Bug/sap xml parsing #1788

todb-r7 · 2013-05-02T19:50:11Z

The spot test data I was using just to validate parse_xml in isolation is below. However, do please validate that the module still functions as you'd expect. You should be able to just run it as-is.

(CC @nmonkee and @jvazquez-r7)

<items>
    <item>
        <NAME>name.txt</NAME>
        <SIZE>123</SIZE>
    </item>
    <item>
        <FOO>foobar</FOO>
        <SIZE>111</SIZE>
    </item>
    <item>
        <NAME>name2.txt</NAME>
        <SIZE>546</SIZE>
    </item>
    <item>
        <NAME></NAME>
        <SIZE>666</SIZE>
    </item>
    <item>
        <NAME>name3.txt</NAME>
        <SIZE></SIZE>
    </item>
    <item>
        <NAME></NAME>
        <SIZE></SIZE>
    </item>
</items>

Incidentally, here are the other modules that rely on Nokogiri:

$ grep -ril 'Nokogiri' modules/
modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
modules/auxiliary/scanner/oracle/oracle_login.rb

Those should be fixed, too (but they're not using Nokogiri::XML which is at the root of the original problem implied in 26da7a6 )

This reverts commit 26da7a6.

We try to avoid using Nokogiri in modules due to the sometimes uncomfortable dependencies it creates with particular compiled libxml versions. Also, the previous parse_xml doesn't seem to be correctly skipping item entries with blank names. I will paste the test XML in the PR proper, but do check against a live target to make sure I'm not screwing it up.

jvazquez-r7 · 2013-05-02T20:14:13Z

working as expected:

msf auxiliary(sap_soap_rfc_rzl_read_dir) > set RHOSTS 192.168.172.179
RHOSTS => 192.168.172.179
msf auxiliary(sap_soap_rfc_rzl_read_dir) > set RPORT 8042
RPORT => 8042
msf auxiliary(sap_soap_rfc_rzl_read_dir) > set VERBOSE TRUE
VERBOSE => TRUE
msf auxiliary(sap_soap_rfc_rzl_read_dir) > run

[*] 192.168.172.179:8042 - Sending request to enumerate /etc
[+] 192.168.172.179:8042 - /etc successfully enumerated, results stored on /Users/juan/.msf4/loot/20130502151345_default_192.168.172.179_sap.soap.rfc.dir_234989.bin
Entry: ., Size: 12288
Entry: .., Size: 4096
Entry: apache2, Size: 4096
Entry: rpc, Size: 1615
Entry: netconfig.d, Size: 4096
Entry: gssapi_mech.conf, Size: 842
Entry: gtk-2.0, Size: 4096
Entry: idmapd.conf, Size: 144
Entry: permissions.local, Size: 1353
Entry: slsh.rc, Size: 1377
Entry: a2ps.cfg, Size: 15161
Entry: permissions.d, Size: 4096
Entry: passwd, Size: 1669
Entry: rwtab, Size: 858
Entry: powerd.conf, Size: 112
Entry: pango, Size: 4096
Entry: sgml, Size: 4096
Entry: mail.rc, Size: 112
Entry: sysctl.conf~, Size: 501
Entry: auto.net, Size: 1237
Entry: passwd.old, Size: 1622
Entry: manpath.config, Size: 11523
Entry: opensc.conf, Size: 10468
Entry: suseRegister.conf, Size: 456
Entry: generateCRL.conf, Size: 448
Entry: xml, Size: 4096
Entry: aliases, Size: 2579
Entry: ethers, Size: 605
Entry: filesystems, Size: 26
Entry: logrotate.d, Size: 4096
Entry: gre.d, Size: 4096
Entry: xscreensaver, Size: 12288
Entry: pwdutils, Size: 4096
Entry: jvm, Size: 4096
Entry: gnupg, Size: 4096
Entry: modprobe.d, Size: 4096
Entry: mime.types, Size: 12954
Entry: SuSE-brand, Size: 43
Entry: ld.so.cache, Size: 58637
Entry: raw, Size: 222
Entry: krb5.conf, Size: 297
Entry: gai.conf, Size: 2689
Entry: syslog-ng, Size: 4096
Entry: cups, Size: 4096
Entry: magic, Size: 113
Entry: init.d, Size: 4096
Entry: hosts.deny, Size: 149
Entry: sensors3.conf, Size: 71262
Entry: resolv.conf, Size: 847
Entry: fstab, Size: 528
Entry: gnome-vfs-2.0, Size: 4096
Entry: netconfig, Size: 767
Entry: pythonstart, Size: 736
Entry: yastws, Size: 4096
Entry: idn.conf, Size: 1810
Entry: rsyncd.conf, Size: 322
Entry: security, Size: 4096
Entry: iscsid.conf, Size: 10957
Entry: xinetd.conf, Size: 623
Entry: lsb-release.d, Size: 4096
Entry: gnome_defaults.conf, Size: 2431
Entry: defkeymap.name, Size: 45
Entry: sound, Size: 4096
Entry: rpm, Size: 4096
Entry: rc.status, Size: 10263
Entry: termcap, Size: 969976
Entry: protocols, Size: 23232
Entry: cron.d, Size: 4096
Entry: modprobe.conf, Size: 10374
Entry: wgetrc, Size: 4306
Entry: smsetup.conf, Size: 1542
Entry: sensors.conf, Size: 85179
Entry: aliases.db, Size: 12288
Entry: susehelp.d, Size: 4096
Entry: csh.login, Size: 7486
Entry: slp.conf, Size: 9800
Entry: motd, Size: 0
Entry: alternatives, Size: 4096
Entry: ImagePackages, Size: 74735
Entry: lighttpd, Size: 4096
Entry: at.deny, Size: 144
Entry: ImageVersion, Size: 32
Entry: permissions, Size: 9643
Entry: networks, Size: 225
Entry: fonts, Size: 4096
Entry: lesskey, Size: 899
Entry: crontab, Size: 255
Entry: HOSTNAME, Size: 22
Entry: hal, Size: 4096
Entry: hushlogins, Size: 1
Entry: auto.misc, Size: 524
Entry: auto.master, Size: 660
Entry: acpi, Size: 4096
Entry: autofs_ldap_auth.conf, Size: 232
Entry: collectd.conf, Size: 15974
Entry: pam.d, Size: 4096
Entry: hosts.equiv, Size: 188
Entry: sysstat, Size: 4096
Entry: bindresvport.blacklist, Size: 415
Entry: ssh, Size: 4096
Entry: bonobo-activation, Size: 4096
Entry: ldap.conf, Size: 9574
Entry: sfcb, Size: 4096
Entry: postfix, Size: 4096
Entry: default, Size: 4096
Entry: exports, Size: 322
Entry: ntp.keys, Size: 12
Entry: iscsi, Size: 4096
Entry: hosts, Size: 827
Entry: ld.so.conf.d, Size: 4096
Entry: SuSEconfig, Size: 4096
Entry: a2ps-site.cfg, Size: 2565
Entry: libaudit.conf, Size: 191
Entry: profile.d, Size: 4096
Entry: shadow.old, Size: 930
Entry: webyast, Size: 4096
Entry: insserv.conf, Size: 764
Entry: bash_completion.d, Size: 4096
Entry: openwsman, Size: 4096
Entry: news, Size: 4096
Entry: dbus-1, Size: 4096
Entry: apparmor.d, Size: 4096
Entry: X11, Size: 4096
Entry: mailcap, Size: 4797
Entry: ppp, Size: 4096
Entry: localtime, Size: 3661
Entry: gdm, Size: 4096
Entry: rsyncd.secrets, Size: 14
Entry: defkeymap.map, Size: 30816
Entry: sasl2, Size: 4096
Entry: profile, Size: 9801
Entry: ntp.conf, Size: 2028
Entry: resolv.conf.netconfig, Size: 846
Entry: depmod.d, Size: 4096
Entry: depmod.conf, Size: 416
Entry: group.old, Size: 682
Entry: foomatic, Size: 4096
Entry: rpasswd.conf, Size: 94
Entry: hosts.lpd, Size: 191
Entry: hosts.allow, Size: 2639
Entry: yast_user_roles, Size: 326
Entry: gpm, Size: 4096
Entry: named.d, Size: 4096
Entry: cron.hourly, Size: 4096
Entry: slp.reg.d, Size: 4096
Entry: libvirt, Size: 4096
Entry: aclocal_dirlist, Size: 25
Entry: pm, Size: 4096
Entry: ssl, Size: 4096
Entry: auto.smb, Size: 687
Entry: modprobe.conf.local, Size: 47
Entry: DIR_COLORS, Size: 2863
Entry: cron.weekly, Size: 4096
Entry: PackageKit, Size: 4096
Entry: services.testdrive, Size: 765073
Entry: ConsoleKit, Size: 4096
Entry: slp.spi, Size: 2707
Entry: opt, Size: 4096
Entry: securetty, Size: 161
Entry: sysconfig, Size: 4096
Entry: request-key.conf, Size: 1586
Entry: omc, Size: 4096
Entry: udev, Size: 4096
Entry: sysctl.conf, Size: 755
Entry: reader.conf.d, Size: 4096
Entry: ld.so.conf, Size: 262
Entry: shells, Size: 179
Entry: gnome-vfs-mime-magic, Size: 10793
Entry: openldap, Size: 4096
Entry: login.defs, Size: 4749
Entry: grub.conf, Size: 57
Entry: jvm-commmon, Size: 4096
Entry: rc.splash, Size: 2700
Entry: maven, Size: 4096
Entry: group, Size: 689
Entry: blkid.conf, Size: 135
Entry: yp.conf, Size: 779
Entry: pulse, Size: 4096
Entry: samba, Size: 4096
Entry: netgroup, Size: 796
Entry: NetworkManager, Size: 4096
Entry: apparmor, Size: 4096
Entry: lvm, Size: 4096
Entry: aliases.d, Size: 4096
Entry: scsi_id.config, Size: 666
Entry: uucp, Size: 4096
Entry: rc.d.README, Size: 614
Entry: xinetd.d, Size: 4096
Entry: issue.net, Size: 75
Entry: pnm2ppa.conf, Size: 7636
Entry: modprobe.conf.YaST2save, Size: 10373
Entry: inittab, Size: 2981
Entry: services, Size: 765091
Entry: bootsplash, Size: 4096
Entry: drirc, Size: 645
Entry: Muttrc, Size: 117386
Entry: xattr.conf, Size: 654
Entry: autoinstall, Size: 4096
Entry: SuSE-release, Size: 69
Entry: vimrc, Size: 5819
Entry: xdg, Size: 4096
Entry: idnalias.conf, Size: 207
Entry: .pwd.lock, Size: 0
Entry: environment, Size: 97
Entry: YaST2, Size: 4096
Entry: zypp, Size: 4096
Entry: printcap, Size: 135
Entry: logrotate.conf, Size: 897
Entry: lesskey.bin, Size: 405
Entry: mke2fs.conf, Size: 803
Entry: iproute2, Size: 4096
Entry: lsb-release, Size: 110
Entry: nsswitch.conf, Size: 1192
Entry: bash.bashrc, Size: 8727
Entry: permissions.paranoid, Size: 22290
Entry: resolv.conf~, Size: 846
Entry: skel, Size: 4096
Entry: rwtab.d, Size: 4096
Entry: cups-autoconfig.conf, Size: 79
Entry: products.d, Size: 4096
Entry: issue, Size: 78
Entry: cron.deny, Size: 11
Entry: ghostscript, Size: 4096
Entry: sysctl.backup, Size: 677
Entry: java, Size: 4096
Entry: dnsmasq.conf, Size: 18485
Entry: hp, Size: 4096
Entry: shadow, Size: 963
Entry: permissions.easy, Size: 21052
Entry: host.conf, Size: 370
Entry: mtab, Size: 723
Entry: cron.monthly, Size: 4096
Entry: defaultdomain, Size: 0
Entry: gconf, Size: 4096
Entry: PolicyKit, Size: 4096
Entry: ttytype, Size: 258
Entry: cron.daily, Size: 4096
Entry: icewm, Size: 4096
Entry: inputrc, Size: 13516
Entry: csh.cshrc, Size: 5322
Entry: papersize, Size: 3
Entry: hosts.YaST2save, Size: 775
Entry: rc.d, Size: 4096
Entry: ftpusers, Size: 565
Entry: permissions.secure, Size: 23966
Entry: mtools.conf, Size: 1447
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(sap_soap_rfc_rzl_read_dir) >

merging

Tod Beardsley added 2 commits May 2, 2013 14:42

Revert removal of the SAP module

902cd7e

This reverts commit 26da7a6.

jvazquez-r7 pushed a commit that referenced this pull request May 2, 2013

Land #1788, @todb's switch from nokogiri to rexml

d6568b3

jvazquez-r7 merged commit 7579b57 into rapid7:master May 2, 2013

todb-r7 deleted the bug/sap-xml-parsing branch May 2, 2013 20:23

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bug/sap xml parsing #1788

Bug/sap xml parsing #1788

todb-r7 commented May 2, 2013

jvazquez-r7 commented May 2, 2013

Bug/sap xml parsing #1788

Bug/sap xml parsing #1788

Conversation

todb-r7 commented May 2, 2013

jvazquez-r7 commented May 2, 2013