metasploit_data_models 4.0.1 → 4.1.3

metadata

@@ -1,13 +1,10 @@
 --- !ruby/object:Gem::Specification
 name: metasploit_data_models
 version: !ruby/object:Gem::Version
-  version: 4.0.1
+  version: 4.1.3
 platform: ruby
 authors:
-- Samuel Huckins
-- Luke Imhoff
-- David 'thelightcosine' Maloney
-- Trevor 'burlyscudd' Rosen
+- Metasploit Hackers
 autorequire: 
 bindir: bin
 cert_chain:
@@ -67,20 +64,20 @@ cert_chain:
   -----END CERTIFICATE-----
 - |
   -----BEGIN CERTIFICATE-----
-  MIIFIzCCBAugAwIBAgIQDX9ZkVJ2eNVTlibR5ALyJTANBgkqhkiG9w0BAQsFADBy
+  MIIFIzCCBAugAwIBAgIQCMePMbkSxvnPeJhYXIfaxzANBgkqhkiG9w0BAQsFADBy
   MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
   d3cuZGlnaWNlcnQuY29tMTEwLwYDVQQDEyhEaWdpQ2VydCBTSEEyIEFzc3VyZWQg
-  SUQgQ29kZSBTaWduaW5nIENBMB4XDTE5MTAxNjAwMDAwMFoXDTIwMTAxOTEyMDAw
+  SUQgQ29kZSBTaWduaW5nIENBMB4XDTIwMTAwNzAwMDAwMFoXDTIzMTEwNjEyMDAw
   MFowYDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxDzANBgNV
   BAcTBkJvc3RvbjETMBEGA1UEChMKUmFwaWQ3IExMQzETMBEGA1UEAxMKUmFwaWQ3
-  IExMQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANHnKegPAghKuZk4
-  Gy1jKaZEXbWc4fxioTemv/F1yIYzAjCWP65qjKtyeeFDe4/kJzG9nseF9oa93YBf
-  1nyEqxNSZMw/sCAZ87lOl713dRi73uxOoszy2PT5xEB+Q5R6cbzExkWG2zrLdXDr
-  so0Bd6VHw+IsAoBBkAq5FrZOJQYGn5VY20xw/2DqtCeoW4QDWyqTnbJmwO9tZrfr
-  3Le2crfk2eOgafaPNhLon5uuIKCZsk2YkUSNURSS3M7gosMwU9Gg4JTBi7X5+oww
-  rY43dJT28YklxmNVu8o5kJxW4dqLKJLOIgSXZ63nceT/EaCSg7DcofHNcUzejFwb
-  M7Zbb2kCAwEAAaOCAcUwggHBMB8GA1UdIwQYMBaAFFrEuXsqCqOl6nEDwGD5LfZl
-  dQ5YMB0GA1UdDgQWBBR18CAeMsIEU+0pXal/XXw9LCtMADAOBgNVHQ8BAf8EBAMC
+  IExMQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALNTz4zvAy7h/vQp
+  4dr1txXHlABAagkwYYwTMCtHs5PXsJITx/5SAjx5swuaLfze5kPBNF2YImvFlOXY
+  WaB+0PsOnXnaARsDZU683xFlj8izU6IN6VrAHzDLKFBzruJENrOJD/ikbEtbjO/q
+  gFbmS9J9v5ohG/pcRSS0t4ZPAwymf8eCp6QsvOKK/Aymp1RhlRaP8N6N5CIpkhz1
+  9p968iCE+DjOXVYxcWE+jE/7uB1dbgrXykNBujMSS3GULOvVEY28n6NCmrPlo23g
+  yRjYVJ2Vy14nBqnxDZ/yRIfWRVjWoT9TsAEbe9gY29oDpSCSs4wSmLQd5zGCpZ9h
+  r0HDFB8CAwEAAaOCAcUwggHBMB8GA1UdIwQYMBaAFFrEuXsqCqOl6nEDwGD5LfZl
+  dQ5YMB0GA1UdDgQWBBTLBL7DTwumVEKtdCdpHVYMXOFeDzAOBgNVHQ8BAf8EBAMC
   B4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwdwYDVR0fBHAwbjA1oDOgMYYvaHR0cDov
   L2NybDMuZGlnaWNlcnQuY29tL3NoYTItYXNzdXJlZC1jcy1nMS5jcmwwNaAzoDGG
   L2h0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWFzc3VyZWQtY3MtZzEuY3Js
@@ -89,14 +86,14 @@ cert_chain:
   JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBOBggrBgEFBQcw
   AoZCaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkFzc3Vy
   ZWRJRENvZGVTaWduaW5nQ0EuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEL
-  BQADggEBAFpzR9s7lcYKDzSJucOHztEPj+iSIeCzxEw34NTE9M2AfkYIu82c4r2a
-  bzIGmzZWiCGufjOp0gF5xW6sSSJ9n0TqH0nhHhvjtZQkmkGtOBbN1zeYDFS2ozAp
-  sljF/g68Y1eYs3NaFf7kQUa6vb6RdjW3J8M9AQ8gthBt7gr/guVxd/gJUYbdDdBX
-  cWfJJi/X7GVBOBmmvA43qoKideuhOBrVGBHvIF/yO9p23dIiUrGmW9kxXCSxgute
-  JI/W23RbIRksG2pioMhd4dCXq3FLLlkOV1YfCwWixNB+iIhQPPZVaPNfgPhCn4Dt
-  DeGjje/qA4fkLtRmOtb9PUBq3ToRDE4=
+  BQADggEBAN+GL5/myPWg7oH4mVrG7/OhXF1MoYQF0ddaNiqaweEHMuKJBQCVZRbL
+  37HojoKXXv2yyRJBCeTB+ojrxX+5PdLVZa0ss7toWzJ2A1poPXZ1eZvm5xeFD32z
+  YQaTmmNWNI3PCDTyJ2PXUc+bDiNNwcZ7yc5o78UNRvp9Jxghya17Q76c9Ov9wvnv
+  dxxQKWGOQy0m4fBrkyjAyH9Djjn81RbQrqYgPuhd5nD0HjN3VUQLhQbIJrk9TVs0
+  EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
+  9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2020-04-14 00:00:00.000000000 Z
+date: 2021-04-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: metasploit-yard
@@ -158,16 +155,16 @@ dependencies:
   name: yard
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.8.7.4
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.8.7.4
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -230,14 +227,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.1'
 - !ruby/object:Gem::Dependency
   name: railties
   requirement: !ruby/object:Gem::Requirement
@@ -252,6 +249,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 5.2.2
+- !ruby/object:Gem::Dependency
+  name: webrick
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: recog
   requirement: !ruby/object:Gem::Requirement
@@ -311,19 +322,16 @@ dependencies:
 description: Implements minimal ActiveRecord models and database helper code used
   in both the Metasploit Framework (MSF) and Metasploit commercial editions.
 email:
-- shuckins@rapid7.com
-- luke_imhoff@rapid7.com
-- dmaloney@rapid7.com
-- trevor_rosen@rapid7.com
+- msfdev@metasploit.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
 - ".coveralls.yml"
+- ".github/workflows/verify.yml"
 - ".gitignore"
 - ".rspec"
 - ".simplecov"
-- ".travis.yml"
 - ".yardopts"
 - CHANGELOG.md
 - CONTRIBUTING.md
@@ -408,11 +416,6 @@ files:
 - app/models/metasploit_data_models/search/visitor/method.rb
 - app/models/metasploit_data_models/search/visitor/relation.rb
 - app/models/metasploit_data_models/search/visitor/where.rb
-- app/validators/ip_format_validator.rb
-- app/validators/parameters_validator.rb
-- app/validators/password_is_strong_validator.rb
-- bin/mdm_console
-- bin/rails
 - config/initializers/arel_helper.rb
 - config/initializers/ipaddr.rb
 - config/locales/en.yml
@@ -649,8 +652,6 @@ files:
 - spec/app/models/metasploit_data_models/search/visitor/method_spec.rb
 - spec/app/models/metasploit_data_models/search/visitor/relation_spec.rb
 - spec/app/models/metasploit_data_models/search/visitor/where_spec.rb
-- spec/app/validators/parameters_validator_spec.rb
-- spec/app/validators/password_is_strong_validator_spec.rb
 - spec/dummy/Rakefile
 - spec/dummy/app/assets/config/manifest.js
 - spec/dummy/app/assets/javascripts/application.js
@@ -668,7 +669,7 @@ files:
 - spec/dummy/config/application.rb
 - spec/dummy/config/boot.rb
 - spec/dummy/config/database.yml.example
-- spec/dummy/config/database.yml.travis
+- spec/dummy/config/database.yml.github_actions
 - spec/dummy/config/environment.rb
 - spec/dummy/config/environments/development.rb
 - spec/dummy/config/environments/production.rb
@@ -777,7 +778,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.1'
+      version: '2.4'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="

data/.travis.yml

@@ -1,22 +0,0 @@
-dist: trusty
-sudo: false
-group: stable
-cache: bundler
-language: ruby
-addons:
-  postgresql: '9.6'
-  apt:
-    packages:
-      - libpcap-dev
-      - graphviz
-rvm:
-  - 2.6.5
-before_script:
-  - cp spec/dummy/config/database.yml.travis spec/dummy/config/database.yml
-  - bundle exec rake --version
-  - bundle exec rake db:create db:migrate
-script:
-  # Disabling this check because it is proving unreliable
-  #- git diff --exit-code spec/dummy/db/structure.sql
-  - bundle exec rake spec
-  - bundle exec rake yard

data/app/validators/ip_format_validator.rb

@@ -1,22 +0,0 @@
-require "ipaddr"
-
-# Validates that attribute is a valid IPv4 or IPv6 address.
-class IpFormatValidator < ActiveModel::EachValidator
-  # Validates that `attribute`'s `value` on `object` is a valid IPv4 or IPv6 address.
-  #
-  # @return [void]
-  def validate_each(object, attribute, value)
-    error_message_block = lambda{ object.errors.add attribute, " must be a valid IPv4 or IPv6 address" }
-    begin
-      if value.is_a? IPAddr
-        potential_ip = value.dup
-      else
-        potential_ip = IPAddr.new(value)
-      end
-      
-      error_message_block.call unless potential_ip.ipv4? || potential_ip.ipv6?
-    rescue ArgumentError
-      error_message_block.call
-    end
-  end
-end

data/app/validators/parameters_validator.rb

@@ -1,129 +0,0 @@
-# Validates that attribute's value is Array<Array(String, String)> which is the only valid type signature for serialized
-# parameters.
-class ParametersValidator < ActiveModel::EachValidator
-  #
-  # CONSTANTS
-  #
-
-  # Sentence explaining the valid type signature for parameters.
-  TYPE_SIGNATURE_SENTENCE = 'Valid parameters are an Array<Array(String, String)>.'
-
-  #
-  # Instance Methods
-  #
-
-  # Validates that `attribute`'s `value` on `record` is `Array<Array(String, String)>` which is the only valid type
-  # signature for serialized parameters.
-  #
-  # @return [void]
-  def validate_each(record, attribute, value)
-    if value.is_a? Array
-      value.each_with_index do |element, index|
-        if element.is_a? Array
-          if element.length != 2
-            extreme = :few
-
-            if element.length > 2
-              extreme = :many
-            end
-
-            length_error = length_error_at(
-                :extreme => extreme,
-                :element => element,
-                :index => index
-            )
-
-            record.errors.add attribute, length_error
-          else
-            parameter_name = element.first
-
-            if parameter_name.is_a? String
-              unless parameter_name.present?
-                error = error_at(
-                    :element => element,
-                    :index => index,
-                    :prefix => "has blank parameter name"
-                )
-                record.errors.add attribute, error
-              end
-            else
-              error = error_at(
-                  :element => element,
-                  :index => index,
-                  :prefix => "has non-String parameter name (#{parameter_name.inspect})"
-              )
-              record.errors.add attribute, error
-            end
-
-            parameter_value = element.second
-
-            unless parameter_value.is_a? String
-              error = error_at(
-                  :element => element,
-                  :index => index,
-                  :prefix => "has non-String parameter value (#{parameter_value.inspect})"
-              )
-              record.errors.add attribute, error
-            end
-          end
-        else
-          error = error_at(
-              :element => element,
-              :index => index,
-              :prefix => 'has non-Array'
-          )
-          record.errors.add attribute, error
-        end
-      end
-    else
-      record.errors.add attribute, "is not an Array.  #{TYPE_SIGNATURE_SENTENCE}"
-    end
-  end
-
-  private
-
-  def error_at(options={})
-    options.assert_valid_keys(:element, :index, :prefix)
-    prefix = options.fetch(:prefix)
-
-    clause = location_clause(
-        :element => options[:element],
-        :index => options[:index]
-    )
-    sentence = "#{prefix} #{clause}."
-
-    sentences = [
-        sentence,
-        TYPE_SIGNATURE_SENTENCE
-    ]
-
-    error = sentences.join("  ")
-
-    error
-  end
-
-  def length_error_at(options={})
-    options.assert_valid_keys(:element, :extreme, :index)
-    extreme = options.fetch(:extreme)
-
-    prefix = "has too #{extreme} elements"
-    error = error_at(
-        :element => options[:element],
-        :index => options[:index],
-        :prefix => prefix
-    )
-
-    error
-  end
-
-  def location_clause(options={})
-    options.assert_valid_keys(:element, :index)
-
-    element = options.fetch(:element)
-    index = options.fetch(:index)
-
-    clause = "at index #{index} (#{element.inspect})"
-
-    clause
-  end
-end

data/app/validators/password_is_strong_validator.rb

@@ -1,117 +0,0 @@
-# Validates that
-class PasswordIsStrongValidator < ActiveModel::EachValidator
-  #
-  # CONSTANTS
-  #
-
-  # Known passwords that should NOT be allowed and should be considered weak.
-  COMMON_PASSWORDS = %w{
-      password pass root admin metasploit
-      msf 123456 qwerty abc123 letmein monkey link182 demo
-      changeme test1234 rapid7
-    }
-
-  # Special characters that are considered to strength passwords and are required once in a strong password.
-  SPECIAL_CHARS = %q{!@"#$%&'()*+,-./:;<=>?[\\]^_`{|}~ }
-
-  # Validates that the `attribute`'s `value` on `record` contains letters, numbers, and at least one special character
-  # without containing the `record.username`, any {COMMON_PASSWORDS} or repetition.
-  def validate_each(record, attribute, value)
-    return if value.blank?
-
-    if is_simple?(value)
-      record.errors[attribute] << "must contain letters, numbers, and at least one special character"
-    end
-
-    if contains_username?(record.username, value)
-      record.errors[attribute] << "must not contain the username"
-    end
-
-    if is_common_password?(value)
-      record.errors[attribute] << "must not be a common password"
-    end
-
-    if contains_repetition?(value)
-      record.errors[attribute] << "must not be a predictable sequence of characters"
-    end
-  end
-
-  private
-
-  def is_simple?(password)
-    not (password =~ /[A-Za-z]/ and password =~ /[0-9]/ and password =~ /[#{Regexp.escape(SPECIAL_CHARS)}]/)
-  end
-
-  def contains_username?(username, password)
-    !!(password =~ /#{username}/i)
-  end
-
-  def is_common_password?(password)
-    COMMON_PASSWORDS.each do |pw|
-      common_pw = [pw] # pw + "!", pw + "1", pw + "12", pw + "123", pw + "1234"]
-      common_pw += mutate_pass(pw)
-      common_pw.each do |common_pass|
-        if password.downcase =~ /#{common_pass}[\d!]*/
-          return true
-        end
-      end
-    end
-    false
-  end
-
-  def mutate_pass(password)
-    mutations = {
-        'a' => '@',
-        'o' => '0',
-        'e' => '3',
-        's' => '$',
-        't' => '7',
-        'l' => '1'
-    }
-
-    iterations = mutations.keys.dup
-    results = []
-
-    # Find PowerSet of all possible mutation combinations
-    iterations = iterations.inject([[]]){|c,y|r=[];c.each{|i|r<<i;r<<i+[y]};r}
-
-    # Iterate through combinations to create each possible mutation
-    iterations.each do |iteration|
-      next if iteration.flatten.empty?
-      first = iteration.shift
-      intermediate = password.gsub(/#{first}/i, mutations[first])
-      iteration.each do |mutator|
-        next unless mutator.kind_of? String
-        intermediate.gsub!(/#{mutator}/i, mutations[mutator])
-      end
-      results << intermediate
-    end
-
-    return results
-  end
-
-
-
-  def contains_repetition?(password)
-    # Password repetition (quite basic) -- no "aaaaaa" or "ababab" or "abcabc" or
-    # "abcdabcd" (but note that the user can use "aaaaaab" or something).
-
-    if password.scan(/./).uniq.size < 2
-      return true
-    end
-
-    if (password.size % 2 == 0) and (password.scan(/../).uniq.size < 2)
-      return true
-    end
-
-    if (password.size % 3 == 0) and (password.scan(/.../).uniq.size < 2)
-      return true
-    end
-
-    if (password.size % 4 == 0) and (password.scan(/..../).uniq.size < 2)
-      return true
-    end
-
-    false
-  end
-end