metasploit_data_models 0.18.1 → 0.19.0

data/app/models/metasploit_data_models/ip_address/v4/single.rb

@@ -0,0 +1,53 @@
+# A single IPv4 address, in standard, dotted decimal notation.
+#
+# @example Dotted Decimal Notation
+#   '1.2.3.4'
+#
+class MetasploitDataModels::IPAddress::V4::Single < MetasploitDataModels::IPAddress::V4::Segmented
+  #
+  # Segments
+  #
+
+  segment class_name: 'MetasploitDataModels::IPAddress::V4::Segment::Single'
+
+  #
+  # Instance Methods
+  #
+
+  # Adds `other` IPv4 address to this IPv4 address.
+  #
+  # @return [MetasploitDataModels::IPAddress::V4::Single] a new IPv4 address contain the sum of the two addresses
+  #   segments with carries from lower to higher segments.
+  # @raise [TypeError] if `other` isn't the same class.
+  # @raise [ArgmentError] if `self` plus `other` yields an IP address greater than 255.255.255.255.
+  # @see succ
+  def +(other)
+    unless other.is_a? self.class
+      raise TypeError, "Cannot add #{other.class} to #{self.class}"
+    end
+
+    carry = 0
+    sum_segments = []
+    low_to_high_segments = segments.zip(other.segments).reverse
+
+    low_to_high_segments.each do |self_segment, other_segment|
+      segment, carry = self_segment.add_with_carry(other_segment, carry)
+      sum_segments.unshift segment
+    end
+
+    unless carry == 0
+      raise ArgumentError,
+            "#{self} + #{other} is not a valid IP address.  It is #{sum_segments.join('.')} with a carry (#{carry})"
+    end
+
+    self.class.new(segments: sum_segments)
+  end
+
+  # The succeeding IPv4 address.
+  #
+  # @see #+
+  # @raise (see #+)
+  def succ
+    self + self.class.new(value: '0.0.0.1')
+  end
+end

data/app/models/metasploit_data_models/search/operation/ip_address.rb

@@ -0,0 +1,60 @@
+# Searches an `inet` column in a PostgreSQL database using
+# {MetasploitDataModels::IPAddress::V4::Single a standard IPv4 address},
+# {MetasploitDataModels::IPAddress::V4::CIDR an IPv4 CIDR block}, or
+# {MetasploitDataModels::IPAddress::V4::Range an IPv4 address range}.
+class MetasploitDataModels::Search::Operation::IPAddress < Metasploit::Model::Search::Operation::Base
+  include MetasploitDataModels::Match::Parent
+
+  #
+  # Match Children
+  #
+
+  # in order of precedence, so simpler single IPv4 addresses are matched before the more complex ranges which may
+  # degenerate to equivalent formatted value
+  match_children_named %w{
+    MetasploitDataModels::IPAddress::V4::Single
+    MetasploitDataModels::IPAddress::V4::CIDR
+    MetasploitDataModels::IPAddress::V4::Range
+  }
+
+  #
+  #
+  # Validations
+  #
+  #
+
+  #
+  # Validation Methods
+  #
+
+  validate :value_valid
+
+  #
+  # Attribute Validations
+  #
+
+  validates :value,
+            presence: true
+
+  #
+  # Instance Method
+  #
+
+  # @param formatted_value [#to_s]
+  def value=(formatted_value)
+    @value = match_child(formatted_value) || formatted_value
+  end
+
+  private
+
+  # Validates that `#value` is valid.
+  #
+  # @return [void]
+  def value_valid
+    if value.present?
+      unless value.respond_to?(:valid?) && value.valid?
+        errors.add(:value, :invalid)
+      end
+    end
+  end
+end

data/app/models/metasploit_data_models/search/operator/ip_address.rb

@@ -0,0 +1,33 @@
+# Operator for `inet` columns in a PostgreSQL database, which operates on formatted values using
+# {MetasploitDataModels::Search::Operation::IPAddress}.
+class MetasploitDataModels::Search::Operator::IPAddress < Metasploit::Model::Search::Operator::Single
+  #
+  # Attributes
+  #
+
+  # @!attribute [r] attribute
+  #   The attribute on `Metasploit::Model::Search::Operator::Base#klass` that is searchable.
+  #
+  #   @return [Symbol] the attribute name
+  attr_accessor :attribute
+
+  #
+  # Validations
+  #
+
+  validates :attribute,
+            presence: true
+
+  #
+  # Instance Methods
+  #
+
+  alias_method :name, :attribute
+
+  # The class used for `Metasploit::Model::Search::Operator::Single#operate_on`.
+  #
+  # @return [String] `'MetasploitDataModels::Search::Operation::IPAddress'`
+  def operation_class_name
+    @operation_class_name ||= 'MetasploitDataModels::Search::Operation::IPAddress'
+  end
+end

data/app/models/metasploit_data_models/search/visitor/attribute.rb

@@ -7,6 +7,7 @@ class MetasploitDataModels::Search::Visitor::Attribute
   end
 
   visit 'Metasploit::Model::Search::Operator::Attribute',
+        'MetasploitDataModels::Search::Operator::IPAddress',
         'MetasploitDataModels::Search::Operator::Port::List' do |operator|
     table = operator.klass.arel_table
     table[operator.attribute]

data/app/models/metasploit_data_models/search/visitor/includes.rb

@@ -23,6 +23,7 @@ class MetasploitDataModels::Search::Visitor::Includes
   end
 
   visit 'Metasploit::Model::Search::Operator::Attribute',
+        'MetasploitDataModels::Search::Operator::IPAddress',
         'MetasploitDataModels::Search::Operator::Port::List' do |_operator|
     []
   end

data/app/models/metasploit_data_models/search/visitor/joins.rb

@@ -43,6 +43,7 @@ class MetasploitDataModels::Search::Visitor::Joins
   end
 
   visit 'Metasploit::Model::Search::Operator::Attribute',
+        'MetasploitDataModels::Search::Operator::IPAddress',
         'MetasploitDataModels::Search::Operator::Port::List' do |_|
     []
   end

data/app/models/metasploit_data_models/search/visitor/where.rb

@@ -45,6 +45,45 @@ class MetasploitDataModels::Search::Visitor::Where
     attribute.matches(match_value)
   end
 
+  visit 'MetasploitDataModels::IPAddress::CIDR' do |cidr|
+    cast_to_inet "#{cidr.address}/#{cidr.prefix_length}"
+  end
+
+  visit 'MetasploitDataModels::IPAddress::Range' do |ip_address_range|
+    range = ip_address_range.value
+
+    begin_node = visit range.begin
+    end_node = visit range.end
+
+    # AND nodes should be created with a list
+    Arel::Nodes::And.new([begin_node, end_node])
+  end
+
+  visit 'MetasploitDataModels::IPAddress::V4::Single' do |ip_address|
+    cast_to_inet(ip_address.to_s)
+  end
+
+  visit 'MetasploitDataModels::Search::Operation::IPAddress' do |operation|
+    attribute = attribute_visitor.visit operation.operator
+    value = operation.value
+    value_node = visit value
+
+    case value
+      when MetasploitDataModels::IPAddress::CIDR
+        Arel::Nodes::InfixOperation.new(
+            '<<',
+            attribute,
+            value_node
+        )
+      when MetasploitDataModels::IPAddress::Range
+        Arel::Nodes::Between.new(attribute, value_node)
+      when MetasploitDataModels::IPAddress::V4::Single
+        Arel::Nodes::Equality.new(attribute, value_node)
+      else
+        raise TypeError, "Don't know how to handle #{value.class}"
+    end
+  end
+
   visit 'MetasploitDataModels::Search::Operation::Port::Range' do |range_operation|
     attribute = attribute_visitor.visit range_operation.operator
 
@@ -69,5 +108,17 @@ class MetasploitDataModels::Search::Visitor::Where
     @method_visitor ||= MetasploitDataModels::Search::Visitor::Method.new
   end
 
+  private
+
+  # Casts a literal string to INET in AREL.
+  #
+  # @return [Arel::Nodes::NamedFunction]
+  def cast_to_inet(string)
+    cast_argument = Arel::Nodes::As.new(string, Arel::Nodes::SqlLiteral.new('INET'))
+    Arel::Nodes::NamedFunction.new('CAST', [cast_argument])
+  end
+
+  public
+
   Metasploit::Concern.run(self)
 end

data/config/locales/en.yml

@@ -5,12 +5,39 @@ en:
         messages:
           # have to duplicate activerecord.model.errors.message.taken because of the different i18n_scope
           taken: "has already been taken"
-
         models:
-          metasploit_data_models/search/operator/multitext:
+          metasploit_data_models/ip_address/range:
             attributes:
-              operator_names:
-                too_short: "is too short (minimum is %{count} operator names)"
+              value:
+                order: "beginning of range (%{begin}) cannot be after end of range (%{end})"
+          metasploit_data_models/ip_address/v4/segmented:
+            attributes:
+              segments:
+                segment_invalid: "has invalid segment (%{segment}) at index %{index}"
+                wrong_length: "is the wrong length (should be %{count} segments)"
+          metasploit_data_models/ip_address/v4/segment/nmap/list:
+            attributes:
+              value:
+                array: "is not an Array"
+                element: "has invalid element (%{element}) at index %{index}"
+          metasploit_data_models/ip_address/v4/segment/nmap/range:
+            attributes:
+              value:
+                order: "beginning of range (%{begin}) cannot be after end of range (%{end})"
+          metasploit_data_models/search/operation/ip_address/invalid_range:
+            attributes:
+              value:
+                format: "does not match any known formats (IPv4, IPv4 CIDR, IPv4 NMAP, IPv4 Range, IPv6, IPv6 CIDR, IPv6 Range)"
+          metasploit_data_models/search/operation/ip_address/v4/range:
+            attributes:
+              value:
+                extreme: "%{extreme} (%{extreme_value}) is not an IPAddr"
+                order: "beginning of range (%{begin}) cannot be after end of range (%{end})"
+                type: "is not a range"
+          metasploit_data_models/search/operation/ip_address/v4/single:
+            attributes:
+              value:
+                format: "does not match IPv4 dotted decimal format"
           metasploit_data_models/search/operation/port/range:
             attributes:
               value:
@@ -21,3 +48,7 @@ en:
               value:
                 order: "is not in order: begin (%{begin} is greater than end (%{end})."
                 range: "is not a range"
+          metasploit_data_models/search/operator/multitext:
+            attributes:
+              operator_names:
+                too_short: "is too short (minimum is %{count} operator names)"

data/lib/metasploit_data_models/ip_address.rb

@@ -0,0 +1,5 @@
+# Namespace for models for validating various IPv4 formats beyond those supported by the Ruby standard library's
+# `IPAddr`.
+module MetasploitDataModels::IPAddress
+
+end

data/lib/metasploit_data_models/ip_address/cidr.rb

@@ -0,0 +1,174 @@
+# Common behavior for Class-InterDomain Routing (`<address>/<prefix-length>`) notation under
+# {MetasploitDataModels::IPAddress},
+module MetasploitDataModels::IPAddress::CIDR
+  # so that translations for errors messages can be filed under metasploit_data_models/ip_address/cidr
+  extend ActiveModel::Naming
+  extend ActiveSupport::Concern
+
+  #
+  # CONSTANTS
+  #
+
+  # Separator between the {#address} and {#prefix_length}
+  SEPARATOR = '/'
+
+  #
+  # Attributes
+  #
+
+  # @!attribute address
+  #   The IP address being masked by {#prefix_length} `1` bits.
+  #
+  #   @return [Object] an instance of {address_class}
+  attr_reader :address
+
+  # @!attribute prefix_length
+  #   The significant number of bits in {#address}.
+  #
+  #   @return [Integer] number of `1` bits in the netmask of {#address}
+  attr_reader :prefix_length
+
+  included do
+    include ActiveModel::Validations
+
+    #
+    #
+    # Validations
+    #
+    #
+
+    #
+    # Validation Methods
+    #
+
+    validate :address_valid
+
+    #
+    # Attribute Validations
+    #
+
+    validates :address,
+              presence: true
+  end
+
+  # Class methods added to the including `Class`.
+  module ClassMethods
+    include MetasploitDataModels::Match::Child
+
+    #
+    # Attributes
+    #
+
+    # @!attribute address_class
+    #   The Class` whose instance are usd for {MetasploitDataModels::IPAddress::CIDR#address}.
+    #
+    #   @return [Class]
+    attr_reader :address_class
+
+    #
+    # Methods
+    #
+
+    # @note `address_class` must respond to `#segment_class` and `#segment_count` so {#maximum_prefix_length} can be
+    #   calculated.
+    #
+    # Sets up the address class and allowed {#maximum_prefix_length} for the including `Class`.
+    #
+    # @param options [Hash{Symbol => Class}]
+    # @option options [Class, #segment_class, #segment_count] :address_class The `Class` whose instances will be used
+    #   for {#address}.
+    def cidr(options={})
+      options.assert_valid_keys(:address_class)
+
+      @address_class = options.fetch(:address_class)
+
+      #
+      # Validations
+      #
+
+      validates :prefix_length,
+                numericality: {
+                    only_integer: true,
+                    greater_than_or_equal_to: 0,
+                    less_than_or_equal_to: maximum_prefix_length
+                }
+    end
+
+    # Regular expression that matches a string that contains only a CIDR IP address.
+    #
+    # @return [Regexp]
+    def match_regexp
+      @match_regexp ||= /\A#{regexp}\z/
+    end
+
+    # The maximum number of bits in a prefix for the {#address_class}.
+    #
+    # @return [Integer] the number of bits across all segments of {#address_class}.
+    def maximum_prefix_length
+      @maximum_prefix_length ||= address_class.segment_count * address_class.segment_class.bits
+    end
+
+    # Regular expression that matches a portion of string that contains a CIDR IP address.
+    #
+    # @return [Regexp]
+    def regexp
+      @regexp ||= /(?<address>#{address_class.regexp})#{Regexp.escape(SEPARATOR)}(?<prefix_length>\d+)/
+    end
+  end
+
+  #
+  # Instance Methods
+  #
+
+  # Set {#address}.
+  #
+  # @param formatted_address [#to_s]
+  def address=(formatted_address)
+    @address = self.class.address_class.new(value: formatted_address)
+  end
+
+  # Set {#prefix_length}.
+  #
+  # @param formatted_prefix_length [#to_s]
+  def prefix_length=(formatted_prefix_length)
+    @prefix_length_before_type_cast = formatted_prefix_length
+
+    begin
+      # use Integer() instead of String#to_i as String#to_i will ignore trailing letters (i.e. '1two' -> 1) and turn all
+      # string without an integer in it to 0.
+      @prefix_length = Integer(formatted_prefix_length.to_s)
+    rescue ArgumentError
+      @prefix_length = formatted_prefix_length
+    end
+  end
+
+  # The formatted_prefix_length passed to {#prefix_length=}
+  #
+  # @return [#to_s]
+  def prefix_length_before_type_cast
+    @prefix_length_before_type_cast
+  end
+
+  # Parses the `formatted_value` into an {#address} and {#prefix_length}.
+  #
+  # @param formatted_value [#to_s]
+  def value=(formatted_value)
+    formatted_address, formatted_prefix_length = formatted_value.to_s.split(SEPARATOR, 2)
+
+    self.address = formatted_address
+    self.prefix_length = formatted_prefix_length
+
+    [address, prefix_length]
+  end
+
+  private
+
+  # Validates that {#address} is valid.
+  #
+  # @return [void]
+  def address_valid
+    if address && !address.valid?
+      errors.add(:address, :invalid)
+    end
+  end
+end