metasploit_data_models 0.24.5 → 1.0.0.pre.rails.pre.4.0a

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d1295b513f0e595f45f1315528cec3ad0f4cf2de
-  data.tar.gz: 9e7bb0f98fc9b16e90fd65c502e715fc31f5a34a
+  metadata.gz: 5190db99abdc62da0a77b62b517412b481be8957
+  data.tar.gz: a67d53030938408032e52f22a92c1f330195f4e0
 SHA512:
-  metadata.gz: 29da581587c411a58073e15611381797eaa99d526e9f18bb4c41c7abf0d21cdce16050bdab6300431e0e65baca48b845dac7bbc9e30b6b5b7d226c1bd6cbffe9
-  data.tar.gz: 7645723fa0cb86dd2b484f8a4e51fdaee78be760a41bb25f6ca60df9c6f174d702cc584e26e4e810819e04af8bd3473b7b88510753961529a3eed04cd361968e
+  metadata.gz: 1231e579d907eeedee180ab9ee77472cefbb0a72cfcbf8f78162fa9bd51366174875e4e9706d1e0ce1ded6233a7342557ab5a8d272677409a388bf1bed5816bd
+  data.tar.gz: 6eb74b74f6451727d9d739a307779283dd69a9a9003403d7cdf0e75aafa8f957fb93884c3d37e6bbd81cdc14e5ba5d04888f685e319e41907ef03ee4afd79052

data/.rspec

@@ -1,3 +1,3 @@
---format nested
+--format documentation
 --colour
 --drb

data/.simplecov

@@ -7,7 +7,7 @@ unless ENV['RM_INFO']
 end
 
 SimpleCov.configure do
-  load_adapter('rails')
+  load_profile('rails')
 
   # ignore this file
 	add_filter '.simplecov'

data/Gemfile

@@ -4,8 +4,9 @@ source "https://rubygems.org"
 gemspec
 
 group :development do
+  gem 'metasploit-erd', '1.0.0.pre.rails.pre.4.0'
   # embed ERDs on index, namespace Module and Class<ActiveRecord::Base> pages
-  gem 'yard-metasploit-erd', '~> 0.0.2'
+  gem 'yard-metasploit-erd', '1.0.0.pre.rails.pre.4.0'
 end
 
 # used by dummy application
@@ -17,10 +18,12 @@ group :development, :test do
   gem 'factory_girl', '>= 4.1.0'
   # auto-load factories from spec/factories
   gem 'factory_girl_rails'
-  # rails is only used for the dummy application in spec/dummy
-  # restrict from rails 4.0 as it requires protected_attributes gem and other changes for compatibility
-  # @see MSP-2971
-  gem 'rails', '>= 3.2', '< 4.0.0'
+  
+  rails_version_constraint = [
+      '>= 4.0.9',
+      '< 4.1.0'
+  ]
+  gem 'rails', *rails_version_constraint
   # Used to create fake data
   gem "faker"
 end

data/app/models/mdm/api_key.rb

@@ -1,4 +1,5 @@
 class Mdm::ApiKey < ActiveRecord::Base
+  
   #
   # Validators
   #

data/app/models/mdm/client.rb

@@ -1,10 +1,10 @@
 class Mdm::Client < ActiveRecord::Base
   #
-  # Relations
+  # Associations
   #
   belongs_to :host,
              class_name: 'Mdm::Host',
              inverse_of: :clients
-
+  
   Metasploit::Concern.run(self)
 end

data/app/models/mdm/cred.rb

@@ -1,18 +1,6 @@
 class Mdm::Cred < ActiveRecord::Base
   #
-  # CONSTANTS
-  #
-  KEY_ID_REGEX = /([0-9a-fA-F:]{47})/
-  PTYPES = {
-      'read/write password' => 'password_rw',
-      'read-only password' => 'password_ro',
-      'SMB hash' => 'smb_hash',
-      'SSH private key' => 'ssh_key',
-      'SSH public key' => 'ssh_pubkey'
-  }
-
-  #
-  # Relations
+  # Associations
   #
 
   # @!attribute [rw] servce
@@ -37,6 +25,18 @@ class Mdm::Cred < ActiveRecord::Base
   #
   #   @return [Array<Mdm::Task>]
   has_many :tasks, :through => :task_creds
+  
+  #
+  # CONSTANTS
+  #
+  KEY_ID_REGEX = /([0-9a-fA-F:]{47})/
+  PTYPES = {
+      'read/write password' => 'password_rw',
+      'read-only password' => 'password_ro',
+      'SMB hash' => 'smb_hash',
+      'SSH private key' => 'ssh_key',
+      'SSH public key' => 'ssh_pubkey'
+  }
 
   after_create :increment_host_counter_cache
   after_destroy :decrement_host_counter_cache

data/app/models/mdm/event.rb

@@ -1,6 +1,7 @@
 class Mdm::Event < ActiveRecord::Base
+    
   #
-  # Relations
+  # Associations
   #
 
   belongs_to :host,
@@ -10,13 +11,13 @@ class Mdm::Event < ActiveRecord::Base
   belongs_to :workspace,
              class_name: 'Mdm::Workspace',
              inverse_of: :events
-
+  
   #
   # Scopes
   #
 
-  scope :flagged, where(:critical => true, :seen => false)
-  scope :module_run, where(:name => 'module_run')
+  scope :flagged, -> { where(:critical => true, :seen => false) }
+  scope :module_run, -> { where(:name => 'module_run') }
 
   #
   # Serializations

data/app/models/mdm/exploit_attempt.rb

@@ -1,4 +1,5 @@
 class Mdm::ExploitAttempt < ActiveRecord::Base
+  
   #
   # Associations
   #

data/app/models/mdm/exploited_host.rb

@@ -1,6 +1,6 @@
 class Mdm::ExploitedHost < ActiveRecord::Base
   #
-  # Relations
+  # Associations
   #
 
   belongs_to :host,

data/app/models/mdm/host.rb

@@ -61,6 +61,18 @@ class Mdm::Host < ActiveRecord::Base
       'unknown'
   ]
 
+  #
+  # Aggregations
+  #
+
+  # @!attribute [rw] address
+  #   The IP address of this host. Necessary to avoid coercion to an `IPAddr` object.
+  #
+  #   @return [String]
+  def address
+    self[:address].to_s
+  end
+
   #
   # Associations
   #
@@ -132,20 +144,20 @@ class Mdm::Host < ActiveRecord::Base
   #   @todo MSP-3065
   #   @return [ActiveRecord::Relation<Mdm::Loot>]
   has_many :loots,
-           class_name: 'Mdm::Loot',
-           dependent: :destroy,
-           inverse_of: :host,
-           order: 'loots.created_at DESC'
+            -> { order('loots.created_at DESC')},
+            class_name: 'Mdm::Loot',
+            dependent: :destroy,
+            inverse_of: :host
 
   # @!attribute [rw] notes
   #   Notes about the host entered by a user with {Mdm::Note#created_at oldest notes} first.
   #
   #   @return [ActiveRecord::Relation<Mdm::Note>]
   has_many :notes,
-           class_name: 'Mdm::Note',
-           inverse_of: :host,
-           dependent: :delete_all,
-           order: 'notes.created_at'
+            -> { order('notes.created_at') },
+            class_name: 'Mdm::Note',
+            inverse_of: :host,
+            dependent: :delete_all
 
   # @!attribute [rw] services
   #   The services running on {Mdm::Service#port ports} on the host with services ordered by {Mdm::Service#port port}
@@ -153,10 +165,10 @@ class Mdm::Host < ActiveRecord::Base
   #
   #   @return [ActiveRecord::Relation<Mdm::Service>]
   has_many :services,
-           class_name: 'Mdm::Service',
-           dependent: :destroy,
-           inverse_of: :host,
-           order: 'services.port, services.proto'
+            -> { order('services.port, services.proto') },
+            class_name: 'Mdm::Service',
+            dependent: :destroy,
+            inverse_of: :host
 
   # @!attribute [rw] sessions
   #   Sessions that are open or previously were open on the host ordered by {Mdm::Session#opened_at when the session was
@@ -164,10 +176,10 @@ class Mdm::Host < ActiveRecord::Base
   #
   #   @return [ActiveRecord::Relation<Mdm::Session]
   has_many :sessions,
-           class_name: 'Mdm::Session',
-           dependent: :destroy,
-           inverse_of: :host,
-           order: 'sessions.opened_at'
+            -> { order('sessions.opened_at') },
+            class_name: 'Mdm::Session',
+            dependent: :destroy,
+            inverse_of: :host
 
   # @!attribute [rw] vulns
   #   Vulnerabilities found on the host.
@@ -452,7 +464,7 @@ class Mdm::Host < ActiveRecord::Base
 
   validates :address,
             :exclusion => {
-                :in => ['127.0.0.1']
+                :in => [IPAddr.new('127.0.0.1')]
             },
             :ip_format => true,
             :presence => true,
@@ -476,8 +488,8 @@ class Mdm::Host < ActiveRecord::Base
   # Scopes
   #
 
-  scope :alive, where({'hosts.state' => 'alive'})
-  scope :flagged, where('notes.critical = true AND notes.seen = false').includes(:notes)
+  scope :alive, -> { where({'hosts.state' => 'alive'}) }
+  scope :flagged, -> { where('notes.critical = true AND notes.seen = false').includes(:notes) }
   scope :search,
         lambda { |*args|
           # @todo replace with AREL
@@ -555,7 +567,12 @@ class Mdm::Host < ActiveRecord::Base
   # @return [void]
   def ip_address_invalid?
     begin
-      potential_ip = IPAddr.new(address)
+      if address.is_a? IPAddr
+        potential_ip = address.dup
+      else
+        potential_ip = IPAddr.new(address)
+      end
+
       return true unless potential_ip.ipv4? || potential_ip.ipv6?
     rescue ArgumentError
       return true

data/app/models/mdm/host_detail.rb

@@ -1,6 +1,6 @@
 class Mdm::HostDetail < ActiveRecord::Base
   #
-  # Relations
+  # Associations
   #
 
   belongs_to :host,
@@ -15,4 +15,4 @@ class Mdm::HostDetail < ActiveRecord::Base
   validates :host_id, :presence => true
 
   Metasploit::Concern.run(self)
-end
+end

data/app/models/mdm/host_tag.rb

@@ -29,7 +29,7 @@ class Mdm::HostTag < ActiveRecord::Base
 
   # @see http://stackoverflow.com/a/11694704
   after_destroy :destroy_orphan_tag
-
+  
   #
   # Instance Methods
   #

data/app/models/mdm/listener.rb

@@ -1,6 +1,7 @@
 class Mdm::Listener < ActiveRecord::Base
+  
   #
-  # Relations
+  # Associations
   #
 
   belongs_to :task,

data/app/models/mdm/loot.rb

@@ -1,6 +1,7 @@
 # Loot gathered from {#host} or {#service} such as files to prove you were on the system or to crack later to gain
 # sessions on other machines in the network.
 class Mdm::Loot < ActiveRecord::Base
+  
   #
   # CONSTANTS
   #

data/app/models/mdm/macro.rb

@@ -13,7 +13,7 @@ class Mdm::Macro < ActiveRecord::Base
   # Validations
   #
 
-  validates :name, :presence => true, :format => /^[^'|"]+$/
+  validates :name, :presence => true, :format => /\A[^'|"]+\z/
 
   Metasploit::Concern.run(self)
 end

data/app/models/mdm/mod_ref.rb

@@ -1,3 +1,4 @@
 class Mdm::ModRef < ActiveRecord::Base
+  
   Metasploit::Concern.run(self)
 end

data/app/models/mdm/module/action.rb

@@ -1,5 +1,5 @@
 class Mdm::Module::Action < ActiveRecord::Base
-  self.table_name = 'module_actions'
+  self.table_name = 'module_actions'  
 
   #
   # Associations
@@ -7,12 +7,6 @@ class Mdm::Module::Action < ActiveRecord::Base
 
   belongs_to :detail, :class_name => 'Mdm::Module::Detail'
 
-  #
-  # Mass Assignment Security
-  #
-
-  attr_accessible :name
-
   #
   # Validations
   #

data/app/models/mdm/module/arch.rb

@@ -7,12 +7,6 @@ class Mdm::Module::Arch < ActiveRecord::Base
 
   belongs_to :detail, :class_name => 'Mdm::Module::Detail'
 
-  #
-  # Mass Assignment Security
-  #
-
-  attr_accessible :name
-
   #
   # Validations
   #

data/app/models/mdm/module/author.rb

@@ -6,14 +6,7 @@ class Mdm::Module::Author < ActiveRecord::Base
   #
 
   belongs_to :detail, :class_name => 'Mdm::Module::Detail'
-
-  #
-  # Mass Assignment Security
-  #
-
-  attr_accessible :email
-  attr_accessible :name
-
+  
   #
   # Validations
   #

data/app/models/mdm/module/detail.rb

@@ -2,7 +2,7 @@
 # {Mdm::Module} namespace.
 class Mdm::Module::Detail < ActiveRecord::Base
   self.table_name = 'module_details'
-
+  
   #
   # CONSTANTS
   #

data/app/models/mdm/module/mixin.rb

@@ -7,12 +7,6 @@ class Mdm::Module::Mixin < ActiveRecord::Base
 
   belongs_to :detail, :class_name => 'Mdm::Module::Detail'
 
-  #
-  # Mass Assignment Security
-  #
-
-  attr_accessible :name
-
   #
   # Validation
   #

data/app/models/mdm/module/platform.rb

@@ -7,12 +7,6 @@ class Mdm::Module::Platform < ActiveRecord::Base
 
   belongs_to :detail, :class_name => 'Mdm::Module::Detail'
 
-  #
-  # Mass Assignment Security
-  #
-
-  attr_accessible :name
-
   #
   # Validations
   #

data/app/models/mdm/module/ref.rb

@@ -31,12 +31,6 @@ class Mdm::Module::Ref < ActiveRecord::Base
   #
   #   @return [String]
 
-  #
-  # Mass Assignment Security
-  #
-
-  attr_accessible :name
-
   #
   # Validations
   #

data/app/models/mdm/module/target.rb

@@ -7,13 +7,6 @@ class Mdm::Module::Target < ActiveRecord::Base
 
   belongs_to :detail, :class_name => 'Mdm::Module::Detail'
 
-  #
-  # Mass Assignment Security
-  #
-
-  attr_accessible :index
-  attr_accessible :name
-
   #
   # Validators
   #