Module: Msf::Exploit::Remote::HTTP::Splunk::URIs

Included in:

Msf::Exploit::Remote::HTTP::Splunk

Defined in:

lib/msf/core/exploit/remote/http/splunk/uris.rb

Overview

Module with methods for commonly used splunk URLs

Instance Method Summary

• #splunk_apps_url ⇒ String

  Returns the URL for the Splunk local apps management page.

• #splunk_dashboard_create_api_url(namespace) ⇒ String

  Returns the Splunk API URL for creating or managing dashboards in the specified namespace.

• #splunk_dashboard_delete_api_url(namespace, name) ⇒ String

  Returns the Splunk API URL for deleting a dashboard in the specified namespace.

• #splunk_dashboard_pdf_export_api_url(namespace, name) ⇒ String

  Returns the Splunk API URL used for exporting a dashboard to PDF.

• #splunk_home ⇒ String

  Returns the URL for splunk home page.

• #splunk_search_api_url(namespace = 'search') ⇒ String

  Returns the URL for splunk search api.

• #splunk_upload_url ⇒ String

  Returns the URL for splunk upload page.

• #splunk_url_login ⇒ String

  Returns the Splunk Login URL.

• #splunk_user_page(username = nil) ⇒ String

  Returns the Splunk URL for the user’s page.

Instance Method Details

#splunk_apps_url ⇒ String

Returns the URL for the Splunk local apps management page

Returns:

• (String) —

  Splunk local apps management page URL

# File 'lib/msf/core/exploit/remote/http/splunk/uris.rb', line 38

def splunk_apps_url
  normalize_uri(target_uri.path, 'en-US', 'manager', 'search', 'apps', 'local')
end

#splunk_dashboard_create_api_url(namespace) ⇒ String

Returns the Splunk API URL for creating or managing dashboards in the specified namespace

Parameters:

• namespace (String) —

  Splunk app or user context for execution

Returns:

• (String) —

  Full URL for the dashboards API endpoint

# File 'lib/msf/core/exploit/remote/http/splunk/uris.rb', line 54

def splunk_dashboard_create_api_url(namespace)
  normalize_uri(target_uri.path, 'en-US', 'splunkd', '__raw', 'servicesNS', 'admin', namespace, 'data', 'ui', 'views')
end

#splunk_dashboard_delete_api_url(namespace, name) ⇒ String

Returns the Splunk API URL for deleting a dashboard in the specified namespace

Parameters:

• namespace (String) —

  Splunk app or user context for execution

• name (String) —

  The name of the dashboard to delete

Returns:

• (String) —

  Full URL for the dashboard deletion API endpoint

# File 'lib/msf/core/exploit/remote/http/splunk/uris.rb', line 72

def splunk_dashboard_delete_api_url(namespace, name)
  normalize_uri(target_uri.path, 'en-US', 'splunkd', '__raw', 'servicesNS', 'admin', namespace, 'data', 'ui', 'views', name)
end

#splunk_dashboard_pdf_export_api_url(namespace, name) ⇒ String

Returns the Splunk API URL used for exporting a dashboard to PDF

Parameters:

• namespace (String) —

  Splunk app or user context for execution

• name (String) —

  The name of the dashboard to export

Returns:

• (String) —

  Full URL for the PDF export API endpoint

# File 'lib/msf/core/exploit/remote/http/splunk/uris.rb', line 63

def splunk_dashboard_pdf_export_api_url(namespace, name)
  normalize_uri(target_uri.path, 'en-US', 'splunkd', '__raw', 'services', 'pdfgen', 'render')
end

#splunk_home ⇒ String

Returns the URL for splunk home page

Returns:

• (String) —

  Splunk home page URL

# File 'lib/msf/core/exploit/remote/http/splunk/uris.rb', line 24

def splunk_home
  normalize_uri(target_uri.path, 'en-US', 'app', 'launcher', 'home')
end

#splunk_search_api_url(namespace = 'search') ⇒ String

Returns the URL for splunk search api

Parameters:

• namespace (String) (defaults to: 'search') —

  Splunk app context for execution

Returns:

• (String) —

  Splunk search api URL

# File 'lib/msf/core/exploit/remote/http/splunk/uris.rb', line 46

def splunk_search_api_url(namespace = 'search')
  normalize_uri(target_uri.path, 'en-US', 'splunkd', '__raw', 'servicesNS', 'admin', namespace, 'search', 'jobs')
end

#splunk_upload_url ⇒ String

Returns the URL for splunk upload page

Returns:

• (String) —

  Splunk upload page URL

# File 'lib/msf/core/exploit/remote/http/splunk/uris.rb', line 31

def splunk_upload_url
  normalize_uri(target_uri.path, 'en-US', 'manager', 'appinstall', '_upload')
end

#splunk_url_login ⇒ String

Returns the Splunk Login URL

Returns:

• (String) —

  Splunk Login URL

# File 'lib/msf/core/exploit/remote/http/splunk/uris.rb', line 8

def splunk_url_login
  normalize_uri(target_uri.path, 'en-US', 'account', 'login')
end

#splunk_user_page(username = nil) ⇒ String

Returns the Splunk URL for the user’s page

Parameters:

• username (String) (defaults to: nil) —

  username of the account

Returns:

• (String) —

  Splunk user URL

# File 'lib/msf/core/exploit/remote/http/splunk/uris.rb', line 16

def splunk_user_page(username = nil)
  username = datastore['USERNAME'] if username.nil?
  normalize_uri(target_uri.path, 'en-US', 'splunkd', '__raw', 'services', 'authentication', 'users', username)
end