Class: Metasploit::Credential::Core

Inherits:
ApplicationRecord
  • Object
show all
Includes:
CoreValidations, Model::Search
Defined in:
app/models/metasploit/credential/core.rb

Overview

Core credential that combines #private, #public, and/or #realm so that Private or Public that are gathered from a Realm are properly scoped when used.

A core credential must always have an #origin, but only needs 1 of #private, #public, or #realm set.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#created_atDateTime

When this core credential was created.

Returns:

  • (DateTime)


# File 'app/models/metasploit/credential/core.rb', line 90

#loginsActiveRecord::Relation<Metasploit::Credential::Login>

The logins using this core credential to log into a service.

Returns:



27
28
29
30
# File 'app/models/metasploit/credential/core.rb', line 27

has_many :logins,
class_name: 'Metasploit::Credential::Login',
dependent: :destroy,
inverse_of: :core

#originMetasploit::Credential::Origin::Import, ...

The origin of this core credential.

Returns:



45
46
# File 'app/models/metasploit/credential/core.rb', line 45

belongs_to :origin,
polymorphic: true

#privateMetasploit::Credential::Private?

The Private either gathered from #realm or used to authenticate to the realm.



53
54
55
56
# File 'app/models/metasploit/credential/core.rb', line 53

belongs_to :private,
class_name: 'Metasploit::Credential::Private',
optional: true,
inverse_of: :cores

#publicMetasploit::Credential::Public?

The Public gathered from #realm.



62
63
64
65
# File 'app/models/metasploit/credential/core.rb', line 62

belongs_to :public,
class_name: 'Metasploit::Credential::Public',
optional: true,
inverse_of: :cores

#realmMetasploit::Credential::Realm?

The Realm where #private and/or #public was gathered and/or the Realm to which #private and/or #public can be used to authenticate.



72
73
74
75
# File 'app/models/metasploit/credential/core.rb', line 72

belongs_to :realm,
class_name: 'Metasploit::Credential::Realm',
optional: true,
inverse_of: :cores

#tasksActiveRecord::Relation<Mdm::Task>

The ‘Mdm::Task`s using this to track what tasks interacted with a given core.

Returns:

  • (ActiveRecord::Relation<Mdm::Task>)


18
19
20
21
# File 'app/models/metasploit/credential/core.rb', line 18

has_and_belongs_to_many :tasks,
-> { distinct },
class_name: "Mdm::Task",
join_table: "credential_cores_tasks"

#updated_atDateTime

When this core credential was last updated.

Returns:

  • (DateTime)


# File 'app/models/metasploit/credential/core.rb', line 95

#workspaceMdm::Workspace

The ‘Mdm::Workspace` to which this core credential is scoped. Used to limit mixing of different networks credentials.

Returns:

  • (Mdm::Workspace)


82
83
84
# File 'app/models/metasploit/credential/core.rb', line 82

belongs_to :workspace,
class_name: 'Mdm::Workspace',
inverse_of: :core_credentials

Class Method Details

.cores_from_host(host_id) ⇒ String

Provides UNIONing cores from a host via service origins or via session origins.

Parameters:

  • host_id (Integer)

Returns:

  • (String)


281
282
283
284
285
286
287
288
289
# File 'app/models/metasploit/credential/core.rb', line 281

def self.cores_from_host(host_id)
  left = origin_service_host_id(host_id).arel.ast
  right = origin_session_host_id(host_id).arel.ast

  Arel::Nodes::UnionAll.new(
    left,
    right
  )
end

Instance Method Details

#login_host_id(host_id) ⇒ ActiveRecord::Relation

Finds Cores that have successfully logged into a given host

Parameters:

  • host_id (Integer)

    the host to look for

Returns:

  • (ActiveRecord::Relation)

    scoped to that host



125
126
127
# File 'app/models/metasploit/credential/core.rb', line 125

scope :login_host_id, lambda { |host_id|
  joins(logins: { service: :host }).where(Mdm::Host.arel_table[:id].eq(host_id))
}

#origin_service_host_id(host_id) ⇒ ActiveRecord::Relation

Finds Cores that have an origin_type of Service and are attached to the given host

Parameters:

  • host_id (Integer)

    the host to look up

Returns:

  • (ActiveRecord::Relation)

    scoped to that host



150
151
152
153
154
# File 'app/models/metasploit/credential/core.rb', line 150

scope :origin_service_host_id, lambda { |host_id|
  core_table = Metasploit::Credential::Core.arel_table
  host_table = Mdm::Host.arel_table
  services_hosts.select(core_table[:id]).where(host_table[:id].eq(host_id))
}

#origin_session_host_id(host_id) ⇒ ActiveRecord::Relation

Finds Cores that have an origin_type of Session that were collected from the given host

Parameters:

  • host_id (Integer)

    the host to look up

Returns:

  • (ActiveRecord::Relation)

    scoped to that host



162
163
164
165
166
# File 'app/models/metasploit/credential/core.rb', line 162

scope :origin_session_host_id, lambda { |host_id|
  core_table = Metasploit::Credential::Core.arel_table
  host_table = Mdm::Host.arel_table
  sessions_hosts.select(core_table[:id]).where(host_table[:id].eq(host_id))
}

#originating_host_idActiveRecord::Relation

Finds all Cores that have been collected in some way from a Host

Parameters:

  • host_id (Integer)

    the host to look up

Returns:

  • (ActiveRecord::Relation)

    that contains related Cores



208
209
210
211
212
213
214
# File 'app/models/metasploit/credential/core.rb', line 208

scope :originating_host_id, ->(host_id) {
  where(
    Metasploit::Credential::Core[:id].in(
      self.cores_from_host(host_id)
    )
  )
}

#origins(origin_class) ⇒ ActiveRecord::Relation

JOINs in origins of a specific type

Parameters:

  • origin_class (ApplicationRecord)

    the Origin class to look up

  • table_alias (String)

    an alias for the JOINed table, defaults to the table name

Returns:

  • (ActiveRecord::Relation)

    scoped to that origin



136
137
138
139
140
141
142
# File 'app/models/metasploit/credential/core.rb', line 136

scope :origins, lambda { |origin_class, table_alias=nil|
  core_table   = Metasploit::Credential::Core.arel_table
  origin_table = origin_class.arel_table.alias(table_alias || origin_class.table_name)
  origin_joins = core_table.join(origin_table).on(origin_table[:id].eq(core_table[:origin_id])
    .and(core_table[:origin_type].eq(origin_class.to_s)))
  joins(origin_joins.join_sources)
}

#services_hostsActiveRecord::Relation

Adds a JOIN for the Service and Host that a Core with an Origin type of Service would have

Returns:

  • (ActiveRecord::Relation)

    with a JOIN on origin: services: hosts



173
174
175
176
177
178
179
180
181
182
183
# File 'app/models/metasploit/credential/core.rb', line 173

scope :services_hosts, lambda {
  core_table    = Metasploit::Credential::Core.arel_table
  service_table = Mdm::Service.arel_table
  host_table    = Mdm::Host.arel_table
  origin_table  = Metasploit::Credential::Origin::Service.arel_table.alias('origins_for_service')

  origins(Metasploit::Credential::Origin::Service, 'origins_for_service').joins(
    core_table.join(service_table).on(service_table[:id].eq(origin_table[:service_id])).join_sources,
    core_table.join(host_table).on(host_table[:id].eq(service_table[:host_id])).join_sources
  )
}

#sessions_hostsActiveRecord::Relation

Adds a JOIN for the Session and Host that a Core with an Origin type of Session would have

Returns:

  • (ActiveRecord::Relation)

    with a JOIN on origin: sessions: hosts



190
191
192
193
194
195
196
197
198
199
200
# File 'app/models/metasploit/credential/core.rb', line 190

scope :sessions_hosts, lambda {
  core_table    = Metasploit::Credential::Core.arel_table
  session_table = Mdm::Session.arel_table
  host_table    = Mdm::Host.arel_table
  origin_table  = Metasploit::Credential::Origin::Session.arel_table.alias('origins_for_session')

  origins(Metasploit::Credential::Origin::Session, 'origins_for_session').joins(
    core_table.join(session_table).on(session_table[:id].eq(origin_table[:session_id])).join_sources,
    core_table.join(host_table).on(host_table[:id].eq(session_table[:host_id])).join_sources
  )
}

#with_loginsActiveRecord::Relation

Eager loads Login objects associated to Cores

Returns:

  • (ActiveRecord::Relation)


230
231
232
# File 'app/models/metasploit/credential/core.rb', line 230

scope :with_logins, ->() {
  includes(:logins)
}

#with_privateActiveRecord::Relation

Eager loads Private objects associated to Cores

Returns:

  • (ActiveRecord::Relation)


246
247
248
# File 'app/models/metasploit/credential/core.rb', line 246

scope :with_private, ->() {
  includes(:private)
}

#with_publicActiveRecord::Relation

Eager loads Public objects associated to Cores

Returns:

  • (ActiveRecord::Relation)


238
239
240
# File 'app/models/metasploit/credential/core.rb', line 238

scope :with_public, ->() {
  includes(:public)
}

#with_realmActiveRecord::Relation

Eager loads Realm objects associated to Cores

Returns:

  • (ActiveRecord::Relation)


254
255
256
# File 'app/models/metasploit/credential/core.rb', line 254

scope :with_realm, ->() {
  includes(:realm)
}

#workspace_id(id) ⇒ ActiveRecord::Relation

Finds Cores that are attached to a given workspace

Parameters:

  • id (Integer)

    the workspace to look in

Returns:

  • (ActiveRecord::Relation)

    scoped to the workspace



222
223
224
# File 'app/models/metasploit/credential/core.rb', line 222

scope :workspace_id, ->(id) {
  where(workspace_id: id)
}