RubyGems - wg-metasploit_data_models - Versions diffs - 4.1.4.01 → 4.1.4.02 - Mend

wg-metasploit_data_models 4.1.4.01 → 4.1.4.02

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (440) hide show

checksums.yaml +4 -4
data/.coveralls.yml +1 -0
data/.github/workflows/verify.yml +68 -0
data/.gitignore +29 -0
data/.rspec +3 -0
data/.simplecov +38 -0
data/.yardopts +4 -0
data/CHANGELOG.md +6 -0
data/CONTRIBUTING.md +133 -0
data/Gemfile +46 -0
data/LICENSE +27 -0
data/README.md +65 -0
data/RELEASING.md +82 -0
data/Rakefile +72 -0
data/UPGRADING.md +1 -0
data/app/models/mdm/api_key.rb +61 -0
data/app/models/mdm/async_callback.rb +64 -0
data/app/models/mdm/client.rb +50 -0
data/app/models/mdm/cred.rb +205 -0
data/app/models/mdm/event.rb +83 -0
data/app/models/mdm/exploit_attempt.rb +105 -0
data/app/models/mdm/exploited_host.rb +42 -0
data/app/models/mdm/host.rb +619 -0
data/app/models/mdm/host_detail.rb +62 -0
data/app/models/mdm/host_tag.rb +49 -0
data/app/models/mdm/listener.rb +82 -0
data/app/models/mdm/loot.rb +161 -0
data/app/models/mdm/macro.rb +62 -0
data/app/models/mdm/mod_ref.rb +24 -0
data/app/models/mdm/module/action.rb +33 -0
data/app/models/mdm/module/arch.rb +28 -0
data/app/models/mdm/module/author.rb +34 -0
data/app/models/mdm/module/detail.rb +388 -0
data/app/models/mdm/module/mixin.rb +31 -0
data/app/models/mdm/module/platform.rb +29 -0
data/app/models/mdm/module/ref.rb +42 -0
data/app/models/mdm/module/target.rb +37 -0
data/app/models/mdm/nexpose_console.rb +121 -0
data/app/models/mdm/note.rb +125 -0
data/app/models/mdm/payload.rb +103 -0
data/app/models/mdm/profile.rb +45 -0
data/app/models/mdm/ref.rb +48 -0
data/app/models/mdm/route.rb +28 -0
data/app/models/mdm/service.rb +267 -0
data/app/models/mdm/session.rb +203 -0
data/app/models/mdm/session_event.rb +44 -0
data/app/models/mdm/tag.rb +114 -0
data/app/models/mdm/task.rb +168 -0
data/app/models/mdm/task_cred.rb +45 -0
data/app/models/mdm/task_host.rb +41 -0
data/app/models/mdm/task_service.rb +41 -0
data/app/models/mdm/task_session.rb +41 -0
data/app/models/mdm/user.rb +230 -0
data/app/models/mdm/vuln.rb +204 -0
data/app/models/mdm/vuln_attempt.rb +76 -0
data/app/models/mdm/vuln_detail.rb +156 -0
data/app/models/mdm/vuln_ref.rb +21 -0
data/app/models/mdm/web_form.rb +53 -0
data/app/models/mdm/web_page.rb +92 -0
data/app/models/mdm/web_site.rb +113 -0
data/app/models/mdm/web_vuln.rb +193 -0
data/app/models/mdm/wmap_request.rb +101 -0
data/app/models/mdm/wmap_target.rb +56 -0
data/app/models/mdm/workspace.rb +286 -0
data/app/models/metasploit_data_models/automatic_exploitation/match.rb +43 -0
data/app/models/metasploit_data_models/automatic_exploitation/match_result.rb +71 -0
data/app/models/metasploit_data_models/automatic_exploitation/match_set.rb +40 -0
data/app/models/metasploit_data_models/automatic_exploitation/run.rb +29 -0
data/app/models/metasploit_data_models/ip_address/v4/cidr.rb +14 -0
data/app/models/metasploit_data_models/ip_address/v4/nmap.rb +14 -0
data/app/models/metasploit_data_models/ip_address/v4/range.rb +12 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list.rb +125 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range.rb +12 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/single.rb +123 -0
data/app/models/metasploit_data_models/ip_address/v4/segmented.rb +200 -0
data/app/models/metasploit_data_models/ip_address/v4/single.rb +53 -0
data/app/models/metasploit_data_models/module_run.rb +213 -0
data/app/models/metasploit_data_models/search/operation/ip_address.rb +60 -0
data/app/models/metasploit_data_models/search/operation/port/number.rb +25 -0
data/app/models/metasploit_data_models/search/operation/port/range.rb +79 -0
data/app/models/metasploit_data_models/search/operation/range.rb +56 -0
data/app/models/metasploit_data_models/search/operator/ip_address.rb +33 -0
data/app/models/metasploit_data_models/search/operator/multitext.rb +73 -0
data/app/models/metasploit_data_models/search/operator/port/list.rb +67 -0
data/app/models/metasploit_data_models/search/visitor/attribute.rb +17 -0
data/app/models/metasploit_data_models/search/visitor/includes.rb +47 -0
data/app/models/metasploit_data_models/search/visitor/joins.rb +67 -0
data/app/models/metasploit_data_models/search/visitor/method.rb +16 -0
data/app/models/metasploit_data_models/search/visitor/relation.rb +91 -0
data/app/models/metasploit_data_models/search/visitor/where.rb +128 -0
data/config/initializers/arel_helper.rb +5 -0
data/config/initializers/ipaddr.rb +29 -0
data/config/locales/en.yml +94 -0
data/console_db.yml +9 -0
data/db/migrate/000_create_tables.rb +79 -0
data/db/migrate/001_add_wmap_tables.rb +35 -0
data/db/migrate/002_add_workspaces.rb +36 -0
data/db/migrate/003_move_notes.rb +20 -0
data/db/migrate/004_add_events_table.rb +16 -0
data/db/migrate/005_expand_info.rb +58 -0
data/db/migrate/006_add_timestamps.rb +26 -0
data/db/migrate/007_add_loots.rb +20 -0
data/db/migrate/008_create_users.rb +16 -0
data/db/migrate/009_add_loots_ctype.rb +10 -0
data/db/migrate/010_add_alert_fields.rb +16 -0
data/db/migrate/011_add_reports.rb +19 -0
data/db/migrate/012_add_tasks.rb +24 -0
data/db/migrate/013_add_tasks_result.rb +10 -0
data/db/migrate/014_add_loots_fields.rb +12 -0
data/db/migrate/015_rename_user.rb +16 -0
data/db/migrate/016_add_host_purpose.rb +10 -0
data/db/migrate/017_expand_info2.rb +58 -0
data/db/migrate/018_add_workspace_user_info.rb +29 -0
data/db/migrate/019_add_workspace_desc.rb +23 -0
data/db/migrate/020_add_user_preferences.rb +11 -0
data/db/migrate/021_standardize_info_and_data.rb +18 -0
data/db/migrate/022_enlarge_event_info.rb +10 -0
data/db/migrate/023_add_report_downloaded_at.rb +10 -0
data/db/migrate/024_convert_service_info_to_text.rb +12 -0
data/db/migrate/025_add_user_admin.rb +19 -0
data/db/migrate/026_add_creds_table.rb +19 -0
data/db/migrate/20100819123300_migrate_cred_data.rb +154 -0
data/db/migrate/20100824151500_add_exploited_table.rb +16 -0
data/db/migrate/20100908001428_add_owner_to_workspaces.rb +9 -0
data/db/migrate/20100911122000_add_report_templates.rb +18 -0
data/db/migrate/20100916151530_require_admin_flag.rb +15 -0
data/db/migrate/20100916175000_add_campaigns_and_templates.rb +61 -0
data/db/migrate/20100920012100_add_generate_exe_column.rb +8 -0
data/db/migrate/20100926214000_add_template_prefs.rb +11 -0
data/db/migrate/20101001000000_add_web_tables.rb +57 -0
data/db/migrate/20101002000000_add_query.rb +10 -0
data/db/migrate/20101007000000_add_vuln_info.rb +15 -0
data/db/migrate/20101008111800_add_clients_to_campaigns.rb +10 -0
data/db/migrate/20101009023300_add_campaign_attachments.rb +15 -0
data/db/migrate/20101104135100_add_imported_creds.rb +17 -0
data/db/migrate/20101203000000_fix_web_tables.rb +34 -0
data/db/migrate/20101203000001_expand_host_comment.rb +12 -0
data/db/migrate/20101206212033_add_limit_to_network_to_workspaces.rb +9 -0
data/db/migrate/20110112154300_add_module_uuid_to_tasks.rb +9 -0
data/db/migrate/20110204112800_add_host_tags.rb +28 -0
data/db/migrate/20110317144932_add_session_table.rb +110 -0
data/db/migrate/20110414180600_add_local_id_to_session_table.rb +11 -0
data/db/migrate/20110415175705_add_routes_table.rb +18 -0
data/db/migrate/20110422000000_convert_binary.rb +73 -0
data/db/migrate/20110425095900_add_last_seen_to_sessions.rb +8 -0
data/db/migrate/20110513143900_track_successful_exploits.rb +31 -0
data/db/migrate/20110517160800_rename_and_prune_nessus_vulns.rb +26 -0
data/db/migrate/20110527000000_add_task_id_to_reports_table.rb +11 -0
data/db/migrate/20110527000001_add_api_keys_table.rb +12 -0
data/db/migrate/20110606000001_add_macros_table.rb +16 -0
data/db/migrate/20110622000000_add_settings_to_tasks_table.rb +12 -0
data/db/migrate/20110624000001_add_listeners_table.rb +19 -0
data/db/migrate/20110625000001_add_macro_to_listeners_table.rb +12 -0
data/db/migrate/20110630000001_add_nexpose_consoles_table.rb +21 -0
data/db/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb +12 -0
data/db/migrate/20110717000001_add_profiles_table.rb +15 -0
data/db/migrate/20110727163801_expand_cred_ptype_column.rb +9 -0
data/db/migrate/20110730000001_add_initial_indexes.rb +85 -0
data/db/migrate/20110812000001_prune_indexes.rb +23 -0
data/db/migrate/20110922000000_expand_notes.rb +9 -0
data/db/migrate/20110928101300_add_mod_ref_table.rb +17 -0
data/db/migrate/20111011110000_add_display_name_to_reports_table.rb +24 -0
data/db/migrate/20111203000000_inet_columns.rb +13 -0
data/db/migrate/20111204000000_more_inet_columns.rb +17 -0
data/db/migrate/20111210000000_add_scope_to_hosts.rb +9 -0
data/db/migrate/20120126110000_add_virtual_host_to_hosts.rb +9 -0
data/db/migrate/20120411173220_rename_workspace_members.rb +9 -0
data/db/migrate/20120601152442_add_counter_caches_to_hosts.rb +21 -0
data/db/migrate/20120625000000_add_vuln_details.rb +34 -0
data/db/migrate/20120625000001_add_host_details.rb +16 -0
data/db/migrate/20120625000002_expand_details.rb +16 -0
data/db/migrate/20120625000003_expand_details2.rb +24 -0
data/db/migrate/20120625000004_add_vuln_attempts.rb +19 -0
data/db/migrate/20120625000005_add_vuln_and_host_counter_caches.rb +14 -0
data/db/migrate/20120625000006_add_module_details.rb +118 -0
data/db/migrate/20120625000007_add_exploit_attempts.rb +26 -0
data/db/migrate/20120625000008_add_fail_message.rb +12 -0
data/db/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb +13 -0
data/db/migrate/20130228214900_change_required_columns_to_null_false_in_web_vulns.rb +19 -0
data/db/migrate/20130412154159_change_foreign_key_in_module_actions.rb +25 -0
data/db/migrate/20130412171844_change_foreign_key_in_module_archs.rb +25 -0
data/db/migrate/20130412173121_change_foreign_key_in_module_authors.rb +25 -0
data/db/migrate/20130412173640_change_foreign_key_in_module_mixins.rb +25 -0
data/db/migrate/20130412174254_change_foreign_key_in_module_platforms.rb +25 -0
data/db/migrate/20130412174719_change_foreign_key_in_module_refs.rb +25 -0
data/db/migrate/20130412175040_change_foreign_key_in_module_targets.rb +25 -0
data/db/migrate/20130423211152_add_creds_counter_cache.rb +24 -0
data/db/migrate/20130430151353_change_required_columns_to_null_false_in_hosts.rb +11 -0
data/db/migrate/20130430162145_enforce_address_uniqueness_in_workspace_in_hosts.rb +101 -0
data/db/migrate/20130510021637_remove_campaigns.rb +11 -0
data/db/migrate/20130515164311_change_web_vulns_confidence_to_integer.rb +48 -0
data/db/migrate/20130515172727_valid_mdm_web_vuln_params.rb +30 -0
data/db/migrate/20130516204810_making_vulns_refs_a_real_ar_model.rb +5 -0
data/db/migrate/20130522001343_create_task_creds.rb +9 -0
data/db/migrate/20130522032517_create_task_hosts.rb +9 -0
data/db/migrate/20130522041110_create_task_services.rb +9 -0
data/db/migrate/20130525015035_remove_campaign_id_from_clients.rb +9 -0
data/db/migrate/20130525212420_drop_table_imported_creds.rb +14 -0
data/db/migrate/20130531144949_making_host_tags_a_real_ar_model.rb +6 -0
data/db/migrate/20130604145732_create_task_sessions.rb +9 -0
data/db/migrate/20130717150737_remove_pname_validation.rb +7 -0
data/db/migrate/20131002004641_create_automatic_exploitation_matches.rb +13 -0
data/db/migrate/20131002164449_create_automatic_exploitation_match_sets.rb +12 -0
data/db/migrate/20131008213344_create_automatic_exploitation_runs.rb +11 -0
data/db/migrate/20131011184338_module_detail_on_automatic_exploitation_match.rb +10 -0
data/db/migrate/20131017150735_create_automatic_exploitation_match_results.rb +11 -0
data/db/migrate/20131021185657_make_match_polymorphic.rb +11 -0
data/db/migrate/20140905031549_add_detected_arch_to_host.rb +5 -0
data/db/migrate/20150112203945_remove_duplicate_services.rb +17 -0
data/db/migrate/20150205192745_drop_service_uniqueness_index.rb +5 -0
data/db/migrate/20150209195939_add_vuln_id_to_note.rb +6 -0
data/db/migrate/20150212214222_remove_duplicate_services2.rb +17 -0
data/db/migrate/20150219173821_create_module_runs.rb +23 -0
data/db/migrate/20150219215039_add_module_run_to_session.rb +8 -0
data/db/migrate/20150226151459_add_module_run_fk_to_loot.rb +8 -0
data/db/migrate/20150312155312_add_module_full_name_to_match.rb +6 -0
data/db/migrate/20150317145455_rename_module_indices.rb +29 -0
data/db/migrate/20150326183742_add_missing_ae_indices.rb +13 -0
data/db/migrate/20150421211719_rename_automatic_exploitation_index.rb +16 -0
data/db/migrate/20150514182921_add_origin_to_mdm_vuln.rb +13 -0
data/db/migrate/20160415153312_remove_not_null_from_web_vuln_p_arams.rb +5 -0
data/db/migrate/20161004165612_add_fingerprinted_to_workspace.rb +5 -0
data/db/migrate/20161227212223_add_os_family_to_hosts.rb +5 -0
data/db/migrate/20180904120211_create_payloads.rb +21 -0
data/db/migrate/20190308134512_create_async_callbacks.rb +13 -0
data/db/migrate/20190507120211_remove_payload_workspaces.rb +5 -0
data/lib/mdm/host/operating_system_normalization.rb +942 -0
data/lib/mdm/module.rb +13 -0
data/lib/mdm.rb +57 -0
data/lib/metasploit_data_models/automatic_exploitation.rb +25 -0
data/lib/metasploit_data_models/base64_serializer.rb +99 -0
data/lib/metasploit_data_models/change_required_columns_to_null_false.rb +21 -0
data/lib/metasploit_data_models/engine.rb +32 -0
data/lib/metasploit_data_models/ip_address/cidr.rb +174 -0
data/lib/metasploit_data_models/ip_address/range.rb +181 -0
data/lib/metasploit_data_models/ip_address/v4/segment/nmap.rb +7 -0
data/lib/metasploit_data_models/ip_address/v4/segment.rb +7 -0
data/lib/metasploit_data_models/ip_address/v4.rb +11 -0
data/lib/metasploit_data_models/ip_address.rb +9 -0
data/lib/metasploit_data_models/match/child.rb +48 -0
data/lib/metasploit_data_models/match/parent.rb +103 -0
data/lib/metasploit_data_models/match.rb +8 -0
data/lib/metasploit_data_models/search/operation/port.rb +9 -0
data/lib/metasploit_data_models/search/operation.rb +9 -0
data/lib/metasploit_data_models/search/operator/port.rb +6 -0
data/lib/metasploit_data_models/search/operator.rb +8 -0
data/lib/metasploit_data_models/search/visitor.rb +11 -0
data/lib/metasploit_data_models/search.rb +8 -0
data/lib/metasploit_data_models/serialized_prefs.rb +27 -0
data/lib/metasploit_data_models/version.rb +13 -0
data/lib/metasploit_data_models.rb +56 -0
data/metasploit_data_models.gemspec +65 -0
data/script/rails +8 -0
data/spec/app/models/mdm/api_key_spec.rb +3 -0
data/spec/app/models/mdm/client_spec.rb +43 -0
data/spec/app/models/mdm/cred_spec.rb +346 -0
data/spec/app/models/mdm/event_spec.rb +90 -0
data/spec/app/models/mdm/exploit_attempt_spec.rb +59 -0
data/spec/app/models/mdm/exploited_host_spec.rb +44 -0
data/spec/app/models/mdm/host_detail_spec.rb +48 -0
data/spec/app/models/mdm/host_spec.rb +1139 -0
data/spec/app/models/mdm/host_tag_spec.rb +69 -0
data/spec/app/models/mdm/listener_spec.rb +107 -0
data/spec/app/models/mdm/loot_spec.rb +84 -0
data/spec/app/models/mdm/macro_spec.rb +3 -0
data/spec/app/models/mdm/mod_ref_spec.rb +3 -0
data/spec/app/models/mdm/module/action_spec.rb +34 -0
data/spec/app/models/mdm/module/arch_spec.rb +34 -0
data/spec/app/models/mdm/module/author_spec.rb +52 -0
data/spec/app/models/mdm/module/detail_spec.rb +746 -0
data/spec/app/models/mdm/module/mixin_spec.rb +34 -0
data/spec/app/models/mdm/module/platform_spec.rb +34 -0
data/spec/app/models/mdm/module/ref_spec.rb +58 -0
data/spec/app/models/mdm/module/target_spec.rb +36 -0
data/spec/app/models/mdm/nexpose_console_spec.rb +146 -0
data/spec/app/models/mdm/note_spec.rb +91 -0
data/spec/app/models/mdm/profile_spec.rb +3 -0
data/spec/app/models/mdm/ref_spec.rb +71 -0
data/spec/app/models/mdm/route_spec.rb +35 -0
data/spec/app/models/mdm/service_spec.rb +232 -0
data/spec/app/models/mdm/session_event_spec.rb +42 -0
data/spec/app/models/mdm/session_spec.rb +118 -0
data/spec/app/models/mdm/tag_spec.rb +116 -0
data/spec/app/models/mdm/task_cred_spec.rb +51 -0
data/spec/app/models/mdm/task_host_spec.rb +50 -0
data/spec/app/models/mdm/task_service_spec.rb +50 -0
data/spec/app/models/mdm/task_session_spec.rb +46 -0
data/spec/app/models/mdm/task_spec.rb +71 -0
data/spec/app/models/mdm/user_spec.rb +50 -0
data/spec/app/models/mdm/vuln_attempt_spec.rb +53 -0
data/spec/app/models/mdm/vuln_detail_spec.rb +65 -0
data/spec/app/models/mdm/vuln_ref_spec.rb +46 -0
data/spec/app/models/mdm/vuln_spec.rb +299 -0
data/spec/app/models/mdm/web_form_spec.rb +46 -0
data/spec/app/models/mdm/web_page_spec.rb +101 -0
data/spec/app/models/mdm/web_site_spec.rb +85 -0
data/spec/app/models/mdm/web_vuln_spec.rb +312 -0
data/spec/app/models/mdm/wmap_request_spec.rb +5 -0
data/spec/app/models/mdm/wmap_target_spec.rb +5 -0
data/spec/app/models/mdm/workspace_spec.rb +500 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_result_spec.rb +86 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_set_spec.rb +46 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_spec.rb +37 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/run_spec.rb +38 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/cidr_spec.rb +119 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/nmap_spec.rb +149 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/range_spec.rb +298 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list_spec.rb +276 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range_spec.rb +302 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/segmented_spec.rb +27 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/single_spec.rb +324 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/single_spec.rb +181 -0
data/spec/app/models/metasploit_data_models/module_run_spec.rb +134 -0
data/spec/app/models/metasploit_data_models/search/operation/ip_address_spec.rb +180 -0
data/spec/app/models/metasploit_data_models/search/operation/port/number_spec.rb +39 -0
data/spec/app/models/metasploit_data_models/search/operation/port/range_spec.rb +138 -0
data/spec/app/models/metasploit_data_models/search/operation/range_spec.rb +233 -0
data/spec/app/models/metasploit_data_models/search/operator/ip_address_spec.rb +17 -0
data/spec/app/models/metasploit_data_models/search/operator/multitext_spec.rb +160 -0
data/spec/app/models/metasploit_data_models/search/operator/port/list_spec.rb +162 -0
data/spec/app/models/metasploit_data_models/search/visitor/attribute_spec.rb +96 -0
data/spec/app/models/metasploit_data_models/search/visitor/includes_spec.rb +175 -0
data/spec/app/models/metasploit_data_models/search/visitor/joins_spec.rb +396 -0
data/spec/app/models/metasploit_data_models/search/visitor/method_spec.rb +49 -0
data/spec/app/models/metasploit_data_models/search/visitor/relation_spec.rb +925 -0
data/spec/app/models/metasploit_data_models/search/visitor/where_spec.rb +187 -0
data/spec/dummy/Rakefile +7 -0
data/spec/dummy/app/assets/config/manifest.js +1 -0
data/spec/dummy/app/assets/javascripts/application.js +15 -0
data/spec/dummy/app/assets/stylesheets/application.css +13 -0
data/spec/dummy/app/controllers/application_controller.rb +3 -0
data/spec/dummy/app/helpers/application_helper.rb +2 -0
data/spec/dummy/app/mailers/.gitkeep +0 -0
data/spec/dummy/app/models/.gitkeep +0 -0
data/spec/dummy/app/models/application_record.rb +3 -0
data/spec/dummy/app/views/layouts/application.html.erb +14 -0
data/spec/dummy/bin/bundle +3 -0
data/spec/dummy/bin/rails +4 -0
data/spec/dummy/bin/rake +4 -0
data/spec/dummy/config/application.rb +61 -0
data/spec/dummy/config/boot.rb +4 -0
data/spec/dummy/config/database.yml.example +22 -0
data/spec/dummy/config/database.yml.github_actions +21 -0
data/spec/dummy/config/environment.rb +5 -0
data/spec/dummy/config/environments/development.rb +37 -0
data/spec/dummy/config/environments/production.rb +78 -0
data/spec/dummy/config/environments/test.rb +39 -0
data/spec/dummy/config/initializers/active_record_migrations.rb +4 -0
data/spec/dummy/config/initializers/assets.rb +8 -0
data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/spec/dummy/config/initializers/cookies_serializer.rb +3 -0
data/spec/dummy/config/initializers/filter_parameter_logging.rb +4 -0
data/spec/dummy/config/initializers/inflections.rb +16 -0
data/spec/dummy/config/initializers/mime_types.rb +4 -0
data/spec/dummy/config/initializers/session_store.rb +3 -0
data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
data/spec/dummy/config/locales/en.yml +23 -0
data/spec/dummy/config/routes.rb +2 -0
data/spec/dummy/config.ru +4 -0
data/spec/dummy/db/structure.sql +3430 -0
data/spec/dummy/db/structure.sql.from_rails_3 +3403 -0
data/spec/dummy/lib/assets/.gitkeep +0 -0
data/spec/dummy/log/.gitkeep +0 -0
data/spec/dummy/public/404.html +26 -0
data/spec/dummy/public/422.html +26 -0
data/spec/dummy/public/500.html +25 -0
data/spec/dummy/public/favicon.ico +0 -0
data/spec/dummy/script/rails +6 -0
data/spec/factories/mdm/addresses.rb +12 -0
data/spec/factories/mdm/clients.rb +8 -0
data/spec/factories/mdm/creds.rb +17 -0
data/spec/factories/mdm/events.rb +15 -0
data/spec/factories/mdm/exploit_attempts.rb +8 -0
data/spec/factories/mdm/exploited_hosts.rb +7 -0
data/spec/factories/mdm/fingerprints/nessus_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/nexpose_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/nmap_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/retina_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/session_fingerprints.rb +6 -0
data/spec/factories/mdm/host_details.rb +8 -0
data/spec/factories/mdm/host_tags.rb +9 -0
data/spec/factories/mdm/hosts.rb +85 -0
data/spec/factories/mdm/listeners.rb +12 -0
data/spec/factories/mdm/loots.rb +11 -0
data/spec/factories/mdm/module/actions.rb +14 -0
data/spec/factories/mdm/module/archs.rb +14 -0
data/spec/factories/mdm/module/authors.rb +22 -0
data/spec/factories/mdm/module/details.rb +73 -0
data/spec/factories/mdm/module/mixins.rb +14 -0
data/spec/factories/mdm/module/platforms.rb +14 -0
data/spec/factories/mdm/module/refs.rb +14 -0
data/spec/factories/mdm/module/targets.rb +19 -0
data/spec/factories/mdm/nexpose_consoles.rb +15 -0
data/spec/factories/mdm/notes.rb +12 -0
data/spec/factories/mdm/refs.rb +9 -0
data/spec/factories/mdm/routes.rb +36 -0
data/spec/factories/mdm/services.rb +41 -0
data/spec/factories/mdm/session_events.rb +8 -0
data/spec/factories/mdm/sessions.rb +13 -0
data/spec/factories/mdm/tags.rb +14 -0
data/spec/factories/mdm/task.rb +16 -0
data/spec/factories/mdm/task_creds.rb +9 -0
data/spec/factories/mdm/task_hosts.rb +9 -0
data/spec/factories/mdm/task_services.rb +8 -0
data/spec/factories/mdm/task_sessions.rb +8 -0
data/spec/factories/mdm/users.rb +22 -0
data/spec/factories/mdm/vuln_attempts.rb +8 -0
data/spec/factories/mdm/vuln_details.rb +8 -0
data/spec/factories/mdm/vuln_refs.rb +4 -0
data/spec/factories/mdm/vulns.rb +20 -0
data/spec/factories/mdm/web_forms.rb +33 -0
data/spec/factories/mdm/web_pages.rb +64 -0
data/spec/factories/mdm/web_sites.rb +8 -0
data/spec/factories/mdm/web_vulns.rb +64 -0
data/spec/factories/mdm/workspaces.rb +23 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/match_results.rb +7 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/match_sets.rb +8 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/matches.rb +7 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/runs.rb +6 -0
data/spec/factories/module_runs.rb +40 -0
data/spec/lib/base64_serializer_spec.rb +172 -0
data/spec/lib/ipaddr_spec.rb +29 -0
data/spec/lib/metasploit_data_models/ip_address/cidr_spec.rb +356 -0
data/spec/lib/metasploit_data_models/ip_address/range_spec.rb +75 -0
data/spec/lib/metasploit_data_models/match/child_spec.rb +59 -0
data/spec/lib/metasploit_data_models/match/parent_spec.rb +153 -0
data/spec/lib/metasploit_data_models_spec.rb +13 -0
data/spec/spec_helper.rb +148 -0
data/spec/support/matchers/match_regex_exactly.rb +28 -0
data/spec/support/shared/contexts/rex/text.rb +15 -0
data/spec/support/shared/examples/coerces_inet_column_type_to_string.rb +15 -0
data/spec/support/shared/examples/mdm/module/detail/does_not_support_stance_with_mtype.rb +20 -0
data/spec/support/shared/examples/mdm/module/detail/supports_stance_with_mtype.rb +36 -0
data/spec/support/shared/examples/metasploit_data_models/search/operation/ipaddress/match.rb +109 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_children.rb +38 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_metasploit_model_search_operation_base.rb +26 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/relation/visit/matching_record.rb +50 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_equality.rb +34 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_metasploit_model_search_group_base.rb +51 -0
metadata +444 -6

data/app/models/metasploit_data_models/search/operation/port/range.rb ADDED Viewed

@@ -0,0 +1,79 @@
+# Search operation on an attribute that holds a port number and is being search with a range of port numbers.  The
+# range is specified as `<min>-<max>` with `<min>` being less than `<max>` and both being within
+# {MetasploitDataModels::Search::Operation::Port::Range the valid port range}.
+class MetasploitDataModels::Search::Operation::Port::Range < MetasploitDataModels::Search::Operation::Range
+  #
+  # Validations
+  #
+  validate :ports
+  #
+  # Instance Methods
+  #
+  # Sets `#value` to a range of ports.
+  #
+  # @param formatted_value [#to_s] '\d+-\d+'
+  def value=(formatted_value)
+    super(formatted_value)
+    # could not be a `Range` if super conversion failed
+    # setters return the argument, not the return value from the method, so access `#value` directly
+    if value.is_a? Range
+      begin
+        # use Integer() instead of String#to_i as String#to_i will ignore trailing letters (i.e. '1two' -> 1) and turn all
+        # string without an integer in it to 0.
+        integer_begin = Integer(value.begin.to_s)
+        integer_end = Integer(value.end.to_s)
+      rescue ArgumentError
+        # setter returned is ignored in MRI, but do it anyway for other implementation
+        @value
+      else
+        @value = Range.new(integer_begin, integer_end)
+      end
+    else
+      # setter returned is ignored in MRI, but do it anyway for other implementation
+      # return unconvertible value from `super`
+      @value
+    end
+  end
+  private
+  # @note `#value` should be check to be a `Range` before calling {#port}.
+  #
+  # Validate that either `Range#begin` or `Range#end` is a valid port number in `#value`
+  #
+  # @param extreme [:begin, :end] Which extreme of the `Range` in `value` to validate.
+  # @return [void]
+  def port(extreme)
+    extreme_value = value.send(extreme)
+    if extreme_value.is_a? Integer
+      unless MetasploitDataModels::Search::Operation::Port::Number::RANGE.cover?(extreme_value)
+        errors.add(
+            :value,
+            :port_range_extreme_inclusion,
+            extreme: extreme,
+            extreme_value: extreme_value,
+            maximum: MetasploitDataModels::Search::Operation::Port::Number::MAXIMUM,
+            minimum: MetasploitDataModels::Search::Operation::Port::Number::MINIMUM
+        )
+      end
+    else
+      errors.add(:value, :port_range_extreme_not_an_integer, extreme: extreme, extreme_value: extreme_value)
+    end
+  end
+  # Validates that the `Range#begin` and `Range#end` of `#value` are valid port numbers.
+  #
+  # @return [void]
+  def ports
+    if value.is_a? Range
+      [:begin, :end].each do |extreme|
+        port(extreme)
+      end
+    end
+  end
+end

data/app/models/metasploit_data_models/search/operation/range.rb ADDED Viewed

@@ -0,0 +1,56 @@
+# Search operation on a `Range`.
+class MetasploitDataModels::Search::Operation::Range < Metasploit::Model::Search::Operation::Base
+  #
+  # CONSTANTS
+  #
+  # Separates beginning from end of the range.
+  SEPARATOR = '-'
+  #
+  # Validation
+  #
+  validate :ordered
+  validate :range
+  #
+  # Instance Methods
+  #
+  # Sets `#value` to a `Range` composed by separating `formatted_value` by `-`.
+  #
+  # @param formatted_value [#to_s]
+  # @return [Range<String>]
+  def value=(formatted_value)
+    range_arguments = formatted_value.to_s.split(SEPARATOR, 2)
+    begin
+      @value = Range.new(*range_arguments)
+    rescue ArgumentError
+      @value = formatted_value
+    end
+    @value
+  end
+  private
+  # Validates that `#value` is a `Range` with `Range#begin` less than or equal to `Range#begin`
+  #
+  # @return [void]
+  def ordered
+    if value.is_a?(Range) && value.begin > value.end
+      errors.add(:value, :order, begin: value.begin.inspect, end: value.end.inspect)
+    end
+  end
+  # Validates that `#value` is a `Range`
+  #
+  # @return [void]
+  def range
+    unless value.is_a? Range
+      errors.add(:value, :range)
+    end
+  end
+end

data/app/models/metasploit_data_models/search/operator/ip_address.rb ADDED Viewed

@@ -0,0 +1,33 @@
+# Operator for `inet` columns in a PostgreSQL database, which operates on formatted values using
+# {MetasploitDataModels::Search::Operation::IPAddress}.
+class MetasploitDataModels::Search::Operator::IPAddress < Metasploit::Model::Search::Operator::Single
+  #
+  # Attributes
+  #
+  # @!attribute [r] attribute
+  #   The attribute on `Metasploit::Model::Search::Operator::Base#klass` that is searchable.
+  #
+  #   @return [Symbol] the attribute name
+  attr_accessor :attribute
+  #
+  # Validations
+  #
+  validates :attribute,
+            presence: true
+  #
+  # Instance Methods
+  #
+  alias_method :name, :attribute
+  # The class used for `Metasploit::Model::Search::Operator::Single#operate_on`.
+  #
+  # @return [String] `'MetasploitDataModels::Search::Operation::IPAddress'`
+  def operation_class_name
+    @operation_class_name ||= 'MetasploitDataModels::Search::Operation::IPAddress'
+  end
+end

data/app/models/metasploit_data_models/search/operator/multitext.rb ADDED Viewed

@@ -0,0 +1,73 @@
+require 'shellwords'
+# Searches multiple text fields by breaking up the formatted value into words and doing text search for each word across
+# each operator named in {#operator_names}.
+class MetasploitDataModels::Search::Operator::Multitext < Metasploit::Model::Search::Operator::Group::Intersection
+  #
+  # Attributes
+  #
+  # @!attribute name
+  #   The name of this operator.
+  #
+  #   @return [Symbol]
+  attr_accessor :name
+  # @!attribute operator_names
+  #   The name of the operators to search across.
+  #
+  #   @return [Array<Symbol>]
+  attr_writer :operator_names
+  #
+  # Validations
+  #
+  validates :operator_names,
+            length: {
+                minimum: 2
+            }
+  validates :name,
+            presence: true
+  #
+  # Instance Methods
+  #
+  # Breaks `formatted_value` into words using `Shellwords.split`.  Each word is then searched across all {#operators},
+  # where any operator can match for that word.  The search for multiple multiple is intersected, so that additional
+  # words can refine the search.
+  #
+  # @param formatted_value [#to_s]
+  # @return [Array<Metasploit::Model::Search::Operation::Group::Union>] Unions to be intersected.
+  def children(formatted_value)
+    words = Shellwords.split formatted_value.to_s
+    words.map { |word|
+      child_operators = operators.map { |operator|
+        operator.operate_on(word)
+      }
+      Metasploit::Model::Search::Operation::Group::Union.new(
+          children: child_operators,
+          operator: self
+      )
+    }
+  end
+  # The name of the operators to search for each word.
+  #
+  # @return [Array<Symbol>] Default to `[]`
+  def operator_names
+    @operator_names ||= []
+  end
+  # Operators with {#operator_names}.
+  #
+  # @return [Array<Metasploit::Model::Search::Operator::Base>]
+  def operators
+    @operators ||= operator_names.map { |operator_name|
+      operator(operator_name)
+    }
+  end
+end

data/app/models/metasploit_data_models/search/operator/port/list.rb ADDED Viewed

@@ -0,0 +1,67 @@
+# Searches for a network port attribute.  Ports can be given as a single number or range of numbers and either or both
+# forms can be combined into a comma separated list.  Individual port numbers are validated to be greater than 0 and
+class MetasploitDataModels::Search::Operator::Port::List < Metasploit::Model::Search::Operator::Group::Union
+  #
+  # CONSTANTS
+  #
+  # Separates port number and/or port ranges
+  SEPARATOR = ','
+  #
+  # Attributes
+  #
+  # @!attribute [rw] attribute
+  #   Attribute holding port number.
+  #
+  #   @return [Symbol] `:port`
+  attr_writer :attribute
+  #
+  # Class Methods
+  #
+  # @note Can't be called `name` because it would alias `Class#name`
+  #
+  # Name of this operator.
+  #
+  # @return [String] `'port_list'`
+  def self.operator_name
+    'port_list'
+  end
+  #
+  # Instance Methods
+  #
+  # Defaults to `:port`.
+  #
+  # @return [Symbol]
+  def attribute
+    @attribute ||= :port
+  end
+  # Turns `{#attribute}:<number>,<range>` into the union of port <number> and port <range> searches.
+  #
+  # @param formatted_value [String] comma separated list of port numbers and ranges.
+  # @return [Array<Metasploit::Model::Search::Operation::Base]
+  def children(formatted_value)
+    separated_formatted_values = formatted_value.split(SEPARATOR)
+    separated_formatted_values.collect { |separated_formatted_value|
+      operation_class = MetasploitDataModels::Search::Operation::Port::Number
+      if separated_formatted_value.include? MetasploitDataModels::Search::Operation::Range::SEPARATOR
+        operation_class = MetasploitDataModels::Search::Operation::Port::Range
+      end
+      operation_class.new(
+          value: separated_formatted_value,
+          operator: self
+      )
+    }
+  end
+  alias_method :name, :attribute
+end

data/app/models/metasploit_data_models/search/visitor/attribute.rb ADDED Viewed

@@ -0,0 +1,17 @@
+# Extracts the `Arel::Attribute` objects from `Metasploit::Model::Search::Operator::Base` subclasses.
+class MetasploitDataModels::Search::Visitor::Attribute
+  include Metasploit::Model::Visitation::Visit
+  visit 'Metasploit::Model::Search::Operator::Association' do |operator|
+    visit operator.source_operator
+  end
+  visit 'Metasploit::Model::Search::Operator::Attribute',
+        'MetasploitDataModels::Search::Operator::IPAddress',
+        'MetasploitDataModels::Search::Operator::Port::List' do |operator|
+    table = operator.klass.arel_table
+    table[operator.attribute]
+  end
+  Metasploit::Concern.run(self)
+end

data/app/models/metasploit_data_models/search/visitor/includes.rb ADDED Viewed

@@ -0,0 +1,47 @@
+# Gathers all the association names to pass to `ActiveRecord::Relation#includes` from a
+# `Metasploit::Model::Search::Query`
+class MetasploitDataModels::Search::Visitor::Includes
+  include Metasploit::Model::Visitation::Visit
+  #
+  # Visitors
+  #
+  visit 'Metasploit::Model::Search::Group::Base',
+        'Metasploit::Model::Search::Operation::Group::Base' do |parent|
+    parent.children.flat_map { |child|
+      visit child
+    }
+  end
+  visit 'Metasploit::Model::Search::Operation::Association' do |operation|
+    association = visit operation.operator
+    nested_associations = visit operation.source_operation
+    if nested_associations.empty?
+      [association]
+    else
+      [
+          {
+              association => nested_associations
+          }
+      ]
+    end
+  end
+  visit 'Metasploit::Model::Search::Operation::Base' do |operation|
+    visit operation.operator
+  end
+  visit 'Metasploit::Model::Search::Operator::Association' do |operator|
+    operator.association
+  end
+  visit 'Metasploit::Model::Search::Operator::Attribute',
+        'MetasploitDataModels::Search::Operator::IPAddress',
+        'MetasploitDataModels::Search::Operator::Port::List' do |_operator|
+    []
+  end
+  Metasploit::Concern.run(self)
+end

data/app/models/metasploit_data_models/search/visitor/joins.rb ADDED Viewed

@@ -0,0 +1,67 @@
+# Gathers all the association names to pass to `ActiveRecord::Relation#joins` from a `Metasploit::Model::Search::Query`
+class MetasploitDataModels::Search::Visitor::Joins
+  include Metasploit::Model::Visitation::Visit
+  #
+  # Visitors
+  #
+  visit 'Metasploit::Model::Search::Group::Intersection',
+        'Metasploit::Model::Search::Operation::Group::Intersection' do |parent|
+    parent.children.flat_map { |child|
+      visit child
+    }
+  end
+  visit 'Metasploit::Model::Search::Group::Union',
+        'Metasploit::Model::Search::Operation::Group::Union' do |parent|
+    # A Set<Set> because if all children have multiple joins, but those multiple joins contain the same elements for
+    # all children, then all joins can be counted as common:
+    #
+    #  (a.b:1 && c.d:2) || (a.b:3 && c.d:4) should return [:a, :c] since its common to both
+    #  (a.b:1 && c.d:2 && e.f:3) || (a.b:3 && c.d:4) should return [:a, :c] since its the common _subset_
+    join_set_set = parent.children.each_with_object(Set.new) { |child, set|
+      child_joins = visit child
+      child_join_set = Set.new child_joins
+      set.add child_join_set
+    }
+    common_join_set = join_set_set.reduce { |common_subset, set|
+      common_subset & set
+    }
+    common_join_set.to_a
+  end
+  visit 'Metasploit::Model::Search::Operation::Association' do |operation|
+    association = visit operation.operator
+    nested_associations = visit operation.source_operation
+    if nested_associations.empty?
+      [association]
+    else
+      [
+          {
+              association => nested_associations
+          }
+      ]
+    end
+  end
+  visit 'Metasploit::Model::Search::Operation::Base' do |operation|
+    visit operation.operator
+  end
+  visit 'Metasploit::Model::Search::Operator::Association' do |operator|
+    operator.association
+  end
+  visit 'Metasploit::Model::Search::Operator::Attribute',
+        'MetasploitDataModels::Search::Operator::IPAddress',
+        'MetasploitDataModels::Search::Operator::Port::List' do |_|
+    []
+  end
+  Metasploit::Concern.run(self)
+end

data/app/models/metasploit_data_models/search/visitor/method.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# Extracts which AREL method to use as a translation for `Metasploit::Model::Search::Group::Base` subclasses.
+class MetasploitDataModels::Search::Visitor::Method
+  include Metasploit::Model::Visitation::Visit
+  visit 'Metasploit::Model::Search::Group::Intersection',
+        'Metasploit::Model::Search::Operation::Group::Intersection' do
+    :and
+  end
+  visit 'Metasploit::Model::Search::Group::Union',
+        'Metasploit::Model::Search::Operation::Group::Union' do
+    :or
+  end
+  Metasploit::Concern.run(self)
+end

data/app/models/metasploit_data_models/search/visitor/relation.rb ADDED Viewed

@@ -0,0 +1,91 @@
+# Generates a `ActiveRecord::Relation` from an `Metasploit::Model::Search::Query#tree`
+class MetasploitDataModels::Search::Visitor::Relation < Metasploit::Model::Base
+  #
+  # CONSTANTS
+  #
+  # `ActiveRecord::Relation` methods that can compute their argument with a visitor under the
+  # {MetasploitDataModels::Search::Visitor} namespace.
+  RELATION_METHODS = [
+      :joins,
+      :includes,
+      :where
+  ]
+  #
+  # Attributes
+  #
+  # @!attribute [rw] query
+  #   The query to visit.  Query supplies Class with #scope upon which to build `ActiveRecord::Relation`.
+  #
+  #   @return [Metasploit::Model::Search::Query]
+  attr_accessor :query
+  #
+  # Validations
+  #
+  validate :valid_query
+  validates :query,
+            :presence => true
+  #
+  # Methods
+  #
+  # Visits {#query} tree to produce an `ActiveRecord::Relation` on the `Metasploit::Model::Search::Query#klass`.
+  #
+  # @return [ActiveRecord::Relation]
+  def visit
+    tree = query.tree
+    # Enumerable#inject does not support 3 arity for Hashes so need to unpack pair
+    visitor_by_relation_method.inject(query.klass.all) do |relation, pair|
+      relation_method, visitor = pair
+      visited = visitor.visit(tree)
+      relation.send(relation_method, visited)
+    end
+  end
+  # Map method on `ActiveRecord::Relation` to visitor that can visit `Metasploit::Model::Search::Query#tree` to
+  # produce the arguments to the method on `ActiveRecord::Relation`.
+  #
+  # @return [Hash{Symbol => #visit}]
+  def visitor_by_relation_method
+    # Enumerable#each_with_object does not support 3 arity for Hashes so need to unpack pair
+    @visitor_by_relation_method ||= self.class.visitor_class_by_relation_method.each_with_object({}) { |pair, visitor_by_relation_method|
+      relation_method, visitor_class = pair
+      visitor_by_relation_method[relation_method] = visitor_class.new
+    }
+  end
+  # Maps method on `ActiveRecord::Relation` to the `Class` under {MetasploitDataModels::Search::Visitor} whose
+  # `#visit` method can produce the arguments to the `ActiveRecord::Relation` method.
+  #
+  # @return [Hash{Symbol => Class}]
+  def self.visitor_class_by_relation_method
+    @relation_method_by_visitor_class ||= RELATION_METHODS.each_with_object({}) { |relation_method, relation_method_by_visitor_class|
+      visitor_class_name = "#{parent.name}::#{relation_method.to_s.camelize}"
+      visitor_class = visitor_class_name.constantize
+      relation_method_by_visitor_class[relation_method] = visitor_class
+    }
+  end
+  private
+  # Validates that {#query} is valid.
+  #
+  # @return [void]
+  def valid_query
+    if query and !query.valid?
+      errors.add(:query, :invalid)
+    end
+  end
+  private
+  Metasploit::Concern.run(self)
+end

data/app/models/metasploit_data_models/search/visitor/where.rb ADDED Viewed

@@ -0,0 +1,128 @@
+# Generates AREL to pass to `ActiveRecord::Relation#where` from a `Metasploit::Model::Search::Query`.
+class MetasploitDataModels::Search::Visitor::Where
+  include Metasploit::Model::Visitation::Visit
+  #
+  # CONSTANTS
+  #
+  # `Metasploit::Model::Search::Operation::Base` subclasses that check their value with the equality operator in
+  # AREL
+  EQUALITY_OPERATION_CLASS_NAMES = [
+      'Metasploit::Model::Search::Operation::Boolean',
+      'Metasploit::Model::Search::Operation::Date',
+      'Metasploit::Model::Search::Operation::Integer',
+      'Metasploit::Model::Search::Operation::Set'
+  ]
+  #
+  # Visitor
+  #
+  visit 'Metasploit::Model::Search::Group::Base',
+        'Metasploit::Model::Search::Operation::Group::Base' do |parent|
+    method = method_visitor.visit parent
+    children_arel = parent.children.collect { |child|
+      visit child
+    }
+    children_arel.inject { |group_arel, child_arel|
+      group_arel.send(method, child_arel)
+    }
+  end
+  visit(*EQUALITY_OPERATION_CLASS_NAMES) do |operation|
+    attribute = attribute_visitor.visit operation.operator
+    attribute.eq(operation.value)
+  end
+  visit 'Metasploit::Model::Search::Operation::Association' do |operation|
+    visit operation.source_operation
+  end
+  visit 'Metasploit::Model::Search::Operation::String' do |operation|
+    attribute = attribute_visitor.visit operation.operator
+    match_value = "%#{operation.value}%"
+    attribute.matches(match_value)
+  end
+  visit 'MetasploitDataModels::IPAddress::CIDR' do |cidr|
+    cast_to_inet "#{cidr.address}/#{cidr.prefix_length}"
+  end
+  visit 'MetasploitDataModels::IPAddress::Range' do |ip_address_range|
+    range = ip_address_range.value
+    begin_node = visit range.begin
+    end_node = visit range.end
+    # AND nodes should be created with a list
+    Arel::Nodes::And.new([begin_node, end_node])
+  end
+  visit 'MetasploitDataModels::IPAddress::V4::Single' do |ip_address|
+    cast_to_inet(ip_address.to_s)
+  end
+  visit 'MetasploitDataModels::Search::Operation::IPAddress' do |operation|
+    attribute = attribute_visitor.visit operation.operator
+    value = operation.value
+    value_node = visit value
+    case value
+      when MetasploitDataModels::IPAddress::CIDR
+        Arel::Nodes::InfixOperation.new(
+            '<<',
+            attribute,
+            value_node
+        )
+      when MetasploitDataModels::IPAddress::Range
+        Arel::Nodes::Between.new(attribute, value_node)
+      when MetasploitDataModels::IPAddress::V4::Single
+        Arel::Nodes::Equality.new(attribute, value_node)
+      else
+        raise TypeError, "Don't know how to handle #{value.class}"
+    end
+  end
+  visit 'MetasploitDataModels::Search::Operation::Port::Range' do |range_operation|
+    attribute = attribute_visitor.visit range_operation.operator
+    attribute.between(range_operation.value)
+  end
+  #
+  # Methods
+  #
+  # Visitor for `Metasploit::Model::Search::Operator::Base` subclasses to generate `Arel::Attributes::Attribute`.
+  #
+  # @return [MetasploitDataModels::Search::Visitor::Attribute]
+  def attribute_visitor
+    @attribute_visitor ||= MetasploitDataModels::Search::Visitor::Attribute.new
+  end
+  # Visitor for `Metasploit::Model::Search::Group::Base` subclasses to generate equivalent AREL node methods.
+  #
+  # @return [MetasploitDataModels::Search::Visitor::Method]
+  def method_visitor
+    @method_visitor ||= MetasploitDataModels::Search::Visitor::Method.new
+  end
+  private
+  # Casts a literal string to INET in AREL.
+  #
+  # @return [Arel::Nodes::NamedFunction]
+  def cast_to_inet(string)
+    cast_argument = Arel::Nodes::As.new(Arel::Nodes.build_quoted(string), Arel::Nodes::SqlLiteral.new('INET'))
+    Arel::Nodes::NamedFunction.new('CAST', [cast_argument])
+  end
+  public
+  Metasploit::Concern.run(self)
+end

data/config/initializers/arel_helper.rb ADDED Viewed

@@ -0,0 +1,5 @@
+# Including arel-helpers in all active record models.
+# https://github.com/camertron/arel-helpers
+ApplicationRecord.send(:include, ArelHelpers::ArelTable)
+ApplicationRecord.send(:include, ArelHelpers::JoinAssociation)