metasploit_data_models 0.15.2 → 0.16.0

data/spec/app/models/mdm/report_spec.rb

@@ -0,0 +1,104 @@
+require 'spec_helper'
+
+describe Mdm::Report do
+
+  context 'associations' do
+    it { should belong_to(:workspace).class_name('Mdm::Workspace') }
+    it { should belong_to(:task).class_name('Mdm::Task') }
+  end
+
+  context 'validations' do
+    context 'name' do
+      it 'may be blank' do
+        blank_name = FactoryGirl.build(:mdm_report, :name => '')
+        blank_name.should be_valid
+      end
+
+      it 'may contain A-Z, 0-9, space, dot, underscore, or dash' do
+        named_report = FactoryGirl.build(:mdm_report, :name => 'A1 B2.C_3-D')
+        named_report.should be_valid
+      end
+
+      it 'may not contain other characters' do
+        invalid_name = FactoryGirl.build(:mdm_report, :name => 'A/1')
+        invalid_name.should_not be_valid
+        invalid_name.errors[:name].should include('name must consist of A-Z, 0-9, space, dot, underscore, or dash')
+        invalid_name = FactoryGirl.build(:mdm_report, :name => '#A1')
+        invalid_name.should_not be_valid
+        invalid_name.errors[:name].should include('name must consist of A-Z, 0-9, space, dot, underscore, or dash')
+        invalid_name = FactoryGirl.build(:mdm_report, :name => 'A,1')
+        invalid_name.should_not be_valid
+        invalid_name.errors[:name].should include('name must consist of A-Z, 0-9, space, dot, underscore, or dash')
+        invalid_name = FactoryGirl.build(:mdm_report, :name => 'A;1')
+        invalid_name.should_not be_valid
+        invalid_name.errors[:name].should include('name must consist of A-Z, 0-9, space, dot, underscore, or dash')
+        invalid_name = FactoryGirl.build(:mdm_report, :name => "A' or '1'='1'")
+        invalid_name.should_not be_valid
+        invalid_name.errors[:name].should include('name must consist of A-Z, 0-9, space, dot, underscore, or dash')
+      end
+    end
+  end
+
+  context 'scopes' do
+    context 'flagged'  do
+      it 'should return un-downlaoded reports' do
+        flagged_report = FactoryGirl.create(:mdm_report)
+        Mdm::Report.flagged.should include(flagged_report)
+      end
+
+      it 'should not return reports that have been downloaded' do
+        downlaoded_report = FactoryGirl.create(:mdm_report, :downloaded_at => Time.now)
+        Mdm::Report.flagged.should_not include(downlaoded_report)
+      end
+    end
+  end
+
+  context 'callbacks' do
+    context 'before_destroy' do
+      it 'should call #delete_file' do
+        myreport =  FactoryGirl.create(:mdm_report)
+        myreport.should_receive(:delete_file)
+        myreport.destroy
+      end
+    end
+  end
+
+  context 'factory' do
+    it 'should be valid' do
+      report = FactoryGirl.build(:mdm_report)
+      report.should be_valid
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      report = FactoryGirl.create(:mdm_report)
+      expect {
+        report.destroy
+      }.to_not raise_error
+      expect {
+        report.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:created_at).of_type(:datetime).with_options(:null => false) }
+      it { should have_db_column(:updated_at).of_type(:datetime).with_options(:null => false) }
+      it { should have_db_column(:downloaded_at).of_type(:datetime) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:workspace_id).of_type(:integer).with_options(:null => false, :default =>1) }
+      it { should have_db_column(:created_by).of_type(:string) }
+      it { should have_db_column(:rtype).of_type(:string) }
+      it { should have_db_column(:path).of_type(:string) }
+      it { should have_db_column(:options).of_type(:text) }
+      it { should have_db_column(:name).of_type(:string) }
+
+    end
+  end
+
+end

data/spec/app/models/mdm/report_template_spec.rb

@@ -0,0 +1,52 @@
+require 'spec_helper'
+
+describe Mdm::ReportTemplate do
+
+  context 'associations' do
+    it { should belong_to(:workspace).class_name('Mdm::Workspace') }
+  end
+
+  context 'callbacks' do
+    context 'before_destroy' do
+      it 'should call #delete_file' do
+        report_template = FactoryGirl.create(:mdm_report_template)
+        report_template.should_receive(:delete_file)
+        report_template.destroy
+      end
+    end
+  end
+
+  context 'factory' do
+    it 'should be valid' do
+      report_template = FactoryGirl.build(:mdm_report_template)
+      report_template.should be_valid
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      report_template = FactoryGirl.create(:mdm_report_template)
+      expect {
+        report_template.destroy
+      }.to_not raise_error
+      expect {
+        report_template.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:created_at).of_type(:datetime).with_options(:null => false) }
+      it { should have_db_column(:updated_at).of_type(:datetime).with_options(:null => false) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:workspace_id).of_type(:integer).with_options(:null => false, :default =>1) }
+      it { should have_db_column(:created_by).of_type(:string) }
+      it { should have_db_column(:path).of_type(:string) }
+      it { should have_db_column(:name).of_type(:text) }
+    end
+  end
+end

data/spec/app/models/mdm/route_spec.rb

@@ -0,0 +1,36 @@
+require 'spec_helper'
+
+describe Mdm::Route do
+
+  context 'associations' do
+    it { should belong_to(:session).class_name('Mdm::Session') }
+  end
+
+  context 'factory' do
+    it 'should be valid' do
+      route = FactoryGirl.build(:mdm_route)
+      route.should be_valid
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      route = FactoryGirl.create(:mdm_route)
+      expect {
+        route.destroy
+      }.to_not raise_error
+      expect {
+        route.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
+  context 'database' do
+    context 'columns' do
+      it { should have_db_column(:session_id).of_type(:integer) }
+      it { should have_db_column(:subnet).of_type(:string) }
+      it { should have_db_column(:netmask).of_type(:string) }
+    end
+  end
+
+end

data/spec/app/models/mdm/service_spec.rb

@@ -17,27 +17,82 @@ describe Mdm::Service do
     it { should belong_to(:host).class_name('Mdm::Host') }
   end
 
-  context "inactive" do
-    it "should exclude open services" do
-      open_service = FactoryGirl.create(:mdm_service, :state => 'open')
-      Mdm::Service.inactive.should_not include(open_service)
+  context 'scopes' do
+    context "inactive" do
+      it "should exclude open services" do
+        open_service = FactoryGirl.create(:mdm_service, :state => 'open')
+        Mdm::Service.inactive.should_not include(open_service)
+      end
+    end
+
+    context "with_state open" do
+      it "should exclude closed services" do
+        closed_service = FactoryGirl.create(:mdm_service, :state => 'closed')
+        Mdm::Service.with_state('open').should_not include(closed_service)
+      end
+    end
+
+    context "search for 'snmp'" do
+      it "should find only services that match" do
+        snmp_service   = FactoryGirl.create(:mdm_service)
+        ftp_service    =  FactoryGirl.create(:mdm_service, :proto => 'ftp')
+        search_results = Mdm::Service.search('snmp')
+        search_results.should     include(snmp_service)
+        search_results.should_not include(ftp_service)
+      end
     end
   end
 
-  context "with_state open" do
-    it "should exclude closed services" do
-      closed_service = FactoryGirl.create(:mdm_service, :state => 'closed')
-      Mdm::Service.with_state('open').should_not include(closed_service)
+  context 'callbacks' do
+    context 'after_save' do
+      it 'should call #normalize_host_os' do
+        svc = FactoryGirl.create(:mdm_service)
+        svc.should_receive(:normalize_host_os)
+        svc.run_callbacks(:save)
+      end
     end
   end
 
-  context "search for 'snmp'" do
-    it "should find only services that match" do
-      snmp_service   = FactoryGirl.create(:mdm_service)
-      ftp_service    =  FactoryGirl.create(:mdm_service, :proto => 'ftp')
-      search_results = Mdm::Service.search('snmp')
-      search_results.should     include(snmp_service)
-      search_results.should_not include(ftp_service)
+  context 'factory' do
+    it 'should be valid' do
+      service = FactoryGirl.build(:mdm_service)
+      service.should be_valid
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      service = FactoryGirl.create(:mdm_service)
+      expect {
+        service.destroy
+      }.to_not raise_error
+      expect {
+        service.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:created_at).of_type(:datetime) }
+      it { should have_db_column(:updated_at).of_type(:datetime) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:host_id).of_type(:integer) }
+      it { should have_db_column(:port).of_type(:integer).with_options(:null => false) }
+      it { should have_db_column(:proto).of_type(:string).with_options(:null => false) }
+      it { should have_db_column(:state).of_type(:string) }
+      it { should have_db_column(:name).of_type(:string) }
+      it { should have_db_column(:info).of_type(:text) }
+    end
+
+    context 'indices' do
+      it { should have_db_index(:name) }
+      it { should have_db_index(:port) }
+      it { should have_db_index(:proto) }
+      it { should have_db_index(:state) }
     end
   end
 

data/spec/app/models/mdm/session_event_spec.rb

@@ -0,0 +1,42 @@
+require 'spec_helper'
+
+describe Mdm::SessionEvent do
+  context 'associations' do
+    it { should belong_to(:session).class_name('Mdm::Session') }
+  end
+
+  context 'factory' do
+    it 'should be valid' do
+      session_event = FactoryGirl.build(:mdm_session_event)
+      session_event.should be_valid
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      session_event = FactoryGirl.create(:mdm_session_event)
+      expect {
+        session_event.destroy
+      }.to_not raise_error
+      expect {
+        session_event.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
+  context 'database' do
+    context 'timestamps'do
+      it { should have_db_column(:created_at).of_type(:datetime) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:session_id).of_type(:integer) }
+      it { should have_db_column(:etype).of_type(:string) }
+      it { should have_db_column(:command).of_type(:binary) }
+      it { should have_db_column(:output).of_type(:binary) }
+      it { should have_db_column(:remote_path).of_type(:string) }
+      it { should have_db_column(:local_path).of_type(:string) }
+    end
+  end
+
+end

data/spec/app/models/mdm/session_spec.rb

@@ -0,0 +1,114 @@
+require 'spec_helper'
+
+describe Mdm::Session do
+
+  context 'factory' do
+    it 'should be valid' do
+      session = FactoryGirl.build(:mdm_session)
+      session.should be_valid
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      session = FactoryGirl.create(:mdm_session)
+      expect {
+        session.destroy
+      }.to_not raise_error
+      expect {
+        session.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:opened_at).of_type(:datetime).with_options(:null => false) }
+      it { should have_db_column(:closed_at).of_type(:datetime) }
+      it { should have_db_column(:last_seen).of_type(:datetime) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:host_id).of_type(:integer) }
+      it { should have_db_column(:stype).of_type(:string) }
+      it { should have_db_column(:via_exploit).of_type(:string) }
+      it { should have_db_column(:via_payload).of_type(:string) }
+      it { should have_db_column(:desc).of_type(:string) }
+      it { should have_db_column(:port).of_type(:integer) }
+      it { should have_db_column(:platform).of_type(:string) }
+      it { should have_db_column(:datastore).of_type(:text) }
+      it { should have_db_column(:local_id).of_type(:integer) }
+    end
+  end
+
+  context 'asscoiations' do
+    it { should belong_to(:host).class_name('Mdm::Host') }
+    it { should have_many(:events).class_name('Mdm::SessionEvent').dependent(:delete_all) }
+    it { should have_many(:routes).class_name('Mdm::Route').dependent(:delete_all) }
+    it { should have_one(:workspace).class_name('Mdm::Workspace').through(:host) }
+  end
+
+  context 'scopes' do
+    context 'alive' do
+      it 'should return sessions that have not been closed' do
+        alive_session = FactoryGirl.create(:mdm_session)
+        dead_session = FactoryGirl.create(:mdm_session, :closed_at => Time.now)
+        alive_set = Mdm::Session.alive
+        alive_set.should include(alive_session)
+        alive_set.should_not include(dead_session)
+      end
+    end
+
+    context 'dead'  do
+      it 'should return sessions that have been closed' do
+        alive_session = FactoryGirl.create(:mdm_session)
+        dead_session = FactoryGirl.create(:mdm_session, :closed_at => Time.now)
+        dead_set = Mdm::Session.dead
+        dead_set.should_not include(alive_session)
+        dead_set.should include(dead_session)
+      end
+    end
+
+    context 'upgradeable' do
+      it 'should return sessions that can be upgraded to meterpreter' do
+        win_shell = FactoryGirl.create(:mdm_session, :stype => 'shell', :platform => 'Windows')
+        linux_shell = FactoryGirl.create(:mdm_session, :stype => 'shell', :platform => 'Linux')
+        win_meterp = FactoryGirl.create(:mdm_session, :stype => 'meterpreter', :platform => 'Windows')
+        upgrade_set = Mdm::Session.upgradeable
+        upgrade_set.should include(win_shell)
+        upgrade_set.should_not include(linux_shell)
+        upgrade_set.should_not include(win_meterp)
+      end
+    end
+  end
+
+  context 'callbacks' do
+    context 'before_destroy' do
+      it 'should call #stop' do
+        mysession = FactoryGirl.create(:mdm_session)
+        mysession.should_receive(:stop)
+        mysession.destroy
+      end
+    end
+  end
+
+  context 'methods' do
+    context '#upgradeable?' do
+      it 'should return true for windows shells' do
+        win_shell = FactoryGirl.create(:mdm_session, :stype => 'shell', :platform => 'Windows')
+        win_shell.upgradeable?.should == true
+      end
+
+      it 'should return false for non-windows shells' do
+        linux_shell = FactoryGirl.create(:mdm_session, :stype => 'shell', :platform => 'Linux')
+        linux_shell.upgradeable?.should == false
+      end
+
+      it 'should return false for Windows Meterpreter Sessions' do
+        win_meterp = FactoryGirl.create(:mdm_session, :stype => 'meterpreter', :platform => 'Windows')
+        win_meterp.upgradeable?.should == false
+      end
+    end
+  end
+end