diff --git a/app/models/mdm/module/detail.rb b/app/models/mdm/module/detail.rb index bcab61fb..624843d7 100755 --- a/app/models/mdm/module/detail.rb +++ b/app/models/mdm/module/detail.rb @@ -71,12 +71,6 @@ class Mdm::Module::Detail < ActiveRecord::Base # @return [ActiveRecord::Relation] has_many :mixins, :class_name => 'Mdm::Module::Mixin', :dependent => :destroy - # @!attribute [rw] mixins - # Records of this module content having been attempted as part of Metasploit usage - # @return [ActiveRecord::Relation] - has_many :module_runs, - class_name: 'MetasploitDataModels::ModuleRun', - inverse_of: :module_detail # @!attribute [rw] platforms # Platforms supported by this module. diff --git a/app/models/metasploit_data_models/module_run.rb b/app/models/metasploit_data_models/module_run.rb index e10b5023..2dee0221 100644 --- a/app/models/metasploit_data_models/module_run.rb +++ b/app/models/metasploit_data_models/module_run.rb @@ -8,7 +8,7 @@ class MetasploitDataModels::ModuleRun < ActiveRecord::Base # # Marks the module as having successfully run - SUCCEED = 'succeeded' + SUCCEED = 'succeeded' # Marks the run as having not run successfully FAIL = 'failed' # Marks the module as having had a runtime error @@ -65,14 +65,6 @@ class MetasploitDataModels::ModuleRun < ActiveRecord::Base # - # @!attribute [rw] module_detail - # A reference to the Metasploit content module in the DB cache - # - # @return [Mdm::Module::Detail] - belongs_to :module_detail, - class_name: 'Mdm::Module::Detail', - inverse_of: :module_runs - # @!attribute [rw] loots # The sweet, sweet loot taken by this module_run @@ -151,7 +143,7 @@ class MetasploitDataModels::ModuleRun < ActiveRecord::Base # Mark the object as invalid if there is no associated #module_name or {Mdm::ModuleDetail} # @return [void] def module_information_is_present - if module_name.blank? && module_detail.blank? + if module_full_name.blank? errors.add(:base, "One of module_name or module_detail_id must be set") end end @@ -161,15 +153,8 @@ def module_information_is_present def no_spawned_session_for_non_exploits return true unless spawned_session.present? # nothing to do unless spawned_session is set - if module_name.present? - if module_name.split('/').first != 'exploit' - errors.add(:base, 'spawned_session cannot be set for non-exploit modules. Use target_session.') - end - - elsif module_detail.present? - if module_detail.mtype != 'exploit' - errors.add(:base, 'spawned_session cannot be set for non-exploit modules. Use target_session.') - end + if module_full_name.split('/').first != 'exploit' + errors.add(:base, 'spawned_session cannot be set for non-exploit modules. Use target_session.') end end @@ -178,15 +163,8 @@ def no_spawned_session_for_non_exploits def no_target_session_for_exploits return true unless target_session.present? # nothing to do unless target_session is set - if module_name.present? - if module_name.split('/').first == 'exploit' - errors.add(:base, 'target_session cannot be set for exploit modules. Use spawned_session.') - end - - elsif module_detail.present? - if module_detail.mtype == 'exploit' - errors.add(:base, 'target_session cannot be set for exploit modules. Use spawned_session.') - end + if module_full_name.split('/').first == 'exploit' + errors.add(:base, 'target_session cannot be set for exploit modules. Use spawned_session.') end end diff --git a/db/migrate/20150219173821_create_module_runs.rb b/db/migrate/20150219173821_create_module_runs.rb index 5f9801e5..d5b153d0 100644 --- a/db/migrate/20150219173821_create_module_runs.rb +++ b/db/migrate/20150219173821_create_module_runs.rb @@ -5,7 +5,7 @@ def change t.text :fail_detail t.string :fail_reason t.integer :module_detail_id - t.text :module_name + t.text :module_full_name t.integer :port t.string :proto t.integer :session_id diff --git a/spec/app/models/metasploit_data_models/module_run_spec.rb b/spec/app/models/metasploit_data_models/module_run_spec.rb index 102c1e18..0ad553ab 100644 --- a/spec/app/models/metasploit_data_models/module_run_spec.rb +++ b/spec/app/models/metasploit_data_models/module_run_spec.rb @@ -9,7 +9,7 @@ it { is_expected.to have_db_column(:fail_detail).of_type(:text) } it { is_expected.to have_db_column(:fail_reason).of_type(:string) } it { is_expected.to have_db_column(:module_detail_id).of_type(:integer) } - it { is_expected.to have_db_column(:module_name).of_type(:text) } + it { is_expected.to have_db_column(:module_full_name).of_type(:text) } it { is_expected.to have_db_column(:port).of_type(:integer) } it { is_expected.to have_db_column(:proto).of_type(:string) } it { is_expected.to have_db_column(:session_id).of_type(:integer) } @@ -30,62 +30,24 @@ context "validations" do describe "when a target_session is set on the module run" do - before(:each) do - module_run.target_session = FactoryGirl.build(:mdm_session) - end - - context "when module_name is present" do - context "when the module is an exploit" do - before(:each) do - module_run.module_detail = nil - module_run.module_name = 'exploit/windows/mah-crazy-exploit' - end - - it { is_expected.to_not be_valid } + context "when the module is an exploit" do + before(:each) do + module_run.target_session = FactoryGirl.build(:mdm_session) + module_run.module_full_name = 'exploit/windows/mah-crazy-exploit' end - end - - context "when module_detail is present" do - context "when the module is an exploit" do - before(:each) do - module_run.module_name = nil - module_run.module_detail = FactoryGirl.create(:mdm_module_detail, - fullname: 'exploit/windows/some-evil', - mtype: 'exploit') - end - it { is_expected.to_not be_valid } - end + it { is_expected.to_not be_valid } end end describe "when a spawned_session is set on the module run" do before(:each) do - module_run.spawned_session = FactoryGirl.build(:mdm_session) - end - - context "when the module_name is present" do - before(:each) do - module_run.module_name = 'post/multi/gather/steal-minecraft-maps' - module_run.module_detail = nil - end - - context "when the module is not an exploit" do - it { is_expected.to_not be_valid } - end + module_run.spawned_session = FactoryGirl.build(:mdm_session) + module_run.module_full_name = 'post/multi/gather/steal-minecraft-maps' end - context "when the module_detail is present" do - before(:each) do - module_run.module_name = nil - module_run.module_detail = FactoryGirl.create(:mdm_module_detail, - fullname: 'post/multi/gather/steal-minecraft-maps', - mtype: 'post') - end - - context "when the module is not an exploit" do - it { is_expected.to_not be_valid } - end + context "when the module is not an exploit" do + it { is_expected.to_not be_valid } end end @@ -96,10 +58,9 @@ end describe "content information" do - context "when there is no module_name and no module_detail" do + context "when there is no module_name" do before(:each) do - module_run.module_name = nil - module_run.module_detail = nil + module_run.module_full_name = nil end it { is_expected.to_not be_valid } diff --git a/spec/dummy/db/structure.sql b/spec/dummy/db/structure.sql index 6262eb9f..4760fa95 100644 --- a/spec/dummy/db/structure.sql +++ b/spec/dummy/db/structure.sql @@ -60,42 +60,6 @@ CREATE SEQUENCE api_keys_id_seq ALTER SEQUENCE api_keys_id_seq OWNED BY api_keys.id; --- --- Name: automatic_exploitation_matches; Type: TABLE; Schema: public; Owner: -; Tablespace: --- - -CREATE TABLE automatic_exploitation_matches ( - id integer NOT NULL, - module_detail_id integer, - state character varying(255), - nexpose_data_vulnerability_definition_id integer, - created_at timestamp without time zone NOT NULL, - updated_at timestamp without time zone NOT NULL, - match_set_id integer, - matchable_type character varying(255), - matchable_id integer -); - - --- --- Name: automatic_exploitation_matches_id_seq; Type: SEQUENCE; Schema: public; Owner: - --- - -CREATE SEQUENCE automatic_exploitation_matches_id_seq - START WITH 1 - INCREMENT BY 1 - NO MINVALUE - NO MAXVALUE - CACHE 1; - - --- --- Name: automatic_exploitation_matches_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: - --- - -ALTER SEQUENCE automatic_exploitation_matches_id_seq OWNED BY automatic_exploitation_matches.id; - - -- -- Name: clients; Type: TABLE; Schema: public; Owner: -; Tablespace: -- @@ -779,7 +743,7 @@ CREATE TABLE module_runs ( fail_detail text, fail_reason character varying(255), module_detail_id integer, - module_name text, + module_full_name text, port integer, proto character varying(255), session_id integer, @@ -1900,13 +1864,6 @@ ALTER SEQUENCE workspaces_id_seq OWNED BY workspaces.id; ALTER TABLE ONLY api_keys ALTER COLUMN id SET DEFAULT nextval('api_keys_id_seq'::regclass); --- --- Name: id; Type: DEFAULT; Schema: public; Owner: - --- - -ALTER TABLE ONLY automatic_exploitation_matches ALTER COLUMN id SET DEFAULT nextval('automatic_exploitation_matches_id_seq'::regclass); - - -- -- Name: id; Type: DEFAULT; Schema: public; Owner: - -- @@ -2258,14 +2215,6 @@ ALTER TABLE ONLY api_keys ADD CONSTRAINT api_keys_pkey PRIMARY KEY (id); --- --- Name: automatic_exploitation_matches_pkey; Type: CONSTRAINT; Schema: public; Owner: -; Tablespace: --- - -ALTER TABLE ONLY automatic_exploitation_matches - ADD CONSTRAINT automatic_exploitation_matches_pkey PRIMARY KEY (id); - - -- -- Name: clients_pkey; Type: CONSTRAINT; Schema: public; Owner: -; Tablespace: -- @@ -2658,13 +2607,6 @@ ALTER TABLE ONLY workspaces ADD CONSTRAINT workspaces_pkey PRIMARY KEY (id); --- --- Name: index_automatic_exploitation_matches_on_ref_id; Type: INDEX; Schema: public; Owner: -; Tablespace: --- - -CREATE INDEX index_automatic_exploitation_matches_on_ref_id ON automatic_exploitation_matches USING btree (module_detail_id); - - -- -- Name: index_hosts_on_name; Type: INDEX; Schema: public; Owner: -; Tablespace: -- @@ -3132,12 +3074,6 @@ INSERT INTO schema_migrations (version) VALUES ('20130604145732'); INSERT INTO schema_migrations (version) VALUES ('20130717150737'); -INSERT INTO schema_migrations (version) VALUES ('20131002004641'); - -INSERT INTO schema_migrations (version) VALUES ('20131011184338'); - -INSERT INTO schema_migrations (version) VALUES ('20131021185657'); - INSERT INTO schema_migrations (version) VALUES ('20140905031549'); INSERT INTO schema_migrations (version) VALUES ('20150112203945'); diff --git a/spec/factories/module_runs.rb b/spec/factories/module_runs.rb index e1ffcbae..7292c128 100644 --- a/spec/factories/module_runs.rb +++ b/spec/factories/module_runs.rb @@ -24,7 +24,7 @@ fail_detail "Failed to execute payload froamasher" status MetasploitDataModels::ModuleRun::SUCCEED username "joefoo" - module_name "exploit/windows/happy-stack-smasher" + module_full_name "exploit/windows/happy-stack-smasher" end end