Class: Mdm::Session

Inherits:
ActiveRecord::Base
  • Object
show all
Defined in:
app/models/mdm/session.rb

Overview

A session opened on a #host using an exploit and controlled through a payload to connect back to the local host using meterpreter or a cmd shell.

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#close_reasonString

Why the session was closed. Used to differentiate between user killing it local and the session being killed on the remote end.

Returns:

  • (String) 



# File 'app/models/mdm/session.rb', line 57

#closed_atDateTime

When the session was closed on #host.

Returns:

  • (DateTime) 



# File 'app/models/mdm/session.rb', line 52

#datastoreHash

Options for exploit and #via_payload modules.

Returns:

  • (Hash) 



# File 'app/models/mdm/session.rb', line 63

#descString

Description of session.

Returns:

  • (String) 



# File 'app/models/mdm/session.rb', line 68

#eventsArray<Mdm::Event>

Events that occurred when this session was open.

Returns:



12
 
# File 'app/models/mdm/session.rb', line 12

has_many :events, :class_name => 'Mdm::SessionEvent', :order => 'created_at', :dependent => :delete_all

#hostMdm::Host

Host on which this session was opened.

Returns:



18
 
# File 'app/models/mdm/session.rb', line 18

belongs_to :host, :class_name => 'Mdm::Host'

#last_seenDateTime

The last time the session was checked to see that it was still open.

Returns:

  • (DateTime) 



# File 'app/models/mdm/session.rb', line 73

#local_idInteger

The ID number of the in-memory session.

Returns:

  • (Integer) 



# File 'app/models/mdm/session.rb', line 78

#opened_atDateTime

When the session was opened on #host.

Returns:

  • (DateTime) 



# File 'app/models/mdm/session.rb', line 83

#platformString

The #host platform.

Returns:

  • (String) 



# File 'app/models/mdm/session.rb', line 88

#portInteger

The remote port on which this session is running on #host.

Returns:

  • (Integer) 



# File 'app/models/mdm/session.rb', line 93

#routesArray<Mdm::Route>

Routes tunneled throug this session.

Returns:



24
 
# File 'app/models/mdm/session.rb', line 24

has_many :routes, :class_name => 'Mdm::Route', :dependent => :delete_all

#stypeString

The type of the session.

Returns:

  • (String) 



# File 'app/models/mdm/session.rb', line 98

#taskMdm::Session

Session this task touched

Returns:



46
 
# File 'app/models/mdm/session.rb', line 46

has_many :tasks, :through => :task_sessions, :class_name => 'Mdm::Task'

#task_sessionsArray<Mdm::TaskSession>

Details about sessions this task touched

Returns:



40
 
# File 'app/models/mdm/session.rb', line 40

has_many :task_sessions, :dependent => :destroy, :class_name => 'Mdm::TaskSession'

#via_exploitString

The full name of the exploit module that opened this session.

Returns:

  • (String) 



# File 'app/models/mdm/session.rb', line 103

#via_payloadString

The full name if the payload module that's running this session.

Returns:

  • (String) 



# File 'app/models/mdm/session.rb', line 108

#workspaceMdm::Workspace (readonly)

The workspace in which this session exists.

Returns:



34
 
# File 'app/models/mdm/session.rb', line 34

has_one :workspace, :through => :host, :class_name => 'Mdm::Workspace'

Instance Method Details

#upgradeable?true, false

Returns whether the session can be upgraded to a meterpreter session from a shell session on Windows.

Returns:

  • (true)

    if #platform is some version of Windows and #stype is 'shell'.

  • (false)

    otherwise.



137
138
139
140
141
142
143
 
# File 'app/models/mdm/session.rb', line 137

def upgradeable?
  if (self.platform =~ /win/i and self.stype == 'shell')
    return true
  else
    return false
  end
end