metasploit_data_models 1.0.0.pre.rails.pre.4.0b → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rspec +2 -2
- data/.travis.yml +6 -3
- data/CHANGELOG.md +6 -0
- data/CONTRIBUTING.md +10 -52
- data/Gemfile +4 -6
- data/RELEASING.md +88 -0
- data/Rakefile +23 -0
- data/UPGRADING.md +1 -0
- data/app/models/mdm/api_key.rb +41 -1
- data/app/models/mdm/client.rb +41 -1
- data/app/models/mdm/cred.rb +116 -28
- data/app/models/mdm/event.rb +47 -0
- data/app/models/mdm/exploit_attempt.rb +65 -16
- data/app/models/mdm/exploited_host.rb +27 -0
- data/app/models/mdm/host_detail.rb +44 -0
- data/app/models/mdm/host_tag.rb +6 -8
- data/app/models/mdm/listener.rb +52 -0
- data/app/models/mdm/macro.rb +42 -0
- data/app/models/mdm/mod_ref.rb +21 -1
- data/app/models/mdm/module/action.rb +15 -0
- data/app/models/mdm/module/arch.rb +10 -0
- data/app/models/mdm/module/author.rb +17 -1
- data/app/models/mdm/module/mixin.rb +13 -0
- data/app/models/mdm/module/platform.rb +11 -0
- data/app/models/mdm/module/target.rb +18 -0
- data/app/models/mdm/nexpose_console.rb +82 -4
- data/app/models/mdm/profile.rb +36 -0
- data/app/models/mdm/route.rb +16 -4
- data/app/models/mdm/session_event.rb +32 -0
- data/app/models/mdm/tag.rb +48 -9
- data/app/models/mdm/task.rb +85 -46
- data/app/models/mdm/task_cred.rb +29 -0
- data/app/models/mdm/task_host.rb +25 -0
- data/app/models/mdm/task_service.rb +25 -0
- data/app/models/mdm/task_session.rb +25 -0
- data/app/models/mdm/user.rb +192 -6
- data/app/models/mdm/vuln_attempt.rb +37 -12
- data/app/models/mdm/vuln_detail.rb +138 -5
- data/app/models/mdm/vuln_ref.rb +3 -0
- data/app/models/mdm/web_form.rb +34 -0
- data/app/models/mdm/web_page.rb +69 -0
- data/app/models/mdm/web_site.rb +50 -0
- data/app/models/mdm/wmap_request.rb +85 -0
- data/app/models/mdm/wmap_target.rb +40 -0
- data/app/models/mdm/workspace.rb +160 -17
- data/app/models/metasploit_data_models/automatic_exploitation/match.rb +13 -23
- data/app/models/metasploit_data_models/automatic_exploitation/match_result.rb +25 -4
- data/app/models/metasploit_data_models/automatic_exploitation/match_set.rb +15 -4
- data/app/models/metasploit_data_models/automatic_exploitation/run.rb +7 -3
- data/app/models/metasploit_data_models/ip_address/v4/segmented.rb +1 -1
- data/app/models/metasploit_data_models/module_run.rb +1 -1
- data/app/models/metasploit_data_models/search/visitor/where.rb +1 -1
- data/app/validators/ip_format_validator.rb +4 -0
- data/app/validators/parameters_validator.rb +12 -0
- data/app/validators/password_is_strong_validator.rb +10 -1
- data/lib/mdm/host/operating_system_normalization.rb +7 -10
- data/lib/metasploit_data_models.rb +4 -0
- data/lib/metasploit_data_models/automatic_exploitation.rb +25 -0
- data/lib/metasploit_data_models/engine.rb +2 -0
- data/lib/metasploit_data_models/serialized_prefs.rb +6 -0
- data/lib/metasploit_data_models/version.rb +30 -7
- data/metasploit_data_models.gemspec +9 -2
- data/spec/app/models/mdm/api_key_spec.rb +1 -3
- data/spec/app/models/mdm/client_spec.rb +9 -11
- data/spec/app/models/mdm/cred_spec.rb +42 -54
- data/spec/app/models/mdm/event_spec.rb +22 -24
- data/spec/app/models/mdm/exploit_attempt_spec.rb +19 -21
- data/spec/app/models/mdm/exploited_host_spec.rb +11 -13
- data/spec/app/models/mdm/host_detail_spec.rb +15 -17
- data/spec/app/models/mdm/host_spec.rb +262 -260
- data/spec/app/models/mdm/host_tag_spec.rb +6 -8
- data/spec/app/models/mdm/listener_spec.rb +30 -32
- data/spec/app/models/mdm/loot_spec.rb +21 -23
- data/spec/app/models/mdm/macro_spec.rb +1 -3
- data/spec/app/models/mdm/mod_ref_spec.rb +1 -3
- data/spec/app/models/mdm/module/action_spec.rb +8 -10
- data/spec/app/models/mdm/module/arch_spec.rb +8 -10
- data/spec/app/models/mdm/module/author_spec.rb +19 -14
- data/spec/app/models/mdm/module/detail_spec.rb +184 -75
- data/spec/app/models/mdm/module/mixin_spec.rb +8 -10
- data/spec/app/models/mdm/module/platform_spec.rb +8 -10
- data/spec/app/models/mdm/module/ref_spec.rb +8 -10
- data/spec/app/models/mdm/module/target_spec.rb +10 -12
- data/spec/app/models/mdm/nexpose_console_spec.rb +35 -37
- data/spec/app/models/mdm/note_spec.rb +23 -25
- data/spec/app/models/mdm/profile_spec.rb +1 -3
- data/spec/app/models/mdm/ref_spec.rb +9 -12
- data/spec/app/models/mdm/route_spec.rb +6 -8
- data/spec/app/models/mdm/service_spec.rb +38 -40
- data/spec/app/models/mdm/session_event_spec.rb +10 -12
- data/spec/app/models/mdm/session_spec.rb +13 -15
- data/spec/app/models/mdm/tag_spec.rb +29 -30
- data/spec/app/models/mdm/task_cred_spec.rb +9 -11
- data/spec/app/models/mdm/task_host_spec.rb +9 -11
- data/spec/app/models/mdm/task_service_spec.rb +9 -11
- data/spec/app/models/mdm/task_session_spec.rb +7 -9
- data/spec/app/models/mdm/task_spec.rb +27 -29
- data/spec/app/models/mdm/user_spec.rb +17 -19
- data/spec/app/models/mdm/vuln_attempt_spec.rb +14 -16
- data/spec/app/models/mdm/vuln_detail_spec.rb +26 -28
- data/spec/app/models/mdm/vuln_ref_spec.rb +8 -10
- data/spec/app/models/mdm/vuln_spec.rb +24 -26
- data/spec/app/models/mdm/web_form_spec.rb +11 -13
- data/spec/app/models/mdm/web_page_spec.rb +19 -21
- data/spec/app/models/mdm/web_site_spec.rb +21 -23
- data/spec/app/models/mdm/web_vuln_spec.rb +63 -65
- data/spec/app/models/mdm/wmap_request_spec.rb +1 -3
- data/spec/app/models/mdm/wmap_target_spec.rb +1 -3
- data/spec/app/models/mdm/workspace_spec.rb +97 -100
- data/spec/app/models/metasploit_data_models/automatic_exploitation/match_result_spec.rb +3 -5
- data/spec/app/models/metasploit_data_models/automatic_exploitation/match_set_spec.rb +13 -15
- data/spec/app/models/metasploit_data_models/automatic_exploitation/match_spec.rb +1 -3
- data/spec/app/models/metasploit_data_models/automatic_exploitation/run_spec.rb +1 -3
- data/spec/app/models/metasploit_data_models/ip_address/v4/cidr_spec.rb +10 -12
- data/spec/app/models/metasploit_data_models/ip_address/v4/nmap_spec.rb +4 -6
- data/spec/app/models/metasploit_data_models/ip_address/v4/range_spec.rb +21 -23
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list_spec.rb +9 -11
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range_spec.rb +21 -23
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/segmented_spec.rb +4 -6
- data/spec/app/models/metasploit_data_models/ip_address/v4/segment/single_spec.rb +22 -15
- data/spec/app/models/metasploit_data_models/ip_address/v4/single_spec.rb +4 -6
- data/spec/app/models/metasploit_data_models/module_run_spec.rb +1 -3
- data/spec/app/models/metasploit_data_models/search/operation/ip_address_spec.rb +18 -20
- data/spec/app/models/metasploit_data_models/search/operation/port/number_spec.rb +6 -8
- data/spec/app/models/metasploit_data_models/search/operation/port/range_spec.rb +8 -10
- data/spec/app/models/metasploit_data_models/search/operation/range_spec.rb +8 -10
- data/spec/app/models/metasploit_data_models/search/operator/ip_address_spec.rb +2 -4
- data/spec/app/models/metasploit_data_models/search/operator/multitext_spec.rb +8 -10
- data/spec/app/models/metasploit_data_models/search/operator/port/list_spec.rb +6 -8
- data/spec/app/models/metasploit_data_models/search/visitor/attribute_spec.rb +9 -11
- data/spec/app/models/metasploit_data_models/search/visitor/includes_spec.rb +5 -7
- data/spec/app/models/metasploit_data_models/search/visitor/joins_spec.rb +17 -19
- data/spec/app/models/metasploit_data_models/search/visitor/method_spec.rb +5 -7
- data/spec/app/models/metasploit_data_models/search/visitor/relation_spec.rb +61 -23
- data/spec/app/models/metasploit_data_models/search/visitor/where_spec.rb +8 -10
- data/spec/app/validators/parameters_validator_spec.rb +29 -29
- data/spec/app/validators/password_is_strong_validator_spec.rb +54 -46
- data/spec/lib/base64_serializer_spec.rb +19 -21
- data/spec/lib/ipaddr_spec.rb +1 -3
- data/spec/lib/metasploit_data_models/ip_address/cidr_spec.rb +18 -12
- data/spec/lib/metasploit_data_models/ip_address/range_spec.rb +4 -6
- data/spec/lib/metasploit_data_models/match/child_spec.rb +2 -4
- data/spec/lib/metasploit_data_models/match/parent_spec.rb +4 -6
- data/spec/lib/metasploit_data_models/version_spec.rb +3 -139
- data/spec/lib/metasploit_data_models_spec.rb +4 -0
- data/spec/spec_helper.rb +86 -12
- data/spec/support/shared/examples/mdm/module/detail/does_not_support_stance_with_mtype.rb +2 -2
- data/spec/support/shared/examples/mdm/module/detail/supports_stance_with_mtype.rb +4 -4
- data/spec/support/shared/examples/metasploit_data_models/search/operation/ipaddress/match.rb +2 -2
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_children.rb +5 -5
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_metasploit_model_search_operation_base.rb +5 -5
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_equality.rb +3 -3
- data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_metasploit_model_search_group_base.rb +7 -6
- metadata +74 -14
- data/app/models/metasploit_data_models/automatic_exploitation.rb +0 -16
- data/lib/tasks/yard.rake +0 -33
|
@@ -1,27 +1,44 @@
|
|
|
1
|
+
# The result of {#run running} a {#match}.
|
|
1
2
|
class MetasploitDataModels::AutomaticExploitation::MatchResult < ActiveRecord::Base
|
|
3
|
+
#
|
|
4
|
+
# CONSTANTS
|
|
5
|
+
#
|
|
2
6
|
|
|
3
7
|
# Running associated exploit did NOT create a session
|
|
4
8
|
FAILED = "failed"
|
|
5
9
|
# Running associated exploit created a session
|
|
6
10
|
SUCCEEDED = "succeeded"
|
|
7
11
|
|
|
12
|
+
# Valid values for {#state}
|
|
8
13
|
VALID_STATES = [FAILED, SUCCEEDED]
|
|
9
14
|
|
|
10
15
|
#
|
|
11
|
-
#
|
|
16
|
+
# Associations
|
|
12
17
|
#
|
|
13
18
|
|
|
19
|
+
# A {MetasploitDataModels::AutomaticExploitation::Match#module_detail Metasploit Module} matched to
|
|
20
|
+
# {MetasploitDataModels::AutomaticExploitation::Match#matchable Mdm::Host or Mdm::Service}.
|
|
14
21
|
belongs_to :match,
|
|
15
22
|
class_name: 'MetasploitDataModels::AutomaticExploitation::Match',
|
|
16
23
|
inverse_of: :match_results,
|
|
17
24
|
dependent: :destroy
|
|
18
25
|
|
|
26
|
+
# A mass automatic exploitation run.
|
|
19
27
|
belongs_to :run,
|
|
20
28
|
inverse_of: :match_results,
|
|
21
29
|
class_name: 'MetasploitDataModels::AutomaticExploitation::Run'
|
|
22
30
|
|
|
23
31
|
#
|
|
24
|
-
#
|
|
32
|
+
# Attributes
|
|
33
|
+
#
|
|
34
|
+
|
|
35
|
+
# @!attribute state
|
|
36
|
+
# Whether the {#run} of {#match} succeeded.
|
|
37
|
+
#
|
|
38
|
+
# @return ['failed', 'succeeded']
|
|
39
|
+
|
|
40
|
+
#
|
|
41
|
+
# Validations
|
|
25
42
|
#
|
|
26
43
|
|
|
27
44
|
# must be present and one of allowable values
|
|
@@ -30,10 +47,14 @@ class MetasploitDataModels::AutomaticExploitation::MatchResult < ActiveRecord::B
|
|
|
30
47
|
inclusion: VALID_STATES
|
|
31
48
|
|
|
32
49
|
#
|
|
33
|
-
#
|
|
50
|
+
# Scopes
|
|
34
51
|
#
|
|
35
|
-
|
|
52
|
+
|
|
53
|
+
# Runs of {#match} that failed
|
|
36
54
|
scope :failed, lambda { where(state:"failed") }
|
|
37
55
|
|
|
56
|
+
# Runs of {#match} that succeeded
|
|
57
|
+
scope :succeeded, lambda { where(state:"succeeded") }
|
|
58
|
+
|
|
38
59
|
Metasploit::Concern.run(self)
|
|
39
60
|
end
|
|
@@ -1,22 +1,33 @@
|
|
|
1
|
+
# A set of {#matches automatic exploitation matches}.
|
|
1
2
|
class MetasploitDataModels::AutomaticExploitation::MatchSet < ActiveRecord::Base
|
|
3
|
+
#
|
|
4
|
+
# Associations
|
|
5
|
+
#
|
|
2
6
|
|
|
7
|
+
# Runs of this set of {#matches}.
|
|
3
8
|
has_many :runs,
|
|
4
9
|
class_name: "MetasploitDataModels::AutomaticExploitation::Run",
|
|
5
10
|
inverse_of: :match_set
|
|
6
11
|
|
|
12
|
+
# Matches in this set.
|
|
7
13
|
has_many :matches,
|
|
8
14
|
class_name: "MetasploitDataModels::AutomaticExploitation::Match",
|
|
9
15
|
inverse_of: :match_set,
|
|
10
16
|
dependent: :destroy
|
|
11
17
|
|
|
12
|
-
|
|
13
|
-
inverse_of: :automatic_exploitation_match_sets,
|
|
14
|
-
class_name: "Mdm::Workspace"
|
|
15
|
-
|
|
18
|
+
# User that created this match set.
|
|
16
19
|
belongs_to :user,
|
|
17
20
|
inverse_of: :automatic_exploitation_match_sets,
|
|
18
21
|
class_name: "Mdm::User"
|
|
19
22
|
|
|
23
|
+
# Workspace in which this match set exists.
|
|
24
|
+
belongs_to :workspace,
|
|
25
|
+
inverse_of: :automatic_exploitation_match_sets,
|
|
26
|
+
class_name: "Mdm::Workspace"
|
|
27
|
+
|
|
28
|
+
#
|
|
29
|
+
# Validations
|
|
30
|
+
#
|
|
20
31
|
|
|
21
32
|
validates :user,
|
|
22
33
|
presence: true
|
|
@@ -1,25 +1,29 @@
|
|
|
1
|
+
# Runs a {#match_set set of matches} to produce {#match_results results}.
|
|
1
2
|
class MetasploitDataModels::AutomaticExploitation::Run < ActiveRecord::Base
|
|
2
3
|
#
|
|
3
|
-
#
|
|
4
|
+
# Associations
|
|
4
5
|
#
|
|
6
|
+
|
|
7
|
+
# Results of each match in {#match_set}.
|
|
5
8
|
has_many :match_results,
|
|
6
9
|
class_name:'MetasploitDataModels::AutomaticExploitation::MatchResult',
|
|
7
10
|
inverse_of: :run,
|
|
8
11
|
dependent: :destroy
|
|
9
12
|
|
|
13
|
+
# Set of matches to run
|
|
10
14
|
belongs_to :match_set,
|
|
11
15
|
class_name: 'MetasploitDataModels::AutomaticExploitation::MatchSet',
|
|
12
16
|
inverse_of: :runs
|
|
13
17
|
|
|
18
|
+
# User that initiated this run.
|
|
14
19
|
belongs_to :user,
|
|
15
20
|
class_name: "Mdm::User",
|
|
16
21
|
inverse_of: :automatic_exploitation_runs
|
|
17
22
|
|
|
23
|
+
# Workspace in which this run was performed.
|
|
18
24
|
belongs_to :workspace,
|
|
19
25
|
class_name: "Mdm::Workspace",
|
|
20
26
|
inverse_of: :automatic_exploitation_runs
|
|
21
27
|
|
|
22
|
-
|
|
23
|
-
|
|
24
28
|
Metasploit::Concern.run(self)
|
|
25
29
|
end
|
|
@@ -34,7 +34,7 @@ class MetasploitDataModels::ModuleRun < ActiveRecord::Base
|
|
|
34
34
|
# @return [String]
|
|
35
35
|
|
|
36
36
|
# @!attribute [rw] fail_reason
|
|
37
|
-
# One of the values of the constants in
|
|
37
|
+
# One of the values of the constants in `Msf::Module::Failure`
|
|
38
38
|
# @return [String]
|
|
39
39
|
|
|
40
40
|
# @!attribute [rw] module_name
|
|
@@ -32,7 +32,7 @@ class MetasploitDataModels::Search::Visitor::Where
|
|
|
32
32
|
}
|
|
33
33
|
end
|
|
34
34
|
|
|
35
|
-
visit
|
|
35
|
+
visit(*EQUALITY_OPERATION_CLASS_NAMES) do |operation|
|
|
36
36
|
attribute = attribute_visitor.visit operation.operator
|
|
37
37
|
|
|
38
38
|
attribute.eq(operation.value)
|
|
@@ -1,6 +1,10 @@
|
|
|
1
1
|
require "ipaddr"
|
|
2
2
|
|
|
3
|
+
# Validates that attribute is a valid IPv4 or IPv6 address.
|
|
3
4
|
class IpFormatValidator < ActiveModel::EachValidator
|
|
5
|
+
# Validates that `attribute`'s `value` on `object` is a valid IPv4 or IPv6 address.
|
|
6
|
+
#
|
|
7
|
+
# @return [void]
|
|
4
8
|
def validate_each(object, attribute, value)
|
|
5
9
|
error_message_block = lambda{ object.errors[attribute] << " must be a valid IPv4 or IPv6 address" }
|
|
6
10
|
begin
|
|
@@ -1,9 +1,21 @@
|
|
|
1
1
|
# Validates that attribute's value is Array<Array(String, String)> which is the only valid type signature for serialized
|
|
2
2
|
# parameters.
|
|
3
3
|
class ParametersValidator < ActiveModel::EachValidator
|
|
4
|
+
#
|
|
5
|
+
# CONSTANTS
|
|
6
|
+
#
|
|
7
|
+
|
|
4
8
|
# Sentence explaining the valid type signature for parameters.
|
|
5
9
|
TYPE_SIGNATURE_SENTENCE = 'Valid parameters are an Array<Array(String, String)>.'
|
|
6
10
|
|
|
11
|
+
#
|
|
12
|
+
# Instance Methods
|
|
13
|
+
#
|
|
14
|
+
|
|
15
|
+
# Validates that `attribute`'s `value` on `record` is `Array<Array(String, String)>` which is the only valid type
|
|
16
|
+
# signature for serialized parameters.
|
|
17
|
+
#
|
|
18
|
+
# @return [void]
|
|
7
19
|
def validate_each(record, attribute, value)
|
|
8
20
|
if value.is_a? Array
|
|
9
21
|
value.each_with_index do |element, index|
|
|
@@ -1,12 +1,21 @@
|
|
|
1
|
+
# Validates that
|
|
1
2
|
class PasswordIsStrongValidator < ActiveModel::EachValidator
|
|
3
|
+
#
|
|
4
|
+
# CONSTANTS
|
|
5
|
+
#
|
|
6
|
+
|
|
7
|
+
# Known passwords that should NOT be allowed and should be considered weak.
|
|
2
8
|
COMMON_PASSWORDS = %w{
|
|
3
9
|
password pass root admin metasploit
|
|
4
10
|
msf 123456 qwerty abc123 letmein monkey link182 demo
|
|
5
11
|
changeme test1234 rapid7
|
|
6
12
|
}
|
|
7
13
|
|
|
14
|
+
# Special characters that are considered to strength passwords and are required once in a strong password.
|
|
8
15
|
SPECIAL_CHARS = %q{!@"#$%&'()*+,-./:;<=>?[\\]^_`{|}~ }
|
|
9
16
|
|
|
17
|
+
# Validates that the `attribute`'s `value` on `record` contains letters, numbers, and at least one special character
|
|
18
|
+
# without containing the `record.username`, any {COMMON_PASSWORDS} or repetition.
|
|
10
19
|
def validate_each(record, attribute, value)
|
|
11
20
|
return if value.blank?
|
|
12
21
|
|
|
@@ -34,7 +43,7 @@ class PasswordIsStrongValidator < ActiveModel::EachValidator
|
|
|
34
43
|
end
|
|
35
44
|
|
|
36
45
|
def contains_username?(username, password)
|
|
37
|
-
password =~ /#{username}/i
|
|
46
|
+
!!(password =~ /#{username}/i)
|
|
38
47
|
end
|
|
39
48
|
|
|
40
49
|
def is_common_password?(password)
|
|
@@ -185,15 +185,6 @@ module Mdm::Host::OperatingSystemNormalization
|
|
|
185
185
|
# Merge and normalize the best match to the host object
|
|
186
186
|
apply_match_to_host(match) if match
|
|
187
187
|
|
|
188
|
-
# Handle cases where the flavor contains the base name (legacy parsing, etc)
|
|
189
|
-
# TODO: Remove this once we are sure it is no longer needed
|
|
190
|
-
if host.os_name && host.os_flavor && host.os_flavor.index(host.os_name)
|
|
191
|
-
dlog("Host #{host.address.to_s} has os_flavor that contains os_name")
|
|
192
|
-
dlog("os_flavor: #{host.os_flavor}")
|
|
193
|
-
dlog("os_name: #{host.os_name}")
|
|
194
|
-
host.os_flavor = host.os_flavor.gsub(host.os_name, '').strip
|
|
195
|
-
end
|
|
196
|
-
|
|
197
188
|
# Set some sane defaults if needed
|
|
198
189
|
host.os_name ||= 'Unknown'
|
|
199
190
|
host.purpose ||= 'device'
|
|
@@ -201,6 +192,10 @@ module Mdm::Host::OperatingSystemNormalization
|
|
|
201
192
|
host.save if host.changed?
|
|
202
193
|
end
|
|
203
194
|
|
|
195
|
+
# Recog matches for the `s` service.
|
|
196
|
+
#
|
|
197
|
+
# @param s [Mdm::Service]
|
|
198
|
+
# @return [Array<Hash>] Keys will be host, service, and os attributes
|
|
204
199
|
def recog_matches_for_service(s)
|
|
205
200
|
#
|
|
206
201
|
# We assume that the service.info field contains certain types of probe
|
|
@@ -242,6 +237,9 @@ module Mdm::Host::OperatingSystemNormalization
|
|
|
242
237
|
matches
|
|
243
238
|
end
|
|
244
239
|
|
|
240
|
+
# Recog matches for the fingerprint in `note`.
|
|
241
|
+
#
|
|
242
|
+
# @return [Array<Hash>] Keys will be host, service, and os attributes
|
|
245
243
|
def recog_matches_for_note(note)
|
|
246
244
|
# Skip notes that are missing the correct structure or have been blacklisted
|
|
247
245
|
return [] if not validate_fingerprint_data(note)
|
|
@@ -302,7 +300,6 @@ module Mdm::Host::OperatingSystemNormalization
|
|
|
302
300
|
# name collision seems silly.
|
|
303
301
|
return false
|
|
304
302
|
else
|
|
305
|
-
dlog("Could not validate fingerprint data: #{fp.inspect}")
|
|
306
303
|
return false
|
|
307
304
|
end
|
|
308
305
|
end
|
|
@@ -26,6 +26,7 @@ require 'metasploit_data_models/version'
|
|
|
26
26
|
|
|
27
27
|
autoload :Mdm, 'mdm'
|
|
28
28
|
|
|
29
|
+
# Core database models for metasploit-framework.
|
|
29
30
|
module MetasploitDataModels
|
|
30
31
|
extend ActiveSupport::Autoload
|
|
31
32
|
|
|
@@ -38,6 +39,9 @@ module MetasploitDataModels
|
|
|
38
39
|
autoload :Search
|
|
39
40
|
autoload :SerializedPrefs
|
|
40
41
|
|
|
42
|
+
# The root directory of `metasploit_data_models` gem in both development and gem installs.
|
|
43
|
+
#
|
|
44
|
+
# @return [Pathname]
|
|
41
45
|
def self.root
|
|
42
46
|
unless instance_variable_defined? :@root
|
|
43
47
|
lib_pathname = Pathname.new(__FILE__).dirname
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
# Namespace for automatic exploitation. Automatic exploitation
|
|
2
|
+
# {MetasploitDataModels::AutomaticExploitation::Match matches}
|
|
3
|
+
# {MetasploitDataModels::AutomaticExploitation::Match#matchable services or vulnerbatility} with the
|
|
4
|
+
# {MetasploitDataModels::AutomaticExploitation::Match#module_detail Metasploit Module} that can exploit the service or
|
|
5
|
+
# vulnerability. These matches are grouped into a {MetasploitDataModels::AutomaticExploitation::MatchSet a set} that
|
|
6
|
+
# can be {MetasploitDataModels::AutomaticExploitation::Run run} multiple times.
|
|
7
|
+
module MetasploitDataModels::AutomaticExploitation
|
|
8
|
+
extend ActiveSupport::Autoload
|
|
9
|
+
|
|
10
|
+
autoload :Match
|
|
11
|
+
autoload :MatchResult
|
|
12
|
+
autoload :MatchSet
|
|
13
|
+
autoload :Run
|
|
14
|
+
|
|
15
|
+
#
|
|
16
|
+
# Module Methods
|
|
17
|
+
#
|
|
18
|
+
|
|
19
|
+
# The prefix of the `ActiveRecord::Base#table_name` of subclasses in this namespace.
|
|
20
|
+
#
|
|
21
|
+
# @return [String]
|
|
22
|
+
def self.table_name_prefix
|
|
23
|
+
'automatic_exploitation_'
|
|
24
|
+
end
|
|
25
|
+
end
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
require 'rails'
|
|
2
2
|
|
|
3
|
+
# `Rails::Engine` that exposes MetasploitDataModel's `ActiveRecord::Base` subclasses and automatically loads its
|
|
4
|
+
# `FactoryGirl` factories, sequences, and traits.
|
|
3
5
|
class MetasploitDataModels::Engine < Rails::Engine
|
|
4
6
|
# @see http://viget.com/extend/rails-engine-testing-with-rspec-capybara-and-factorygirl
|
|
5
7
|
config.generators do |g|
|
|
@@ -1,4 +1,10 @@
|
|
|
1
|
+
# Allows attributes to be extracted and written to key of serialized `Hash` `prefs`.
|
|
1
2
|
module MetasploitDataModels::SerializedPrefs
|
|
3
|
+
# Setup each arg in `args` as the name of an attribute embedded in the `prefs` `Hash`. Defines `#<arg>` and
|
|
4
|
+
# `#<arg>=(value)` methods like standard `attr_accessor`.
|
|
5
|
+
#
|
|
6
|
+
# @param args [Array<Symbol>] The names of the attributes to store in the `prefs` `Hash`.
|
|
7
|
+
# @return [void]
|
|
2
8
|
def serialized_prefs_attr_accessor(*args)
|
|
3
9
|
args.each do |method_name|
|
|
4
10
|
|
|
@@ -1,20 +1,29 @@
|
|
|
1
1
|
module MetasploitDataModels
|
|
2
2
|
# Holds components of {VERSION} as defined by {http://semver.org/spec/v2.0.0.html semantic versioning v2.0.0}.
|
|
3
3
|
module Version
|
|
4
|
+
#
|
|
5
|
+
# CONSTANTS
|
|
6
|
+
#
|
|
7
|
+
|
|
4
8
|
# The major version number.
|
|
5
9
|
MAJOR = 1
|
|
6
10
|
# The minor version number, scoped to the {MAJOR} version number.
|
|
7
11
|
MINOR = 0
|
|
8
|
-
# The patch number, scoped to the {MAJOR} and {MINOR} version numbers.
|
|
12
|
+
# The patch version number, scoped to the {MAJOR} and {MINOR} version numbers.
|
|
9
13
|
PATCH = 0
|
|
10
|
-
# The prerelease version, scoped to the {MAJOR}, {MINOR}, and {PATCH} version numbers.
|
|
11
|
-
PRERELEASE = 'rails-4.0b'
|
|
12
14
|
|
|
13
|
-
#
|
|
15
|
+
#
|
|
16
|
+
# Module Methods
|
|
17
|
+
#
|
|
18
|
+
|
|
19
|
+
# The full version string, including the {MetasploitDataModels::Version::MAJOR},
|
|
20
|
+
# {MetasploitDataModels::Version::MINOR}, {MetasploitDataModels::Version::PATCH}, and optionally, the
|
|
21
|
+
# `MetasploitDataModels::Version::PRERELEASE` in the
|
|
14
22
|
# {http://semver.org/spec/v2.0.0.html semantic versioning v2.0.0} format.
|
|
15
23
|
#
|
|
16
|
-
# @return [String] '{MAJOR}.{MINOR}.{PATCH}'
|
|
17
|
-
#
|
|
24
|
+
# @return [String] '{MetasploitDataModels::Version::MAJOR}.{MetasploitDataModels::Version::MINOR}.{MetasploitDataModels::Version::PATCH}'
|
|
25
|
+
# on master. '{MetasploitDataModels::Version::MAJOR}.{MetasploitDataModels::Version::MINOR}.{MetasploitDataModels::Version::PATCH}-PRERELEASE'
|
|
26
|
+
# on any branch other than master.
|
|
18
27
|
def self.full
|
|
19
28
|
version = "#{MAJOR}.#{MINOR}.#{PATCH}"
|
|
20
29
|
|
|
@@ -25,8 +34,22 @@ module MetasploitDataModels
|
|
|
25
34
|
version
|
|
26
35
|
end
|
|
27
36
|
|
|
37
|
+
# The full gem version string, including the {MetasploitDataModels::Version::MAJOR},
|
|
38
|
+
# {MetasploitDataModels::Version::MINOR}, {MetasploitDataModels::Version::PATCH}, and optionally, the
|
|
39
|
+
# `MetasploitDataModels::Version::PRERELEASE` in the
|
|
40
|
+
# {http://guides.rubygems.org/specification-reference/#version RubyGems versioning} format.
|
|
41
|
+
#
|
|
42
|
+
# @return [String] '{MetasploitDataModels::Version::MAJOR}.{MetasploitDataModels::Version::MINOR}.{MetasploitDataModels::Version::PATCH}'
|
|
43
|
+
# on master. '{MetasploitDataModels::Version::MAJOR}.{MetasploitDataModels::Version::MINOR}.{MetasploitDataModels::Version::PATCH}.PRERELEASE'
|
|
44
|
+
# on any branch other than master.
|
|
45
|
+
def self.gem
|
|
46
|
+
full.gsub('-', '.pre.')
|
|
47
|
+
end
|
|
28
48
|
end
|
|
29
49
|
|
|
30
|
-
#
|
|
50
|
+
# (see Version.gem)
|
|
51
|
+
GEM_VERSION = Version.gem
|
|
52
|
+
|
|
53
|
+
# (see Version.full)
|
|
31
54
|
VERSION = Version.full
|
|
32
55
|
end
|
|
@@ -29,6 +29,13 @@ Gem::Specification.new do |s|
|
|
|
29
29
|
s.required_ruby_version = '>= 2.1'
|
|
30
30
|
|
|
31
31
|
# ---- Dependencies ----
|
|
32
|
+
s.add_development_dependency 'metasploit-version', '~> 0.1.3'
|
|
33
|
+
# documentation
|
|
34
|
+
s.add_development_dependency 'metasploit-yard', '~> 1.0'
|
|
35
|
+
s.add_development_dependency 'yard-activerecord', '~> 0.0.14'
|
|
36
|
+
# embed ERDs on index, namespace Module and Class<ActiveRecord::Base> pages
|
|
37
|
+
s.add_development_dependency 'yard-metasploit-erd', '~> 0.1.0'
|
|
38
|
+
|
|
32
39
|
s.add_development_dependency 'rake'
|
|
33
40
|
|
|
34
41
|
# documentation
|
|
@@ -41,8 +48,8 @@ Gem::Specification.new do |s|
|
|
|
41
48
|
|
|
42
49
|
s.add_runtime_dependency 'activerecord', *rails_version_constraints
|
|
43
50
|
s.add_runtime_dependency 'activesupport', *rails_version_constraints
|
|
44
|
-
s.add_runtime_dependency 'metasploit-concern', '1.0
|
|
45
|
-
s.add_runtime_dependency 'metasploit-model', '1.0
|
|
51
|
+
s.add_runtime_dependency 'metasploit-concern', '~> 1.0'
|
|
52
|
+
s.add_runtime_dependency 'metasploit-model', '~> 1.0'
|
|
46
53
|
s.add_runtime_dependency 'railties', *rails_version_constraints
|
|
47
54
|
|
|
48
55
|
# os fingerprinting
|
|
@@ -1,11 +1,9 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
describe Mdm::Client do
|
|
1
|
+
RSpec.describe Mdm::Client, type: :model do
|
|
4
2
|
|
|
5
3
|
it_should_behave_like 'Metasploit::Concern.run'
|
|
6
4
|
|
|
7
5
|
context 'associations' do
|
|
8
|
-
it {
|
|
6
|
+
it { is_expected.to belong_to(:host).class_name('Mdm::Host') }
|
|
9
7
|
end
|
|
10
8
|
|
|
11
9
|
context '#destroy' do
|
|
@@ -23,21 +21,21 @@ describe Mdm::Client do
|
|
|
23
21
|
context 'factory' do
|
|
24
22
|
it 'should be valid' do
|
|
25
23
|
client = FactoryGirl.build(:mdm_client)
|
|
26
|
-
client.
|
|
24
|
+
expect(client).to be_valid
|
|
27
25
|
end
|
|
28
26
|
end
|
|
29
27
|
|
|
30
28
|
context 'database' do
|
|
31
29
|
context 'columns' do
|
|
32
|
-
it {
|
|
33
|
-
it {
|
|
34
|
-
it {
|
|
35
|
-
it {
|
|
30
|
+
it { is_expected.to have_db_column(:host_id).of_type(:integer)}
|
|
31
|
+
it { is_expected.to have_db_column(:ua_string).of_type(:string).with_options(:null => false) }
|
|
32
|
+
it { is_expected.to have_db_column(:ua_name).of_type(:string) }
|
|
33
|
+
it { is_expected.to have_db_column(:ua_ver).of_type(:string) }
|
|
36
34
|
end
|
|
37
35
|
|
|
38
36
|
context 'timestamps' do
|
|
39
|
-
it {
|
|
40
|
-
it {
|
|
37
|
+
it { is_expected.to have_db_column(:created_at).of_type(:datetime) }
|
|
38
|
+
it { is_expected.to have_db_column(:updated_at).of_type(:datetime) }
|
|
41
39
|
end
|
|
42
40
|
|
|
43
41
|
end
|