Class: Metasploit::Credential::Login

Inherits:
ActiveRecord::Base
  • Object
show all
Extended by:
ActiveSupport::Autoload
Includes:
Model::Search
Defined in:
app/models/metasploit/credential/login.rb

Overview

The use of a core credential against a service.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#access_levelString?

Note:

An empty string is converted to ‘nil` before saving.

A free-form text field that the user can use annotate the access level of this login, such as ‘’admin’‘.

Returns:

  • (String)

    The value entered by the user.

  • (nil)

    When the user has not entered a value.



# File 'app/models/metasploit/credential/login.rb', line 54

#coreMetasploit::Credential::Core

The core credential used to authenticate to #service.



24
25
26
27
# File 'app/models/metasploit/credential/login.rb', line 24

belongs_to :core,
class_name: 'Metasploit::Credential::Core',
inverse_of: :logins,
counter_cache: true

#created_atDateTime

When this login was created.

Returns:

  • (DateTime)


# File 'app/models/metasploit/credential/login.rb', line 62

#hostMdm::Host

The host on which #service runs.

Returns:

  • (Mdm::Host)


46
47
48
# File 'app/models/metasploit/credential/login.rb', line 46

has_one :host,
class_name: 'Mdm::Host',
through: :service

#last_attempted_atDateTime

Note:

This is the last time this login was attempted and should be updated even if #status does not change. If

#status does not change, then normally #updated_at would be updated as the record would not save.

The last time a login was attempted.

Returns:

  • (DateTime)


# File 'app/models/metasploit/credential/login.rb', line 67

#serviceMdm::Service

The service that either accepted the core credential as valid, invalid, or on which the core credential should be tested to see if it is valid.

Returns:

  • (Mdm::Service)


34
35
36
# File 'app/models/metasploit/credential/login.rb', line 34

belongs_to :service,
class_name: 'Mdm::Service',
inverse_of: :logins

#statusString

The status of this login, such as whether it is ‘Metasploit::Model::Login::Status::DENIED_ACCESS`, `Metasploit::Model::Login::Status::DISABLED`, `Metasploit::Model::Login::Status::LOCKED_OUT`, `Metasploit::Model::Login::Status::SUCCESSFUL`, `Metasploit::Model::Login::Status::UNABLE_TO_CONNECT`, `Metasploit::Model::Login::Status::UNTRIED`

Returns:

  • (String)

    An element of ‘Metasploit::Model::Login::Status::ALL`



# File 'app/models/metasploit/credential/login.rb', line 75

#tasksActiveRecord::Relation<Mdm::Task>

The tasks using this to track what tasks interacted with a given core.

Returns:

  • (ActiveRecord::Relation<Mdm::Task>)


15
16
17
18
# File 'app/models/metasploit/credential/login.rb', line 15

has_and_belongs_to_many :tasks, 
class_name: "Mdm::Task", 
join_table: "credential_logins_tasks",
uniq: true

#updated_atDateTime

The last time this login was updated.

Returns:

  • (DateTime)


# File 'app/models/metasploit/credential/login.rb', line 86

Class Method Details

.failed_logins_by_public(host_id) ⇒ Hash{String => Array}

Each username that is related to a login on the passed host and the logins of particular statuses that are related to that public, ordered by the login last attempt date.

Parameters:

  • host_id (Integer)

    the host to filter cores by

Returns:

  • (Hash{String => Array})


189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
# File 'app/models/metasploit/credential/login.rb', line 189

def self.failed_logins_by_public(host_id)
  select(
    [
      Metasploit::Credential::Login[Arel.star],
      Metasploit::Credential::Public[:username]
    ]
  ).order(:last_attempted_at).
    joins(
    Metasploit::Credential::Login.join_association(:core),
    Metasploit::Credential::Core.join_association(:public, Arel::Nodes::OuterJoin)
  ).where(
    Metasploit::Credential::Core[:id].in(
      # We are concerned with per-username access attempts. This
      # can be across any of the cores on a host:
      Arel::Nodes::SqlLiteral.new(Metasploit::Credential::Core.cores_from_host_sql(host_id))
    ).and(
      Metasploit::Credential::Login[:status].in(
        [
          Metasploit::Model::Login::Status::DENIED_ACCESS,
          Metasploit::Model::Login::Status::DISABLED,
          Metasploit::Model::Login::Status::INCORRECT,
        ]
      ))
  ).group_by(&:username)
end

.status_setSet<String>

The valid values for search #status.

Returns:

  • (Set<String>)

    ‘Metasploit::Model::Login::Status::ALL` as a `Set`.

See Also:

  • Model::Search::Operation::Set#membership
  • Model::Search::Operator::Attribute#attribute_set


221
222
223
# File 'app/models/metasploit/credential/login.rb', line 221

def self.status_set
  @status_set ||= Set.new(Metasploit::Model::Login::Status::ALL)
end

Instance Method Details

#in_workspace_including_hosts_and_servicesActiveRecord::Relation

Finds all Metasploit::Credential::Login objects that are associated with a given ‘Mdm::Workspace`

Parameters:

  • workspace (Mdm::Workspace)

    the workspace to filter by

Returns:

  • (ActiveRecord::Relation)

    containing the logins



169
170
171
172
# File 'app/models/metasploit/credential/login.rb', line 169

scope :in_workspace_including_hosts_and_services, ->(workspace) {
  host_workspace_column = Mdm::Host.arel_table[:workspace_id]
  joins(service: :host).includes(core: [:public, :private], service: :host).where(host_workspace_column.eq(workspace.id))
}