RubyGems - wg-metasploit_data_models - Versions diffs - 4.1.4.01 → 4.1.4.02 - Mend

wg-metasploit_data_models 4.1.4.01 → 4.1.4.02

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (440) hide show

checksums.yaml +4 -4
data/.coveralls.yml +1 -0
data/.github/workflows/verify.yml +68 -0
data/.gitignore +29 -0
data/.rspec +3 -0
data/.simplecov +38 -0
data/.yardopts +4 -0
data/CHANGELOG.md +6 -0
data/CONTRIBUTING.md +133 -0
data/Gemfile +46 -0
data/LICENSE +27 -0
data/README.md +65 -0
data/RELEASING.md +82 -0
data/Rakefile +72 -0
data/UPGRADING.md +1 -0
data/app/models/mdm/api_key.rb +61 -0
data/app/models/mdm/async_callback.rb +64 -0
data/app/models/mdm/client.rb +50 -0
data/app/models/mdm/cred.rb +205 -0
data/app/models/mdm/event.rb +83 -0
data/app/models/mdm/exploit_attempt.rb +105 -0
data/app/models/mdm/exploited_host.rb +42 -0
data/app/models/mdm/host.rb +619 -0
data/app/models/mdm/host_detail.rb +62 -0
data/app/models/mdm/host_tag.rb +49 -0
data/app/models/mdm/listener.rb +82 -0
data/app/models/mdm/loot.rb +161 -0
data/app/models/mdm/macro.rb +62 -0
data/app/models/mdm/mod_ref.rb +24 -0
data/app/models/mdm/module/action.rb +33 -0
data/app/models/mdm/module/arch.rb +28 -0
data/app/models/mdm/module/author.rb +34 -0
data/app/models/mdm/module/detail.rb +388 -0
data/app/models/mdm/module/mixin.rb +31 -0
data/app/models/mdm/module/platform.rb +29 -0
data/app/models/mdm/module/ref.rb +42 -0
data/app/models/mdm/module/target.rb +37 -0
data/app/models/mdm/nexpose_console.rb +121 -0
data/app/models/mdm/note.rb +125 -0
data/app/models/mdm/payload.rb +103 -0
data/app/models/mdm/profile.rb +45 -0
data/app/models/mdm/ref.rb +48 -0
data/app/models/mdm/route.rb +28 -0
data/app/models/mdm/service.rb +267 -0
data/app/models/mdm/session.rb +203 -0
data/app/models/mdm/session_event.rb +44 -0
data/app/models/mdm/tag.rb +114 -0
data/app/models/mdm/task.rb +168 -0
data/app/models/mdm/task_cred.rb +45 -0
data/app/models/mdm/task_host.rb +41 -0
data/app/models/mdm/task_service.rb +41 -0
data/app/models/mdm/task_session.rb +41 -0
data/app/models/mdm/user.rb +230 -0
data/app/models/mdm/vuln.rb +204 -0
data/app/models/mdm/vuln_attempt.rb +76 -0
data/app/models/mdm/vuln_detail.rb +156 -0
data/app/models/mdm/vuln_ref.rb +21 -0
data/app/models/mdm/web_form.rb +53 -0
data/app/models/mdm/web_page.rb +92 -0
data/app/models/mdm/web_site.rb +113 -0
data/app/models/mdm/web_vuln.rb +193 -0
data/app/models/mdm/wmap_request.rb +101 -0
data/app/models/mdm/wmap_target.rb +56 -0
data/app/models/mdm/workspace.rb +286 -0
data/app/models/metasploit_data_models/automatic_exploitation/match.rb +43 -0
data/app/models/metasploit_data_models/automatic_exploitation/match_result.rb +71 -0
data/app/models/metasploit_data_models/automatic_exploitation/match_set.rb +40 -0
data/app/models/metasploit_data_models/automatic_exploitation/run.rb +29 -0
data/app/models/metasploit_data_models/ip_address/v4/cidr.rb +14 -0
data/app/models/metasploit_data_models/ip_address/v4/nmap.rb +14 -0
data/app/models/metasploit_data_models/ip_address/v4/range.rb +12 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list.rb +125 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range.rb +12 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/single.rb +123 -0
data/app/models/metasploit_data_models/ip_address/v4/segmented.rb +200 -0
data/app/models/metasploit_data_models/ip_address/v4/single.rb +53 -0
data/app/models/metasploit_data_models/module_run.rb +213 -0
data/app/models/metasploit_data_models/search/operation/ip_address.rb +60 -0
data/app/models/metasploit_data_models/search/operation/port/number.rb +25 -0
data/app/models/metasploit_data_models/search/operation/port/range.rb +79 -0
data/app/models/metasploit_data_models/search/operation/range.rb +56 -0
data/app/models/metasploit_data_models/search/operator/ip_address.rb +33 -0
data/app/models/metasploit_data_models/search/operator/multitext.rb +73 -0
data/app/models/metasploit_data_models/search/operator/port/list.rb +67 -0
data/app/models/metasploit_data_models/search/visitor/attribute.rb +17 -0
data/app/models/metasploit_data_models/search/visitor/includes.rb +47 -0
data/app/models/metasploit_data_models/search/visitor/joins.rb +67 -0
data/app/models/metasploit_data_models/search/visitor/method.rb +16 -0
data/app/models/metasploit_data_models/search/visitor/relation.rb +91 -0
data/app/models/metasploit_data_models/search/visitor/where.rb +128 -0
data/config/initializers/arel_helper.rb +5 -0
data/config/initializers/ipaddr.rb +29 -0
data/config/locales/en.yml +94 -0
data/console_db.yml +9 -0
data/db/migrate/000_create_tables.rb +79 -0
data/db/migrate/001_add_wmap_tables.rb +35 -0
data/db/migrate/002_add_workspaces.rb +36 -0
data/db/migrate/003_move_notes.rb +20 -0
data/db/migrate/004_add_events_table.rb +16 -0
data/db/migrate/005_expand_info.rb +58 -0
data/db/migrate/006_add_timestamps.rb +26 -0
data/db/migrate/007_add_loots.rb +20 -0
data/db/migrate/008_create_users.rb +16 -0
data/db/migrate/009_add_loots_ctype.rb +10 -0
data/db/migrate/010_add_alert_fields.rb +16 -0
data/db/migrate/011_add_reports.rb +19 -0
data/db/migrate/012_add_tasks.rb +24 -0
data/db/migrate/013_add_tasks_result.rb +10 -0
data/db/migrate/014_add_loots_fields.rb +12 -0
data/db/migrate/015_rename_user.rb +16 -0
data/db/migrate/016_add_host_purpose.rb +10 -0
data/db/migrate/017_expand_info2.rb +58 -0
data/db/migrate/018_add_workspace_user_info.rb +29 -0
data/db/migrate/019_add_workspace_desc.rb +23 -0
data/db/migrate/020_add_user_preferences.rb +11 -0
data/db/migrate/021_standardize_info_and_data.rb +18 -0
data/db/migrate/022_enlarge_event_info.rb +10 -0
data/db/migrate/023_add_report_downloaded_at.rb +10 -0
data/db/migrate/024_convert_service_info_to_text.rb +12 -0
data/db/migrate/025_add_user_admin.rb +19 -0
data/db/migrate/026_add_creds_table.rb +19 -0
data/db/migrate/20100819123300_migrate_cred_data.rb +154 -0
data/db/migrate/20100824151500_add_exploited_table.rb +16 -0
data/db/migrate/20100908001428_add_owner_to_workspaces.rb +9 -0
data/db/migrate/20100911122000_add_report_templates.rb +18 -0
data/db/migrate/20100916151530_require_admin_flag.rb +15 -0
data/db/migrate/20100916175000_add_campaigns_and_templates.rb +61 -0
data/db/migrate/20100920012100_add_generate_exe_column.rb +8 -0
data/db/migrate/20100926214000_add_template_prefs.rb +11 -0
data/db/migrate/20101001000000_add_web_tables.rb +57 -0
data/db/migrate/20101002000000_add_query.rb +10 -0
data/db/migrate/20101007000000_add_vuln_info.rb +15 -0
data/db/migrate/20101008111800_add_clients_to_campaigns.rb +10 -0
data/db/migrate/20101009023300_add_campaign_attachments.rb +15 -0
data/db/migrate/20101104135100_add_imported_creds.rb +17 -0
data/db/migrate/20101203000000_fix_web_tables.rb +34 -0
data/db/migrate/20101203000001_expand_host_comment.rb +12 -0
data/db/migrate/20101206212033_add_limit_to_network_to_workspaces.rb +9 -0
data/db/migrate/20110112154300_add_module_uuid_to_tasks.rb +9 -0
data/db/migrate/20110204112800_add_host_tags.rb +28 -0
data/db/migrate/20110317144932_add_session_table.rb +110 -0
data/db/migrate/20110414180600_add_local_id_to_session_table.rb +11 -0
data/db/migrate/20110415175705_add_routes_table.rb +18 -0
data/db/migrate/20110422000000_convert_binary.rb +73 -0
data/db/migrate/20110425095900_add_last_seen_to_sessions.rb +8 -0
data/db/migrate/20110513143900_track_successful_exploits.rb +31 -0
data/db/migrate/20110517160800_rename_and_prune_nessus_vulns.rb +26 -0
data/db/migrate/20110527000000_add_task_id_to_reports_table.rb +11 -0
data/db/migrate/20110527000001_add_api_keys_table.rb +12 -0
data/db/migrate/20110606000001_add_macros_table.rb +16 -0
data/db/migrate/20110622000000_add_settings_to_tasks_table.rb +12 -0
data/db/migrate/20110624000001_add_listeners_table.rb +19 -0
data/db/migrate/20110625000001_add_macro_to_listeners_table.rb +12 -0
data/db/migrate/20110630000001_add_nexpose_consoles_table.rb +21 -0
data/db/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb +12 -0
data/db/migrate/20110717000001_add_profiles_table.rb +15 -0
data/db/migrate/20110727163801_expand_cred_ptype_column.rb +9 -0
data/db/migrate/20110730000001_add_initial_indexes.rb +85 -0
data/db/migrate/20110812000001_prune_indexes.rb +23 -0
data/db/migrate/20110922000000_expand_notes.rb +9 -0
data/db/migrate/20110928101300_add_mod_ref_table.rb +17 -0
data/db/migrate/20111011110000_add_display_name_to_reports_table.rb +24 -0
data/db/migrate/20111203000000_inet_columns.rb +13 -0
data/db/migrate/20111204000000_more_inet_columns.rb +17 -0
data/db/migrate/20111210000000_add_scope_to_hosts.rb +9 -0
data/db/migrate/20120126110000_add_virtual_host_to_hosts.rb +9 -0
data/db/migrate/20120411173220_rename_workspace_members.rb +9 -0
data/db/migrate/20120601152442_add_counter_caches_to_hosts.rb +21 -0
data/db/migrate/20120625000000_add_vuln_details.rb +34 -0
data/db/migrate/20120625000001_add_host_details.rb +16 -0
data/db/migrate/20120625000002_expand_details.rb +16 -0
data/db/migrate/20120625000003_expand_details2.rb +24 -0
data/db/migrate/20120625000004_add_vuln_attempts.rb +19 -0
data/db/migrate/20120625000005_add_vuln_and_host_counter_caches.rb +14 -0
data/db/migrate/20120625000006_add_module_details.rb +118 -0
data/db/migrate/20120625000007_add_exploit_attempts.rb +26 -0
data/db/migrate/20120625000008_add_fail_message.rb +12 -0
data/db/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb +13 -0
data/db/migrate/20130228214900_change_required_columns_to_null_false_in_web_vulns.rb +19 -0
data/db/migrate/20130412154159_change_foreign_key_in_module_actions.rb +25 -0
data/db/migrate/20130412171844_change_foreign_key_in_module_archs.rb +25 -0
data/db/migrate/20130412173121_change_foreign_key_in_module_authors.rb +25 -0
data/db/migrate/20130412173640_change_foreign_key_in_module_mixins.rb +25 -0
data/db/migrate/20130412174254_change_foreign_key_in_module_platforms.rb +25 -0
data/db/migrate/20130412174719_change_foreign_key_in_module_refs.rb +25 -0
data/db/migrate/20130412175040_change_foreign_key_in_module_targets.rb +25 -0
data/db/migrate/20130423211152_add_creds_counter_cache.rb +24 -0
data/db/migrate/20130430151353_change_required_columns_to_null_false_in_hosts.rb +11 -0
data/db/migrate/20130430162145_enforce_address_uniqueness_in_workspace_in_hosts.rb +101 -0
data/db/migrate/20130510021637_remove_campaigns.rb +11 -0
data/db/migrate/20130515164311_change_web_vulns_confidence_to_integer.rb +48 -0
data/db/migrate/20130515172727_valid_mdm_web_vuln_params.rb +30 -0
data/db/migrate/20130516204810_making_vulns_refs_a_real_ar_model.rb +5 -0
data/db/migrate/20130522001343_create_task_creds.rb +9 -0
data/db/migrate/20130522032517_create_task_hosts.rb +9 -0
data/db/migrate/20130522041110_create_task_services.rb +9 -0
data/db/migrate/20130525015035_remove_campaign_id_from_clients.rb +9 -0
data/db/migrate/20130525212420_drop_table_imported_creds.rb +14 -0
data/db/migrate/20130531144949_making_host_tags_a_real_ar_model.rb +6 -0
data/db/migrate/20130604145732_create_task_sessions.rb +9 -0
data/db/migrate/20130717150737_remove_pname_validation.rb +7 -0
data/db/migrate/20131002004641_create_automatic_exploitation_matches.rb +13 -0
data/db/migrate/20131002164449_create_automatic_exploitation_match_sets.rb +12 -0
data/db/migrate/20131008213344_create_automatic_exploitation_runs.rb +11 -0
data/db/migrate/20131011184338_module_detail_on_automatic_exploitation_match.rb +10 -0
data/db/migrate/20131017150735_create_automatic_exploitation_match_results.rb +11 -0
data/db/migrate/20131021185657_make_match_polymorphic.rb +11 -0
data/db/migrate/20140905031549_add_detected_arch_to_host.rb +5 -0
data/db/migrate/20150112203945_remove_duplicate_services.rb +17 -0
data/db/migrate/20150205192745_drop_service_uniqueness_index.rb +5 -0
data/db/migrate/20150209195939_add_vuln_id_to_note.rb +6 -0
data/db/migrate/20150212214222_remove_duplicate_services2.rb +17 -0
data/db/migrate/20150219173821_create_module_runs.rb +23 -0
data/db/migrate/20150219215039_add_module_run_to_session.rb +8 -0
data/db/migrate/20150226151459_add_module_run_fk_to_loot.rb +8 -0
data/db/migrate/20150312155312_add_module_full_name_to_match.rb +6 -0
data/db/migrate/20150317145455_rename_module_indices.rb +29 -0
data/db/migrate/20150326183742_add_missing_ae_indices.rb +13 -0
data/db/migrate/20150421211719_rename_automatic_exploitation_index.rb +16 -0
data/db/migrate/20150514182921_add_origin_to_mdm_vuln.rb +13 -0
data/db/migrate/20160415153312_remove_not_null_from_web_vuln_p_arams.rb +5 -0
data/db/migrate/20161004165612_add_fingerprinted_to_workspace.rb +5 -0
data/db/migrate/20161227212223_add_os_family_to_hosts.rb +5 -0
data/db/migrate/20180904120211_create_payloads.rb +21 -0
data/db/migrate/20190308134512_create_async_callbacks.rb +13 -0
data/db/migrate/20190507120211_remove_payload_workspaces.rb +5 -0
data/lib/mdm/host/operating_system_normalization.rb +942 -0
data/lib/mdm/module.rb +13 -0
data/lib/mdm.rb +57 -0
data/lib/metasploit_data_models/automatic_exploitation.rb +25 -0
data/lib/metasploit_data_models/base64_serializer.rb +99 -0
data/lib/metasploit_data_models/change_required_columns_to_null_false.rb +21 -0
data/lib/metasploit_data_models/engine.rb +32 -0
data/lib/metasploit_data_models/ip_address/cidr.rb +174 -0
data/lib/metasploit_data_models/ip_address/range.rb +181 -0
data/lib/metasploit_data_models/ip_address/v4/segment/nmap.rb +7 -0
data/lib/metasploit_data_models/ip_address/v4/segment.rb +7 -0
data/lib/metasploit_data_models/ip_address/v4.rb +11 -0
data/lib/metasploit_data_models/ip_address.rb +9 -0
data/lib/metasploit_data_models/match/child.rb +48 -0
data/lib/metasploit_data_models/match/parent.rb +103 -0
data/lib/metasploit_data_models/match.rb +8 -0
data/lib/metasploit_data_models/search/operation/port.rb +9 -0
data/lib/metasploit_data_models/search/operation.rb +9 -0
data/lib/metasploit_data_models/search/operator/port.rb +6 -0
data/lib/metasploit_data_models/search/operator.rb +8 -0
data/lib/metasploit_data_models/search/visitor.rb +11 -0
data/lib/metasploit_data_models/search.rb +8 -0
data/lib/metasploit_data_models/serialized_prefs.rb +27 -0
data/lib/metasploit_data_models/version.rb +13 -0
data/lib/metasploit_data_models.rb +56 -0
data/metasploit_data_models.gemspec +65 -0
data/script/rails +8 -0
data/spec/app/models/mdm/api_key_spec.rb +3 -0
data/spec/app/models/mdm/client_spec.rb +43 -0
data/spec/app/models/mdm/cred_spec.rb +346 -0
data/spec/app/models/mdm/event_spec.rb +90 -0
data/spec/app/models/mdm/exploit_attempt_spec.rb +59 -0
data/spec/app/models/mdm/exploited_host_spec.rb +44 -0
data/spec/app/models/mdm/host_detail_spec.rb +48 -0
data/spec/app/models/mdm/host_spec.rb +1139 -0
data/spec/app/models/mdm/host_tag_spec.rb +69 -0
data/spec/app/models/mdm/listener_spec.rb +107 -0
data/spec/app/models/mdm/loot_spec.rb +84 -0
data/spec/app/models/mdm/macro_spec.rb +3 -0
data/spec/app/models/mdm/mod_ref_spec.rb +3 -0
data/spec/app/models/mdm/module/action_spec.rb +34 -0
data/spec/app/models/mdm/module/arch_spec.rb +34 -0
data/spec/app/models/mdm/module/author_spec.rb +52 -0
data/spec/app/models/mdm/module/detail_spec.rb +746 -0
data/spec/app/models/mdm/module/mixin_spec.rb +34 -0
data/spec/app/models/mdm/module/platform_spec.rb +34 -0
data/spec/app/models/mdm/module/ref_spec.rb +58 -0
data/spec/app/models/mdm/module/target_spec.rb +36 -0
data/spec/app/models/mdm/nexpose_console_spec.rb +146 -0
data/spec/app/models/mdm/note_spec.rb +91 -0
data/spec/app/models/mdm/profile_spec.rb +3 -0
data/spec/app/models/mdm/ref_spec.rb +71 -0
data/spec/app/models/mdm/route_spec.rb +35 -0
data/spec/app/models/mdm/service_spec.rb +232 -0
data/spec/app/models/mdm/session_event_spec.rb +42 -0
data/spec/app/models/mdm/session_spec.rb +118 -0
data/spec/app/models/mdm/tag_spec.rb +116 -0
data/spec/app/models/mdm/task_cred_spec.rb +51 -0
data/spec/app/models/mdm/task_host_spec.rb +50 -0
data/spec/app/models/mdm/task_service_spec.rb +50 -0
data/spec/app/models/mdm/task_session_spec.rb +46 -0
data/spec/app/models/mdm/task_spec.rb +71 -0
data/spec/app/models/mdm/user_spec.rb +50 -0
data/spec/app/models/mdm/vuln_attempt_spec.rb +53 -0
data/spec/app/models/mdm/vuln_detail_spec.rb +65 -0
data/spec/app/models/mdm/vuln_ref_spec.rb +46 -0
data/spec/app/models/mdm/vuln_spec.rb +299 -0
data/spec/app/models/mdm/web_form_spec.rb +46 -0
data/spec/app/models/mdm/web_page_spec.rb +101 -0
data/spec/app/models/mdm/web_site_spec.rb +85 -0
data/spec/app/models/mdm/web_vuln_spec.rb +312 -0
data/spec/app/models/mdm/wmap_request_spec.rb +5 -0
data/spec/app/models/mdm/wmap_target_spec.rb +5 -0
data/spec/app/models/mdm/workspace_spec.rb +500 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_result_spec.rb +86 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_set_spec.rb +46 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_spec.rb +37 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/run_spec.rb +38 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/cidr_spec.rb +119 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/nmap_spec.rb +149 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/range_spec.rb +298 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list_spec.rb +276 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range_spec.rb +302 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/segmented_spec.rb +27 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/single_spec.rb +324 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/single_spec.rb +181 -0
data/spec/app/models/metasploit_data_models/module_run_spec.rb +134 -0
data/spec/app/models/metasploit_data_models/search/operation/ip_address_spec.rb +180 -0
data/spec/app/models/metasploit_data_models/search/operation/port/number_spec.rb +39 -0
data/spec/app/models/metasploit_data_models/search/operation/port/range_spec.rb +138 -0
data/spec/app/models/metasploit_data_models/search/operation/range_spec.rb +233 -0
data/spec/app/models/metasploit_data_models/search/operator/ip_address_spec.rb +17 -0
data/spec/app/models/metasploit_data_models/search/operator/multitext_spec.rb +160 -0
data/spec/app/models/metasploit_data_models/search/operator/port/list_spec.rb +162 -0
data/spec/app/models/metasploit_data_models/search/visitor/attribute_spec.rb +96 -0
data/spec/app/models/metasploit_data_models/search/visitor/includes_spec.rb +175 -0
data/spec/app/models/metasploit_data_models/search/visitor/joins_spec.rb +396 -0
data/spec/app/models/metasploit_data_models/search/visitor/method_spec.rb +49 -0
data/spec/app/models/metasploit_data_models/search/visitor/relation_spec.rb +925 -0
data/spec/app/models/metasploit_data_models/search/visitor/where_spec.rb +187 -0
data/spec/dummy/Rakefile +7 -0
data/spec/dummy/app/assets/config/manifest.js +1 -0
data/spec/dummy/app/assets/javascripts/application.js +15 -0
data/spec/dummy/app/assets/stylesheets/application.css +13 -0
data/spec/dummy/app/controllers/application_controller.rb +3 -0
data/spec/dummy/app/helpers/application_helper.rb +2 -0
data/spec/dummy/app/mailers/.gitkeep +0 -0
data/spec/dummy/app/models/.gitkeep +0 -0
data/spec/dummy/app/models/application_record.rb +3 -0
data/spec/dummy/app/views/layouts/application.html.erb +14 -0
data/spec/dummy/bin/bundle +3 -0
data/spec/dummy/bin/rails +4 -0
data/spec/dummy/bin/rake +4 -0
data/spec/dummy/config/application.rb +61 -0
data/spec/dummy/config/boot.rb +4 -0
data/spec/dummy/config/database.yml.example +22 -0
data/spec/dummy/config/database.yml.github_actions +21 -0
data/spec/dummy/config/environment.rb +5 -0
data/spec/dummy/config/environments/development.rb +37 -0
data/spec/dummy/config/environments/production.rb +78 -0
data/spec/dummy/config/environments/test.rb +39 -0
data/spec/dummy/config/initializers/active_record_migrations.rb +4 -0
data/spec/dummy/config/initializers/assets.rb +8 -0
data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/spec/dummy/config/initializers/cookies_serializer.rb +3 -0
data/spec/dummy/config/initializers/filter_parameter_logging.rb +4 -0
data/spec/dummy/config/initializers/inflections.rb +16 -0
data/spec/dummy/config/initializers/mime_types.rb +4 -0
data/spec/dummy/config/initializers/session_store.rb +3 -0
data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
data/spec/dummy/config/locales/en.yml +23 -0
data/spec/dummy/config/routes.rb +2 -0
data/spec/dummy/config.ru +4 -0
data/spec/dummy/db/structure.sql +3430 -0
data/spec/dummy/db/structure.sql.from_rails_3 +3403 -0
data/spec/dummy/lib/assets/.gitkeep +0 -0
data/spec/dummy/log/.gitkeep +0 -0
data/spec/dummy/public/404.html +26 -0
data/spec/dummy/public/422.html +26 -0
data/spec/dummy/public/500.html +25 -0
data/spec/dummy/public/favicon.ico +0 -0
data/spec/dummy/script/rails +6 -0
data/spec/factories/mdm/addresses.rb +12 -0
data/spec/factories/mdm/clients.rb +8 -0
data/spec/factories/mdm/creds.rb +17 -0
data/spec/factories/mdm/events.rb +15 -0
data/spec/factories/mdm/exploit_attempts.rb +8 -0
data/spec/factories/mdm/exploited_hosts.rb +7 -0
data/spec/factories/mdm/fingerprints/nessus_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/nexpose_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/nmap_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/retina_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/session_fingerprints.rb +6 -0
data/spec/factories/mdm/host_details.rb +8 -0
data/spec/factories/mdm/host_tags.rb +9 -0
data/spec/factories/mdm/hosts.rb +85 -0
data/spec/factories/mdm/listeners.rb +12 -0
data/spec/factories/mdm/loots.rb +11 -0
data/spec/factories/mdm/module/actions.rb +14 -0
data/spec/factories/mdm/module/archs.rb +14 -0
data/spec/factories/mdm/module/authors.rb +22 -0
data/spec/factories/mdm/module/details.rb +73 -0
data/spec/factories/mdm/module/mixins.rb +14 -0
data/spec/factories/mdm/module/platforms.rb +14 -0
data/spec/factories/mdm/module/refs.rb +14 -0
data/spec/factories/mdm/module/targets.rb +19 -0
data/spec/factories/mdm/nexpose_consoles.rb +15 -0
data/spec/factories/mdm/notes.rb +12 -0
data/spec/factories/mdm/refs.rb +9 -0
data/spec/factories/mdm/routes.rb +36 -0
data/spec/factories/mdm/services.rb +41 -0
data/spec/factories/mdm/session_events.rb +8 -0
data/spec/factories/mdm/sessions.rb +13 -0
data/spec/factories/mdm/tags.rb +14 -0
data/spec/factories/mdm/task.rb +16 -0
data/spec/factories/mdm/task_creds.rb +9 -0
data/spec/factories/mdm/task_hosts.rb +9 -0
data/spec/factories/mdm/task_services.rb +8 -0
data/spec/factories/mdm/task_sessions.rb +8 -0
data/spec/factories/mdm/users.rb +22 -0
data/spec/factories/mdm/vuln_attempts.rb +8 -0
data/spec/factories/mdm/vuln_details.rb +8 -0
data/spec/factories/mdm/vuln_refs.rb +4 -0
data/spec/factories/mdm/vulns.rb +20 -0
data/spec/factories/mdm/web_forms.rb +33 -0
data/spec/factories/mdm/web_pages.rb +64 -0
data/spec/factories/mdm/web_sites.rb +8 -0
data/spec/factories/mdm/web_vulns.rb +64 -0
data/spec/factories/mdm/workspaces.rb +23 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/match_results.rb +7 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/match_sets.rb +8 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/matches.rb +7 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/runs.rb +6 -0
data/spec/factories/module_runs.rb +40 -0
data/spec/lib/base64_serializer_spec.rb +172 -0
data/spec/lib/ipaddr_spec.rb +29 -0
data/spec/lib/metasploit_data_models/ip_address/cidr_spec.rb +356 -0
data/spec/lib/metasploit_data_models/ip_address/range_spec.rb +75 -0
data/spec/lib/metasploit_data_models/match/child_spec.rb +59 -0
data/spec/lib/metasploit_data_models/match/parent_spec.rb +153 -0
data/spec/lib/metasploit_data_models_spec.rb +13 -0
data/spec/spec_helper.rb +148 -0
data/spec/support/matchers/match_regex_exactly.rb +28 -0
data/spec/support/shared/contexts/rex/text.rb +15 -0
data/spec/support/shared/examples/coerces_inet_column_type_to_string.rb +15 -0
data/spec/support/shared/examples/mdm/module/detail/does_not_support_stance_with_mtype.rb +20 -0
data/spec/support/shared/examples/mdm/module/detail/supports_stance_with_mtype.rb +36 -0
data/spec/support/shared/examples/metasploit_data_models/search/operation/ipaddress/match.rb +109 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_children.rb +38 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_metasploit_model_search_operation_base.rb +26 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/relation/visit/matching_record.rb +50 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_equality.rb +34 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_metasploit_model_search_group_base.rb +51 -0
metadata +444 -6

data/spec/spec_helper.rb ADDED Viewed

@@ -0,0 +1,148 @@
+# Configure Rails Environment
+ENV['RAILS_ENV'] = 'test'
+require 'rubygems'
+require 'bundler'
+Bundler.setup(:default, :test)
+# Require simplecov before loading ..dummy/config/environment.rb because it will cause metasploit_data_models/lib to
+# be loaded, which would result in Coverage not recording hits for any of the files.
+require 'simplecov'
+require 'coveralls'
+# if ENV['TRAVIS'] == 'true'
+#   # don't generate local report as it is inaccessible on travis-ci, which is why coveralls is being used.
+#   SimpleCov.formatter = Coveralls::SimpleCov::Formatter
+# else
+  SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter.new([
+      # either generate the local report
+      SimpleCov::Formatter::HTMLFormatter
+  ])
+# end
+require File.expand_path('../dummy/config/environment.rb',  __FILE__)
+require 'rspec/rails'
+# full backtrace in logs so its easier to trace errors
+Rails.backtrace_cleaner.remove_silencers!
+# Requires supporting ruby files with custom matchers and macros, etc,
+# in spec/support/ and its subdirectories.
+Dir["./spec/support/**/*.rb"].sort.each { |f| require f}
+roots = [
+    Metasploit::Concern::Engine.root,
+    Metasploit::Model::Engine.root,
+    MetasploitDataModels::Engine.root
+]
+roots.each do |root|
+  support_glob = File.join(root, 'spec', 'support', '**', '*.rb')
+  Dir.glob(support_glob) do |path|
+    require path
+  end
+end
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+RSpec.configure do |config|
+  # rspec-expectations config goes here. You can use an alternate
+  # assertion/expectation library such as wrong or the stdlib/minitest
+  # assertions if you prefer.
+  config.expect_with :rspec do |expectations|
+    # This option will default to `true` in RSpec 4. It makes the `description`
+    # and `failure_message` of custom matchers include text for helper methods
+    # defined using `chain`, e.g.:
+    #     be_bigger_than(2).and_smaller_than(4).description
+    #     # => "be bigger than 2 and smaller than 4"
+    # ...rather than:
+    #     # => "be bigger than 2"
+    expectations.include_chain_clauses_in_custom_matcher_descriptions = true
+  end
+  # rspec-mocks config goes here. You can use an alternate test double
+  # library (such as bogus or mocha) by changing the `mock_with` option here.
+  config.mock_with :rspec do |mocks|
+    # Prevents you from mocking or stubbing a method that does not exist on
+    # a real object. This is generally recommended, and will default to
+    # `true` in RSpec 4.
+    mocks.verify_partial_doubles = true
+  end
+  # These two settings work together to allow you to limit a spec run
+  # to individual examples or groups you care about by tagging them with
+  # `:focus` metadata. When nothing is tagged with `:focus`, all examples
+  # get run.
+  config.filter_run :focus
+  config.run_all_when_everything_filtered = true
+  # Limits the available syntax to the non-monkey patched syntax that is
+  # recommended. For more details, see:
+  #   - http://myronmars.to/n/dev-blog/2012/06/rspecs-new-expectation-syntax
+  #   - http://teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation-syntax/
+  #   - http://myronmars.to/n/dev-blog/2014/05/notable-changes-in-rspec-3#new__config_option_to_disable_rspeccore_monkey_patching
+  config.disable_monkey_patching!
+  # This setting enables warnings. It's recommended, but in some cases may
+  # be too noisy due to issues in dependencies.
+  config.warnings = true
+  # Many RSpec users commonly either run the entire suite or an individual
+  # file, and it's useful to allow more verbose output when running an
+  # individual spec file.
+  if config.files_to_run.one?
+    # Use the documentation formatter for detailed output,
+    # unless a formatter has already been configured
+    # (e.g. via a command-line flag).
+    config.default_formatter = 'doc'
+  end
+  # Print the 10 slowest examples and example groups at the
+  # end of the spec run, to help surface which specs are running
+  # particularly slow.
+  config.profile_examples = 10
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = :random
+  # Seed global randomization in this process using the `--seed` CLI option.
+  # Setting this allows you to use `--seed` to deterministically reproduce
+  # test failures related to randomization by passing the same `--seed` value
+  # as the one that triggered the failure.
+  Kernel.srand config.seed
+  config.use_transactional_fixtures = true
+  # rspec-rails 3 will no longer automatically infer an example group's spec type
+  # from the file location. You can explicitly opt-in to the feature using this
+  # config option.
+  # To explicitly tag specs without using automatic inference, set the `:type`
+  # metadata manually:
+  #
+  #     describe ThingsController, :type => :controller do
+  #       # Equivalent to being in spec/controllers
+  #     end
+  config.infer_spec_type_from_file_location!
+  # Setting this config option `false` removes rspec-core's monkey patching of the
+  # top level methods like `describe`, `shared_examples_for` and `shared_context`
+  # on `main` and `Module`. The methods are always available through the `RSpec`
+  # module like `RSpec.describe` regardless of this setting.
+  # For backwards compatibility this defaults to `true`.
+  #
+  # https://relishapp.com/rspec/rspec-core/v/3-0/docs/configuration/global-namespace-dsl
+  config.expose_dsl_globally = false
+end
+Shoulda::Matchers.configure do |config|
+  config.integrate do |with|
+    with.library :active_record
+    with.library :active_model
+    with.test_framework :rspec
+  end
+end

data/spec/support/matchers/match_regex_exactly.rb ADDED Viewed

@@ -0,0 +1,28 @@
+# Checks that the string matches the
+RSpec::Matchers.define :match_string_exactly do |string|
+  failure_message do |regexp|
+    match = regexp.match(string)
+    failure_message = "expected #{regexp} to match #{string}"
+    if match
+      failure_message << ', but'
+      unless match.pre_match.empty?
+        failure_message << " pre-match is #{match.pre_match}"
+      end
+      unless match.post_match.empty?
+        failure_message << " post-match is #{match.post_match}"
+      end
+    end
+    failure_message
+  end
+  match do |regexp|
+    match = regexp.match(string)
+    match && match.pre_match.empty? && match.post_match.empty?
+  end
+end

data/spec/support/shared/contexts/rex/text.rb ADDED Viewed

@@ -0,0 +1,15 @@
+RSpec.shared_context 'Rex::Text' do
+  before(:example) do
+    rex_text = Module.new do
+      def self.ascii_safe_hex(str, whitespace=false)
+        if whitespace
+          str.gsub(/([\x00-\x20\x80-\xFF])/n){ |x| "\\x%.2x" % x.unpack("C*")[0] }
+        else
+          str.gsub(/([\x00-\x08\x0b\x0c\x0e-\x1f\x80-\xFF])/n){ |x| "\\x%.2x" % x.unpack("C*")[0]}
+        end
+      end
+    end
+    stub_const('Rex::Text', rex_text)
+  end
+end

data/spec/support/shared/examples/coerces_inet_column_type_to_string.rb ADDED Viewed

@@ -0,0 +1,15 @@
+RSpec.shared_examples_for 'coerces inet column type to string' do |column|
+  raise ArgumentError, 'must pass the column name' unless column
+  context 'with an inet column' do
+    let(:address) { '10.0.0.1' }
+    before(:example) do
+      subject.update_attribute column, address
+    end
+    it 'should cast the column as a string when fetching from the database' do
+      expect(subject.send(column)).to eq(address)
+    end
+  end
+end

data/spec/support/shared/examples/mdm/module/detail/does_not_support_stance_with_mtype.rb ADDED Viewed

@@ -0,0 +1,20 @@
+RSpec.shared_examples_for 'Mdm::Module::Detail does not support stance with mtype' do |mtype|
+  context "with #{mtype.inspect}" do
+    # define as a let so that lets from outer context can access option to set detail.
+    let(:mtype) do
+      mtype
+    end
+    it 'should return false for supports_stance?' do
+      expect(detail.supports_stance?).to eq(false)
+    end
+    context 'with nil stance' do
+      let(:stance) do
+        nil
+      end
+      it { is_expected.to be_valid }
+    end
+  end
+end

data/spec/support/shared/examples/mdm/module/detail/supports_stance_with_mtype.rb ADDED Viewed

@@ -0,0 +1,36 @@
+RSpec.shared_examples_for 'Mdm::Module::Detail supports stance with mtype' do |mtype|
+  context "with #{mtype.inspect}" do
+    # define as a let so that lets from outer context can access option to set detail.
+    let(:mtype) do
+      mtype
+    end
+    it 'should return true for supports_stance?' do
+      expect(detail.supports_stance?).to eq(true)
+    end
+    context 'with nil stance' do
+      let(:stance) do
+        nil
+      end
+      it { is_expected.to be_invalid }
+    end
+    context "with 'aggresive' stance" do
+      let(:stance) do
+        'aggressive'
+      end
+      it { is_expected.to be_valid }
+    end
+    context "with 'passive' stance" do
+      let(:stance) do
+        'passive'
+      end
+      it { is_expected.to be_valid }
+    end
+  end
+end

data/spec/support/shared/examples/metasploit_data_models/search/operation/ipaddress/match.rb ADDED Viewed

@@ -0,0 +1,109 @@
+RSpec.shared_examples_for 'MetasploitDataModels::Search::Operation::IPAddress::*.match' do |options={}|
+  options.assert_valid_keys(4, 6)
+  subject(:match) {
+    described_class.match(formatted_value)
+  }
+  #
+  # Shared Examples
+  #
+  shared_examples_for 'match' do |boolean|
+    if boolean
+      it { is_expected.to be_a described_class }
+      it 'does not set #operator' do
+        expect(match.operator).to be_nil
+      end
+      it 'sets #value' do
+        expect(match.value).not_to be_nil
+      end
+    else
+      it { is_expected.to be_nil }
+    end
+  end
+  context 'with IPv4' do
+    ipv4 = options.fetch(4, [])
+    ipv4 = Set.new Array.wrap(ipv4)
+    key_set = Set.new([:cidr, :nmap, :range, :single])
+    unless key_set.superset?(ipv4)
+      unknown_keys = ipv4 - key_set
+      raise ArgumentError, "keys (#{unknown_keys.sort.to_sentence}) not in known keys (#{key_set.sort.to_sentence})"
+    end
+    context 'with CIDR' do
+      let(:formatted_value) {
+        '1.2.3.4/24'
+      }
+      it_should_behave_like 'match', ipv4.include?(:cidr)
+    end
+    context 'with NMAP' do
+      let(:formatted_value) {
+        '1-2,4.5,6-7.8-9,10-11.12,13'
+      }
+      it_should_behave_like 'match', ipv4.include?(:nmap)
+    end
+    context 'with range' do
+      let(:formatted_value) {
+        '1.2.3.4-5.6.7.8'
+      }
+      it_should_behave_like 'match', ipv4.include?(:range)
+    end
+    context 'with single' do
+      let(:formatted_value) {
+        '1.2.3.4'
+      }
+      it_should_behave_like 'match', ipv4.include?(:single)
+    end
+  end
+  context 'with IPv6' do
+    ipv6 = options.fetch(6, [])
+    ipv6 = Set.new Array.wrap(ipv6)
+    key_set = Set.new([:cidr, :range, :single])
+    unless key_set.superset?(ipv6)
+      unknown_keys = ipv6 - key_set
+      raise ArgumentError, "keys (#{unknown_keys.sort.to_sentence}) not in known keys (#{key_set.sort.to_sentence})"
+    end
+    context 'with CIDR' do
+      let(:formatted_value) {
+        '1:2:3:4:5:6:7:8/48'
+      }
+      it_should_behave_like 'match', ipv6.include?(:cidr)
+    end
+    context 'with range' do
+      let(:formatted_value) {
+        '1:2:3:4:5:6:7:8-9:10:11:12:13:14:15:16'
+      }
+      it_should_behave_like 'match', ipv6.include?(:range)
+    end
+    context 'with single' do
+      let(:formatted_value) {
+        '1:2:3:4:5:6:7:8'
+      }
+      it_should_behave_like 'match', ipv6.include?(:single)
+    end
+  end
+end

data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_children.rb ADDED Viewed

@@ -0,0 +1,38 @@
+RSpec.shared_examples_for 'MetasploitDataModels::Search::Visitor::Includes#visit with #children' do
+  let(:children) do
+    2.times.collect { |n|
+      double("Child #{n}")
+    }
+  end
+  let(:node) do
+    node_class.new(
+        :children => children
+    )
+  end
+  it 'should visit each child' do
+    # needed for call to visit subject
+    expect(visitor).to receive(:visit).with(node).and_call_original
+    children.each do |child|
+      expect(visitor).to receive(:visit).with(child).and_return([])
+    end
+    visit
+  end
+  it 'should return Array of all child visits' do
+    child_visits = []
+    expect(visitor).to receive(:visit).with(node).and_call_original
+    children.each_with_index do |child, i|
+      child_visit = ["Visited Child #{i}"]
+      allow(visitor).to receive(:visit).with(child).and_return(child_visit)
+      child_visits.concat(child_visit)
+    end
+    expect(visit).to eq(child_visits)
+  end
+end

data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_metasploit_model_search_operation_base.rb ADDED Viewed

@@ -0,0 +1,26 @@
+RSpec.shared_examples_for 'MetasploitDataModels::Search::Visitor::Includes#visit with Metasploit::Model::Search::Operation::Base' do
+  let(:operator) do
+    double('Operation Operator')
+  end
+  let(:node) do
+    node_class.new(
+        :operator => operator
+    )
+  end
+  it 'should visit operator' do
+    expect(visitor).to receive(:visit).with(node).and_call_original
+    expect(visitor).to receive(:visit).with(operator).and_return([])
+    visit
+  end
+  it 'should return operator visit' do
+    operator_visit = ["Visited Operator"]
+    expect(visitor).to receive(:visit).with(node).and_call_original
+    allow(visitor).to receive(:visit).with(operator).and_return(operator_visit)
+    expect(visit).to eq(operator_visit)
+  end
+end

data/spec/support/shared/examples/metasploit_data_models/search/visitor/relation/visit/matching_record.rb ADDED Viewed

@@ -0,0 +1,50 @@
+RSpec.shared_examples_for 'MetasploitDataModels::Search::Visitor::Relation#visit matching record' do |options={}|
+  options.assert_valid_keys(:attribute, :association)
+  attribute = options.fetch(:attribute)
+  association = options[:association]
+  def self.nested_hash_to_array(association)
+    case association
+      when Hash
+        hash = association
+        keys = hash.keys
+        unless keys.length == 1
+          raise ArgumentError, 'Only single key Hashes are allowed to nest associations'
+        end
+        parent_association = keys.first
+        child_association = hash[parent_association]
+        [parent_association, *nested_hash_to_array(child_association)]
+      when Symbol
+        [association]
+      when nil
+        []
+      else
+        raise TypeError, "Cannot convert #{association.class} (#{association}) to array"
+    end
+  end
+  associations = nested_hash_to_array(association)
+  messages = [*associations, attribute]
+  formatted_operator = messages.map(&:to_s).join('.')
+  context "with #{formatted_operator}" do
+    let(:formatted) do
+      "#{formatted_operator}:\"#{value}\""
+    end
+    let(:value) do
+      messages.inject(matching_record) { |instance, message|
+        # wrap in array so singel and plural associatins can be handled the same
+        Array.wrap(instance.send(message)).first
+      }
+    end
+    it 'should find only matching record' do
+      expect(visit).to match_array([matching_record])
+    end
+  end
+end

data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_equality.rb ADDED Viewed

@@ -0,0 +1,34 @@
+RSpec.shared_examples_for 'MetasploitDataModels::Search::Visitor::Where#visit with equality operation' do
+  let(:node) do
+    node_class.new(
+        :operator => operator,
+        :value => value
+    )
+  end
+  let(:operator) do
+    Metasploit::Model::Search::Operator::Attribute.new(
+        # any class that responds to arel_table
+        :klass => Mdm::Host
+    )
+  end
+  let(:value) do
+    "value"
+  end
+  it 'should visit operation.operator with attribute_visitor' do
+    expect(visitor.attribute_visitor).to receive(:visit).with(operator).and_call_original
+    visit
+  end
+  it 'should call eq on Arel::Attributes::Attribute from attribute_visitor' do
+    attribute = double('Visited Operator')
+    allow(visitor.attribute_visitor).to receive(:visit).with(operator).and_return(attribute)
+    expect(attribute).to receive(:eq).with(value)
+    visit
+  end
+end

data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_metasploit_model_search_group_base.rb ADDED Viewed

@@ -0,0 +1,51 @@
+RSpec.shared_examples_for 'MetasploitDataModels::Search::Visitor::Where#visit with Metasploit::Model::Search*::Group::Base' do |options={}|
+  options.assert_valid_keys(:arel_class)
+  arel_class = options.fetch(:arel_class)
+  let(:children) do
+    2.times.collect { |n|
+      double("Group Child #{n}")
+    }
+  end
+  let(:node) do
+    node_class.new(
+        :children => children
+    )
+  end
+  it 'should visit each child' do
+    expect(visitor).to receive(:visit).with(node).and_call_original
+    children.each do |child|
+      expect(visitor).to receive(:visit).with(child).and_return(Arel::Nodes::Equality.new(1, 1))
+    end
+    visit
+  end
+  it "should combine children AREL with #{arel_class}" do
+    allow(visitor).to receive(:visit).with(node).and_call_original
+    child_visits = []
+    children.each_with_index do |child, i|
+      child_visit = Arel::Nodes::Equality.new(i, i)
+      allow(visitor).to receive(:visit).with(child).and_return(child_visit)
+      child_visits << child_visit
+    end
+    root = visit
+    if root.is_a? Arel::Nodes::Grouping
+      arel_pair = root.expr
+    else
+      arel_pair = root
+    end
+    expect(arel_pair).to be_a arel_class
+    expect(arel_pair.left).to eq(child_visits[0])
+    expect(arel_pair.right).to eq(child_visits[1])
+  end
+end