RubyGems - wg-metasploit_data_models - Versions diffs - 4.1.4.01 → 4.1.4.02 - Mend

wg-metasploit_data_models 4.1.4.01 → 4.1.4.02

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (440) hide show

checksums.yaml +4 -4
data/.coveralls.yml +1 -0
data/.github/workflows/verify.yml +68 -0
data/.gitignore +29 -0
data/.rspec +3 -0
data/.simplecov +38 -0
data/.yardopts +4 -0
data/CHANGELOG.md +6 -0
data/CONTRIBUTING.md +133 -0
data/Gemfile +46 -0
data/LICENSE +27 -0
data/README.md +65 -0
data/RELEASING.md +82 -0
data/Rakefile +72 -0
data/UPGRADING.md +1 -0
data/app/models/mdm/api_key.rb +61 -0
data/app/models/mdm/async_callback.rb +64 -0
data/app/models/mdm/client.rb +50 -0
data/app/models/mdm/cred.rb +205 -0
data/app/models/mdm/event.rb +83 -0
data/app/models/mdm/exploit_attempt.rb +105 -0
data/app/models/mdm/exploited_host.rb +42 -0
data/app/models/mdm/host.rb +619 -0
data/app/models/mdm/host_detail.rb +62 -0
data/app/models/mdm/host_tag.rb +49 -0
data/app/models/mdm/listener.rb +82 -0
data/app/models/mdm/loot.rb +161 -0
data/app/models/mdm/macro.rb +62 -0
data/app/models/mdm/mod_ref.rb +24 -0
data/app/models/mdm/module/action.rb +33 -0
data/app/models/mdm/module/arch.rb +28 -0
data/app/models/mdm/module/author.rb +34 -0
data/app/models/mdm/module/detail.rb +388 -0
data/app/models/mdm/module/mixin.rb +31 -0
data/app/models/mdm/module/platform.rb +29 -0
data/app/models/mdm/module/ref.rb +42 -0
data/app/models/mdm/module/target.rb +37 -0
data/app/models/mdm/nexpose_console.rb +121 -0
data/app/models/mdm/note.rb +125 -0
data/app/models/mdm/payload.rb +103 -0
data/app/models/mdm/profile.rb +45 -0
data/app/models/mdm/ref.rb +48 -0
data/app/models/mdm/route.rb +28 -0
data/app/models/mdm/service.rb +267 -0
data/app/models/mdm/session.rb +203 -0
data/app/models/mdm/session_event.rb +44 -0
data/app/models/mdm/tag.rb +114 -0
data/app/models/mdm/task.rb +168 -0
data/app/models/mdm/task_cred.rb +45 -0
data/app/models/mdm/task_host.rb +41 -0
data/app/models/mdm/task_service.rb +41 -0
data/app/models/mdm/task_session.rb +41 -0
data/app/models/mdm/user.rb +230 -0
data/app/models/mdm/vuln.rb +204 -0
data/app/models/mdm/vuln_attempt.rb +76 -0
data/app/models/mdm/vuln_detail.rb +156 -0
data/app/models/mdm/vuln_ref.rb +21 -0
data/app/models/mdm/web_form.rb +53 -0
data/app/models/mdm/web_page.rb +92 -0
data/app/models/mdm/web_site.rb +113 -0
data/app/models/mdm/web_vuln.rb +193 -0
data/app/models/mdm/wmap_request.rb +101 -0
data/app/models/mdm/wmap_target.rb +56 -0
data/app/models/mdm/workspace.rb +286 -0
data/app/models/metasploit_data_models/automatic_exploitation/match.rb +43 -0
data/app/models/metasploit_data_models/automatic_exploitation/match_result.rb +71 -0
data/app/models/metasploit_data_models/automatic_exploitation/match_set.rb +40 -0
data/app/models/metasploit_data_models/automatic_exploitation/run.rb +29 -0
data/app/models/metasploit_data_models/ip_address/v4/cidr.rb +14 -0
data/app/models/metasploit_data_models/ip_address/v4/nmap.rb +14 -0
data/app/models/metasploit_data_models/ip_address/v4/range.rb +12 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list.rb +125 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range.rb +12 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/single.rb +123 -0
data/app/models/metasploit_data_models/ip_address/v4/segmented.rb +200 -0
data/app/models/metasploit_data_models/ip_address/v4/single.rb +53 -0
data/app/models/metasploit_data_models/module_run.rb +213 -0
data/app/models/metasploit_data_models/search/operation/ip_address.rb +60 -0
data/app/models/metasploit_data_models/search/operation/port/number.rb +25 -0
data/app/models/metasploit_data_models/search/operation/port/range.rb +79 -0
data/app/models/metasploit_data_models/search/operation/range.rb +56 -0
data/app/models/metasploit_data_models/search/operator/ip_address.rb +33 -0
data/app/models/metasploit_data_models/search/operator/multitext.rb +73 -0
data/app/models/metasploit_data_models/search/operator/port/list.rb +67 -0
data/app/models/metasploit_data_models/search/visitor/attribute.rb +17 -0
data/app/models/metasploit_data_models/search/visitor/includes.rb +47 -0
data/app/models/metasploit_data_models/search/visitor/joins.rb +67 -0
data/app/models/metasploit_data_models/search/visitor/method.rb +16 -0
data/app/models/metasploit_data_models/search/visitor/relation.rb +91 -0
data/app/models/metasploit_data_models/search/visitor/where.rb +128 -0
data/config/initializers/arel_helper.rb +5 -0
data/config/initializers/ipaddr.rb +29 -0
data/config/locales/en.yml +94 -0
data/console_db.yml +9 -0
data/db/migrate/000_create_tables.rb +79 -0
data/db/migrate/001_add_wmap_tables.rb +35 -0
data/db/migrate/002_add_workspaces.rb +36 -0
data/db/migrate/003_move_notes.rb +20 -0
data/db/migrate/004_add_events_table.rb +16 -0
data/db/migrate/005_expand_info.rb +58 -0
data/db/migrate/006_add_timestamps.rb +26 -0
data/db/migrate/007_add_loots.rb +20 -0
data/db/migrate/008_create_users.rb +16 -0
data/db/migrate/009_add_loots_ctype.rb +10 -0
data/db/migrate/010_add_alert_fields.rb +16 -0
data/db/migrate/011_add_reports.rb +19 -0
data/db/migrate/012_add_tasks.rb +24 -0
data/db/migrate/013_add_tasks_result.rb +10 -0
data/db/migrate/014_add_loots_fields.rb +12 -0
data/db/migrate/015_rename_user.rb +16 -0
data/db/migrate/016_add_host_purpose.rb +10 -0
data/db/migrate/017_expand_info2.rb +58 -0
data/db/migrate/018_add_workspace_user_info.rb +29 -0
data/db/migrate/019_add_workspace_desc.rb +23 -0
data/db/migrate/020_add_user_preferences.rb +11 -0
data/db/migrate/021_standardize_info_and_data.rb +18 -0
data/db/migrate/022_enlarge_event_info.rb +10 -0
data/db/migrate/023_add_report_downloaded_at.rb +10 -0
data/db/migrate/024_convert_service_info_to_text.rb +12 -0
data/db/migrate/025_add_user_admin.rb +19 -0
data/db/migrate/026_add_creds_table.rb +19 -0
data/db/migrate/20100819123300_migrate_cred_data.rb +154 -0
data/db/migrate/20100824151500_add_exploited_table.rb +16 -0
data/db/migrate/20100908001428_add_owner_to_workspaces.rb +9 -0
data/db/migrate/20100911122000_add_report_templates.rb +18 -0
data/db/migrate/20100916151530_require_admin_flag.rb +15 -0
data/db/migrate/20100916175000_add_campaigns_and_templates.rb +61 -0
data/db/migrate/20100920012100_add_generate_exe_column.rb +8 -0
data/db/migrate/20100926214000_add_template_prefs.rb +11 -0
data/db/migrate/20101001000000_add_web_tables.rb +57 -0
data/db/migrate/20101002000000_add_query.rb +10 -0
data/db/migrate/20101007000000_add_vuln_info.rb +15 -0
data/db/migrate/20101008111800_add_clients_to_campaigns.rb +10 -0
data/db/migrate/20101009023300_add_campaign_attachments.rb +15 -0
data/db/migrate/20101104135100_add_imported_creds.rb +17 -0
data/db/migrate/20101203000000_fix_web_tables.rb +34 -0
data/db/migrate/20101203000001_expand_host_comment.rb +12 -0
data/db/migrate/20101206212033_add_limit_to_network_to_workspaces.rb +9 -0
data/db/migrate/20110112154300_add_module_uuid_to_tasks.rb +9 -0
data/db/migrate/20110204112800_add_host_tags.rb +28 -0
data/db/migrate/20110317144932_add_session_table.rb +110 -0
data/db/migrate/20110414180600_add_local_id_to_session_table.rb +11 -0
data/db/migrate/20110415175705_add_routes_table.rb +18 -0
data/db/migrate/20110422000000_convert_binary.rb +73 -0
data/db/migrate/20110425095900_add_last_seen_to_sessions.rb +8 -0
data/db/migrate/20110513143900_track_successful_exploits.rb +31 -0
data/db/migrate/20110517160800_rename_and_prune_nessus_vulns.rb +26 -0
data/db/migrate/20110527000000_add_task_id_to_reports_table.rb +11 -0
data/db/migrate/20110527000001_add_api_keys_table.rb +12 -0
data/db/migrate/20110606000001_add_macros_table.rb +16 -0
data/db/migrate/20110622000000_add_settings_to_tasks_table.rb +12 -0
data/db/migrate/20110624000001_add_listeners_table.rb +19 -0
data/db/migrate/20110625000001_add_macro_to_listeners_table.rb +12 -0
data/db/migrate/20110630000001_add_nexpose_consoles_table.rb +21 -0
data/db/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb +12 -0
data/db/migrate/20110717000001_add_profiles_table.rb +15 -0
data/db/migrate/20110727163801_expand_cred_ptype_column.rb +9 -0
data/db/migrate/20110730000001_add_initial_indexes.rb +85 -0
data/db/migrate/20110812000001_prune_indexes.rb +23 -0
data/db/migrate/20110922000000_expand_notes.rb +9 -0
data/db/migrate/20110928101300_add_mod_ref_table.rb +17 -0
data/db/migrate/20111011110000_add_display_name_to_reports_table.rb +24 -0
data/db/migrate/20111203000000_inet_columns.rb +13 -0
data/db/migrate/20111204000000_more_inet_columns.rb +17 -0
data/db/migrate/20111210000000_add_scope_to_hosts.rb +9 -0
data/db/migrate/20120126110000_add_virtual_host_to_hosts.rb +9 -0
data/db/migrate/20120411173220_rename_workspace_members.rb +9 -0
data/db/migrate/20120601152442_add_counter_caches_to_hosts.rb +21 -0
data/db/migrate/20120625000000_add_vuln_details.rb +34 -0
data/db/migrate/20120625000001_add_host_details.rb +16 -0
data/db/migrate/20120625000002_expand_details.rb +16 -0
data/db/migrate/20120625000003_expand_details2.rb +24 -0
data/db/migrate/20120625000004_add_vuln_attempts.rb +19 -0
data/db/migrate/20120625000005_add_vuln_and_host_counter_caches.rb +14 -0
data/db/migrate/20120625000006_add_module_details.rb +118 -0
data/db/migrate/20120625000007_add_exploit_attempts.rb +26 -0
data/db/migrate/20120625000008_add_fail_message.rb +12 -0
data/db/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb +13 -0
data/db/migrate/20130228214900_change_required_columns_to_null_false_in_web_vulns.rb +19 -0
data/db/migrate/20130412154159_change_foreign_key_in_module_actions.rb +25 -0
data/db/migrate/20130412171844_change_foreign_key_in_module_archs.rb +25 -0
data/db/migrate/20130412173121_change_foreign_key_in_module_authors.rb +25 -0
data/db/migrate/20130412173640_change_foreign_key_in_module_mixins.rb +25 -0
data/db/migrate/20130412174254_change_foreign_key_in_module_platforms.rb +25 -0
data/db/migrate/20130412174719_change_foreign_key_in_module_refs.rb +25 -0
data/db/migrate/20130412175040_change_foreign_key_in_module_targets.rb +25 -0
data/db/migrate/20130423211152_add_creds_counter_cache.rb +24 -0
data/db/migrate/20130430151353_change_required_columns_to_null_false_in_hosts.rb +11 -0
data/db/migrate/20130430162145_enforce_address_uniqueness_in_workspace_in_hosts.rb +101 -0
data/db/migrate/20130510021637_remove_campaigns.rb +11 -0
data/db/migrate/20130515164311_change_web_vulns_confidence_to_integer.rb +48 -0
data/db/migrate/20130515172727_valid_mdm_web_vuln_params.rb +30 -0
data/db/migrate/20130516204810_making_vulns_refs_a_real_ar_model.rb +5 -0
data/db/migrate/20130522001343_create_task_creds.rb +9 -0
data/db/migrate/20130522032517_create_task_hosts.rb +9 -0
data/db/migrate/20130522041110_create_task_services.rb +9 -0
data/db/migrate/20130525015035_remove_campaign_id_from_clients.rb +9 -0
data/db/migrate/20130525212420_drop_table_imported_creds.rb +14 -0
data/db/migrate/20130531144949_making_host_tags_a_real_ar_model.rb +6 -0
data/db/migrate/20130604145732_create_task_sessions.rb +9 -0
data/db/migrate/20130717150737_remove_pname_validation.rb +7 -0
data/db/migrate/20131002004641_create_automatic_exploitation_matches.rb +13 -0
data/db/migrate/20131002164449_create_automatic_exploitation_match_sets.rb +12 -0
data/db/migrate/20131008213344_create_automatic_exploitation_runs.rb +11 -0
data/db/migrate/20131011184338_module_detail_on_automatic_exploitation_match.rb +10 -0
data/db/migrate/20131017150735_create_automatic_exploitation_match_results.rb +11 -0
data/db/migrate/20131021185657_make_match_polymorphic.rb +11 -0
data/db/migrate/20140905031549_add_detected_arch_to_host.rb +5 -0
data/db/migrate/20150112203945_remove_duplicate_services.rb +17 -0
data/db/migrate/20150205192745_drop_service_uniqueness_index.rb +5 -0
data/db/migrate/20150209195939_add_vuln_id_to_note.rb +6 -0
data/db/migrate/20150212214222_remove_duplicate_services2.rb +17 -0
data/db/migrate/20150219173821_create_module_runs.rb +23 -0
data/db/migrate/20150219215039_add_module_run_to_session.rb +8 -0
data/db/migrate/20150226151459_add_module_run_fk_to_loot.rb +8 -0
data/db/migrate/20150312155312_add_module_full_name_to_match.rb +6 -0
data/db/migrate/20150317145455_rename_module_indices.rb +29 -0
data/db/migrate/20150326183742_add_missing_ae_indices.rb +13 -0
data/db/migrate/20150421211719_rename_automatic_exploitation_index.rb +16 -0
data/db/migrate/20150514182921_add_origin_to_mdm_vuln.rb +13 -0
data/db/migrate/20160415153312_remove_not_null_from_web_vuln_p_arams.rb +5 -0
data/db/migrate/20161004165612_add_fingerprinted_to_workspace.rb +5 -0
data/db/migrate/20161227212223_add_os_family_to_hosts.rb +5 -0
data/db/migrate/20180904120211_create_payloads.rb +21 -0
data/db/migrate/20190308134512_create_async_callbacks.rb +13 -0
data/db/migrate/20190507120211_remove_payload_workspaces.rb +5 -0
data/lib/mdm/host/operating_system_normalization.rb +942 -0
data/lib/mdm/module.rb +13 -0
data/lib/mdm.rb +57 -0
data/lib/metasploit_data_models/automatic_exploitation.rb +25 -0
data/lib/metasploit_data_models/base64_serializer.rb +99 -0
data/lib/metasploit_data_models/change_required_columns_to_null_false.rb +21 -0
data/lib/metasploit_data_models/engine.rb +32 -0
data/lib/metasploit_data_models/ip_address/cidr.rb +174 -0
data/lib/metasploit_data_models/ip_address/range.rb +181 -0
data/lib/metasploit_data_models/ip_address/v4/segment/nmap.rb +7 -0
data/lib/metasploit_data_models/ip_address/v4/segment.rb +7 -0
data/lib/metasploit_data_models/ip_address/v4.rb +11 -0
data/lib/metasploit_data_models/ip_address.rb +9 -0
data/lib/metasploit_data_models/match/child.rb +48 -0
data/lib/metasploit_data_models/match/parent.rb +103 -0
data/lib/metasploit_data_models/match.rb +8 -0
data/lib/metasploit_data_models/search/operation/port.rb +9 -0
data/lib/metasploit_data_models/search/operation.rb +9 -0
data/lib/metasploit_data_models/search/operator/port.rb +6 -0
data/lib/metasploit_data_models/search/operator.rb +8 -0
data/lib/metasploit_data_models/search/visitor.rb +11 -0
data/lib/metasploit_data_models/search.rb +8 -0
data/lib/metasploit_data_models/serialized_prefs.rb +27 -0
data/lib/metasploit_data_models/version.rb +13 -0
data/lib/metasploit_data_models.rb +56 -0
data/metasploit_data_models.gemspec +65 -0
data/script/rails +8 -0
data/spec/app/models/mdm/api_key_spec.rb +3 -0
data/spec/app/models/mdm/client_spec.rb +43 -0
data/spec/app/models/mdm/cred_spec.rb +346 -0
data/spec/app/models/mdm/event_spec.rb +90 -0
data/spec/app/models/mdm/exploit_attempt_spec.rb +59 -0
data/spec/app/models/mdm/exploited_host_spec.rb +44 -0
data/spec/app/models/mdm/host_detail_spec.rb +48 -0
data/spec/app/models/mdm/host_spec.rb +1139 -0
data/spec/app/models/mdm/host_tag_spec.rb +69 -0
data/spec/app/models/mdm/listener_spec.rb +107 -0
data/spec/app/models/mdm/loot_spec.rb +84 -0
data/spec/app/models/mdm/macro_spec.rb +3 -0
data/spec/app/models/mdm/mod_ref_spec.rb +3 -0
data/spec/app/models/mdm/module/action_spec.rb +34 -0
data/spec/app/models/mdm/module/arch_spec.rb +34 -0
data/spec/app/models/mdm/module/author_spec.rb +52 -0
data/spec/app/models/mdm/module/detail_spec.rb +746 -0
data/spec/app/models/mdm/module/mixin_spec.rb +34 -0
data/spec/app/models/mdm/module/platform_spec.rb +34 -0
data/spec/app/models/mdm/module/ref_spec.rb +58 -0
data/spec/app/models/mdm/module/target_spec.rb +36 -0
data/spec/app/models/mdm/nexpose_console_spec.rb +146 -0
data/spec/app/models/mdm/note_spec.rb +91 -0
data/spec/app/models/mdm/profile_spec.rb +3 -0
data/spec/app/models/mdm/ref_spec.rb +71 -0
data/spec/app/models/mdm/route_spec.rb +35 -0
data/spec/app/models/mdm/service_spec.rb +232 -0
data/spec/app/models/mdm/session_event_spec.rb +42 -0
data/spec/app/models/mdm/session_spec.rb +118 -0
data/spec/app/models/mdm/tag_spec.rb +116 -0
data/spec/app/models/mdm/task_cred_spec.rb +51 -0
data/spec/app/models/mdm/task_host_spec.rb +50 -0
data/spec/app/models/mdm/task_service_spec.rb +50 -0
data/spec/app/models/mdm/task_session_spec.rb +46 -0
data/spec/app/models/mdm/task_spec.rb +71 -0
data/spec/app/models/mdm/user_spec.rb +50 -0
data/spec/app/models/mdm/vuln_attempt_spec.rb +53 -0
data/spec/app/models/mdm/vuln_detail_spec.rb +65 -0
data/spec/app/models/mdm/vuln_ref_spec.rb +46 -0
data/spec/app/models/mdm/vuln_spec.rb +299 -0
data/spec/app/models/mdm/web_form_spec.rb +46 -0
data/spec/app/models/mdm/web_page_spec.rb +101 -0
data/spec/app/models/mdm/web_site_spec.rb +85 -0
data/spec/app/models/mdm/web_vuln_spec.rb +312 -0
data/spec/app/models/mdm/wmap_request_spec.rb +5 -0
data/spec/app/models/mdm/wmap_target_spec.rb +5 -0
data/spec/app/models/mdm/workspace_spec.rb +500 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_result_spec.rb +86 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_set_spec.rb +46 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_spec.rb +37 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/run_spec.rb +38 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/cidr_spec.rb +119 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/nmap_spec.rb +149 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/range_spec.rb +298 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list_spec.rb +276 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range_spec.rb +302 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/segmented_spec.rb +27 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/single_spec.rb +324 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/single_spec.rb +181 -0
data/spec/app/models/metasploit_data_models/module_run_spec.rb +134 -0
data/spec/app/models/metasploit_data_models/search/operation/ip_address_spec.rb +180 -0
data/spec/app/models/metasploit_data_models/search/operation/port/number_spec.rb +39 -0
data/spec/app/models/metasploit_data_models/search/operation/port/range_spec.rb +138 -0
data/spec/app/models/metasploit_data_models/search/operation/range_spec.rb +233 -0
data/spec/app/models/metasploit_data_models/search/operator/ip_address_spec.rb +17 -0
data/spec/app/models/metasploit_data_models/search/operator/multitext_spec.rb +160 -0
data/spec/app/models/metasploit_data_models/search/operator/port/list_spec.rb +162 -0
data/spec/app/models/metasploit_data_models/search/visitor/attribute_spec.rb +96 -0
data/spec/app/models/metasploit_data_models/search/visitor/includes_spec.rb +175 -0
data/spec/app/models/metasploit_data_models/search/visitor/joins_spec.rb +396 -0
data/spec/app/models/metasploit_data_models/search/visitor/method_spec.rb +49 -0
data/spec/app/models/metasploit_data_models/search/visitor/relation_spec.rb +925 -0
data/spec/app/models/metasploit_data_models/search/visitor/where_spec.rb +187 -0
data/spec/dummy/Rakefile +7 -0
data/spec/dummy/app/assets/config/manifest.js +1 -0
data/spec/dummy/app/assets/javascripts/application.js +15 -0
data/spec/dummy/app/assets/stylesheets/application.css +13 -0
data/spec/dummy/app/controllers/application_controller.rb +3 -0
data/spec/dummy/app/helpers/application_helper.rb +2 -0
data/spec/dummy/app/mailers/.gitkeep +0 -0
data/spec/dummy/app/models/.gitkeep +0 -0
data/spec/dummy/app/models/application_record.rb +3 -0
data/spec/dummy/app/views/layouts/application.html.erb +14 -0
data/spec/dummy/bin/bundle +3 -0
data/spec/dummy/bin/rails +4 -0
data/spec/dummy/bin/rake +4 -0
data/spec/dummy/config/application.rb +61 -0
data/spec/dummy/config/boot.rb +4 -0
data/spec/dummy/config/database.yml.example +22 -0
data/spec/dummy/config/database.yml.github_actions +21 -0
data/spec/dummy/config/environment.rb +5 -0
data/spec/dummy/config/environments/development.rb +37 -0
data/spec/dummy/config/environments/production.rb +78 -0
data/spec/dummy/config/environments/test.rb +39 -0
data/spec/dummy/config/initializers/active_record_migrations.rb +4 -0
data/spec/dummy/config/initializers/assets.rb +8 -0
data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/spec/dummy/config/initializers/cookies_serializer.rb +3 -0
data/spec/dummy/config/initializers/filter_parameter_logging.rb +4 -0
data/spec/dummy/config/initializers/inflections.rb +16 -0
data/spec/dummy/config/initializers/mime_types.rb +4 -0
data/spec/dummy/config/initializers/session_store.rb +3 -0
data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
data/spec/dummy/config/locales/en.yml +23 -0
data/spec/dummy/config/routes.rb +2 -0
data/spec/dummy/config.ru +4 -0
data/spec/dummy/db/structure.sql +3430 -0
data/spec/dummy/db/structure.sql.from_rails_3 +3403 -0
data/spec/dummy/lib/assets/.gitkeep +0 -0
data/spec/dummy/log/.gitkeep +0 -0
data/spec/dummy/public/404.html +26 -0
data/spec/dummy/public/422.html +26 -0
data/spec/dummy/public/500.html +25 -0
data/spec/dummy/public/favicon.ico +0 -0
data/spec/dummy/script/rails +6 -0
data/spec/factories/mdm/addresses.rb +12 -0
data/spec/factories/mdm/clients.rb +8 -0
data/spec/factories/mdm/creds.rb +17 -0
data/spec/factories/mdm/events.rb +15 -0
data/spec/factories/mdm/exploit_attempts.rb +8 -0
data/spec/factories/mdm/exploited_hosts.rb +7 -0
data/spec/factories/mdm/fingerprints/nessus_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/nexpose_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/nmap_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/retina_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/session_fingerprints.rb +6 -0
data/spec/factories/mdm/host_details.rb +8 -0
data/spec/factories/mdm/host_tags.rb +9 -0
data/spec/factories/mdm/hosts.rb +85 -0
data/spec/factories/mdm/listeners.rb +12 -0
data/spec/factories/mdm/loots.rb +11 -0
data/spec/factories/mdm/module/actions.rb +14 -0
data/spec/factories/mdm/module/archs.rb +14 -0
data/spec/factories/mdm/module/authors.rb +22 -0
data/spec/factories/mdm/module/details.rb +73 -0
data/spec/factories/mdm/module/mixins.rb +14 -0
data/spec/factories/mdm/module/platforms.rb +14 -0
data/spec/factories/mdm/module/refs.rb +14 -0
data/spec/factories/mdm/module/targets.rb +19 -0
data/spec/factories/mdm/nexpose_consoles.rb +15 -0
data/spec/factories/mdm/notes.rb +12 -0
data/spec/factories/mdm/refs.rb +9 -0
data/spec/factories/mdm/routes.rb +36 -0
data/spec/factories/mdm/services.rb +41 -0
data/spec/factories/mdm/session_events.rb +8 -0
data/spec/factories/mdm/sessions.rb +13 -0
data/spec/factories/mdm/tags.rb +14 -0
data/spec/factories/mdm/task.rb +16 -0
data/spec/factories/mdm/task_creds.rb +9 -0
data/spec/factories/mdm/task_hosts.rb +9 -0
data/spec/factories/mdm/task_services.rb +8 -0
data/spec/factories/mdm/task_sessions.rb +8 -0
data/spec/factories/mdm/users.rb +22 -0
data/spec/factories/mdm/vuln_attempts.rb +8 -0
data/spec/factories/mdm/vuln_details.rb +8 -0
data/spec/factories/mdm/vuln_refs.rb +4 -0
data/spec/factories/mdm/vulns.rb +20 -0
data/spec/factories/mdm/web_forms.rb +33 -0
data/spec/factories/mdm/web_pages.rb +64 -0
data/spec/factories/mdm/web_sites.rb +8 -0
data/spec/factories/mdm/web_vulns.rb +64 -0
data/spec/factories/mdm/workspaces.rb +23 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/match_results.rb +7 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/match_sets.rb +8 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/matches.rb +7 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/runs.rb +6 -0
data/spec/factories/module_runs.rb +40 -0
data/spec/lib/base64_serializer_spec.rb +172 -0
data/spec/lib/ipaddr_spec.rb +29 -0
data/spec/lib/metasploit_data_models/ip_address/cidr_spec.rb +356 -0
data/spec/lib/metasploit_data_models/ip_address/range_spec.rb +75 -0
data/spec/lib/metasploit_data_models/match/child_spec.rb +59 -0
data/spec/lib/metasploit_data_models/match/parent_spec.rb +153 -0
data/spec/lib/metasploit_data_models_spec.rb +13 -0
data/spec/spec_helper.rb +148 -0
data/spec/support/matchers/match_regex_exactly.rb +28 -0
data/spec/support/shared/contexts/rex/text.rb +15 -0
data/spec/support/shared/examples/coerces_inet_column_type_to_string.rb +15 -0
data/spec/support/shared/examples/mdm/module/detail/does_not_support_stance_with_mtype.rb +20 -0
data/spec/support/shared/examples/mdm/module/detail/supports_stance_with_mtype.rb +36 -0
data/spec/support/shared/examples/metasploit_data_models/search/operation/ipaddress/match.rb +109 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_children.rb +38 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_metasploit_model_search_operation_base.rb +26 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/relation/visit/matching_record.rb +50 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_equality.rb +34 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_metasploit_model_search_group_base.rb +51 -0
metadata +444 -6

data/app/models/mdm/note.rb ADDED Viewed

@@ -0,0 +1,125 @@
+# Data gathered or derived from the {#host} or {#service} such as its {#ntype fingerprint}.
+class Mdm::Note < ApplicationRecord
+  #
+  # Associations
+  #
+  # @!attribute [rw] host
+  #   The host to which this note is attached.
+  #
+  #   @return [Mdm::Host] if note is attached to an {Mdm::Host}.
+  #   @return [nil] if note is attached to an {Mdm::Service}.
+  belongs_to :host,
+             class_name: 'Mdm::Host',
+             counter_cache: :note_count,
+             inverse_of: :notes
+  # @!attribute [rw] service
+  #   The service to which this note is attached.
+  #
+  #   @return [Mdm::Service] if note is attached to an {Mdm::Service}.
+  #   @return [nil] if not is attached to an {Mdm::Host}.
+  belongs_to :service,
+             class_name: 'Mdm::Service',
+             inverse_of: :notes
+  # @!attribute [rw] vuln
+  #   The vuln to which this note is attached.
+  #
+  #   @return [Mdm::Vuln] if note is attached to an {Mdm::Vuln}.
+  #   @return [nil] if not is attached to an {Mdm::Host}.
+  belongs_to :vuln,
+             class_name: 'Mdm::Vuln',
+             inverse_of: :notes
+  # @!attribute [rw] workspace
+  #   The workspace in which the {#host} or {#service} exists.
+  #
+  #   @return [Mdm::Workspace]
+  belongs_to :workspace,
+             class_name: 'Mdm::Workspace',
+             inverse_of: :notes
+  #
+  # Attributes
+  #
+  # @!attribute [rw] created_at
+  #   When the note was created.
+  #
+  #   @return [DateTime]
+  # @!attribute [rw] critical
+  #   Whether this note is critical or not.
+  #
+  #   @return [Boolean]
+  # @!attribute [rw] data
+  #   A Hash of data about the {#host} or {#service}.
+  #
+  #   @return [Hash]
+  # @!attribute [rw] ntype
+  #   The type of note.  Usually a dot-separateed name like 'host.updated.<foo>'.
+  #
+  #   @return [String]
+  # @!attribute [rw] seen
+  #   Whether any user has seen this note.
+  #
+  #   @return [Boolean]
+  # @!attribute [rw] updated_at
+  #   The last time the note was updated.
+  #
+  #   @return [DateTime]
+  #
+  # Callbacks
+  #
+  after_save :normalize
+  #
+  # Scopes
+  #
+  scope :flagged, -> { where('critical = true AND seen = false') }
+  scope :visible, -> { where(Mdm::Note[:ntype].not_in(['web.form', 'web.url', 'web.vuln'])) }
+  scope :search, lambda { |*args|
+    joins(:host).
+      where(
+        "(notes.data NOT ILIKE 'BAh7%' AND notes.data LIKE ?) " +
+          "OR (notes.data ILIKE 'BAh7%' AND decode(notes.data, 'base64') LIKE ?) " +
+          'OR notes.ntype ILIKE ? ' +
+          'OR COALESCE(hosts.name, CAST(hosts.address AS TEXT)) ILIKE ?',
+        "%#{args[0]}%", "%#{args[0]}%", "%#{args[0]}%", "%#{args[0]}%"
+      )
+  }
+  #
+  # Serializations
+  #
+  serialize :data, ::MetasploitDataModels::Base64Serializer.new
+  private
+  # {Mdm::Host::OperatingSystemNormalization#normalize_os Normalizes the host operating system} if the note is a
+  # {#ntype fingerprint}.
+  #
+  # @return [void]
+  def normalize
+    if saved_change_to_data? and ntype =~ /fingerprint/ && host.workspace.present? && !host.workspace.import_fingerprint
+      host.normalize_os
+    end
+  end
+  public
+  Metasploit::Concern.run(self)
+end

data/app/models/mdm/payload.rb ADDED Viewed

@@ -0,0 +1,103 @@
+# A payload that has been generated by Metasploit and used to establish {Mdm::Session}.
+class Mdm::Payload < ApplicationRecord
+  extend ActiveSupport::Autoload
+  include Metasploit::Model::Search
+  #
+  # Associations
+  #
+  #
+  # Attributes
+  #
+  # @!attribute [rw] name
+  #   The name of this payload.
+  #
+  #   @return [String]
+  # @!attribute [rw] uuid
+  #   A unique identifier for this payload. The UUID is encoded to include specific information.
+  #   See lib/msf/core/payload/uuid.rb in the https://github.com/rapid7/metasploit-framework repo.
+  #
+  #   @return [String]
+  # @!attribute [rw] uuid_mask
+  #   The number of bytes of the UUID that this payload has embedded within it. This is to support
+  #   legacy payloads that limit the UUID to 8 bytes
+  #
+  #   @return [Integer]
+  # @!attribute [rw] timestamp
+  #   The Unix format timestamp when this payload was created.
+  #
+  #   @return [Integer]
+  # @!attribute [rw] arch
+  #   The architecture this payload supports.
+  #   Valid values are located at lib/msf/core/payload/uuid.rb in the https://github.com/rapid7/metasploit-framework repo.
+  #
+  #   @return [String]
+  # @!attribute [rw] platform
+  #   The platform this payload supports.
+  #   Valid values are located at lib/msf/core/payload/uuid.rb in the https://github.com/rapid7/metasploit-framework repo.
+  #
+  #   @return [String]
+  # @!attribute [rw] urls
+  #   The unique, encoded urls used to host this payload. Only applicable for http(s) payloads
+  #
+  #   @return [Array]
+  # @!attribute [rw] description
+  #   A description of why this payload was created and what it is being used for.
+  #
+  #   @return [String]
+  # @!attribute [rw] raw_payload
+  #   A URL pointing to where the binary payload can be downloaded from.
+  #
+  #   @return [String]
+  # @!attribute [rw] raw_payload_hash
+  #   The unique hash value for the generated payload binary
+  #
+  #   @return [String]
+  # @!attribute [rw] build_status
+  #   The current status of the job building the payload binary. Valid values are "started", "completed", and "error"
+  #
+  #   @return [String]
+  # @!attribute [rw] build_opts
+  #   A hash containing various options used to build this payload
+  #
+  #   @return [Hash]
+  #
+  # Validations
+  #
+  #
+  # Search Attributes
+  #
+  search_attribute :uuid,
+                   type: :string
+  #
+  # Serializations
+  #
+  serialize :urls
+  serialize :build_opts
+  public
+  Metasploit::Concern.run(self)
+end

data/app/models/mdm/profile.rb ADDED Viewed

@@ -0,0 +1,45 @@
+# User settings.
+class Mdm::Profile < ApplicationRecord
+  #
+  # Attributes
+  #
+  # @!attribute active
+  #   Whether this is the currently active profile.
+  #
+  #   @return [true] if this is the active profile.
+  #   @return [false] if this profile is inactive and another profile is active.
+  # @!attribute created_at
+  #   When this profile was created.
+  #
+  #   @return [DateTime]
+  # @!attribute name
+  #   Name of this profile to distinguish it from other profiles.
+  #
+  #   @return [String]
+  # @!attribute owner
+  #   Owner of this profile.
+  #
+  #   @return ['<system>'] System-wide profile for all users.
+  #   @return [String] Name of user that uses this profile.
+  # @!attribute updated_at
+  #   The last time this profile was updated.
+  #
+  #   @return [DateTime]
+  #
+  # Serializations
+  #
+  # Global settings.
+  #
+  # @return [Hash]
+  serialize :settings, MetasploitDataModels::Base64Serializer.new
+  Metasploit::Concern.run(self)
+end

data/app/models/mdm/ref.rb ADDED Viewed

@@ -0,0 +1,48 @@
+# An external vulnerability reference for vulnerabilities that aren't part of a module.  {Mdm::Module::Ref} should be
+# used whenever possible and Mdm::Ref should only be used when the vulnerability is from an import and can't be
+# correlated to a module and its {Mdm::Module::Detail}.
+class Mdm::Ref < ApplicationRecord
+  #
+  # Associations
+  #
+  # @!attribute [r] module_refs
+  #   {Mdm::Module::Ref Mdm::Module::Refs} with the same name as this ref.
+  #
+  #   @return [Array<Mdm::Module::Ref>]
+  has_many :module_refs,
+           :class_name => 'Mdm::Module::Ref',
+           :foreign_key => :name,
+           :primary_key => :name
+  # @!attribute [rw] vulns_refs
+  #   Join model to {Mdm::Vuln Mdm::Vulns}.  Use {#vulns} to get the actual {Mdm::Vuln Mdm::Vulns}.
+  #
+  #   @todo MSP-3066
+  #   @return [Array<Mdm::VulnRef>]
+  has_many :vulns_refs,
+           :class_name => 'Mdm::VulnRef',
+           inverse_of: :ref
+  #
+  # Through :vuln_refs
+  #
+  # @!attribute [rw] vulns
+  #   Vulnerabilities referenced by this reference.
+  #
+  #   @return [Array<Mdm::Vuln>]
+  has_many :vulns, :class_name => 'Mdm::Vuln', :through => :vulns_refs
+  #
+  # Attributes
+  #
+  # @!attribute [rw] name
+  #   Designation for external reference.  May include a prefix for the authority, such as 'CVE-', in which case the
+  #   rest of the name is the designation assigned by that authority.
+  #
+  #   @return [String]
+  Metasploit::Concern.run(self)
+end

data/app/models/mdm/route.rb ADDED Viewed

@@ -0,0 +1,28 @@
+# Network route that goes through a {#session} to allow accessing IPs on the remote end of the session.
+class Mdm::Route < ApplicationRecord
+  #
+  # Associations
+  #
+  # The session over which this route traverses.
+  belongs_to :session,
+             class_name: 'Mdm::Session',
+             inverse_of: :routes
+  #
+  # Attributes
+  #
+  # @!attribute netmask
+  #   The netmask for this route.
+  #
+  #   @return [String]
+  # @!attribute subnet
+  #   The subnet for this route.
+  #
+  #   @return [String]
+  Metasploit::Concern.run(self)
+end

data/app/models/mdm/service.rb ADDED Viewed

@@ -0,0 +1,267 @@
+# A service, such as an ssh server or web server, running on a {#host}.
+class Mdm::Service < ApplicationRecord
+  include Metasploit::Model::Search
+  #
+  # CONSTANTS
+  #
+  # Valid values for {#proto}.
+  PROTOS = %w{tcp udp}
+  # Valid values for {#state}.
+  STATES = ['open', 'closed', 'filtered', 'unknown']
+  #
+  # Associations
+  #
+  # @!attribute creds
+  #   Credentials gathered from this service.
+  #
+  #   @return [ActiveRecord::Relation<Mdm::Cred>]
+  has_many :creds,
+           class_name: 'Mdm::Cred',
+           dependent: :destroy,
+           inverse_of: :service
+  # @!attribute exploit_attempts
+  #   Exploit attempts against this service.
+  #
+  #   @return [ActiveRecord::Relation<Mdm::ExploitAttempt>]
+  has_many :exploit_attempts,
+           class_name: 'Mdm::ExploitAttempt',
+           dependent: :destroy,
+           inverse_of: :service
+  # @!attribute exploited_hosts
+  #   @todo MSP-2732
+  #   @return [Array<Mdm::ExploitHost>]
+  has_many :exploited_hosts,
+           class_name: 'Mdm::ExploitedHost',
+           dependent: :destroy,
+           inverse_of: :service
+  # @!attribute host
+  #   The host on which this service runs.
+  #
+  #   @return [Mdm::Host]
+  belongs_to :host,
+             class_name: 'Mdm::Host',
+             counter_cache: :service_count,
+             inverse_of: :services
+  # @!attribute loots
+  #   Loot gathers from this service.
+  #
+  #   @return [ActiveRecord::Relation<Mdm::Loot>]
+  has_many :loots,
+           class_name: 'Mdm::Loot',
+           dependent: :destroy,
+           inverse_of: :service
+  # @!attribute notes
+  #   Notes about this service.
+  #
+  #   @return [ActiveRecord::Relation<Mdm::Note>]
+  has_many :notes,
+           class_name: 'Mdm::Note',
+           dependent: :destroy,
+           inverse_of: :service
+  # @!attribute [rw] task_services
+  #   Details about what Tasks touched this service
+  #
+  #   @return [Array<Mdm::TaskService>]
+  has_many :task_services,
+           class_name: 'Mdm::TaskService',
+           dependent: :destroy,
+           inverse_of: :service
+  # @!attribute vulns
+  #   Vulnerabilities found in this service.
+  #
+  #   @return [ActiveRecord::Relation<Mdm::Vuln>]
+  has_many :vulns,
+           class_name: 'Mdm::Vuln',
+           dependent: :destroy,
+           inverse_of: :service
+  # @!attribute web_sites
+  #   Web sites running on top of this service.
+  #
+  #   @return [ActiveRecord::Relation<Mdm::WebSite>]
+  has_many :web_sites,
+           class_name: 'Mdm::WebSite',
+           dependent: :destroy,
+           inverse_of: :service
+  #
+  # through: :task_services
+  #
+  # @!attribute [rw] tasks
+  #   Tasks that touched this service
+  #
+  #   @return [Array<Mdm::Task>]
+  has_many :tasks, :through => :task_services, :class_name => 'Mdm::Task'
+  #
+  # Through :web_sites
+  #
+  # @!attribute [r] web_pages
+  #   Web pages in the {#web_sites} on top of this service.
+  #
+  #   @return [Array<Mdm::WebPages>]
+  has_many :web_pages, :through => :web_sites, :class_name => 'Mdm::WebPage'
+  # @!attribute [r] web_forms
+  #   Form in the {#web_sites} on top of this service.
+  #
+  #   @return [Array<Mdm::WebForm>]
+  has_many :web_forms, :through => :web_sites, :class_name => 'Mdm::WebForm'
+  # @!attribute [r] web_vulns
+  #   Vulnerabilities found in the {#web_sites} on top of this service.
+  #
+  #   @return [Array<Mdm::WebVuln>]
+  has_many :web_vulns, :through => :web_sites, :class_name => 'Mdm::WebVuln'
+  #
+  # Attributes
+  #
+  # @!attribute [rw] info
+  #   Additional information about the service that does not fit in the {#name} or {#proto}.
+  #
+  #   @return [String]
+  # @!attribute [rw] port
+  #   The port on which this service runs on the {#host}.
+  #
+  #   @return [Integer]
+  # @!attribute [rw] name
+  #    The name of the service.
+  #
+  #    @return [String]
+  # @!attribute [rw] proto
+  #   The protocol used by this service
+  #
+  #   @return [String]
+  # @!attribute [rw] state
+  #   Whether this service is opened, closed, filtered, or in an unknown state.
+  #
+  #   @return [String] element of {STATES}.
+  #
+  # Callbacks
+  #
+  after_save :normalize_host_os
+  #
+  # Scopes
+  #
+  scope :inactive, -> { where("services.state != 'open'") }
+  scope :with_state, lambda { |a_state|  where("services.state = ?", a_state)}
+  scope :search, lambda { |*args|
+    joins(:host).
+      where(
+        'services.name ILIKE ? OR ' +
+          'services.info ILIKE ? OR ' +
+          'services.proto ILIKE ? OR ' +
+          'services.port = ? OR ' +
+          'COALESCE(hosts.name, CAST(hosts.address AS TEXT)) ILIKE ?',
+         "%#{args[0]}%", "%#{args[0]}%", "%#{args[0]}%", (args[0].to_i > 0) ? args[0].to_i : 99999, "%#{args[0]}%"
+      )
+  }
+  #
+  #
+  # Search
+  #
+  #
+  #
+  # Search Associations
+  #
+  search_associations host: :tags
+  #
+  # Search Attributes
+  #
+  search_attribute :info,
+                   type: :string
+  search_attribute :name,
+                   type: :string
+  search_attribute :proto,
+                   type: {
+                       set: :string
+                   }
+  #
+  # Search Withs
+  #
+  search_with MetasploitDataModels::Search::Operator::Port::List
+  #
+  # Validations
+  #
+  validates :port,
+            numericality: {
+                only_integer: true
+            },
+            inclusion: {
+                in: 1..65535
+            }
+  validates :port,
+            uniqueness: {
+              message: 'already exists on this host and protocol',
+              scope: [
+                :host_id,
+                :proto
+              ]
+            }
+  validates :proto,
+            inclusion: {
+                in: PROTOS
+            }
+  #
+  # Class Methods
+  #
+  # Set of searchable values for {#proto}.
+  #
+  # @return [Set<String>] {PROTOS} as a `Set`.
+  # @see Metasploit::Model::Search::Operation::Set#membership
+  # @see Metasploit::Model::Search::Operator::Attribute#attribute_set
+  def self.proto_set
+    @proto_set ||= Set.new(PROTOS)
+  end
+  #
+  # Instance Methods
+  #
+  # {Mdm::Host::OperatingSystemNormalization#normalize_os Normalizes the host operating system} whenever {#info} has
+  # changed.
+  #
+  # @return [void]
+  def normalize_host_os
+    if saved_change_to_info? && host.workspace.present? && !host.workspace.import_fingerprint
+      host.normalize_os
+    end
+  end
+  Metasploit::Concern.run(self)
+end