Create initial migration, model, spec files

MSP-12172
rapid7 · Feb 19, 2015 · 1a43eaf · 1a43eaf
1 parent b23b774
commit 1a43eaf
Show file tree

Hide file tree

Showing 5 changed files with 247 additions and 0 deletions.
diff --git a/app/models/metasploit_data_models/module_run.rb b/app/models/metasploit_data_models/module_run.rb
@@ -0,0 +1,78 @@
+# Holds the record of having launched piece of Metasploit content.
+# Has associations to {Mdm::User} for audit purposes, and makes polymorphic associations to things like
+# {Mdm::Vuln} and {Mdm::Host} for flexible record keeping about activity attacking either specific vulns or just
+# making mischief on specific remote targets w/out the context of a vuln or even a remote IP service.
+class MetasploitDataModels::ModuleRun < ActiveRecord::Base
+  #
+  # Constants
+  #
+
+  # Marks the module as having successfully run
+  STATUS_EXPLOITED     = 'exploited'
+  # Marks the run as having not run successfully
+  STATUS_FAILED        = 'failed'
+  # Marks the module as having had a runtime error
+  STATUS_ERROR         = 'error'
+  # {ModuleRun} objects will be validated against these statuses
+  VALID_STATUSES = [STATUS_EXPLOITED, STATUS_FAILED, STATUS_ERROR]
+
+
+  #
+  # Attributes
+  #
+
+  # @!attribute [rw] attempted_at
+  #   The date/time when this module was run
+  # @return [Datetime]
+
+  # @!attribute [rw] fail_detail
+  #   Arbitrary information captured by the module to give in-depth reason for failure
+  # @return [String]
+
+  # @!attribute [rw] fail_reason
+  #   One of the values of the constants in {Msf::Module::Failure}
+  # @return [String]
+
+  # @!attribute [rw] module_name
+  #   The Msf::Module#fullname of the module being run
+  # @return [String]
+
+  # @!attribute [rw] port
+  #   The port that the remote host was attacked on, if any
+  # @return [Fixnum]
+
+  # @!attribute [rw] proto
+  #   The name of the protocol that the host was attacked on, if any
+  # @return [String]
+
+  # @!attribute [rw] session_id
+  #   The {Mdm::Session} that this was run with, in the case of a post module. In exploit modules, this field will
+  #   remain null.
+  # @return [Datetime]
+
+  # @!attribute [rw] status
+  #   The result of running the module
+  # @return [String]
+
+  # @!attribute [rw] username
+  #   The name of the user running this module
+  # @return [Datetime]
+
+
+
+  #
+  # Associations
+  #
+
+
+  belongs_to :trackable, polymorphic: true
+
+  # The user that launched this module
+  # @return [Mdm::User]
+  belongs_to :user,
+             class_name:  "Mdm::User",
+             foreign_key: "user_id",
+             inverse_of: :module_runs
+
+
+end
diff --git a/db/migrate/20150219173821_create_module_runs.rb b/db/migrate/20150219173821_create_module_runs.rb
@@ -0,0 +1,21 @@
+class CreateModuleRuns < ActiveRecord::Migration
+  def change
+    create_table :module_runs do |t|
+      t.string :trackable_type
+      t.integer :trackable_id
+      t.datetime :attempted_at
+      t.integer :session_id
+      t.integer :port
+      t.string :proto
+      t.text :fail_detail
+      t.string :status
+      t.string :username
+      t.integer :user_id
+      t.string :fail_reason
+      t.text :module_name
+      t.integer :module_detail_id
+
+      t.timestamps
+    end
+  end
+end
diff --git a/spec/app/models/metasploit_data_models/module_run_spec.rb b/spec/app/models/metasploit_data_models/module_run_spec.rb
@@ -0,0 +1,8 @@
+require 'spec_helper'
+
+describe MetasploitDataModels::ModuleRun do
+
+  context "associations" do
+    it { is_expected.to belong_to(:user).class_name('Mdm::User') }
+  end
+end
diff --git a/spec/dummy/db/structure.sql b/spec/dummy/db/structure.sql
@@ -60,6 +60,42 @@ CREATE SEQUENCE api_keys_id_seq
 ALTER SEQUENCE api_keys_id_seq OWNED BY api_keys.id;
 
 
+--
+-- Name: automatic_exploitation_matches; Type: TABLE; Schema: public; Owner: -; Tablespace: 
+--
+
+CREATE TABLE automatic_exploitation_matches (
+    id integer NOT NULL,
+    module_detail_id integer,
+    state character varying(255),
+    nexpose_data_vulnerability_definition_id integer,
+    created_at timestamp without time zone NOT NULL,
+    updated_at timestamp without time zone NOT NULL,
+    match_set_id integer,
+    matchable_type character varying(255),
+    matchable_id integer
+);
+
+
+--
+-- Name: automatic_exploitation_matches_id_seq; Type: SEQUENCE; Schema: public; Owner: -
+--
+
+CREATE SEQUENCE automatic_exploitation_matches_id_seq
+    START WITH 1
+    INCREMENT BY 1
+    NO MINVALUE
+    NO MAXVALUE
+    CACHE 1;
+
+
+--
+-- Name: automatic_exploitation_matches_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: -
+--
+
+ALTER SEQUENCE automatic_exploitation_matches_id_seq OWNED BY automatic_exploitation_matches.id;
+
+
 --
 -- Name: clients; Type: TABLE; Schema: public; Owner: -; Tablespace: 
 --
@@ -732,6 +768,49 @@ CREATE SEQUENCE module_refs_id_seq
 ALTER SEQUENCE module_refs_id_seq OWNED BY module_refs.id;
 
 
+--
+-- Name: module_runs; Type: TABLE; Schema: public; Owner: -; Tablespace: 
+--
+
+CREATE TABLE module_runs (
+    id integer NOT NULL,
+    trackable_type character varying(255),
+    trackable_id integer,
+    attempted_at timestamp without time zone,
+    session_id integer,
+    port integer,
+    proto character varying(255),
+    fail_detail text,
+    status character varying(255),
+    username character varying(255),
+    user_id integer,
+    fail_reason character varying(255),
+    module_name text,
+    module_detail_id integer,
+    created_at timestamp without time zone NOT NULL,
+    updated_at timestamp without time zone NOT NULL
+);
+
+
+--
+-- Name: module_runs_id_seq; Type: SEQUENCE; Schema: public; Owner: -
+--
+
+CREATE SEQUENCE module_runs_id_seq
+    START WITH 1
+    INCREMENT BY 1
+    NO MINVALUE
+    NO MAXVALUE
+    CACHE 1;
+
+
+--
+-- Name: module_runs_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: -
+--
+
+ALTER SEQUENCE module_runs_id_seq OWNED BY module_runs.id;
+
+
 --
 -- Name: module_targets; Type: TABLE; Schema: public; Owner: -; Tablespace: 
 --
@@ -1819,6 +1898,13 @@ ALTER SEQUENCE workspaces_id_seq OWNED BY workspaces.id;
 ALTER TABLE ONLY api_keys ALTER COLUMN id SET DEFAULT nextval('api_keys_id_seq'::regclass);
 
 
+--
+-- Name: id; Type: DEFAULT; Schema: public; Owner: -
+--
+
+ALTER TABLE ONLY automatic_exploitation_matches ALTER COLUMN id SET DEFAULT nextval('automatic_exploitation_matches_id_seq'::regclass);
+
+
 --
 -- Name: id; Type: DEFAULT; Schema: public; Owner: -
 --
@@ -1952,6 +2038,13 @@ ALTER TABLE ONLY module_platforms ALTER COLUMN id SET DEFAULT nextval('module_pl
 ALTER TABLE ONLY module_refs ALTER COLUMN id SET DEFAULT nextval('module_refs_id_seq'::regclass);
 
 
+--
+-- Name: id; Type: DEFAULT; Schema: public; Owner: -
+--
+
+ALTER TABLE ONLY module_runs ALTER COLUMN id SET DEFAULT nextval('module_runs_id_seq'::regclass);
+
+
 --
 -- Name: id; Type: DEFAULT; Schema: public; Owner: -
 --
@@ -2163,6 +2256,14 @@ ALTER TABLE ONLY api_keys
     ADD CONSTRAINT api_keys_pkey PRIMARY KEY (id);
 
 
+--
+-- Name: automatic_exploitation_matches_pkey; Type: CONSTRAINT; Schema: public; Owner: -; Tablespace: 
+--
+
+ALTER TABLE ONLY automatic_exploitation_matches
+    ADD CONSTRAINT automatic_exploitation_matches_pkey PRIMARY KEY (id);
+
+
 --
 -- Name: clients_pkey; Type: CONSTRAINT; Schema: public; Owner: -; Tablespace: 
 --
@@ -2315,6 +2416,14 @@ ALTER TABLE ONLY module_refs
     ADD CONSTRAINT module_refs_pkey PRIMARY KEY (id);
 
 
+--
+-- Name: module_runs_pkey; Type: CONSTRAINT; Schema: public; Owner: -; Tablespace: 
+--
+
+ALTER TABLE ONLY module_runs
+    ADD CONSTRAINT module_runs_pkey PRIMARY KEY (id);
+
+
 --
 -- Name: module_targets_pkey; Type: CONSTRAINT; Schema: public; Owner: -; Tablespace: 
 --
@@ -2547,6 +2656,13 @@ ALTER TABLE ONLY workspaces
     ADD CONSTRAINT workspaces_pkey PRIMARY KEY (id);
 
 
+--
+-- Name: index_automatic_exploitation_matches_on_ref_id; Type: INDEX; Schema: public; Owner: -; Tablespace: 
+--
+
+CREATE INDEX index_automatic_exploitation_matches_on_ref_id ON automatic_exploitation_matches USING btree (module_detail_id);
+
+
 --
 -- Name: index_hosts_on_name; Type: INDEX; Schema: public; Owner: -; Tablespace: 
 --
@@ -3000,6 +3116,12 @@ INSERT INTO schema_migrations (version) VALUES ('20130604145732');
 
 INSERT INTO schema_migrations (version) VALUES ('20130717150737');
 
+INSERT INTO schema_migrations (version) VALUES ('20131002004641');
+
+INSERT INTO schema_migrations (version) VALUES ('20131011184338');
+
+INSERT INTO schema_migrations (version) VALUES ('20131021185657');
+
 INSERT INTO schema_migrations (version) VALUES ('20140905031549');
 
 INSERT INTO schema_migrations (version) VALUES ('20150112203945');
@@ -3010,6 +3132,8 @@ INSERT INTO schema_migrations (version) VALUES ('20150209195939');
 
 INSERT INTO schema_migrations (version) VALUES ('20150212214222');
 
+INSERT INTO schema_migrations (version) VALUES ('20150219173821');
+
 INSERT INTO schema_migrations (version) VALUES ('21');
 
 INSERT INTO schema_migrations (version) VALUES ('22');

diff --git a/spec/factories/module_runs.rb b/spec/factories/module_runs.rb
@@ -0,0 +1,16 @@
+FactoryGirl.define do
+  factory :module_run do
+    trackable_type "MyString"
+    trackable_id 1
+    attempted_at "2015-02-19 11:38:21"
+    session_id 1
+    port 1
+    proto "MyString"
+    fail_detail "MyText"
+    status "MyString"
+    username "MyString"
+    user_id 1
+    module_name "exploit/windows/happy-stack-smasher"
+  end
+end
+