Module: Rex::Parser::Dbeaver

Defined in:

lib/rex/parser/dbeaver.rb

Overview

Author:

• Kali-Team

Defined Under Namespace

Modules: Error

Constant Summary

SECRET_KEY =

'sdf@!#$verf^wv%6Fwe%$$#FFGwfsdefwfe135s$^H)dg'.freeze

AES_KEY =

"\xBA\xBBJ\x9FwJ\xB8S\xC9l-e=\xFETJ".freeze

Instance Method Summary

• #decrypt_dbeaver_6_1_3(base64_string) ⇒ String

  decrypt_dbeaver_6_1_3.

• #decrypt_dbeaver_credentials(credentials_config_data) ⇒ String

  decrypt_dbeaver_credentials.

• #parse_credentials(credentials_config_data) ⇒ Hash

  parse_credentials.

• #parse_data_sources(data_sources_data, credentials_config_data) ⇒ Hash

  parse_data_sources.

• #parse_data_sources_xml(data_sources_data) ⇒ Hash

  parse_data_sources_xml.

Instance Method Details

#decrypt_dbeaver_6_1_3(base64_string) ⇒ String

decrypt_dbeaver_6_1_3

Parameters:

• base64_string (String)

Returns:

• (String)

# File 'lib/rex/parser/dbeaver.rb', line 95

def decrypt_dbeaver_6_1_3(base64_string)
  plaintext = ''
  if base64_string.nil?
    return plaintext
  end

  data = Rex::Text.decode_base64(base64_string)
  for i in 0..data.length - 3
    xor_data = Rex::Text.xor(data[i], SECRET_KEY[i % SECRET_KEY.length])
    plaintext += xor_data
  end
  return plaintext
end

#decrypt_dbeaver_credentials(credentials_config_data) ⇒ String

decrypt_dbeaver_credentials

Parameters:

• credentials_config_data (String)

Returns:

• (String) —

  plaintext

# File 'lib/rex/parser/dbeaver.rb', line 23

def decrypt_dbeaver_credentials(credentials_config_data)
  aes = OpenSSL::Cipher.new('AES-128-CBC')
  begin
    aes.decrypt
    aes.key = AES_KEY
    plaintext = aes.update(credentials_config_data)
    plaintext << aes.final
  rescue OpenSSL::Cipher::CipherError => e
    raise Error::DecryptionError, 'Unable to decrypt dbeaver credentials'
  end
  return plaintext[plaintext.index('{"')..]
end

#parse_credentials(credentials_config_data) ⇒ Hash

parse_credentials

Parameters:

• credentials_config_data (String)

Returns:

• (Hash) —

  result_hashmap

# File 'lib/rex/parser/dbeaver.rb', line 40

def parse_credentials(credentials_config_data)
  decrypt_data = decrypt_dbeaver_credentials(credentials_config_data)
  result_hashmap = Hash.new
  begin
    result_hashmap = JSON.parse(decrypt_data)
  rescue ::JSON::ParserError => e
    raise Error::ParserError, "[parse_credentials] #{e.class} - #{e}"
  end
  return result_hashmap
end

#parse_data_sources(data_sources_data, credentials_config_data) ⇒ Hash

parse_data_sources

Parameters:

• data_sources_data (String)
• credentials_config_data (String)

Returns:

• (Hash) —

  result_hashmap

# File 'lib/rex/parser/dbeaver.rb', line 56

def parse_data_sources(data_sources_data, credentials_config_data)
  credentials = parse_credentials(credentials_config_data)
  result_hashmap = Hash.new
  if credentials.empty?
    return result_hashmap
  end

  begin
    data_sources = JSON.parse(data_sources_data)
    connections = data_sources['connections']
    if connections.nil? || connections.empty?
      return result_hashmap
    end

    connections.each do |data_source_id, item|
      next if item['configuration'].nil?

      result_hashmap[data_source_id] = Hash[
        'name' => item['name'] || '',
        'provider' => item['provider'] || '',
        'host' => item['configuration']['host'] || '',
        'port' => item['configuration']['port'] || '',
        'user' => credentials.key?(data_source_id) ? credentials[data_source_id]['#connection']['user'] : '',
        'password' => credentials.key?(data_source_id) ? credentials[data_source_id]['#connection']['password'] : '',
        'database' => item['configuration']['database'] || '',
        'url' => item['configuration']['url'] || '',
        'type' => item['configuration']['type'] || ''
    ]
    end
  rescue ::JSON::ParserError => e
    raise Error::ParserError, "[parse_data_sources] #{e.class} - #{e}"
  end
  return result_hashmap
end

#parse_data_sources_xml(data_sources_data) ⇒ Hash

parse_data_sources_xml

Parameters:

• data_sources_data (String)

Returns:

• (Hash) —

  result_hashmap

# File 'lib/rex/parser/dbeaver.rb', line 113

def parse_data_sources_xml(data_sources_data)
  mxml = REXML::Document.new(data_sources_data).root
  unless mxml
    raise Error::ParserError, '[parse_data_sources_xml] XML parsing error'
  end
  result_hashmap = Hash.new
  mxml.elements.to_a('//data-sources//data-source//connection//').each do |node|
    next unless node.name == 'connection'

    data_source_id = node.parent.attributes['id']
    result_hashmap[data_source_id] = Hash[
      'name' => node.parent.attributes['name'] || '',
      'provider' => node.parent.attributes['provider'] || '',
      'host' => node.attributes['host'] || '',
      'port' => node.attributes['port'] || '',
      'user' => node.attributes['user'] || '',
      'password' => decrypt_dbeaver_6_1_3(node.attributes['password']),
      'database' => node.attributes['database'] || '',
      'url' => node.attributes['url'] || '',
      'type' => node.attributes['type'] || ''
  ]
  end
  return result_hashmap
end