save events to the database. fixes 618

git-svn-id: file:///home/svn/framework3/trunk@8126 4d416f70-5f16-0410-b530-b9f4589650da

lib/msf/base/simple/auxiliary.rb

@@ -90,6 +90,7 @@ protected
 	def self.job_run_proc(mod)
 		begin
 			mod.setup
+			mod.framework.events.on_module_run(mod)
 			mod.run
 		rescue ::Interrupt
 			mod.print_error("Auxiliary interrupted by the console user")

lib/msf/base/simple/exploit.rb

@@ -55,7 +55,6 @@ module Exploit
 	# 	job.
 	#
 	def self.exploit_simple(exploit, opts)
-
 		# Trap and print errors here (makes them UI-independent)
 		begin
 
@@ -117,7 +116,6 @@ module Exploit
 				driver.use_job = true
 			end
 
-			exploit.framework.events.on_module_run(exploit)
 			# Let's rock this party
 			session = driver.run
 

lib/msf/core/db.rb

@@ -162,7 +162,7 @@ class DBManager
 	# Report a host's attributes such as operating system and service pack
 	#
 	# The opts parameter MUST contain
-	#	:address    -- the host's ip address
+	#	:host       -- the host's ip address
 	#
 	# The opts parameter can contain:
 	#	:state      -- one of the Msf::HostState constants
@@ -625,6 +625,12 @@ class DBManager
 	end
 
 
+	def report_event(opts = {})
+		framework.db.queue(Proc.new {
+			Event.create(opts.merge(:workspace_id => workspace.id))
+		})
+	end
+
 	#
 	# WMAP
 	# Support methods

lib/msf/core/exploit.rb

@@ -1,4 +1,5 @@
 require 'msf/core'
+require 'msf/core/module'
 
 module Msf
 

lib/msf/core/exploit_driver.rb

@@ -172,6 +172,8 @@ protected
 			# Set the exploit up the bomb
 			exploit.setup
 
+			exploit.framework.events.on_module_run(exploit)
+
 			# Launch the exploit
 			exploit.exploit
 

lib/msf/core/framework.rb

@@ -61,6 +61,7 @@ class Framework
 	require 'msf/core/module_manager'
 	require 'msf/core/session_manager'
 	require 'msf/core/db_manager'
+	require 'msf/core/event_dispatcher'
 
 	#
 	# Creates an instance of the framework context.
@@ -77,6 +78,13 @@ class Framework
 		self.jobs      = Rex::JobContainer.new
 		self.plugins   = PluginManager.new(self)
 		self.db        = DBManager.new(self)
+		
+		subscriber = FrameworkEventSubscriber.new(self)
+		events.add_exploit_subscriber(subscriber)
+		events.add_session_subscriber(subscriber)
+		events.add_general_subscriber(subscriber)
+		events.add_db_subscriber(subscriber)
+		events.add_ui_subscriber(subscriber)
 	end
 
 	def inspect
@@ -179,5 +187,96 @@ protected
 	attr_writer   :db # :nodoc:
 end
 
+class FrameworkEventSubscriber
+	include Framework::Offspring
+	def initialize(framework)
+		self.framework = framework
+	end
+
+	def report_event(data)
+		data.merge!(:user => ENV['USER'])
+		framework.db.report_event(data)
+	end
+
+	include GeneralEventSubscriber
+	def on_module_run(instance)
+		info = {}
+		info[:module_name] = instance.refname
+		info[:datastore] = instance.datastore
+		report_event(:name => "module_run", :info => info)
+	end
+
+	include ::Msf::UiEventSubscriber
+	def on_ui_command(command)
+		report_event(:name => "ui_command", :info => {:command => command})
+	end
+
+	def on_ui_stop()
+		report_event(:name => "ui_stop")
+	end
+
+	def on_ui_start(rev)
+		#
+		# The database is not active at startup time, so this event can never
+		# be saved to the db.  Might look into storing it in a flat file or
+		# something later.
+		#
+		#info = { :revision => rev }
+		#report_event(:name => "ui_start", :info => info)
+	end
+
+	require 'msf/core/session'
+	include ::Msf::SessionEvent
+	def on_session_open(session)
+		info = { :session_id => session.sid }
+		info[:via_exploit] = session.via_exploit
+
+		# Strip off the port
+		address = session.tunnel_peer[0, session.tunnel_peer.rindex(":")]
+		host = framework.db.find_or_create_host(:host=>address)
+
+		report_event(:name => "session_open", :info => info, :host_id => host.id)
+	end
+
+	def on_session_close(session)
+		info = { :session_id => session.sid }
+
+		# Strip off the port
+		address = session.tunnel_peer[0, session.tunnel_peer.rindex(":")]
+		host = framework.db.find_or_create_host(:host=>address)
+
+		report_event(:name => "session_close", :info => info, :host_id => host.id)
+	end
+
+	def on_session_interact(session)
+		info = { :session_id => session.sid }
+
+		# Strip off the port
+		address = session.tunnel_peer[0, session.tunnel_peer.rindex(":")]
+		host = framework.db.find_or_create_host(:host=>address)
+
+		report_event(:name => "session_interact", :info => info, :host_id => host.id)
+	end
+
+	def on_session_command(session, command)
+		info = { :session_id => session.sid, :command => command }
+
+		# Strip off the port
+		address = session.tunnel_peer[0, session.tunnel_peer.rindex(":")]
+		host = framework.db.find_or_create_host(:host=>address)
+
+		report_event(:name => "session_command", :info => info, :host_id => host.id)
+	end
+
+
+	# 
+	# This is covered by on_module_run and on_session_open, so don't bother
+	#
+	#require 'msf/core/exploit'
+	#include ExploitEvent
+	#def on_exploit_success(exploit, session)
+	#end
+
+end
 end
 

lib/msf/ui.rb

@@ -1,4 +1,15 @@
 module Msf
+module UiEventSubscriber
+	def on_ui_command(line)
+	end
+
+	def on_ui_stop()
+	end
+
+	def on_ui_start()
+	end
+end
+
 module Ui
 end
 end

lib/msf/ui/console/driver.rb

@@ -10,17 +10,6 @@ module Msf
 module Ui
 module Console
 
-class UiEventSubscriber
-	def on_ui_command(line)
-	end
-
-	def on_ui_stop()
-	end
-
-	def on_ui_start()
-	end
-end
-
 ###
 #
 # This class implements a user interface driver on a console interface.

lib/msf/ui/driver.rb

@@ -36,4 +36,4 @@ protected
 end
 
 end
-end
+end