Class: Mdm::Host
- Inherits:
-
ActiveRecord::Base
- Object
- ActiveRecord::Base
- Mdm::Host
- Includes:
- OperatingSystemNormalization, Metasploit::Model::Search
- Defined in:
- app/models/mdm/host.rb
Overview
A system with an IP address on the network that has been discovered in some way.
Defined Under Namespace
Modules: OperatingSystemNormalization
Constant Summary collapse
- ARCHITECTURES =
Either the CPU architecture for native code or the programming language name for exploits that run code in the programming language's virtual machine.
[ 'armbe', 'armle', 'cbea', 'cbea64', 'cmd', 'java', 'mips', 'mipsbe', 'mipsle', 'php', 'ppc', 'ppc64', 'ruby', 'sparc', 'tty', # To be used for compatability with 'X86_64' 'x64', 'x86', 'x86_64' ]
- SEARCH_FIELDS =
Fields searched for the search scope
[ 'address::text', 'comments', 'mac', 'name', 'os_flavor', 'os_name', 'os_sp', 'purpose' ]
- STATES =
Valid values for #state.
[ 'alive', 'down', 'unknown' ]
Instance Attribute Summary collapse
-
#address ⇒ String
The IP address of this host.
-
#arch ⇒ String
The architecture of the host's CPU OR the programming language for virtual machine programming language like Ruby, PHP, and Java.
-
#clients ⇒ Array<Mdm::Client>
Users connected to this host.
- #comm ⇒ String
-
#comments ⇒ String
User supplied comments about host.
-
#created_at ⇒ DateTime
When this host was created in the database.
-
#cred_count ⇒ Integer
Counter cache for #creds.
-
#creds ⇒ Array<Mdm::Cred>
readonly
Credentials captured from #services.
-
#events ⇒ ActiveRecord::Relation<Mdm::Event>
Events that occurred on this host.
-
#exploit_attempt_count ⇒ Integer
Counter cache for #exploit_attempts.
-
#exploit_attempts ⇒ Array<Mdm::ExploitAttempt]
Attempts to run exploits against this host.
- #exploited_hosts ⇒ ActiveRecord::Relation<Mdm::ExploitedHost>
-
#host_detail_count ⇒ Integer
Counter cache for #host_details.
- #host_details ⇒ Array<Mdm::HostDetail>
- #hosts_tags ⇒ ActiveRecord::Relation<Mdm::HostTag>
-
#info ⇒ String
Information about this host gathered from the host.
-
#loots ⇒ ActiveRecord::Relation<Mdm::Loot>
Loot gathered from the host with newest loot first.
-
#mac ⇒ String
The MAC address of this host.
-
#module_details ⇒ Array<Mdm::Module::Detail]
readonly
Details about modules that were used to find vulnerabilities on this host.
- #module_refs ⇒ Array<Mdm::Module::Ref> readonly
-
#name ⇒ String
The name of the host.
-
#note_count ⇒ Integer
Counter cache for #notes.
-
#notes ⇒ Array<Mdm::Note>
Notes about the host entered by a user with oldest notes first.
-
#os_flavor ⇒ String
The flavor of #os_name.
-
#os_lang ⇒ String
Free-form language of operating system.
-
#os_name ⇒ String
The name of the operating system.
-
#os_sp ⇒ String
The service pack of the #os_flavor of the #os_name.
-
#purpose ⇒ String
The purpose of the host on the network, such as 'client' or 'firewall'.
-
#refs ⇒ Array<Mdm::Ref>
readonly
External references, such as CVE, to vulnerabilities found on this host.
-
#scope ⇒ String
Interface identifier for link-local IPv6.
-
#service_count ⇒ Integer
Counter cache for #services.
- #service_notes ⇒ Array<Mdm::Note> readonly
- #services ⇒ Array<Mdm::Service>
-
#sessions ⇒ Array<Mdm::Session]
Sessions that are open or previously were open on the host ordered by when the session was opened.
-
#state ⇒ String
Whether the host is alive, down, or in an unknown state.
-
#tags ⇒ Array<Mdm::Tag>
readonly
The tags on this host.
-
#task_hosts ⇒ Array<Mdm::TaskHost>
Details about what Tasks touched this host.
-
#tasks ⇒ ActiveRecord::Relation<Mdm::Task>
Tasks that touched this service.
-
#updated_at ⇒ DateTime
The last time this host was updated in the database.
-
#virtual_host ⇒ String
The name of the virtual machine host software, such as 'VMWare', 'QEMU', 'XEN', etc.
-
#vuln_count ⇒ Integer
Counter cache for #vulns.
- #vuln_refs ⇒ Array<Mdm::VulnRef> readonly
-
#vulns ⇒ Array<Mdm::Vuln>
Vulnerabilities found on the host.
- #web_sites ⇒ Array<Mdm::WebSite> readonly
-
#workspace ⇒ Mdm::Workspace
The workspace in which this host was found.
Instance Method Summary collapse
- #attribute_locked?(attr) ⇒ true, false
-
#ip_address_invalid? ⇒ void
This is replicated by the IpAddressValidator class.
-
#is_vm? ⇒ true, false
Returns whether this host is a virtual machine.
Methods included from OperatingSystemNormalization
#get_arch_from_string, #normalize_os, #normalize_scanner_fp, #parse_windows_os_str, #validate_fingerprint_data
Instance Attribute Details
#address ⇒ String
The IP address of this host.
|
# File 'app/models/mdm/host.rb', line 281
|
#arch ⇒ String
The architecture of the host's CPU OR the programming language for virtual machine programming language like Ruby, PHP, and Java.
|
# File 'app/models/mdm/host.rb', line 286
|
#clients ⇒ Array<Mdm::Client>
Users connected to this host
61 62 63 64 |
# File 'app/models/mdm/host.rb', line 61 has_many :clients, class_name: 'Mdm::Client', dependent: :destroy, inverse_of: :host |
#comm ⇒ String
|
# File 'app/models/mdm/host.rb', line 292
|
#comments ⇒ String
User supplied comments about host.
|
# File 'app/models/mdm/host.rb', line 297
|
#created_at ⇒ DateTime
When this host was created in the database.
|
# File 'app/models/mdm/host.rb', line 302
|
#creds ⇒ Array<Mdm::Cred> (readonly)
Credentials captured from #services.
198 |
# File 'app/models/mdm/host.rb', line 198 has_many :creds, :class_name => 'Mdm::Cred', :through => :services |
#events ⇒ ActiveRecord::Relation<Mdm::Event>
Events that occurred on this host.
70 71 72 73 |
# File 'app/models/mdm/host.rb', line 70 has_many :events, class_name: 'Mdm::Event', dependent: :destroy, inverse_of: :host |
#exploit_attempt_count ⇒ Integer
Counter cache for #exploit_attempts.
|
# File 'app/models/mdm/host.rb', line 312
|
#exploit_attempts ⇒ Array<Mdm::ExploitAttempt]
Attempts to run exploits against this host.
88 89 90 91 |
# File 'app/models/mdm/host.rb', line 88 has_many :exploit_attempts, class_name: 'Mdm::ExploitAttempt', dependent: :destroy, inverse_of: :host |
#exploited_hosts ⇒ ActiveRecord::Relation<Mdm::ExploitedHost>
MSP-2732
96 97 98 99 |
# File 'app/models/mdm/host.rb', line 96 has_many :exploited_hosts, class_name: 'Mdm::ExploitedHost', dependent: :destroy, inverse_of: :host |
#host_detail_count ⇒ Integer
Counter cache for #host_details.
|
# File 'app/models/mdm/host.rb', line 317
|
#host_details ⇒ Array<Mdm::HostDetail>
103 104 105 106 |
# File 'app/models/mdm/host.rb', line 103 has_many :host_details, class_name: 'Mdm::HostDetail', dependent: :destroy, inverse_of: :host |
#hosts_tags ⇒ ActiveRecord::Relation<Mdm::HostTag>
113 114 115 116 |
# File 'app/models/mdm/host.rb', line 113 has_many :hosts_tags, class_name: 'Mdm::HostTag', dependent: :destroy, inverse_of: :host |
#info ⇒ String
Information about this host gathered from the host.
|
# File 'app/models/mdm/host.rb', line 322
|
#loots ⇒ ActiveRecord::Relation<Mdm::Loot>
MSP-3065
Loot gathered from the host with newest loot first.
123 124 125 126 127 |
# File 'app/models/mdm/host.rb', line 123 has_many :loots, class_name: 'Mdm::Loot', dependent: :destroy, inverse_of: :host, order: 'loots.created_at DESC' |
#mac ⇒ String
The MAC address of this host.
|
# File 'app/models/mdm/host.rb', line 327
|
#module_details ⇒ Array<Mdm::Module::Detail] (readonly)
Details about modules that were used to find vulnerabilities on this host.
271 272 273 274 275 |
# File 'app/models/mdm/host.rb', line 271 has_many :module_details, :class_name => 'Mdm::Module::Detail', :source =>:detail, :through => :module_refs, :uniq => true |
#module_refs ⇒ Array<Mdm::Module::Ref> (readonly)
261 |
# File 'app/models/mdm/host.rb', line 261 has_many :module_refs, :class_name => 'Mdm::Module::Ref', :through => :refs |
#name ⇒ String
The name of the host. If the host name is not available, then it will just be the IP address.
|
# File 'app/models/mdm/host.rb', line 333
|
#notes ⇒ Array<Mdm::Note>
Notes about the host entered by a user with oldest notes first.
133 134 135 136 137 |
# File 'app/models/mdm/host.rb', line 133 has_many :notes, class_name: 'Mdm::Note', inverse_of: :host, dependent: :delete_all, order: 'notes.created_at' |
#os_lang ⇒ String
Free-form language of operating system. Usually either spelled out like 'English' or an IETF language tag like 'en' or 'en-US'.
|
# File 'app/models/mdm/host.rb', line 352
|
#os_name ⇒ String
The name of the operating system.
|
# File 'app/models/mdm/host.rb', line 358
|
#os_sp ⇒ String
The service pack of the #os_flavor of the #os_name.
|
# File 'app/models/mdm/host.rb', line 363
|
#purpose ⇒ String
The purpose of the host on the network, such as 'client' or 'firewall'.
|
# File 'app/models/mdm/host.rb', line 373
|
#refs ⇒ Array<Mdm::Ref> (readonly)
External references, such as CVE, to vulnerabilities found on this host.
251 |
# File 'app/models/mdm/host.rb', line 251 has_many :refs, :class_name => 'Mdm::Ref', :through => :vuln_refs |
#scope ⇒ String
Interface identifier for link-local IPv6
|
# File 'app/models/mdm/host.rb', line 378
|
#service_notes ⇒ Array<Mdm::Note> (readonly)
205 206 207 208 |
# File 'app/models/mdm/host.rb', line 205 has_many :service_notes, class_name: 'Mdm::Note', source: :notes, through: :services |
#services ⇒ Array<Mdm::Service>
144 145 146 147 148 |
# File 'app/models/mdm/host.rb', line 144 has_many :services, class_name: 'Mdm::Service', dependent: :destroy, inverse_of: :host, order: 'services.port, services.proto' |
#sessions ⇒ Array<Mdm::Session]
Sessions that are open or previously were open on the host ordered by when the session was opened
155 156 157 158 159 |
# File 'app/models/mdm/host.rb', line 155 has_many :sessions, class_name: 'Mdm::Session', dependent: :destroy, inverse_of: :host, order: 'sessions.opened_at' |
#state ⇒ String
Whether the host is alive, down, or in an unknown state.
|
# File 'app/models/mdm/host.rb', line 389
|
#tags ⇒ Array<Mdm::Tag> (readonly)
The tags on this host. Tags are used to filter hosts.
187 |
# File 'app/models/mdm/host.rb', line 187 has_many :tags, :class_name => 'Mdm::Tag', :through => :hosts_tags |
#task_hosts ⇒ Array<Mdm::TaskHost>
Details about what Tasks touched this host
79 80 81 82 |
# File 'app/models/mdm/host.rb', line 79 has_many :task_hosts, class_name: 'Mdm::TaskHost', dependent: :destroy, inverse_of: :host |
#tasks ⇒ ActiveRecord::Relation<Mdm::Task>
Tasks that touched this service
225 226 227 |
# File 'app/models/mdm/host.rb', line 225 has_many :tasks, class_name: 'Mdm::Task', through: :task_hosts |
#updated_at ⇒ DateTime
The last time this host was updated in the database.
|
# File 'app/models/mdm/host.rb', line 394
|
#virtual_host ⇒ String
The name of the virtual machine host software, such as 'VMWare', 'QEMU', 'XEN', etc.
|
# File 'app/models/mdm/host.rb', line 399
|
#vuln_refs ⇒ Array<Mdm::VulnRef> (readonly)
240 |
# File 'app/models/mdm/host.rb', line 240 has_many :vuln_refs, :class_name => 'Mdm::VulnRef', :source => :vulns_refs, :through => :vulns |
#vulns ⇒ Array<Mdm::Vuln>
Vulnerabilities found on the host.
165 166 167 168 |
# File 'app/models/mdm/host.rb', line 165 has_many :vulns, class_name: 'Mdm::Vuln', dependent: :delete_all, inverse_of: :host |
#web_sites ⇒ Array<Mdm::WebSite> (readonly)
215 |
# File 'app/models/mdm/host.rb', line 215 has_many :web_sites, :class_name => 'Mdm::WebSite', :through => :services |
#workspace ⇒ Mdm::Workspace
The workspace in which this host was found.
174 175 176 |
# File 'app/models/mdm/host.rb', line 174 belongs_to :workspace, class_name: 'Mdm::Workspace', inverse_of: :hosts |
Instance Method Details
#attribute_locked?(attr) ⇒ true, false
518 519 520 521 |
# File 'app/models/mdm/host.rb', line 518 def attribute_locked?(attr) n = notes.find_by_ntype("host.updated.#{attr}") n && n.data[:locked] end |
#ip_address_invalid? ⇒ void
This method returns an undefined value.
This is replicated by the IpAddressValidator class. Had to put it here as well to avoid SQL errors when checking address uniqueness.
527 528 529 530 531 532 533 534 |
# File 'app/models/mdm/host.rb', line 527 def ip_address_invalid? begin potential_ip = IPAddr.new(address) return true unless potential_ip.ipv4? || potential_ip.ipv6? rescue ArgumentError return true end end |
#is_vm? ⇒ true, false
Returns whether this host is a virtual machine.
540 541 542 |
# File 'app/models/mdm/host.rb', line 540 def is_vm? !!self.virtual_host end |