metasploit_data_models 0.24.5 → 1.0.0.pre.rails.pre.4.0a
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rspec +1 -1
- data/.simplecov +1 -1
- data/Gemfile +8 -5
- data/app/models/mdm/api_key.rb +1 -0
- data/app/models/mdm/client.rb +2 -2
- data/app/models/mdm/cred.rb +13 -13
- data/app/models/mdm/event.rb +5 -4
- data/app/models/mdm/exploit_attempt.rb +1 -0
- data/app/models/mdm/exploited_host.rb +1 -1
- data/app/models/mdm/host.rb +37 -20
- data/app/models/mdm/host_detail.rb +2 -2
- data/app/models/mdm/host_tag.rb +1 -1
- data/app/models/mdm/listener.rb +2 -1
- data/app/models/mdm/loot.rb +1 -0
- data/app/models/mdm/macro.rb +1 -1
- data/app/models/mdm/mod_ref.rb +1 -0
- data/app/models/mdm/module/action.rb +1 -7
- data/app/models/mdm/module/arch.rb +0 -6
- data/app/models/mdm/module/author.rb +1 -8
- data/app/models/mdm/module/detail.rb +1 -1
- data/app/models/mdm/module/mixin.rb +0 -6
- data/app/models/mdm/module/platform.rb +0 -6
- data/app/models/mdm/module/ref.rb +0 -6
- data/app/models/mdm/module/target.rb +0 -7
- data/app/models/mdm/nexpose_console.rb +1 -0
- data/app/models/mdm/note.rb +3 -3
- data/app/models/mdm/ref.rb +0 -6
- data/app/models/mdm/route.rb +2 -1
- data/app/models/mdm/service.rb +1 -1
- data/app/models/mdm/session.rb +8 -7
- data/app/models/mdm/session_event.rb +2 -1
- data/app/models/mdm/tag.rb +2 -2
- data/app/models/mdm/task.rb +1 -3
- data/app/models/mdm/user.rb +4 -5
- data/app/models/mdm/vuln.rb +8 -7
- data/app/models/mdm/vuln_attempt.rb +1 -0
- data/app/models/mdm/vuln_detail.rb +3 -2
- data/app/models/mdm/vuln_ref.rb +1 -1
- data/app/models/mdm/web_form.rb +2 -1
- data/app/models/mdm/web_page.rb +3 -2
- data/app/models/mdm/web_site.rb +3 -2
- data/app/models/mdm/web_vuln.rb +1 -0
- data/app/models/mdm/wmap_request.rb +12 -0
- data/app/models/mdm/wmap_target.rb +12 -0
- data/app/models/mdm/workspace.rb +4 -3
- data/app/models/metasploit_data_models/automatic_exploitation/match.rb +0 -3
- data/app/models/metasploit_data_models/automatic_exploitation/match_result.rb +0 -12
- data/app/models/metasploit_data_models/automatic_exploitation/match_set.rb +0 -1
- data/app/models/metasploit_data_models/automatic_exploitation/run.rb +0 -2
- data/app/validators/ip_format_validator.rb +6 -1
- data/config/initializers/ipaddr.rb +35 -0
- data/db/migrate/002_add_workspaces.rb +2 -2
- data/db/migrate/007_add_loots.rb +1 -1
- data/db/migrate/008_create_users.rb +1 -1
- data/db/migrate/011_add_reports.rb +1 -1
- data/db/migrate/012_add_tasks.rb +1 -1
- data/db/migrate/026_add_creds_table.rb +2 -2
- data/db/migrate/20100824151500_add_exploited_table.rb +1 -1
- data/db/migrate/20100911122000_add_report_templates.rb +1 -1
- data/db/migrate/20100916175000_add_campaigns_and_templates.rb +1 -1
- data/db/migrate/20101001000000_add_web_tables.rb +13 -13
- data/db/migrate/20110204112800_add_host_tags.rb +1 -1
- data/db/migrate/20110527000001_add_api_keys_table.rb +1 -1
- data/db/migrate/20110606000001_add_macros_table.rb +2 -2
- data/db/migrate/20110624000001_add_listeners_table.rb +1 -1
- data/db/migrate/20110630000001_add_nexpose_consoles_table.rb +1 -1
- data/db/migrate/20110717000001_add_profiles_table.rb +1 -1
- data/db/migrate/20130522001343_create_task_creds.rb +1 -1
- data/db/migrate/20130522032517_create_task_hosts.rb +1 -1
- data/db/migrate/20130522041110_create_task_services.rb +1 -1
- data/db/migrate/20130604145732_create_task_sessions.rb +1 -1
- data/db/migrate/20131002004641_create_automatic_exploitation_matches.rb +1 -1
- data/db/migrate/20131002164449_create_automatic_exploitation_match_sets.rb +1 -1
- data/db/migrate/20131008213344_create_automatic_exploitation_runs.rb +1 -1
- data/db/migrate/20131017150735_create_automatic_exploitation_match_results.rb +1 -1
- data/db/migrate/20150219173821_create_module_runs.rb +1 -1
- data/db/migrate/20150317145455_rename_module_indices.rb +29 -0
- data/db/migrate/20150421211719_rename_automatic_exploitation_index.rb +16 -0
- data/lib/mdm/host/operating_system_normalization.rb +1 -1
- data/lib/metasploit_data_models.rb +1 -0
- data/lib/metasploit_data_models/engine.rb +1 -1
- data/lib/metasploit_data_models/version.rb +5 -3
- data/metasploit_data_models.gemspec +11 -8
- data/spec/app/models/mdm/event_spec.rb +17 -11
- data/spec/app/models/mdm/host_spec.rb +2 -2
- data/spec/app/models/mdm/module/action_spec.rb +0 -5
- data/spec/app/models/mdm/module/arch_spec.rb +0 -5
- data/spec/app/models/mdm/module/author_spec.rb +0 -6
- data/spec/app/models/mdm/module/detail_spec.rb +3 -3
- data/spec/app/models/mdm/module/mixin_spec.rb +0 -5
- data/spec/app/models/mdm/module/platform_spec.rb +0 -5
- data/spec/app/models/mdm/module/ref_spec.rb +0 -5
- data/spec/app/models/mdm/module/target_spec.rb +0 -6
- data/spec/app/models/mdm/ref_spec.rb +0 -3
- data/spec/app/models/mdm/service_spec.rb +1 -1
- data/spec/app/models/mdm/web_vuln_spec.rb +3 -3
- data/spec/app/models/mdm/wmap_request_spec.rb +2 -0
- data/spec/app/models/mdm/wmap_target_spec.rb +2 -0
- data/spec/app/models/mdm/workspace_spec.rb +2 -2
- data/spec/app/models/metasploit_data_models/search/operation/port/number_spec.rb +1 -1
- data/spec/dummy/config/application.rb +1 -7
- data/spec/dummy/config/environments/development.rb +2 -13
- data/spec/dummy/config/environments/production.rb +2 -0
- data/spec/dummy/config/environments/test.rb +2 -6
- data/spec/dummy/db/structure.sql +24 -19
- data/spec/dummy/db/structure.sql.from_rails_3 +3403 -0
- data/spec/factories/mdm/module/details.rb +1 -1
- data/spec/lib/ipaddr_spec.rb +31 -0
- data/spec/lib/metasploit_data_models/version_spec.rb +1 -3
- data/spec/support/shared/examples/coerces_inet_column_type_to_string.rb +15 -0
- metadata +63 -28
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5190db99abdc62da0a77b62b517412b481be8957
|
4
|
+
data.tar.gz: a67d53030938408032e52f22a92c1f330195f4e0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1231e579d907eeedee180ab9ee77472cefbb0a72cfcbf8f78162fa9bd51366174875e4e9706d1e0ce1ded6233a7342557ab5a8d272677409a388bf1bed5816bd
|
7
|
+
data.tar.gz: 6eb74b74f6451727d9d739a307779283dd69a9a9003403d7cdf0e75aafa8f957fb93884c3d37e6bbd81cdc14e5ba5d04888f685e319e41907ef03ee4afd79052
|
data/.rspec
CHANGED
data/.simplecov
CHANGED
data/Gemfile
CHANGED
@@ -4,8 +4,9 @@ source "https://rubygems.org"
|
|
4
4
|
gemspec
|
5
5
|
|
6
6
|
group :development do
|
7
|
+
gem 'metasploit-erd', '1.0.0.pre.rails.pre.4.0'
|
7
8
|
# embed ERDs on index, namespace Module and Class<ActiveRecord::Base> pages
|
8
|
-
gem 'yard-metasploit-erd', '
|
9
|
+
gem 'yard-metasploit-erd', '1.0.0.pre.rails.pre.4.0'
|
9
10
|
end
|
10
11
|
|
11
12
|
# used by dummy application
|
@@ -17,10 +18,12 @@ group :development, :test do
|
|
17
18
|
gem 'factory_girl', '>= 4.1.0'
|
18
19
|
# auto-load factories from spec/factories
|
19
20
|
gem 'factory_girl_rails'
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
21
|
+
|
22
|
+
rails_version_constraint = [
|
23
|
+
'>= 4.0.9',
|
24
|
+
'< 4.1.0'
|
25
|
+
]
|
26
|
+
gem 'rails', *rails_version_constraint
|
24
27
|
# Used to create fake data
|
25
28
|
gem "faker"
|
26
29
|
end
|
data/app/models/mdm/api_key.rb
CHANGED
data/app/models/mdm/client.rb
CHANGED
data/app/models/mdm/cred.rb
CHANGED
@@ -1,18 +1,6 @@
|
|
1
1
|
class Mdm::Cred < ActiveRecord::Base
|
2
2
|
#
|
3
|
-
#
|
4
|
-
#
|
5
|
-
KEY_ID_REGEX = /([0-9a-fA-F:]{47})/
|
6
|
-
PTYPES = {
|
7
|
-
'read/write password' => 'password_rw',
|
8
|
-
'read-only password' => 'password_ro',
|
9
|
-
'SMB hash' => 'smb_hash',
|
10
|
-
'SSH private key' => 'ssh_key',
|
11
|
-
'SSH public key' => 'ssh_pubkey'
|
12
|
-
}
|
13
|
-
|
14
|
-
#
|
15
|
-
# Relations
|
3
|
+
# Associations
|
16
4
|
#
|
17
5
|
|
18
6
|
# @!attribute [rw] servce
|
@@ -37,6 +25,18 @@ class Mdm::Cred < ActiveRecord::Base
|
|
37
25
|
#
|
38
26
|
# @return [Array<Mdm::Task>]
|
39
27
|
has_many :tasks, :through => :task_creds
|
28
|
+
|
29
|
+
#
|
30
|
+
# CONSTANTS
|
31
|
+
#
|
32
|
+
KEY_ID_REGEX = /([0-9a-fA-F:]{47})/
|
33
|
+
PTYPES = {
|
34
|
+
'read/write password' => 'password_rw',
|
35
|
+
'read-only password' => 'password_ro',
|
36
|
+
'SMB hash' => 'smb_hash',
|
37
|
+
'SSH private key' => 'ssh_key',
|
38
|
+
'SSH public key' => 'ssh_pubkey'
|
39
|
+
}
|
40
40
|
|
41
41
|
after_create :increment_host_counter_cache
|
42
42
|
after_destroy :decrement_host_counter_cache
|
data/app/models/mdm/event.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
class Mdm::Event < ActiveRecord::Base
|
2
|
+
|
2
3
|
#
|
3
|
-
#
|
4
|
+
# Associations
|
4
5
|
#
|
5
6
|
|
6
7
|
belongs_to :host,
|
@@ -10,13 +11,13 @@ class Mdm::Event < ActiveRecord::Base
|
|
10
11
|
belongs_to :workspace,
|
11
12
|
class_name: 'Mdm::Workspace',
|
12
13
|
inverse_of: :events
|
13
|
-
|
14
|
+
|
14
15
|
#
|
15
16
|
# Scopes
|
16
17
|
#
|
17
18
|
|
18
|
-
scope :flagged, where(:critical => true, :seen => false)
|
19
|
-
scope :module_run, where(:name => 'module_run')
|
19
|
+
scope :flagged, -> { where(:critical => true, :seen => false) }
|
20
|
+
scope :module_run, -> { where(:name => 'module_run') }
|
20
21
|
|
21
22
|
#
|
22
23
|
# Serializations
|
data/app/models/mdm/host.rb
CHANGED
@@ -61,6 +61,18 @@ class Mdm::Host < ActiveRecord::Base
|
|
61
61
|
'unknown'
|
62
62
|
]
|
63
63
|
|
64
|
+
#
|
65
|
+
# Aggregations
|
66
|
+
#
|
67
|
+
|
68
|
+
# @!attribute [rw] address
|
69
|
+
# The IP address of this host. Necessary to avoid coercion to an `IPAddr` object.
|
70
|
+
#
|
71
|
+
# @return [String]
|
72
|
+
def address
|
73
|
+
self[:address].to_s
|
74
|
+
end
|
75
|
+
|
64
76
|
#
|
65
77
|
# Associations
|
66
78
|
#
|
@@ -132,20 +144,20 @@ class Mdm::Host < ActiveRecord::Base
|
|
132
144
|
# @todo MSP-3065
|
133
145
|
# @return [ActiveRecord::Relation<Mdm::Loot>]
|
134
146
|
has_many :loots,
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
147
|
+
-> { order('loots.created_at DESC')},
|
148
|
+
class_name: 'Mdm::Loot',
|
149
|
+
dependent: :destroy,
|
150
|
+
inverse_of: :host
|
139
151
|
|
140
152
|
# @!attribute [rw] notes
|
141
153
|
# Notes about the host entered by a user with {Mdm::Note#created_at oldest notes} first.
|
142
154
|
#
|
143
155
|
# @return [ActiveRecord::Relation<Mdm::Note>]
|
144
156
|
has_many :notes,
|
145
|
-
|
146
|
-
|
147
|
-
|
148
|
-
|
157
|
+
-> { order('notes.created_at') },
|
158
|
+
class_name: 'Mdm::Note',
|
159
|
+
inverse_of: :host,
|
160
|
+
dependent: :delete_all
|
149
161
|
|
150
162
|
# @!attribute [rw] services
|
151
163
|
# The services running on {Mdm::Service#port ports} on the host with services ordered by {Mdm::Service#port port}
|
@@ -153,10 +165,10 @@ class Mdm::Host < ActiveRecord::Base
|
|
153
165
|
#
|
154
166
|
# @return [ActiveRecord::Relation<Mdm::Service>]
|
155
167
|
has_many :services,
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
168
|
+
-> { order('services.port, services.proto') },
|
169
|
+
class_name: 'Mdm::Service',
|
170
|
+
dependent: :destroy,
|
171
|
+
inverse_of: :host
|
160
172
|
|
161
173
|
# @!attribute [rw] sessions
|
162
174
|
# Sessions that are open or previously were open on the host ordered by {Mdm::Session#opened_at when the session was
|
@@ -164,10 +176,10 @@ class Mdm::Host < ActiveRecord::Base
|
|
164
176
|
#
|
165
177
|
# @return [ActiveRecord::Relation<Mdm::Session]
|
166
178
|
has_many :sessions,
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
|
179
|
+
-> { order('sessions.opened_at') },
|
180
|
+
class_name: 'Mdm::Session',
|
181
|
+
dependent: :destroy,
|
182
|
+
inverse_of: :host
|
171
183
|
|
172
184
|
# @!attribute [rw] vulns
|
173
185
|
# Vulnerabilities found on the host.
|
@@ -452,7 +464,7 @@ class Mdm::Host < ActiveRecord::Base
|
|
452
464
|
|
453
465
|
validates :address,
|
454
466
|
:exclusion => {
|
455
|
-
:in => ['127.0.0.1']
|
467
|
+
:in => [IPAddr.new('127.0.0.1')]
|
456
468
|
},
|
457
469
|
:ip_format => true,
|
458
470
|
:presence => true,
|
@@ -476,8 +488,8 @@ class Mdm::Host < ActiveRecord::Base
|
|
476
488
|
# Scopes
|
477
489
|
#
|
478
490
|
|
479
|
-
scope :alive, where({'hosts.state' => 'alive'})
|
480
|
-
scope :flagged, where('notes.critical = true AND notes.seen = false').includes(:notes)
|
491
|
+
scope :alive, -> { where({'hosts.state' => 'alive'}) }
|
492
|
+
scope :flagged, -> { where('notes.critical = true AND notes.seen = false').includes(:notes) }
|
481
493
|
scope :search,
|
482
494
|
lambda { |*args|
|
483
495
|
# @todo replace with AREL
|
@@ -555,7 +567,12 @@ class Mdm::Host < ActiveRecord::Base
|
|
555
567
|
# @return [void]
|
556
568
|
def ip_address_invalid?
|
557
569
|
begin
|
558
|
-
|
570
|
+
if address.is_a? IPAddr
|
571
|
+
potential_ip = address.dup
|
572
|
+
else
|
573
|
+
potential_ip = IPAddr.new(address)
|
574
|
+
end
|
575
|
+
|
559
576
|
return true unless potential_ip.ipv4? || potential_ip.ipv6?
|
560
577
|
rescue ArgumentError
|
561
578
|
return true
|
@@ -1,6 +1,6 @@
|
|
1
1
|
class Mdm::HostDetail < ActiveRecord::Base
|
2
2
|
#
|
3
|
-
#
|
3
|
+
# Associations
|
4
4
|
#
|
5
5
|
|
6
6
|
belongs_to :host,
|
@@ -15,4 +15,4 @@ class Mdm::HostDetail < ActiveRecord::Base
|
|
15
15
|
validates :host_id, :presence => true
|
16
16
|
|
17
17
|
Metasploit::Concern.run(self)
|
18
|
-
end
|
18
|
+
end
|
data/app/models/mdm/host_tag.rb
CHANGED
data/app/models/mdm/listener.rb
CHANGED
data/app/models/mdm/loot.rb
CHANGED
data/app/models/mdm/macro.rb
CHANGED
data/app/models/mdm/mod_ref.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
class Mdm::Module::Action < ActiveRecord::Base
|
2
|
-
self.table_name = 'module_actions'
|
2
|
+
self.table_name = 'module_actions'
|
3
3
|
|
4
4
|
#
|
5
5
|
# Associations
|
@@ -7,12 +7,6 @@ class Mdm::Module::Action < ActiveRecord::Base
|
|
7
7
|
|
8
8
|
belongs_to :detail, :class_name => 'Mdm::Module::Detail'
|
9
9
|
|
10
|
-
#
|
11
|
-
# Mass Assignment Security
|
12
|
-
#
|
13
|
-
|
14
|
-
attr_accessible :name
|
15
|
-
|
16
10
|
#
|
17
11
|
# Validations
|
18
12
|
#
|