Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add arch/platform detection for Postgres #19080

Merged
merged 4 commits into from
Apr 19, 2024
Merged

Add arch/platform detection for Postgres #19080

merged 4 commits into from
Apr 19, 2024

Conversation

cgranleese-r7
Copy link
Contributor

This PR adds architecture and platform detection for PostgreSQL sessions by using a query.

Before

image

After

image

Verification

Docker target:

docker run -it -p 5432:5432 -e POSTGRES_PASSWORD=password postgres:16.1

Commands to target:

use postgres_login
run rhost=127.0.0.1 rport=5432 username=postgres password=password database=template1 createsession=true
  • Start msfconsole
  • Run the above commands
  • Verify the sessions output now contains the appropriate arch and platform
  • Verify the code changes are sane

@cgranleese-r7 cgranleese-r7 added enhancement rn-enhancement release notes enhancement labels Apr 12, 2024
cgranleese-r7
cgranleese-r7 commented Apr 12, 2024
View reviewed changes
lib/postgres/postgres-pr/connection.rb

# List of supported PostgreSQL platforms & architectures:
# https://postgrespro.com/docs/postgresql/16/supported-platforms
def map_compile_arch_to_architecture(compile_arch)
Copy link
Contributor Author

@cgranleese-r7 cgranleese-r7 Apr 12, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Taken from https://postgrespro.com/docs/postgresql/16/supported-platforms

I have bucket these by what I have covered versus not. Wanted to call this out in case anyone has thoughts or opinions.

Historical versions. Not covered and not present in rex/arch.rb:

  • Alpha
  • Itanium
  • M32R
  • M68K
  • M88K
  • NS32K
  • SuperH
  • VAX

17.6 supported but not covered in rex/arch.rb:

  • S/390
  • RISC-V
  • PA-RISC

17.6 supported and covered in rex/arch.rb:

  • x86
  • SPARC
  • ARM
  • MIPS
  • PowerPC

cgranleese-r7
cgranleese-r7 commented Apr 12, 2024
View reviewed changes
lib/postgres/postgres-pr/connection.rb
"#{peerhost}:#{peerport}"
# List of supported PostgreSQL platforms & architectures:
# https://postgrespro.com/docs/postgresql/16/supported-platforms
def map_compile_os_to_platform(compile_os)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Taken from https://postgrespro.com/docs/postgresql/16/supported-platforms

I have bucket these by what I have covered versus not. Wanted to call this out in case anyone has thoughts or opinions.

Historical versions. Not covered and not present in lib/msf/core/module/platform.rb:

  • 4.3BSD
  • BEOS
  • BSD/OS
  • DG/UX
  • Dynix
  • NeXTSTEP
  • QNX
  • SCO
  • SINIX
  • Sprite
  • SunOS
  • Tru64 UNIX
  • ULTRIX

Historical versions. Covered and present in lib/msf/core/module/platform.rb:

  • HP-UX
  • IRIX

17.6 supported but not covered in lib/msf/core/module/platform.rb:

  • DragonFlyBSD
  • illumos

17.6 supported and covered in lib/msf/core/module/platform.rb:

  • Linux
  • Windows
  • Solaris
  • macOS
  • FreeBSD
  • OpenBSD
  • NetBSD
  • AIX

cgranleese-r7
cgranleese-r7 commented Apr 12, 2024
View reviewed changes
lib/postgres/postgres-pr/connection.rb
platform = Msf::Platform::Irix
else
# Return the query result if the value can't be mapped
return compile_os
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Adding this to return whatever the query result is, evening if we don't mp it, I think it would be more useful to give the user the data instead of just Msf::Platform::Unknown returning unknown.

Maybe we need to return unknown here, happy to change it if needed 👍

cgranleese-r7
cgranleese-r7 commented Apr 12, 2024
View reviewed changes
lib/postgres/postgres-pr/connection.rb
arch = ARCH_X86
else
# Return the query result if the value can't be mapped
arch = compile_arch
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same thought process as https://github.com/rapid7/metasploit-framework/pull/19080/files#r1562403615

cgranleese-r7
cgranleese-r7 commented Apr 12, 2024
View reviewed changes
lib/postgres/postgres-pr/connection.rb Outdated
# I could get was grabbing the version and then plucking out the parts I needed.
# Let me know if there is a better way to handle this that I may not have came across while
# googling.
query_result = query('select version()').rows.join.match(/.*on (\w+-\w+-\w+-\w+),/).captures
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Had to go with querying here, as the client data for the version doesn't contain the required information. It appears to be shortened.

[1] pry(#<Msf::Db::PostgresPR::Connection>)> self
=> #<Msf::Db::PostgresPR::Connection:0x00007fe889d5ed40
 @conn=#<Socket:fd 15>,
 @params=
  {"username"=>"postgres",
   "database"=>"template1",
   "in_hot_standby"=>"off",
   "integer_datetimes"=>"on",
   "TimeZone"=>"Etc/UTC",
   "IntervalStyle"=>"postgres",
   "is_superuser"=>"on",
   "application_name"=>"",
   "default_transaction_read_only"=>"off",
   "scram_iterations"=>"4096",
   "DateStyle"=>"ISO, MDY",
   "standard_conforming_strings"=>"on",
   "session_authorization"=>"postgres",
   "client_encoding"=>"UTF8",
   "server_version"=>"16.1 (Debian 16.1-1.pgdg120+1)", <--- HERE
   "server_encoding"=>"UTF8"},
 @transaction_status=73>
[2] pry(#<Msf::Db::PostgresPR::Connection>)> query('select version()').rows
=> [["PostgreSQL 16.1 (Debian 16.1-1.pgdg120+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit"]]

@cgranleese-r7 cgranleese-r7 force-pushed the adds-postgres-platfrom-arch-detection branch from 18830e1 to c1c8535 Compare April 12, 2024 12:29
@cgranleese-r7 cgranleese-r7 force-pushed the adds-postgres-platfrom-arch-detection branch from c1c8535 to da17d2e Compare April 15, 2024 14:49
@cgranleese-r7 cgranleese-r7 force-pushed the adds-postgres-platfrom-arch-detection branch from da17d2e to 3f2e32e Compare April 15, 2024 15:05
jmartin-tech
jmartin-tech reviewed Apr 16, 2024
View reviewed changes
lib/postgres/postgres-pr/connection.rb Outdated Show resolved Hide resolved
lib/postgres/postgres-pr/connection.rb Outdated Show resolved Hide resolved
@cgranleese-r7 cgranleese-r7 force-pushed the adds-postgres-platfrom-arch-detection branch from 5616d69 to 4e95934 Compare April 18, 2024 14:35
@cgranleese-r7 cgranleese-r7 force-pushed the adds-postgres-platfrom-arch-detection branch from 4e95934 to c694522 Compare April 18, 2024 14:45
@cgranleese-r7 cgranleese-r7 force-pushed the adds-postgres-platfrom-arch-detection branch from 390fddc to b83f2e3 Compare April 19, 2024 10:11
@adfoster-r7 adfoster-r7 merged commit cff9339 into rapid7:master Apr 19, 2024
42 checks passed
@adfoster-r7
Copy link
Contributor

Release Notes

Adds architecture and platform detection for PostgreSQL sessions

@cgranleese-r7 cgranleese-r7 deleted the adds-postgres-platfrom-arch-detection branch April 19, 2024 14:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adfoster-r7 adfoster-r7 adfoster-r7 left review comments

@jmartin-tech jmartin-tech jmartin-tech left review comments

Assignees
No one assigned
Labels
enhancement rn-enhancement release notes enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cgranleese-r7 @adfoster-r7 @jmartin-tech