RubyGems - metasploit_data_models - Versions diffs - 3.0.8 → 4.0.2 - Mend

metasploit_data_models 3.0.8 → 4.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (219) hide show

data/app/models/mdm/session.rb CHANGED

@@ -1,6 +1,6 @@
 # A session opened on a {#host} using an {#via_exploit exploit} and controlled through a {#via_payload payload} to
 # connect back to the local host using meterpreter or a cmd shell.
-class Mdm::Session < ActiveRecord::Base
+class Mdm::Session < ApplicationRecord
   #
   # Associations

data/app/models/mdm/session_event.rb CHANGED

@@ -1,5 +1,5 @@
 # Events that occurred when using a {#session}.
-class Mdm::SessionEvent < ActiveRecord::Base
+class Mdm::SessionEvent < ApplicationRecord
   #
   # Associations

data/app/models/mdm/tag.rb CHANGED

@@ -1,5 +1,5 @@
 # Tag {#hosts_tags assigned} to {#hosts}.  Tags can be used to group together hosts for targeting and reporting.
-class Mdm::Tag < ActiveRecord::Base
+class Mdm::Tag < ApplicationRecord
   include Metasploit::Model::Search
   #

data/app/models/mdm/task.rb CHANGED

@@ -1,5 +1,5 @@
 # A task run by Metasploit Pro.
-class Mdm::Task < ActiveRecord::Base
+class Mdm::Task < ApplicationRecord
   #
   #
   # Associations

data/app/models/mdm/task_cred.rb CHANGED

@@ -3,7 +3,7 @@
 #   `Metasploit::Credential::Engine` is installed.
 #
 # Join model between {Mdm::Cred} and {Mdm::Task} that signifies that the {#task} found the {#cred}.
-class Mdm::TaskCred < ActiveRecord::Base
+class Mdm::TaskCred < ApplicationRecord
   #
   # Associations
   #

data/app/models/mdm/task_host.rb CHANGED

@@ -1,5 +1,5 @@
 # Join model between {Mdm::Host} and {Mdm::Task} that signifies that the {#task} found the {#host}.
-class Mdm::TaskHost < ActiveRecord::Base
+class Mdm::TaskHost < ApplicationRecord
   #
   # Associations
   #

data/app/models/mdm/task_service.rb CHANGED

@@ -1,5 +1,5 @@
 # Join model between {Mdm::Service} and {Mdm::Task} that signifies that the {#task} found the {#service}.
-class Mdm::TaskService < ActiveRecord::Base
+class Mdm::TaskService < ApplicationRecord
   #
   # Associations
   #

data/app/models/mdm/task_session.rb CHANGED

@@ -1,5 +1,5 @@
 # Join model between {Mdm::Session} and {Mdm::Task} that signifies that the {#task} spawned the {#session}.
-class Mdm::TaskSession < ActiveRecord::Base
+class Mdm::TaskSession < ApplicationRecord
   #
   # Associations
   #

data/app/models/mdm/user.rb CHANGED

@@ -1,5 +1,5 @@
 # A user of metasploit-framework or metasploit-pro.
-class Mdm::User < ActiveRecord::Base
+class Mdm::User < ApplicationRecord
   extend MetasploitDataModels::SerializedPrefs
   #
@@ -36,7 +36,7 @@ class Mdm::User < ActiveRecord::Base
   # {Mdm::Workspace Workspace} where this user has access.  If a user is an {#admin administrator} they have access
   # to all workspaces even if they are not a member of that workspace.
   has_and_belongs_to_many :workspaces,
-                          -> { uniq },
+                          -> { distinct },
                           class_name: 'Mdm::Workspace',
                           join_table: 'workspace_members'

data/app/models/mdm/vuln.rb CHANGED

@@ -1,5 +1,5 @@
 # A vulnerability found on a {#host} or {#service}.
-class Mdm::Vuln < ActiveRecord::Base
+class Mdm::Vuln < ApplicationRecord
   #
   # Associations
@@ -122,7 +122,7 @@ class Mdm::Vuln < ActiveRecord::Base
   #
   #   @return [ActiveRecord::Relation<Mdm::Module::Detail>]
   has_many :module_details,
-            -> { uniq },
+            -> { distinct },
             :class_name => 'Mdm::Module::Detail',
             :source => :detail,
             :through => :module_refs

data/app/models/mdm/vuln_attempt.rb CHANGED

@@ -1,5 +1,5 @@
 # An attempt to exploit a {#vuln}.
-class Mdm::VulnAttempt < ActiveRecord::Base
+class Mdm::VulnAttempt < ApplicationRecord
   #
   # Associations

data/app/models/mdm/vuln_detail.rb CHANGED

@@ -1,5 +1,5 @@
 # {Mdm::Vuln Vulnerability details} supplied from an external source, such as Nexpose.
-class Mdm::VulnDetail < ActiveRecord::Base
+class Mdm::VulnDetail < ApplicationRecord
   #
   # Associations
   #

data/app/models/mdm/vuln_ref.rb CHANGED

@@ -1,5 +1,5 @@
 # Join model between {Mdm::Vuln} and {Mdm::Ref}.
-class Mdm::VulnRef < ActiveRecord::Base
+class Mdm::VulnRef < ApplicationRecord
   self.table_name = 'vulns_refs'
   #

data/app/models/mdm/web_form.rb CHANGED

@@ -1,5 +1,5 @@
 # A filled-in form on a {#web_site}.
-class Mdm::WebForm < ActiveRecord::Base
+class Mdm::WebForm < ApplicationRecord
   #
   # Associations

data/app/models/mdm/web_page.rb CHANGED

@@ -1,5 +1,5 @@
 # Web page requested from a {#web_site}.
-class Mdm::WebPage < ActiveRecord::Base
+class Mdm::WebPage < ApplicationRecord
   #
   # Associations

data/app/models/mdm/web_site.rb CHANGED

@@ -1,5 +1,5 @@
 # A Web Site running on a {#service}.
-class Mdm::WebSite < ActiveRecord::Base
+class Mdm::WebSite < ApplicationRecord
   #
   # Associations

data/app/models/mdm/web_vuln.rb CHANGED

@@ -10,7 +10,7 @@
 #       "#{confidence}%"
 #     end
 #   end
-class Mdm::WebVuln < ActiveRecord::Base
+class Mdm::WebVuln < ApplicationRecord
   #
   # CONSTANTS

data/app/models/mdm/wmap_request.rb CHANGED

@@ -1,5 +1,5 @@
 # Request sent to a {Mdm::WmapTarget}.  WMAP is a plugin to metasploit-framework.
-class Mdm::WmapRequest < ActiveRecord::Base
+class Mdm::WmapRequest < ApplicationRecord
   #
   #
   # Attributes

data/app/models/mdm/wmap_target.rb CHANGED

@@ -1,5 +1,5 @@
 # WMAP target. WMAP is a plugin to metasploit-framework.
-class Mdm::WmapTarget < ActiveRecord::Base
+class Mdm::WmapTarget < ApplicationRecord
   #
   # Attributes
   #

data/app/models/mdm/workspace.rb CHANGED

@@ -1,6 +1,6 @@
 # Workspace to separate different collections of {#hosts}.  Can be used to separate pentests against different networks
 # or different clients as reports are normally generated against all records in a workspace.
-class Mdm::Workspace < ActiveRecord::Base
+class Mdm::Workspace < ApplicationRecord
   #
   # CONSTANTS
   #
@@ -52,7 +52,7 @@ class Mdm::Workspace < ActiveRecord::Base
   # Users that are allowed to use this workspace.  Does not necessarily include all users, as an {Mdm::User#admin
   # administrator} can access any workspace, even ones where they are not a member.
   has_and_belongs_to_many :users,
-                          -> { uniq },
+                          -> { distinct },
                           class_name: 'Mdm::User',
                           join_table: 'workspace_members'
@@ -81,9 +81,6 @@ class Mdm::Workspace < ActiveRecord::Base
   # Sessions opened on {#hosts} in this workspace.
   has_many :sessions, :through => :hosts, :class_name => 'Mdm::Session'
-  # Payloads for this workspace.
-  has_many :payloads, :class_name => 'Mdm::Payload'
   #
   # Attributes
   #
@@ -213,7 +210,7 @@ class Mdm::Workspace < ActiveRecord::Base
       Mdm::WebSite.join_association(:service),
       Mdm::Service.join_association(:host),
       Mdm::Host.join_association(:workspace)
-    ).where(Mdm::Workspace[:id].eq(id)).uniq
+    ).where(Mdm::Workspace[:id].eq(id)).distinct
   end
@@ -226,7 +223,7 @@ class Mdm::Workspace < ActiveRecord::Base
       Mdm::WebSite.join_association(:service),
       Mdm::Service.join_association(:host),
       Mdm::Host.join_association(:workspace)
-    ).where(Mdm::Workspace[:id].eq(id)).uniq
+    ).where(Mdm::Workspace[:id].eq(id)).distinct
   end
   # Web sites running on {#services}.
@@ -237,7 +234,7 @@ class Mdm::Workspace < ActiveRecord::Base
       Mdm::WebSite.join_association(:service),
       Mdm::Service.join_association(:host),
       Mdm::Host.join_association(:workspace)
-    ).where(Mdm::Workspace[:id].eq(id)).uniq
+    ).where(Mdm::Workspace[:id].eq(id)).distinct
   end
   # Web vulnerability found on {#web_sites}.
@@ -249,7 +246,7 @@ class Mdm::Workspace < ActiveRecord::Base
       Mdm::WebSite.join_association(:service),
       Mdm::Service.join_association(:host),
       Mdm::Host.join_association(:workspace)
-    ).where(Mdm::Workspace[:id].eq(id)).uniq
+    ).where(Mdm::Workspace[:id].eq(id)).distinct
   end
   # Web forms on {#web_sites}.

data/app/models/metasploit_data_models/automatic_exploitation/match.rb CHANGED

@@ -1,5 +1,5 @@
 # Matches {#matchable} {Mdm::Service} or {Mdm::Vuln} to a {#module_detail Metasploit Module} that can exploit it.
-class MetasploitDataModels::AutomaticExploitation::Match < ActiveRecord::Base
+class MetasploitDataModels::AutomaticExploitation::Match < ApplicationRecord
   #
   # Associations
   #

data/app/models/metasploit_data_models/automatic_exploitation/match_result.rb CHANGED

@@ -1,5 +1,5 @@
 # The result of {#run running} a {#match}.
-class MetasploitDataModels::AutomaticExploitation::MatchResult < ActiveRecord::Base
+class MetasploitDataModels::AutomaticExploitation::MatchResult < ApplicationRecord
   #
   # CONSTANTS
   #

data/app/models/metasploit_data_models/automatic_exploitation/match_set.rb CHANGED

@@ -1,5 +1,5 @@
 # A set of {#matches automatic exploitation matches}.
-class MetasploitDataModels::AutomaticExploitation::MatchSet < ActiveRecord::Base
+class MetasploitDataModels::AutomaticExploitation::MatchSet < ApplicationRecord
   #
   # Associations
   #

data/app/models/metasploit_data_models/automatic_exploitation/run.rb CHANGED

@@ -1,5 +1,5 @@
 # Runs a {#match_set set of matches} to produce {#match_results results}.
-class MetasploitDataModels::AutomaticExploitation::Run < ActiveRecord::Base
+class MetasploitDataModels::AutomaticExploitation::Run < ApplicationRecord
   #
   # Associations
   #
@@ -26,4 +26,4 @@ class MetasploitDataModels::AutomaticExploitation::Run < ActiveRecord::Base
              inverse_of: :automatic_exploitation_runs
   Metasploit::Concern.run(self)
-end
+end

data/app/models/metasploit_data_models/module_run.rb CHANGED

@@ -6,7 +6,7 @@
 # There are also associations to {Mdm::Session} for two use cases: a `spawned_session` is a
 # session created by the ModuleRun. A `target_session` is a session that the ModuleRun
 # is acting upon (e.g.) for running a post module.
-class MetasploitDataModels::ModuleRun < ActiveRecord::Base
+class MetasploitDataModels::ModuleRun < ApplicationRecord
   #
   # Constants
   #

data/app/validators/ip_format_validator.rb CHANGED

@@ -6,7 +6,7 @@ class IpFormatValidator < ActiveModel::EachValidator
   #
   # @return [void]
   def validate_each(object, attribute, value)
-    error_message_block = lambda{ object.errors[attribute] << " must be a valid IPv4 or IPv6 address" }
+    error_message_block = lambda{ object.errors.add attribute, " must be a valid IPv4 or IPv6 address" }
     begin
       if value.is_a? IPAddr
         potential_ip = value.dup

data/app/validators/parameters_validator.rb CHANGED

@@ -33,7 +33,7 @@ class ParametersValidator < ActiveModel::EachValidator
                 :index => index
             )
-            record.errors[attribute] << length_error
+            record.errors.add attribute, length_error
           else
             parameter_name = element.first
@@ -44,7 +44,7 @@ class ParametersValidator < ActiveModel::EachValidator
                     :index => index,
                     :prefix => "has blank parameter name"
                 )
-                record.errors[attribute] << error
+                record.errors.add attribute, error
               end
             else
               error = error_at(
@@ -52,7 +52,7 @@ class ParametersValidator < ActiveModel::EachValidator
                   :index => index,
                   :prefix => "has non-String parameter name (#{parameter_name.inspect})"
               )
-              record.errors[attribute] << error
+              record.errors.add attribute, error
             end
             parameter_value = element.second
@@ -63,7 +63,7 @@ class ParametersValidator < ActiveModel::EachValidator
                   :index => index,
                   :prefix => "has non-String parameter value (#{parameter_value.inspect})"
               )
-              record.errors[attribute] << error
+              record.errors.add attribute, error
             end
           end
         else
@@ -72,11 +72,11 @@ class ParametersValidator < ActiveModel::EachValidator
               :index => index,
               :prefix => 'has non-Array'
           )
-          record.errors[attribute] << error
+          record.errors.add attribute, error
         end
       end
     else
-      record.errors[attribute] << "is not an Array.  #{TYPE_SIGNATURE_SENTENCE}"
+      record.errors.add attribute, "is not an Array.  #{TYPE_SIGNATURE_SENTENCE}"
     end
   end
@@ -126,4 +126,4 @@ class ParametersValidator < ActiveModel::EachValidator
     clause
   end
-end
+end

data/bin/rails ADDED

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails gems
+# installed from the root of your application.
+ENGINE_ROOT = File.expand_path('..', __dir__)
+ENGINE_PATH = File.expand_path('../lib/metasploit_data_models/engine', __dir__)
+APP_PATH = File.expand_path('../test/dummy/config/application', __dir__)
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
+require 'rails/all'
+require 'rails/engine/commands'

data/config/initializers/arel_helper.rb CHANGED

@@ -1,5 +1,5 @@
 # Including arel-helpers in all active record models.
 # https://github.com/camertron/arel-helpers
-ActiveRecord::Base.send(:include, ArelHelpers::ArelTable)
-ActiveRecord::Base.send(:include, ArelHelpers::JoinAssociation)
+ApplicationRecord.send(:include, ArelHelpers::ArelTable)
+ApplicationRecord.send(:include, ArelHelpers::JoinAssociation)

data/config/initializers/ipaddr.rb CHANGED

@@ -1,10 +1,7 @@
 module IPAddrExtensions
   extend ActiveSupport::Concern
-  included do
-    alias_method_chain :coerce_other, :rescue
-  end
-  def coerce_other_with_rescue(other)
+  def coerce(other)
     begin
       case other
       when IPAddr
@@ -18,7 +15,15 @@ module IPAddrExtensions
       OpenStruct.new(family: false, to_i: false)
     end
   end
+  def include?(other)
+    begin
+      super(other)
+    rescue IPAddr::InvalidAddressError
+      false
+    end
+  end
 end
-IPAddr.send(:include, IPAddrExtensions)
+IPAddr.send(:prepend, IPAddrExtensions)

data/db/migrate/000_create_tables.rb CHANGED

@@ -1,4 +1,4 @@
-class CreateTables < ActiveRecord::Migration
+class CreateTables < ActiveRecord::Migration[4.2]
 	def self.up

data/db/migrate/001_add_wmap_tables.rb CHANGED

@@ -1,4 +1,4 @@
-class AddWmapTables < ActiveRecord::Migration
+class AddWmapTables < ActiveRecord::Migration[4.2]
 	def self.up
 		create_table :wmap_targets do |t|
 			t.string  :host                  # vhost

data/db/migrate/002_add_workspaces.rb CHANGED

@@ -1,4 +1,4 @@
-class AddWorkspaces < ActiveRecord::Migration
+class AddWorkspaces < ActiveRecord::Migration[4.2]
 	def self.up
 		create_table :workspaces do |t|

data/db/migrate/003_move_notes.rb CHANGED

@@ -1,4 +1,4 @@
-class MoveNotes < ActiveRecord::Migration
+class MoveNotes < ActiveRecord::Migration[4.2]
 	def self.up
 		# Remove the host requirement.  We'll add the column back in below.
 		remove_column :notes, :host_id

data/db/migrate/004_add_events_table.rb CHANGED

@@ -1,4 +1,4 @@
-class AddEventsTable < ActiveRecord::Migration
+class AddEventsTable < ActiveRecord::Migration[4.2]
 	def self.up
 		create_table :events do |t|
 			t.integer   :workspace_id

data/db/migrate/005_expand_info.rb CHANGED

@@ -1,4 +1,4 @@
-class ExpandInfo < ActiveRecord::Migration
+class ExpandInfo < ActiveRecord::Migration[4.2]
 	def self.up
 		remove_column :events, :info
 		change_table :events do |t|

data/db/migrate/006_add_timestamps.rb CHANGED

@@ -1,7 +1,7 @@
 # Adds 'created_at' and 'updated_at' columns to every primary table.
 #
-class AddTimestamps < ActiveRecord::Migration
+class AddTimestamps < ActiveRecord::Migration[4.2]
 	@@TABLES_NEEDING_RENAME = [:clients, :hosts, :notes, :refs, :services, :vulns, :wmap_requests]
 	@@TABLES_NEEDING_CREATED_AT = [:wmap_targets]