metasploit_data_models 0.24.1 → 0.24.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rspec +3 -3
- data/.travis.yml +6 -3
- data/Gemfile +1 -8
- data/Rakefile +23 -0
- data/app/models/mdm/api_key.rb +41 -1
- data/app/models/mdm/client.rb +41 -1
- data/app/models/mdm/cred.rb +107 -19
- data/app/models/mdm/event.rb +48 -1
- data/app/models/mdm/exploit_attempt.rb +65 -16
- data/app/models/mdm/exploited_host.rb +28 -1
- data/app/models/mdm/host_detail.rb +45 -1
- data/app/models/mdm/host_tag.rb +6 -8
- data/app/models/mdm/listener.rb +53 -1
- data/app/models/mdm/macro.rb +42 -0
- data/app/models/mdm/mod_ref.rb +21 -0
- data/app/models/mdm/module/action.rb +15 -0
- data/app/models/mdm/module/arch.rb +10 -0
- data/app/models/mdm/module/author.rb +16 -0
- data/app/models/mdm/module/mixin.rb +13 -0
- data/app/models/mdm/module/platform.rb +11 -0
- data/app/models/mdm/module/target.rb +18 -0
- data/app/models/mdm/nexpose_console.rb +82 -4
- data/app/models/mdm/profile.rb +36 -0
- data/app/models/mdm/route.rb +17 -5
- data/app/models/mdm/session_event.rb +33 -1
- data/app/models/mdm/tag.rb +49 -10
- data/app/models/mdm/task.rb +94 -45
- data/app/models/mdm/task_cred.rb +29 -0
- data/app/models/mdm/task_host.rb +25 -0
- data/app/models/mdm/task_service.rb +25 -0
- data/app/models/mdm/task_session.rb +25 -0
- data/app/models/mdm/user.rb +188 -6
- data/app/models/mdm/vuln_attempt.rb +37 -12
- data/app/models/mdm/vuln_detail.rb +139 -5
- data/app/models/mdm/vuln_ref.rb +4 -1
- data/app/models/mdm/web_form.rb +35 -1
- data/app/models/mdm/web_page.rb +70 -1
- data/app/models/mdm/web_site.rb +51 -1
- data/app/models/mdm/wmap_request.rb +85 -0
- data/app/models/mdm/wmap_target.rb +40 -0
- data/app/models/mdm/workspace.rb +152 -14
- data/app/models/metasploit_data_models/automatic_exploitation/match.rb +19 -24
- data/app/models/metasploit_data_models/automatic_exploitation/match_result.rb +33 -5
- data/app/models/metasploit_data_models/automatic_exploitation/match_set.rb +22 -4
- data/app/models/metasploit_data_models/automatic_exploitation/run.rb +13 -3
- data/app/models/metasploit_data_models/ip_address/v4/segmented.rb +1 -1
- data/app/models/metasploit_data_models/module_run.rb +1 -1
- data/app/models/metasploit_data_models/search/visitor/where.rb +1 -1
- data/app/validators/ip_format_validator.rb +4 -0
- data/app/validators/parameters_validator.rb +12 -0
- data/app/validators/password_is_strong_validator.rb +10 -1
- data/lib/mdm/host/operating_system_normalization.rb +7 -10
- data/lib/metasploit_data_models.rb +4 -0
- data/lib/metasploit_data_models/automatic_exploitation.rb +25 -0
- data/lib/metasploit_data_models/engine.rb +2 -0
- data/lib/metasploit_data_models/serialized_prefs.rb +6 -0
- data/lib/metasploit_data_models/version.rb +1 -2
- data/metasploit_data_models.gemspec +8 -2
- data/spec/app/models/mdm/api_key_spec.rb +1 -3
- data/spec/app/models/mdm/client_spec.rb +9 -11
- data/spec/app/models/mdm/cred_spec.rb +42 -54
- data/spec/app/models/mdm/event_spec.rb +21 -23
- data/spec/app/models/mdm/exploit_attempt_spec.rb +19 -21
- data/spec/app/models/mdm/exploited_host_spec.rb +11 -13
- data/spec/app/models/mdm/host_detail_spec.rb +15 -17
- data/spec/app/models/mdm/host_spec.rb +261 -260
- data/spec/app/models/mdm/host_tag_spec.rb +6 -8
- data/spec/app/models/mdm/listener_spec.rb +30 -32
- data/spec/app/models/mdm/loot_spec.rb +21 -23
- data/spec/app/models/mdm/macro_spec.rb +1 -3
- data/spec/app/models/mdm/mod_ref_spec.rb +1 -3
- data/spec/app/models/mdm/module/action_spec.rb +10 -12
- data/spec/app/models/mdm/module/arch_spec.rb +10 -12
- data/spec/app/models/mdm/module/author_spec.rb +22 -17
- data/spec/app/models/mdm/module/detail_spec.rb +184 -75
- data/spec/app/models/mdm/module/mixin_spec.rb +10 -12
- data/spec/app/models/mdm/module/platform_spec.rb +10 -12
- data/spec/app/models/mdm/module/ref_spec.rb +10 -12
- data/spec/app/models/mdm/module/target_spec.rb +13 -15
- data/spec/app/models/mdm/nexpose_console_spec.rb +35 -37
- data/spec/app/models/mdm/note_spec.rb +23 -25
- data/spec/app/models/mdm/profile_spec.rb +1 -3
- data/spec/app/models/mdm/ref_spec.rb +10 -12
- data/spec/app/models/mdm/route_spec.rb +6 -8
- data/spec/app/models/mdm/service_spec.rb +38 -40
- data/spec/app/models/mdm/session_event_spec.rb +10 -12
- data/spec/app/models/mdm/session_spec.rb +13 -15
- data/spec/app/models/mdm/tag_spec.rb +29 -29
- data/spec/app/models/mdm/task_cred_spec.rb +9 -11
- data/spec/app/models/mdm/task_host_spec.rb +9 -11
- data/spec/app/models/mdm/task_service_spec.rb +9 -11
- data/spec/app/models/mdm/task_session_spec.rb +7 -9
- data/spec/app/models/mdm/task_spec.rb +27 -29
- data/spec/app/models/mdm/user_spec.rb +17 -19
- data/spec/app/models/mdm/vuln_attempt_spec.rb +14 -16
- data/spec/app/models/mdm/vuln_detail_spec.rb +26 -28
- data/spec/app/models/mdm/vuln_ref_spec.rb +8 -10
- data/spec/app/models/mdm/vuln_spec.rb +24 -26
- data/spec/app/models/mdm/web_form_spec.rb +11 -13
- data/spec/app/models/mdm/web_page_spec.rb +19 -21
- data/spec/app/models/mdm/web_site_spec.rb +21 -23
- data/spec/app/models/mdm/web_vuln_spec.rb +63 -65
- data/spec/app/models/mdm/wmap_request_spec.rb +1 -3
- data/spec/app/models/mdm/wmap_target_spec.rb +1 -3
- data/spec/app/models/mdm/workspace_spec.rb +97 -100
- data/spec/app/models/metasploit_data_models/automatic_exploitation/match_result_spec.rb +3 -5
- data/spec/app/models/metasploit_data_models/automatic_exploitation/match_set_spec.rb +13 -15
- data/spec/app/models/metasploit_data_models/automatic_exploitation/match_spec.rb +1 -3
- data/spec/app/models/metasploit_data_models/automatic_exploitation/run_spec.rb +1 -3
- data/spec/app/models/metasploit_data_models/ip_address/v4/cidr_spec.rb +10 -12
- data/spec/app/models/metasploit_data_models/ip_address/v4/nmap_spec.rb +4 -6
- data/spec/app/models/metasploit_data_models/ip_address/v4/range_spec.rb +21 -23
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list_spec.rb +9 -11
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range_spec.rb +21 -23
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/segmented_spec.rb +4 -6
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/single_spec.rb +22 -15
- data/spec/app/models/metasploit_data_models/ip_address/v4/single_spec.rb +4 -6
- data/spec/app/models/metasploit_data_models/module_run_spec.rb +1 -3
- data/spec/app/models/metasploit_data_models/search/operation/ip_address_spec.rb +18 -20
- data/spec/app/models/metasploit_data_models/search/operation/port/number_spec.rb +6 -8
- data/spec/app/models/metasploit_data_models/search/operation/port/range_spec.rb +8 -10
- data/spec/app/models/metasploit_data_models/search/operation/range_spec.rb +8 -10
- data/spec/app/models/metasploit_data_models/search/operator/ip_address_spec.rb +2 -4
- data/spec/app/models/metasploit_data_models/search/operator/multitext_spec.rb +8 -10
- data/spec/app/models/metasploit_data_models/search/operator/port/list_spec.rb +6 -8
- data/spec/app/models/metasploit_data_models/search/visitor/attribute_spec.rb +9 -11
- data/spec/app/models/metasploit_data_models/search/visitor/includes_spec.rb +5 -7
- data/spec/app/models/metasploit_data_models/search/visitor/joins_spec.rb +17 -19
- data/spec/app/models/metasploit_data_models/search/visitor/method_spec.rb +5 -7
- data/spec/app/models/metasploit_data_models/search/visitor/relation_spec.rb +61 -23
- data/spec/app/models/metasploit_data_models/search/visitor/where_spec.rb +8 -10
- data/spec/app/validators/parameters_validator_spec.rb +29 -29
- data/spec/app/validators/password_is_strong_validator_spec.rb +54 -46
- data/spec/lib/base64_serializer_spec.rb +19 -19
- data/spec/lib/metasploit_data_models/ip_address/cidr_spec.rb +18 -12
- data/spec/lib/metasploit_data_models/ip_address/range_spec.rb +4 -6
- data/spec/lib/metasploit_data_models/match/child_spec.rb +2 -4
- data/spec/lib/metasploit_data_models/match/parent_spec.rb +4 -6
- data/spec/lib/metasploit_data_models/version_spec.rb +3 -5
- data/spec/spec_helper.rb +72 -6
- data/spec/support/shared/examples/mdm/module/detail/does_not_support_stance_with_mtype.rb +2 -2
- data/spec/support/shared/examples/mdm/module/detail/supports_stance_with_mtype.rb +4 -4
- data/spec/support/shared/examples/metasploit_data_models/search/operation/ipaddress/match.rb +2 -2
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_children.rb +5 -5
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_metasploit_model_search_operation_base.rb +5 -5
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_equality.rb +3 -3
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_metasploit_model_search_group_base.rb +7 -6
- metadata +50 -9
- data/app/models/metasploit_data_models/automatic_exploitation.rb +0 -16
- data/lib/tasks/yard.rake +0 -33
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 69de2fe8a5805a58e1cdea1f81a91fec6f1e6c07
|
4
|
+
data.tar.gz: 72b931c04092bd416f05f315ef0195284f853e3f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 91aeed44b44b4bfddb5afa95e8f2aef188f2c32de6a37961804e6f4c15298de3aa24e3f9c9aff36f6f2a11a3cb7e60ef13889c86d3a676a8652016374c64cbcd
|
7
|
+
data.tar.gz: 81f0ee91a1eba059de5f20bd2105b35e8323999a6e0b7b8337d12c8d58546474c9387052e66649706c889e10958f22cef559ff63c88b1c2528c6b7e5280971ee
|
data/.rspec
CHANGED
@@ -1,3 +1,3 @@
|
|
1
|
-
--
|
2
|
-
--
|
3
|
-
--
|
1
|
+
--color
|
2
|
+
--format documentation
|
3
|
+
--require spec_helper
|
data/.travis.yml
CHANGED
@@ -1,3 +1,8 @@
|
|
1
|
+
addons:
|
2
|
+
postgresql: '9.3'
|
3
|
+
before_install:
|
4
|
+
# graphviz for yard-metasploit-erd
|
5
|
+
- sudo apt-get install graphviz
|
1
6
|
before_script:
|
2
7
|
- cp spec/dummy/config/database.yml.travis spec/dummy/config/database.yml
|
3
8
|
- bundle exec rake db:setup
|
@@ -5,6 +10,4 @@ cache: bundler
|
|
5
10
|
language: ruby
|
6
11
|
rvm:
|
7
12
|
- 2.1
|
8
|
-
|
9
|
-
addons:
|
10
|
-
postgresql: '9.3'
|
13
|
+
script: bundle exec rake spec yard
|
data/Gemfile
CHANGED
@@ -3,11 +3,6 @@ source "https://rubygems.org"
|
|
3
3
|
# Specify your gem's dependencies in metasploit_data_models.gemspec
|
4
4
|
gemspec
|
5
5
|
|
6
|
-
group :development do
|
7
|
-
# embed ERDs on index, namespace Module and Class<ActiveRecord::Base> pages
|
8
|
-
gem 'yard-metasploit-erd', '~> 0.0.2'
|
9
|
-
end
|
10
|
-
|
11
6
|
# used by dummy application
|
12
7
|
group :development, :test do
|
13
8
|
# Upload coverage reports to coveralls.io
|
@@ -32,11 +27,9 @@ group :test do
|
|
32
27
|
gem 'shoulda-matchers'
|
33
28
|
# code coverage of tests
|
34
29
|
gem 'simplecov', :require => false
|
35
|
-
# @todo Update specs for rspec 3.0.0 compatibility and remove this gem in favor of just rspec-rails
|
36
|
-
gem 'rspec-core', '< 3.0.0'
|
37
30
|
# need rspec-rails >= 2.12.0 as 2.12.0 adds support for redefining named subject in nested context that uses the
|
38
31
|
# named subject from the outer context without causing a stack overflow.
|
39
|
-
gem 'rspec-rails', '
|
32
|
+
gem 'rspec-rails', '~> 3.2'
|
40
33
|
# used for building markup for webpage factories
|
41
34
|
gem 'builder'
|
42
35
|
end
|
data/Rakefile
CHANGED
@@ -42,6 +42,29 @@ else
|
|
42
42
|
task :default => :spec
|
43
43
|
end
|
44
44
|
|
45
|
+
# Use find_all_by_name instead of find_by_name as find_all_by_name will return pre-release versions
|
46
|
+
gem_specification = Gem::Specification.find_all_by_name('metasploit-yard').first
|
47
|
+
|
48
|
+
if gem_specification
|
49
|
+
Dir[File.join(gem_specification.gem_dir, 'lib', 'tasks', '**', '*.rake')].each do |rake|
|
50
|
+
load rake
|
51
|
+
end
|
52
|
+
|
53
|
+
#
|
54
|
+
# Eager load before yard docs so that ActiveRecord::Base subclasses are loaded for yard-metasploit-erd
|
55
|
+
#
|
56
|
+
|
57
|
+
task 'yard:doc' => :eager_load
|
58
|
+
|
59
|
+
task eager_load: :environment do
|
60
|
+
Rails.application.eager_load!
|
61
|
+
end
|
62
|
+
else
|
63
|
+
puts "metasploit-yard not in bundle, so can't setup yard tasks. " \
|
64
|
+
"To run yard ensure to install the development group."
|
65
|
+
print_without = true
|
66
|
+
end
|
67
|
+
|
45
68
|
if print_without
|
46
69
|
puts "Bundle currently installed '--without #{Bundler.settings.without.join(' ')}'."
|
47
70
|
puts "To clear the without option do `bundle install --without ''` (the --without flag with an empty string) or " \
|
data/app/models/mdm/api_key.rb
CHANGED
@@ -1,13 +1,53 @@
|
|
1
|
+
# API key to access the RPC.
|
1
2
|
class Mdm::ApiKey < ActiveRecord::Base
|
2
3
|
#
|
3
|
-
#
|
4
|
+
# Attributes
|
5
|
+
#
|
6
|
+
|
7
|
+
# @!attribute [rw] created_at
|
8
|
+
# When this API Key was created.
|
9
|
+
#
|
10
|
+
# @return [DateTime]
|
11
|
+
|
12
|
+
# @!attribute [rw] token
|
13
|
+
# The API Key to authenicate to the RPC.
|
14
|
+
#
|
15
|
+
# @return [String]
|
16
|
+
|
17
|
+
# @!attribute [rw] updated_at
|
18
|
+
# The last time this API Key was updated.
|
19
|
+
#
|
20
|
+
# @return [DateTime]
|
21
|
+
|
22
|
+
#
|
23
|
+
#
|
24
|
+
# Validations
|
25
|
+
#
|
26
|
+
#
|
27
|
+
|
28
|
+
#
|
29
|
+
# Method Validations
|
4
30
|
#
|
5
31
|
|
6
32
|
validate :supports_api
|
33
|
+
|
34
|
+
#
|
35
|
+
# Attribute Validations
|
36
|
+
#
|
37
|
+
|
7
38
|
validates :token, :presence => true, :length => { :minimum => 8 }
|
8
39
|
|
40
|
+
#
|
41
|
+
# Instance Methods
|
42
|
+
#
|
43
|
+
|
9
44
|
protected
|
10
45
|
|
46
|
+
|
47
|
+
# Validates whether License supports API.
|
48
|
+
#
|
49
|
+
# @return [void]
|
50
|
+
# @todo MSP-2724
|
11
51
|
def supports_api
|
12
52
|
license = License.get
|
13
53
|
|
data/app/models/mdm/client.rb
CHANGED
@@ -1,10 +1,50 @@
|
|
1
|
+
# Client used for `report_client` in metasploit-framework Metasploit Modules.
|
1
2
|
class Mdm::Client < ActiveRecord::Base
|
2
3
|
#
|
3
|
-
#
|
4
|
+
# Associations
|
4
5
|
#
|
6
|
+
|
7
|
+
# {Mdm::Host} from which this client connected.
|
5
8
|
belongs_to :host,
|
6
9
|
class_name: 'Mdm::Host',
|
7
10
|
inverse_of: :clients
|
8
11
|
|
12
|
+
#
|
13
|
+
# Attributes
|
14
|
+
#
|
15
|
+
|
16
|
+
# @!attribute created_at
|
17
|
+
# When this client was created.
|
18
|
+
#
|
19
|
+
# @return [DateTime]
|
20
|
+
|
21
|
+
# @!attribute updated_at
|
22
|
+
# When this client was last updated.
|
23
|
+
#
|
24
|
+
# @return [DateTime]
|
25
|
+
|
26
|
+
#
|
27
|
+
# @!group User Agent
|
28
|
+
#
|
29
|
+
|
30
|
+
# @!attribute ua_name
|
31
|
+
# Parsed name from {#ua_string user agent string}
|
32
|
+
#
|
33
|
+
# @return [String]
|
34
|
+
|
35
|
+
# @!attribute ua_string
|
36
|
+
# Raw user agent string from client browser
|
37
|
+
#
|
38
|
+
# @return [String]
|
39
|
+
|
40
|
+
# @!attribute ua_ver
|
41
|
+
# Version of user agent.
|
42
|
+
#
|
43
|
+
# @return [String]
|
44
|
+
|
45
|
+
#
|
46
|
+
# @!endgroup
|
47
|
+
#
|
48
|
+
|
9
49
|
Metasploit::Concern.run(self)
|
10
50
|
end
|
data/app/models/mdm/cred.rb
CHANGED
@@ -1,8 +1,15 @@
|
|
1
|
+
# @deprecated Use metasploit-credential's `Metasploit::Credential::Core`.
|
2
|
+
#
|
3
|
+
# A credential captured from a {#service}.
|
1
4
|
class Mdm::Cred < ActiveRecord::Base
|
2
5
|
#
|
3
6
|
# CONSTANTS
|
4
7
|
#
|
8
|
+
|
9
|
+
# Checks if {#proof} is an SSH Key in {#ssh_key_id}.
|
5
10
|
KEY_ID_REGEX = /([0-9a-fA-F:]{47})/
|
11
|
+
|
12
|
+
# Maps {#ptype_human} to {#ptype}.
|
6
13
|
PTYPES = {
|
7
14
|
'read/write password' => 'password_rw',
|
8
15
|
'read-only password' => 'password_ro',
|
@@ -12,35 +19,93 @@ class Mdm::Cred < ActiveRecord::Base
|
|
12
19
|
}
|
13
20
|
|
14
21
|
#
|
15
|
-
# Relations
|
16
22
|
#
|
17
|
-
|
18
|
-
# @!attribute [rw] servce
|
19
|
-
# The service this cred is for
|
23
|
+
# Associations
|
20
24
|
#
|
21
|
-
#
|
25
|
+
#
|
26
|
+
|
27
|
+
# The {Mdm::Service} this Cred is for.
|
22
28
|
belongs_to :service,
|
23
29
|
class_name: 'Mdm::Service',
|
24
30
|
inverse_of: :creds
|
25
31
|
|
26
|
-
#
|
27
|
-
# Details about what Tasks touched this cred
|
28
|
-
#
|
29
|
-
# @return [Array<Mdm::TaskCred>]
|
32
|
+
# Joins {#tasks} to this Cred.
|
30
33
|
has_many :task_creds,
|
31
34
|
class_name: 'Mdm::TaskCred',
|
32
35
|
dependent: :destroy,
|
33
36
|
inverse_of: :cred
|
34
37
|
|
35
|
-
# @!attribute [rw] tasks
|
36
|
-
# Tasks that touched this service
|
37
38
|
#
|
38
|
-
#
|
39
|
+
# through: :task_creds
|
40
|
+
#
|
41
|
+
|
42
|
+
# Tasks that touched this service
|
39
43
|
has_many :tasks, :through => :task_creds
|
40
44
|
|
45
|
+
#
|
46
|
+
# Attributes
|
47
|
+
#
|
48
|
+
|
49
|
+
# @!attribute active
|
50
|
+
# Whether the credential is active.
|
51
|
+
#
|
52
|
+
# @return [false] if a captured credential cannot be used to log into {#service}.
|
53
|
+
# @return [true] otherwise
|
54
|
+
|
55
|
+
# @!attribute created_at
|
56
|
+
# When this credential was created.
|
57
|
+
#
|
58
|
+
# @return [DateTime]
|
59
|
+
|
60
|
+
# @!attribute pass
|
61
|
+
# Pass of credential.
|
62
|
+
#
|
63
|
+
# @return [String, nil]
|
64
|
+
|
65
|
+
# @!attribute proof
|
66
|
+
# Proof of credential capture.
|
67
|
+
#
|
68
|
+
# @return [String]
|
69
|
+
|
70
|
+
# @!attribute ptype
|
71
|
+
# Type of {#pass}.
|
72
|
+
#
|
73
|
+
# @return [String]
|
74
|
+
|
75
|
+
# @!attribute source_id
|
76
|
+
# Id of source of this credential.
|
77
|
+
#
|
78
|
+
# @return [Integer, nil]
|
79
|
+
|
80
|
+
# @!attribute source_type
|
81
|
+
# Type of source with {#source_id}.
|
82
|
+
#
|
83
|
+
# @return [String, nil]
|
84
|
+
|
85
|
+
# @!attribute updated_at
|
86
|
+
# The last time this credential was updated.
|
87
|
+
#
|
88
|
+
# @return [DateTime]
|
89
|
+
|
90
|
+
# @!attribute user
|
91
|
+
# User name of credential.
|
92
|
+
#
|
93
|
+
# @return [String, nil]
|
94
|
+
|
95
|
+
#
|
96
|
+
# Callbacks
|
97
|
+
#
|
98
|
+
|
41
99
|
after_create :increment_host_counter_cache
|
42
100
|
after_destroy :decrement_host_counter_cache
|
43
101
|
|
102
|
+
#
|
103
|
+
# Instance methods
|
104
|
+
#
|
105
|
+
|
106
|
+
# Humanized {#ptype}.
|
107
|
+
#
|
108
|
+
# @return [String, nil]
|
44
109
|
def ptype_human
|
45
110
|
humanized = PTYPES.select do |k, v|
|
46
111
|
v == ptype
|
@@ -49,13 +114,24 @@ class Mdm::Cred < ActiveRecord::Base
|
|
49
114
|
humanized ? humanized : ptype
|
50
115
|
end
|
51
116
|
|
52
|
-
# Returns
|
117
|
+
# Returns SSH Key ID.
|
118
|
+
#
|
119
|
+
# @return [String] SSH Key Id if ssh-type key and {#proof} matches {KEY_ID_REGEX}.
|
120
|
+
# @return [nil] otherwise
|
53
121
|
def ssh_key_id
|
54
122
|
return nil unless self.ptype =~ /^ssh_/
|
55
123
|
return nil unless self.proof =~ KEY_ID_REGEX
|
56
124
|
$1.downcase # Can't run into NilClass problems.
|
57
125
|
end
|
58
126
|
|
127
|
+
# Returns whether `other`'s SSH private key or public key matches.
|
128
|
+
#
|
129
|
+
# @return [false] if `other` is not same class as `self`.
|
130
|
+
# @return [false] if {#ptype} does not match.
|
131
|
+
# @return [false] if {#ptype} is neither `"ssh_key"` nor `"ssh_pubkey"`.
|
132
|
+
# @return [false] if {#ssh_key_id} is `nil`.
|
133
|
+
# @return [false] if {#ssh_key_id} does not match.
|
134
|
+
# @return [true] if {#ssh_key_id} matches.
|
59
135
|
def ssh_key_matches?(other_cred)
|
60
136
|
return false unless other_cred.kind_of? self.class
|
61
137
|
return false unless self.ptype == other_cred.ptype
|
@@ -70,14 +146,16 @@ class Mdm::Cred < ActiveRecord::Base
|
|
70
146
|
matches.include?(self) and matches.include?(other_cred)
|
71
147
|
end
|
72
148
|
|
73
|
-
# Returns all keys with matching key ids, including itself
|
74
|
-
#
|
149
|
+
# Returns all keys with matching key ids, including itself.
|
150
|
+
#
|
151
|
+
# @return [ActiveRecord::Relation<Mdm::Cred>] ssh_key and ssh_pubkey creds with matching {#ssh_key_id}.
|
75
152
|
def ssh_keys
|
76
153
|
(self.ssh_private_keys | self.ssh_public_keys)
|
77
154
|
end
|
78
155
|
|
79
|
-
# Returns all private keys with matching
|
80
|
-
#
|
156
|
+
# Returns all private keys with matching {#ssh_key_id}, including itself.
|
157
|
+
#
|
158
|
+
# @return [ActiveRecord::Relation<Mdm::Cred>] ssh_key creds with matching {#ssh_key_id}.
|
81
159
|
def ssh_private_keys
|
82
160
|
return [] unless self.ssh_key_id
|
83
161
|
matches = self.class.all(
|
@@ -86,8 +164,9 @@ class Mdm::Cred < ActiveRecord::Base
|
|
86
164
|
matches.select {|c| c.workspace == self.workspace}
|
87
165
|
end
|
88
166
|
|
89
|
-
# Returns all public keys with matching
|
90
|
-
#
|
167
|
+
# Returns all public keys with matching {#ssh_key_id}, including itself.
|
168
|
+
#
|
169
|
+
# @return [ActiveRecord::Relation<Mdm::Cred>] ssh_pubkey creds with matching {#ssh_key_id}.
|
91
170
|
def ssh_public_keys
|
92
171
|
return [] unless self.ssh_key_id
|
93
172
|
matches = self.class.all(
|
@@ -97,20 +176,29 @@ class Mdm::Cred < ActiveRecord::Base
|
|
97
176
|
end
|
98
177
|
|
99
178
|
# Returns its workspace
|
179
|
+
#
|
180
|
+
# @return [Mdm::Workspace]
|
100
181
|
def workspace
|
101
182
|
self.service.host.workspace
|
102
183
|
end
|
103
184
|
|
104
185
|
private
|
105
186
|
|
187
|
+
# Decrements {Mdm::Host#cred_count}.
|
188
|
+
#
|
189
|
+
# @return [void]
|
106
190
|
def decrement_host_counter_cache
|
107
191
|
Mdm::Host.decrement_counter("cred_count", self.service.host_id)
|
108
192
|
end
|
109
193
|
|
194
|
+
# Increments {Mdm::Host#cred_count}.
|
195
|
+
#
|
196
|
+
# @return [void]
|
110
197
|
def increment_host_counter_cache
|
111
198
|
Mdm::Host.increment_counter("cred_count", self.service.host_id)
|
112
199
|
end
|
113
200
|
|
201
|
+
# Switch back to public for load hooks.
|
114
202
|
public
|
115
203
|
|
116
204
|
Metasploit::Concern.run(self)
|
data/app/models/mdm/event.rb
CHANGED
@@ -1,16 +1,60 @@
|
|
1
|
+
# Records framework events to the database.
|
1
2
|
class Mdm::Event < ActiveRecord::Base
|
2
3
|
#
|
3
|
-
#
|
4
|
+
# Associations
|
4
5
|
#
|
5
6
|
|
7
|
+
# Host on which this event occurred.
|
8
|
+
#
|
9
|
+
# @return [Mdm::Host]
|
10
|
+
# @return [nil] if event did not occur on a host.
|
6
11
|
belongs_to :host,
|
7
12
|
class_name: 'Mdm::Host',
|
8
13
|
inverse_of: :events
|
9
14
|
|
15
|
+
# {Mdm::Workspace} in which this event occured. If {#host} is present, then this will match
|
16
|
+
# {Mdm::Host#workspace `host.workspace`}.
|
10
17
|
belongs_to :workspace,
|
11
18
|
class_name: 'Mdm::Workspace',
|
12
19
|
inverse_of: :events
|
13
20
|
|
21
|
+
#
|
22
|
+
# Attributes
|
23
|
+
#
|
24
|
+
|
25
|
+
# @!attribute created_at
|
26
|
+
# When this event was created.
|
27
|
+
#
|
28
|
+
# @return [DateTime]
|
29
|
+
|
30
|
+
# @!attribute critical
|
31
|
+
# Indicates if the event is critical.
|
32
|
+
#
|
33
|
+
# @return [false] event is not critical.
|
34
|
+
# @return [true] event is critical.
|
35
|
+
|
36
|
+
# @!attribute name
|
37
|
+
# Name of the event, such as 'module_run'.
|
38
|
+
#
|
39
|
+
# @return [String]
|
40
|
+
|
41
|
+
# @!attribute seen
|
42
|
+
# Whether a user has seen these events.
|
43
|
+
#
|
44
|
+
# @return [false] if the event has not been seen.
|
45
|
+
# @return [true] if any user has seen the event.
|
46
|
+
|
47
|
+
# @!attribute updated_at
|
48
|
+
# The last time this event was updated.
|
49
|
+
#
|
50
|
+
# @return [DateTime]
|
51
|
+
|
52
|
+
# @!attribute username
|
53
|
+
# Name of user that triggered the event. Not necessarily a {Mdm::User#username}, as {#username} may be set to
|
54
|
+
# the username of the user inferred from `ENV` when using metasploit-framework.
|
55
|
+
#
|
56
|
+
# @return [String]
|
57
|
+
|
14
58
|
#
|
15
59
|
# Scopes
|
16
60
|
#
|
@@ -22,6 +66,9 @@ class Mdm::Event < ActiveRecord::Base
|
|
22
66
|
# Serializations
|
23
67
|
#
|
24
68
|
|
69
|
+
# {#name}-specific information about this event.
|
70
|
+
#
|
71
|
+
# @return [Hash]
|
25
72
|
serialize :info, MetasploitDataModels::Base64Serializer.new
|
26
73
|
|
27
74
|
#
|