RubyGems - wg-metasploit_data_models - Versions diffs - 4.1.4.01 → 4.1.4.02 - Mend

wg-metasploit_data_models 4.1.4.01 → 4.1.4.02

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (440) hide show

checksums.yaml +4 -4
data/.coveralls.yml +1 -0
data/.github/workflows/verify.yml +68 -0
data/.gitignore +29 -0
data/.rspec +3 -0
data/.simplecov +38 -0
data/.yardopts +4 -0
data/CHANGELOG.md +6 -0
data/CONTRIBUTING.md +133 -0
data/Gemfile +46 -0
data/LICENSE +27 -0
data/README.md +65 -0
data/RELEASING.md +82 -0
data/Rakefile +72 -0
data/UPGRADING.md +1 -0
data/app/models/mdm/api_key.rb +61 -0
data/app/models/mdm/async_callback.rb +64 -0
data/app/models/mdm/client.rb +50 -0
data/app/models/mdm/cred.rb +205 -0
data/app/models/mdm/event.rb +83 -0
data/app/models/mdm/exploit_attempt.rb +105 -0
data/app/models/mdm/exploited_host.rb +42 -0
data/app/models/mdm/host.rb +619 -0
data/app/models/mdm/host_detail.rb +62 -0
data/app/models/mdm/host_tag.rb +49 -0
data/app/models/mdm/listener.rb +82 -0
data/app/models/mdm/loot.rb +161 -0
data/app/models/mdm/macro.rb +62 -0
data/app/models/mdm/mod_ref.rb +24 -0
data/app/models/mdm/module/action.rb +33 -0
data/app/models/mdm/module/arch.rb +28 -0
data/app/models/mdm/module/author.rb +34 -0
data/app/models/mdm/module/detail.rb +388 -0
data/app/models/mdm/module/mixin.rb +31 -0
data/app/models/mdm/module/platform.rb +29 -0
data/app/models/mdm/module/ref.rb +42 -0
data/app/models/mdm/module/target.rb +37 -0
data/app/models/mdm/nexpose_console.rb +121 -0
data/app/models/mdm/note.rb +125 -0
data/app/models/mdm/payload.rb +103 -0
data/app/models/mdm/profile.rb +45 -0
data/app/models/mdm/ref.rb +48 -0
data/app/models/mdm/route.rb +28 -0
data/app/models/mdm/service.rb +267 -0
data/app/models/mdm/session.rb +203 -0
data/app/models/mdm/session_event.rb +44 -0
data/app/models/mdm/tag.rb +114 -0
data/app/models/mdm/task.rb +168 -0
data/app/models/mdm/task_cred.rb +45 -0
data/app/models/mdm/task_host.rb +41 -0
data/app/models/mdm/task_service.rb +41 -0
data/app/models/mdm/task_session.rb +41 -0
data/app/models/mdm/user.rb +230 -0
data/app/models/mdm/vuln.rb +204 -0
data/app/models/mdm/vuln_attempt.rb +76 -0
data/app/models/mdm/vuln_detail.rb +156 -0
data/app/models/mdm/vuln_ref.rb +21 -0
data/app/models/mdm/web_form.rb +53 -0
data/app/models/mdm/web_page.rb +92 -0
data/app/models/mdm/web_site.rb +113 -0
data/app/models/mdm/web_vuln.rb +193 -0
data/app/models/mdm/wmap_request.rb +101 -0
data/app/models/mdm/wmap_target.rb +56 -0
data/app/models/mdm/workspace.rb +286 -0
data/app/models/metasploit_data_models/automatic_exploitation/match.rb +43 -0
data/app/models/metasploit_data_models/automatic_exploitation/match_result.rb +71 -0
data/app/models/metasploit_data_models/automatic_exploitation/match_set.rb +40 -0
data/app/models/metasploit_data_models/automatic_exploitation/run.rb +29 -0
data/app/models/metasploit_data_models/ip_address/v4/cidr.rb +14 -0
data/app/models/metasploit_data_models/ip_address/v4/nmap.rb +14 -0
data/app/models/metasploit_data_models/ip_address/v4/range.rb +12 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list.rb +125 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range.rb +12 -0
data/app/models/metasploit_data_models/ip_address/v4/segment/single.rb +123 -0
data/app/models/metasploit_data_models/ip_address/v4/segmented.rb +200 -0
data/app/models/metasploit_data_models/ip_address/v4/single.rb +53 -0
data/app/models/metasploit_data_models/module_run.rb +213 -0
data/app/models/metasploit_data_models/search/operation/ip_address.rb +60 -0
data/app/models/metasploit_data_models/search/operation/port/number.rb +25 -0
data/app/models/metasploit_data_models/search/operation/port/range.rb +79 -0
data/app/models/metasploit_data_models/search/operation/range.rb +56 -0
data/app/models/metasploit_data_models/search/operator/ip_address.rb +33 -0
data/app/models/metasploit_data_models/search/operator/multitext.rb +73 -0
data/app/models/metasploit_data_models/search/operator/port/list.rb +67 -0
data/app/models/metasploit_data_models/search/visitor/attribute.rb +17 -0
data/app/models/metasploit_data_models/search/visitor/includes.rb +47 -0
data/app/models/metasploit_data_models/search/visitor/joins.rb +67 -0
data/app/models/metasploit_data_models/search/visitor/method.rb +16 -0
data/app/models/metasploit_data_models/search/visitor/relation.rb +91 -0
data/app/models/metasploit_data_models/search/visitor/where.rb +128 -0
data/config/initializers/arel_helper.rb +5 -0
data/config/initializers/ipaddr.rb +29 -0
data/config/locales/en.yml +94 -0
data/console_db.yml +9 -0
data/db/migrate/000_create_tables.rb +79 -0
data/db/migrate/001_add_wmap_tables.rb +35 -0
data/db/migrate/002_add_workspaces.rb +36 -0
data/db/migrate/003_move_notes.rb +20 -0
data/db/migrate/004_add_events_table.rb +16 -0
data/db/migrate/005_expand_info.rb +58 -0
data/db/migrate/006_add_timestamps.rb +26 -0
data/db/migrate/007_add_loots.rb +20 -0
data/db/migrate/008_create_users.rb +16 -0
data/db/migrate/009_add_loots_ctype.rb +10 -0
data/db/migrate/010_add_alert_fields.rb +16 -0
data/db/migrate/011_add_reports.rb +19 -0
data/db/migrate/012_add_tasks.rb +24 -0
data/db/migrate/013_add_tasks_result.rb +10 -0
data/db/migrate/014_add_loots_fields.rb +12 -0
data/db/migrate/015_rename_user.rb +16 -0
data/db/migrate/016_add_host_purpose.rb +10 -0
data/db/migrate/017_expand_info2.rb +58 -0
data/db/migrate/018_add_workspace_user_info.rb +29 -0
data/db/migrate/019_add_workspace_desc.rb +23 -0
data/db/migrate/020_add_user_preferences.rb +11 -0
data/db/migrate/021_standardize_info_and_data.rb +18 -0
data/db/migrate/022_enlarge_event_info.rb +10 -0
data/db/migrate/023_add_report_downloaded_at.rb +10 -0
data/db/migrate/024_convert_service_info_to_text.rb +12 -0
data/db/migrate/025_add_user_admin.rb +19 -0
data/db/migrate/026_add_creds_table.rb +19 -0
data/db/migrate/20100819123300_migrate_cred_data.rb +154 -0
data/db/migrate/20100824151500_add_exploited_table.rb +16 -0
data/db/migrate/20100908001428_add_owner_to_workspaces.rb +9 -0
data/db/migrate/20100911122000_add_report_templates.rb +18 -0
data/db/migrate/20100916151530_require_admin_flag.rb +15 -0
data/db/migrate/20100916175000_add_campaigns_and_templates.rb +61 -0
data/db/migrate/20100920012100_add_generate_exe_column.rb +8 -0
data/db/migrate/20100926214000_add_template_prefs.rb +11 -0
data/db/migrate/20101001000000_add_web_tables.rb +57 -0
data/db/migrate/20101002000000_add_query.rb +10 -0
data/db/migrate/20101007000000_add_vuln_info.rb +15 -0
data/db/migrate/20101008111800_add_clients_to_campaigns.rb +10 -0
data/db/migrate/20101009023300_add_campaign_attachments.rb +15 -0
data/db/migrate/20101104135100_add_imported_creds.rb +17 -0
data/db/migrate/20101203000000_fix_web_tables.rb +34 -0
data/db/migrate/20101203000001_expand_host_comment.rb +12 -0
data/db/migrate/20101206212033_add_limit_to_network_to_workspaces.rb +9 -0
data/db/migrate/20110112154300_add_module_uuid_to_tasks.rb +9 -0
data/db/migrate/20110204112800_add_host_tags.rb +28 -0
data/db/migrate/20110317144932_add_session_table.rb +110 -0
data/db/migrate/20110414180600_add_local_id_to_session_table.rb +11 -0
data/db/migrate/20110415175705_add_routes_table.rb +18 -0
data/db/migrate/20110422000000_convert_binary.rb +73 -0
data/db/migrate/20110425095900_add_last_seen_to_sessions.rb +8 -0
data/db/migrate/20110513143900_track_successful_exploits.rb +31 -0
data/db/migrate/20110517160800_rename_and_prune_nessus_vulns.rb +26 -0
data/db/migrate/20110527000000_add_task_id_to_reports_table.rb +11 -0
data/db/migrate/20110527000001_add_api_keys_table.rb +12 -0
data/db/migrate/20110606000001_add_macros_table.rb +16 -0
data/db/migrate/20110622000000_add_settings_to_tasks_table.rb +12 -0
data/db/migrate/20110624000001_add_listeners_table.rb +19 -0
data/db/migrate/20110625000001_add_macro_to_listeners_table.rb +12 -0
data/db/migrate/20110630000001_add_nexpose_consoles_table.rb +21 -0
data/db/migrate/20110630000002_add_name_to_nexpose_consoles_table.rb +12 -0
data/db/migrate/20110717000001_add_profiles_table.rb +15 -0
data/db/migrate/20110727163801_expand_cred_ptype_column.rb +9 -0
data/db/migrate/20110730000001_add_initial_indexes.rb +85 -0
data/db/migrate/20110812000001_prune_indexes.rb +23 -0
data/db/migrate/20110922000000_expand_notes.rb +9 -0
data/db/migrate/20110928101300_add_mod_ref_table.rb +17 -0
data/db/migrate/20111011110000_add_display_name_to_reports_table.rb +24 -0
data/db/migrate/20111203000000_inet_columns.rb +13 -0
data/db/migrate/20111204000000_more_inet_columns.rb +17 -0
data/db/migrate/20111210000000_add_scope_to_hosts.rb +9 -0
data/db/migrate/20120126110000_add_virtual_host_to_hosts.rb +9 -0
data/db/migrate/20120411173220_rename_workspace_members.rb +9 -0
data/db/migrate/20120601152442_add_counter_caches_to_hosts.rb +21 -0
data/db/migrate/20120625000000_add_vuln_details.rb +34 -0
data/db/migrate/20120625000001_add_host_details.rb +16 -0
data/db/migrate/20120625000002_expand_details.rb +16 -0
data/db/migrate/20120625000003_expand_details2.rb +24 -0
data/db/migrate/20120625000004_add_vuln_attempts.rb +19 -0
data/db/migrate/20120625000005_add_vuln_and_host_counter_caches.rb +14 -0
data/db/migrate/20120625000006_add_module_details.rb +118 -0
data/db/migrate/20120625000007_add_exploit_attempts.rb +26 -0
data/db/migrate/20120625000008_add_fail_message.rb +12 -0
data/db/migrate/20120718202805_add_owner_and_payload_to_web_vulns.rb +13 -0
data/db/migrate/20130228214900_change_required_columns_to_null_false_in_web_vulns.rb +19 -0
data/db/migrate/20130412154159_change_foreign_key_in_module_actions.rb +25 -0
data/db/migrate/20130412171844_change_foreign_key_in_module_archs.rb +25 -0
data/db/migrate/20130412173121_change_foreign_key_in_module_authors.rb +25 -0
data/db/migrate/20130412173640_change_foreign_key_in_module_mixins.rb +25 -0
data/db/migrate/20130412174254_change_foreign_key_in_module_platforms.rb +25 -0
data/db/migrate/20130412174719_change_foreign_key_in_module_refs.rb +25 -0
data/db/migrate/20130412175040_change_foreign_key_in_module_targets.rb +25 -0
data/db/migrate/20130423211152_add_creds_counter_cache.rb +24 -0
data/db/migrate/20130430151353_change_required_columns_to_null_false_in_hosts.rb +11 -0
data/db/migrate/20130430162145_enforce_address_uniqueness_in_workspace_in_hosts.rb +101 -0
data/db/migrate/20130510021637_remove_campaigns.rb +11 -0
data/db/migrate/20130515164311_change_web_vulns_confidence_to_integer.rb +48 -0
data/db/migrate/20130515172727_valid_mdm_web_vuln_params.rb +30 -0
data/db/migrate/20130516204810_making_vulns_refs_a_real_ar_model.rb +5 -0
data/db/migrate/20130522001343_create_task_creds.rb +9 -0
data/db/migrate/20130522032517_create_task_hosts.rb +9 -0
data/db/migrate/20130522041110_create_task_services.rb +9 -0
data/db/migrate/20130525015035_remove_campaign_id_from_clients.rb +9 -0
data/db/migrate/20130525212420_drop_table_imported_creds.rb +14 -0
data/db/migrate/20130531144949_making_host_tags_a_real_ar_model.rb +6 -0
data/db/migrate/20130604145732_create_task_sessions.rb +9 -0
data/db/migrate/20130717150737_remove_pname_validation.rb +7 -0
data/db/migrate/20131002004641_create_automatic_exploitation_matches.rb +13 -0
data/db/migrate/20131002164449_create_automatic_exploitation_match_sets.rb +12 -0
data/db/migrate/20131008213344_create_automatic_exploitation_runs.rb +11 -0
data/db/migrate/20131011184338_module_detail_on_automatic_exploitation_match.rb +10 -0
data/db/migrate/20131017150735_create_automatic_exploitation_match_results.rb +11 -0
data/db/migrate/20131021185657_make_match_polymorphic.rb +11 -0
data/db/migrate/20140905031549_add_detected_arch_to_host.rb +5 -0
data/db/migrate/20150112203945_remove_duplicate_services.rb +17 -0
data/db/migrate/20150205192745_drop_service_uniqueness_index.rb +5 -0
data/db/migrate/20150209195939_add_vuln_id_to_note.rb +6 -0
data/db/migrate/20150212214222_remove_duplicate_services2.rb +17 -0
data/db/migrate/20150219173821_create_module_runs.rb +23 -0
data/db/migrate/20150219215039_add_module_run_to_session.rb +8 -0
data/db/migrate/20150226151459_add_module_run_fk_to_loot.rb +8 -0
data/db/migrate/20150312155312_add_module_full_name_to_match.rb +6 -0
data/db/migrate/20150317145455_rename_module_indices.rb +29 -0
data/db/migrate/20150326183742_add_missing_ae_indices.rb +13 -0
data/db/migrate/20150421211719_rename_automatic_exploitation_index.rb +16 -0
data/db/migrate/20150514182921_add_origin_to_mdm_vuln.rb +13 -0
data/db/migrate/20160415153312_remove_not_null_from_web_vuln_p_arams.rb +5 -0
data/db/migrate/20161004165612_add_fingerprinted_to_workspace.rb +5 -0
data/db/migrate/20161227212223_add_os_family_to_hosts.rb +5 -0
data/db/migrate/20180904120211_create_payloads.rb +21 -0
data/db/migrate/20190308134512_create_async_callbacks.rb +13 -0
data/db/migrate/20190507120211_remove_payload_workspaces.rb +5 -0
data/lib/mdm/host/operating_system_normalization.rb +942 -0
data/lib/mdm/module.rb +13 -0
data/lib/mdm.rb +57 -0
data/lib/metasploit_data_models/automatic_exploitation.rb +25 -0
data/lib/metasploit_data_models/base64_serializer.rb +99 -0
data/lib/metasploit_data_models/change_required_columns_to_null_false.rb +21 -0
data/lib/metasploit_data_models/engine.rb +32 -0
data/lib/metasploit_data_models/ip_address/cidr.rb +174 -0
data/lib/metasploit_data_models/ip_address/range.rb +181 -0
data/lib/metasploit_data_models/ip_address/v4/segment/nmap.rb +7 -0
data/lib/metasploit_data_models/ip_address/v4/segment.rb +7 -0
data/lib/metasploit_data_models/ip_address/v4.rb +11 -0
data/lib/metasploit_data_models/ip_address.rb +9 -0
data/lib/metasploit_data_models/match/child.rb +48 -0
data/lib/metasploit_data_models/match/parent.rb +103 -0
data/lib/metasploit_data_models/match.rb +8 -0
data/lib/metasploit_data_models/search/operation/port.rb +9 -0
data/lib/metasploit_data_models/search/operation.rb +9 -0
data/lib/metasploit_data_models/search/operator/port.rb +6 -0
data/lib/metasploit_data_models/search/operator.rb +8 -0
data/lib/metasploit_data_models/search/visitor.rb +11 -0
data/lib/metasploit_data_models/search.rb +8 -0
data/lib/metasploit_data_models/serialized_prefs.rb +27 -0
data/lib/metasploit_data_models/version.rb +13 -0
data/lib/metasploit_data_models.rb +56 -0
data/metasploit_data_models.gemspec +65 -0
data/script/rails +8 -0
data/spec/app/models/mdm/api_key_spec.rb +3 -0
data/spec/app/models/mdm/client_spec.rb +43 -0
data/spec/app/models/mdm/cred_spec.rb +346 -0
data/spec/app/models/mdm/event_spec.rb +90 -0
data/spec/app/models/mdm/exploit_attempt_spec.rb +59 -0
data/spec/app/models/mdm/exploited_host_spec.rb +44 -0
data/spec/app/models/mdm/host_detail_spec.rb +48 -0
data/spec/app/models/mdm/host_spec.rb +1139 -0
data/spec/app/models/mdm/host_tag_spec.rb +69 -0
data/spec/app/models/mdm/listener_spec.rb +107 -0
data/spec/app/models/mdm/loot_spec.rb +84 -0
data/spec/app/models/mdm/macro_spec.rb +3 -0
data/spec/app/models/mdm/mod_ref_spec.rb +3 -0
data/spec/app/models/mdm/module/action_spec.rb +34 -0
data/spec/app/models/mdm/module/arch_spec.rb +34 -0
data/spec/app/models/mdm/module/author_spec.rb +52 -0
data/spec/app/models/mdm/module/detail_spec.rb +746 -0
data/spec/app/models/mdm/module/mixin_spec.rb +34 -0
data/spec/app/models/mdm/module/platform_spec.rb +34 -0
data/spec/app/models/mdm/module/ref_spec.rb +58 -0
data/spec/app/models/mdm/module/target_spec.rb +36 -0
data/spec/app/models/mdm/nexpose_console_spec.rb +146 -0
data/spec/app/models/mdm/note_spec.rb +91 -0
data/spec/app/models/mdm/profile_spec.rb +3 -0
data/spec/app/models/mdm/ref_spec.rb +71 -0
data/spec/app/models/mdm/route_spec.rb +35 -0
data/spec/app/models/mdm/service_spec.rb +232 -0
data/spec/app/models/mdm/session_event_spec.rb +42 -0
data/spec/app/models/mdm/session_spec.rb +118 -0
data/spec/app/models/mdm/tag_spec.rb +116 -0
data/spec/app/models/mdm/task_cred_spec.rb +51 -0
data/spec/app/models/mdm/task_host_spec.rb +50 -0
data/spec/app/models/mdm/task_service_spec.rb +50 -0
data/spec/app/models/mdm/task_session_spec.rb +46 -0
data/spec/app/models/mdm/task_spec.rb +71 -0
data/spec/app/models/mdm/user_spec.rb +50 -0
data/spec/app/models/mdm/vuln_attempt_spec.rb +53 -0
data/spec/app/models/mdm/vuln_detail_spec.rb +65 -0
data/spec/app/models/mdm/vuln_ref_spec.rb +46 -0
data/spec/app/models/mdm/vuln_spec.rb +299 -0
data/spec/app/models/mdm/web_form_spec.rb +46 -0
data/spec/app/models/mdm/web_page_spec.rb +101 -0
data/spec/app/models/mdm/web_site_spec.rb +85 -0
data/spec/app/models/mdm/web_vuln_spec.rb +312 -0
data/spec/app/models/mdm/wmap_request_spec.rb +5 -0
data/spec/app/models/mdm/wmap_target_spec.rb +5 -0
data/spec/app/models/mdm/workspace_spec.rb +500 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_result_spec.rb +86 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_set_spec.rb +46 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/match_spec.rb +37 -0
data/spec/app/models/metasploit_data_models/automatic_exploitation/run_spec.rb +38 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/cidr_spec.rb +119 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/nmap_spec.rb +149 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/range_spec.rb +298 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/list_spec.rb +276 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/nmap/range_spec.rb +302 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/segmented_spec.rb +27 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/segment/single_spec.rb +324 -0
data/spec/app/models/metasploit_data_models/ip_address/v4/single_spec.rb +181 -0
data/spec/app/models/metasploit_data_models/module_run_spec.rb +134 -0
data/spec/app/models/metasploit_data_models/search/operation/ip_address_spec.rb +180 -0
data/spec/app/models/metasploit_data_models/search/operation/port/number_spec.rb +39 -0
data/spec/app/models/metasploit_data_models/search/operation/port/range_spec.rb +138 -0
data/spec/app/models/metasploit_data_models/search/operation/range_spec.rb +233 -0
data/spec/app/models/metasploit_data_models/search/operator/ip_address_spec.rb +17 -0
data/spec/app/models/metasploit_data_models/search/operator/multitext_spec.rb +160 -0
data/spec/app/models/metasploit_data_models/search/operator/port/list_spec.rb +162 -0
data/spec/app/models/metasploit_data_models/search/visitor/attribute_spec.rb +96 -0
data/spec/app/models/metasploit_data_models/search/visitor/includes_spec.rb +175 -0
data/spec/app/models/metasploit_data_models/search/visitor/joins_spec.rb +396 -0
data/spec/app/models/metasploit_data_models/search/visitor/method_spec.rb +49 -0
data/spec/app/models/metasploit_data_models/search/visitor/relation_spec.rb +925 -0
data/spec/app/models/metasploit_data_models/search/visitor/where_spec.rb +187 -0
data/spec/dummy/Rakefile +7 -0
data/spec/dummy/app/assets/config/manifest.js +1 -0
data/spec/dummy/app/assets/javascripts/application.js +15 -0
data/spec/dummy/app/assets/stylesheets/application.css +13 -0
data/spec/dummy/app/controllers/application_controller.rb +3 -0
data/spec/dummy/app/helpers/application_helper.rb +2 -0
data/spec/dummy/app/mailers/.gitkeep +0 -0
data/spec/dummy/app/models/.gitkeep +0 -0
data/spec/dummy/app/models/application_record.rb +3 -0
data/spec/dummy/app/views/layouts/application.html.erb +14 -0
data/spec/dummy/bin/bundle +3 -0
data/spec/dummy/bin/rails +4 -0
data/spec/dummy/bin/rake +4 -0
data/spec/dummy/config/application.rb +61 -0
data/spec/dummy/config/boot.rb +4 -0
data/spec/dummy/config/database.yml.example +22 -0
data/spec/dummy/config/database.yml.github_actions +21 -0
data/spec/dummy/config/environment.rb +5 -0
data/spec/dummy/config/environments/development.rb +37 -0
data/spec/dummy/config/environments/production.rb +78 -0
data/spec/dummy/config/environments/test.rb +39 -0
data/spec/dummy/config/initializers/active_record_migrations.rb +4 -0
data/spec/dummy/config/initializers/assets.rb +8 -0
data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/spec/dummy/config/initializers/cookies_serializer.rb +3 -0
data/spec/dummy/config/initializers/filter_parameter_logging.rb +4 -0
data/spec/dummy/config/initializers/inflections.rb +16 -0
data/spec/dummy/config/initializers/mime_types.rb +4 -0
data/spec/dummy/config/initializers/session_store.rb +3 -0
data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
data/spec/dummy/config/locales/en.yml +23 -0
data/spec/dummy/config/routes.rb +2 -0
data/spec/dummy/config.ru +4 -0
data/spec/dummy/db/structure.sql +3430 -0
data/spec/dummy/db/structure.sql.from_rails_3 +3403 -0
data/spec/dummy/lib/assets/.gitkeep +0 -0
data/spec/dummy/log/.gitkeep +0 -0
data/spec/dummy/public/404.html +26 -0
data/spec/dummy/public/422.html +26 -0
data/spec/dummy/public/500.html +25 -0
data/spec/dummy/public/favicon.ico +0 -0
data/spec/dummy/script/rails +6 -0
data/spec/factories/mdm/addresses.rb +12 -0
data/spec/factories/mdm/clients.rb +8 -0
data/spec/factories/mdm/creds.rb +17 -0
data/spec/factories/mdm/events.rb +15 -0
data/spec/factories/mdm/exploit_attempts.rb +8 -0
data/spec/factories/mdm/exploited_hosts.rb +7 -0
data/spec/factories/mdm/fingerprints/nessus_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/nexpose_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/nmap_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/retina_fingerprints.rb +6 -0
data/spec/factories/mdm/fingerprints/session_fingerprints.rb +6 -0
data/spec/factories/mdm/host_details.rb +8 -0
data/spec/factories/mdm/host_tags.rb +9 -0
data/spec/factories/mdm/hosts.rb +85 -0
data/spec/factories/mdm/listeners.rb +12 -0
data/spec/factories/mdm/loots.rb +11 -0
data/spec/factories/mdm/module/actions.rb +14 -0
data/spec/factories/mdm/module/archs.rb +14 -0
data/spec/factories/mdm/module/authors.rb +22 -0
data/spec/factories/mdm/module/details.rb +73 -0
data/spec/factories/mdm/module/mixins.rb +14 -0
data/spec/factories/mdm/module/platforms.rb +14 -0
data/spec/factories/mdm/module/refs.rb +14 -0
data/spec/factories/mdm/module/targets.rb +19 -0
data/spec/factories/mdm/nexpose_consoles.rb +15 -0
data/spec/factories/mdm/notes.rb +12 -0
data/spec/factories/mdm/refs.rb +9 -0
data/spec/factories/mdm/routes.rb +36 -0
data/spec/factories/mdm/services.rb +41 -0
data/spec/factories/mdm/session_events.rb +8 -0
data/spec/factories/mdm/sessions.rb +13 -0
data/spec/factories/mdm/tags.rb +14 -0
data/spec/factories/mdm/task.rb +16 -0
data/spec/factories/mdm/task_creds.rb +9 -0
data/spec/factories/mdm/task_hosts.rb +9 -0
data/spec/factories/mdm/task_services.rb +8 -0
data/spec/factories/mdm/task_sessions.rb +8 -0
data/spec/factories/mdm/users.rb +22 -0
data/spec/factories/mdm/vuln_attempts.rb +8 -0
data/spec/factories/mdm/vuln_details.rb +8 -0
data/spec/factories/mdm/vuln_refs.rb +4 -0
data/spec/factories/mdm/vulns.rb +20 -0
data/spec/factories/mdm/web_forms.rb +33 -0
data/spec/factories/mdm/web_pages.rb +64 -0
data/spec/factories/mdm/web_sites.rb +8 -0
data/spec/factories/mdm/web_vulns.rb +64 -0
data/spec/factories/mdm/workspaces.rb +23 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/match_results.rb +7 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/match_sets.rb +8 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/matches.rb +7 -0
data/spec/factories/metasploit_data_models/automatic_exploitation/runs.rb +6 -0
data/spec/factories/module_runs.rb +40 -0
data/spec/lib/base64_serializer_spec.rb +172 -0
data/spec/lib/ipaddr_spec.rb +29 -0
data/spec/lib/metasploit_data_models/ip_address/cidr_spec.rb +356 -0
data/spec/lib/metasploit_data_models/ip_address/range_spec.rb +75 -0
data/spec/lib/metasploit_data_models/match/child_spec.rb +59 -0
data/spec/lib/metasploit_data_models/match/parent_spec.rb +153 -0
data/spec/lib/metasploit_data_models_spec.rb +13 -0
data/spec/spec_helper.rb +148 -0
data/spec/support/matchers/match_regex_exactly.rb +28 -0
data/spec/support/shared/contexts/rex/text.rb +15 -0
data/spec/support/shared/examples/coerces_inet_column_type_to_string.rb +15 -0
data/spec/support/shared/examples/mdm/module/detail/does_not_support_stance_with_mtype.rb +20 -0
data/spec/support/shared/examples/mdm/module/detail/supports_stance_with_mtype.rb +36 -0
data/spec/support/shared/examples/metasploit_data_models/search/operation/ipaddress/match.rb +109 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_children.rb +38 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_metasploit_model_search_operation_base.rb +26 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/relation/visit/matching_record.rb +50 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_equality.rb +34 -0
data/spec/support/shared/examples/metasploit_data_models/search/visitor/where/visit/with_metasploit_model_search_group_base.rb +51 -0
metadata +444 -6

data/app/models/mdm/user.rb ADDED Viewed

@@ -0,0 +1,230 @@
+# A user of metasploit-framework or metasploit-pro.
+class Mdm::User < ApplicationRecord
+  extend MetasploitDataModels::SerializedPrefs
+  #
+  # Associations
+  #
+  # Automatic exploitation runs started by this user.
+  has_many :automatic_exploitation_runs,
+           class_name: 'MetasploitDataModels::AutomaticExploitation::Run',
+           inverse_of: :user
+  # Automatic exploitation match sets created by this user for {#automatic_exploitation_runs}.
+  has_many :automatic_exploitation_match_sets,
+           class_name: 'MetasploitDataModels::AutomaticExploitation::MatchSet',
+           inverse_of: :user
+  # {Mdm::Workspace Workspaces} owned by this user.  Owned workspaces allow user complete permissions without the need
+  # or the user to be an {#admin administrator}.
+  has_many :owned_workspaces,
+           class_name: 'Mdm::Workspace',
+           foreign_key: 'owner_id',
+           inverse_of: :owner
+  # Runs of Metasploit Modules by this user.
+  has_many :module_runs,
+           class_name: 'MetasploitDataModels::ModuleRun',
+           inverse_of: :user
+  # Tags created by the user.
+  has_many :tags,
+           class_name: 'Mdm::Tag',
+           inverse_of: :user
+  # {Mdm::Workspace Workspace} where this user has access.  If a user is an {#admin administrator} they have access
+  # to all workspaces even if they are not a member of that workspace.
+  has_and_belongs_to_many :workspaces,
+                          -> { distinct },
+                          class_name: 'Mdm::Workspace',
+                          join_table: 'workspace_members'
+  #
+  # Attributes
+  #
+  # @!attribute admin
+  #   Whether this user is an administrator.  Administrator permissions are only enforced in metasploit-pro through the
+  #   controllers.
+  #
+  #   @return [false] if this is a normal user that must be added to each workspace.
+  #   @return [true] if this user is an administrator and have access to all workspaces without being added to the
+  #     workspace explicitly.  User is also allowed to add other users to workspaces or make other users admins.
+  # @!attribute company
+  #   Company at which user works.
+  #
+  #   @return [String, nil]
+  # @!attribute created_at
+  #   When the user was created.
+  #
+  #   @return [DateTime]
+  # @!attribute crypted_password
+  #   Hashed password (salted with {#password_salt}) by Authlogic in metasploit-pro.
+  #
+  #   @return [String]
+  # @!attribute email
+  #   The user's email address.
+  #
+  #   @return [String, nil]
+  # @!attribute fullname
+  #   The user's normal human name.
+  #
+  #   @return [String, nil]
+  # @!attribute password_salt
+  #   Salt used when hashing password into {#crypted_password} by Authlogic in metasploit-pro.
+  #
+  #   @return [String]
+  # @!attribute persistence_token
+  #   Token used for session and cookie when user is logged using Authlogic in metasploit-pro.
+  #
+  #   @return [String]
+  # @!attribute phone
+  #   Phone number for user.
+  #
+  #   @return [String, nil]
+  # @!attribute updated_at
+  #   When the user was last updated.
+  #
+  #   @return [DateTime]
+  # @!attribute username
+  #   Username for this user.  Used to log into metasploit-pro.
+  #
+  #   @return [String]
+  #
+  # Serialziations
+  #
+  # Hash of user preferences
+  #
+  # @return [Hash]
+  serialize :prefs, MetasploitDataModels::Base64Serializer.new
+  # @!attribute time_zone
+  #   User's preferred time zone.
+  #
+  #   @return [String, nil]
+  serialized_prefs_attr_accessor :time_zone
+  #
+  #  @!group Duplicate Login Monitoring
+  #
+  # @!attribute last_login_address
+  #   @note specifically NOT last_login_ip to prevent confusion with AuthLogic magic columns (which dont work for
+  #     serialized fields)
+  #
+  #   Last IP address from which this user logged in.  Used to report currently active user session's IP when the user
+  #   is logged off because theire `session[:session_id]` does not match {#session_key}.
+  #
+  #   @return [String, nil]
+  serialized_prefs_attr_accessor :last_login_address
+  # @!attribute session_key
+  #   Holds `session[:session_id]` so user can only be logged in once.  Only enforced in metasploit-pro.
+  #
+  #   @return [String, nil]
+  serialized_prefs_attr_accessor :session_key
+  #
+  # @!endgroup
+  #
+  #
+  # @!group HTTP Proxy
+  #
+  # @!attribute http_proxy_host
+  #   Proxy host.
+  #
+  #   @return [String, nil]
+  serialized_prefs_attr_accessor :http_proxy_host
+  # @!attribute http_proxy_pass
+  #   Password used to login as {#http_proxy_user} to proxy.
+  #
+  #   @return [String, nil]
+  serialized_prefs_attr_accessor :http_proxy_pass
+  # @!attribute http_proxy_port
+  #   Port on which proxy run on {#http_proxy_host}.
+  #
+  #   @return [String, Integer, nil]
+  serialized_prefs_attr_accessor :http_proxy_port
+  # @!attribute http_proxy_user
+  #   User used to log into proxy.
+  #
+  #   @return [String, nil]
+  serialized_prefs_attr_accessor :http_proxy_user
+  #
+  # @!endgroup
+  #
+  #
+  # @!group Nexpose
+  #
+  # @!attribute nexpose_host
+  #   Host name for server running Nexpose.
+  #
+  #   @return [String, nil]
+  serialized_prefs_attr_accessor :nexpose_host
+  # @!attribute nexpose_pass
+  #   Password to log into Nexpose.
+  #
+  #   @return [String, nil]
+  serialized_prefs_attr_accessor :nexpose_pass
+  # @!attribute nexpose_port
+  #   Port on {#nexpose_host} on which Nexpose is running.
+  #
+  #   @return [String, Integer. nil]
+  serialized_prefs_attr_accessor :nexpose_port
+  # @!attribute nexpose_user
+  #   User used to log into Nexpose.
+  #
+  #   @return [String, nil]
+  serialized_prefs_attr_accessor :nexpose_user
+  #
+  # @!endgroup
+  #
+  #
+  # @!group Nexpose Authenticated Scan Credentials
+  #
+  # @!attribute nexpose_creds_pass
+  #   @return [String, nil]
+  serialized_prefs_attr_accessor :nexpose_creds_pass
+  # @!attribute nexpose_creds_type
+  #   @return [String, nil]
+  serialized_prefs_attr_accessor :nexpose_creds_type
+  # @!attribute nexpose_creds_user
+  #   @return [String, nil]
+  serialized_prefs_attr_accessor :nexpose_creds_user
+  #
+  # @!endgroup
+  #
+  Metasploit::Concern.run(self)
+end

data/app/models/mdm/vuln.rb ADDED Viewed

@@ -0,0 +1,204 @@
+# A vulnerability found on a {#host} or {#service}.
+class Mdm::Vuln < ApplicationRecord
+  #
+  # Associations
+  #
+  # @!attribute exploit_attempts
+  #   Attempts to exploit this vulnerability.
+  #
+  #   @return [ActiveRecord::Relation<Mdm::ExploitAttempt>]
+  has_many :exploit_attempts,
+           class_name: 'Mdm::ExploitAttempt',
+           inverse_of: :vuln
+  # @!attribute [rw] host
+  #   The host with this vulnerability.
+  #
+  #   @return [Mdm::Host]
+  belongs_to :host,
+             class_name: 'Mdm::Host',
+             counter_cache: :vuln_count,
+             inverse_of: :vulns
+  # @!attribute [rw] matches
+  #   The matches for this vuln
+  #
+  #   @return [ActiveRecord::Relation<MetasploitDataModels::AutomaticExploitation::Match>]
+  has_many :matches, class_name: "MetasploitDataModels::AutomaticExploitation::Match",
+           as: :matchable,
+           dependent: :destroy
+  # @!attribute [rw] service
+  #   The service with the vulnerability.
+  #
+  #   @return [Mdm::Service]
+  belongs_to :service,
+             class_name: 'Mdm::Service',
+             inverse_of: :vulns
+  # @!attribute [rw] origin
+  #   A polymorphic association to the origin that found
+  #   the vulnerability.
+  #
+  #   @return [ActiveRecord::Relation<origin>]
+  belongs_to :origin,
+             polymorphic: true
+  # @!attribute [rw] vuln_attempts
+  #   Attempts to exploit this vulnerability.
+  #
+  #   @return [ActiveRecord::Relation<Mdm::VulnAttempt>]
+  has_many :vuln_attempts,
+           class_name: 'Mdm::VulnAttempt',
+           dependent: :destroy,
+           inverse_of: :vuln
+  # @!attribute [rw] vuln_details
+  #   Additional information about this vulnerability.
+  #
+  #   @return [ActiveRecord::Relation<Mdm::VulnDetail>]
+  has_many :vuln_details,
+           class_name: 'Mdm::VulnDetail',
+           dependent: :destroy,
+           inverse_of: :vuln
+  # @!attribute [rw] vulns_refs
+  #   Join model that joins this vuln to its {Mdm::Ref external references}.
+  #
+  #   @return [ActiveRecord::Relation<Mdm::VulnRef>]
+  has_many :vulns_refs,
+           class_name: 'Mdm::VulnRef',
+           dependent: :destroy,
+           inverse_of: :vuln
+  # @!attribute [rw] notes
+  #   Notes about the vuln entered by a user with {Mdm::Note#created_at oldest notes} first.
+  #
+  #   @return [<ActiveRecord::RelationMdm::Note>]
+  has_many :notes,
+           -> { order('notes.created_at') },
+           class_name: 'Mdm::Note',
+           inverse_of: :vuln,
+           dependent: :delete_all
+  #
+  # Through :vuln_refs
+  #
+  # @!attribute [r] refs
+  #   External references to this vulnerability.
+  #
+  #   @return [ActiveRecord::Relation<Mdm::Ref>]
+  has_many :refs, :class_name => 'Mdm::Ref', :through => :vulns_refs
+  #
+  #  Through refs
+  #
+  # @!attribute [r] module_refs
+  #   References in module that match {Mdm::Ref#name names} in {#refs}.
+  #
+  #   @return [ActiveRecord::Relation<Mdm::Module::Ref>]
+  has_many :module_refs, :class_name => 'Mdm::Module::Ref', :through => :refs
+  # @!attribute [r] module_runs
+  #   References to times that a module has been run to exercise this vuln
+  #
+  #   @return [ActiveRecord::Relation<MetasploitDataModels::ModuleRun>]
+  has_many :module_runs,
+           class_name: 'MetasploitDataModels::ModuleRun',
+           as: :trackable
+  #
+  # Through module_refs
+  #
+  # @!attribute [r] module_details
+  #   {Mdm::Module::Detail Modules} that share the same external references as this vuln.
+  #
+  #   @return [ActiveRecord::Relation<Mdm::Module::Detail>]
+  has_many :module_details,
+            -> { distinct },
+            :class_name => 'Mdm::Module::Detail',
+            :source => :detail,
+            :through => :module_refs
+  #
+  # Attributes
+  #
+  # @!attribute [rw] exploited_at
+  #   When the vulnerability was exploited
+  #
+  #   @return [DateTime]
+  # @!attribute [rw] name
+  #   The name of the vulnerability in metasploit-framework or from the import source.
+  #
+  #   @return [String]
+  # @!attribute [rw] info
+  #   Additional information about the vulnerability
+  #
+  #   @return [String]
+  # @!attribute [rw] vuln_attempt_count
+  #   Counter cache for number of {#vuln_attempts}.
+  #
+  #   @return [Integer]
+  # @!attribute [rw] vuln_detail_count
+  #   Counter cache for number of {#vuln_details}.
+  #
+  #   @return [Integer]
+  #
+  # Callbacks
+  #
+  after_update :save_refs
+  #
+  # Scopes
+  #
+  scope :search, lambda { |query|
+    formatted_query = "%#{query}%"
+    where(
+      arel_table[:name].matches(formatted_query).or(
+        arel_table[:info].matches(formatted_query)
+      ).or(
+        Mdm::Ref.arel_table[:name].matches(formatted_query)
+      ).or(
+        Arel::Nodes::NamedFunction.new('CAST', [Mdm::Host.arel_table[:address].as('TEXT')]).matches(formatted_query)
+      ).or(
+        Mdm::Host.arel_table[:name].matches(formatted_query)
+      )
+    ).includes(
+      :refs, :host
+    ).references(:refs,:host)
+  }
+  #
+  # Validations
+  #
+  validates :name, :presence => true
+  validates :name, length: {maximum: 255}
+  validates_associated :refs
+  private
+  def save_refs
+    refs.each { |ref| ref.save(:validate => false) }
+  end
+  public
+  Metasploit::Concern.run(self)
+end

data/app/models/mdm/vuln_attempt.rb ADDED Viewed

@@ -0,0 +1,76 @@
+# An attempt to exploit a {#vuln}.
+class Mdm::VulnAttempt < ApplicationRecord
+  #
+  # Associations
+  #
+  # Loot gathered from this attempt.
+  #
+  # @return [Mdm::Loot] if {#exploited} is `true`.
+  # @return [nil] if {#exploited} is `false`.
+  belongs_to :loot,
+             class_name: 'Mdm::Loot',
+             inverse_of: :vuln_attempt
+  # The session opened by this attempt.
+  #
+  # @return [Mdm::Session] if {#exploited} is `true`.
+  # @return [nil] if {#exploited} is `false`.
+  belongs_to :session,
+             class_name: 'Mdm::Session',
+             inverse_of: :vuln_attempt
+  # The {Mdm::Vuln vulnerability} that this attempt was exploiting.
+  #
+  # @return [Mdm::Vuln]
+  belongs_to :vuln,
+             class_name: 'Mdm::Vuln',
+             counter_cache: :vuln_attempt_count,
+             inverse_of: :vuln_attempts
+  #
+  # Attributes
+  #
+  # @!attribute attempted_at
+  #   When this attempt was made.
+  #
+  #   @return [DateTime]
+  # @!attribute exploited
+  #   Whether this attempt was successful.
+  #
+  #   @return [true] if {#vuln} was exploited.
+  #   @return [false] if {#vuln} was not exploited.
+  # @!attribute fail_detail
+  #   Long details about why this attempt failed.
+  #
+  #   @return [String] if {#exploited} is `false`.
+  #   @return [nil] if {#exploited} is `true`.
+  # @!attribute fail_reason
+  #   Short reason why this attempt failed.
+  #
+  #   @return [String] if {#exploited} is `false`.
+  #   @return [nil] if {#exploited} is `true`
+  # @!attribute module
+  #   {Mdm::Module::Detail#fullname Full name of exploit Metasploit Module} that was used in this attempt.
+  #
+  #   @return [String]
+  # @!attribute username
+  #   The {Mdm::User#username name of the user} that made this attempt.
+  #
+  #   @return [String]
+  #
+  # Validations
+  #
+  validates :vuln_id, :presence => true
+  Metasploit::Concern.run(self)
+end

data/app/models/mdm/vuln_detail.rb ADDED Viewed

@@ -0,0 +1,156 @@
+# {Mdm::Vuln Vulnerability details} supplied from an external source, such as Nexpose.
+class Mdm::VulnDetail < ApplicationRecord
+  #
+  # Associations
+  #
+  # The vulnerability this detail is about.
+  belongs_to :vuln, class_name: 'Mdm::Vuln', counter_cache: :vuln_detail_count, inverse_of: :vuln_details
+  #
+  #
+  # Attributes
+  #
+  #
+  # @!attribute description
+  #   Long description of this vulnerability.
+  #
+  #   @return [String]
+  # @!attribute src
+  #   Source of this vulnerability detail.
+  #
+  #   @return [String]
+  # @!attribute title
+  #   Title of this vulnerability.
+  #
+  #   @return [String]
+  # @!attribute proof
+  #   Proof of this vulnerability existing on the target.
+  #
+  #   @return [String]
+  # @!attribute solution
+  #   Solution to fix this vulnerability.
+  #
+  #   @return [String]
+  #
+  # @!group Common Vulnerability Scoring System
+  #
+  # @!attribute cvss_score
+  #   Composite Common Vulnerability Scoring System (CVSS) Score
+  #
+  #   @return [Float]
+  # @!attribute cvss_vector
+  #   {#cvss_score} broken down into its encoded components
+  #
+  #   @return [String]
+  #   @see http://nvd.nist.gov/cvss.cfm?vectorinfo
+  #
+  # @!endgroup
+  #
+  #
+  # @!group Nexpose
+  #
+  # association is declared here so it can be in Nexpose group
+  # The Nexpose console that supplied this information.
+  belongs_to :nexpose_console,
+             class_name: 'Mdm::NexposeConsole',
+             foreign_key: :nx_console_id,
+             inverse_of: :vuln_details
+  # @!attribute nx_added
+  #   When this vulnerability was added in Nexpose.
+  #
+  #   @return [DateTime]
+  # @!attribute nx_device_id
+  #   ID of target device in Nexpose.
+  #
+  #   @return [Integer]
+  # @!attribute nx_modified
+  #   The last time this vulnerability was modified in Nexpose.
+  #
+  #   @return [DateTime]
+  # @!attribute nx_proof_key
+  #   Key to {#proof} in Nexpose.
+  #
+  #   @return [String]
+  # @!attribute nx_published
+  #   When this vulnerability was published according to Nexpose.
+  #
+  #   @return [DateTime]
+  # @!attribute nx_scan_id
+  #   ID of scan that found this vulnerability in Nexpose.
+  #
+  #   @return [Integer]
+  # @!attribute nx_tags
+  #   Tags on this vulnerability in Nexpose.
+  #
+  #   @return [String]
+  # @!attribute nx_vuln_id
+  #   ID of this vulnerability in Nexpose.
+  #
+  #   @return [String]
+  # @!attribute nx_vuln_status
+  #   Status of this vulnerability in Nexpose.
+  #
+  #   @return [String]
+  # @!attribute nx_vulnerable_since
+  #   When this vulnerability was first identified for the target in Nexpose.
+  #
+  #   @return [DateTime]
+  # @!attribute nx_severity
+  #   Severity of this vulnerability according to Nexpose.
+  #
+  #   @return [Float]
+  #
+  # @!endgroup
+  #
+  #
+  # @!group Nexpose PCI
+  #
+  # @!attribute nx_pci_compliance_status
+  #   Status of PCI compliance with regards to this vulnerability according to Nexpose.
+  #
+  #   @return [String]
+  # @!attribute nx_pci_severity
+  #   The severity for the vulnerability under PCI according to Nexpose.
+  #
+  #   @return [Float]
+  #
+  # @!endgroup
+  #
+  #
+  # Validations
+  #
+  validates :vuln_id, :presence => true
+  Metasploit::Concern.run(self)
+end

data/app/models/mdm/vuln_ref.rb ADDED Viewed

@@ -0,0 +1,21 @@
+# Join model between {Mdm::Vuln} and {Mdm::Ref}.
+class Mdm::VulnRef < ApplicationRecord
+  self.table_name = 'vulns_refs'
+  #
+  # Associations
+  #
+  # {Mdm::Ref Reference} to {#vuln}.
+  belongs_to :ref,
+             class_name: 'Mdm::Ref',
+             inverse_of: :vulns_refs
+  # {Mdm::Vuln Vulnerability} imported or discovered by metasploit.
+  belongs_to :vuln,
+             class_name: 'Mdm::Vuln',
+             inverse_of: :vulns_refs
+  Metasploit::Concern.run(self)
+end