metasploit_data_models 0.24.4 → 0.24.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rspec +3 -3
- data/.travis.yml +3 -6
- data/CONTRIBUTING.md +52 -10
- data/Gemfile +8 -1
- data/Rakefile +0 -23
- data/app/models/mdm/api_key.rb +1 -41
- data/app/models/mdm/client.rb +1 -41
- data/app/models/mdm/cred.rb +19 -107
- data/app/models/mdm/event.rb +1 -48
- data/app/models/mdm/exploit_attempt.rb +16 -65
- data/app/models/mdm/exploited_host.rb +1 -28
- data/app/models/mdm/host_detail.rb +1 -45
- data/app/models/mdm/host_tag.rb +8 -6
- data/app/models/mdm/listener.rb +1 -53
- data/app/models/mdm/macro.rb +0 -42
- data/app/models/mdm/mod_ref.rb +0 -21
- data/app/models/mdm/module/action.rb +0 -15
- data/app/models/mdm/module/arch.rb +0 -10
- data/app/models/mdm/module/author.rb +0 -16
- data/app/models/mdm/module/mixin.rb +0 -13
- data/app/models/mdm/module/platform.rb +0 -11
- data/app/models/mdm/module/target.rb +0 -18
- data/app/models/mdm/nexpose_console.rb +4 -82
- data/app/models/mdm/profile.rb +0 -36
- data/app/models/mdm/route.rb +5 -17
- data/app/models/mdm/session_event.rb +1 -33
- data/app/models/mdm/tag.rb +10 -49
- data/app/models/mdm/task.rb +45 -94
- data/app/models/mdm/task_cred.rb +0 -29
- data/app/models/mdm/task_host.rb +0 -25
- data/app/models/mdm/task_service.rb +0 -25
- data/app/models/mdm/task_session.rb +0 -25
- data/app/models/mdm/user.rb +6 -188
- data/app/models/mdm/vuln_attempt.rb +12 -37
- data/app/models/mdm/vuln_detail.rb +5 -139
- data/app/models/mdm/vuln_ref.rb +1 -4
- data/app/models/mdm/web_form.rb +1 -35
- data/app/models/mdm/web_page.rb +1 -70
- data/app/models/mdm/web_site.rb +1 -51
- data/app/models/mdm/wmap_request.rb +0 -85
- data/app/models/mdm/wmap_target.rb +0 -40
- data/app/models/mdm/workspace.rb +14 -152
- data/app/models/metasploit_data_models/automatic_exploitation.rb +16 -0
- data/app/models/metasploit_data_models/automatic_exploitation/match.rb +24 -19
- data/app/models/metasploit_data_models/automatic_exploitation/match_result.rb +5 -33
- data/app/models/metasploit_data_models/automatic_exploitation/match_set.rb +4 -22
- data/app/models/metasploit_data_models/automatic_exploitation/run.rb +3 -13
- data/app/models/metasploit_data_models/ip_address/v4/segmented.rb +1 -1
- data/app/models/metasploit_data_models/module_run.rb +1 -1
- data/app/models/metasploit_data_models/search/visitor/where.rb +1 -1
- data/app/validators/ip_format_validator.rb +0 -4
- data/app/validators/parameters_validator.rb +0 -12
- data/app/validators/password_is_strong_validator.rb +1 -10
- data/lib/mdm/host/operating_system_normalization.rb +10 -7
- data/lib/metasploit_data_models.rb +0 -4
- data/lib/metasploit_data_models/engine.rb +0 -2
- data/lib/metasploit_data_models/serialized_prefs.rb +0 -6
- data/lib/metasploit_data_models/version.rb +10 -24
- data/lib/tasks/yard.rake +33 -0
- data/metasploit_data_models.gemspec +2 -9
- data/spec/app/models/mdm/api_key_spec.rb +3 -1
- data/spec/app/models/mdm/client_spec.rb +11 -9
- data/spec/app/models/mdm/cred_spec.rb +54 -42
- data/spec/app/models/mdm/event_spec.rb +23 -21
- data/spec/app/models/mdm/exploit_attempt_spec.rb +21 -19
- data/spec/app/models/mdm/exploited_host_spec.rb +13 -11
- data/spec/app/models/mdm/host_detail_spec.rb +17 -15
- data/spec/app/models/mdm/host_spec.rb +260 -261
- data/spec/app/models/mdm/host_tag_spec.rb +8 -6
- data/spec/app/models/mdm/listener_spec.rb +32 -30
- data/spec/app/models/mdm/loot_spec.rb +23 -21
- data/spec/app/models/mdm/macro_spec.rb +3 -1
- data/spec/app/models/mdm/mod_ref_spec.rb +3 -1
- data/spec/app/models/mdm/module/action_spec.rb +12 -10
- data/spec/app/models/mdm/module/arch_spec.rb +12 -10
- data/spec/app/models/mdm/module/author_spec.rb +17 -22
- data/spec/app/models/mdm/module/detail_spec.rb +75 -184
- data/spec/app/models/mdm/module/mixin_spec.rb +12 -10
- data/spec/app/models/mdm/module/platform_spec.rb +12 -10
- data/spec/app/models/mdm/module/ref_spec.rb +12 -10
- data/spec/app/models/mdm/module/target_spec.rb +15 -13
- data/spec/app/models/mdm/nexpose_console_spec.rb +37 -35
- data/spec/app/models/mdm/note_spec.rb +25 -23
- data/spec/app/models/mdm/profile_spec.rb +3 -1
- data/spec/app/models/mdm/ref_spec.rb +12 -10
- data/spec/app/models/mdm/route_spec.rb +8 -6
- data/spec/app/models/mdm/service_spec.rb +40 -38
- data/spec/app/models/mdm/session_event_spec.rb +12 -10
- data/spec/app/models/mdm/session_spec.rb +15 -13
- data/spec/app/models/mdm/tag_spec.rb +29 -29
- data/spec/app/models/mdm/task_cred_spec.rb +11 -9
- data/spec/app/models/mdm/task_host_spec.rb +11 -9
- data/spec/app/models/mdm/task_service_spec.rb +11 -9
- data/spec/app/models/mdm/task_session_spec.rb +9 -7
- data/spec/app/models/mdm/task_spec.rb +29 -27
- data/spec/app/models/mdm/user_spec.rb +19 -17
- data/spec/app/models/mdm/vuln_attempt_spec.rb +16 -14
- data/spec/app/models/mdm/vuln_detail_spec.rb +28 -26
- data/spec/app/models/mdm/vuln_ref_spec.rb +10 -8
- data/spec/app/models/mdm/vuln_spec.rb +26 -24
- data/spec/app/models/mdm/web_form_spec.rb +13 -11
- data/spec/app/models/mdm/web_page_spec.rb +21 -19
- data/spec/app/models/mdm/web_site_spec.rb +23 -21
- data/spec/app/models/mdm/web_vuln_spec.rb +65 -63
- data/spec/app/models/mdm/wmap_request_spec.rb +3 -1
- data/spec/app/models/mdm/wmap_target_spec.rb +3 -1
- data/spec/app/models/mdm/workspace_spec.rb +100 -97
- data/spec/app/models/metasploit_data_models/automatic_exploitation/match_result_spec.rb +5 -3
- data/spec/app/models/metasploit_data_models/automatic_exploitation/match_set_spec.rb +15 -13
- data/spec/app/models/metasploit_data_models/automatic_exploitation/match_spec.rb +3 -1
- data/spec/app/models/metasploit_data_models/automatic_exploitation/run_spec.rb +3 -1
- data/spec/app/models/metasploit_data_models/ip_address/v4/cidr_spec.rb +12 -10
- data/spec/app/models/metasploit_data_models/ip_address/v4/nmap_spec.rb +6 -4
- data/spec/app/models/metasploit_data_models/ip_address/v4/range_spec.rb +23 -21
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list_spec.rb +11 -9
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range_spec.rb +23 -21
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/segmented_spec.rb +6 -4
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/single_spec.rb +15 -22
- data/spec/app/models/metasploit_data_models/ip_address/v4/single_spec.rb +6 -4
- data/spec/app/models/metasploit_data_models/module_run_spec.rb +3 -1
- data/spec/app/models/metasploit_data_models/search/operation/ip_address_spec.rb +20 -18
- data/spec/app/models/metasploit_data_models/search/operation/port/number_spec.rb +8 -6
- data/spec/app/models/metasploit_data_models/search/operation/port/range_spec.rb +10 -8
- data/spec/app/models/metasploit_data_models/search/operation/range_spec.rb +10 -8
- data/spec/app/models/metasploit_data_models/search/operator/ip_address_spec.rb +4 -2
- data/spec/app/models/metasploit_data_models/search/operator/multitext_spec.rb +10 -8
- data/spec/app/models/metasploit_data_models/search/operator/port/list_spec.rb +8 -6
- data/spec/app/models/metasploit_data_models/search/visitor/attribute_spec.rb +11 -9
- data/spec/app/models/metasploit_data_models/search/visitor/includes_spec.rb +7 -5
- data/spec/app/models/metasploit_data_models/search/visitor/joins_spec.rb +19 -17
- data/spec/app/models/metasploit_data_models/search/visitor/method_spec.rb +7 -5
- data/spec/app/models/metasploit_data_models/search/visitor/relation_spec.rb +23 -61
- data/spec/app/models/metasploit_data_models/search/visitor/where_spec.rb +10 -8
- data/spec/app/validators/parameters_validator_spec.rb +29 -29
- data/spec/app/validators/password_is_strong_validator_spec.rb +46 -54
- data/spec/dummy/db/structure.sql +3403 -0
- data/spec/factories/mdm/module/details.rb +1 -1
- data/spec/lib/base64_serializer_spec.rb +19 -19
- data/spec/lib/metasploit_data_models/ip_address/cidr_spec.rb +12 -18
- data/spec/lib/metasploit_data_models/ip_address/range_spec.rb +6 -4
- data/spec/lib/metasploit_data_models/match/child_spec.rb +4 -2
- data/spec/lib/metasploit_data_models/match/parent_spec.rb +6 -4
- data/spec/lib/metasploit_data_models/version_spec.rb +141 -3
- data/spec/spec_helper.rb +12 -86
- data/spec/support/shared/examples/mdm/module/detail/does_not_support_stance_with_mtype.rb +2 -2
- data/spec/support/shared/examples/mdm/module/detail/supports_stance_with_mtype.rb +4 -4
- data/spec/support/shared/examples/metasploit_data_models/search/operation/ipaddress/match.rb +2 -2
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_children.rb +5 -5
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_metasploit_model_search_operation_base.rb +5 -5
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_equality.rb +3 -3
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_metasploit_model_search_group_base.rb +6 -7
- metadata +9 -67
- data/CHANGELOG.md +0 -6
- data/RELEASING.md +0 -88
- data/UPGRADING.md +0 -1
- data/lib/metasploit_data_models/automatic_exploitation.rb +0 -25
- data/spec/lib/metasploit_data_models_spec.rb +0 -4
@@ -1,4 +1,6 @@
|
|
1
|
-
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Mdm::Ref do
|
2
4
|
it_should_behave_like 'Metasploit::Concern.run'
|
3
5
|
|
4
6
|
context 'associations' do
|
@@ -27,23 +29,23 @@ RSpec.describe Mdm::Ref, type: :model do
|
|
27
29
|
end
|
28
30
|
|
29
31
|
# @todo https://www.pivotaltracker.com/story/show/48915453
|
30
|
-
it {
|
31
|
-
it {
|
32
|
+
it { should have_many(:vulns_refs).class_name('Mdm::VulnRef') }
|
33
|
+
it { should have_many(:vulns).class_name('Mdm::Vuln').through(:vulns_refs) }
|
32
34
|
end
|
33
35
|
|
34
36
|
context 'database' do
|
35
37
|
context 'columns' do
|
36
|
-
it {
|
37
|
-
it {
|
38
|
+
it { should have_db_column(:name).of_type(:string) }
|
39
|
+
it { should have_db_column(:ref_id).of_type(:integer) }
|
38
40
|
|
39
41
|
context 'timestamps' do
|
40
|
-
it {
|
41
|
-
it {
|
42
|
+
it { should have_db_column(:created_at).of_type(:datetime) }
|
43
|
+
it { should have_db_column(:updated_at).of_type(:datetime) }
|
42
44
|
end
|
43
45
|
end
|
44
46
|
|
45
47
|
context 'indices' do
|
46
|
-
it {
|
48
|
+
it { should have_db_index(:name) }
|
47
49
|
end
|
48
50
|
end
|
49
51
|
|
@@ -53,7 +55,7 @@ RSpec.describe Mdm::Ref, type: :model do
|
|
53
55
|
FactoryGirl.build :mdm_ref
|
54
56
|
end
|
55
57
|
|
56
|
-
it {
|
58
|
+
it { should be_valid }
|
57
59
|
end
|
58
60
|
end
|
59
61
|
|
@@ -70,6 +72,6 @@ RSpec.describe Mdm::Ref, type: :model do
|
|
70
72
|
end
|
71
73
|
|
72
74
|
context 'mass assignment security' do
|
73
|
-
it {
|
75
|
+
it { should allow_mass_assignment_of(:name) }
|
74
76
|
end
|
75
77
|
end
|
@@ -1,14 +1,16 @@
|
|
1
|
-
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Mdm::Route do
|
2
4
|
it_should_behave_like 'Metasploit::Concern.run'
|
3
5
|
|
4
6
|
context 'associations' do
|
5
|
-
it {
|
7
|
+
it { should belong_to(:session).class_name('Mdm::Session') }
|
6
8
|
end
|
7
9
|
|
8
10
|
context 'factory' do
|
9
11
|
it 'should be valid' do
|
10
12
|
route = FactoryGirl.build(:mdm_route)
|
11
|
-
|
13
|
+
route.should be_valid
|
12
14
|
end
|
13
15
|
end
|
14
16
|
|
@@ -26,9 +28,9 @@ RSpec.describe Mdm::Route, type: :model do
|
|
26
28
|
|
27
29
|
context 'database' do
|
28
30
|
context 'columns' do
|
29
|
-
it {
|
30
|
-
it {
|
31
|
-
it {
|
31
|
+
it { should have_db_column(:session_id).of_type(:integer) }
|
32
|
+
it { should have_db_column(:subnet).of_type(:string) }
|
33
|
+
it { should have_db_column(:netmask).of_type(:string) }
|
32
34
|
end
|
33
35
|
end
|
34
36
|
|
@@ -1,4 +1,6 @@
|
|
1
|
-
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Mdm::Service do
|
2
4
|
it_should_behave_like 'Metasploit::Concern.run'
|
3
5
|
|
4
6
|
context 'CONSTANTS' do
|
@@ -7,8 +9,8 @@ RSpec.describe Mdm::Service, type: :model do
|
|
7
9
|
described_class::PROTOS
|
8
10
|
}
|
9
11
|
|
10
|
-
it {
|
11
|
-
it {
|
12
|
+
it { should include 'tcp' }
|
13
|
+
it { should include 'udp' }
|
12
14
|
end
|
13
15
|
|
14
16
|
context 'STATES' do
|
@@ -16,40 +18,40 @@ RSpec.describe Mdm::Service, type: :model do
|
|
16
18
|
described_class::STATES
|
17
19
|
}
|
18
20
|
|
19
|
-
it {
|
20
|
-
it {
|
21
|
-
it {
|
22
|
-
it {
|
21
|
+
it { should include 'closed' }
|
22
|
+
it { should include 'filtered' }
|
23
|
+
it { should include 'open' }
|
24
|
+
it { should include 'unknown' }
|
23
25
|
end
|
24
26
|
end
|
25
27
|
|
26
28
|
context "Associations" do
|
27
29
|
|
28
|
-
it {
|
29
|
-
it {
|
30
|
-
it {
|
31
|
-
it {
|
32
|
-
it {
|
33
|
-
it {
|
34
|
-
it {
|
35
|
-
it {
|
36
|
-
it {
|
37
|
-
it {
|
38
|
-
it {
|
30
|
+
it { should have_many(:task_services).class_name('Mdm::TaskService').dependent(:destroy) }
|
31
|
+
it { should have_many(:tasks).class_name('Mdm::Task').through(:task_services) }
|
32
|
+
it { should have_many(:creds).class_name('Mdm::Cred').dependent(:destroy) }
|
33
|
+
it { should have_many(:exploited_hosts).class_name('Mdm::ExploitedHost').dependent(:destroy) }
|
34
|
+
it { should have_many(:notes).class_name('Mdm::Note').dependent(:destroy) }
|
35
|
+
it { should have_many(:vulns).class_name('Mdm::Vuln').dependent(:destroy) }
|
36
|
+
it { should have_many(:web_sites).class_name('Mdm::WebSite').dependent(:destroy) }
|
37
|
+
it { should have_many(:web_pages).class_name('Mdm::WebPage').through(:web_sites) }
|
38
|
+
it { should have_many(:web_forms).class_name('Mdm::WebForm').through(:web_sites) }
|
39
|
+
it { should have_many(:web_vulns).class_name('Mdm::WebVuln').through(:web_sites) }
|
40
|
+
it { should belong_to(:host).class_name('Mdm::Host') }
|
39
41
|
end
|
40
42
|
|
41
43
|
context 'scopes' do
|
42
44
|
context "inactive" do
|
43
45
|
it "should exclude open services" do
|
44
46
|
open_service = FactoryGirl.create(:mdm_service, :state => 'open')
|
45
|
-
|
47
|
+
Mdm::Service.inactive.should_not include(open_service)
|
46
48
|
end
|
47
49
|
end
|
48
50
|
|
49
51
|
context "with_state open" do
|
50
52
|
it "should exclude closed services" do
|
51
53
|
closed_service = FactoryGirl.create(:mdm_service, :state => 'closed')
|
52
|
-
|
54
|
+
Mdm::Service.with_state('open').should_not include(closed_service)
|
53
55
|
end
|
54
56
|
end
|
55
57
|
|
@@ -58,8 +60,8 @@ RSpec.describe Mdm::Service, type: :model do
|
|
58
60
|
tcp_service = FactoryGirl.create(:mdm_service, proto: 'tcp')
|
59
61
|
udp_service = FactoryGirl.create(:mdm_service, proto: 'udp')
|
60
62
|
search_results = Mdm::Service.search('tcp')
|
61
|
-
|
62
|
-
|
63
|
+
search_results.should include(tcp_service)
|
64
|
+
search_results.should_not include(udp_service)
|
63
65
|
end
|
64
66
|
end
|
65
67
|
end
|
@@ -68,7 +70,7 @@ RSpec.describe Mdm::Service, type: :model do
|
|
68
70
|
context 'after_save' do
|
69
71
|
it 'should call #normalize_host_os' do
|
70
72
|
svc = FactoryGirl.create(:mdm_service)
|
71
|
-
|
73
|
+
svc.should_receive(:normalize_host_os)
|
72
74
|
svc.run_callbacks(:save)
|
73
75
|
end
|
74
76
|
end
|
@@ -77,7 +79,7 @@ RSpec.describe Mdm::Service, type: :model do
|
|
77
79
|
context 'factory' do
|
78
80
|
it 'should be valid' do
|
79
81
|
service = FactoryGirl.build(:mdm_service)
|
80
|
-
|
82
|
+
service.should be_valid
|
81
83
|
end
|
82
84
|
end
|
83
85
|
|
@@ -96,24 +98,24 @@ RSpec.describe Mdm::Service, type: :model do
|
|
96
98
|
context 'database' do
|
97
99
|
|
98
100
|
context 'timestamps'do
|
99
|
-
it {
|
100
|
-
it {
|
101
|
+
it { should have_db_column(:created_at).of_type(:datetime) }
|
102
|
+
it { should have_db_column(:updated_at).of_type(:datetime) }
|
101
103
|
end
|
102
104
|
|
103
105
|
context 'columns' do
|
104
|
-
it {
|
105
|
-
it {
|
106
|
-
it {
|
107
|
-
it {
|
108
|
-
it {
|
109
|
-
it {
|
106
|
+
it { should have_db_column(:host_id).of_type(:integer) }
|
107
|
+
it { should have_db_column(:port).of_type(:integer).with_options(:null => false) }
|
108
|
+
it { should have_db_column(:proto).of_type(:string).with_options(:null => false) }
|
109
|
+
it { should have_db_column(:state).of_type(:string) }
|
110
|
+
it { should have_db_column(:name).of_type(:string) }
|
111
|
+
it { should have_db_column(:info).of_type(:text) }
|
110
112
|
end
|
111
113
|
|
112
114
|
context 'indices' do
|
113
|
-
it {
|
114
|
-
it {
|
115
|
-
it {
|
116
|
-
it {
|
115
|
+
it { should have_db_index(:name) }
|
116
|
+
it { should have_db_index(:port) }
|
117
|
+
it { should have_db_index(:proto) }
|
118
|
+
it { should have_db_index(:state) }
|
117
119
|
end
|
118
120
|
end
|
119
121
|
|
@@ -149,8 +151,8 @@ RSpec.describe Mdm::Service, type: :model do
|
|
149
151
|
FactoryGirl.build(:mdm_service)
|
150
152
|
}
|
151
153
|
|
152
|
-
it {
|
153
|
-
it {
|
154
|
+
it { should validate_numericality_of(:port).only_integer }
|
155
|
+
it { should ensure_inclusion_of(:proto).in_array(described_class::PROTOS) }
|
154
156
|
|
155
157
|
context 'when a duplicate service already exists' do
|
156
158
|
let(:service1) { FactoryGirl.create(:mdm_service)}
|
@@ -1,14 +1,16 @@
|
|
1
|
-
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Mdm::SessionEvent do
|
2
4
|
it_should_behave_like 'Metasploit::Concern.run'
|
3
5
|
|
4
6
|
context 'associations' do
|
5
|
-
it {
|
7
|
+
it { should belong_to(:session).class_name('Mdm::Session') }
|
6
8
|
end
|
7
9
|
|
8
10
|
context 'factory' do
|
9
11
|
it 'should be valid' do
|
10
12
|
session_event = FactoryGirl.build(:mdm_session_event)
|
11
|
-
|
13
|
+
session_event.should be_valid
|
12
14
|
end
|
13
15
|
end
|
14
16
|
|
@@ -26,16 +28,16 @@ RSpec.describe Mdm::SessionEvent, type: :model do
|
|
26
28
|
|
27
29
|
context 'database' do
|
28
30
|
context 'timestamps'do
|
29
|
-
it {
|
31
|
+
it { should have_db_column(:created_at).of_type(:datetime) }
|
30
32
|
end
|
31
33
|
|
32
34
|
context 'columns' do
|
33
|
-
it {
|
34
|
-
it {
|
35
|
-
it {
|
36
|
-
it {
|
37
|
-
it {
|
38
|
-
it {
|
35
|
+
it { should have_db_column(:session_id).of_type(:integer) }
|
36
|
+
it { should have_db_column(:etype).of_type(:string) }
|
37
|
+
it { should have_db_column(:command).of_type(:binary) }
|
38
|
+
it { should have_db_column(:output).of_type(:binary) }
|
39
|
+
it { should have_db_column(:remote_path).of_type(:string) }
|
40
|
+
it { should have_db_column(:local_path).of_type(:string) }
|
39
41
|
end
|
40
42
|
end
|
41
43
|
|
@@ -1,10 +1,12 @@
|
|
1
|
-
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Mdm::Session do
|
2
4
|
it_should_behave_like 'Metasploit::Concern.run'
|
3
5
|
|
4
6
|
context 'factory' do
|
5
7
|
it 'should be valid' do
|
6
8
|
session = FactoryGirl.build(:mdm_session)
|
7
|
-
|
9
|
+
session.should be_valid
|
8
10
|
end
|
9
11
|
end
|
10
12
|
|
@@ -59,8 +61,8 @@ RSpec.describe Mdm::Session, type: :model do
|
|
59
61
|
alive_session = FactoryGirl.create(:mdm_session)
|
60
62
|
dead_session = FactoryGirl.create(:mdm_session, :closed_at => Time.now)
|
61
63
|
alive_set = Mdm::Session.alive
|
62
|
-
|
63
|
-
|
64
|
+
alive_set.should include(alive_session)
|
65
|
+
alive_set.should_not include(dead_session)
|
64
66
|
end
|
65
67
|
end
|
66
68
|
|
@@ -69,8 +71,8 @@ RSpec.describe Mdm::Session, type: :model do
|
|
69
71
|
alive_session = FactoryGirl.create(:mdm_session)
|
70
72
|
dead_session = FactoryGirl.create(:mdm_session, :closed_at => Time.now)
|
71
73
|
dead_set = Mdm::Session.dead
|
72
|
-
|
73
|
-
|
74
|
+
dead_set.should_not include(alive_session)
|
75
|
+
dead_set.should include(dead_session)
|
74
76
|
end
|
75
77
|
end
|
76
78
|
|
@@ -80,9 +82,9 @@ RSpec.describe Mdm::Session, type: :model do
|
|
80
82
|
linux_shell = FactoryGirl.create(:mdm_session, :stype => 'shell', :platform => 'Linux')
|
81
83
|
win_meterp = FactoryGirl.create(:mdm_session, :stype => 'meterpreter', :platform => 'Windows')
|
82
84
|
upgrade_set = Mdm::Session.upgradeable
|
83
|
-
|
84
|
-
|
85
|
-
|
85
|
+
upgrade_set.should include(win_shell)
|
86
|
+
upgrade_set.should_not include(linux_shell)
|
87
|
+
upgrade_set.should_not include(win_meterp)
|
86
88
|
end
|
87
89
|
end
|
88
90
|
end
|
@@ -91,7 +93,7 @@ RSpec.describe Mdm::Session, type: :model do
|
|
91
93
|
context 'before_destroy' do
|
92
94
|
it 'should call #stop' do
|
93
95
|
mysession = FactoryGirl.create(:mdm_session)
|
94
|
-
|
96
|
+
mysession.should_receive(:stop)
|
95
97
|
mysession.destroy
|
96
98
|
end
|
97
99
|
end
|
@@ -101,17 +103,17 @@ RSpec.describe Mdm::Session, type: :model do
|
|
101
103
|
context '#upgradeable?' do
|
102
104
|
it 'should return true for windows shells' do
|
103
105
|
win_shell = FactoryGirl.create(:mdm_session, :stype => 'shell', :platform => 'Windows')
|
104
|
-
|
106
|
+
win_shell.upgradeable?.should == true
|
105
107
|
end
|
106
108
|
|
107
109
|
it 'should return false for non-windows shells' do
|
108
110
|
linux_shell = FactoryGirl.create(:mdm_session, :stype => 'shell', :platform => 'Linux')
|
109
|
-
|
111
|
+
linux_shell.upgradeable?.should == false
|
110
112
|
end
|
111
113
|
|
112
114
|
it 'should return false for Windows Meterpreter Sessions' do
|
113
115
|
win_meterp = FactoryGirl.create(:mdm_session, :stype => 'meterpreter', :platform => 'Windows')
|
114
|
-
|
116
|
+
win_meterp.upgradeable?.should == false
|
115
117
|
end
|
116
118
|
end
|
117
119
|
end
|
@@ -1,29 +1,29 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
require 'securerandom'
|
3
3
|
|
4
|
-
|
4
|
+
describe Mdm::Tag do
|
5
5
|
it_should_behave_like 'Metasploit::Concern.run'
|
6
6
|
|
7
7
|
context 'associations' do
|
8
|
-
it {
|
9
|
-
it {
|
10
|
-
it {
|
8
|
+
it { should have_many(:hosts_tags).class_name('Mdm::HostTag') }
|
9
|
+
it { should have_many(:hosts).class_name('Mdm::Host').through(:hosts_tags) }
|
10
|
+
it { should belong_to(:user).class_name('Mdm::User') }
|
11
11
|
end
|
12
12
|
|
13
13
|
context 'database' do
|
14
14
|
|
15
15
|
context 'timestamps'do
|
16
|
-
it {
|
17
|
-
it {
|
16
|
+
it { should have_db_column(:created_at).of_type(:datetime).with_options(:null => false) }
|
17
|
+
it { should have_db_column(:updated_at).of_type(:datetime).with_options(:null => false) }
|
18
18
|
end
|
19
19
|
|
20
20
|
context 'columns' do
|
21
|
-
it {
|
22
|
-
it {
|
23
|
-
it {
|
24
|
-
it {
|
25
|
-
it {
|
26
|
-
it {
|
21
|
+
it { should have_db_column(:user_id).of_type(:integer) }
|
22
|
+
it { should have_db_column(:name).of_type(:string) }
|
23
|
+
it { should have_db_column(:desc).of_type(:text) }
|
24
|
+
it { should have_db_column(:report_summary).of_type(:boolean).with_options(:null => false, :default =>false) }
|
25
|
+
it { should have_db_column(:report_detail).of_type(:boolean).with_options(:null => false, :default =>false) }
|
26
|
+
it { should have_db_column(:critical).of_type(:boolean).with_options(:null => false, :default =>false) }
|
27
27
|
end
|
28
28
|
end
|
29
29
|
|
@@ -32,37 +32,37 @@ RSpec.describe Mdm::Tag, type: :model do
|
|
32
32
|
it 'should not ba valid for a length over 8k' do
|
33
33
|
desc = SecureRandom.hex(9001) #over 9000?!
|
34
34
|
large_tag = FactoryGirl.build(:mdm_tag, :desc => desc)
|
35
|
-
|
36
|
-
|
35
|
+
large_tag.should_not be_valid
|
36
|
+
large_tag.errors[:desc].should include('desc must be less than 8k.')
|
37
37
|
end
|
38
38
|
end
|
39
39
|
|
40
40
|
context 'name' do
|
41
41
|
it 'must be present' do
|
42
42
|
nameless_tag = FactoryGirl.build(:mdm_tag, :name => nil)
|
43
|
-
|
44
|
-
|
43
|
+
nameless_tag.should_not be_valid
|
44
|
+
nameless_tag.errors[:name].should include("can't be blank")
|
45
45
|
end
|
46
46
|
|
47
47
|
it 'may only contain alphanumerics, dot, dashes, and underscores' do
|
48
48
|
mytag = FactoryGirl.build(:mdm_tag, :name => 'A.1-B_2')
|
49
|
-
|
49
|
+
mytag.should be_valid
|
50
50
|
#Test for various bad inputs we should never allow
|
51
51
|
mytag = FactoryGirl.build(:mdm_tag, :name => "A'1")
|
52
|
-
|
53
|
-
|
52
|
+
mytag.should_not be_valid
|
53
|
+
mytag.errors[:name].should include('must be alphanumeric, dots, dashes, or underscores')
|
54
54
|
mytag = FactoryGirl.build(:mdm_tag, :name => "A;1")
|
55
|
-
|
56
|
-
|
55
|
+
mytag.should_not be_valid
|
56
|
+
mytag.errors[:name].should include('must be alphanumeric, dots, dashes, or underscores')
|
57
57
|
mytag = FactoryGirl.build(:mdm_tag, :name => "A%1")
|
58
|
-
|
59
|
-
|
58
|
+
mytag.should_not be_valid
|
59
|
+
mytag.errors[:name].should include('must be alphanumeric, dots, dashes, or underscores')
|
60
60
|
mytag = FactoryGirl.build(:mdm_tag, :name => "A=1")
|
61
|
-
|
62
|
-
|
61
|
+
mytag.should_not be_valid
|
62
|
+
mytag.errors[:name].should include('must be alphanumeric, dots, dashes, or underscores')
|
63
63
|
mytag = FactoryGirl.build(:mdm_tag, :name => "#A1")
|
64
|
-
|
65
|
-
|
64
|
+
mytag.should_not be_valid
|
65
|
+
mytag.errors[:name].should include('must be alphanumeric, dots, dashes, or underscores')
|
66
66
|
end
|
67
67
|
end
|
68
68
|
end
|
@@ -71,7 +71,7 @@ RSpec.describe Mdm::Tag, type: :model do
|
|
71
71
|
context '#to_s' do
|
72
72
|
it 'should return the name of the tag as a string' do
|
73
73
|
mytag = FactoryGirl.build(:mdm_tag, :name => 'mytag')
|
74
|
-
|
74
|
+
mytag.to_s.should == 'mytag'
|
75
75
|
end
|
76
76
|
end
|
77
77
|
end
|
@@ -82,7 +82,7 @@ RSpec.describe Mdm::Tag, type: :model do
|
|
82
82
|
FactoryGirl.build(:mdm_tag)
|
83
83
|
end
|
84
84
|
|
85
|
-
it {
|
85
|
+
it { should be_valid }
|
86
86
|
end
|
87
87
|
end
|
88
88
|
|