metasploit_data_models 0.24.4 → 0.24.5

data/app/models/metasploit_data_models/automatic_exploitation/match.rb

@@ -1,37 +1,42 @@
-# Matches {#matchable} {Mdm::Service} or {Mdm::Vuln} to a {#module_detail Metasploit Module} that can exploit it.
 class MetasploitDataModels::AutomaticExploitation::Match < ActiveRecord::Base
+  attr_accessible :match_set_id, :module_fullname
+
+
   #
   # Associations
   #
 
-  # A (polymorphic) "matchable" entity like a {Mdm::Vuln} or {Mdm::Service}
+  # @!attribute matchable
+  #   A (polymorphic) "matchable" entity like a {Mdm::Vuln} or {Mdm::Service}
   #
-  # @return [Mdm::Service, Mdm::Vuln]
+  #   @return [Mdm::Vuln, Mdm::Service]
   belongs_to :matchable, polymorphic: true
+  attr_accessible :matchable
 
-  # The {MatchSet} this match is part of
-  has_many :match_results,
-           class_name: 'MetasploitDataModels::AutomaticExploitation::MatchResult',
-           inverse_of: :match
-
-  # The {MatchSet} this match is part of
-  belongs_to :match_set,
-             class_name: 'MetasploitDataModels::AutomaticExploitation::MatchSet',
-             inverse_of: :matches
-
-  # The Metasploit Module that this match connects to
+  # @!attribute module_detail
+  #   The MSF module that this match connects to
+  #
+  #   @return [Mdm::Module::Detail]
   belongs_to :module_detail,
              class_name: 'Mdm::Module::Detail',
              foreign_key: :module_fullname,
              primary_key: :fullname
 
+  # @!attribute match_set
+  #   The {MatchSet} this match is part of
   #
-  # Mass Assignment Security
-  #
+  #   @return [MetasploitDataModels::AutomaticExploitation::MatchResult]
+  has_many :match_results,
+             class_name: 'MetasploitDataModels::AutomaticExploitation::MatchResult',
+             inverse_of: :match
 
-  attr_accessible :match_set_id
-  attr_accessible :matchable
-  attr_accessible :module_fullname
+  # @!attribute match_set
+  #   The {MatchSet} this match is part of
+  #
+  #   @return [MetasploitDataModels::AutomaticExploitation::MatchSet]
+  belongs_to :match_set,
+             class_name: 'MetasploitDataModels::AutomaticExploitation::MatchSet',
+             inverse_of: :matches
 
   Metasploit::Concern.run(self)
 end

data/app/models/metasploit_data_models/automatic_exploitation/match_result.rb

@@ -1,52 +1,28 @@
-# The result of {#run running} a {#match}.
 class MetasploitDataModels::AutomaticExploitation::MatchResult < ActiveRecord::Base
-  #
-  # CONSTANTS
-  #
+  attr_accessible :match_id, :run_id, :state
 
   # Running associated exploit did NOT create a session
   FAILED = "failed"
   # Running associated exploit created a session
   SUCCEEDED = "succeeded"
 
-  # Valid values for {#state}
   VALID_STATES = [FAILED, SUCCEEDED]
 
   #
-  # Associations
+  # ASSOCIATIONS
   #
 
-  # A {MetasploitDataModels::AutomaticExploitation::Match#module_detail Metasploit Module} matched to
-  # {MetasploitDataModels::AutomaticExploitation::Match#matchable Mdm::Host or Mdm::Service}.
   belongs_to :match,
              class_name: 'MetasploitDataModels::AutomaticExploitation::Match',
              inverse_of: :match_results,
              dependent: :destroy
 
-  # A mass automatic exploitation run.
   belongs_to :run,
              inverse_of: :match_results,
              class_name: 'MetasploitDataModels::AutomaticExploitation::Run'
 
   #
-  # Attributes
-  #
-
-  # @!attribute state
-  #   Whether the {#run} of {#match} succeeded.
-  #
-  #   @return ['failed', 'succeeded']
-
-  #
-  # Mass Assignment Security
-  #
-
-  attr_accessible :match_id
-  attr_accessible :run_id
-  attr_accessible :state
-
-  #
-  # Validations
+  # VALIDATIONS
   #
 
   # must be present and one of allowable values
@@ -55,14 +31,10 @@ class MetasploitDataModels::AutomaticExploitation::MatchResult < ActiveRecord::B
             inclusion: VALID_STATES
 
   #
-  # Scopes
+  # SCOPES
   #
-
-  # Runs of {#match} that failed
-  scope :failed, lambda { where(state:"failed") }
-
-  # Runs of {#match} that succeeded
   scope :succeeded, lambda { where(state:"succeeded") }
+  scope :failed, lambda { where(state:"failed") }
 
   # Runs of {#match} by workspace ID
   scope :by_workspace, lambda { |workspace_id|

data/app/models/metasploit_data_models/automatic_exploitation/match_set.rb

@@ -1,41 +1,23 @@
-# A set of {#matches automatic exploitation matches}.
 class MetasploitDataModels::AutomaticExploitation::MatchSet < ActiveRecord::Base
-  #
-  # Associations
-  #
+  attr_accessible :user_id, :workspace_id, :minimum_rank
 
-  # Runs of this set of {#matches}.
   has_many :runs,
            class_name: "MetasploitDataModels::AutomaticExploitation::Run",
            inverse_of: :match_set
 
-  # Matches in this set.
   has_many :matches,
            class_name: "MetasploitDataModels::AutomaticExploitation::Match",
            inverse_of: :match_set,
            dependent: :destroy
 
-  # User that created this match set.
-  belongs_to :user,
-             inverse_of: :automatic_exploitation_match_sets,
-             class_name: "Mdm::User"
-
-  # Workspace in which this match set exists.
   belongs_to :workspace,
              inverse_of: :automatic_exploitation_match_sets,
              class_name: "Mdm::Workspace"
 
-  #
-  # Mass Assignment Security
-  #
-
-  attr_accessible :minimum_rank
-  attr_accessible :user_id
-  attr_accessible :workspace_id
+  belongs_to :user,
+             inverse_of: :automatic_exploitation_match_sets,
+             class_name: "Mdm::User"
 
-  #
-  # Validations
-  #
 
   validates :user,
             presence: true

data/app/models/metasploit_data_models/automatic_exploitation/run.rb

@@ -1,37 +1,27 @@
-# Runs a {#match_set set of matches} to produce {#match_results results}.
 class MetasploitDataModels::AutomaticExploitation::Run < ActiveRecord::Base
+  attr_accessible :user_id, :workspace_id, :match_set_id
+
   #
-  # Associations
+  # ASSOCIATIONS
   #
-
-  # Results of each match in {#match_set}.
   has_many :match_results,
            class_name:'MetasploitDataModels::AutomaticExploitation::MatchResult',
            inverse_of: :run,
            dependent: :destroy
 
-  # Set of matches to run
   belongs_to :match_set,
              class_name: 'MetasploitDataModels::AutomaticExploitation::MatchSet',
              inverse_of: :runs
 
-  # User that initiated this run.
   belongs_to :user,
              class_name: "Mdm::User",
              inverse_of: :automatic_exploitation_runs
 
-  # Workspace in which this run was performed.
   belongs_to :workspace,
              class_name: "Mdm::Workspace",
              inverse_of: :automatic_exploitation_runs
 
-  #
-  # Mass Assignment Security
-  #
 
-  attr_accessible :match_set_id
-  attr_accessible :user_id
-  attr_accessible :workspace_id
 
   Metasploit::Concern.run(self)
 end

data/app/models/metasploit_data_models/ip_address/v4/segmented.rb

@@ -67,7 +67,7 @@ class MetasploitDataModels::IPAddress::V4::Segmented < Metasploit::Model::Base
   #
   # @return [Regexp]
   def self.regexp
-    unless instance_variable_defined? :@regexp
+    unless @regexp
       separated_segment_count = SEGMENT_COUNT - 1
 
       @regexp = %r{

data/app/models/metasploit_data_models/module_run.rb

@@ -34,7 +34,7 @@ class MetasploitDataModels::ModuleRun < ActiveRecord::Base
   #   @return [String]
 
   # @!attribute [rw] fail_reason
-  #   One of the values of the constants in `Msf::Module::Failure`
+  #   One of the values of the constants in {Msf::Module::Failure}
   #   @return [String]
 
   # @!attribute [rw] module_name

data/app/models/metasploit_data_models/search/visitor/where.rb

@@ -32,7 +32,7 @@ class MetasploitDataModels::Search::Visitor::Where
     }
   end
 
-  visit(*EQUALITY_OPERATION_CLASS_NAMES) do |operation|
+  visit *EQUALITY_OPERATION_CLASS_NAMES do |operation|
     attribute = attribute_visitor.visit operation.operator
 
     attribute.eq(operation.value)

data/app/validators/ip_format_validator.rb

@@ -1,10 +1,6 @@
 require "ipaddr"
 
-# Validates that attribute is a valid IPv4 or IPv6 address.
 class IpFormatValidator < ActiveModel::EachValidator
-  # Validates that `attribute`'s `value` on `object` is a valid IPv4 or IPv6 address.
-  #
-  # @return [void]
   def validate_each(object, attribute, value)
     error_message_block = lambda{ object.errors[attribute] << " must be a valid IPv4 or IPv6 address" }
     begin

data/app/validators/parameters_validator.rb

@@ -1,21 +1,9 @@
 # Validates that attribute's value is Array<Array(String, String)> which is the only valid type signature for serialized
 # parameters.
 class ParametersValidator < ActiveModel::EachValidator
-  #
-  # CONSTANTS
-  #
-
   # Sentence explaining the valid type signature for parameters.
   TYPE_SIGNATURE_SENTENCE = 'Valid parameters are an Array<Array(String, String)>.'
 
-  #
-  # Instance Methods
-  #
-
-  # Validates that `attribute`'s `value` on `record` is `Array<Array(String, String)>` which is the only valid type
-  # signature for serialized parameters.
-  #
-  # @return [void]
   def validate_each(record, attribute, value)
     if value.is_a? Array
       value.each_with_index do |element, index|

data/app/validators/password_is_strong_validator.rb

@@ -1,21 +1,12 @@
-# Validates that
 class PasswordIsStrongValidator < ActiveModel::EachValidator
-  #
-  # CONSTANTS
-  #
-
-  # Known passwords that should NOT be allowed and should be considered weak.
   COMMON_PASSWORDS = %w{
       password pass root admin metasploit
       msf 123456 qwerty abc123 letmein monkey link182 demo
       changeme test1234 rapid7
     }
 
-  # Special characters that are considered to strength passwords and are required once in a strong password.
   SPECIAL_CHARS = %q{!@"#$%&'()*+,-./:;<=>?[\\]^_`{|}~ }
 
-  # Validates that the `attribute`'s `value` on `record` contains letters, numbers, and at least one special character
-  # without containing the `record.username`, any {COMMON_PASSWORDS} or repetition.
   def validate_each(record, attribute, value)
     return if value.blank?
 
@@ -43,7 +34,7 @@ class PasswordIsStrongValidator < ActiveModel::EachValidator
   end
 
   def contains_username?(username, password)
-    !!(password =~ /#{username}/i)
+    password =~ /#{username}/i
   end
 
   def is_common_password?(password)

data/lib/mdm/host/operating_system_normalization.rb

@@ -185,6 +185,15 @@ module Mdm::Host::OperatingSystemNormalization
     # Merge and normalize the best match to the host object
     apply_match_to_host(match) if match
 
+    # Handle cases where the flavor contains the base name (legacy parsing, etc)
+    # TODO: Remove this once we are sure it is no longer needed
+    if host.os_name && host.os_flavor && host.os_flavor.index(host.os_name)
+      dlog("Host #{host.address} has os_flavor that contains os_name")
+      dlog("os_flavor: #{host.os_flavor}")
+      dlog("os_name: #{host.os_name}")
+      host.os_flavor = host.os_flavor.gsub(host.os_name, '').strip
+    end
+
     # Set some sane defaults if needed
     host.os_name ||= 'Unknown'
     host.purpose ||= 'device'
@@ -192,10 +201,6 @@ module Mdm::Host::OperatingSystemNormalization
     host.save if host.changed?
   end
 
-  # Recog matches for the `s` service.
-  #
-  # @param s [Mdm::Service]
-  # @return [Array<Hash>] Keys will be host, service, and os attributes
   def recog_matches_for_service(s)
     #
     # We assume that the service.info field contains certain types of probe
@@ -237,9 +242,6 @@ module Mdm::Host::OperatingSystemNormalization
     matches
   end
 
-  # Recog matches for the fingerprint in `note`.
-  #
-  # @return [Array<Hash>] Keys will be host, service, and os attributes
   def recog_matches_for_note(note)
     # Skip notes that are missing the correct structure or have been blacklisted
     return [] if not validate_fingerprint_data(note)
@@ -300,6 +302,7 @@ module Mdm::Host::OperatingSystemNormalization
       # name collision seems silly.
       return false
     else
+      dlog("Could not validate fingerprint data: #{fp.inspect}")
       return false
     end
   end

data/lib/metasploit_data_models.rb

@@ -25,7 +25,6 @@ require 'metasploit_data_models/version'
 
 autoload :Mdm, 'mdm'
 
-# Core database models for metasploit-framework.
 module MetasploitDataModels
   extend ActiveSupport::Autoload
 
@@ -38,9 +37,6 @@ module MetasploitDataModels
   autoload :Search
   autoload :SerializedPrefs
 
-  # The root directory of `metasploit_data_models` gem in both development and gem installs.
-  #
-  # @return [Pathname]
   def self.root
     unless instance_variable_defined? :@root
       lib_pathname = Pathname.new(__FILE__).dirname

data/lib/metasploit_data_models/engine.rb

@@ -1,7 +1,5 @@
 require 'rails'
 
-# `Rails::Engine` that exposes MetasploitDataModel's `ActiveRecord::Base` subclasses and automatically loads its
-# `FactoryGirl` factories, sequences, and traits.
 class MetasploitDataModels::Engine < Rails::Engine
   # @see http://viget.com/extend/rails-engine-testing-with-rspec-capybara-and-factorygirl
   config.generators do |g|

data/lib/metasploit_data_models/serialized_prefs.rb

@@ -1,10 +1,4 @@
-# Allows attributes to be extracted and written to key of serialized `Hash` `prefs`.
 module MetasploitDataModels::SerializedPrefs
-  # Setup each arg in `args` as the name of an attribute embedded in the `prefs` `Hash`.  Defines `#<arg>` and
-  # `#<arg>=(value)` methods like standard `attr_accessor`.
-  #
-  # @param args [Array<Symbol>] The names of the attributes to store in the `prefs` `Hash`.
-  # @return [void]
   def serialized_prefs_attr_accessor(*args)
     args.each do |method_name|
 

data/lib/metasploit_data_models/version.rb

@@ -1,29 +1,18 @@
 module MetasploitDataModels
   # Holds components of {VERSION} as defined by {http://semver.org/spec/v2.0.0.html semantic versioning v2.0.0}.
   module Version
-    #
-    # CONSTANTS
-    #
-
     # The major version number.
     MAJOR = 0
     # The minor version number, scoped to the {MAJOR} version number.
     MINOR = 24
-    # The patch version number, scoped to the {MAJOR} and {MINOR} version numbers.
-    PATCH = 4
-
-    #
-    # Module Methods
-    #
+    # The patch number, scoped to the {MAJOR} and {MINOR} version numbers.
+    PATCH = 5
 
-    # The full version string, including the {MetasploitDataModels::Version::MAJOR},
-    # {MetasploitDataModels::Version::MINOR}, {MetasploitDataModels::Version::PATCH}, and optionally, the
-    # `MetasploitDataModels::Version::PRERELEASE` in the
+    # The full version string, including the {MAJOR}, {MINOR}, {PATCH}, and optionally, the `PRERELEASE` in the
     # {http://semver.org/spec/v2.0.0.html semantic versioning v2.0.0} format.
     #
-    # @return [String] '{MetasploitDataModels::Version::MAJOR}.{MetasploitDataModels::Version::MINOR}.{MetasploitDataModels::Version::PATCH}'
-    #   on master. '{MetasploitDataModels::Version::MAJOR}.{MetasploitDataModels::Version::MINOR}.{MetasploitDataModels::Version::PATCH}-PRERELEASE'
-    #   on any branch other than master.
+    # @return [String] '{MAJOR}.{MINOR}.{PATCH}' on master.  '{MAJOR}.{MINOR}.{PATCH}-PRERELEASE' on any branch
+    #   other than master.
     def self.full
       version = "#{MAJOR}.#{MINOR}.#{PATCH}"
 
@@ -34,22 +23,19 @@ module MetasploitDataModels
       version
     end
 
-    # The full gem version string, including the {MetasploitDataModels::Version::MAJOR},
-    # {MetasploitDataModels::Version::MINOR}, {MetasploitDataModels::Version::PATCH}, and optionally, the
-    # `MetasploitDataModels::Version::PRERELEASE` in the
+    # The full gem version string, including the {MAJOR}, {MINOR}, {PATCH}, and optionally, the {PRERELEASE} in the
     # {http://guides.rubygems.org/specification-reference/#version RubyGems versioning} format.
     #
-    # @return [String] '{MetasploitDataModels::Version::MAJOR}.{MetasploitDataModels::Version::MINOR}.{MetasploitDataModels::Version::PATCH}'
-    #   on master.  '{MetasploitDataModels::Version::MAJOR}.{MetasploitDataModels::Version::MINOR}.{MetasploitDataModels::Version::PATCH}.PRERELEASE'
-    #   on any branch other than master.
+    # @return [String] '{MAJOR}.{MINOR}.{PATCH}' on master.  '{MAJOR}.{MINOR}.{PATCH}.{PRERELEASE}' on any branch
+    #   other than master.
     def self.gem
       full.gsub('-', '.pre.')
     end
   end
 
-  # (see Version.gem)
+  # @see Version.gem
   GEM_VERSION = Version.gem
 
-  # (see Version.full)
+  # @see Version.full
   VERSION = Version.full
 end