metasploit_data_models 1.0.0.pre.rails.pre.4.0b → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rspec +2 -2
- data/.travis.yml +6 -3
- data/CHANGELOG.md +6 -0
- data/CONTRIBUTING.md +10 -52
- data/Gemfile +4 -6
- data/RELEASING.md +88 -0
- data/Rakefile +23 -0
- data/UPGRADING.md +1 -0
- data/app/models/mdm/api_key.rb +41 -1
- data/app/models/mdm/client.rb +41 -1
- data/app/models/mdm/cred.rb +116 -28
- data/app/models/mdm/event.rb +47 -0
- data/app/models/mdm/exploit_attempt.rb +65 -16
- data/app/models/mdm/exploited_host.rb +27 -0
- data/app/models/mdm/host_detail.rb +44 -0
- data/app/models/mdm/host_tag.rb +6 -8
- data/app/models/mdm/listener.rb +52 -0
- data/app/models/mdm/macro.rb +42 -0
- data/app/models/mdm/mod_ref.rb +21 -1
- data/app/models/mdm/module/action.rb +15 -0
- data/app/models/mdm/module/arch.rb +10 -0
- data/app/models/mdm/module/author.rb +17 -1
- data/app/models/mdm/module/mixin.rb +13 -0
- data/app/models/mdm/module/platform.rb +11 -0
- data/app/models/mdm/module/target.rb +18 -0
- data/app/models/mdm/nexpose_console.rb +82 -4
- data/app/models/mdm/profile.rb +36 -0
- data/app/models/mdm/route.rb +16 -4
- data/app/models/mdm/session_event.rb +32 -0
- data/app/models/mdm/tag.rb +48 -9
- data/app/models/mdm/task.rb +85 -46
- data/app/models/mdm/task_cred.rb +29 -0
- data/app/models/mdm/task_host.rb +25 -0
- data/app/models/mdm/task_service.rb +25 -0
- data/app/models/mdm/task_session.rb +25 -0
- data/app/models/mdm/user.rb +192 -6
- data/app/models/mdm/vuln_attempt.rb +37 -12
- data/app/models/mdm/vuln_detail.rb +138 -5
- data/app/models/mdm/vuln_ref.rb +3 -0
- data/app/models/mdm/web_form.rb +34 -0
- data/app/models/mdm/web_page.rb +69 -0
- data/app/models/mdm/web_site.rb +50 -0
- data/app/models/mdm/wmap_request.rb +85 -0
- data/app/models/mdm/wmap_target.rb +40 -0
- data/app/models/mdm/workspace.rb +160 -17
- data/app/models/metasploit_data_models/automatic_exploitation/match.rb +13 -23
- data/app/models/metasploit_data_models/automatic_exploitation/match_result.rb +25 -4
- data/app/models/metasploit_data_models/automatic_exploitation/match_set.rb +15 -4
- data/app/models/metasploit_data_models/automatic_exploitation/run.rb +7 -3
- data/app/models/metasploit_data_models/ip_address/v4/segmented.rb +1 -1
- data/app/models/metasploit_data_models/module_run.rb +1 -1
- data/app/models/metasploit_data_models/search/visitor/where.rb +1 -1
- data/app/validators/ip_format_validator.rb +4 -0
- data/app/validators/parameters_validator.rb +12 -0
- data/app/validators/password_is_strong_validator.rb +10 -1
- data/lib/mdm/host/operating_system_normalization.rb +7 -10
- data/lib/metasploit_data_models.rb +4 -0
- data/lib/metasploit_data_models/automatic_exploitation.rb +25 -0
- data/lib/metasploit_data_models/engine.rb +2 -0
- data/lib/metasploit_data_models/serialized_prefs.rb +6 -0
- data/lib/metasploit_data_models/version.rb +30 -7
- data/metasploit_data_models.gemspec +9 -2
- data/spec/app/models/mdm/api_key_spec.rb +1 -3
- data/spec/app/models/mdm/client_spec.rb +9 -11
- data/spec/app/models/mdm/cred_spec.rb +42 -54
- data/spec/app/models/mdm/event_spec.rb +22 -24
- data/spec/app/models/mdm/exploit_attempt_spec.rb +19 -21
- data/spec/app/models/mdm/exploited_host_spec.rb +11 -13
- data/spec/app/models/mdm/host_detail_spec.rb +15 -17
- data/spec/app/models/mdm/host_spec.rb +262 -260
- data/spec/app/models/mdm/host_tag_spec.rb +6 -8
- data/spec/app/models/mdm/listener_spec.rb +30 -32
- data/spec/app/models/mdm/loot_spec.rb +21 -23
- data/spec/app/models/mdm/macro_spec.rb +1 -3
- data/spec/app/models/mdm/mod_ref_spec.rb +1 -3
- data/spec/app/models/mdm/module/action_spec.rb +8 -10
- data/spec/app/models/mdm/module/arch_spec.rb +8 -10
- data/spec/app/models/mdm/module/author_spec.rb +19 -14
- data/spec/app/models/mdm/module/detail_spec.rb +184 -75
- data/spec/app/models/mdm/module/mixin_spec.rb +8 -10
- data/spec/app/models/mdm/module/platform_spec.rb +8 -10
- data/spec/app/models/mdm/module/ref_spec.rb +8 -10
- data/spec/app/models/mdm/module/target_spec.rb +10 -12
- data/spec/app/models/mdm/nexpose_console_spec.rb +35 -37
- data/spec/app/models/mdm/note_spec.rb +23 -25
- data/spec/app/models/mdm/profile_spec.rb +1 -3
- data/spec/app/models/mdm/ref_spec.rb +9 -12
- data/spec/app/models/mdm/route_spec.rb +6 -8
- data/spec/app/models/mdm/service_spec.rb +38 -40
- data/spec/app/models/mdm/session_event_spec.rb +10 -12
- data/spec/app/models/mdm/session_spec.rb +13 -15
- data/spec/app/models/mdm/tag_spec.rb +29 -30
- data/spec/app/models/mdm/task_cred_spec.rb +9 -11
- data/spec/app/models/mdm/task_host_spec.rb +9 -11
- data/spec/app/models/mdm/task_service_spec.rb +9 -11
- data/spec/app/models/mdm/task_session_spec.rb +7 -9
- data/spec/app/models/mdm/task_spec.rb +27 -29
- data/spec/app/models/mdm/user_spec.rb +17 -19
- data/spec/app/models/mdm/vuln_attempt_spec.rb +14 -16
- data/spec/app/models/mdm/vuln_detail_spec.rb +26 -28
- data/spec/app/models/mdm/vuln_ref_spec.rb +8 -10
- data/spec/app/models/mdm/vuln_spec.rb +24 -26
- data/spec/app/models/mdm/web_form_spec.rb +11 -13
- data/spec/app/models/mdm/web_page_spec.rb +19 -21
- data/spec/app/models/mdm/web_site_spec.rb +21 -23
- data/spec/app/models/mdm/web_vuln_spec.rb +63 -65
- data/spec/app/models/mdm/wmap_request_spec.rb +1 -3
- data/spec/app/models/mdm/wmap_target_spec.rb +1 -3
- data/spec/app/models/mdm/workspace_spec.rb +97 -100
- data/spec/app/models/metasploit_data_models/automatic_exploitation/match_result_spec.rb +3 -5
- data/spec/app/models/metasploit_data_models/automatic_exploitation/match_set_spec.rb +13 -15
- data/spec/app/models/metasploit_data_models/automatic_exploitation/match_spec.rb +1 -3
- data/spec/app/models/metasploit_data_models/automatic_exploitation/run_spec.rb +1 -3
- data/spec/app/models/metasploit_data_models/ip_address/v4/cidr_spec.rb +10 -12
- data/spec/app/models/metasploit_data_models/ip_address/v4/nmap_spec.rb +4 -6
- data/spec/app/models/metasploit_data_models/ip_address/v4/range_spec.rb +21 -23
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list_spec.rb +9 -11
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range_spec.rb +21 -23
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/segmented_spec.rb +4 -6
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/single_spec.rb +22 -15
- data/spec/app/models/metasploit_data_models/ip_address/v4/single_spec.rb +4 -6
- data/spec/app/models/metasploit_data_models/module_run_spec.rb +1 -3
- data/spec/app/models/metasploit_data_models/search/operation/ip_address_spec.rb +18 -20
- data/spec/app/models/metasploit_data_models/search/operation/port/number_spec.rb +6 -8
- data/spec/app/models/metasploit_data_models/search/operation/port/range_spec.rb +8 -10
- data/spec/app/models/metasploit_data_models/search/operation/range_spec.rb +8 -10
- data/spec/app/models/metasploit_data_models/search/operator/ip_address_spec.rb +2 -4
- data/spec/app/models/metasploit_data_models/search/operator/multitext_spec.rb +8 -10
- data/spec/app/models/metasploit_data_models/search/operator/port/list_spec.rb +6 -8
- data/spec/app/models/metasploit_data_models/search/visitor/attribute_spec.rb +9 -11
- data/spec/app/models/metasploit_data_models/search/visitor/includes_spec.rb +5 -7
- data/spec/app/models/metasploit_data_models/search/visitor/joins_spec.rb +17 -19
- data/spec/app/models/metasploit_data_models/search/visitor/method_spec.rb +5 -7
- data/spec/app/models/metasploit_data_models/search/visitor/relation_spec.rb +61 -23
- data/spec/app/models/metasploit_data_models/search/visitor/where_spec.rb +8 -10
- data/spec/app/validators/parameters_validator_spec.rb +29 -29
- data/spec/app/validators/password_is_strong_validator_spec.rb +54 -46
- data/spec/lib/base64_serializer_spec.rb +19 -21
- data/spec/lib/ipaddr_spec.rb +1 -3
- data/spec/lib/metasploit_data_models/ip_address/cidr_spec.rb +18 -12
- data/spec/lib/metasploit_data_models/ip_address/range_spec.rb +4 -6
- data/spec/lib/metasploit_data_models/match/child_spec.rb +2 -4
- data/spec/lib/metasploit_data_models/match/parent_spec.rb +4 -6
- data/spec/lib/metasploit_data_models/version_spec.rb +3 -139
- data/spec/lib/metasploit_data_models_spec.rb +4 -0
- data/spec/spec_helper.rb +86 -12
- data/spec/support/shared/examples/mdm/module/detail/does_not_support_stance_with_mtype.rb +2 -2
- data/spec/support/shared/examples/mdm/module/detail/supports_stance_with_mtype.rb +4 -4
- data/spec/support/shared/examples/metasploit_data_models/search/operation/ipaddress/match.rb +2 -2
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_children.rb +5 -5
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_metasploit_model_search_operation_base.rb +5 -5
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_equality.rb +3 -3
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_metasploit_model_search_group_base.rb +7 -6
- metadata +74 -14
- data/app/models/metasploit_data_models/automatic_exploitation.rb +0 -16
- data/lib/tasks/yard.rake +0 -33
|
@@ -1,6 +1,4 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
describe Mdm::Workspace do
|
|
1
|
+
RSpec.describe Mdm::Workspace, type: :model do
|
|
4
2
|
subject(:workspace) do
|
|
5
3
|
FactoryGirl.build(:mdm_workspace)
|
|
6
4
|
end
|
|
@@ -14,7 +12,7 @@ describe Mdm::Workspace do
|
|
|
14
12
|
context 'factory' do
|
|
15
13
|
it 'should be valid' do
|
|
16
14
|
workspace = FactoryGirl.build(:mdm_workspace)
|
|
17
|
-
workspace.
|
|
15
|
+
expect(workspace).to be_valid
|
|
18
16
|
end
|
|
19
17
|
end
|
|
20
18
|
|
|
@@ -40,27 +38,27 @@ describe Mdm::Workspace do
|
|
|
40
38
|
end
|
|
41
39
|
|
|
42
40
|
context 'associations' do
|
|
43
|
-
it {
|
|
44
|
-
it {
|
|
45
|
-
it {
|
|
46
|
-
it {
|
|
47
|
-
it {
|
|
48
|
-
it {
|
|
49
|
-
it {
|
|
50
|
-
it {
|
|
51
|
-
it {
|
|
52
|
-
it {
|
|
53
|
-
it {
|
|
54
|
-
it {
|
|
55
|
-
it {
|
|
56
|
-
it {
|
|
41
|
+
it { is_expected.to have_many(:clients).class_name('Mdm::Client').through(:hosts) }
|
|
42
|
+
it { is_expected.to have_many(:creds).class_name('Mdm::Cred').through(:services) }
|
|
43
|
+
it { is_expected.to have_many(:events).class_name('Mdm::Event') }
|
|
44
|
+
it { is_expected.to have_many(:exploited_hosts).class_name('Mdm::ExploitedHost').through(:hosts) }
|
|
45
|
+
it { is_expected.to have_many(:hosts).class_name('Mdm::Host') }
|
|
46
|
+
it { is_expected.to have_many(:listeners).class_name('Mdm::Listener').dependent(:destroy) }
|
|
47
|
+
it { is_expected.to have_many(:loots).class_name('Mdm::Loot').through(:hosts) }
|
|
48
|
+
it { is_expected.to have_many(:notes).class_name('Mdm::Note') }
|
|
49
|
+
it { is_expected.to belong_to(:owner).class_name('Mdm::User').with_foreign_key('owner_id') }
|
|
50
|
+
it { is_expected.to have_many(:services).class_name('Mdm::Service').through(:hosts).with_foreign_key('service_id') }
|
|
51
|
+
it { is_expected.to have_many(:sessions).class_name('Mdm::Session').through(:hosts) }
|
|
52
|
+
it { is_expected.to have_many(:tasks).class_name('Mdm::Task').dependent(:destroy).order('created_at DESC') }
|
|
53
|
+
it { is_expected.to have_and_belong_to_many(:users).class_name('Mdm::User') }
|
|
54
|
+
it { is_expected.to have_many(:vulns).class_name('Mdm::Vuln').through(:hosts) }
|
|
57
55
|
end
|
|
58
56
|
|
|
59
57
|
context 'callbacks' do
|
|
60
58
|
context 'before_save' do
|
|
61
59
|
context '#normalize' do
|
|
62
60
|
it 'should be called' do
|
|
63
|
-
workspace.
|
|
61
|
+
expect(workspace).to receive(:normalize)
|
|
64
62
|
workspace.run_callbacks(:save)
|
|
65
63
|
end
|
|
66
64
|
end
|
|
@@ -68,21 +66,21 @@ describe Mdm::Workspace do
|
|
|
68
66
|
end
|
|
69
67
|
|
|
70
68
|
context 'columns' do
|
|
71
|
-
it {
|
|
72
|
-
it {
|
|
73
|
-
it {
|
|
74
|
-
it {
|
|
75
|
-
it {
|
|
69
|
+
it { is_expected.to have_db_column(:boundary).of_type(:string).with_options(:limit => 4 * (2 ** 10)) }
|
|
70
|
+
it { is_expected.to have_db_column(:description).of_type(:string).with_options(:limit => 4 * (2 ** 10)) }
|
|
71
|
+
it { is_expected.to have_db_column(:limit_to_network).of_type(:boolean).with_options(:default => false, :null => false) }
|
|
72
|
+
it { is_expected.to have_db_column(:name).of_type(:string) }
|
|
73
|
+
it { is_expected.to have_db_column(:owner_id).of_type(:integer) }
|
|
76
74
|
|
|
77
75
|
context 'timestamps' do
|
|
78
|
-
it {
|
|
79
|
-
it {
|
|
76
|
+
it { is_expected.to have_db_column(:created_at).of_type(:datetime).with_options(:null => false) }
|
|
77
|
+
it { is_expected.to have_db_column(:updated_at).of_type(:datetime).with_options(:null => false) }
|
|
80
78
|
end
|
|
81
79
|
end
|
|
82
80
|
|
|
83
81
|
context 'CONSTANTS' do
|
|
84
82
|
it 'should define the DEFAULT name' do
|
|
85
|
-
described_class::DEFAULT.
|
|
83
|
+
expect(described_class::DEFAULT).to eq(default)
|
|
86
84
|
end
|
|
87
85
|
end
|
|
88
86
|
|
|
@@ -101,8 +99,8 @@ describe Mdm::Workspace do
|
|
|
101
99
|
workspace.valid?
|
|
102
100
|
end
|
|
103
101
|
|
|
104
|
-
it 'should validate using #valid_ip_or_range?'
|
|
105
|
-
workspace.
|
|
102
|
+
it 'should validate using #valid_ip_or_range?' do
|
|
103
|
+
expect(workspace).to receive(:valid_ip_or_range?).with(boundary).and_return(false)
|
|
106
104
|
|
|
107
105
|
workspace.valid?
|
|
108
106
|
end
|
|
@@ -113,7 +111,7 @@ describe Mdm::Workspace do
|
|
|
113
111
|
end
|
|
114
112
|
|
|
115
113
|
it 'should not record an error' do
|
|
116
|
-
workspace.errors[:boundary].
|
|
114
|
+
expect(workspace.errors[:boundary]).not_to include(error)
|
|
117
115
|
end
|
|
118
116
|
end
|
|
119
117
|
|
|
@@ -123,7 +121,7 @@ describe Mdm::Workspace do
|
|
|
123
121
|
end
|
|
124
122
|
|
|
125
123
|
it 'should not record an error' do
|
|
126
|
-
workspace.errors[:boundary].
|
|
124
|
+
expect(workspace.errors[:boundary]).not_to include(error)
|
|
127
125
|
end
|
|
128
126
|
end
|
|
129
127
|
|
|
@@ -133,20 +131,20 @@ describe Mdm::Workspace do
|
|
|
133
131
|
end
|
|
134
132
|
|
|
135
133
|
it 'should record error that boundary must be a valid IP range', :pending => 'https://www.pivotaltracker.com/story/show/43171927' do
|
|
136
|
-
workspace.
|
|
137
|
-
workkspace.errors[:boundary].
|
|
134
|
+
expect(workspace).not_to be_valid
|
|
135
|
+
expect(workkspace.errors[:boundary]).to include(error)
|
|
138
136
|
end
|
|
139
137
|
end
|
|
140
138
|
end
|
|
141
139
|
|
|
142
140
|
context 'description' do
|
|
143
|
-
it {
|
|
141
|
+
it { is_expected.to ensure_length_of(:description).is_at_most(4 * (2 ** 10)) }
|
|
144
142
|
end
|
|
145
143
|
|
|
146
144
|
context 'name' do
|
|
147
|
-
it {
|
|
148
|
-
it {
|
|
149
|
-
it {
|
|
145
|
+
it { is_expected.to ensure_length_of(:name).is_at_most(2**8 - 1) }
|
|
146
|
+
it { is_expected.to validate_presence_of :name }
|
|
147
|
+
it { is_expected.to validate_uniqueness_of :name }
|
|
150
148
|
end
|
|
151
149
|
end
|
|
152
150
|
|
|
@@ -212,27 +210,25 @@ describe Mdm::Workspace do
|
|
|
212
210
|
# to_a to make query return instances
|
|
213
211
|
found_creds = workspace.creds.to_a
|
|
214
212
|
|
|
215
|
-
found_creds.length.
|
|
216
|
-
found_cred = found_creds.first
|
|
217
|
-
|
|
218
|
-
end
|
|
219
|
-
|
|
220
|
-
it 'should include hosts' do
|
|
221
|
-
found_creds = workspace.creds.to_a
|
|
213
|
+
expect(found_creds.length).to be > 0
|
|
222
214
|
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
215
|
+
expect(
|
|
216
|
+
found_creds.none? { |found_cred|
|
|
217
|
+
found_cred.service.nil?
|
|
218
|
+
}
|
|
219
|
+
).to eq(true)
|
|
226
220
|
end
|
|
227
221
|
|
|
228
222
|
it 'should return only Mdm::Creds from hosts in workspace' do
|
|
229
223
|
found_creds = workspace.creds
|
|
230
224
|
|
|
231
|
-
found_creds.length.
|
|
225
|
+
expect(found_creds.length).to eq(creds.length)
|
|
232
226
|
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
227
|
+
expect(
|
|
228
|
+
found_creds.all? { |cred|
|
|
229
|
+
cred.service.host.workspace == workspace
|
|
230
|
+
}
|
|
231
|
+
).to eq(true)
|
|
236
232
|
end
|
|
237
233
|
end
|
|
238
234
|
|
|
@@ -252,7 +248,7 @@ describe Mdm::Workspace do
|
|
|
252
248
|
workspace = described_class.default
|
|
253
249
|
}.to change(Mdm::Workspace, :count).by(0)
|
|
254
250
|
|
|
255
|
-
workspace.
|
|
251
|
+
expect(workspace).to be_default
|
|
256
252
|
end
|
|
257
253
|
end
|
|
258
254
|
|
|
@@ -264,7 +260,7 @@ describe Mdm::Workspace do
|
|
|
264
260
|
workspace = described_class.default
|
|
265
261
|
}.to change(Mdm::Workspace, :count).by(1)
|
|
266
262
|
|
|
267
|
-
workspace.
|
|
263
|
+
expect(workspace).to be_default
|
|
268
264
|
end
|
|
269
265
|
end
|
|
270
266
|
end
|
|
@@ -279,20 +275,18 @@ describe Mdm::Workspace do
|
|
|
279
275
|
workspace.name = default
|
|
280
276
|
end
|
|
281
277
|
|
|
282
|
-
it {
|
|
283
|
-
should be_true
|
|
284
|
-
}
|
|
278
|
+
it { is_expected.to eq(true) }
|
|
285
279
|
end
|
|
286
280
|
|
|
287
281
|
context 'without DEFAULT name' do
|
|
288
|
-
it {
|
|
282
|
+
it { is_expected.to eq(false) }
|
|
289
283
|
end
|
|
290
284
|
end
|
|
291
285
|
|
|
292
286
|
context '#each_cred' do
|
|
293
287
|
it 'should pass each of the #creds to the block' do
|
|
294
288
|
creds = FactoryGirl.create_list(:mdm_cred, 2)
|
|
295
|
-
workspace.
|
|
289
|
+
allow(workspace).to receive(:creds).and_return(creds)
|
|
296
290
|
|
|
297
291
|
expect { |block|
|
|
298
292
|
workspace.each_cred(&block)
|
|
@@ -303,7 +297,7 @@ describe Mdm::Workspace do
|
|
|
303
297
|
context '#each_host_tag' do
|
|
304
298
|
it 'should pass each of the #host_tags to the block' do
|
|
305
299
|
tags = FactoryGirl.create_list(:mdm_tag, 2)
|
|
306
|
-
workspace.
|
|
300
|
+
expect(workspace).to receive(:host_tags).and_return(tags)
|
|
307
301
|
|
|
308
302
|
expect { |block|
|
|
309
303
|
workspace.each_host_tag(&block)
|
|
@@ -312,6 +306,14 @@ describe Mdm::Workspace do
|
|
|
312
306
|
end
|
|
313
307
|
|
|
314
308
|
context '#host_tags' do
|
|
309
|
+
subject(:host_tags) do
|
|
310
|
+
workspace.host_tags
|
|
311
|
+
end
|
|
312
|
+
|
|
313
|
+
#
|
|
314
|
+
# lets
|
|
315
|
+
#
|
|
316
|
+
|
|
315
317
|
let(:other_tags) do
|
|
316
318
|
FactoryGirl.create_list(
|
|
317
319
|
:mdm_tag,
|
|
@@ -326,15 +328,11 @@ describe Mdm::Workspace do
|
|
|
326
328
|
)
|
|
327
329
|
end
|
|
328
330
|
|
|
329
|
-
subject(:host_tags) do
|
|
330
|
-
workspace.host_tags
|
|
331
|
-
end
|
|
332
|
-
|
|
333
331
|
#
|
|
334
332
|
# Let!s (let + before(:each))
|
|
335
333
|
#
|
|
336
334
|
|
|
337
|
-
let!(:
|
|
335
|
+
let!(:first_host_tags) do
|
|
338
336
|
host_tags = []
|
|
339
337
|
|
|
340
338
|
hosts.zip(tags) do |host, tag|
|
|
@@ -346,7 +344,7 @@ describe Mdm::Workspace do
|
|
|
346
344
|
host_tags
|
|
347
345
|
end
|
|
348
346
|
|
|
349
|
-
let!(:
|
|
347
|
+
let!(:second_host_tags) do
|
|
350
348
|
host_tags = []
|
|
351
349
|
|
|
352
350
|
other_hosts.zip(other_tags) do |host, tag|
|
|
@@ -362,24 +360,16 @@ describe Mdm::Workspace do
|
|
|
362
360
|
should be_a ActiveRecord::Relation
|
|
363
361
|
end
|
|
364
362
|
|
|
365
|
-
it 'should include hosts' do
|
|
366
|
-
found_tags = workspace.host_tags.to_a
|
|
367
|
-
|
|
368
|
-
found_tags.length.should > 0
|
|
369
|
-
|
|
370
|
-
tag = found_tags.first
|
|
371
|
-
end
|
|
372
|
-
|
|
373
363
|
it 'should return only Mdm::Tags from hosts in the workspace' do
|
|
374
|
-
|
|
364
|
+
expect(host_tags.length).to eq(tags.length)
|
|
375
365
|
|
|
376
|
-
|
|
377
|
-
|
|
378
|
-
|
|
379
|
-
|
|
380
|
-
|
|
381
|
-
|
|
382
|
-
|
|
366
|
+
expect(
|
|
367
|
+
host_tags.all? { |tag|
|
|
368
|
+
tag.hosts.any? { |host|
|
|
369
|
+
host.workspace == workspace
|
|
370
|
+
}
|
|
371
|
+
}
|
|
372
|
+
).to eq(true)
|
|
383
373
|
end
|
|
384
374
|
end
|
|
385
375
|
|
|
@@ -404,7 +394,7 @@ describe Mdm::Workspace do
|
|
|
404
394
|
it "should remove spaces" do
|
|
405
395
|
normalize
|
|
406
396
|
|
|
407
|
-
workspace.boundary.
|
|
397
|
+
expect(workspace.boundary).to eq(stripped_boundary)
|
|
408
398
|
end
|
|
409
399
|
end
|
|
410
400
|
|
|
@@ -451,11 +441,13 @@ describe Mdm::Workspace do
|
|
|
451
441
|
it 'should return only Mdm::WebPages from hosts in the workspace' do
|
|
452
442
|
found_web_forms = workspace.web_forms
|
|
453
443
|
|
|
454
|
-
found_web_forms.length.
|
|
444
|
+
expect(found_web_forms.length).to eq(web_forms.length)
|
|
455
445
|
|
|
456
|
-
|
|
457
|
-
|
|
458
|
-
|
|
446
|
+
expect(
|
|
447
|
+
found_web_forms.all? { |web_form|
|
|
448
|
+
web_form.web_site.service.host.workspace == workspace
|
|
449
|
+
}
|
|
450
|
+
).to eq(true)
|
|
459
451
|
end
|
|
460
452
|
end
|
|
461
453
|
|
|
@@ -480,15 +472,17 @@ describe Mdm::Workspace do
|
|
|
480
472
|
|
|
481
473
|
it 'should return only Mdm::WebVulns from hosts in the workspace' do
|
|
482
474
|
# there are more web sites than those in the workspace
|
|
483
|
-
Mdm::WebSite.count.
|
|
475
|
+
expect(Mdm::WebSite.count).to be > web_sites.count
|
|
484
476
|
|
|
485
477
|
found_web_sites = workspace.web_sites
|
|
486
478
|
|
|
487
|
-
found_web_sites.length.
|
|
479
|
+
expect(found_web_sites.length).to eq(web_sites.count)
|
|
488
480
|
|
|
489
|
-
|
|
490
|
-
|
|
491
|
-
|
|
481
|
+
expect(
|
|
482
|
+
found_web_sites.all? { |web_site|
|
|
483
|
+
web_site.service.host.workspace == workspace
|
|
484
|
+
}
|
|
485
|
+
).to eq(true)
|
|
492
486
|
end
|
|
493
487
|
end
|
|
494
488
|
|
|
@@ -519,16 +513,17 @@ describe Mdm::Workspace do
|
|
|
519
513
|
end
|
|
520
514
|
|
|
521
515
|
it 'should return only Mdm::WebVulns from hosts in the workspace' do
|
|
522
|
-
Mdm::WebVuln.count.
|
|
516
|
+
expect(Mdm::WebVuln.count).to be > web_vulns.length
|
|
523
517
|
|
|
524
518
|
found_web_vulns = workspace.web_vulns
|
|
525
519
|
|
|
526
|
-
found_web_vulns.length.
|
|
527
|
-
|
|
528
|
-
found_web_vulns.all? { |web_vuln|
|
|
529
|
-
web_vuln.web_site.service.host.workspace == workspace
|
|
530
|
-
}.should be_true
|
|
520
|
+
expect(found_web_vulns.length).to eq(web_vulns.length)
|
|
531
521
|
|
|
522
|
+
expect(
|
|
523
|
+
found_web_vulns.all? { |web_vuln|
|
|
524
|
+
web_vuln.web_site.service.host.workspace == workspace
|
|
525
|
+
}
|
|
526
|
+
).to eq(true)
|
|
532
527
|
end
|
|
533
528
|
end
|
|
534
529
|
|
|
@@ -549,9 +544,11 @@ describe Mdm::Workspace do
|
|
|
549
544
|
it "should reject #unique_web_forms from host addresses that aren't in addresses" do
|
|
550
545
|
web_forms = workspace.web_unique_forms([selected_address])
|
|
551
546
|
|
|
552
|
-
|
|
553
|
-
|
|
554
|
-
|
|
547
|
+
expect(
|
|
548
|
+
web_forms.all? { |web_form|
|
|
549
|
+
expect(web_form.web_site.service.host.address.to_s).to eq(selected_address)
|
|
550
|
+
}
|
|
551
|
+
).to eq(true)
|
|
555
552
|
end
|
|
556
553
|
end
|
|
557
554
|
end
|
|
@@ -1,6 +1,4 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
describe MetasploitDataModels::AutomaticExploitation::MatchResult do
|
|
1
|
+
RSpec.describe MetasploitDataModels::AutomaticExploitation::MatchResult, type: :model do
|
|
4
2
|
it_should_behave_like 'Metasploit::Concern.run'
|
|
5
3
|
|
|
6
4
|
context "database" do
|
|
@@ -11,8 +9,8 @@ describe MetasploitDataModels::AutomaticExploitation::MatchResult do
|
|
|
11
9
|
end
|
|
12
10
|
|
|
13
11
|
context 'associations' do
|
|
14
|
-
it {
|
|
15
|
-
it {
|
|
12
|
+
it { is_expected.to belong_to(:match).class_name('MetasploitDataModels::AutomaticExploitation::Match') }
|
|
13
|
+
it { is_expected.to belong_to(:run).class_name('MetasploitDataModels::AutomaticExploitation::Run') }
|
|
16
14
|
end
|
|
17
15
|
|
|
18
16
|
context 'scopes' do
|
|
@@ -1,27 +1,25 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
describe MetasploitDataModels::AutomaticExploitation::MatchSet do
|
|
1
|
+
RSpec.describe MetasploitDataModels::AutomaticExploitation::MatchSet, type: :model do
|
|
4
2
|
describe "database" do
|
|
5
3
|
describe "foreign_keys" do
|
|
6
|
-
it {
|
|
7
|
-
it {
|
|
4
|
+
it { is_expected.to have_db_column(:workspace_id).of_type(:integer) }
|
|
5
|
+
it { is_expected.to have_db_column(:user_id).of_type(:integer) }
|
|
8
6
|
end
|
|
9
7
|
|
|
10
8
|
describe "indices" do
|
|
11
|
-
it {
|
|
12
|
-
it {
|
|
9
|
+
it { is_expected.to have_db_index(:user_id) }
|
|
10
|
+
it { is_expected.to have_db_index(:workspace_id) }
|
|
13
11
|
end
|
|
14
12
|
end
|
|
15
13
|
|
|
16
14
|
describe "associations" do
|
|
17
|
-
it {
|
|
18
|
-
it {
|
|
19
|
-
it {
|
|
20
|
-
it {
|
|
21
|
-
it {
|
|
22
|
-
it {
|
|
23
|
-
it {
|
|
24
|
-
it {
|
|
15
|
+
it { is_expected.to have_many(:matches).class_name('MetasploitDataModels::AutomaticExploitation::Match') }
|
|
16
|
+
it { is_expected.to have_many(:matches).inverse_of(:match_set) }
|
|
17
|
+
it { is_expected.to have_many(:runs).class_name('MetasploitDataModels::AutomaticExploitation::Run') }
|
|
18
|
+
it { is_expected.to have_many(:runs).inverse_of(:match_set) }
|
|
19
|
+
it { is_expected.to belong_to(:user).class_name('Mdm::User') }
|
|
20
|
+
it { is_expected.to belong_to(:user).inverse_of(:automatic_exploitation_match_sets) }
|
|
21
|
+
it { is_expected.to belong_to(:workspace).class_name('Mdm::Workspace') }
|
|
22
|
+
it { is_expected.to belong_to(:workspace).inverse_of(:automatic_exploitation_match_sets) }
|
|
25
23
|
end
|
|
26
24
|
|
|
27
25
|
describe "validations" do
|