metasploit-credential 0.14.3 → 0.14.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,35 +1,40 @@
1
1
  require 'rails'
2
2
 
3
- module Metasploit
4
- module Credential
5
- # Rails engine for Metasploit::Credential. Will automatically be used if `Rails` is defined when
6
- # 'metasploit/credential' is required, as should be the case in any normal Rails application Gemfile where
7
- # gem 'rails' is the first gem in the Gemfile.
8
- class Engine < Rails::Engine
9
- # @see http://viget.com/extend/rails-engine-testing-with-rspec-capybara-and-factorygirl
10
- config.generators do |g|
11
- g.assets false
12
- g.fixture_replacement :factory_girl, dir: 'spec/factories'
13
- g.helper false
14
- g.test_framework :rspec, fixture: false
15
- end
3
+ # Rails engine for Metasploit::Credential.
4
+ class Metasploit::Credential::Engine < Rails::Engine
5
+ # @see http://viget.com/extend/rails-engine-testing-with-rspec-capybara-and-factorygirl
6
+ config.generators do |g|
7
+ g.assets false
8
+ g.fixture_replacement :factory_girl, dir: 'spec/factories'
9
+ g.helper false
10
+ g.test_framework :rspec, fixture: false
11
+ end
12
+
13
+ # Remove ActiveSupport::Dependencies loading paths to save time during constant resolution and to ensure that
14
+ # metasploit_data_models is properly declaring all autoloads and not falling back on ActiveSupport::Dependencies
15
+ config.paths.each_value do |path|
16
+ path.skip_autoload!
17
+ path.skip_autoload_once!
18
+ path.skip_eager_load!
19
+ path.skip_load_path!
20
+ end
16
21
 
17
- config.paths.add 'app/concerns', autoload: true
18
- config.paths.add 'lib', autoload: true
22
+ # metasploit-concern only works with ActiveSupport::Dependencies.autoloading because the extended class only
23
+ # knows about the concerns from the load hooks and so the extended class can't use Kernel.autoload to load the
24
+ # concerns.
25
+ config.paths.add 'app/concerns', autoload: true
19
26
 
20
- initializer 'metasploit_credential.prepend_factory_path',
21
- # factory paths from the final Rails.application
22
- after: 'factory_girl.set_factory_paths',
23
- # before metasploit_data_models because it prepends
24
- before: 'metasploit_data_models.prepend_factory_path' do
25
- if defined? FactoryGirl
26
- relative_definition_file_path = config.generators.options[:factory_girl][:dir]
27
- definition_file_path = root.join(relative_definition_file_path)
27
+ initializer 'metasploit_credential.prepend_factory_path',
28
+ # factory paths from the final Rails.application
29
+ after: 'factory_girl.set_factory_paths',
30
+ # before metasploit_data_models because it prepends
31
+ before: 'metasploit_data_models.prepend_factory_path' do
32
+ if defined? FactoryGirl
33
+ relative_definition_file_path = config.generators.options[:factory_girl][:dir]
34
+ definition_file_path = root.join(relative_definition_file_path)
28
35
 
29
- # unshift so that projects that use metasploit-credential can modify metasploit_credential_* factories
30
- FactoryGirl.definition_file_paths.unshift definition_file_path
31
- end
32
- end
36
+ # unshift so that projects that use metasploit-credential can modify metasploit_credential_* factories
37
+ FactoryGirl.definition_file_paths.unshift definition_file_path
33
38
  end
34
39
  end
35
40
  end
@@ -4,5 +4,6 @@ module Metasploit::Credential::Exporter
4
4
  extend ActiveSupport::Autoload
5
5
 
6
6
  autoload :Base
7
+ autoload :Core
7
8
  autoload :Pwdump
8
9
  end
@@ -1,42 +1,34 @@
1
- module Metasploit
2
- module Credential
3
- module Exporter
4
- # Defines attributes common to allow exporters.
5
- module Base
6
- extend ActiveSupport::Concern
7
-
8
- included do
9
- include ActiveModel::Validations
10
-
11
- # @!attribute data
12
- # A {Hash} that holds the credentials data to be exported.
13
- # @return [Hash]
14
- attr_accessor :data
15
-
16
- # @!attribute output
17
- # An {IO} that holds the exported data. {File} in normal usage.
18
- # @return [IO]
19
- attr_accessor :output
20
-
21
- # @!attribute workspace
22
- # The {Mdm::Workspace} that the credentials will be exported from
23
- # @return[Mdm::Workspace]
24
- attr_accessor :workspace
25
- end
26
-
27
-
28
- #
29
- # Instance Methods
30
- #
1
+ # Defines attributes common to allow exporters.
2
+ module Metasploit::Credential::Exporter::Base
3
+ extend ActiveSupport::Concern
4
+
5
+ included do
6
+ include ActiveModel::Validations
7
+
8
+ # @!attribute data
9
+ # A {Hash} that holds the credentials data to be exported.
10
+ # @return [Hash]
11
+ attr_accessor :data
12
+
13
+ # @!attribute output
14
+ # An {IO} that holds the exported data. {File} in normal usage.
15
+ # @return [IO]
16
+ attr_accessor :output
17
+
18
+ # @!attribute workspace
19
+ # The {Mdm::Workspace} that the credentials will be exported from
20
+ # @return[Mdm::Workspace]
21
+ attr_accessor :workspace
22
+ end
31
23
 
32
- # @param attributes [Hash{Symbol => String,nil}]
33
- def initialize(attributes={})
34
- attributes.each do |attribute, value|
35
- public_send("#{attribute}=", value)
36
- end
37
- end
24
+ #
25
+ # Instance Methods
26
+ #
38
27
 
39
- end
28
+ # @param attributes [Hash{Symbol => String,nil}]
29
+ def initialize(attributes={})
30
+ attributes.each do |attribute, value|
31
+ public_send("#{attribute}=", value)
40
32
  end
41
33
  end
42
34
  end
@@ -6,6 +6,7 @@ module Metasploit::Credential::Importer
6
6
  autoload :Base
7
7
  autoload :Core
8
8
  autoload :MsfPwdump
9
- autoload :Zip
10
9
  autoload :Multi
10
+ autoload :Pwdump
11
+ autoload :Zip
11
12
  end
@@ -1,77 +1,70 @@
1
- module Metasploit
2
- module Credential
3
- module Importer
4
- # Defines common attributes and helpers for all importers.
5
- module Base
6
- extend ActiveSupport::Concern
1
+ # Defines common attributes and helpers for all importers.
2
+ module Metasploit::Credential::Importer::Base
3
+ extend ActiveSupport::Concern
7
4
 
8
- #
9
- # Constants
10
- #
5
+ #
6
+ # Constants
7
+ #
11
8
 
12
- # Whitelist of the {Metasploit::Credential::Private} subclass names allowed
13
- # in long-form CSV imports.
14
- LONG_FORM_ALLOWED_PRIVATE_TYPE_NAMES = [
15
- Metasploit::Credential::NonreplayableHash,
16
- Metasploit::Credential::NTLMHash,
17
- Metasploit::Credential::Password,
18
- Metasploit::Credential::PostgresMD5,
19
- Metasploit::Credential::SSHKey].map(&:name)
9
+ # Whitelist of the {Metasploit::Credential::Private} subclass names allowed
10
+ # in long-form CSV imports.
11
+ LONG_FORM_ALLOWED_PRIVATE_TYPE_NAMES = [
12
+ Metasploit::Credential::NonreplayableHash,
13
+ Metasploit::Credential::NTLMHash,
14
+ Metasploit::Credential::Password,
15
+ Metasploit::Credential::PostgresMD5,
16
+ Metasploit::Credential::SSHKey].map(&:name)
20
17
 
21
18
 
22
- # Whitelist of the {Metasploit::Credential::Private} subclass names allowed
23
- # in short-form CSV imports.
24
- SHORT_FORM_ALLOWED_PRIVATE_TYPE_NAMES = [
25
- Metasploit::Credential::NonreplayableHash,
26
- Metasploit::Credential::NTLMHash,
27
- Metasploit::Credential::Password,
28
- Metasploit::Credential::PostgresMD5].map(&:name)
19
+ # Whitelist of the {Metasploit::Credential::Private} subclass names allowed
20
+ # in short-form CSV imports.
21
+ SHORT_FORM_ALLOWED_PRIVATE_TYPE_NAMES = [
22
+ Metasploit::Credential::NonreplayableHash,
23
+ Metasploit::Credential::NTLMHash,
24
+ Metasploit::Credential::Password,
25
+ Metasploit::Credential::PostgresMD5].map(&:name)
29
26
 
30
- included do
31
- include ActiveModel::Validations
27
+ included do
28
+ include ActiveModel::Validations
32
29
 
33
- # @!attribute filename
34
- # The name of the file that is being imported
35
- # @return [String]
36
- attr_accessor :filename
30
+ # @!attribute filename
31
+ # The name of the file that is being imported
32
+ # @return [String]
33
+ attr_accessor :filename
37
34
 
38
- # @!attribute input
39
- # An {IO} that holds the import data. {File} in normal usage, {StringIO} in testing
40
- # @return [IO]
41
- attr_accessor :input
35
+ # @!attribute input
36
+ # An {IO} that holds the import data. {File} in normal usage, {StringIO} in testing
37
+ # @return [IO]
38
+ attr_accessor :input
42
39
 
43
- # @!attribute origin
44
- # An {Metasploit::Credential::Origin} that represents the discrete
45
- # importation of this set of credential objects
46
- # @return [Metasploit::Credential::Origin::Import]
47
- attr_accessor :origin
40
+ # @!attribute origin
41
+ # An {Metasploit::Credential::Origin} that represents the discrete
42
+ # importation of this set of credential objects
43
+ # @return [Metasploit::Credential::Origin::Import]
44
+ attr_accessor :origin
48
45
 
49
- # @!attribute workspace
50
- # The {Mdm::Workspace} that the credentials will be imported into
51
- # @return[Mdm::Workspace]
52
- attr_accessor :workspace
46
+ # @!attribute workspace
47
+ # The {Mdm::Workspace} that the credentials will be imported into
48
+ # @return[Mdm::Workspace]
49
+ attr_accessor :workspace
53
50
 
54
- #
55
- # Validations
56
- #
57
-
58
- validates :origin, presence: true
59
- validates :input, presence: true
60
- end
51
+ #
52
+ # Validations
53
+ #
61
54
 
55
+ validates :origin, presence: true
56
+ validates :input, presence: true
57
+ end
62
58
 
63
- #
64
- # Instance Methods
65
- #
66
59
 
67
- # @param attributes [Hash{Symbol => String,nil}]
68
- def initialize(attributes={})
69
- attributes.each do |attribute, value|
70
- public_send("#{attribute}=", value)
71
- end
72
- end
60
+ #
61
+ # Instance Methods
62
+ #
73
63
 
74
- end
64
+ # @param attributes [Hash{Symbol => String,nil}]
65
+ def initialize(attributes={})
66
+ attributes.each do |attribute, value|
67
+ public_send("#{attribute}=", value)
75
68
  end
76
69
  end
77
- end
70
+ end
@@ -1,5 +1,13 @@
1
1
  # Namespace for `Metasploit::Credential::Core#origin`s for `Metasploit::Credential::Core`s.
2
2
  module Metasploit::Credential::Origin
3
+ extend ActiveSupport::Autoload
4
+
5
+ autoload :CrackedPassword
6
+ autoload :Import
7
+ autoload :Manual
8
+ autoload :Service
9
+ autoload :Session
10
+
3
11
  # The prefix for table name of `ActiveRecord::Base` subclasses in the namespace.
4
12
  #
5
13
  # @return [String] `'metasploit_credential_origin_'`
@@ -0,0 +1,8 @@
1
+ # Namespace for {Metasploit::Credential} custom {Metasploit::Credential::Search::Operation operations} and
2
+ # {Metasploit::Credential::Search::Operator operators}.
3
+ module Metasploit::Credential::Search
4
+ extend ActiveSupport::Autoload
5
+
6
+ autoload :Operation
7
+ autoload :Operator
8
+ end
@@ -0,0 +1,6 @@
1
+ # Namespace for search operations specific to {Metasploit::Credential}.
2
+ module Metasploit::Credential::Search::Operation
3
+ extend ActiveSupport::Autoload
4
+
5
+ autoload :Type
6
+ end
@@ -0,0 +1,6 @@
1
+ # Namespace for search operators specific to {Metasploit::Credential}.
2
+ module Metasploit::Credential::Search::Operator
3
+ extend ActiveSupport::Autoload
4
+
5
+ autoload :Type
6
+ end
@@ -1,3 +1,5 @@
1
+ # @note Must use nested module as `metasploit/credential/version` is used in `metasploit-credential.gemspec` before
2
+ # `metasploit/credential` itself is expected to be loaded.
1
3
  module Metasploit
2
4
  module Credential
3
5
  # Holds components of {VERSION} as defined by {http://semver.org/spec/v2.0.0.html semantic versioning v2.0.0}.
@@ -6,8 +8,8 @@ module Metasploit
6
8
  MAJOR = 0
7
9
  # The minor version number, scoped to the {MAJOR} version number.
8
10
  MINOR = 14
9
- # The patch number, scoped to the {MINOR} version number.
10
- PATCH = 3
11
+ # The patch number, scoped to the {MAJOR} and {MINOR} version number.
12
+ PATCH = 4
11
13
 
12
14
  # The full version string, including the {MAJOR}, {MINOR}, {PATCH}, and optionally, the {PRERELEASE} in the
13
15
  # {http://semver.org/spec/v2.0.0.html semantic versioning v2.0.0} format.
@@ -1,22 +1,20 @@
1
1
  # Please only use postgresql bound to a TCP port.
2
- defaults: &defaults
2
+ development: &pgsql
3
3
  adapter: postgresql
4
+ database: metasploit_credential_development
4
5
  username: msf
5
- password: pass123
6
+ password: p4ssw0rd4lyfe
6
7
  host: localhost
7
8
  port: 5432
8
- pool: 50
9
+ pool: 5
9
10
  timeout: 5
10
11
 
11
- development:
12
- database: metasploit_cr_dev
13
- <<: *defaults
14
-
12
+ # Warning: The database defined as "test" will be erased and
13
+ # re-generated from your development database when you run "rake".
14
+ # Do not set this db to the same as development or production.
15
+ #
16
+ # Note also, sqlite3 is totally unsupported by Metasploit now.
15
17
  test:
16
- database: metasploit_cr_test
17
- min_messages: WARNING
18
- <<: *defaults
18
+ <<: *pgsql
19
+ database: metasploit_credential_test
19
20
 
20
- production:
21
- database: metasploit_cr_prod
22
- <<: *defaults
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: metasploit-credential
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.14.3
4
+ version: 0.14.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Luke Imhoff
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2015-03-10 00:00:00.000000000 Z
12
+ date: 2015-04-07 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: metasploit-concern
@@ -192,6 +192,9 @@ files:
192
192
  - lib/metasploit/credential/importer/zip.rb
193
193
  - lib/metasploit/credential/migrator.rb
194
194
  - lib/metasploit/credential/origin.rb
195
+ - lib/metasploit/credential/search.rb
196
+ - lib/metasploit/credential/search/operation.rb
197
+ - lib/metasploit/credential/search/operator.rb
195
198
  - lib/metasploit/credential/text.rb
196
199
  - lib/metasploit/credential/version.rb
197
200
  - lib/tasks/databases.rake
@@ -300,6 +303,8 @@ metadata: {}
300
303
  post_install_message:
301
304
  rdoc_options: []
302
305
  require_paths:
306
+ - app/models
307
+ - app/validators
303
308
  - lib
304
309
  required_ruby_version: !ruby/object:Gem::Requirement
305
310
  requirements: