Land #14, complete remote loot CRUD operations

Author: mkienow-r7

lib/metasploit/framework/data_service/proxy/loot_data_proxy.rb

@@ -12,15 +12,32 @@ def report_loot(opts)
     end
   end
 
+  # TODO: Shouldn't this proxy to RemoteLootDataService#find_or_create_loot ?
+  # It's currently skipping the "find" part
+  def find_or_create_loot(opts)
+    report_loot(opts)
+  end
+
   def loots(wspace, opts = {})
     begin
       data_service = self.get_data_service
       opts[:wspace] = wspace
       data_service.loot(opts)
     rescue Exception => e
       elog "Problem retrieving loot: #{e.message}"
+      e.backtrace.each { |line| elog "#{line}\n" }
     end
   end
 
   alias_method :loot, :loots
+
+  def update_loot(opts)
+    begin
+      data_service = self.get_data_service
+      data_service.update_loot(opts)
+    rescue Exception => e
+      elog "Problem updating loot: #{e.message}"
+      e.backtrace.each { |line| elog "#{line}\n" }
+    end
+  end
 end

lib/metasploit/framework/data_service/remote/http/remote_loot_data_service.rb

@@ -8,7 +8,7 @@ module RemoteLootDataService
 
   def loot(opts = {})
     # TODO: Add an option to toggle whether the file data is returned or not
-    loots = json_to_mdm_object(self.get_data(LOOT_API_PATH, opts), LOOT_MDM_CLASS, [])
+    loots = json_to_mdm_object(self.get_data(LOOT_API_PATH, nil, opts), LOOT_MDM_CLASS, [])
     # Save a local copy of the file
     loots.each do |loot|
       if loot.data
@@ -30,4 +30,17 @@ def find_or_create_loot(opts)
   def report_loots(loot)
     self.post_data(LOOT_API_PATH, loot)
   end
+
+  def update_loot(opts)
+    path = LOOT_API_PATH
+    if opts && opts[:id]
+      id = opts.delete(:id)
+      path = "#{LOOT_API_PATH}/#{id}"
+    end
+    json_to_mdm_object(self.put_data(path, opts), LOOT_MDM_CLASS, [])
+  end
+
+  def delete_loot(opts)
+    json_to_mdm_object(self.delete_data(LOOT_API_PATH, opts), LOOT_MDM_CLASS, [])
+  end
 end

lib/metasploit/framework/data_service/remote/http/response_data_helper.rb

@@ -45,6 +45,7 @@ def json_to_mdm_object(response_wrapper, mdm_class, returns_on_error = nil)
         end
       rescue Exception => e
         elog "Mdm Object conversion failed #{e.message}"
+        e.backtrace.each { |line| elog "#{line}\n" }
       end
     end
 
@@ -66,7 +67,8 @@ def process_file(base64_file, save_path)
         File.open(save_path, 'w+') { |file| file.write(decoded_file) }
       end
     rescue Exception => e
-      elog "There was an error writing the file: #{e.message}"
+      elog "There was an error writing the file: #{e}"
+      e.backtrace.each { |line| elog "#{line}\n"}
     end
     save_path
   end

lib/msf/core/db_manager/host.rb

@@ -9,27 +9,17 @@ def del_host(wspace, address, comm='')
   }
   end
 
+  # Deletes Host entries based on the IDs passed in.
+  #
+  # @param opts[:ids] [Array] Array containing Integers corresponding to the IDs of the Loot entries to delete.
+  # @return [Array] Array containing the Mdm::Loot objects that were successfully deleted.
   def delete_host(opts)
-    wspace = opts[:workspace] || opts[:wspace] || workspace
-    if wspace.is_a? String
-      wspace = find_workspace(wspace)
-    end
+    raise ArgumentError.new("The following options are required: :ids") if opts[:ids].nil?
 
     ::ActiveRecord::Base.connection_pool.with_connection {
-      hosts = []
-      if opts[:address] || opts[:host]
-        opt_addr = opts[:address] || opts[:host]
-        host = wspace.hosts.find_by_address(opt_addr)
-        return { error: { message: "Unable to find host by specified address" } } if host.nil? || host.class != ::Mdm::Host
-        hosts << host
-      elsif opts[:addresses]
-        return { error: { message: "Unable to find host by specified addresses" } } if opts[:addresses].class != Array
-        hosts = wspace.hosts.where(address: opts[:addresses])
-        return { error: { message: "Unable to find hosts for specified addresses" } } if hosts.nil?
-      end
-
       deleted = []
-      hosts.each do |host|
+      opts[:ids].each do |host_id|
+        host = Mdm::Host.find(host_id)
         begin
           deleted << host.destroy
         rescue # refs suck

lib/msf/core/db_manager/http/servlet/loot_servlet.rb

@@ -4,9 +4,15 @@ def self.api_path
     '/api/v1/loots'
   end
 
+  def self.api_path_with_id
+    "#{LootServlet.api_path}/?:id?"
+  end
+
   def self.registered(app)
     app.get LootServlet.api_path, &get_loot
     app.post LootServlet.api_path, &report_loot
+    app.put LootServlet.api_path_with_id, &update_loot
+    app.delete LootServlet.api_path, &delete_loot
   end
 
   #######
@@ -17,8 +23,12 @@ def self.get_loot
     lambda {
       begin
         opts = parse_json_request(request, false)
-        data = get_db().loots(opts)
-        set_json_response(data)
+        data = get_db().loots(params.symbolize_keys)
+        includes = [:host]
+        data.each do |loot|
+          loot.data = Base64.urlsafe_encode64(loot.data) if loot.data
+        end
+        set_json_response(data, includes)
       rescue Exception => e
         set_error_on_response(e)
       end
@@ -32,11 +42,38 @@ def self.report_loot
           filename = File.basename(opts[:path])
           local_path = File.join(Msf::Config.loot_directory, filename)
           opts[:path] = process_file(opts[:data], local_path)
+          opts[:data] = Base64.urlsafe_decode64(opts[:data])
         end
 
         get_db().report_loot(opts)
       }
       exec_report_job(request, &job)
     }
   end
+
+  def self.update_loot
+    lambda {
+      begin
+        opts = parse_json_request(request, false)
+        tmp_params = params.symbolize_keys
+        opts[:id] = tmp_params[:id] if tmp_params[:id]
+        data = get_db().update_loot(opts)
+        set_json_response(data)
+      rescue Exception => e
+        set_error_on_response(e)
+      end
+    }
+  end
+
+  def self.delete_loot
+    lambda {
+      begin
+        opts = parse_json_request(request, false)
+        data = get_db().delete_loot(opts)
+        set_json_response(data)
+      rescue Exception => e
+        set_error_on_response(e)
+      end
+    }
+  end
 end

lib/msf/core/db_manager/loot.rb

@@ -29,9 +29,12 @@ def loots(opts)
     if wspace.kind_of? String
       wspace = find_workspace(wspace)
     end
+    opts[:workspace_id] = wspace.id
 
     ::ActiveRecord::Base.connection_pool.with_connection {
-      wspace.loots.where(opts)
+      search_term = opts.delete(:search_term)
+      column_search_conditions = Msf::Util::DBManager.create_all_column_search_conditions(Mdm::Loot, search_term)
+      Mdm::Loot.includes(:host).where(opts).where(column_search_conditions)
     }
   end
   alias_method :loot, :loots
@@ -87,4 +90,45 @@ def report_loot(opts)
     ret[:loot] = loot
   }
   end
+
+  # Update the attributes of a Loot entry with the values in opts.
+  # The values in opts should match the attributes to update.
+  #
+  # @param opts [Hash] Hash containing the updated values. Key should match the attribute to update. Must contain :id of record to update.
+  # @return [Mdm::Loot] The updated Mdm::Loot object.
+  def update_loot(opts)
+    wspace = opts.delete(:workspace)
+    if wspace.kind_of? String
+      wspace = find_workspace(wspace)
+      opts[:workspace] = wspace
+    end
+
+    ::ActiveRecord::Base.connection_pool.with_connection {
+      id = opts.delete(:id)
+      Mdm::Loot.update(id, opts)
+    }
+  end
+
+  # Deletes Loot entries based on the IDs passed in.
+  #
+  # @param opts[:ids] [Array] Array containing Integers corresponding to the IDs of the Loot entries to delete.
+  # @return [Array] Array containing the Mdm::Loot objects that were successfully deleted.
+  def delete_loot(opts)
+    raise ArgumentError.new("The following options are required: :ids") if opts[:ids].nil?
+
+    ::ActiveRecord::Base.connection_pool.with_connection {
+      deleted = []
+      opts[:ids].each do |loot_id|
+        loot = Mdm::Loot.find(loot_id)
+        begin
+          deleted << loot.destroy
+        rescue # refs suck
+          elog("Forcibly deleting #{loot}")
+          deleted << loot.delete
+        end
+      end
+
+      return deleted
+    }
+  end
 end