Add coerce param to Base64Serializer

Author: sjanusz-r7

app/models/mdm/event.rb

@@ -73,9 +73,9 @@ class Mdm::Event < ApplicationRecord
   #
   # @return [Hash]
   if ActiveRecord::VERSION::MAJOR >= 7 && ActiveRecord::VERSION::MINOR >= 1
-    serialize :info, coder: MetasploitDataModels::Base64Serializer.new
+    serialize :info, coder: MetasploitDataModels::Base64Serializer.new(coerce: true)
   else
-    serialize :info, MetasploitDataModels::Base64Serializer.new
+    serialize :info, MetasploitDataModels::Base64Serializer.new(coerce: true)
   end
 
   #

app/models/mdm/listener.rb

@@ -70,9 +70,9 @@ class Mdm::Listener < ApplicationRecord
   #
   # @return [Hash]
   if ActiveRecord::VERSION::MAJOR >= 7 && ActiveRecord::VERSION::MINOR >= 1
-    serialize :options, coder: MetasploitDataModels::Base64Serializer.new
+    serialize :options, coder: MetasploitDataModels::Base64Serializer.new(coerce: true)
   else
-    serialize :options, MetasploitDataModels::Base64Serializer.new
+    serialize :options, MetasploitDataModels::Base64Serializer.new(coerce: true)
   end
 
   #

app/models/mdm/session.rb

@@ -173,9 +173,9 @@ class Mdm::Session < ApplicationRecord
   #
 
   if ActiveRecord::VERSION::MAJOR >= 7 && ActiveRecord::VERSION::MINOR >= 1
-    serialize :datastore, coder: ::MetasploitDataModels::Base64Serializer.new
+    serialize :datastore, coder: ::MetasploitDataModels::Base64Serializer.new(coerce: true)
   else
-    serialize :datastore, ::MetasploitDataModels::Base64Serializer.new
+    serialize :datastore, ::MetasploitDataModels::Base64Serializer.new(coerce: true)
   end
 
   # Returns whether the session can be upgraded to a meterpreter session from a shell session on Windows.

app/models/mdm/task.rb

@@ -131,27 +131,27 @@ class Mdm::Task < ApplicationRecord
   #
   # @return [Hash]
   if ActiveRecord::VERSION::MAJOR >= 7 && ActiveRecord::VERSION::MINOR >= 1
-    serialize :options, coder: MetasploitDataModels::Base64Serializer.new
+    serialize :options, coder: MetasploitDataModels::Base64Serializer.new(coerce: true)
   else
-    serialize :options, MetasploitDataModels::Base64Serializer.new
+    serialize :options, MetasploitDataModels::Base64Serializer.new(coerce: true)
   end
 
   # Result of task running.
   #
   # @return [Hash]
   if ActiveRecord::VERSION::MAJOR >= 7 && ActiveRecord::VERSION::MINOR >= 1
-    serialize :result, coder: MetasploitDataModels::Base64Serializer.new
+    serialize :result, coder: MetasploitDataModels::Base64Serializer.new(coerce: true)
   else
-    serialize :result, MetasploitDataModels::Base64Serializer.new
+    serialize :result, MetasploitDataModels::Base64Serializer.new(coerce: true)
   end
 
   # Settings used to configure this task outside of the {#options module options}.
   #
   # @return [Hash]
   if ActiveRecord::VERSION::MAJOR >= 7 && ActiveRecord::VERSION::MINOR >= 1
-    serialize :settings, coder: MetasploitDataModels::Base64Serializer.new
+    serialize :settings, coder: MetasploitDataModels::Base64Serializer.new(coerce: true)
   else
-    serialize :settings, MetasploitDataModels::Base64Serializer.new
+    serialize :settings, MetasploitDataModels::Base64Serializer.new(coerce: true)
   end
 
   #

app/models/mdm/web_vuln.rb

@@ -142,9 +142,9 @@ class Mdm::WebVuln < ApplicationRecord
   #
   #   @return [Array<Array(String, String)>] Array of parameter key value pairs
   if ActiveRecord::VERSION::MAJOR >= 7 && ActiveRecord::VERSION::MINOR >= 1
-    serialize :params, coder: MetasploitDataModels::Base64Serializer.new(:default => DEFAULT_PARAMS)
+    serialize :params, coder: MetasploitDataModels::Base64Serializer.new(default: DEFAULT_PARAMS)
   else
-    serialize :params, MetasploitDataModels::Base64Serializer.new(:default => DEFAULT_PARAMS)
+    serialize :params, MetasploitDataModels::Base64Serializer.new(default: DEFAULT_PARAMS)
   end
 
   #

lib/metasploit_data_models/base64_serializer.rb

@@ -15,6 +15,10 @@ class MetasploitDataModels::Base64Serializer
 
   # The default for {#default}
   DEFAULT = {}
+
+  # The default for {#coerce}
+  COERCE_DEFAULT = false
+
   # Deserializers for {#load}
   # 1. Base64 decoding and then unmarshalling the value.
   # 2. Parsing the value as YAML.
@@ -47,14 +51,33 @@ def default
   end
 
   attr_writer :default
+  attr_writer :coerce
+
+  # Recursively coerce the object that has been passed in, keeping primitive types as their original type,
+  # while changing objects that cannot be serialized into a string representation of the object data.
+  def coerce_object(value)
+    case value
+    when Hash
+      value.transform_values { |v| coerce_object(v) }
+    when Array
+      value.map { |v| coerce_object(v) }
+    when File, IO
+      value.inspect
+    when String, Integer, Float, TrueClass, FalseClass, NilClass, Symbol
+      value
+    else
+      value.to_s
+    end
+  end
 
   # Serializes the value by marshalling the value and then base64 encodes the marshaled value.
   #
   # @param value [Object] value to serialize
   # @return [String]
   def dump(value)
     # Always store data back in the Marshal format
-    marshalled = Marshal.dump(value)
+    to_serialize = @coerce ? coerce_object(value) : value
+    marshalled = Marshal.dump(to_serialize)
     base64_encoded = [ marshalled ].pack('m')
 
     base64_encoded
@@ -63,9 +86,10 @@ def dump(value)
   # @param attributes [Hash] attributes
   # @option attributes [Object] :default ({}) Value to use for {#default}.
   def initialize(attributes={})
-    attributes.assert_valid_keys(:default)
+    attributes.assert_valid_keys(:default, :coerce)
 
     @default = attributes.fetch(:default, DEFAULT)
+    @coerce = attributes.fetch(:coerce, COERCE_DEFAULT)
   end
 
   # Deserializes the value by either