RubyGems - metasploit_data_models - Versions diffs - 1.0.0.pre.rails.pre.4.0b → 1.0.0 - Mend

metasploit_data_models 1.0.0.pre.rails.pre.4.0b → 1.0.0

Files changed (157) hide show

checksums.yaml +4 -4
data/.rspec +2 -2
data/.travis.yml +6 -3
data/CHANGELOG.md +6 -0
data/CONTRIBUTING.md +10 -52
data/Gemfile +4 -6
data/RELEASING.md +88 -0
data/Rakefile +23 -0
data/UPGRADING.md +1 -0
data/app/models/mdm/api_key.rb +41 -1
data/app/models/mdm/client.rb +41 -1
data/app/models/mdm/cred.rb +116 -28
data/app/models/mdm/event.rb +47 -0
data/app/models/mdm/exploit_attempt.rb +65 -16
data/app/models/mdm/exploited_host.rb +27 -0
data/app/models/mdm/host_detail.rb +44 -0
data/app/models/mdm/host_tag.rb +6 -8
data/app/models/mdm/listener.rb +52 -0
data/app/models/mdm/macro.rb +42 -0
data/app/models/mdm/mod_ref.rb +21 -1
data/app/models/mdm/module/action.rb +15 -0
data/app/models/mdm/module/arch.rb +10 -0
data/app/models/mdm/module/author.rb +17 -1
data/app/models/mdm/module/mixin.rb +13 -0
data/app/models/mdm/module/platform.rb +11 -0
data/app/models/mdm/module/target.rb +18 -0
data/app/models/mdm/nexpose_console.rb +82 -4
data/app/models/mdm/profile.rb +36 -0
data/app/models/mdm/route.rb +16 -4
data/app/models/mdm/session_event.rb +32 -0
data/app/models/mdm/tag.rb +48 -9
data/app/models/mdm/task.rb +85 -46
data/app/models/mdm/task_cred.rb +29 -0
data/app/models/mdm/task_host.rb +25 -0
data/app/models/mdm/task_service.rb +25 -0
data/app/models/mdm/task_session.rb +25 -0
data/app/models/mdm/user.rb +192 -6
data/app/models/mdm/vuln_attempt.rb +37 -12
data/app/models/mdm/vuln_detail.rb +138 -5
data/app/models/mdm/vuln_ref.rb +3 -0
data/app/models/mdm/web_form.rb +34 -0
data/app/models/mdm/web_page.rb +69 -0
data/app/models/mdm/web_site.rb +50 -0
data/app/models/mdm/wmap_request.rb +85 -0
data/app/models/mdm/wmap_target.rb +40 -0
data/app/models/mdm/workspace.rb +160 -17
data/app/models/metasploit_data_models/automatic_exploitation/match.rb +13 -23
data/app/models/metasploit_data_models/automatic_exploitation/match_result.rb +25 -4
data/app/models/metasploit_data_models/automatic_exploitation/match_set.rb +15 -4
data/app/models/metasploit_data_models/automatic_exploitation/run.rb +7 -3
data/app/models/metasploit_data_models/ip_address/v4/segmented.rb +1 -1
data/app/models/metasploit_data_models/module_run.rb +1 -1
data/app/models/metasploit_data_models/search/visitor/where.rb +1 -1
data/app/validators/ip_format_validator.rb +4 -0
data/app/validators/parameters_validator.rb +12 -0
data/app/validators/password_is_strong_validator.rb +10 -1
data/lib/mdm/host/operating_system_normalization.rb +7 -10
data/lib/metasploit_data_models.rb +4 -0
data/lib/metasploit_data_models/automatic_exploitation.rb +25 -0
data/lib/metasploit_data_models/engine.rb +2 -0
data/lib/metasploit_data_models/serialized_prefs.rb +6 -0
data/lib/metasploit_data_models/version.rb +30 -7
data/metasploit_data_models.gemspec +9 -2
data/spec/app/models/mdm/api_key_spec.rb +1 -3
data/spec/app/models/mdm/client_spec.rb +9 -11
data/spec/app/models/mdm/cred_spec.rb +42 -54
data/spec/app/models/mdm/event_spec.rb +22 -24
data/spec/app/models/mdm/exploit_attempt_spec.rb +19 -21
data/spec/app/models/mdm/exploited_host_spec.rb +11 -13
data/spec/app/models/mdm/host_detail_spec.rb +15 -17
data/spec/app/models/mdm/host_spec.rb +262 -260
data/spec/app/models/mdm/host_tag_spec.rb +6 -8
data/spec/app/models/mdm/listener_spec.rb +30 -32
data/spec/app/models/mdm/loot_spec.rb +21 -23
data/spec/app/models/mdm/macro_spec.rb +1 -3
data/spec/app/models/mdm/mod_ref_spec.rb +1 -3
data/spec/app/models/mdm/module/action_spec.rb +8 -10
data/spec/app/models/mdm/module/arch_spec.rb +8 -10
data/spec/app/models/mdm/module/author_spec.rb +19 -14
data/spec/app/models/mdm/module/detail_spec.rb +184 -75
data/spec/app/models/mdm/module/mixin_spec.rb +8 -10
data/spec/app/models/mdm/module/platform_spec.rb +8 -10
data/spec/app/models/mdm/module/ref_spec.rb +8 -10
data/spec/app/models/mdm/module/target_spec.rb +10 -12
data/spec/app/models/mdm/nexpose_console_spec.rb +35 -37
data/spec/app/models/mdm/note_spec.rb +23 -25
data/spec/app/models/mdm/profile_spec.rb +1 -3
data/spec/app/models/mdm/ref_spec.rb +9 -12
data/spec/app/models/mdm/route_spec.rb +6 -8
data/spec/app/models/mdm/service_spec.rb +38 -40
data/spec/app/models/mdm/session_event_spec.rb +10 -12
data/spec/app/models/mdm/session_spec.rb +13 -15
data/spec/app/models/mdm/tag_spec.rb +29 -30
data/spec/app/models/mdm/task_cred_spec.rb +9 -11
data/spec/app/models/mdm/task_host_spec.rb +9 -11
data/spec/app/models/mdm/task_service_spec.rb +9 -11
data/spec/app/models/mdm/task_session_spec.rb +7 -9
data/spec/app/models/mdm/task_spec.rb +27 -29
data/spec/app/models/mdm/user_spec.rb +17 -19
data/spec/app/models/mdm/vuln_attempt_spec.rb +14 -16
data/spec/app/models/mdm/vuln_detail_spec.rb +26 -28
data/spec/app/models/mdm/vuln_ref_spec.rb +8 -10
data/spec/app/models/mdm/vuln_spec.rb +24 -26
data/spec/app/models/mdm/web_form_spec.rb +11 -13
data/spec/app/models/mdm/web_page_spec.rb +19 -21
data/spec/app/models/mdm/web_site_spec.rb +21 -23
data/spec/app/models/mdm/web_vuln_spec.rb +63 -65
data/spec/app/models/mdm/wmap_request_spec.rb +1 -3
data/spec/app/models/mdm/wmap_target_spec.rb +1 -3
data/spec/app/models/mdm/workspace_spec.rb +97 -100
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_result_spec.rb +3 -5
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_set_spec.rb +13 -15
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_spec.rb +1 -3
data/spec/app/models/metasploit_data_models/automatic_exploitation/run_spec.rb +1 -3
data/spec/app/models/metasploit_data_models/ip_address/v4/cidr_spec.rb +10 -12
data/spec/app/models/metasploit_data_models/ip_address/v4/nmap_spec.rb +4 -6
data/spec/app/models/metasploit_data_models/ip_address/v4/range_spec.rb +21 -23
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list_spec.rb +9 -11
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range_spec.rb +21 -23
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/segmented_spec.rb +4 -6
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/single_spec.rb +22 -15
data/spec/app/models/metasploit_data_models/ip_address/v4/single_spec.rb +4 -6
data/spec/app/models/metasploit_data_models/module_run_spec.rb +1 -3
data/spec/app/models/metasploit_data_models/search/operation/ip_address_spec.rb +18 -20
data/spec/app/models/metasploit_data_models/search/operation/port/number_spec.rb +6 -8
data/spec/app/models/metasploit_data_models/search/operation/port/range_spec.rb +8 -10
data/spec/app/models/metasploit_data_models/search/operation/range_spec.rb +8 -10
data/spec/app/models/metasploit_data_models/search/operator/ip_address_spec.rb +2 -4
data/spec/app/models/metasploit_data_models/search/operator/multitext_spec.rb +8 -10
data/spec/app/models/metasploit_data_models/search/operator/port/list_spec.rb +6 -8
data/spec/app/models/metasploit_data_models/search/visitor/attribute_spec.rb +9 -11
data/spec/app/models/metasploit_data_models/search/visitor/includes_spec.rb +5 -7
data/spec/app/models/metasploit_data_models/search/visitor/joins_spec.rb +17 -19
data/spec/app/models/metasploit_data_models/search/visitor/method_spec.rb +5 -7
data/spec/app/models/metasploit_data_models/search/visitor/relation_spec.rb +61 -23
data/spec/app/models/metasploit_data_models/search/visitor/where_spec.rb +8 -10
data/spec/app/validators/parameters_validator_spec.rb +29 -29
data/spec/app/validators/password_is_strong_validator_spec.rb +54 -46
data/spec/lib/base64_serializer_spec.rb +19 -21
data/spec/lib/ipaddr_spec.rb +1 -3
data/spec/lib/metasploit_data_models/ip_address/cidr_spec.rb +18 -12
data/spec/lib/metasploit_data_models/ip_address/range_spec.rb +4 -6
data/spec/lib/metasploit_data_models/match/child_spec.rb +2 -4
data/spec/lib/metasploit_data_models/match/parent_spec.rb +4 -6
data/spec/lib/metasploit_data_models/version_spec.rb +3 -139
data/spec/lib/metasploit_data_models_spec.rb +4 -0
data/spec/spec_helper.rb +86 -12
data/spec/support/shared/examples/mdm/module/detail/does_not_support_stance_with_mtype.rb +2 -2
data/spec/support/shared/examples/mdm/module/detail/supports_stance_with_mtype.rb +4 -4
data/spec/support/shared/examples/metasploit_data_models/search/operation/ipaddress/match.rb +2 -2
data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_children.rb +5 -5
data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_metasploit_model_search_operation_base.rb +5 -5
data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_equality.rb +3 -3
data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_metasploit_model_search_group_base.rb +7 -6
metadata +74 -14
data/app/models/metasploit_data_models/automatic_exploitation.rb +0 -16
data/lib/tasks/yard.rake +0 -33

data/app/models/mdm/event.rb CHANGED Viewed

@@ -1,17 +1,61 @@
+# Records framework events to the database.
 class Mdm::Event < ActiveRecord::Base
   #
   # Associations
   #
+  # Host on which this event occurred.
+  #
+  # @return [Mdm::Host]
+  # @return [nil] if event did not occur on a host.
   belongs_to :host,
              class_name: 'Mdm::Host',
              inverse_of: :events
+  # {Mdm::Workspace} in which this event occured.  If {#host} is present, then this will match
+  # {Mdm::Host#workspace `host.workspace`}.
   belongs_to :workspace,
              class_name: 'Mdm::Workspace',
              inverse_of: :events
+  #
+  # Attributes
+  #
+  # @!attribute created_at
+  #   When this event was created.
+  #
+  #   @return [DateTime]
+  # @!attribute critical
+  #   Indicates if the event is critical.
+  #
+  #   @return [false] event is not critical.
+  #   @return [true] event is critical.
+  # @!attribute  name
+  #   Name of the event, such as 'module_run'.
+  #
+  #   @return [String]
+  # @!attribute seen
+  #   Whether a user has seen these events.
+  #
+  #   @return [false] if the event has not been seen.
+  #   @return [true] if any user has seen the event.
+  # @!attribute  updated_at
+  #   The last time this event was updated.
+  #
+  #   @return [DateTime]
+  # @!attribute username
+  #   Name of user that triggered the event.  Not necessarily a {Mdm::User#username}, as {#username} may be set to
+  #   the username of the user inferred from `ENV` when using metasploit-framework.
+  #
+  #   @return [String]
   #
   # Scopes
   #
@@ -23,6 +67,9 @@ class Mdm::Event < ActiveRecord::Base
   # Serializations
   #
+  # {#name}-specific information about this event.
+  #
+  # @return [Hash]
   serialize :info, MetasploitDataModels::Base64Serializer.new
   #

data/app/models/mdm/exploit_attempt.rb CHANGED Viewed

@@ -1,51 +1,100 @@
+# An attempt to exploit {#host}.
 class Mdm::ExploitAttempt < ActiveRecord::Base
   #
   # Associations
   #
-  # @!attribute host
-  #   Host that was attempted to be exploited.
+  # Host that was attempted to be exploited.
   #
-  #   @return [Mdm::Host]
+  # @return [Mdm::Host]
   belongs_to :host,
              class_name: 'Mdm::Host',
              counter_cache: :exploit_attempt_count,
              inverse_of: :exploit_attempts
-  # @!attribute loot
-  #   Loot gathers from the successful exploit.
+  # Loot gathers from the successful exploit.
   #
-  #   @return [Mdm::Loot, nil]
+  # @return [Mdm::Loot, nil]
   belongs_to :loot,
              class_name: 'Mdm::Loot',
              inverse_of: :exploit_attempt
-  # @!attribute service
-  #   The service being exploited on {#host}.
+  # The service being exploited on {#host}.
   #
-  #   @return [Mdm::Service, nil]
+  # @return [Mdm::Service, nil]
   belongs_to :service,
              class_name: 'Mdm::Service',
              inverse_of: :exploit_attempts
-  # @!attribute session
-  #   The session that was established when this attempt was successful.
+  # The session that was established when this attempt was successful.
   #
-  #   @return [Mdm::Session]
-  #   @return [nil] if session was not established.
+  # @return [Mdm::Session]
+  # @return [nil] if session was not established.
   belongs_to :session,
              class_name: 'Mdm::Session',
              inverse_of: :exploit_attempt
-  # @!attribute vuln
-  #   The vulnerability that was attempted to be exploited.
+  # The vulnerability that was attempted to be exploited.
   #
-  #   @return [Mdm::Vuln, nil]
+  # @return [Mdm::Vuln, nil]
   belongs_to :vuln,
              class_name: 'Mdm::Vuln',
              inverse_of: :exploit_attempts
+  #
+  # Attributes
+  #
+  # @!attribute attempted_at
+  #   When the attempt was made.
+  #
+  #   @return [DateTime]
+  # @!attribute exploited
+  #   Whether the attempt was successful.
+  #
+  #   @return [true] attempt was successful.
+  #   @return [false] attempt was not successful.
+  # @!attribute fail_detail
+  #   A more verbose reason (compared to {#fail_reason} for the failure.
+  #
+  #   @return [String, nil]
+  # @!attribute fail_reason
+  #   Summary of why the attempt failed if {#exploited} is `false`.  For more details see {#fail_detail}.
+  #
+  #   @return [String, nil]
+  # @!attribute host_id
+  #   Foreign key to look up {#host}.
+  #
+  #   @return [Integer]
+  # @!attribute  module
+  #   The full name of the exploit module that made the attempt.
+  #
+  #   @return [String]
+  #   @todo Remove deprecated Mdm::Exploit#module (MSP-9281)
+  # @!attribute port
+  #   The port on {#host} which the exploit was attempted.
+  #
+  #   @return [Integer]
+  #   @todo Mdm::ExploitAttempt#port and Mdm::ExploitAttempt#proto are obsolete and should be removed (MSP-9284)
+  # @!attribute proto
+  #   The protocol name used on {#port}.
+  #
+  #   @return [String]
+  #   @todo Mdm::ExploitAttempt#port and Mdm::ExploitAttempt#proto are obsolete and should be removed (MSP-9284)
+  # @!attribute username
+  #   Name of user that made the attempt.  May be an {Mdm::User#name} or a system username.
+  #
+  #   @return [String]
   #
   # Validations
   #

data/app/models/mdm/exploited_host.rb CHANGED Viewed

@@ -1,15 +1,42 @@
+# @deprecated use {Mdm::ExploitAttempt} instead.
+#
+# When a {#host} or {#service} on a {#host} is exploited.
 class Mdm::ExploitedHost < ActiveRecord::Base
   #
   # Associations
   #
+  # The host that was exploited.
   belongs_to :host,
              class_name: 'Mdm::Host',
              inverse_of: :exploited_hosts
+  # The service on {#host} that was exploited.
   belongs_to :service,
              class_name: 'Mdm::Service',
              inverse_of: :exploited_hosts
+  #
+  # Attributes
+  #
+  # @!attribute name
+  #   Name of exploit.
+  #
+  #   @return [String]
+  # @!attribute payload
+  #   {Mdm::Module::Class#full_name Full name of the payload module} used to exploit the {#host} or {#service} on
+  #   {#host}.
+  #
+  #   @return [String]
+  # @!attribute session_uuid
+  #   UUID of local session.
+  #
+  #   @return [String]
+  #   @deprecated Sessions no longer have UUIDs.  They have {Mdm::Session#local_id} that reflects the in-memory
+  #     Msf::Session ID and an in-database {Mdm::Session#id}.
   Metasploit::Concern.run(self)
 end

data/app/models/mdm/host_detail.rb CHANGED Viewed

@@ -1,13 +1,57 @@
+# Details supplied by Nexpose about a {Mdm::Host host}.
 class Mdm::HostDetail < ActiveRecord::Base
   #
   # Associations
   #
+  # Host that this detail is about.
   belongs_to :host,
              class_name: 'Mdm::Host',
              counter_cache: :host_detail_count,
              inverse_of: :host_details
+  #
+  # Attributes
+  #
+  # @!attribute host_id
+  #   The foreign key used to look up {#host}.
+  #
+  #   @return [Integer]
+  # @!attribute nx_console_id
+  #   The ID of the Nexpose console.
+  #
+  #   @return [Integer]
+  # @!attribute nx_device_id
+  #   The ID of the Device in Nexpose.
+  #
+  #   @return [Integer]
+  # @!attribute nx_risk_score
+  #   Risk score assigned by Nexpose.  Useful to ordering hosts to determine which host to target first in metasploit.
+  #
+  #   @return [Float]
+  # @!attribute nx_scan_template
+  #   The template used by Nexpose to perform the scan on the {#nx_site_name site} on {#host}.
+  #
+  #   @return [String]
+  # @!attribute nx_site_importance
+  #   The importance of scanning the {#nx_site_name site} running on {#host} according to Nexpose.
+  #
+  #   @return [String]
+  # @!attribute nx_site_name
+  #   Name of site running on {#host} according to Nexpose.
+  #
+  #   @return [String]
+  # @!attribute src
+  #    @return [String]
   #
   # Validations
   #

data/app/models/mdm/host_tag.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# Join model between {Mdm::Host} and {Mdm::Tag}.
 class Mdm::HostTag < ActiveRecord::Base
   self.table_name = "hosts_tags"
@@ -5,20 +6,16 @@ class Mdm::HostTag < ActiveRecord::Base
   # Associations
   #
-  # @!attribute host
-  #   Host with {#tag}.
+  # Host with {#tag}.
   #
-  #   @todo MSP-2723
-  #   @return [Mdm::Host]
+  # @todo MSP-2723
   belongs_to :host,
              class_name: 'Mdm::Host',
              inverse_of: :hosts_tags
-  # @!attribute tag
-  #   Tag on {#host}.
+  # Tag on {#host}.
   #
-  #   @todo MSP-2723
-  #   @return [Mdm::Tag]
+  # @todo MSP-2723
   belongs_to :tag,
              class_name: 'Mdm::Tag',
              inverse_of: :hosts_tags
@@ -44,6 +41,7 @@ class Mdm::HostTag < ActiveRecord::Base
     tag.destroy_if_orphaned
   end
+  # switch back to public for load hooks
   public
   Metasploit::Concern.run(self)

data/app/models/mdm/listener.rb CHANGED Viewed

@@ -1,21 +1,73 @@
+# A listener spawned by a {#task} that is waiting for connection on {#address}:{#port}.
 class Mdm::Listener < ActiveRecord::Base
   #
   # Associations
   #
+  # Task that spawned this listener.
   belongs_to :task,
              class_name: 'Mdm::Task',
              inverse_of: :listeners
+  # Workspace which controls this listener.
   belongs_to :workspace,
              class_name: 'Mdm::Workspace',
              inverse_of: :listeners
+  #
+  # Attributes
+  #
+  # @!attribute address
+  #   The IP address to which the listener is bound.
+  #
+  #   @return [String]
+  # @!attribute created_at
+  #   When this listener was created.  Not necessarily when it started listening.
+  #
+  #   @return [DateTime]
+  # @!attribute enabled
+  #   Whether listener is listening on {#address}:{#port}.
+  #
+  #   @return [true] listener is listening.
+  #   @return [false] listener is not listening.
+  # @!attribute macro
+  #   {Mdm::Macro#name Name of macro} run when a connect is made to the listener.
+  #
+  #   @return [String]
+  # @!attribute owner
+  #   The name of the user that setup this listener.
+  #
+  #   @return [String]
+  #   @see Mdm::User#username
+  # @!attribute payload
+  #   Reference name of the payload module that is sent when a connection is made to the listener.
+  #
+  #   @return [String]
+  # @!attribute port
+  #   Port on {#address} that listener is listening.
+  #
+  #   @return [Integer]
+  # @!attribute updated_at
+  #   The last time this listener was updated.
+  #
+  #   @return [DateTime]
   #
   # Serializations
   #
+  # Options used to spawn this listener.
+  #
+  # @return [Hash]
   serialize :options, MetasploitDataModels::Base64Serializer.new
   #

data/app/models/mdm/macro.rb CHANGED Viewed

@@ -1,12 +1,54 @@
+# Macro of {#actions} to run at once.
 class Mdm::Macro < ActiveRecord::Base
   extend MetasploitDataModels::SerializedPrefs
+  #
+  # Attributes
+  #
+  # @!attribute created_at
+  #   When this macro was created.
+  #
+  #   @return [DateTime]
+  # @!attribute description
+  #   Long description of what the macro does.
+  #
+  #   @return [String]
+  # @!attribute  name
+  #   The name of this macro.
+  #
+  #   @return [String]
+  # @!attribute owner
+  #   {Mdm::User#username Name of user} that owns this macro.
+  #
+  #   @return [String]
+  # @!attribute updated_at
+  #   When this macro was last updated.
+  #
+  #   @return [DateTime]
   #
   # Serialization
   #
+  # Actions run by this macro.
+  #
+  # @return [Array<Hash{Symbol=>Object}>] Array of action hashes.  Each action hash is have key :module with value
+  #   of an {Mdm::Module::Detail#fullname} and and key :options with value of options used to the run the module.
   serialize :actions, MetasploitDataModels::Base64Serializer.new
+  # Preference for this macro, shared across all actions.
+  #
+  # @return [Hash]
   serialize :prefs, MetasploitDataModels::Base64Serializer.new
+  # The maximum number of seconds that this macro is allowed to run.
+  #
+  # @return [Integer]
   serialized_prefs_attr_accessor :max_time
   #