Mdm::ExploitAttempt#module_class

MSP-2969 Add Mdm::ExploitAttempt#module_class association and its inverse Mdm::Module::Class#exploit_attempts. This deprecates Mdm::ExploitAttempt#module, which has ActiveSupport::Deprecation warnings now.
rapid7 · Jan 6, 2014 · 63440e3 · jvazquez-r7 · Feb 14, 2014 · 63440e3
1 parent a6726cc
commit 63440e3
Show file tree

Hide file tree

Showing 7 changed files with 137 additions and 11 deletions.
diff --git a/app/models/mdm/exploit_attempt.rb b/app/models/mdm/exploit_attempt.rb
@@ -3,7 +3,6 @@ class Mdm::ExploitAttempt < ActiveRecord::Base
   #
   # Associations
   # @todo https://www.pivotaltracker.com/story/show/52327563
-  # @todo https://www.pivotaltracker.com/story/show/52327743
   #
 
   # @!attribute [rw] host
@@ -18,6 +17,12 @@ class Mdm::ExploitAttempt < ActiveRecord::Base
   #   @return [Mdm::Loot, nil]
   belongs_to :loot, class_name: 'Mdm::Loot', inverse_of: :exploit_attempt
 
+  # @!attribute [rw] module_class
+  #   The module class that attempted the exploit.
+  #
+  #   @return [Mdm::Module::Class, nil]
+  belongs_to :module_class, class_name: 'Mdm::Module::Class', inverse_of: :exploit_attempts
+
   # @!attribute [rw] service
   #   The service being exploited on {#host}.
   #
@@ -66,7 +71,7 @@ class Mdm::ExploitAttempt < ActiveRecord::Base
   #   The full name of the exploit module that made the attempt.
   #
   #   @return [String]
-  #   @todo https://www.pivotaltracker.com/story/show/52327743
+  #   @todo Remove deprecated Mdm::Exploit#module (MSP-9281)
 
   # @!attribute [rw] port
   #   The port on {#host} which the exploit was attempted.
@@ -92,5 +97,38 @@ class Mdm::ExploitAttempt < ActiveRecord::Base
 
   validates :host_id, :presence => true
 
+  #
+  # Methods
+  #
+
+  # @deprecated Use {#module_class} to get the {Mdm::Module::Class} and then access {Mdm::Module::Class#full_name}.
+  #
+  # The full name of the module's class that attempted this exploit.
+  #
+  # @return [String] an {Mdm::Module::Class#full_name}
+  # @todo Remove deprecated Mdm::Exploit#module (MSP-9281)
+  def module
+    ActiveSupport::Deprecation.warn(
+        "#{self.class}#module is deprecated.  " \
+        "Use #{self.class}#module_class to get the Mdm::Module::Class and then access Mdm::Module::Class#full_name."
+    )
+    super
+  end
+
+  # @deprecated Set {#module_class} assocation.
+  #
+  # Sets the full name of the module's class that attempted this exploit.
+  #
+  # @param full_name [String] an {Mdm::Module::Class#full_name}
+  # @return [void]
+  # @todo Remove deprecated Mdm::Exploit#module (MSP-9281)
+  def module=(full_name)
+    ActiveSupport::Deprecation.warn(
+        "#{self.class}#module= is deprecated.  " \
+        "Set #{self.class}#module_class association instead."
+    )
+    super
+  end
+
   ActiveSupport.run_load_hooks(:mdm_exploit_attempt, self)
 end
diff --git a/app/models/mdm/module/class.rb b/app/models/mdm/module/class.rb
@@ -13,6 +13,16 @@ class Mdm::Module::Class < ActiveRecord::Base
   #
   #
 
+  # @!attribute [rw] exploit_attempts
+  #   Attempts to run this exploit against a {Mdm::ExploitAttempt#host} or {Mdm::ExploitAttemp#service}.
+  #
+  #   @return [Array<Mdm::ExploitAttempt>]
+  has_many :exploit_attempts,
+           class_name: 'Mdm::ExploitAttempt',
+           dependent: :destroy,
+           foreign_key: :module_class_id,
+           inverse_of: :module_class
+
   # @!attribute [rw] module_instance
   #   Instance-derived metadata to go along with the class-derived metadata from this model.
   #

diff --git a/db/migrate/20140106022804_add_module_class_id_to_exploit_attempts.rb b/db/migrate/20140106022804_add_module_class_id_to_exploit_attempts.rb
@@ -0,0 +1,9 @@
+class AddModuleClassIdToExploitAttempts < ActiveRecord::Migration
+  def change
+    change_table :exploit_attempts do |t|
+      t.references :module_class
+
+      t.index :module_class_id
+    end
+  end
+end
diff --git a/lib/metasploit_data_models/version.rb b/lib/metasploit_data_models/version.rb
@@ -4,5 +4,5 @@ module MetasploitDataModels
   # metasploit-framework/data/sql/migrate to db/migrate in this project, not all models have specs that verify the
   # migrations (with have_db_column and have_db_index) and certain models may not be shared between metasploit-framework
   # and pro, so models may be removed in the future.  Because of the unstable API the version should remain below 1.0.0
-  VERSION = '0.54.5'
+  VERSION = '0.54.6'
 end
diff --git a/spec/app/models/mdm/exploit_attempt_spec.rb b/spec/app/models/mdm/exploit_attempt_spec.rb
@@ -1,10 +1,14 @@
 require 'spec_helper'
 
 describe Mdm::ExploitAttempt do
+  subject(:exploit_attempt) do
+    described_class.new
+  end
 
   context 'associations' do
     it { should belong_to(:host).class_name('Mdm::Host') }
     it { should belong_to(:loot).class_name('Mdm::Loot') }
+    it { should belong_to(:module_class).class_name('Mdm::Module::Class') }
     it { should belong_to(:service).class_name('Mdm::Service') }
     it { should belong_to(:session).class_name('Mdm::Session') }
     it { should belong_to(:vuln).class_name('Mdm::Vuln') }
@@ -17,18 +21,23 @@
     end
 
     context 'columns' do
-      it { should have_db_column(:host_id).of_type(:integer) }
-      it { should have_db_column(:service_id).of_type(:integer) }
-      it { should have_db_column(:vuln_id).of_type(:integer) }
       it { should have_db_column(:exploited).of_type(:boolean) }
+      it { should have_db_column(:fail_detail).of_type(:text) }
       it { should have_db_column(:fail_reason).of_type(:string) }
-      it { should have_db_column(:username).of_type(:string) }
-      it { should have_db_column(:module).of_type(:text) }
-      it { should have_db_column(:session_id).of_type(:integer) }
+      it { should have_db_column(:host_id).of_type(:integer) }
       it { should have_db_column(:loot_id).of_type(:integer) }
+      it { should have_db_column(:module).of_type(:text) }
+      it { should have_db_column(:module_class_id).of_type(:integer) }
       it { should have_db_column(:port).of_type(:integer) }
       it { should have_db_column(:proto).of_type(:string) }
-      it { should have_db_column(:fail_detail).of_type(:text) }
+      it { should have_db_column(:service_id).of_type(:integer) }
+      it { should have_db_column(:session_id).of_type(:integer) }
+      it { should have_db_column(:username).of_type(:string) }
+      it { should have_db_column(:vuln_id).of_type(:integer) }
+    end
+
+    context 'indices' do
+      it { should have_db_index(:module_class_id) }
     end
   end
 
@@ -61,4 +70,60 @@
       exploit_attempt.should be_valid
     end
   end
+
+  context '#module' do
+    subject(:exploit_attempt_module) do
+      exploit_attempt.module
+    end
+
+    it 'is deprecated' do
+      expect(ActiveSupport::Deprecation).to receive(:warn).with(/Mdm::ExploitAttempt#module is deprecated/)
+
+      exploit_attempt_module
+    end
+
+    context 'with attribute set' do
+      #
+      # lets
+      #
+
+      let(:expected) do
+        'module/class/full/name'
+      end
+
+      #
+      # Callbacks
+      #
+
+      before(:each) do
+        exploit_attempt.module = expected
+      end
+
+      it 'reads attribute' do
+        expect(exploit_attempt_module).to eq(expected)
+      end
+    end
+  end
+
+  context '#module=' do
+    subject(:written_module) do
+      exploit_attempt.module = full_name
+    end
+
+    let(:full_name) do
+      'module/class/full/name'
+    end
+
+    it 'is deprecated' do
+      expect(ActiveSupport::Deprecation).to receive(:warn).with(/Mdm::ExploitAttempt#module= is deprecated/)
+
+      written_module
+    end
+
+    it 'can be read back with #module' do
+      written_module
+
+      expect(exploit_attempt.module).to eq(full_name)
+    end
+  end
 end
diff --git a/spec/app/models/mdm/module/class_spec.rb b/spec/app/models/mdm/module/class_spec.rb
@@ -16,6 +16,7 @@ def attribute_type(attribute)
 
   context 'associations' do
     it { should have_many(:ancestors).class_name('Mdm::Module::Ancestor').through(:relationships) }
+    it { should have_many(:exploit_attempts).class_name('Mdm::ExploitAttempt').dependent(:destroy) }
     it { should have_one(:module_instance).class_name('Mdm::Module::Instance').dependent(:destroy) }
     it { should belong_to(:rank).class_name('Mdm::Module::Rank') }
     it { should have_many(:relationships).class_name('Mdm::Module::Relationship').dependent(:destroy).with_foreign_key(:descendant_id) }

diff --git a/spec/dummy/db/schema.rb b/spec/dummy/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20131030182452) do
+ActiveRecord::Schema.define(:version => 20140106022804) do
 
   create_table "api_keys", :force => true do |t|
     t.text     "token",      :null => false
@@ -109,8 +109,11 @@
     t.integer  "port"
     t.string   "proto"
     t.text     "fail_detail"
+    t.integer  "module_class_id"
   end
 
+  add_index "exploit_attempts", ["module_class_id"], :name => "index_exploit_attempts_on_module_class_id"
+
   create_table "exploited_hosts", :force => true do |t|
     t.integer  "host_id",                      :null => false
     t.integer  "service_id"