Associations_CollectionProxy to
an Array as the code only expects to process an Mdm::Vuln or Array.

@mkienow-r7 mkienow-r7 referenced this pull request Apr 26, 2019

Open

Cannot delete notes from DB using RPC client #11755

1 of 1 task complete

@busterb busterb self-assigned this May 1, 2019

@busterb busterb merged commit fbf7668 into rapid7:master May 1, 2019

3 checks passed

Metasploit Automation - Sanity Test Execution Successfully completed all tests.
Details
Metasploit Automation - Test Execution Successfully completed all tests.
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

busterb added a commit that referenced this pull request May 1, 2019

@busterb

This comment has been minimized.

Copy link
Contributor

commented May 1, 2019

Release Notes

This fixes a number of issues with manipulating the Metasploit database through RPC commands.

msjenkins-r7 added a commit that referenced this pull request May 1, 2019

@mkienow-r7 mkienow-r7 deleted the mkienow-r7:fix-rpc-db-issues branch May 1, 2019

@gdavidson-r7 gdavidson-r7 added the rn-fix label May 14, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.