Create local copies of loot

Author: jbarnett-r7

lib/metasploit/framework/data_service/remote/http/remote_loot_data_service.rb

@@ -6,7 +6,16 @@ module RemoteLootDataService
   LOOT_PATH = '/api/1/msf/loot'
 
   def loot(opts = {})
-    json_to_open_struct_object(self.get_data(LOOT_PATH, opts), [])
+    # TODO: Add an option to toggle whether the file data is returned or not
+    loots = json_to_open_struct_object(self.get_data(LOOT_PATH, opts), [])
+    # Save a local copy of the file
+    loots.each do |loot|
+      if loot.data
+        local_path = File.join(Msf::Config.loot_directory, File.basename(loot.path))
+        loot.path = process_file(loot.data, local_path)
+      end
+    end
+    loots
   end
 
   def report_loot(opts)

lib/metasploit/framework/data_service/remote/http/response_data_helper.rb

@@ -23,6 +23,27 @@ def json_to_open_struct_object(response_wrapper, returns_on_error = nil)
     return returns_on_error
   end
 
+  # Processes a Base64 encoded file included in a JSON request.
+  # Saves the file in the location specified in the parameter.
+  #
+  # @param base64_file [String] The Base64 encoded file.
+  # @param save_dir [String] The location to store the file. This should include the file's name.
+  # @return [String] The location where the file was successfully stored.
+  def process_file(base64_file, save_dir)
+    decoded_file = Base64.urlsafe_decode64(base64_file)
+    begin
+      # If we are running the data service on the same box this will ensure we only write
+      # the file if it is somehow not there already.
+      unless File.exists?(save_dir) && File.read(save_dir) == decoded_file
+        File.open(save_dir, 'w+') { |file| file.write(decoded_file) }
+      end
+    rescue Exception => e
+      puts "There was an error writing the file: #{e}"
+      e.backtrace.each { |line| puts "#{line}\n"}
+    end
+    save_dir
+  end
+
   #
   # Converts a hash to an open struct
   #

lib/msf/core/db_manager/http/servlet/loot_servlet.rb

@@ -27,12 +27,11 @@ def self.get_loot
 
   def self.report_loot
     lambda {
-
       job = lambda { |opts|
         if opts[:data]
           filename = File.basename(opts[:path])
           local_path = File.join(Msf::Config.loot_directory, filename)
-          process_file(opts[:data], local_path)
+          opts[:path] = process_file(opts[:data], local_path)
         end
 
         get_db().report_loot(opts)

lib/msf/core/db_manager/http/servlet/nmap_servlet.rb

@@ -16,7 +16,7 @@ def self.import_nmap_xml_file
     lambda {
 
       job = lambda { |opts|
-        nmap_file = opts[:filename].split('/').last
+        nmap_file = File.basename(opts[:filename])
         nmap_file_path = File.join(Msf::Config.local_directory, nmap_file)
         opts[:filename] = process_file(opts[:data], nmap_file_path)
         get_db().import_nmap_xml_file(opts)

lib/msf/core/db_manager/http/servlet_helper.rb

@@ -57,27 +57,6 @@ def get_db()
     DBManagerProxy.instance.db
   end
 
-  # Processes a Base64 encoded file included in a JSON request.
-  # Saves the file in the location specified in the parameter.
-  #
-  # @param base64_file [String] The Base64 encoded file.
-  # @param save_dir [String] The location to store the file. This should include the file's name.
-  # @return [String] The location where the file was successfully stored.
-  def process_file(base64_file, save_dir)
-    decoded_file = Base64.urlsafe_decode64(base64_file)
-    begin
-      # If we are running the data service on the same box this will ensure we only write
-      # the file if it is somehow not there already.
-      unless File.exists?(save_dir) && File.read(save_dir) == decoded_file
-        File.open(save_dir, 'r+') { |file| file.write(decoded_file) }
-      end
-    rescue Exception => e
-      puts "There was an error writing the file: #{e}"
-      e.backtrace.each { |line| puts "#{line}\n"}
-    end
-    save_dir
-  end
-
   #######
   private
   #######