metasploit_data_models 0.18.1 → 0.19.0

checksums.yaml

@@ -1,15 +1,15 @@
 ---
 !binary "U0hBMQ==":
   metadata.gz: !binary |-
-    ZmYwZGZmZjY0YTdlNzkxNzQyMTQzZTc0ZmNiNGI0NWMzZGFlYjg4Zg==
+    MTQ0Y2Q5YzA1YWYxNzViOTg0NGVjYTM1M2E5ZTE1NjJkNTJhZTc2Ng==
   data.tar.gz: !binary |-
-    OWIxOTY3ZDJkMmJlNGM3NDMzNDJkYThjNzdmMDI2MDBhNDIyZGFkYg==
+    YTY1NTEwYWNlZTYzOGEyY2Y5NWU3MmMyOTIzMzBlZDQxNjE4NTNiZA==
 SHA512:
   metadata.gz: !binary |-
-    ZGE3MGQ5YmQ3MTE1NDU0NDFjZDE0MDFmMDk5YmE1MDU3NGFhZjEwN2Y4YTcy
-    YWFmYWQ2NmRiNWNjNTM4NzQzYmVhYzUyM2VlMTVjNTA4NTA3ODA3YWFiZTU3
-    NDExMGFlNTM4N2QzM2Q4NTY2M2Y1NjE2NWU1NmYwODE0MTZmNDE=
+    MDhiZjg1M2FhNzg2ZjdiYmUyNzFlOWNhYWQ1YzYzOGM4ZmJiMjY3MzdlMjdk
+    NzE2ODcwM2JjNWM3MzllZTE0MTNiYzc5Y2VhMjE5OWVkMTQ2MGYwZDdkMmIy
+    OGFmZTI4YmY0YjExMzQzMTQxYWU1YzVmZDg0MmU3MTI2ZTBmOWY=
   data.tar.gz: !binary |-
-    NzQ3Zjc0MGVhYjFjY2Y1YTEyNzYzZDFhZjJlOTJlOTNmZDVhOGFkZTA0ZWU5
-    NjRlZTVlZjNjOTJlN2IyZjFmOWExZjg0YjY0NGRlZWE4OGQwNzYzZTNhYTk5
-    NjI5ZTEwYzJkMWEwYzlkYTVhMTAxZDU4NjA4NDg2MzJjNDcyM2U=
+    M2ZlZmRmY2E4Y2E4NmQzZjc3MmFmOTZjYzJhMWNjYmM4YWU3ODNhMTNkODI2
+    ZTNhMTdjMGUzYmI1N2EzMDRmYWMzMzg5MjA1MWI1OTZiNjdkZjBjNzdlNmVm
+    YmM1NmYyMzU0YjQwNWQ1ZGRjZjE5OGQ4OGYzZTk3MDA5ZTZjYmI=

data/app/models/mdm/host.rb

@@ -500,6 +500,13 @@ class Mdm::Host < ActiveRecord::Base
                   :os_sp
               ]
 
+  #
+  # Search Withs
+  #
+
+  search_with MetasploitDataModels::Search::Operator::IPAddress,
+              attribute: :address
+
   #
   # Instance Methods
   #

data/app/models/mdm/service.rb

@@ -6,6 +6,9 @@ class Mdm::Service < ActiveRecord::Base
   # CONSTANTS
   #
 
+  # Valid values for {#proto}.
+  PROTOS = %w{tcp udp}
+
   # Valid values for {#state}.
   STATES = ['open', 'closed', 'filtered', 'unknown']
 
@@ -186,8 +189,14 @@ class Mdm::Service < ActiveRecord::Base
   # Search Attributes
   #
 
+  search_attribute :info,
+                   type: :string
   search_attribute :name,
                    type: :string
+  search_attribute :proto,
+                   type: {
+                       set: :string
+                   }
 
   #
   # Search Withs
@@ -202,7 +211,27 @@ class Mdm::Service < ActiveRecord::Base
             numericality: {
                 only_integer: true
             }
-  validates :proto, presence: true
+  validates :proto,
+            inclusion: {
+                in: PROTOS
+            }
+
+  #
+  # Class Methods
+  #
+
+  # Set of searchable values for {#proto}.
+  #
+  # @return [Set<String>] {PROTOS} as a `Set`.
+  # @see Metasploit::Model::Search::Operation::Set#membership
+  # @see Metasploit::Model::Search::Operator::Attribute#attribute_set
+  def self.proto_set
+    @proto_set ||= Set.new(PROTOS)
+  end
+
+  #
+  # Instance Methods
+  #
 
   # {Mdm::Host::OperatingSystemNormalization#normalize_os Normalizes the host operating system} whenever {#info} has
   # changed.

data/app/models/mdm/tag.rb

@@ -1,4 +1,6 @@
 class Mdm::Tag < ActiveRecord::Base
+  include Metasploit::Model::Search
+
   #
   # Relations
   #
@@ -26,6 +28,14 @@ class Mdm::Tag < ActiveRecord::Base
   #   @return [ActiveRecord::Relation<Mdm::Host>]
   has_many :hosts, :through => :hosts_tags, :class_name => 'Mdm::Host'
 
+  #
+  # Search
+  #
+
+  search_attribute :desc,
+                   type: :string
+  search_attribute :name,
+                   type: :string
 
   #
   # Validations

data/app/models/metasploit_data_models/ip_address/v4/cidr.rb

@@ -0,0 +1,14 @@
+# An IPv4 CIDR (Classless InterDomain Routing) block composed of a
+# {MetasploitDataModels::IPAddress::V4::Single IPv4} {MetasploitDataModels::IPAddress::CIDR#address address} and
+# {MetasploitDataModels::IPAddress::CIDR#prefix_length prefix_length} written in the form `'a.b.c.d/prefix_length'`.
+#
+# @see https://en.wikipedia.org/wiki/Cidr#IPv6_CIDR_blocks
+class MetasploitDataModels::IPAddress::V4::CIDR < Metasploit::Model::Base
+  include MetasploitDataModels::IPAddress::CIDR
+
+  #
+  # CIDR
+  #
+
+  cidr address_class: MetasploitDataModels::IPAddress::V4::Single
+end

data/app/models/metasploit_data_models/ip_address/v4/nmap.rb

@@ -0,0 +1,14 @@
+# Nmap's octet range format composed of segments of comma separated list of segment numbers and segment number ranges.
+#
+# @example Nmap octect range format
+#   # equivalent to ['1.5.6.7', '3.5.6.7', '4.5.6.7']
+#   '1,3-4.5.6.7'
+#
+# @see http://nmap.org/book/man-target-specification.html
+class MetasploitDataModels::IPAddress::V4::Nmap < MetasploitDataModels::IPAddress::V4::Segmented
+  #
+  # Segments
+  #
+
+  segment class_name: 'MetasploitDataModels::IPAddress::V4::Segment::Nmap::List'
+end

data/app/models/metasploit_data_models/ip_address/v4/range.rb

@@ -0,0 +1,12 @@
+# A range of complete IPv4 addresses, separated by a `-`.
+class MetasploitDataModels::IPAddress::V4::Range < Metasploit::Model::Base
+  extend MetasploitDataModels::Match::Child
+
+  include MetasploitDataModels::IPAddress::Range
+
+  #
+  # Range Extremes
+  #
+
+  extremes class_name: 'MetasploitDataModels::IPAddress::V4::Single'
+end

data/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list.rb

@@ -0,0 +1,126 @@
+# A comma separated list of {MetasploitDataModels::IPAddress::V4::Segment::Single segment numbers} and
+# {MetasploitDataModels::IPAddress::V4::Segment::Nmap::Range range of segment numbers} making up one segment of
+# {MetasploitDataModels::IPAddress::V4::Nmap}.
+class MetasploitDataModels::IPAddress::V4::Segment::Nmap::List < Metasploit::Model::Base
+  extend ActiveSupport::Autoload
+
+  include MetasploitDataModels::Match::Parent
+
+  #
+  # CONSTANTS
+  #
+
+  # Either an individual {MetasploitDataModels::IPAddress::V4::Segment::Single segment number} or a
+  # {MetasploitDataModels::IPAddress::V4::Segment::Nmap::Range segment range}.
+  RANGE_OR_NUMBER_REGEXP = %r{
+      (?<range>#{parent::Range.regexp})
+      |
+      # range first because it contains a segment and if the range isn't first only the first part of the range will
+      # match.
+      (?<number>#{MetasploitDataModels::IPAddress::V4::Segment::Single::REGEXP})
+  }x
+  # Separator between number or ranges
+  SEPARATOR = ','
+  # Segment of an NMAP address, composed of comma separated {RANGE_OR_NUMBER_REGEXP segment numbers or ranges}.
+  REGEXP = /#{RANGE_OR_NUMBER_REGEXP}(#{SEPARATOR}#{RANGE_OR_NUMBER_REGEXP})*/
+
+  # Matches exactly an Nmap comma separated list of segment numbers and ranges.
+  MATCH_REGEXP = /\A#{REGEXP}\z/
+
+  #
+  # Attributes
+  #
+
+  # @!attribute value
+  #   The NMAP IPv4 octect range.
+  #
+  #   @return [Array<MetasploitDataModels::IPAddress::V4::Segment::Number, MetasploitDataModels::IPAddress::V4::Segment::Range>]
+  #     number and range in the order they appeared in formatted value.
+  attr_reader :value
+
+  #
+  # Match Children
+  #
+
+  match_children_named %w{
+    MetasploitDataModels::IPAddress::V4::Segment::Single
+    MetasploitDataModels::IPAddress::V4::Segment::Nmap::Range
+  }
+
+  #
+  #
+  # Validations
+  #
+  #
+
+  #
+  # Method Validations
+  #
+
+  validate :value_elements_valid
+  validate :value_is_array
+
+  #
+  # Attribute Validations
+  #
+
+  validates :value,
+            presence: true
+
+  #
+  # Instance Methods
+  #
+
+  # @return [String]
+  def to_s
+    if value.is_a? Array
+      value.map(&:to_s).join(SEPARATOR)
+    else
+      value.to_s
+    end
+  end
+
+  # Set {#value} to an `Array` of segment numbers and ranges.
+  #
+  # @param formatted_value [#to_s]
+  # @return [Array<MetasploitDataModels::IPAddress::V4::Segment::Single, MetasploitDataModels::IPAddress::V4::Segment::Nmap::Range>] a parsed `Array` of segment numbers and ranges.
+  # @return [#to_s] if `formatted_value` does not match {MATCH_REGEXP}.
+  def value=(formatted_value)
+    string = formatted_value.to_s
+    match = MATCH_REGEXP.match(string)
+
+    if match
+      ranges_or_numbers = string.split(SEPARATOR)
+
+      @value = ranges_or_numbers.map { |range_or_number|
+        match_child(range_or_number) || range_or_number
+      }
+    else
+      @value = formatted_value
+    end
+  end
+
+  private
+
+  # Validates that {#value}'s elements are all valid.
+  #
+  # @return [void]
+  def value_elements_valid
+    if value.is_a? Array
+      value.each_with_index do |element, index|
+        unless element.valid?
+          errors.add(:value, :element, element: element, index: index)
+        end
+      end
+    end
+  end
+
+  # Validates that {#value} is an `Array`.
+  #
+  # @return [void]
+  def value_is_array
+    unless value.is_a? Array
+      errors.add(:value, :array)
+    end
+  end
+end

data/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range.rb

@@ -0,0 +1,12 @@
+# A range of segment number composed of a {#begin} and {#end} segment number, separated by a `-`.
+class MetasploitDataModels::IPAddress::V4::Segment::Nmap::Range < Metasploit::Model::Base
+  extend MetasploitDataModels::Match::Child
+
+  include MetasploitDataModels::IPAddress::Range
+
+  #
+  # Range Extremes
+  #
+
+  extremes class_name: 'MetasploitDataModels::IPAddress::V4::Segment::Single'
+end

data/app/models/metasploit_data_models/ip_address/v4/segment/single.rb

@@ -0,0 +1,123 @@
+# A segment number in an IPv4 address or the
+# {MetasploitDataModels::IPAddress::V4::Segment::Nmap::Range#begin} or
+# {MetasploitDataModels::IPAddress::V4::Segment::Nmap::Range#send}.
+class MetasploitDataModels::IPAddress::V4::Segment::Single < Metasploit::Model::Base
+  extend MetasploitDataModels::Match::Child
+
+  include Comparable
+
+  #
+  # CONSTANTS
+  #
+
+  # Number of bits in a IPv4 segment
+  BITS = 8
+
+  # Limit that {#value} can never reach
+  LIMIT = 1 << BITS
+
+  # Maximum segment {#value}
+  MAXIMUM = LIMIT - 1
+
+  # Minimum segment {#value}
+  MINIMUM = 0
+
+  # Regular expression for a segment (octet) of an IPv4 address in decimal dotted notation.
+  #
+  # @see http://stackoverflow.com/a/17871737/470451
+  REGEXP = /(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])/
+
+  #
+  # Attributes
+  #
+
+  # @!attribute value
+  #   The segment number.
+  #
+  #   @return [Integer, String]
+  attr_reader :value
+
+  #
+  # Validations
+  #
+
+  validates :value,
+            numericality: {
+                greater_than_or_equal_to: MINIMUM,
+                less_than_or_equal_to: MAXIMUM,
+                only_integer: true
+            }
+
+  #
+  # Class Methods
+  #
+
+  # (see BITS)
+  #
+  # @return [Integer] {BITS}
+  def self.bits
+    BITS
+  end
+
+  #
+  # Instance Methods
+  #
+
+  # Compare this segment to `other`.
+  #
+  # @param other [#value] another segent to compare against.
+  # @return [1] if this segment is greater than `other`.
+  # @return [0] if this segment is equal to `other`.
+  # @return [-1] if this segment is less than `other`.
+  def <=>(other)
+    value <=> other.value
+  end
+
+  # Full add (as in [full adder](https://en.wikipedia.org/wiki/Full_adder)) two (this segment and `other`) segments and
+  # a carry from the previous {#add_with_carry}.
+  #
+  # @param other [MetasploitDataModels:IPAddress::V4::Segment::Single] segment to add to this segment.
+  # @param carry [Integer] integer to add to this segment and other segment from a previous call to {#add_with_carry}
+  #   for lower segments.
+  # @return [Array<(MetasploitDataModels::IPAddress::V4::Segment::Single, Integer)>] Array containing a proper segment
+  #   (where {#value} is less than {LIMIT}) and a carry integer to pass to next call to {#add_with_carry}.
+  # @return (see #half_add)
+  def add_with_carry(other, carry=0)
+    improper_value = self.value + other.value + carry
+    proper_value = improper_value % LIMIT
+    carry = improper_value / LIMIT
+    segment = self.class.new(value: proper_value)
+
+    [segment, carry]
+  end
+
+  # The succeeding segment.  Used in `Range`s when walking the `Range`.
+  #
+  # @return [MetasploitDataModels::IPAddress::V4::Segment::Single] if {#value} responds to `#succ`.
+  # @return [nil] otherwise
+  def succ
+    if value.respond_to? :succ
+      self.class.new(value: value.succ)
+    end
+  end
+
+  delegate :to_s,
+           to: :value
+
+  # Sets {#value} by type casting String to Integer.
+  #
+  # @param formatted_value [#to_s]
+  # @return [Integer] if `formatted_value` contains only an Integer#to_s
+  # @return [#to_s] `formatted_value` if it does not contain an Integer#to_s
+  def value=(formatted_value)
+    @value_before_type_cast = formatted_value
+
+    begin
+      # use Integer() instead of String#to_i as String#to_i will ignore trailing letters (i.e. '1two' -> 1) and turn all
+      # string without an integer in it to 0.
+      @value = Integer(formatted_value.to_s)
+    rescue ArgumentError
+      @value = formatted_value
+    end
+  end
+end

data/app/models/metasploit_data_models/ip_address/v4/segmented.rb

@@ -0,0 +1,200 @@
+# @note {segment} must be called in subclasses to set the {segment_class_name}.
+#
+# An IPv4 address that is composed of {SEGMENT_COUNT 4} {#segments} separated by {SEPARATOR `'.'`}.
+#
+# @example Using single segments to make a single IPv4 address class
+#   class MetasploitDataModels::IPAddress::V4::Single < MetasploitDataModels::IPAddress::V4::Segmented
+#      #
+#      # Segments
+#      #
+#
+#      segment class_name: 'MetasploitDataModels::IPAddress::V4::Segment::Single'
+#   end
+#
+class MetasploitDataModels::IPAddress::V4::Segmented < Metasploit::Model::Base
+  extend MetasploitDataModels::Match::Child
+
+  include Comparable
+
+  #
+  # CONSTANTS
+  #
+
+  # The number of {#segments}
+  SEGMENT_COUNT = 4
+  # Separator between segments
+  SEPARATOR = '.'
+
+  #
+  # Attributes
+  #
+
+  # @!attribute value
+  #   Segments of IP address from high to low.
+  #
+  #   @return [Array<MetasploitDataModels::IPAddress:V4::Segment::Nmap>]
+  attr_reader :value
+
+  #
+  #
+  # Validations
+  #
+  #
+
+  #
+  # Validation Methods
+  #
+
+  validate :segments_valid
+
+  #
+  # Attribute Validations
+  #
+
+  validates :segments,
+            length: {
+              is: SEGMENT_COUNT
+            }
+
+  #
+  # Class methods
+  #
+
+  # @note Call {segment} with the {segment_class_name} before calling this method, as it uses {segment_class} to look
+  #   up the `REGEXP` of the {segment_class}.
+  #
+  # Regular expression that matches the part of a string that represents a IPv4 segmented IP address format.
+  #
+  # @return [Regexp]
+  def self.regexp
+    unless @regexp
+      separated_segment_count = SEGMENT_COUNT - 1
+
+      @regexp = %r{
+        (#{segment_class::REGEXP}#{Regexp.escape(SEPARATOR)}){#{separated_segment_count},#{separated_segment_count}}
+        #{segment_class::REGEXP}
+      }x
+    end
+
+    @regexp
+  end
+
+  # Sets up the {segment_class_name} for the subclass.
+  #
+  # @example Using {segment} to set {segment_class_name}
+  #   segment class_name: 'MetasploitDataModels::IPAddress::V4::Segment::Single'
+  #
+  # @param options [Hash{Symbol => String}]
+  # @option options [String] :class_name a `Class#name` to use for {segment_class_name}.
+  # @return [void]
+  def self.segment(options={})
+    options.assert_valid_keys(:class_name)
+
+    @segment_class_name = options.fetch(:class_name)
+  end
+
+  # @note Call {segment} to set the {segment_class_name} before calling {segment_class}, which will attempt to
+  #   String#constantize` {segment_class_name}.
+  #
+  # The `Class` used to parse each segment of the IPv4 address.
+  #
+  # @return [Class]
+  def self.segment_class
+    @segment_class = segment_class_name.constantize
+  end
+
+  # @note Call {segment} to set {segment_class_name}
+  #
+  # The name of {segment_class}
+  #
+  # @return [String] a `Class#name` for {segment_class}.
+  def self.segment_class_name
+    @segment_class_name
+  end
+
+  # (see SEGMENT_COUNT)
+  #
+  # @return [Integer]
+  def self.segment_count
+    SEGMENT_COUNT
+  end
+
+  #
+  # Instance methods
+  #
+
+  # Compare this segment IPv4 address to `other`.
+  #
+  # @return [1] if {#segments} are greater than {#segments} of `other`.
+  # @return [0] if {#segments} are equal to {#segments} of `other`.
+  # @return [-1] if {#segments} are less than {#segments} of `other`.
+  # @return [nil] if `other` isn't the same `Class`
+  def <=>(other)
+    if other.is_a? self.class
+      segments <=> other.segments
+    else
+      # The interface for <=> requires nil be returned if other is incomparable
+      nil
+    end
+  end
+
+  # Array of segments.
+  #
+  # @return [Array] if {#value} is an `Array`.
+  # @return [[]] if {#value} is not an `Array`.
+  def segments
+    if value.is_a? Array
+      value
+    else
+      []
+    end
+  end
+
+  # Set {#segments}.
+  #
+  # @param segments [Array] `Array` of {segment_class} instances
+  # @return [Array] `Array` of {segment_class} instances
+  def segments=(segments)
+    @value = segments
+  end
+
+  # Segments joined with {SEPARATOR}.
+  #
+  # @return [String]
+  def to_s
+    segments.map(&:to_s).join(SEPARATOR)
+  end
+
+  # @note Set {#segments} if value is not formatted, but already broken into an `Array` of {segment_class} instances.
+  #
+  # Sets {#value} by parsing its segments.
+  #
+  # @param formatted_value [#to_s]
+  def value=(formatted_value)
+    string = formatted_value.to_s
+    match = self.class.match_regexp.match(string)
+
+    if match
+      segments = string.split(SEPARATOR)
+
+      @value = segments.map { |segment|
+        self.class.segment_class.new(value: segment)
+      }
+    else
+      @value = formatted_value
+    end
+  end
+
+  private
+
+  # Validates that all segments in {#segments} are valid.
+  #
+  # @return [void]
+  def segments_valid
+    segments.each_with_index do |segment, index|
+      unless segment.valid?
+        errors.add(:segments, :segment_invalid, index: index, segment: segment)
+      end
+    end
+  end
+end