Module: Msf::Exploit::Remote::HTTP::ManageEngineAdauditPlus::JsonPostData

Included in:
Msf::Exploit::Remote::HTTP::ManageEngineAdauditPlus
Defined in:
lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus/json_post_data.rb

Instance Method Summary collapse

Instance Method Details

#generate_gpo_watcher_data_json(options) ⇒ String

Generates a JSON hash according to the format required by the GPOWatcherData endpoint

Parameters:

  • options (Hash)

    Hash containing parameters to include in the JSON hash.

Options Hash (options):

  • :isGPOData (Boolean)

    Is the data GPO data? This is set to true if so, otherwise its set to false.

  • :DOMAIN_NAME (String)

    Name of the domain being targeted.

  • :GPO_GUID (String)

    The GPO GUID to use.

  • :GPO_VERSION (Integer)

    The version number of the GPO GUID in use, or a random number from 1 to 9 if one is not supplied.

  • :VER_FILE_NAME (String)

    The version file name in a format that matches ADAudit Plus's VER_FILE_NAME format.

  • :xmlReport (String)

    An XML string containing the header to use for the report.

  • :Html_fileName (String)

    The filename to use for the post request if provided.

  • :htmlReport (String)

    The location to save the HTML report if provided.

Returns:

  • (String)

    A string representation of the JSON hash matching the format required by the GPOWatcherData endpoint. Will be an empty string if the options param is invalid.



18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# File 'lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus/json_post_data.rb', line 18

def generate_gpo_watcher_data_json(options)
  post_data = {}
  return post_data.to_json unless options.is_a?(Hash)

  post_data['isGPOData'] = options['isGPOData'] || true
  post_data['DOMAIN_NAME'] = options['DOMAIN_NAME'] || ''
  post_data['GPO_GUID'] = options['GPO_GUID'] || Rex::Proto::MsDtyp::MsDtypGuid.random_generate
  post_data['GPO_VERSION'] = options['GPO_VERSION'] || rand(1..9)
  post_data['VER_FILE_NAME'] = options['VER_FILE_NAME'] || generate_ver_file_name
  post_data['xmlReport'] = options['xmlReport'] || '<?xml version="1.0" encoding="utf-16"?>'

  html_fileName = options['Html_fileName']
  post_data['Html_fileName'] = html_fileName if html_fileName

  html_report = options['htmlReport']
  post_data['htmlReport'] = html_report if html_report

  post_data.to_json
end

#generate_ver_file_nameString

Returns a String matching the VER_FILE_NAME format used by ADAudit Plus

Returns:

  • (String)

    Randomly generated String matching the the VER_FILE_NAME format used by ADAudit Plus



41
42
43
# File 'lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus/json_post_data.rb', line 41

def generate_ver_file_name
  "#{rand(1..9)}_#{Rex::Text.rand_text_alphanumeric(18)}".downcase + '.xml'
end