Fixing zip import errors

[mhagan-r7]

In particular:

• passed workspace as an object instead of calling .name
• loot and task processing now consumes wspace parameter
• fixed typo in .delete method

Verification

List the steps needed to make sure this thing works

• Start msfconsole
• Run db_import fix_import.zip
• Verify the import completes without error
• Verify hosts command reports one host
• Verify creds imported correctly
• Verify loots import correctly
  fix_import.zip
  fix_import.zip

[pbarry-r7]

While verifying the related Pro issue, I verified that I could import my Export .zip file with this new code (and that the old code barfed when I attempted to import my same .zip file), but trying the above steps with the fix_import.zip file here in the ticket description, that doesn't work for me:

msf6 > workspace -a asdsd
[*] Added workspace: asdsd
[*] Workspace: asdsd
msf6 > hosts

Hosts
=====

address  mac  name  os_name  os_flavor  os_sp  purpose  info  comments
-------  ---  ----  -------  ---------  -----  -------  ----  --------

msf6 > db_import Export-20200827012634-PRver.zip
[*] Importing 'Metasploit Zip Export' data
[*] Importing 'Metasploit XML' data
[*] Importing host 1.2.3.4
[*] Importing host 1.2.3.5
[*] Importing loot /vagrant/data/msf/loot/20200827012023_XXXXX_host.windows.scr_737113.jpg
[*] Importing task /vagrant/data/msf/tasks/2020-08-27T01-20-18_task_pro.collect_28.txt
[*] Importing task /vagrant/data/msf/tasks/2020-08-27T01-19-50_task_pro.single_27.txt
[*] Importing task /vagrant/data/msf/tasks/2020-08-27T01-17-24_task_pro.single_26.txt
[*] Importing task /vagrant/data/msf/tasks/2020-08-27T01-15-19_task_pro.discover_25.txt
[*] Successfully imported /vagrant/Export-20200827012634-PRver.zip
msf6 > db_import fix_import.zip
[*] Importing 'Metasploit Zip Export' data
[-] Failed to import /vagrant/fix_import.zip: Could not automatically determine file type

[agalway-r7]

Hey Matt!

So I have stepped through your verification steps for both the current upstream-master and your changes, and I haven't been able to import the fix_import.zip file in either branch. (Behaviour for both branches is show below:)

@pbarry-r7 Has also commented showing some issues with db_import, is it possible that the zip file you have included is the wrong format to test this fix?

Also also, it appears we're getting a success message on both branches despite no changes being made to the host,loot, or creds output after an import:

[*] Successfully imported /Users/Shared/Relocated_Items/Security/rapid7/metasploit-framework/fix_import.zip

Is this expected behaviour?

[adfoster-r7]

@adamgalway-r7 I haven't confirmed this, but would you double check to see if this works against the local database rather than the "remote" http database? 👀

I seem to remember there might be issues with the http import functionality, but I haven't confirmed this 🤔

[agalway-r7]

A local DB connection still doesn't import the fix_import.zip file correctly on master, but it does at least give an error message and the expected prompt from pbarry's comment. The code on this branch with a local DB also gives the same output

[jmartin-tech]

I suspect the failure is due to IP address sanitization preformed on attached file.

[jmartin-tech]

Turns out the sanitization processing introduced some file artifacts that should not have been in the zip, new zip file attached.

[agalway-r7]

Turns out the sanitization processing introduced some file artifacts that should not have been in the zip, new zip file attached.

The new zip file has worked successfully 👍 @jmartin-r7 I'm happy to land this now if you don't want to make any more changes to do with the artifacts being added in?

[jmartin-tech]

Please, land as is. The artifacts were created by manual modification. I will do some thinking on how we might want to better handle that and possibly open an issue or future PR.

[agalway-r7]

Release Notes

Fixed an issue with db_import when attempting to import project Zip files exported by Metasploit Pro.