Class: Mdm::Session

Inherits:
ActiveRecord::Base
  • Object
show all
Defined in:
app/models/mdm/session.rb

Overview

A session opened on a #host using an exploit and controlled through a payload to connect back to the local host using meterpreter or a cmd shell.

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#close_reasonString

Why the session was closed. Used to differentiate between user killing it local and the session being killed on the remote end.

Returns:

  • (String) 



# File 'app/models/mdm/session.rb', line 45

#closed_atDateTime

When the session was closed on #host.

Returns:

  • (DateTime) 



# File 'app/models/mdm/session.rb', line 40

#datastoreHash

Options for exploit and #via_payload modules.

Returns:

  • (Hash) 



# File 'app/models/mdm/session.rb', line 51

#descString

Description of session.

Returns:

  • (String) 



# File 'app/models/mdm/session.rb', line 56

#eventsArray<Mdm::Event>

Events that occurred when this session was open.

Returns:



12
 
# File 'app/models/mdm/session.rb', line 12

has_many :events, :class_name => 'Mdm::SessionEvent', :order => 'created_at', :dependent => :delete_all

#hostMdm::Host

Host on which this session was opened.

Returns:



18
 
# File 'app/models/mdm/session.rb', line 18

belongs_to :host, :class_name => 'Mdm::Host'

#last_seenDateTime

The last time the session was checked to see that it was still open.

Returns:

  • (DateTime) 



# File 'app/models/mdm/session.rb', line 61

#local_idInteger

The ID number of the in-memory session.

Returns:

  • (Integer) 



# File 'app/models/mdm/session.rb', line 66

#opened_atDateTime

When the session was opened on #host.

Returns:

  • (DateTime) 



# File 'app/models/mdm/session.rb', line 71

#platformString

The #host platform.

Returns:

  • (String) 



# File 'app/models/mdm/session.rb', line 76

#portInteger

The remote port on which this session is running on #host.

Returns:

  • (Integer) 



# File 'app/models/mdm/session.rb', line 81

#routesArray<Mdm::Route>

Routes tunneled throug this session.

Returns:



24
 
# File 'app/models/mdm/session.rb', line 24

has_many :routes, :class_name => 'Mdm::Route', :dependent => :delete_all

#stypeString

The type of the session.

Returns:

  • (String) 



# File 'app/models/mdm/session.rb', line 86

#via_exploitString

The full name of the exploit module that opened this session.

Returns:

  • (String) 



# File 'app/models/mdm/session.rb', line 91

#via_payloadString

The full name if the payload module that's running this session.

Returns:

  • (String) 



# File 'app/models/mdm/session.rb', line 96

#workspaceMdm::Workspace (readonly)

The workspace in which this session exists.

Returns:



34
 
# File 'app/models/mdm/session.rb', line 34

has_one :workspace, :through => :host, :class_name => 'Mdm::Workspace'

Instance Method Details

#upgradeable?true, false

Returns whether the session can be upgraded to a meterpreter session from a shell session on Windows.

Returns:

  • (true)

    if #platform is some version of Windows and #stype is 'shell'.

  • (false)

    otherwise.



125
126
127
 
# File 'app/models/mdm/session.rb', line 125

def upgradeable?
  (self.platform =~ /win/ and self.stype == 'shell')
end