diff --git a/Gemfile b/Gemfile index 52e946efb1..353a73cc3e 100755 --- a/Gemfile +++ b/Gemfile @@ -27,7 +27,7 @@ group :db do # Needed for Msf::DbManager gem 'activerecord', '>= 3.0.0', '< 4.0.0' # Metasploit::Creential database models - gem 'metasploit-credential', git: 'github-metasploit-credential:rapid7/metasploit-credential.git', tag: 'v0.1.2-metasploit-credential' + gem 'metasploit-credential', git: 'github-metasploit-credential:rapid7/metasploit-credential.git', tag: 'v0.1.8-metasploit-credential' # Database models shared between framework and Pro. gem 'metasploit_data_models', '~> 0.17.1' # Needed for module caching in Mdm::ModuleDetails diff --git a/Gemfile.lock b/Gemfile.lock index 5dbc63e2e2..c70fc9b031 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,9 +1,9 @@ GIT remote: github-metasploit-credential:rapid7/metasploit-credential.git - revision: 2f8384cd5f7d0124e276a6e4b7fa8193dd96f56c - tag: v0.1.2-metasploit-credential + revision: 2be17e6327b4a5caa9a22ffc0b064923a25a222c + tag: v0.1.8-metasploit-credential specs: - metasploit-credential (0.1.2.pre.metasploit.pre.credential) + metasploit-credential (0.1.8.pre.electro.pre.release) metasploit-concern (~> 0.0.4) metasploit_data_models (~> 0.17.0) rubyntlm diff --git a/db/schema.rb b/db/schema.rb index 5784602421..0fac99fb66 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,91 +11,12 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 20140417140933) do +ActiveRecord::Schema.define(:version => 20140520140817) do create_table "api_keys", :force => true do |t| t.text "token" t.datetime "created_at", :null => false t.datetime "updated_at", :null => false - t.string "name" - end - - create_table "app_categories", :force => true do |t| - t.string "name" - end - - create_table "app_categories_apps", :force => true do |t| - t.integer "app_id" - t.integer "app_category_id" - t.string "name" - end - - add_index "app_categories_apps", ["app_category_id"], :name => "index_app_categories_apps_on_app_category_id" - add_index "app_categories_apps", ["app_id"], :name => "index_app_categories_apps_on_app_id" - - create_table "app_runs", :force => true do |t| - t.datetime "started_at" - t.datetime "stopped_at" - t.integer "app_id" - t.text "config" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "state" - t.integer "workspace_id" - t.boolean "hidden", :default => false - end - - add_index "app_runs", ["app_id"], :name => "index_app_runs_on_app_id" - add_index "app_runs", ["workspace_id"], :name => "index_app_runs_on_workspace_id" - - create_table "apps", :force => true do |t| - t.string "name" - t.text "description" - t.float "rating" - t.string "symbol" - t.boolean "hidden", :default => false - end - - create_table "automatic_exploitation_match_results", :force => true do |t| - t.integer "match_id" - t.integer "run_id" - t.string "state", :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - create_table "automatic_exploitation_match_sets", :force => true do |t| - t.integer "workspace_id" - t.integer "user_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - add_index "automatic_exploitation_match_sets", ["user_id"], :name => "index_automatic_exploitation_match_sets_on_user_id" - add_index "automatic_exploitation_match_sets", ["workspace_id"], :name => "index_automatic_exploitation_match_sets_on_workspace_id" - - create_table "automatic_exploitation_matches", :force => true do |t| - t.integer "vuln_id" - t.integer "module_detail_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.integer "match_set_id" - t.integer "nexpose_data_exploit_id" - t.string "matchable_type" - t.integer "matchable_id" - end - - add_index "automatic_exploitation_matches", ["module_detail_id"], :name => "index_automatic_exploitation_matches_on_ref_id" - add_index "automatic_exploitation_matches", ["nexpose_data_exploit_id"], :name => "index_automatic_exploitation_matches_on_nexpose_data_exploit_id" - add_index "automatic_exploitation_matches", ["vuln_id"], :name => "index_automatic_exploitation_matches_on_vuln_id" - - create_table "automatic_exploitation_runs", :force => true do |t| - t.integer "workspace_id" - t.integer "user_id" - t.integer "match_set_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "state" end create_table "clients", :force => true do |t| @@ -107,17 +28,6 @@ ActiveRecord::Schema.define(:version => 20140417140933) do t.datetime "updated_at" end - create_table "cred_files", :force => true do |t| - t.integer "workspace_id", :default => 1, :null => false - t.string "path", :limit => 1024 - t.string "ftype", :limit => 16 - t.string "created_by" - t.string "name", :limit => 512 - t.string "desc", :limit => 1024 - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - create_table "creds", :force => true do |t| t.integer "service_id", :null => false t.datetime "created_at", :null => false @@ -131,32 +41,6 @@ ActiveRecord::Schema.define(:version => 20140417140933) do t.string "source_type" end - create_table "delayed_jobs", :force => true do |t| - t.integer "priority", :default => 0 - t.integer "attempts", :default => 0 - t.text "handler" - t.text "last_error" - t.datetime "run_at" - t.datetime "locked_at" - t.datetime "failed_at" - t.string "locked_by" - t.string "queue" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - add_index "delayed_jobs", ["priority", "run_at"], :name => "delayed_jobs_priority" - - create_table "egadz_result_ranges", :force => true do |t| - t.integer "task_id" - t.string "target_host" - t.integer "start_port" - t.integer "end_port" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "state" - end - create_table "events", :force => true do |t| t.integer "workspace_id" t.integer "host_id" @@ -167,8 +51,6 @@ ActiveRecord::Schema.define(:version => 20140417140933) do t.boolean "seen" t.string "username" t.text "info" - t.text "module_rhost" - t.text "module_name" end create_table "exploit_attempts", :force => true do |t| @@ -197,33 +79,6 @@ ActiveRecord::Schema.define(:version => 20140417140933) do t.datetime "updated_at", :null => false end - create_table "exports", :force => true do |t| - t.integer "workspace_id", :null => false - t.string "created_by" - t.string "export_type" - t.string "name" - t.string "state" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "file_path", :limit => 1024 - t.boolean "mask_credentials", :default => false - t.datetime "completed_at" - t.text "included_addresses" - t.text "excluded_addresses" - t.datetime "started_at" - end - - create_table "generated_payloads", :force => true do |t| - t.string "state" - t.string "file" - t.text "options" - t.integer "workspace_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "generator_error" - t.string "payload_class" - end - create_table "host_details", :force => true do |t| t.integer "host_id" t.integer "nx_console_id" @@ -260,8 +115,6 @@ ActiveRecord::Schema.define(:version => 20140417140933) do t.integer "host_detail_count", :default => 0 t.integer "exploit_attempt_count", :default => 0 t.integer "cred_count", :default => 0 - t.integer "nexpose_data_asset_id" - t.integer "history_count", :default => 0 end add_index "hosts", ["name"], :name => "index_hosts_on_name" @@ -276,15 +129,6 @@ ActiveRecord::Schema.define(:version => 20140417140933) do t.integer "tag_id" end - create_table "known_ports", :force => true do |t| - t.integer "port", :null => false - t.string "proto", :default => "tcp", :null => false - t.string "name", :null => false - t.text "info" - end - - add_index "known_ports", ["port"], :name => "index_known_ports_on_port" - create_table "listeners", :force => true do |t| t.datetime "created_at", :null => false t.datetime "updated_at", :null => false @@ -324,14 +168,15 @@ ActiveRecord::Schema.define(:version => 20140417140933) do end create_table "metasploit_credential_cores", :force => true do |t| - t.integer "origin_id", :null => false - t.string "origin_type", :null => false + t.integer "origin_id", :null => false + t.string "origin_type", :null => false t.integer "private_id" t.integer "public_id" t.integer "realm_id" - t.integer "workspace_id", :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.integer "workspace_id", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.integer "logins_count", :default => 0 end add_index "metasploit_credential_cores", ["origin_type", "origin_id"], :name => "index_metasploit_credential_cores_on_origin_type_and_origin_id" @@ -511,209 +356,6 @@ ActiveRecord::Schema.define(:version => 20140417140933) do t.text "name" end - create_table "nexpose_data_assets", :force => true do |t| - t.integer "nexpose_data_site_id", :null => false - t.string "asset_id", :null => false - t.string "url" - t.text "host_names" - t.string "os_name" - t.text "mac_addresses" - t.datetime "last_scan_date" - t.datetime "next_scan_date" - t.string "last_scan_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - add_index "nexpose_data_assets", ["asset_id"], :name => "index_nexpose_data_assets_on_asset_id" - add_index "nexpose_data_assets", ["nexpose_data_site_id"], :name => "index_nexpose_data_assets_on_nexpose_data_site_id" - - create_table "nexpose_data_exploits", :force => true do |t| - t.integer "module_detail_id" - t.string "nexpose_exploit_id" - t.string "skill_level" - t.text "description" - t.string "source_key" - t.string "source" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - add_index "nexpose_data_exploits", ["nexpose_exploit_id"], :name => "index_nexpose_data_exploits_on_nexpose_exploit_id", :unique => true - add_index "nexpose_data_exploits", ["source", "source_key"], :name => "index_nexpose_data_exploits_on_source_and_source_key" - - create_table "nexpose_data_exploits_vulnerability_definitions", :id => false, :force => true do |t| - t.integer "exploit_id" - t.integer "vulnerability_definition_id" - end - - add_index "nexpose_data_exploits_vulnerability_definitions", ["exploit_id", "vulnerability_definition_id"], :name => "index_nx_data_exploits_vuln_defs_on_exploit_id_and_vuln_def_id" - add_index "nexpose_data_exploits_vulnerability_definitions", ["vulnerability_definition_id", "exploit_id"], :name => "index_nx_data_exploits_vuln_defs_on_vuln_def_id_and_exploit_id" - - create_table "nexpose_data_import_runs", :force => true do |t| - t.integer "user_id" - t.integer "workspace_id" - t.string "state" - t.integer "nx_console_id" - t.boolean "metasploitable_only", :default => true - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "import_state" - end - - add_index "nexpose_data_import_runs", ["nx_console_id"], :name => "index_nexpose_data_import_runs_on_nx_console_id" - - create_table "nexpose_data_ip_addresses", :force => true do |t| - t.integer "nexpose_data_asset_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "address", :limit => nil - end - - add_index "nexpose_data_ip_addresses", ["nexpose_data_asset_id"], :name => "index_nexpose_data_ip_addresses_on_nexpose_data_asset_id" - - create_table "nexpose_data_scan_templates", :force => true do |t| - t.integer "nx_console_id", :null => false - t.string "scan_template_id", :null => false - t.string "name" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - add_index "nexpose_data_scan_templates", ["nx_console_id"], :name => "index_nexpose_data_scan_templates_on_nx_console_id" - add_index "nexpose_data_scan_templates", ["scan_template_id"], :name => "index_nexpose_data_scan_templates_on_scan_template_id" - - create_table "nexpose_data_sites", :force => true do |t| - t.integer "nexpose_data_import_run_id", :null => false - t.string "site_id", :null => false - t.string "name" - t.text "description" - t.string "importance" - t.string "type" - t.datetime "last_scan_date" - t.datetime "next_scan_date" - t.string "last_scan_id" - t.text "summary" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - add_index "nexpose_data_sites", ["nexpose_data_import_run_id"], :name => "index_nexpose_data_sites_on_nexpose_data_import_run_id" - add_index "nexpose_data_sites", ["site_id"], :name => "index_nexpose_data_sites_on_site_id" - - create_table "nexpose_data_vulnerabilities", :force => true do |t| - t.integer "nexpose_data_vulnerability_definition_id", :null => false - t.string "vulnerability_id", :null => false - t.string "title" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - add_index "nexpose_data_vulnerabilities", ["nexpose_data_vulnerability_definition_id"], :name => "index_nx_data_vuln_on_nexpose_data_vuln_def_id" - add_index "nexpose_data_vulnerabilities", ["vulnerability_id"], :name => "index_nexpose_data_vulnerabilities_on_vulnerability_id", :unique => true - - create_table "nexpose_data_vulnerability_definitions", :force => true do |t| - t.string "vulnerability_definition_id" - t.string "title" - t.text "description" - t.date "date_published" - t.integer "severity_score" - t.string "serverity" - t.string "pci_severity_score" - t.string "pci_status" - t.decimal "riskscore" - t.string "cvss_vector" - t.string "cvss_access_vector_id" - t.string "cvss_access_complexity_id" - t.string "cvss_authentication_id" - t.string "cvss_confidentiality_impact_id" - t.string "cvss_integrity_impact_id" - t.string "cvss_availability_impact_id" - t.decimal "cvss_score" - t.decimal "cvss_exploit_score" - t.decimal "cvss_impact_score" - t.boolean "denial_of_service" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - add_index "nexpose_data_vulnerability_definitions", ["vulnerability_definition_id"], :name => "index_nx_data_vuln_def_on_vulnerability_definition_id", :unique => true - - create_table "nexpose_data_vulnerability_instances", :force => true do |t| - t.string "vulnerability_id" - t.string "asset_id" - t.integer "nexpose_data_vulnerability_id" - t.integer "nexpose_data_asset_id" - t.string "scan_id" - t.date "date" - t.string "status" - t.text "proof" - t.string "key" - t.string "service" - t.integer "port" - t.string "protocol" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "asset_ip_address", :limit => nil - end - - add_index "nexpose_data_vulnerability_instances", ["asset_id", "vulnerability_id"], :name => "index_nx_data_vuln_inst_on_asset_id_and_vulnerability_id" - add_index "nexpose_data_vulnerability_instances", ["nexpose_data_asset_id"], :name => "index_nx_data_vuln_inst_on_nexpose_data_asset_id" - add_index "nexpose_data_vulnerability_instances", ["nexpose_data_vulnerability_id"], :name => "index_nx_data_vuln_inst_on_nexpose_data_vulnerability_id" - add_index "nexpose_data_vulnerability_instances", ["vulnerability_id", "asset_id"], :name => "index_nx_data_vuln_inst_on_vulnerability_id_and_asset_id" - - create_table "nexpose_data_vulnerability_references", :force => true do |t| - t.integer "nexpose_data_vulnerability_definition_id" - t.string "vulnerability_reference_id" - t.string "source" - t.string "reference" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - create_table "nexpose_result_exceptions", :force => true do |t| - t.integer "user_id" - t.string "nx_scope_type" - t.integer "nx_scope_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.integer "automatic_exploitation_match_result_id" - t.integer "nexpose_result_export_run_id" - t.datetime "expiration_date" - t.string "reason" - t.text "comments" - t.boolean "approve" - t.boolean "sent_to_nexpose" - t.datetime "sent_at" - end - - add_index "nexpose_result_exceptions", ["nexpose_result_export_run_id"], :name => "index_nexpose_result_exceptions_on_nexpose_result_export_run_id" - add_index "nexpose_result_exceptions", ["nx_scope_type", "nx_scope_id"], :name => "index_nx_r_exceptions_on_nx_scope_type_and_nx_scope_id" - add_index "nexpose_result_exceptions", ["user_id"], :name => "index_nexpose_result_exceptions_on_user_id" - - create_table "nexpose_result_export_runs", :force => true do |t| - t.string "state" - t.integer "nx_console_id" - t.integer "user_id" - t.integer "workspace_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - create_table "nexpose_result_validations", :force => true do |t| - t.integer "user_id" - t.integer "nexpose_data_asset_id" - t.datetime "verified_at" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.integer "automatic_exploitation_match_result_id" - t.integer "nexpose_result_export_run_id" - t.boolean "sent_to_nexpose" - t.datetime "sent_at" - end - - add_index "nexpose_result_validations", ["nexpose_result_export_run_id"], :name => "index_nx_result_validations_on_nx_result_export_run_id" - create_table "notes", :force => true do |t| t.datetime "created_at" t.string "ntype", :limit => 512 @@ -728,32 +370,6 @@ ActiveRecord::Schema.define(:version => 20140417140933) do add_index "notes", ["ntype"], :name => "index_notes_on_ntype" - create_table "notification_messages", :force => true do |t| - t.integer "workspace_id" - t.integer "task_id" - t.string "title" - t.text "content" - t.string "url" - t.string "kind" - t.datetime "created_at" - end - - create_table "notification_messages_users", :force => true do |t| - t.integer "user_id" - t.integer "message_id" - t.boolean "read", :default => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - create_table "pnd_pcap_files", :force => true do |t| - t.integer "task_id" - t.integer "loot_id" - t.string "status" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - create_table "profiles", :force => true do |t| t.datetime "created_at", :null => false t.datetime "updated_at", :null => false @@ -772,47 +388,26 @@ ActiveRecord::Schema.define(:version => 20140417140933) do add_index "refs", ["name"], :name => "index_refs_on_name" - create_table "report_artifacts", :force => true do |t| - t.integer "report_id", :null => false - t.string "file_path", :limit => 1024, :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.datetime "accessed_at" - end - - create_table "report_custom_resources", :force => true do |t| - t.integer "workspace_id", :null => false + create_table "report_templates", :force => true do |t| + t.integer "workspace_id", :default => 1, :null => false t.string "created_by" - t.string "resource_type" - t.string "name" - t.string "file_path" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.string "path", :limit => 1024 + t.text "name" + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false end create_table "reports", :force => true do |t| - t.integer "workspace_id", :null => false + t.integer "workspace_id", :default => 1, :null => false t.string "created_by" - t.string "report_type" - t.string "name" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "file_formats" + t.string "rtype" + t.string "path", :limit => 1024 t.text "options" - t.string "sections" - t.string "report_template" - t.text "included_addresses" - t.string "state" - t.datetime "started_at" - t.datetime "completed_at" - t.text "excluded_addresses" - t.integer "se_campaign_id" - t.integer "app_run_id" - t.string "order_vulns_by" - t.text "usernames_reported" - t.boolean "skip_data_check", :default => false - t.text "email_recipients" - t.text "logo_path" + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.datetime "downloaded_at" + t.integer "task_id" + t.string "name", :limit => 63 end create_table "routes", :force => true do |t| @@ -821,204 +416,6 @@ ActiveRecord::Schema.define(:version => 20140417140933) do t.string "netmask" end - create_table "run_stats", :force => true do |t| - t.string "name" - t.float "data" - t.integer "task_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - create_table "scheduled_tasks", :force => true do |t| - t.string "kind" - t.datetime "last_run_at" - t.string "state" - t.string "last_run_status" - t.integer "task_chain_id" - t.integer "position" - t.text "config_hash" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.text "form_hash" - t.text "report_hash" - t.string "file_upload" - end - - create_table "se_campaign_files", :force => true do |t| - t.integer "attachable_id" - t.string "attachable_type" - t.string "attachment" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "content_disposition" - t.string "type" - t.integer "workspace_id" - t.integer "user_id" - t.string "name" - t.integer "file_size" - end - - create_table "se_campaigns", :force => true do |t| - t.integer "user_id" - t.integer "workspace_id" - t.string "name" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "state", :default => "unconfigured" - t.text "prefs" - t.integer "port" - t.datetime "started_at" - t.string "config_type" - t.integer "started_by_user_id" - t.boolean "notification_enabled" - t.string "notification_email_address" - t.text "notification_email_message" - t.string "notification_email_subject" - t.datetime "last_target_interaction_at" - end - - create_table "se_email_openings", :force => true do |t| - t.integer "email_id" - t.integer "human_target_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "address", :limit => nil - end - - create_table "se_email_sends", :force => true do |t| - t.integer "email_id" - t.integer "human_target_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.boolean "sent" - t.string "status_message" - end - - create_table "se_email_templates", :force => true do |t| - t.integer "user_id" - t.text "content" - t.string "name" - t.integer "workspace_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - create_table "se_emails", :force => true do |t| - t.integer "user_id" - t.text "content" - t.string "name" - t.string "subject" - t.integer "campaign_id" - t.integer "template_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "from_address" - t.string "from_name" - t.integer "target_list_id" - t.integer "email_template_id" - t.text "prefs" - t.string "attack_type" - t.string "status" - t.datetime "sent_at" - t.string "origin_type" - t.string "editor_type" - end - - create_table "se_human_targets", :force => true do |t| - t.string "first_name" - t.string "last_name" - t.string "email_address" - t.integer "workspace_id" - t.integer "user_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - create_table "se_phishing_results", :force => true do |t| - t.integer "human_target_id" - t.integer "web_page_id" - t.text "data" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "address", :limit => nil - t.text "raw_data" - t.string "browser_name" - t.string "browser_version" - t.string "os_name" - t.string "os_version" - end - - create_table "se_portable_files", :force => true do |t| - t.integer "campaign_id" - t.string "name" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.text "prefs" - t.string "file_name" - t.string "exploit_module_path" - t.boolean "dynamic_stagers", :default => false - end - - create_table "se_target_list_human_targets", :force => true do |t| - t.integer "target_list_id" - t.integer "human_target_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - create_table "se_target_lists", :force => true do |t| - t.string "name" - t.string "file_name" - t.integer "user_id" - t.integer "workspace_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - create_table "se_tracking_links", :force => true do |t| - t.string "external_destination_url" - t.integer "email_id" - t.integer "web_page_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - create_table "se_visits", :force => true do |t| - t.integer "human_target_id" - t.integer "web_page_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.integer "email_id" - t.string "address", :limit => nil - end - - create_table "se_web_pages", :force => true do |t| - t.integer "campaign_id" - t.string "path" - t.text "content" - t.string "clone_url" - t.boolean "online" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "name" - t.text "prefs" - t.integer "template_id" - t.string "attack_type" - t.string "origin_type" - t.string "phishing_redirect_origin" - end - - create_table "se_web_templates", :force => true do |t| - t.string "name" - t.integer "workspace_id" - t.integer "user_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.text "content" - t.string "clone_url" - t.string "origin_type" - end - create_table "services", :force => true do |t| t.integer "host_id" t.datetime "created_at" @@ -1059,7 +456,6 @@ ActiveRecord::Schema.define(:version => 20140417140933) do t.string "close_reason" t.integer "local_id" t.datetime "last_seen" - t.integer "campaign_id" end create_table "tags", :force => true do |t| @@ -1073,26 +469,6 @@ ActiveRecord::Schema.define(:version => 20140417140933) do t.datetime "updated_at", :null => false end - create_table "task_chains", :force => true do |t| - t.text "schedule" - t.string "name" - t.datetime "last_run_at" - t.datetime "next_run_at" - t.integer "user_id" - t.integer "workspace_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.string "state", :default => "ready" - t.boolean "clear_workspace_before_run" - t.boolean "legacy", :default => true - t.integer "active_task_id" - t.text "schedule_hash" - t.integer "active_scheduled_task_id" - t.integer "active_report_id" - t.integer "last_run_task_id" - t.integer "last_run_report_id" - end - create_table "task_creds", :force => true do |t| t.integer "task_id", :null => false t.integer "cred_id", :null => false @@ -1137,7 +513,6 @@ ActiveRecord::Schema.define(:version => 20140417140933) do t.text "result" t.string "module_uuid", :limit => 8 t.binary "settings" - t.integer "app_run_id" end create_table "users", :force => true do |t| @@ -1145,15 +520,14 @@ ActiveRecord::Schema.define(:version => 20140417140933) do t.string "crypted_password" t.string "password_salt" t.string "persistence_token" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false t.string "fullname" t.string "email" t.string "phone" t.string "company" - t.string "prefs", :limit => 524288 - t.boolean "admin", :default => true, :null => false - t.integer "notification_center_count", :default => 0 + t.string "prefs", :limit => 524288 + t.boolean "admin", :default => true, :null => false end create_table "vuln_attempts", :force => true do |t| @@ -1199,51 +573,19 @@ ActiveRecord::Schema.define(:version => 20140417140933) do t.datetime "created_at" t.string "name" t.datetime "updated_at" - t.string "info", :limit => 65536 + t.string "info", :limit => 65536 t.datetime "exploited_at" - t.integer "vuln_detail_count", :default => 0 - t.integer "vuln_attempt_count", :default => 0 - t.integer "nexpose_data_vuln_def_id" + t.integer "vuln_detail_count", :default => 0 + t.integer "vuln_attempt_count", :default => 0 end add_index "vulns", ["name"], :name => "index_vulns_on_name" - add_index "vulns", ["nexpose_data_vuln_def_id"], :name => "index_vulns_on_nexpose_data_vuln_def_id" create_table "vulns_refs", :force => true do |t| t.integer "ref_id" t.integer "vuln_id" end - create_table "web_attack_cross_site_scriptings", :force => true do |t| - t.string "encloser_type", :null => false - t.string "escaper_type", :null => false - t.string "evader_type", :null => false - t.string "executor_type", :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - create_table "web_cookies", :force => true do |t| - t.string "name", :null => false - t.string "value", :null => false - t.integer "request_group_id", :null => false - t.string "domain", :null => false - t.string "path" - t.boolean "secure", :default => false, :null => false - t.boolean "http_only", :default => false, :null => false - t.integer "version" - t.string "commnet" - t.string "comment_url" - t.boolean "discard", :default => false, :null => false - t.text "ports" - t.integer "max_age" - t.datetime "expires_at" - t.datetime "created_at" - t.datetime "updated_at" - end - - add_index "web_cookies", ["request_group_id", "name"], :name => "index_web_cookies_on_request_group_id_and_name" - create_table "web_forms", :force => true do |t| t.integer "web_site_id", :null => false t.datetime "created_at", :null => false @@ -1256,14 +598,6 @@ ActiveRecord::Schema.define(:version => 20140417140933) do add_index "web_forms", ["path"], :name => "index_web_forms_on_path" - create_table "web_headers", :force => true do |t| - t.boolean "attack_vector", :null => false - t.string "name", :null => false - t.string "value", :null => false - t.integer "position", :null => false - t.integer "request_group_id", :null => false - end - create_table "web_pages", :force => true do |t| t.integer "web_site_id", :null => false t.datetime "created_at", :null => false @@ -1284,41 +618,6 @@ ActiveRecord::Schema.define(:version => 20140417140933) do add_index "web_pages", ["path"], :name => "index_web_pages_on_path" add_index "web_pages", ["query"], :name => "index_web_pages_on_query" - create_table "web_parameters", :force => true do |t| - t.boolean "attack_vector", :null => false - t.string "name", :null => false - t.string "value", :null => false - t.integer "request_id", :null => false - t.integer "position", :null => false - end - - create_table "web_proofs", :force => true do |t| - t.string "image" - t.text "text" - t.integer "vuln_id", :null => false - end - - create_table "web_request_groups", :force => true do |t| - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.integer "user_id", :null => false - t.integer "workspace_id", :null => false - end - - create_table "web_requests", :force => true do |t| - t.string "method", :null => false - t.integer "virtual_host_id", :null => false - t.string "path", :null => false - t.boolean "attack", :default => true - t.boolean "requested" - t.boolean "attack_vector" - t.integer "request_group_id" - t.integer "cross_site_scripting_id" - end - - add_index "web_requests", ["cross_site_scripting_id"], :name => "index_web_requests_on_cross_site_scripting_id" - add_index "web_requests", ["request_group_id"], :name => "index_web_requests_on_request_group_id" - create_table "web_sites", :force => true do |t| t.integer "service_id", :null => false t.datetime "created_at", :null => false @@ -1332,92 +631,31 @@ ActiveRecord::Schema.define(:version => 20140417140933) do add_index "web_sites", ["options"], :name => "index_web_sites_on_options" add_index "web_sites", ["vhost"], :name => "index_web_sites_on_vhost" - create_table "web_transmitted_cookies", :force => true do |t| - t.boolean "transmitted" - t.integer "request_id" - t.integer "cookie_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - create_table "web_transmitted_headers", :force => true do |t| - t.boolean "transmitted" - t.integer "request_id" - t.integer "header_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - end - - create_table "web_virtual_hosts", :force => true do |t| - t.string "name", :null => false - t.integer "service_id", :null => false - end - - add_index "web_virtual_hosts", ["service_id", "name"], :name => "index_web_virtual_hosts_on_service_id_and_name", :unique => true - - create_table "web_vuln_category_metasploits", :force => true do |t| - t.string "name", :null => false - t.string "summary", :null => false - end - - add_index "web_vuln_category_metasploits", ["name"], :name => "index_web_vuln_category_metasploits_on_name", :unique => true - - create_table "web_vuln_category_owasps", :force => true do |t| - t.string "detectability", :null => false - t.string "exploitability", :null => false - t.string "impact", :null => false - t.string "name", :null => false - t.string "prevalence", :null => false - t.integer "rank", :null => false - t.string "summary", :null => false - t.string "target", :null => false - t.string "version", :null => false - end - - add_index "web_vuln_category_owasps", ["target", "version", "rank"], :name => "index_web_vuln_category_owasps_on_target_and_version_and_rank", :unique => true - - create_table "web_vuln_category_projection_metasploit_owasps", :force => true do |t| - t.integer "metasploit_id", :null => false - t.integer "owasp_id", :null => false - end - - add_index "web_vuln_category_projection_metasploit_owasps", ["metasploit_id", "owasp_id"], :name => "index_web_vuln_category_project_metasploit_id_and_owasp_id", :unique => true - create_table "web_vulns", :force => true do |t| - t.integer "web_site_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.text "path", :null => false - t.string "method", :limit => 1024, :null => false - t.text "params", :null => false + t.integer "web_site_id", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.text "path", :null => false + t.string "method", :limit => 1024, :null => false + t.text "params", :null => false t.text "pname" - t.integer "risk", :null => false - t.string "name", :limit => 1024, :null => false + t.integer "risk", :null => false + t.string "name", :limit => 1024, :null => false t.text "query" - t.text "legacy_category" - t.integer "confidence", :null => false + t.text "category", :null => false + t.integer "confidence", :null => false t.text "description" t.text "blame" t.binary "request" + t.binary "proof", :null => false t.string "owner" t.text "payload" - t.integer "request_id" - t.integer "category_id" end add_index "web_vulns", ["method"], :name => "index_web_vulns_on_method" add_index "web_vulns", ["name"], :name => "index_web_vulns_on_name" add_index "web_vulns", ["path"], :name => "index_web_vulns_on_path" - create_table "wizard_procedures", :force => true do |t| - t.text "config_hash" - t.string "state" - t.integer "task_chain_id" - t.string "type" - t.integer "workspace_id" - t.integer "user_id" - end - create_table "wmap_requests", :force => true do |t| t.string "host" t.string "address", :limit => nil diff --git a/lib/msf/core/auxiliary/report.rb b/lib/msf/core/auxiliary/report.rb index 940b625ac9..52ce57206a 100644 --- a/lib/msf/core/auxiliary/report.rb +++ b/lib/msf/core/auxiliary/report.rb @@ -1,3 +1,4 @@ +require 'metasploit/credential/creation' # -*- coding: binary -*- module Msf