Msf::DBManager#report_session specs

[#47979793]

Author: limhoff-r7

Gemfile

@@ -48,4 +48,6 @@ group :test do
   # code coverage for tests
   # any version newer than 0.5.4 gives an Encoding error when trying to read the source files.
   gem 'simplecov', '0.5.4', :require => false
+	# Manipulate Time.now in specs
+	gem 'timecop'
 end

Gemfile.lock

@@ -52,6 +52,7 @@ GEM
       multi_json (~> 1.0.3)
       simplecov-html (~> 0.5.3)
     simplecov-html (0.5.3)
+    timecop (0.6.1)
     tzinfo (0.3.37)
     yard (0.8.5.2)
 
@@ -75,4 +76,5 @@ DEPENDENCIES
   rspec (>= 2.12)
   shoulda-matchers
   simplecov (= 0.5.4)
+  timecop
   yard

lib/msf/core/db.rb

@@ -645,12 +645,69 @@ def get_session(opts)
 	}
 	end
 
-	# Record a new session in the database
-	#
-	# opts MUST contain either
-	# +:session+:: the Msf::Session object we are reporting
-	# +:host+::    the Host object we are reporting a session on.
-	#
+	# @note The Mdm::Session#desc will be truncated to 255 characters.
+  # @todo https://www.pivotaltracker.com/story/show/48249739
+	#
+	# @overload report_session(opts)
+	#   Creates an Mdm::Session from Msf::Session. If +via_exploit+ is set on the
+	#   +session+, then an Mdm::Vuln and Mdm::ExploitAttempt is created for the
+	#   session's host.  The Mdm::Host for the +session_host+ is created using
+	#   The session.session_host, +session.arch+ (if +session+ responds to arch),
+	#   and the workspace derived from opts or the +session+.  The Mdm::Session is
+	#   assumed to be +last_seen+ and +opened_at+ at the time report_session is
+	#   called.  +session.exploit_datastore['ParentModule']+ is used for the
+	#   Mdm::Session#via_exploit if +session.via_exploit+ is
+	#   'exploit/multi/handler'.
+	#
+	#   @param opts [Hash{Symbol => Object}] options
+	#   @option opt [Msf::Session, #datastore, #platform, #type, #via_exploit, #via_payload] :session
+	#     The in-memory session to persist to the database.
+	#   @option opts [Mdm::Workspace] :workspace The workspace for in which the
+	#     :session host is contained.  Also used as the workspace for the
+	#     Mdm::ExploitAttempt and Mdm::Vuln.  Defaults to Mdm::Worksapce with
+	#     Mdm::Workspace#name equal to +session.workspace+.
+	#   @return [nil] if {Msf::DBManager#active} is +false+.
+	#   @return [Mdm::Session] if session is saved
+	#   @raise [ArgumentError] if :session is not an {Msf::Session}.
+	#   @raise [ActiveRecord::RecordInvalid] if session is invalid and cannot be
+	#     saved, in which case, the Mdm::ExploitAttempt and Mdm::Vuln will not be
+	#     created, but the Mdm::Host will have been.   (There is no transaction
+	#       to rollback the Mdm::Host creation.)
+	#   @see #find_or_create_host
+	#   @see #normalize_host
+	#   @see #report_exploit_success
+	#   @see #report_vuln
+	#
+	# @overload report_session(opts)
+	#   Creates an Mdm::Session from Mdm::Host.
+	#
+	#   @param opts [Hash{Symbol => Object}] options
+	#   @option opts [DateTime, Time] :closed_at The date and time the sesion was
+	#     closed.
+	#   @option opts [String] :close_reason Reason the session was closed.
+	#   @option opts [Hash] :datastore {Msf::DataStore#to_h}.
+	#   @option opts [String] :desc Session description.  Will be truncated to 255
+	#     characters.
+	#   @option opts [Mdm::Host] :host The host on which the session was opened.
+	#   @option opts [DateTime, Time] :last_seen The last date and time the
+	#     session was seen to be open.  Defaults to :closed_at's value.
+	#   @option opts [DateTime, Time] :opened_at The date and time that the
+	#     session was opened.
+	#   @option opts [String] :platform The platform of the host.
+	#   @option opts [Array] :routes ([]) The routes through the session for
+	#     pivoting.
+	#   @option opts [String] :stype Session type.
+	#   @option opts [String] :via_exploit The {Msf::Module#fullname} of the
+	#     exploit that was used to open the session.
+	#   @option option [String] :via_payload the {MSf::Module#fullname} of the
+	#     payload sent to the host when the exploit was successful.
+	#   @return [nil] if {Msf::DBManager#active} is +false+.
+	#   @return [Mdm::Session] if session is saved.
+	#   @raise [ArgumentError] if :host is not an Mdm::Host.
+	#   @raise [ActiveRecord::RecordInvalid] if session is invalid and cannot be
+	#     saved.
+	#
+	# @raise ArgumentError if :host and :session is +nil+
 	def report_session(opts)
 		return if not active
 	::ActiveRecord::Base.connection_pool.with_connection {
@@ -719,8 +776,6 @@ def report_session(opts)
 
 		# If this is a live session, we know the host is vulnerable to something.
 		if opts[:session] and session.via_exploit
-			return unless host
-
 			mod = framework.modules.create(session.via_exploit)
 
 			if session.via_exploit == "exploit/multi/handler" and sess_data[:datastore]['ParentModule']

spec/factories/mdm/routes.rb

@@ -0,0 +1,34 @@
+FactoryGirl.define do
+	factory :mdm_route, :class => Mdm::Route do
+		netmask { generate :mdm_route_netmask }
+		subnet { generate :mdm_route_subnet }
+
+		#
+		# Associations
+		#
+		association :session, :factory => :mdm_session
+	end
+
+	sequence :mdm_route_netmask do |n|
+		bits = 32
+		bitmask = n % bits
+
+		[ (~((2 ** (bits - bitmask)) - 1)) & 0xffffffff ].pack('N').unpack('CCCC').join('.')
+
+		bits = 32
+		shift = n % bits
+		mask_range = 2 ** bits
+		full_mask = mask_range - 1
+
+		integer_netmask = (full_mask << shift)
+		formatted_netmask = [integer_netmask].pack('N').unpack('CCCC').join('.')
+
+		formatted_netmask
+	end
+
+	sequence :mdm_route_subnet do |n|
+		class_c_network = n % 255
+
+    "192.168.#{class_c_network}.0"
+	end
+end