Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
# -*- coding: binary -*-
2

3
#
4
# Gems
5
#
6

7
require 'rex/socket'
8

9
#
10
# Project
11
#
12
require 'metasploit/framework/require'
13
require 'metasploit/framework/data_service'
14

15

16
# The db module provides persistent storage and events. This class should be instantiated LAST
17
# as the active_suppport library overrides Kernel.require, slowing down all future code loads.
18
class Msf::DBManager
19
  extend Metasploit::Framework::Require
20

21
  # Default proto for making new `Mdm::Service`s. This should probably be a
22
  # const on `Mdm::Service`
23
  DEFAULT_SERVICE_PROTO = "tcp"
24

25
  autoload :Adapter, 'msf/core/db_manager/adapter'
26
  autoload :Client, 'msf/core/db_manager/client'
27
  autoload :Connection, 'msf/core/db_manager/connection'
28
  autoload :Cred, 'msf/core/db_manager/cred'
29
  autoload :DBExport, 'msf/core/db_manager/db_export'
30
  autoload :Event, 'msf/core/db_manager/event'
31
  autoload :ExploitAttempt, 'msf/core/db_manager/exploit_attempt'
32
  autoload :ExploitedHost, 'msf/core/db_manager/exploited_host'
33
  autoload :Host, 'msf/core/db_manager/host'
34
  autoload :HostDetail, 'msf/core/db_manager/host_detail'
35
  autoload :HostTag, 'msf/core/db_manager/host_tag'
36
  autoload :Import, 'msf/core/db_manager/import'
37
  autoload :ImportMsfXml, 'msf/core/db_manager/import_msf_xml'
38
  autoload :IPAddress, 'msf/core/db_manager/ip_address'
39
  autoload :Login, 'msf/core/db_manager/login'
40
  autoload :Loot, 'msf/core/db_manager/loot'
41
  autoload :Migration, 'msf/core/db_manager/migration'
42
  autoload :ModuleCache, 'msf/core/db_manager/module_cache'
43
  autoload :Note, 'msf/core/db_manager/note'
44
  autoload :Payload, 'msf/core/db_manager/payload'
45
  autoload :Ref, 'msf/core/db_manager/ref'
46
  autoload :Report, 'msf/core/db_manager/report'
47
  autoload :Route, 'msf/core/db_manager/route'
48
  autoload :Service, 'msf/core/db_manager/service'
49
  autoload :Session, 'msf/core/db_manager/session'
50
  autoload :SessionEvent, 'msf/core/db_manager/session_event'
51
  autoload :Task, 'msf/core/db_manager/task'
52
  autoload :User, 'msf/core/db_manager/user'
53
  autoload :Vuln, 'msf/core/db_manager/vuln'
54
  autoload :VulnAttempt, 'msf/core/db_manager/vuln_attempt'
55
  autoload :VulnDetail, 'msf/core/db_manager/vuln_detail'
56
  autoload :WMAP, 'msf/core/db_manager/wmap'
57
  autoload :Web, 'msf/core/db_manager/web'
58
  autoload :Workspace, 'msf/core/db_manager/workspace'
59

60
  optionally_include_metasploit_credential_creation
61

62
  # Interface must be included first
63
  include Metasploit::Framework::DataService
64

65
  include Msf::DBManager::Adapter
66
  include Msf::DBManager::Client
67
  include Msf::DBManager::Connection
68
  include Msf::DBManager::Cred
69
  include Msf::DBManager::DBExport
70
  include Msf::DBManager::Event
71
  include Msf::DBManager::ExploitAttempt
72
  include Msf::DBManager::ExploitedHost
73
  include Msf::DBManager::Host
74
  include Msf::DBManager::HostDetail
75
  include Msf::DBManager::HostTag
76
  include Msf::DBManager::Import
77
  include Msf::DBManager::IPAddress
78
  include Msf::DBManager::Login
79
  include Msf::DBManager::Loot
80
  include Msf::DBManager::Migration
81
  include Msf::DBManager::ModuleCache
82
  include Msf::DBManager::Note
83
  include Msf::DBManager::Payload
84
  include Msf::DBManager::Ref
85
  include Msf::DBManager::Report
86
  include Msf::DBManager::Route
87
  include Msf::DBManager::Service
88
  include Msf::DBManager::Session
89
  include Msf::DBManager::SessionEvent
90
  include Msf::DBManager::Task
91
  include Msf::DBManager::User
92
  include Msf::DBManager::Vuln
93
  include Msf::DBManager::VulnAttempt
94
  include Msf::DBManager::VulnDetail
95
  include Msf::DBManager::WMAP
96
  include Msf::DBManager::Web
97
  include Msf::DBManager::Workspace
98

99
  # Provides :framework and other accessors
100
  include Msf::Framework::Offspring
101

102
  def name
103
    'local_db_service'
104
  end
105

106
  def is_local?
107
    true
108
  end
109

110
  #
111
  # Attributes
112
  #
113

114
  # Stores the error message for why the db was not loaded
115
  attr_accessor :error
116

117
  # Returns true if the prerequisites have been installed
118
  attr_accessor :usable
119

120
  #
121
  # initialize
122
  #
123

124
  def initialize(framework, opts = {})
125
    self.framework = framework
126
    self.migrated  = nil
127
    self.modules_cached  = false
128
    self.modules_caching = false
129

130
    @usable = false
131

132
    # Don't load the database if the user said they didn't need it.
133
    if (opts['DisableDatabase'])
134
      self.error = "disabled"
135
      return
136
    end
137

138
    return initialize_database_support
139
  end
140

141
  #
142
  # Instance Methods
143
  #
144

145
  #
146
  # Determines if the database is functional
147
  #
148
  def check
149
  ::ApplicationRecord.connection_pool.with_connection {
150
    res = ::Mdm::Host.first
151
  }
152
  end
153

154
  #
155
  # Do what is necessary to load our database support
156
  #
157
  def initialize_database_support
158
    begin
159
      add_rails_engine_migration_paths
160

161
      @usable = true
162

163
    rescue ::Exception => e
164
      self.error = e
165
      elog('DB is not enabled due to load error', error: e)
166
      return false
167
    end
168

169
    #
170
    # Determine what drivers are available
171
    #
172
    initialize_adapter
173

174
    true
175
  end
176

177
  def init_db(opts)
178
    init_success = false
179

180
    # Append any migration paths necessary to bring the database online
181
    if opts['DatabaseMigrationPaths']
182
      opts['DatabaseMigrationPaths'].each do |migrations_path|
183
        ActiveRecord::Migrator.migrations_paths << migrations_path
184
      end
185
    end
186

187
    configuration_pathname = Metasploit::Framework::Database.configurations_pathname(path: opts['DatabaseYAML'])
188

189
    if configuration_pathname.nil?
190
      self.error = "No database YAML file"
191
    else
192
      if configuration_pathname.readable?
193
        # parse specified database YAML file, using the same pattern as Rails https://github.com/rails/rails/pull/42249
194
        dbinfo = begin
195
          YAML.load_file(configuration_pathname, aliases: true) || {}
196
        rescue ArgumentError
197
          YAML.load_file(configuration_pathname) || {}
198
        end
199

200
        dbenv  = opts['DatabaseEnv'] || Rails.env
201
        db_opts = dbinfo[dbenv]
202
      else
203
        elog("Warning, #{configuration_pathname} is not readable. Try running as root or chmod.")
204
      end
205

206
      if db_opts
207
        init_success = connect(db_opts)
208
      else
209
        elog("No database definition for environment #{dbenv}")
210
      end
211
    end
212

213
    # framework.db.active will be true if after_establish_connection ran directly when connection_established? was
214
    # already true or if framework.db.connect called after_establish_connection.
215
    if !! error
216
      if error.to_s =~ /RubyGem version.*pg.*0\.11/i
217
        err_msg = <<~ERROR
218
        ***
219
        *
220
        * Metasploit now requires version 0.11 or higher of the 'pg' gem for database support
221
        * There are three ways to accomplish this upgrade:
222
        * 1. If you run Metasploit with your system ruby, simply upgrade the gem:
223
        *    $ rvmsudo gem install pg
224
        * 2. Use the Community Edition web interface to apply a Software Update
225
        * 3. Uninstall, download the latest version, and reinstall Metasploit
226
        *
227
        ***
228
        
229

230
        ERROR
231
        elog(err_msg)
232
      end
233

234
      # +error+ is not an instance of +Exception+, it is, in fact, a +String+
235
      elog("Failed to connect to the database: #{error}")
236
    end
237

238
    return init_success
239
  end
240
end
241

242