ronin-db-activerecord 0.1.6 → 0.2.0.rc1

data/lib/ronin/db/cert_organization.rb

@@ -0,0 +1,127 @@
+# frozen_string_literal: true
+#
+# ronin-db-activerecord - ActiveRecord backend for the Ronin Database.
+#
+# Copyright (c) 2022-2024 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# ronin-db-activerecord is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-db-activerecord is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-db-activerecord.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/db/model'
+
+module Ronin
+  module DB
+    #
+    # Base class for {CertIssuer} and {CertSubject}.
+    #
+    # @since 0.2.0
+    #
+    class CertOrganization < ActiveRecord::Base
+
+      include Model
+
+      self.abstract_class = true
+
+      # @!attribute [rw] id
+      #   The primary key of the certificate organization.
+      #
+      #   @return [Integer]
+      attribute :id, :integer
+
+      # @!attribute [rw] organization
+      #   The organization name (`O`).
+      #
+      #   @return [String]
+      attribute :organization, :string
+      validates :organization, presence: true
+
+      # @!attribute [rw] organizational_unit
+      #   The organizational unit (`OU`).
+      #
+      #   @return [String, nil]
+      attribute :organizational_unit, :string
+
+      # @!attribute [rw] locality
+      #   The locality (`L`)..
+      #
+      #   @return [String, nil]
+      attribute :locality, :string
+
+      # @!attribute [rw] state
+      #   The state (`ST`).
+      #
+      #   @return [String, nil]
+      attribute :state, :string
+
+      # @!attribute [rw] country
+      #   The two letter country code (`C`).
+      #
+      #   @return [String]
+      attribute :country, :string
+      validates :country, presence: true,
+                          length: {is: 2}
+
+      # @!attribute [rw] created_at
+      #   When the organization was first created.
+      #
+      #   @return [Time]
+      attribute :created_at, :datetime
+
+      # Mapping of X509 names to Symbols.
+      #
+      # @api private
+      X509_ATTRIBUTES = {
+        'CN'           => :common_name,
+        'emailAddress' => :email_address,
+        'O'            => :organization,
+        'OU'           => :organizational_unit,
+        'L'            => :locality,
+        'ST'           => :state,
+        'C'            => :country
+      }
+
+      #
+      # Parses an X509 Name into attributes.
+      #
+      # @param [OpenSSL::X509::Name, String] name
+      #   The X509 name to parse.
+      #
+      # @return [Hash{Symbol => String}]
+      #   The parsed attributes.
+      #
+      # @api private
+      #
+      def self.parse(name)
+        x509_name = case name
+                    when OpenSSL::X509::Name then name
+                    when String
+                      OpenSSL::X509::Name.parse(name)
+                    else
+                      raise(ArgumentError,"value must be either an OpenSSL::X509::Name or a String: #{name.inspect}")
+                    end
+
+        attributes = {}
+
+        x509_name.to_a.each do |(oid,value,type)|
+          if (key = X509_ATTRIBUTES[oid])
+            attributes[key] = value.force_encoding(Encoding::UTF_8)
+          end
+        end
+
+        return attributes
+      end
+
+    end
+  end
+end

data/lib/ronin/db/cert_subject.rb

@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+#
+# ronin-db-activerecord - ActiveRecord backend for the Ronin Database.
+#
+# Copyright (c) 2022-2024 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# ronin-db-activerecord is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-db-activerecord is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-db-activerecord.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/db/cert_organization'
+
+module Ronin
+  module DB
+    #
+    # Represents an subject of a SSL/TLS certificate.
+    #
+    # @since 0.2.0
+    #
+    class CertSubject < CertOrganization
+
+      # @!attribute [rw] common_name
+      #   The subject's common name (`CN`).
+      #
+      #   @return [CertName]
+      belongs_to :common_name, class_name: 'CertName',
+                               required:   true
+      validates :common_name, uniqueness: {
+        scope: [
+          :email_address,
+          :organization,
+          :organizational_unit,
+          :locality,
+          :state,
+          :country
+        ]
+      }
+
+      # @!attribute [rw] certs
+      #   The certificates that share this subject information.
+      #
+      #   @return [Array<Cert>]
+      has_many :certs, foreign_key: :subject_id,
+                       dependent:   :destroy
+
+      #
+      # Imports the certificate subject's X509 distinguished name.
+      #
+      # @param [OpenSSL::X509::Name, String] name
+      #   The X509 name to parse and import.
+      #
+      # @return [CertSubject]
+      #   The imported or pre-existing certificate subject.
+      #
+      # @api private
+      #
+      def self.import(name)
+        attributes  = parse(name)
+        common_name = attributes.fetch(:common_name)
+
+        attributes[:common_name] = CertName.find_or_import(common_name)
+
+        return find_or_create_by(attributes)
+      end
+
+    end
+  end
+end
+
+require 'ronin/db/cert_name'
+require 'ronin/db/cert'

data/lib/ronin/db/cert_subject_alt_name.rb

@@ -0,0 +1,88 @@
+# frozen_string_literal: true
+#
+# ronin-db-activerecord - ActiveRecord backend for the Ronin Database.
+#
+# Copyright (c) 2022-2024 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# ronin-db-activerecord is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-db-activerecord is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-db-activerecord.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/db/model'
+
+require 'ipaddr'
+
+module Ronin
+  module DB
+    #
+    # Represents a `subjectAltName` value from a SSL/TLS certificate.
+    #
+    # @since 0.2.0
+    #
+    class CertSubjectAltName < ActiveRecord::Base
+
+      include Model
+
+      # @!attribute [rw] id
+      #   The primary key of the certificate `subjectAltName` value.
+      #
+      #   @return [Integer]
+      attribute :id, :integer
+
+      # @!attribute [rw] name
+      #   A `DNS:`, `IP:`, or `Email:` name.
+      #
+      #   @return [CertName]
+      belongs_to :name, class_name: 'CertName',
+                        required:   true
+
+      # @!attribute [rw] cert
+      #   The parent certificate.
+      #
+      #   @return [Cert]
+      belongs_to :cert, required: true
+
+      #
+      # Parses a `subjectAltName` string.
+      #
+      # @param [String] string
+      #   The `subjectAltName` string.
+      #
+      # @return [Array<String>]
+      #   The parsed `subjectAltName`s.
+      #
+      # @api private
+      #
+      def self.parse(string)
+        string.split(', ').map do |item|
+          _prefix, name = item.split(':',2)
+
+          name
+        end
+      end
+
+      #
+      # Converts the certificate `subjectAltName` to a String.
+      #
+      # @return [String]
+      #
+      def to_s
+        name.to_s
+      end
+
+    end
+  end
+end
+
+require 'ronin/db/cert_name'
+require 'ronin/db/cert'

data/lib/ronin/db/credential.rb

@@ -2,7 +2,7 @@
 #
 # ronin-db-activerecord - ActiveRecord backend for the Ronin Database.
 #
-# Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2022-2024 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # ronin-db-activerecord is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Lesser General Public License as published
@@ -85,6 +85,14 @@ module Ronin
       #   @return [Array<URL>]
       has_many :urls, through: :web_credentials
 
+      # @!attribute [rw] notes
+      #   The associated notes.
+      #
+      #   @return [Array<Note>]
+      #
+      #   @since 0.2.0
+      has_many :notes, dependent: :destroy
+
       #
       # Searches for all credentials for a specific user.
       #
@@ -246,3 +254,4 @@ require 'ronin/db/email_address'
 require 'ronin/db/password'
 require 'ronin/db/service_credential'
 require 'ronin/db/web_credential'
+require 'ronin/db/note'

data/lib/ronin/db/dns_query.rb

@@ -0,0 +1,98 @@
+# frozen_string_literal: true
+#
+# ronin-db-activerecord - ActiveRecord backend for the Ronin Database.
+#
+# Copyright (c) 2022-2024 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# ronin-db-activerecord is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-db-activerecord is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-db-activerecord.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/db/model'
+
+require 'active_record'
+require 'resolv'
+
+module Ronin
+  module DB
+    #
+    # Represents a DNS query.
+    #
+    # @since 0.2.0
+    #
+    class DNSQuery < ActiveRecord::Base
+
+      include Model
+
+      # @!attribute [rw] id
+      #   The primary ID for the DNS query.
+      #
+      #   @return [Integer]
+      attribute :id, :integer
+
+      # @!attribute [rw] type
+      #   The queried record type.
+      #
+      #   @return [String]
+      enum type: {
+        a:     'A',
+        aaaa:  'AAAA',
+        any:   'ANY',
+        cname: 'CNAME',
+        hinfo: 'HINFO',
+        loc:   'LOC',
+        mx:    'MX',
+        ns:    'NS',
+        ptr:   'PTR',
+        soa:   'SOA',
+        srv:   'SRV',
+        txt:   'TXT',
+        wks:   'WKS'
+      }, _suffix: :query
+      validates :type, presence: true
+
+      # @!attribute [rw] label
+      #   The queried domain label.
+      #
+      #   @return [String]
+      attribute :label, :string
+      validates :label, presence: true
+
+      # @!attribute [rw] source_addr
+      #   The source IP Address.
+      #
+      #   @return [String]
+      attribute :source_addr, :string
+      validates :source_addr, length: { maximum: 39 },
+                              format: {
+                                with: /#{Resolv::IPv4::Regex}|#{Resolv::IPv6::Regex}/,
+                                message: 'Must be a valid IP address'
+                              }
+
+      # @!attribute [rw] created_at
+      #   When the DNS query request was created.
+      #
+      #   @return [Time]
+      attribute :created_at, :datetime
+
+      # @!attribute [rw] records
+      #   The optional DNS records associated with the DNS query.
+      #
+      #   @return [Array<DNSRecord>]
+      has_many :records, class_name: 'DNSRecord'
+
+    end
+  end
+end
+
+require 'ronin/db/dns_record'

data/lib/ronin/db/dns_record.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+#
+# ronin-db-activerecord - ActiveRecord backend for the Ronin Database.
+#
+# Copyright (c) 2022-2024 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# ronin-db-activerecord is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-db-activerecord is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-db-activerecord.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/db/model'
+
+require 'active_record'
+
+module Ronin
+  module DB
+    #
+    # Represents a DNS record.
+    #
+    # @since 0.2.0
+    #
+    class DNSRecord < ActiveRecord::Base
+
+      include Model
+
+      # @!attribute [rw] id
+      #   The primary ID for the DNS record.
+      #
+      #   @return [Integer]
+      attribute :id, :integer
+
+      # @!attribute [rw] ttl
+      #   The Time-To-Live (TTL) for the DNS record.
+      #
+      #   @return [Integer]
+      attribute :ttl, :integer
+      validates :ttl, presence: true
+
+      # @!attribute [rw] value
+      #   The value of the DNS record.
+      #
+      #   @return [String]
+      attribute :value, :string
+      validates :value, presence: true,
+                        length:   {maximum: 255}
+
+      # @!attribute [rw] dns_query
+      #   The DNS query that the record belongs to.
+      #
+      #   @return [DNSQuery]
+      belongs_to :dns_query
+
+      #
+      # Converts the DNS records into a String.
+      #
+      # @return [String]
+      #
+      def to_s
+        value
+      end
+
+    end
+  end
+end
+
+require 'ronin/db/dns_query'

data/lib/ronin/db/email_address.rb

@@ -2,7 +2,7 @@
 #
 # ronin-db-activerecord - ActiveRecord backend for the Ronin Database.
 #
-# Copyright (c) 2022-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2022-2024 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # ronin-db-activerecord is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Lesser General Public License as published
@@ -80,12 +80,84 @@ module Ronin
       #   @return [Array<Credential>]
       has_many :credentials, dependent: :destroy
 
+      # @!attribute [rw] passwords
+      #   Any passwords used with the email address.
+      #
+      #   @return [Array<EmailAddress>]
+      #
+      #   @since 0.2.0
+      has_many :passwords, through: :credentials
+
+      # @!attribute [rw] service_credentials
+      #   The service credentials that use the email address.
+      #
+      #   @return [Array<ServiceCredential>]
+      #
+      #   @since 0.2.0
+      has_many :service_credentials, through: :credentials
+
+      # @!attribute [rw] web_credentials
+      #   Any web credentials that use the email address.
+      #
+      #   @return [Array<WebCredential>]
+      #
+      #   @since 0.2.0
+      has_many :web_credentials, through: :credentials
+
       # @!attribute [rw] created_at
       #   Tracks when the email address was created at.
       #
       #   @return [Time]
       attribute :created_at, :datetime
 
+      # @!attribute [rw] personal_email_addresses
+      #   The association between people and the email address.
+      #
+      #   @return [Array<PersonalEmailAddress>]
+      #
+      #   @since 0.2.0
+      has_many :personal_email_addresses, dependent: :destroy
+
+      # @!attribute [rw] people
+      #   The people that use the email address.
+      #
+      #   @return [Array<Person>]
+      #
+      #   @since 0.2.0
+      has_many :people, through: :personal_email_addresses
+
+      # @!attribute [rw] organization_email_address
+      #   The association of the organization that use the email address.
+      #
+      #   @return [OrganizationEmailAddress, nil]
+      #
+      #   @since 0.2.0
+      has_one :organization_email_address, dependent: :destroy
+
+      # @!attribute [rw] organization_department
+      #   The organization department that uses the email address.
+      #
+      #   @return [OrganizationDepartment, nil]
+      #
+      #   @since 0.2.0
+      has_one :organization_department, dependent: :nullify
+
+      # @!attribute [rw] organization_members
+      #   The organization member that uses the email address.
+      #
+      #   @return [OrganizationMember, nil]
+      #
+      #   @since 0.2.0
+      has_one :organization_member, dependent: :nullify
+
+      # @!attribute [rw] notes
+      #   The associated notes.
+      #
+      #   @return [Array<Note>]
+      #
+      #   @since 0.2.0
+      has_many :notes, dependent: :destroy
+
       #
       # Searches for email addresses associated with the given host name(s).
       #
@@ -131,6 +203,67 @@ module Ronin
         joins(:user_name).where(user_name: {name: name})
       end
 
+      #
+      # Queries all email addresses that are associated with the password.
+      #
+      # @param [String] password
+      #   The plain-text password.
+      #
+      # @return [Array<EmailAddress>]
+      #   The email addresses that are associated with the password.
+      #
+      # @api public
+      #
+      # @since 0.2.0
+      #
+      def self.with_password(password)
+        joins(credentials: :password).where(
+          credentials: {
+            ronin_passwords: {
+              plain_text: password
+            }
+          }
+        )
+      end
+
+      #
+      # Queries all email addresses that are associated with the person.
+      #
+      # @param [String] full_name
+      #   The person's full name to search for.
+      #
+      # @return [Array<EmailAddress>]
+      #   The email addresses that are associated with the person.
+      #
+      # @api public
+      #
+      # @since 0.2.0
+      #
+      def self.for_person(full_name)
+        joins(:people).where(people: {full_name: full_name})
+      end
+
+      #
+      # Queries all email addresses that are associated with the organization.
+      #
+      # @param [String] name
+      #   The organization name to search for.
+      #
+      # @return [Array<EmailAddress>]
+      #   The email addresses that are associated with the organization.
+      #
+      # @api public
+      #
+      # @since 0.2.0
+      #
+      def self.for_organization(name)
+        joins(organization_email_address: :organization).where(
+          organization_email_address: {
+            ronin_organizations: {name: name}
+          }
+        )
+      end
+
       #
       # Looks up the email address.
       #
@@ -223,3 +356,8 @@ end
 
 require 'ronin/db/user_name'
 require 'ronin/db/host_name'
+require 'ronin/db/personal_email_address'
+require 'ronin/db/organization_department'
+require 'ronin/db/organization_email_address'
+require 'ronin/db/organization_member'
+require 'ronin/db/note'