rapid7
Add "privileged" to supported search columns
Summary
Allow the user to filter search results based on privileged value (Yes|No)
Basic example
search type:exploit priviliged:no
Motivation
Means user doesn't have to view info on each entry in list to find an exploit where they don't need privileges - saves time.
I don't think the metadata for this privileged field will always be accurate as it's user implemented and may not always be right. The definition isn't quite aligned with what you are asking for:
#
# Returns whether or not the module requires or grants high privileges.
#
def privileged?
privileged == true
end
However, pull requests are welcome. You can see an example of adding additional search logic here: https://github.com/rapid7/metasploit-framework/pull/18361
An easy test to verify that it works:
search cydia privileged:true
Should return:
0 exploit/apple_ios/ssh/cydia_default_ssh 2007-07-02 excellent No Apple iOS Default SSH Password Vulnerability
While:
search cydia privileged:false
Should return empty
We need to modify lib/msf/core/modules/metadata/obj.rb as the metadata of privileged is not exposed
It seems that you need to remove the store to get things indexed:
rm ~/.msf4/store/modules_metadata.json
@adfoster-r7 how can I get the modules_metadata updated with the privileged attribute?
Is there a way to populate the JSON file?