RubyIOC 0.0.1

data/lib/RubyIOC/iocitem/route_entry_item.rb

@@ -0,0 +1,33 @@
+# Copyright (c) 2013 Matt Jezorek
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), 
+# to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+module RubyIOC
+	module IOCItem
+		class RouteEntryItem < RubyIOC::IOCTerm
+			def get_type
+				"RouteEntryItem"
+			end
+		end
+
+		class RouteEntryItemFactory < RubyIOC::IOCItem::IOCItemFactory
+			def get_type
+				"RouteEntryItem"
+			end
+
+			def create
+				RouteEntryItem.new
+			end
+		end
+
+		RouteEntryItemFactory.add_factory(RouteEntryItemFactory)
+	end
+end

data/lib/RubyIOC/iocitem/service_item.rb

@@ -0,0 +1,33 @@
+# Copyright (c) 2013 Matt Jezorek
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), 
+# to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+module RubyIOC
+	module IOCItem
+		class ServiceItem < RubyIOC::IOCTerm
+			def get_type
+				"ServiceItem"
+			end
+		end
+
+		class ServiceItemFactory < RubyIOC::IOCItem::IOCItemFactory
+			def get_type
+				"ServiceItem"
+			end
+
+			def create
+				ServiceItem.new
+			end
+		end
+
+		ServiceItemFactory.add_factory(ServiceItemFactory)
+	end
+end

data/lib/RubyIOC/iocitem/string_match_item.rb

@@ -0,0 +1,33 @@
+# Copyright (c) 2013 Matt Jezorek
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), 
+# to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+module RubyIOC
+	module IOCItem
+		class StringMatchItem < RubyIOC::IOCTerm
+			def get_type
+				"StringMatchItem"
+			end
+		end
+
+		class StringMatchItemFactory < RubyIOC::IOCItem::IOCItemFactory
+			def get_type
+				"StringMatchItem"
+			end
+
+			def create
+				StringMatchItem.new
+			end
+		end
+
+		StringMatchItemFactory.add_factory(StringMatchItemFactory)
+	end
+end

data/lib/RubyIOC/iocitem/system_info_item.rb

@@ -0,0 +1,33 @@
+# Copyright (c) 2013 Matt Jezorek
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), 
+# to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+module RubyIOC
+	module IOCItem
+		class SystemInfoItem < RubyIOC::IOCTerm
+			def get_type
+				"SystemInfoItem"
+			end
+		end
+
+		class SystemInfoItemFactory < RubyIOC::IOCItem::IOCItemFactory
+			def get_type
+				"SystemInfoItem"
+			end
+
+			def create
+				SystemInfoItem.new
+			end
+		end
+
+		SystemInfoItemFactory.add_factory(SystemInfoItemFactory)
+	end
+end

data/lib/RubyIOC/iocitem/system_restore_item.rb

@@ -0,0 +1,33 @@
+# Copyright (c) 2013 Matt Jezorek
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), 
+# to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+module RubyIOC
+	module IOCItem
+		class SystemRestoreItem < RubyIOC::IOCTerm
+			def get_type
+				"SystemRestoreItem"
+			end
+		end
+
+		class SystemRestoreItemFactory < RubyIOC::IOCItem::IOCItemFactory
+			def get_type
+				"SystemRestoreItem"
+			end
+
+			def create
+				SystemRestoreItem.new
+			end
+		end
+
+		SystemRestoreItemFactory.add_factory(SystemRestoreItemFactory)
+	end
+end

data/lib/RubyIOC/iocitem/task_item.rb

@@ -0,0 +1,33 @@
+# Copyright (c) 2013 Matt Jezorek
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), 
+# to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+module RubyIOC
+	module IOCItem
+		class TaskItem < RubyIOC::IOCTerm
+			def get_type
+				"TaskItem"
+			end
+		end
+
+		class TaskItemFactory < RubyIOC::IOCItem::IOCItemFactory
+			def get_type
+				"TaskItem"
+			end
+
+			def create
+				TaskItem.new
+			end
+		end
+
+		TaskItemFactory.add_factory(TaskItemFactory)
+	end
+end

data/lib/RubyIOC/iocitem/timeline_item.rb

@@ -0,0 +1,33 @@
+# Copyright (c) 2013 Matt Jezorek
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), 
+# to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+module RubyIOC
+	module IOCItem
+		class TimelineItem < RubyIOC::IOCTerm
+			def get_type
+				"TimelineItem"
+			end
+		end
+
+		class TimelineItemFactory < RubyIOC::IOCItem::IOCItemFactory
+			def get_type
+				"TimelineItem"
+			end
+
+			def create
+				TimelineItem.new
+			end
+		end
+
+		TimelineItemFactory.add_factory(TimelineItemFactory)
+	end
+end

data/lib/RubyIOC/iocitem/url_history_item.rb

@@ -0,0 +1,33 @@
+# Copyright (c) 2013 Matt Jezorek
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), 
+# to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+module RubyIOC
+	module IOCItem
+		class UrlHistoryItem < RubyIOC::IOCTerm
+			def get_type
+				"UrlHistoryItem"
+			end
+		end
+
+		class UrlHistoryItemFactory < RubyIOC::IOCItem::IOCItemFactory
+			def get_type
+				"UrlHistoryItem"
+			end
+
+			def create
+				UrlHistoryItem.new
+			end
+		end
+
+		UrlHistoryItemFactory.add_factory(UrlHistoryItemFactory)
+	end
+end

data/lib/RubyIOC/iocitem/user_item.rb

@@ -0,0 +1,81 @@
+# Copyright (c) 2013 Matt Jezorek
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), 
+# to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+require "yaml"
+if RubyIOC::Platform.windows?
+	require "win32ole"
+end
+module RubyIOC
+	module IOCItem
+		class UserItem < RubyIOC::IOCTerm
+			def get_type
+				"UserItem"
+			end
+
+			def scan(indicator)
+				if RubyIOC::Platform.windows?
+					return search_windows_users(indicator)
+				else
+					puts "Not implemented on this platform yet"
+				end
+			end
+
+			def search_windows_users(indicator)
+				wmi = WIN32OLE.connect("winmgmts://")
+				query = "Select * from Win32_UserAccount Where LocalAccount = True and "
+				attributes = []
+				indicator.each { |i| 
+					case i[:search]
+					when "UserItem/username"
+						attributes << "Name = \"#{i[:content]}\""
+					when "UserItem/fullname"
+						attributes << "FullName = \"#{i[:content]}\""
+					when "UserItem/description"
+						attributes << "Description = \"#{i[:content]}\""
+					when "UserItem/grouplist"
+					when "UserItem/SecurityID"
+						attributes << "SID = \"#{i[:content]}\""
+					when "UserItem/SecurityType"
+						attributes << "SIDType = \"#{i[:content]}\""
+					when "UserItem/LastLogin"
+					when "UserItem/disabled"
+						attributes << "Disabled = #{i[:content].to_bool}"
+					when "UserItem/lockedout"
+						attributes << "Lockout = #{i[:content].to_bool}"
+					when "UserItem/passwordrequired"
+					when "UserItem/userpasswordage"
+					when "UserItem/homedirectory"
+					when "UserItem/scriptpath"
+					end
+				}
+				query = query + attributes.join(" and ")
+				users = wmi.ExecQuery(query)
+				users.each { | u | 
+					return true
+				}
+				return false
+			end
+		end
+
+		class UserItemFactory < RubyIOC::IOCItem::IOCItemFactory
+			def get_type
+				"UserItem"
+			end
+
+			def create
+				UserItem.new
+			end
+		end
+
+		UserItemFactory.add_factory(UserItemFactory)
+	end
+end

data/lib/RubyIOC/iocitem/volume_item.rb

@@ -0,0 +1,33 @@
+# Copyright (c) 2013 Matt Jezorek
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), 
+# to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+module RubyIOC
+	module IOCItem
+		class VolumeItem < RubyIOC::IOCTerm
+			def get_type
+				"VolumeItem"
+			end
+		end
+
+		class VolumeItemFactory < RubyIOC::IOCItem::IOCItemFactory
+			def get_type
+				"VolumeItem"
+			end
+
+			def create
+				VolumeItem.new
+			end
+		end
+
+		VolumeItemFactory.add_factory(VolumeItemFactory)
+	end
+end

data/lib/RubyIOC/iocterm.rb

@@ -0,0 +1,22 @@
+# Copyright (c) 2013 Matt Jezorek
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), 
+# to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+module RubyIOC
+		class IOCTerm
+			def get_type
+				nil
+			end
+			
+			def scan(indicator = {})
+			end
+		end
+end

data/lib/RubyIOC/platform.rb

@@ -0,0 +1,55 @@
+# Copyright (c) 2013 Matt Jezorek
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), 
+# to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+require "rbconfig"
+
+module RubyIOC
+	module Platform
+		class << self
+			def is?(what)
+				what === RbConfig::CONFIG['host_os']
+			end
+			
+			alias is is?
+
+			def to_s
+				RbConfig::CONFIG['host_os']
+			end
+		end
+
+		module_function
+
+		def linux?
+			RubyIOC::Platform.is? /linux|cygwin/
+		end
+
+		def mac?
+			RubyIOC::Platform.is? /mac|darwin/
+		end
+
+		def bsd?
+			RubyIOC::Platform.is? /bsd/	
+		end
+
+		def windows?
+			RubyIOC::Platform.is? /mswin|win|mingw/			
+		end
+
+		def solaris?
+			RubyIOC::Platform.is? /solaris|sunos/
+		end
+
+		def posix?
+			linux? or mac? or bsd? or solaris? or Process.respond_to(:fork)
+		end
+	end
+end