diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/host.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/host.rb index 9d27ac30b0..3af07ebeec 100755 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/host.rb +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/host.rb @@ -98,10 +98,8 @@ module MetasploitDataModels::ActiveRecordModels::Host # Note that we're already restricting the query to this host by using # host.notes instead of Note, so don't need a host_id in the # conditions. - fingers = host.notes.find(:all, - :conditions => [ "ntype like '%%fingerprint'" ] - ) - fingers.each do |fp| + fingerprintable_notes = self.notes.where("ntype like '%%fingerprint'") + fingerprintable_notes.each do |fp| next if not validate_fingerprint_data(fp) norm = normalize_scanner_fp(fp) wvers[norm[:os_sp]] = wvers[norm[:os_sp]].to_i + (100 * norm[:certainty]) @@ -124,8 +122,9 @@ module MetasploitDataModels::ActiveRecordModels::Host # has an opinion and which doesn't. It would also be nice to # identify "impossible" combinations of services and alert that # something funny is going on. - host.services.each do |s| - next if not s.info + # XXX: This hack solves the memory leak generated by self.services.each {} + fingerprintable_services = self.services.where("name is not null and name != '' and info is not null and info != ''") + fingerprintable_services.each do |s| points = 0 case s.name when 'smb' diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/loot.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/loot.rb index 6409f9ae9f..ec0ae2e0b1 100755 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/loot.rb +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/loot.rb @@ -10,6 +10,15 @@ module MetasploitDataModels::ActiveRecordModels::Loot before_destroy :delete_file + scope :search, lambda { |*args| + where(["loots.ltype ILIKE ? OR " + + "loots.name ILIKE ? OR " + + "loots.info ILIKE ? OR " + + "loots.data ILIKE ?", + "%#{args[0]}%", "%#{args[0]}%", "%#{args[0]}%", "%#{args[0]}%" + ]) + } + private def delete_file diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/note.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/note.rb index a00387a9c3..cf07710728 100755 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/note.rb +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/note.rb @@ -10,6 +10,13 @@ module MetasploitDataModels::ActiveRecordModels::Note scope :flagged, where('critical = true AND seen = false') scope :visible, where(notes[:ntype].not_in(['web.form', 'web.url', 'web.vuln'])) + scope :search, lambda { |*args| + where(["(data NOT ILIKE 'BAh7%' AND data LIKE ?)" + + "OR (data ILIKE 'BAh7%' AND decode(data, 'base64') LIKE ?)" + + "OR ntype ILIKE ?", + "%#{args[0]}%", "%#{args[0]}%", "%#{args[0]}%" + ]) + } after_save :normalize diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/service.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/service.rb index 867655aee1..26258a77f4 100755 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/service.rb +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/service.rb @@ -23,8 +23,9 @@ module MetasploitDataModels::ActiveRecordModels::Service where([ "services.name ILIKE ? OR " + "services.info ILIKE ? OR " + + "services.proto ILIKE ? OR " + "services.port = ? ", - "%#{args[0]}%", "%#{args[0]}%", (args[0].to_i > 0) ? args[0].to_i : 99999 + "%#{args[0]}%", "%#{args[0]}%", "%#{args[0]}%", (args[0].to_i > 0) ? args[0].to_i : 99999 ]) } diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/session.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/session.rb index 3cf219fab7..1fa49e9778 100755 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/session.rb +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/session.rb @@ -10,10 +10,16 @@ module MetasploitDataModels::ActiveRecordModels::Session scope :alive, where("closed_at IS NULL") scope :dead, where("closed_at IS NOT NULL") + scope :upgradeable, where("closed_at IS NULL AND stype = 'shell' and platform ILIKE '%win%'") serialize :datastore, ::MetasploitDataModels::Base64Serializer.new before_destroy :stop + + def upgradeable? + (self.platform =~ /win/ and self.stype == 'shell') + end + private @@ -21,6 +27,7 @@ module MetasploitDataModels::ActiveRecordModels::Session c = Pro::Client.get rescue nil c.session_stop(self.local_id) rescue nil # ignore exceptions (XXX - ideally, stopped an already-stopped session wouldn't throw XMLRPCException) end + } end end diff --git a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln.rb b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln.rb index 943baf6bfa..3de7ea1cda 100755 --- a/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln.rb +++ b/lib/gemcache/ruby/1.9.1/gems/metasploit_data_models-0.0.2.43DEV/lib/metasploit_data_models/active_record_models/vuln.rb @@ -10,6 +10,13 @@ module MetasploitDataModels::ActiveRecordModels::Vuln after_update :save_refs + scope :search, lambda { |*args| + where(["(vulns.name ILIKE ? or vulns.info ILIKE ? or refs.name ILIKE ?)", + "%#{args[0]}%", "%#{args[0]}%", "%#{args[0]}%" + ]). + joins("LEFT OUTER JOIN vulns_refs ON vulns_refs.vuln_id=vulns.id LEFT OUTER JOIN refs ON refs.id=vulns_refs.ref_id") + } + private def save_refs diff --git a/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.0.2.43DEV.gemspec b/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.0.2.43DEV.gemspec index 11d047ef05..d860fcba2a 100644 --- a/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.0.2.43DEV.gemspec +++ b/lib/gemcache/ruby/1.9.1/specifications/metasploit_data_models-0.0.2.43DEV.gemspec @@ -6,14 +6,14 @@ Gem::Specification.new do |s| s.required_rubygems_version = Gem::Requirement.new("> 1.3.1") if s.respond_to? :required_rubygems_version= s.authors = ["Trevor Rosen"] - s.date = "2012-04-24" + s.date = "2012-05-18" s.description = "Implements minimal ActiveRecord models and database helper code used in both the Metasploit Framework (MSF) and Metasploit commercial editions." s.email = ["trevor_rosen@rapid7.com"] s.executables = ["mdm_console"] s.files = ["bin/mdm_console"] s.homepage = "" s.require_paths = ["lib"] - s.rubygems_version = "1.8.21" + s.rubygems_version = "1.8.15" s.summary = "Database code for MSF and Metasploit Pro" if s.respond_to? :specification_version then