RubyGems - wg-metasploit_data_models - Versions diffs - 4.1.4.01 → 4.1.4.02 - Mend

wg-metasploit_data_models 4.1.4.01 → 4.1.4.02

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (440) hide show

checksums.yaml +4 -4
data/.coveralls.yml +1 -0
data/.github/workflows/verify.yml +68 -0
data/.gitignore +29 -0
data/.rspec +3 -0
data/.simplecov +38 -0
data/.yardopts +4 -0
data/CHANGELOG.md +6 -0
data/CONTRIBUTING.md +133 -0
data/Gemfile +46 -0
data/LICENSE +27 -0
data/README.md +65 -0
data/RELEASING.md +82 -0
data/Rakefile +72 -0
data/UPGRADING.md +1 -0
data/app/models/mdm/api_key.rb +61 -0
data/app/models/mdm/async_callback.rb +64 -0
data/app/models/mdm/client.rb +50 -0
data/app/models/mdm/cred.rb +205 -0
data/app/models/mdm/event.rb +83 -0
data/app/models/mdm/exploit_attempt.rb +105 -0
data/app/models/mdm/exploited_host.rb +42 -0
data/app/models/mdm/host.rb +619 -0
data/app/models/mdm/host_detail.rb +62 -0
data/app/models/mdm/host_tag.rb +49 -0
data/app/models/mdm/listener.rb +82 -0
data/app/models/mdm/loot.rb +161 -0
data/app/models/mdm/macro.rb +62 -0
data/app/models/mdm/mod_ref.rb +24 -0
data/app/models/mdm/module/action.rb +33 -0
data/app/models/mdm/module/arch.rb +28 -0
data/app/models/mdm/module/author.rb +34 -0
data/app/models/mdm/module/detail.rb +388 -0
data/app/models/mdm/module/mixin.rb +31 -0
data/app/models/mdm/module/platform.rb +29 -0
data/app/models/mdm/module/ref.rb +42 -0
data/app/models/mdm/module/target.rb +37 -0
data/app/models/mdm/nexpose_console.rb +121 -0
data/app/models/mdm/note.rb +125 -0
data/app/models/mdm/payload.rb +103 -0
data/app/models/mdm/profile.rb +45 -0
data/app/models/mdm/ref.rb +48 -0
data/app/models/mdm/route.rb +28 -0
data/app/models/mdm/service.rb +267 -0
data/app/models/mdm/session.rb +203 -0
data/app/models/mdm/session_event.rb +44 -0
data/app/models/mdm/tag.rb +114 -0
data/app/models/mdm/task.rb +168 -0
data/app/models/mdm/task_cred.rb +45 -0
data/app/models/mdm/task_host.rb +41 -0
data/app/models/mdm/task_service.rb +41 -0
data/app/models/mdm/task_session.rb +41 -0
data/app/models/mdm/user.rb +230 -0
data/app/models/mdm/vuln.rb +204 -0
data/app/models/mdm/vuln_attempt.rb +76 -0
data/app/models/mdm/vuln_detail.rb +156 -0
data/app/models/mdm/vuln_ref.rb +21 -0
data/app/models/mdm/web_form.rb +53 -0
data/app/models/mdm/web_page.rb +92 -0
data/app/models/mdm/web_site.rb +113 -0
data/app/models/mdm/web_vuln.rb +193 -0
data/app/models/mdm/wmap_request.rb +101 -0
data/app/models/mdm/wmap_target.rb +56 -0
data/app/models/mdm/workspace.rb +286 -0
data/app/models/metasploit_data_models/automatic_exploitation/match.rb +43 -0
data/app/models/metasploit_data_models/automatic_exploitation/match_result.rb +71 -0
data/app/models/metasploit_data_models/automatic_exploitation/match_set.rb +40 -0
data/app/models/metasploit_data_models/automatic_exploitation/run.rb +29 -0
data/app/models/metasploit_data_models/ip_address/v4/cidr.rb +14 -0
data/app/models/metasploit_data_models/ip_address/v4/nmap.rb +14 -0
data/app/models/metasploit_data_models/ip_address/v4/range.rb +12 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list.rb +125 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range.rb +12 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/single.rb +123 -0
data/app/models/metasploit_data_models/ip_address/v4/segmented.rb +200 -0
data/app/models/metasploit_data_models/ip_address/v4/single.rb +53 -0
data/app/models/metasploit_data_models/module_run.rb +213 -0
data/app/models/metasploit_data_models/search/operation/ip_address.rb +60 -0
data/app/models/metasploit_data_models/search/operation/port/number.rb +25 -0
data/app/models/metasploit_data_models/search/operation/port/range.rb +79 -0
data/app/models/metasploit_data_models/search/operation/range.rb +56 -0
data/app/models/metasploit_data_models/search/operator/ip_address.rb +33 -0
data/app/models/metasploit_data_models/search/operator/multitext.rb +73 -0
data/app/models/metasploit_data_models/search/operator/port/list.rb +67 -0
data/app/models/metasploit_data_models/search/visitor/attribute.rb +17 -0
data/app/models/metasploit_data_models/search/visitor/includes.rb +47 -0
data/app/models/metasploit_data_models/search/visitor/joins.rb +67 -0
data/app/models/metasploit_data_models/search/visitor/method.rb +16 -0
data/app/models/metasploit_data_models/search/visitor/relation.rb +91 -0
data/app/models/metasploit_data_models/search/visitor/where.rb +128 -0
data/config/initializers/arel_helper.rb +5 -0
data/config/initializers/ipaddr.rb +29 -0
data/config/locales/en.yml +94 -0
data/console_db.yml +9 -0
data/db/migrate/000_create_tables.rb +79 -0
data/db/migrate/001_add_wmap_tables.rb +35 -0
data/db/migrate/002_add_workspaces.rb +36 -0
data/db/migrate/003_move_notes.rb +20 -0
data/db/migrate/004_add_events_table.rb +16 -0
data/db/migrate/005_expand_info.rb +58 -0
data/db/migrate/006_add_timestamps.rb +26 -0
data/db/migrate/007_add_loots.rb +20 -0
data/db/migrate/008_create_users.rb +16 -0
data/db/migrate/009_add_loots_ctype.rb +10 -0
data/db/migrate/010_add_alert_fields.rb +16 -0
data/db/migrate/011_add_reports.rb +19 -0
data/db/migrate/012_add_tasks.rb +24 -0
data/db/migrate/013_add_tasks_result.rb +10 -0
data/db/migrate/014_add_loots_fields.rb +12 -0
data/db/migrate/015_rename_user.rb +16 -0
data/db/migrate/016_add_host_purpose.rb +10 -0
data/db/migrate/017_expand_info2.rb +58 -0
data/db/migrate/018_add_workspace_user_info.rb +29 -0
data/db/migrate/019_add_workspace_desc.rb +23 -0
data/db/migrate/020_add_user_preferences.rb +11 -0
data/db/migrate/021_standardize_info_and_data.rb +18 -0
data/db/migrate/022_enlarge_event_info.rb +10 -0
data/db/migrate/023_add_report_downloaded_at.rb +10 -0
data/db/migrate/024_convert_service_info_to_text.rb +12 -0
data/db/migrate/025_add_user_admin.rb +19 -0
data/db/migrate/026_add_creds_table.rb +19 -0
data/db/migrate/20100819123300_migrate_cred_data.rb +154 -0
data/db/migrate/20100824151500_add_exploited_table.rb +16 -0
data/db/migrate/20100908001428_add_owner_to_workspaces.rb +9 -0
data/db/migrate/20100911122000_add_report_templates.rb +18 -0
data/db/migrate/20100916151530_require_admin_flag.rb +15 -0
data/db/migrate/20100916175000_add_campaigns_and_templates.rb +61 -0
data/db/migrate/20100920012100_add_generate_exe_column.rb +8 -0
data/db/migrate/20100926214000_add_template_prefs.rb +11 -0
data/db/migrate/20101001000000_add_web_tables.rb +57 -0
data/db/migrate/20101002000000_add_query.rb +10 -0
data/db/migrate/20101007000000_add_vuln_info.rb +15 -0
data/db/migrate/20101008111800_add_clients_to_campaigns.rb +10 -0
data/db/migrate/20101009023300_add_campaign_attachments.rb +15 -0
data/db/migrate/20101104135100_add_imported_creds.rb +17 -0
data/db/migrate/20101203000000_fix_web_tables.rb +34 -0
data/db/migrate/20101203000001_expand_host_comment.rb +12 -0
data/db/migrate/20101206212033_add_limit_to_network_to_workspaces.rb +9 -0
data/db/migrate/20110112154300_add_module_uuid_to_tasks.rb +9 -0
data/db/migrate/20110204112800_add_host_tags.rb +28 -0
data/db/migrate/20110317144932_add_session_table.rb +110 -0
data/db/migrate/20110414180600_add_local_id_to_session_table.rb +11 -0
data/db/migrate/20110415175705_add_routes_table.rb +18 -0
data/db/migrate/20110422000000_convert_binary.rb +73 -0
data/db/migrate/20110425095900_add_last_seen_to_sessions.rb +8 -0
data/db/migrate/20110513143900_track_successful_exploits.rb +31 -0
data/db/migrate/20110517160800_rename_and_prune_nessus_vulns.rb +26 -0
data/db/migrate/20110527000000_add_task_id_to_reports_table.rb +11 -0
data/db/migrate/20110527000001_add_api_keys_table.rb +12 -0
data/db/migrate/20110606000001_add_macros_table.rb +16 -0
data/db/migrate/20110622000000_add_settings_to_tasks_table.rb +12 -0
data/db/migrate/20110624000001_add_listeners_table.rb +19 -0
data/db/migrate/20110625000001_add_macro_to_listeners_table.rb +12 -0
data/db/migrate/20110630000001_add_nexpose_consoles_table.rb +21 -0
data/db/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb +12 -0
data/db/migrate/20110717000001_add_profiles_table.rb +15 -0
data/db/migrate/20110727163801_expand_cred_ptype_column.rb +9 -0
data/db/migrate/20110730000001_add_initial_indexes.rb +85 -0
data/db/migrate/20110812000001_prune_indexes.rb +23 -0
data/db/migrate/20110922000000_expand_notes.rb +9 -0
data/db/migrate/20110928101300_add_mod_ref_table.rb +17 -0
data/db/migrate/20111011110000_add_display_name_to_reports_table.rb +24 -0
data/db/migrate/20111203000000_inet_columns.rb +13 -0
data/db/migrate/20111204000000_more_inet_columns.rb +17 -0
data/db/migrate/20111210000000_add_scope_to_hosts.rb +9 -0
data/db/migrate/20120126110000_add_virtual_host_to_hosts.rb +9 -0
data/db/migrate/20120411173220_rename_workspace_members.rb +9 -0
data/db/migrate/20120601152442_add_counter_caches_to_hosts.rb +21 -0
data/db/migrate/20120625000000_add_vuln_details.rb +34 -0
data/db/migrate/20120625000001_add_host_details.rb +16 -0
data/db/migrate/20120625000002_expand_details.rb +16 -0
data/db/migrate/20120625000003_expand_details2.rb +24 -0
data/db/migrate/20120625000004_add_vuln_attempts.rb +19 -0
data/db/migrate/20120625000005_add_vuln_and_host_counter_caches.rb +14 -0
data/db/migrate/20120625000006_add_module_details.rb +118 -0
data/db/migrate/20120625000007_add_exploit_attempts.rb +26 -0
data/db/migrate/20120625000008_add_fail_message.rb +12 -0
data/db/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb +13 -0
data/db/migrate/20130228214900_change_required_columns_to_null_false_in_web_vulns.rb +19 -0
data/db/migrate/20130412154159_change_foreign_key_in_module_actions.rb +25 -0
data/db/migrate/20130412171844_change_foreign_key_in_module_archs.rb +25 -0
data/db/migrate/20130412173121_change_foreign_key_in_module_authors.rb +25 -0
data/db/migrate/20130412173640_change_foreign_key_in_module_mixins.rb +25 -0
data/db/migrate/20130412174254_change_foreign_key_in_module_platforms.rb +25 -0
data/db/migrate/20130412174719_change_foreign_key_in_module_refs.rb +25 -0
data/db/migrate/20130412175040_change_foreign_key_in_module_targets.rb +25 -0
data/db/migrate/20130423211152_add_creds_counter_cache.rb +24 -0
data/db/migrate/20130430151353_change_required_columns_to_null_false_in_hosts.rb +11 -0
data/db/migrate/20130430162145_enforce_address_uniqueness_in_workspace_in_hosts.rb +101 -0
data/db/migrate/20130510021637_remove_campaigns.rb +11 -0
data/db/migrate/20130515164311_change_web_vulns_confidence_to_integer.rb +48 -0
data/db/migrate/20130515172727_valid_mdm_web_vuln_params.rb +30 -0
data/db/migrate/20130516204810_making_vulns_refs_a_real_ar_model.rb +5 -0
data/db/migrate/20130522001343_create_task_creds.rb +9 -0
data/db/migrate/20130522032517_create_task_hosts.rb +9 -0
data/db/migrate/20130522041110_create_task_services.rb +9 -0
data/db/migrate/20130525015035_remove_campaign_id_from_clients.rb +9 -0
data/db/migrate/20130525212420_drop_table_imported_creds.rb +14 -0
data/db/migrate/20130531144949_making_host_tags_a_real_ar_model.rb +6 -0
data/db/migrate/20130604145732_create_task_sessions.rb +9 -0
data/db/migrate/20130717150737_remove_pname_validation.rb +7 -0
data/db/migrate/20131002004641_create_automatic_exploitation_matches.rb +13 -0
data/db/migrate/20131002164449_create_automatic_exploitation_match_sets.rb +12 -0
data/db/migrate/20131008213344_create_automatic_exploitation_runs.rb +11 -0
data/db/migrate/20131011184338_module_detail_on_automatic_exploitation_match.rb +10 -0
data/db/migrate/20131017150735_create_automatic_exploitation_match_results.rb +11 -0
data/db/migrate/20131021185657_make_match_polymorphic.rb +11 -0
data/db/migrate/20140905031549_add_detected_arch_to_host.rb +5 -0
data/db/migrate/20150112203945_remove_duplicate_services.rb +17 -0
data/db/migrate/20150205192745_drop_service_uniqueness_index.rb +5 -0
data/db/migrate/20150209195939_add_vuln_id_to_note.rb +6 -0
data/db/migrate/20150212214222_remove_duplicate_services2.rb +17 -0
data/db/migrate/20150219173821_create_module_runs.rb +23 -0
data/db/migrate/20150219215039_add_module_run_to_session.rb +8 -0
data/db/migrate/20150226151459_add_module_run_fk_to_loot.rb +8 -0
data/db/migrate/20150312155312_add_module_full_name_to_match.rb +6 -0
data/db/migrate/20150317145455_rename_module_indices.rb +29 -0
data/db/migrate/20150326183742_add_missing_ae_indices.rb +13 -0
data/db/migrate/20150421211719_rename_automatic_exploitation_index.rb +16 -0
data/db/migrate/20150514182921_add_origin_to_mdm_vuln.rb +13 -0
data/db/migrate/20160415153312_remove_not_null_from_web_vuln_p_arams.rb +5 -0
data/db/migrate/20161004165612_add_fingerprinted_to_workspace.rb +5 -0
data/db/migrate/20161227212223_add_os_family_to_hosts.rb +5 -0
data/db/migrate/20180904120211_create_payloads.rb +21 -0
data/db/migrate/20190308134512_create_async_callbacks.rb +13 -0
data/db/migrate/20190507120211_remove_payload_workspaces.rb +5 -0
data/lib/mdm/host/operating_system_normalization.rb +942 -0
data/lib/mdm/module.rb +13 -0
data/lib/mdm.rb +57 -0
data/lib/metasploit_data_models/automatic_exploitation.rb +25 -0
data/lib/metasploit_data_models/base64_serializer.rb +99 -0
data/lib/metasploit_data_models/change_required_columns_to_null_false.rb +21 -0
data/lib/metasploit_data_models/engine.rb +32 -0
data/lib/metasploit_data_models/ip_address/cidr.rb +174 -0
data/lib/metasploit_data_models/ip_address/range.rb +181 -0
data/lib/metasploit_data_models/ip_address/v4/segment/nmap.rb +7 -0
data/lib/metasploit_data_models/ip_address/v4/segment.rb +7 -0
data/lib/metasploit_data_models/ip_address/v4.rb +11 -0
data/lib/metasploit_data_models/ip_address.rb +9 -0
data/lib/metasploit_data_models/match/child.rb +48 -0
data/lib/metasploit_data_models/match/parent.rb +103 -0
data/lib/metasploit_data_models/match.rb +8 -0
data/lib/metasploit_data_models/search/operation/port.rb +9 -0
data/lib/metasploit_data_models/search/operation.rb +9 -0
data/lib/metasploit_data_models/search/operator/port.rb +6 -0
data/lib/metasploit_data_models/search/operator.rb +8 -0
data/lib/metasploit_data_models/search/visitor.rb +11 -0
data/lib/metasploit_data_models/search.rb +8 -0
data/lib/metasploit_data_models/serialized_prefs.rb +27 -0
data/lib/metasploit_data_models/version.rb +13 -0
data/lib/metasploit_data_models.rb +56 -0
data/metasploit_data_models.gemspec +65 -0
data/script/rails +8 -0
data/spec/app/models/mdm/api_key_spec.rb +3 -0
data/spec/app/models/mdm/client_spec.rb +43 -0
data/spec/app/models/mdm/cred_spec.rb +346 -0
data/spec/app/models/mdm/event_spec.rb +90 -0
data/spec/app/models/mdm/exploit_attempt_spec.rb +59 -0
data/spec/app/models/mdm/exploited_host_spec.rb +44 -0
data/spec/app/models/mdm/host_detail_spec.rb +48 -0
data/spec/app/models/mdm/host_spec.rb +1139 -0
data/spec/app/models/mdm/host_tag_spec.rb +69 -0
data/spec/app/models/mdm/listener_spec.rb +107 -0
data/spec/app/models/mdm/loot_spec.rb +84 -0
data/spec/app/models/mdm/macro_spec.rb +3 -0
data/spec/app/models/mdm/mod_ref_spec.rb +3 -0
data/spec/app/models/mdm/module/action_spec.rb +34 -0
data/spec/app/models/mdm/module/arch_spec.rb +34 -0
data/spec/app/models/mdm/module/author_spec.rb +52 -0
data/spec/app/models/mdm/module/detail_spec.rb +746 -0
data/spec/app/models/mdm/module/mixin_spec.rb +34 -0
data/spec/app/models/mdm/module/platform_spec.rb +34 -0
data/spec/app/models/mdm/module/ref_spec.rb +58 -0
data/spec/app/models/mdm/module/target_spec.rb +36 -0
data/spec/app/models/mdm/nexpose_console_spec.rb +146 -0
data/spec/app/models/mdm/note_spec.rb +91 -0
data/spec/app/models/mdm/profile_spec.rb +3 -0
data/spec/app/models/mdm/ref_spec.rb +71 -0
data/spec/app/models/mdm/route_spec.rb +35 -0
data/spec/app/models/mdm/service_spec.rb +232 -0
data/spec/app/models/mdm/session_event_spec.rb +42 -0
data/spec/app/models/mdm/session_spec.rb +118 -0
data/spec/app/models/mdm/tag_spec.rb +116 -0
data/spec/app/models/mdm/task_cred_spec.rb +51 -0
data/spec/app/models/mdm/task_host_spec.rb +50 -0
data/spec/app/models/mdm/task_service_spec.rb +50 -0
data/spec/app/models/mdm/task_session_spec.rb +46 -0
data/spec/app/models/mdm/task_spec.rb +71 -0
data/spec/app/models/mdm/user_spec.rb +50 -0
data/spec/app/models/mdm/vuln_attempt_spec.rb +53 -0
data/spec/app/models/mdm/vuln_detail_spec.rb +65 -0
data/spec/app/models/mdm/vuln_ref_spec.rb +46 -0
data/spec/app/models/mdm/vuln_spec.rb +299 -0
data/spec/app/models/mdm/web_form_spec.rb +46 -0
data/spec/app/models/mdm/web_page_spec.rb +101 -0
data/spec/app/models/mdm/web_site_spec.rb +85 -0
data/spec/app/models/mdm/web_vuln_spec.rb +312 -0
data/spec/app/models/mdm/wmap_request_spec.rb +5 -0
data/spec/app/models/mdm/wmap_target_spec.rb +5 -0
data/spec/app/models/mdm/workspace_spec.rb +500 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_result_spec.rb +86 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_set_spec.rb +46 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_spec.rb +37 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/run_spec.rb +38 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/cidr_spec.rb +119 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/nmap_spec.rb +149 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/range_spec.rb +298 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list_spec.rb +276 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range_spec.rb +302 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/segmented_spec.rb +27 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/single_spec.rb +324 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/single_spec.rb +181 -0
data/spec/app/models/metasploit_data_models/module_run_spec.rb +134 -0
data/spec/app/models/metasploit_data_models/search/operation/ip_address_spec.rb +180 -0
data/spec/app/models/metasploit_data_models/search/operation/port/number_spec.rb +39 -0
data/spec/app/models/metasploit_data_models/search/operation/port/range_spec.rb +138 -0
data/spec/app/models/metasploit_data_models/search/operation/range_spec.rb +233 -0
data/spec/app/models/metasploit_data_models/search/operator/ip_address_spec.rb +17 -0
data/spec/app/models/metasploit_data_models/search/operator/multitext_spec.rb +160 -0
data/spec/app/models/metasploit_data_models/search/operator/port/list_spec.rb +162 -0
data/spec/app/models/metasploit_data_models/search/visitor/attribute_spec.rb +96 -0
data/spec/app/models/metasploit_data_models/search/visitor/includes_spec.rb +175 -0
data/spec/app/models/metasploit_data_models/search/visitor/joins_spec.rb +396 -0
data/spec/app/models/metasploit_data_models/search/visitor/method_spec.rb +49 -0
data/spec/app/models/metasploit_data_models/search/visitor/relation_spec.rb +925 -0
data/spec/app/models/metasploit_data_models/search/visitor/where_spec.rb +187 -0
data/spec/dummy/Rakefile +7 -0
data/spec/dummy/app/assets/config/manifest.js +1 -0
data/spec/dummy/app/assets/javascripts/application.js +15 -0
data/spec/dummy/app/assets/stylesheets/application.css +13 -0
data/spec/dummy/app/controllers/application_controller.rb +3 -0
data/spec/dummy/app/helpers/application_helper.rb +2 -0
data/spec/dummy/app/mailers/.gitkeep +0 -0
data/spec/dummy/app/models/.gitkeep +0 -0
data/spec/dummy/app/models/application_record.rb +3 -0
data/spec/dummy/app/views/layouts/application.html.erb +14 -0
data/spec/dummy/bin/bundle +3 -0
data/spec/dummy/bin/rails +4 -0
data/spec/dummy/bin/rake +4 -0
data/spec/dummy/config/application.rb +61 -0
data/spec/dummy/config/boot.rb +4 -0
data/spec/dummy/config/database.yml.example +22 -0
data/spec/dummy/config/database.yml.github_actions +21 -0
data/spec/dummy/config/environment.rb +5 -0
data/spec/dummy/config/environments/development.rb +37 -0
data/spec/dummy/config/environments/production.rb +78 -0
data/spec/dummy/config/environments/test.rb +39 -0
data/spec/dummy/config/initializers/active_record_migrations.rb +4 -0
data/spec/dummy/config/initializers/assets.rb +8 -0
data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/spec/dummy/config/initializers/cookies_serializer.rb +3 -0
data/spec/dummy/config/initializers/filter_parameter_logging.rb +4 -0
data/spec/dummy/config/initializers/inflections.rb +16 -0
data/spec/dummy/config/initializers/mime_types.rb +4 -0
data/spec/dummy/config/initializers/session_store.rb +3 -0
data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
data/spec/dummy/config/locales/en.yml +23 -0
data/spec/dummy/config/routes.rb +2 -0
data/spec/dummy/config.ru +4 -0
data/spec/dummy/db/structure.sql +3430 -0
data/spec/dummy/db/structure.sql.from_rails_3 +3403 -0
data/spec/dummy/lib/assets/.gitkeep +0 -0
data/spec/dummy/log/.gitkeep +0 -0
data/spec/dummy/public/404.html +26 -0
data/spec/dummy/public/422.html +26 -0
data/spec/dummy/public/500.html +25 -0
data/spec/dummy/public/favicon.ico +0 -0
data/spec/dummy/script/rails +6 -0
data/spec/factories/mdm/addresses.rb +12 -0
data/spec/factories/mdm/clients.rb +8 -0
data/spec/factories/mdm/creds.rb +17 -0
data/spec/factories/mdm/events.rb +15 -0
data/spec/factories/mdm/exploit_attempts.rb +8 -0
data/spec/factories/mdm/exploited_hosts.rb +7 -0
data/spec/factories/mdm/fingerprints/nessus_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/nexpose_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/nmap_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/retina_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/session_fingerprints.rb +6 -0
data/spec/factories/mdm/host_details.rb +8 -0
data/spec/factories/mdm/host_tags.rb +9 -0
data/spec/factories/mdm/hosts.rb +85 -0
data/spec/factories/mdm/listeners.rb +12 -0
data/spec/factories/mdm/loots.rb +11 -0
data/spec/factories/mdm/module/actions.rb +14 -0
data/spec/factories/mdm/module/archs.rb +14 -0
data/spec/factories/mdm/module/authors.rb +22 -0
data/spec/factories/mdm/module/details.rb +73 -0
data/spec/factories/mdm/module/mixins.rb +14 -0
data/spec/factories/mdm/module/platforms.rb +14 -0
data/spec/factories/mdm/module/refs.rb +14 -0
data/spec/factories/mdm/module/targets.rb +19 -0
data/spec/factories/mdm/nexpose_consoles.rb +15 -0
data/spec/factories/mdm/notes.rb +12 -0
data/spec/factories/mdm/refs.rb +9 -0
data/spec/factories/mdm/routes.rb +36 -0
data/spec/factories/mdm/services.rb +41 -0
data/spec/factories/mdm/session_events.rb +8 -0
data/spec/factories/mdm/sessions.rb +13 -0
data/spec/factories/mdm/tags.rb +14 -0
data/spec/factories/mdm/task.rb +16 -0
data/spec/factories/mdm/task_creds.rb +9 -0
data/spec/factories/mdm/task_hosts.rb +9 -0
data/spec/factories/mdm/task_services.rb +8 -0
data/spec/factories/mdm/task_sessions.rb +8 -0
data/spec/factories/mdm/users.rb +22 -0
data/spec/factories/mdm/vuln_attempts.rb +8 -0
data/spec/factories/mdm/vuln_details.rb +8 -0
data/spec/factories/mdm/vuln_refs.rb +4 -0
data/spec/factories/mdm/vulns.rb +20 -0
data/spec/factories/mdm/web_forms.rb +33 -0
data/spec/factories/mdm/web_pages.rb +64 -0
data/spec/factories/mdm/web_sites.rb +8 -0
data/spec/factories/mdm/web_vulns.rb +64 -0
data/spec/factories/mdm/workspaces.rb +23 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/match_results.rb +7 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/match_sets.rb +8 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/matches.rb +7 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/runs.rb +6 -0
data/spec/factories/module_runs.rb +40 -0
data/spec/lib/base64_serializer_spec.rb +172 -0
data/spec/lib/ipaddr_spec.rb +29 -0
data/spec/lib/metasploit_data_models/ip_address/cidr_spec.rb +356 -0
data/spec/lib/metasploit_data_models/ip_address/range_spec.rb +75 -0
data/spec/lib/metasploit_data_models/match/child_spec.rb +59 -0
data/spec/lib/metasploit_data_models/match/parent_spec.rb +153 -0
data/spec/lib/metasploit_data_models_spec.rb +13 -0
data/spec/spec_helper.rb +148 -0
data/spec/support/matchers/match_regex_exactly.rb +28 -0
data/spec/support/shared/contexts/rex/text.rb +15 -0
data/spec/support/shared/examples/coerces_inet_column_type_to_string.rb +15 -0
data/spec/support/shared/examples/mdm/module/detail/does_not_support_stance_with_mtype.rb +20 -0
data/spec/support/shared/examples/mdm/module/detail/supports_stance_with_mtype.rb +36 -0
data/spec/support/shared/examples/metasploit_data_models/search/operation/ipaddress/match.rb +109 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_children.rb +38 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_metasploit_model_search_operation_base.rb +26 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/relation/visit/matching_record.rb +50 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_equality.rb +34 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_metasploit_model_search_group_base.rb +51 -0
metadata +444 -6

data/app/models/mdm/async_callback.rb ADDED Viewed

@@ -0,0 +1,64 @@
+# An asychronous callback that has been received by the Mettle Pingback Listener and is logged
+class Mdm::AsyncCallback < ApplicationRecord
+  extend ActiveSupport::Autoload
+  include Metasploit::Model::Search
+  #
+  # Associations
+  #
+  #
+  # Attributes
+  #
+  # @!attribute [rw] uuid
+  #   A 16-byte unique identifier for this payload. The UUID is encoded to include specific information.
+  #   See lib/msf/core/payload/uuid.rb in the https://github.com/rapid7/metasploit-framework repo.
+  #
+  #   @return [String]
+  # @!attribute [rw] timestamp
+  #   The Unix format timestamp when this payload called back.
+  #
+  #   @return [Integer]
+  # @!attribute [rw] listener_uri
+  #   Non-unique URIs (eg. "tcp://192.168.1.7:4444") which received callbacks from this payload.
+  #
+  #   @return [String]
+  # @!attribute [rw] target_host
+  #   The IP address (eg. "192.168.1.7" or "fe80::1") from which the callback originated, from the view of the callback listener.
+  #
+  #   @return [String]
+  # @!attribute [rw] target_port
+  #   The IP port (eg. "4444") from which the callback originated, from the view of the callback listener.
+  #
+  #   @return [Integer]
+  #
+  # Validations
+  #
+  #
+  # Search Attributes
+  #
+  search_attribute :uuid,
+                   type: :string
+  #
+  # Serializations
+  #
+  # NONE
+  public
+  Metasploit::Concern.run(self)
+end

data/app/models/mdm/client.rb ADDED Viewed

@@ -0,0 +1,50 @@
+# Client used for `report_client` in metasploit-framework Metasploit Modules.
+class Mdm::Client < ApplicationRecord
+  #
+  # Associations
+  #
+  # {Mdm::Host} from which this client connected.
+  belongs_to :host,
+             class_name: 'Mdm::Host',
+             inverse_of: :clients
+  #
+  # Attributes
+  #
+  # @!attribute created_at
+  #   When this client was created.
+  #
+  #   @return [DateTime]
+  # @!attribute updated_at
+  #   When this client was last updated.
+  #
+  #   @return [DateTime]
+  #
+  # @!group User Agent
+  #
+  # @!attribute ua_name
+  #   Parsed name from {#ua_string user agent string}
+  #
+  #   @return [String]
+  # @!attribute ua_string
+  #   Raw user agent string from client browser
+  #
+  #   @return [String]
+  # @!attribute ua_ver
+  #   Version of user agent.
+  #
+  #   @return [String]
+  #
+  # @!endgroup
+  #
+  Metasploit::Concern.run(self)
+end

data/app/models/mdm/cred.rb ADDED Viewed

@@ -0,0 +1,205 @@
+# @deprecated Use metasploit-credential's `Metasploit::Credential::Core`.
+#
+# A credential captured from a {#service}.
+class Mdm::Cred < ApplicationRecord
+  #
+  # CONSTANTS
+  #
+  # Checks if {#proof} is an SSH Key in {#ssh_key_id}.
+  KEY_ID_REGEX = /([0-9a-fA-F:]{47})/
+  # Maps {#ptype_human} to {#ptype}.
+  PTYPES = {
+      'read/write password' => 'password_rw',
+      'read-only password' => 'password_ro',
+      'SMB hash' => 'smb_hash',
+      'SSH private key' => 'ssh_key',
+      'SSH public key' => 'ssh_pubkey'
+  }
+  #
+  #
+  # Associations
+  #
+  #
+  # The {Mdm::Service} this Cred is for.
+  belongs_to :service,
+             class_name: 'Mdm::Service',
+             inverse_of: :creds
+  # Joins {#tasks} to this Cred.
+  has_many :task_creds,
+           class_name: 'Mdm::TaskCred',
+           dependent: :destroy,
+           inverse_of: :cred
+  #
+  # through: :task_creds
+  #
+  # Tasks that touched this service
+  has_many :tasks, :through => :task_creds
+  #
+  # Attributes
+  #
+  # @!attribute active
+  #   Whether the credential is active.
+  #
+  #   @return [false] if a captured credential cannot be used to log into {#service}.
+  #   @return [true] otherwise
+  # @!attribute created_at
+  #   When this credential was created.
+  #
+  #   @return [DateTime]
+  # @!attribute pass
+  #   Pass of credential.
+  #
+  #   @return [String, nil]
+  # @!attribute proof
+  #   Proof of credential capture.
+  #
+  #   @return [String]
+  # @!attribute ptype
+  #   Type of {#pass}.
+  #
+  #   @return [String]
+  # @!attribute source_id
+  #   Id of source of this credential.
+  #
+  #   @return [Integer, nil]
+  # @!attribute source_type
+  #   Type of source with {#source_id}.
+  #
+  #   @return [String, nil]
+  # @!attribute updated_at
+  #   The last time this credential was updated.
+  #
+  #   @return [DateTime]
+  # @!attribute user
+  #   User name of credential.
+  #
+  #   @return [String, nil]
+  #
+  # Callbacks
+  #
+  after_create :increment_host_counter_cache
+  after_destroy :decrement_host_counter_cache
+  #
+  # Instance methods
+  #
+  # Humanized {#ptype}.
+  #
+  # @return [String, nil]
+  def ptype_human
+    humanized = PTYPES.select do |k, v|
+      v == ptype
+    end.keys[0]
+    humanized ? humanized : ptype
+  end
+  # Returns SSH Key ID.
+  #
+  # @return [String] SSH Key Id if ssh-type key and {#proof} matches {KEY_ID_REGEX}.
+  # @return [nil] otherwise
+  def ssh_key_id
+    return nil unless self.ptype =~ /^ssh_/
+    return nil unless self.proof =~ KEY_ID_REGEX
+    $1.downcase # Can't run into NilClass problems.
+  end
+  # Returns whether `other`'s SSH private key or public key matches.
+  #
+  # @return [false] if `other` is not same class as `self`.
+  # @return [false] if {#ptype} does not match.
+  # @return [false] if {#ptype} is neither `"ssh_key"` nor `"ssh_pubkey"`.
+  # @return [false] if {#ssh_key_id} is `nil`.
+  # @return [false] if {#ssh_key_id} does not match.
+  # @return [true] if {#ssh_key_id} matches.
+  def ssh_key_matches?(other_cred)
+    return false unless other_cred.kind_of? self.class
+    return false unless self.ptype == other_cred.ptype
+    case self.ptype
+      when "ssh_key"
+        matches = self.ssh_private_keys
+      when "ssh_pubkey"
+        matches = self.ssh_public_keys
+      else
+        return false
+    end
+    matches.include?(self) and matches.include?(other_cred)
+  end
+  # Returns all keys with matching key ids, including itself.
+  #
+  # @return [ActiveRecord::Relation<Mdm::Cred>] ssh_key and ssh_pubkey creds with matching {#ssh_key_id}.
+  def ssh_keys
+    (self.ssh_private_keys | self.ssh_public_keys)
+  end
+  # Returns all private keys with matching {#ssh_key_id}, including itself.
+  #
+  # @return [ActiveRecord::Relation<Mdm::Cred>] ssh_key creds with matching {#ssh_key_id}.
+  def ssh_private_keys
+    return [] unless self.ssh_key_id
+    matches = Mdm::Cred.where(
+        "ptype = ? AND proof ILIKE ?", "ssh_key", "%#{self.ssh_key_id}%"
+    ).to_a
+    matches.select {|c| c.workspace == self.workspace}
+  end
+  # Returns all public keys with matching {#ssh_key_id}, including itself.
+  #
+  # @return [ActiveRecord::Relation<Mdm::Cred>] ssh_pubkey creds with matching {#ssh_key_id}.
+  def ssh_public_keys
+    return [] unless self.ssh_key_id
+    matches = Mdm::Cred.where(
+        "ptype = ? AND proof ILIKE ?", "ssh_pubkey", "%#{self.ssh_key_id}%"
+    ).to_a
+    matches.select {|c| c.workspace == self.workspace}
+  end
+  # Returns its workspace
+  #
+  # @return [Mdm::Workspace]
+  def workspace
+    self.service.host.workspace
+  end
+  private
+  # Decrements {Mdm::Host#cred_count}.
+  #
+  # @return [void]
+  def decrement_host_counter_cache
+    Mdm::Host.decrement_counter("cred_count", self.service.host_id)
+  end
+  # Increments {Mdm::Host#cred_count}.
+  #
+  # @return [void]
+  def increment_host_counter_cache
+    Mdm::Host.increment_counter("cred_count", self.service.host_id)
+  end
+  # Switch back to public for load hooks.
+  public
+  Metasploit::Concern.run(self)
+end

data/app/models/mdm/event.rb ADDED Viewed

@@ -0,0 +1,83 @@
+# Records framework events to the database.
+class Mdm::Event < ApplicationRecord
+  #
+  # Associations
+  #
+  # Host on which this event occurred.
+  #
+  # @return [Mdm::Host]
+  # @return [nil] if event did not occur on a host.
+  belongs_to :host,
+             class_name: 'Mdm::Host',
+             inverse_of: :events
+  # {Mdm::Workspace} in which this event occured.  If {#host} is present, then this will match
+  # {Mdm::Host#workspace `host.workspace`}.
+  belongs_to :workspace,
+             class_name: 'Mdm::Workspace',
+             inverse_of: :events
+  #
+  # Attributes
+  #
+  # @!attribute created_at
+  #   When this event was created.
+  #
+  #   @return [DateTime]
+  # @!attribute critical
+  #   Indicates if the event is critical.
+  #
+  #   @return [false] event is not critical.
+  #   @return [true] event is critical.
+  # @!attribute  name
+  #   Name of the event, such as 'module_run'.
+  #
+  #   @return [String]
+  # @!attribute seen
+  #   Whether a user has seen these events.
+  #
+  #   @return [false] if the event has not been seen.
+  #   @return [true] if any user has seen the event.
+  # @!attribute  updated_at
+  #   The last time this event was updated.
+  #
+  #   @return [DateTime]
+  # @!attribute username
+  #   Name of user that triggered the event.  Not necessarily a {Mdm::User#username}, as {#username} may be set to
+  #   the username of the user inferred from `ENV` when using metasploit-framework.
+  #
+  #   @return [String]
+  #
+  # Scopes
+  #
+  scope :flagged, -> { where(:critical => true, :seen => false) }
+  scope :module_run, -> { where(:name => 'module_run') }
+  #
+  # Serializations
+  #
+  # {#name}-specific information about this event.
+  #
+  # @return [Hash]
+  serialize :info, MetasploitDataModels::Base64Serializer.new
+  #
+  # Validations
+  #
+  validates :name, :presence => true
+  Metasploit::Concern.run(self)
+end

data/app/models/mdm/exploit_attempt.rb ADDED Viewed

@@ -0,0 +1,105 @@
+# An attempt to exploit {#host}.
+class Mdm::ExploitAttempt < ApplicationRecord
+  #
+  # Associations
+  #
+  # Host that was attempted to be exploited.
+  #
+  # @return [Mdm::Host]
+  belongs_to :host,
+             class_name: 'Mdm::Host',
+             counter_cache: :exploit_attempt_count,
+             inverse_of: :exploit_attempts
+  # Loot gathers from the successful exploit.
+  #
+  # @return [Mdm::Loot, nil]
+  belongs_to :loot,
+             class_name: 'Mdm::Loot',
+             inverse_of: :exploit_attempt
+  # The service being exploited on {#host}.
+  #
+  # @return [Mdm::Service, nil]
+  belongs_to :service,
+             class_name: 'Mdm::Service',
+             inverse_of: :exploit_attempts
+  # The session that was established when this attempt was successful.
+  #
+  # @return [Mdm::Session]
+  # @return [nil] if session was not established.
+  belongs_to :session,
+             class_name: 'Mdm::Session',
+             inverse_of: :exploit_attempt
+  # The vulnerability that was attempted to be exploited.
+  #
+  # @return [Mdm::Vuln, nil]
+  belongs_to :vuln,
+             class_name: 'Mdm::Vuln',
+             inverse_of: :exploit_attempts
+  #
+  # Attributes
+  #
+  # @!attribute attempted_at
+  #   When the attempt was made.
+  #
+  #   @return [DateTime]
+  # @!attribute exploited
+  #   Whether the attempt was successful.
+  #
+  #   @return [true] attempt was successful.
+  #   @return [false] attempt was not successful.
+  # @!attribute fail_detail
+  #   A more verbose reason (compared to {#fail_reason} for the failure.
+  #
+  #   @return [String, nil]
+  # @!attribute fail_reason
+  #   Summary of why the attempt failed if {#exploited} is `false`.  For more details see {#fail_detail}.
+  #
+  #   @return [String, nil]
+  # @!attribute host_id
+  #   Foreign key to look up {#host}.
+  #
+  #   @return [Integer]
+  # @!attribute  module
+  #   The full name of the exploit module that made the attempt.
+  #
+  #   @return [String]
+  #   @todo Remove deprecated Mdm::Exploit#module (MSP-9281)
+  # @!attribute port
+  #   The port on {#host} which the exploit was attempted.
+  #
+  #   @return [Integer]
+  #   @todo Mdm::ExploitAttempt#port and Mdm::ExploitAttempt#proto are obsolete and should be removed (MSP-9284)
+  # @!attribute proto
+  #   The protocol name used on {#port}.
+  #
+  #   @return [String]
+  #   @todo Mdm::ExploitAttempt#port and Mdm::ExploitAttempt#proto are obsolete and should be removed (MSP-9284)
+  # @!attribute username
+  #   Name of user that made the attempt.  May be an {Mdm::User#name} or a system username.
+  #
+  #   @return [String]
+  #
+  # Validations
+  #
+  validates :host_id, :presence => true
+  Metasploit::Concern.run(self)
+end

data/app/models/mdm/exploited_host.rb ADDED Viewed

@@ -0,0 +1,42 @@
+# @deprecated use {Mdm::ExploitAttempt} instead.
+#
+# When a {#host} or {#service} on a {#host} is exploited.
+class Mdm::ExploitedHost < ApplicationRecord
+  #
+  # Associations
+  #
+  # The host that was exploited.
+  belongs_to :host,
+             class_name: 'Mdm::Host',
+             inverse_of: :exploited_hosts
+  # The service on {#host} that was exploited.
+  belongs_to :service,
+             class_name: 'Mdm::Service',
+             inverse_of: :exploited_hosts
+  #
+  # Attributes
+  #
+  # @!attribute name
+  #   Name of exploit.
+  #
+  #   @return [String]
+  # @!attribute payload
+  #   {Mdm::Module::Class#full_name Full name of the payload module} used to exploit the {#host} or {#service} on
+  #   {#host}.
+  #
+  #   @return [String]
+  # @!attribute session_uuid
+  #   UUID of local session.
+  #
+  #   @return [String]
+  #   @deprecated Sessions no longer have UUIDs.  They have {Mdm::Session#local_id} that reflects the in-memory
+  #     Msf::Session ID and an in-database {Mdm::Session#id}.
+  Metasploit::Concern.run(self)
+end