Class: MetasploitDataModels::ModuleRun
- Inherits:
-
ActiveRecord::Base
- Object
- ActiveRecord::Base
- MetasploitDataModels::ModuleRun
- Defined in:
- app/models/metasploit_data_models/module_run.rb
Overview
ModuleRun holds the record of having launched a piece of Metasploit content. It has associations to Mdm::User for audit purposes, and makes polymorphic associations to things like Mdm::Vuln and Mdm::Host for flexible record keeping about activity attacking either specific vulns or just making mischief on specific remote targets w/out the context of a vuln or even a remote IP service.
There are also associations to Mdm::Session for two use cases: a spawned_session is a
session created by the ModuleRun. A target_session is a session that the ModuleRun
is acting upon (e.g.) for running a post module.
Constant Summary collapse
- SUCCEED =
Marks the module as having successfully run
'succeeded'- FAIL =
Marks the run as having not run successfully
'failed'- ERROR =
Marks the module as having had a runtime error
'error'- VALID_STATUSES =
MetasploitDataModels::ModuleRun objects will be validated against these statuses
[SUCCEED, FAIL, ERROR]
Instance Attribute Summary collapse
-
#attempted_at ⇒ Datetime
The date/time when this module was run.
-
#fail_detail ⇒ String
Arbitrary information captured by the module to give in-depth reason for failure.
-
#fail_reason ⇒ String
One of the values of the constants in
Msf::Module::Failure. -
#loots ⇒ ActiveRecord::Relation<Mdm::Loot>
The sweet, sweet loot taken by this module_run.
-
#module_detail ⇒ ActiveRecord::Relation<Mdm::Module::Detail>
The cached module information.
-
#module_name ⇒ String
The Msf::Module#fullname of the module being run.
-
#port ⇒ Fixnum
The port that the remote host was attacked on, if any.
-
#proto ⇒ String
The name of the protocol that the host was attacked on, if any.
-
#session_id ⇒ Datetime
The Mdm::Session that this was run with, in the case of a post module.
-
#spawned_session ⇒ Mdm::Session
The session created by running this module.
-
#status ⇒ String
The result of running the module.
-
#target_session ⇒ Mdm::Session
The session this module was run on, if any.
-
#trackable ⇒ Mdm::Host, Mdm::Vuln
A polymorphic association that is tracked as being related to this module run.
-
#user ⇒ Mdm::User
The user that launched this module.
-
#username ⇒ String
The name of the user running this module.
Instance Method Summary collapse
-
#module_name_components ⇒ Array
Splits strings formatted like Msf::Module#fullname into components.
Instance Attribute Details
#attempted_at ⇒ Datetime
The date/time when this module was run
|
|
# File 'app/models/metasploit_data_models/module_run.rb', line 28
|
#fail_detail ⇒ String
Arbitrary information captured by the module to give in-depth reason for failure
|
|
# File 'app/models/metasploit_data_models/module_run.rb', line 32
|
#fail_reason ⇒ String
One of the values of the constants in Msf::Module::Failure
|
|
# File 'app/models/metasploit_data_models/module_run.rb', line 36
|
#loots ⇒ ActiveRecord::Relation<Mdm::Loot>
The sweet, sweet loot taken by this module_run
77 78 79 |
# File 'app/models/metasploit_data_models/module_run.rb', line 77 has_many :loots, class_name: 'Mdm::Loot', inverse_of: :module_run |
#module_detail ⇒ ActiveRecord::Relation<Mdm::Module::Detail>
The cached module information
85 86 87 88 89 |
# File 'app/models/metasploit_data_models/module_run.rb', line 85 belongs_to :module_detail, class_name: 'Mdm::Module::Detail', inverse_of: :module_runs, foreign_key: :module_fullname, primary_key: :fullname |
#module_name ⇒ String
The Msf::Module#fullname of the module being run
|
|
# File 'app/models/metasploit_data_models/module_run.rb', line 40
|
#port ⇒ Fixnum
The port that the remote host was attacked on, if any
|
|
# File 'app/models/metasploit_data_models/module_run.rb', line 44
|
#proto ⇒ String
The name of the protocol that the host was attacked on, if any
|
|
# File 'app/models/metasploit_data_models/module_run.rb', line 48
|
#session_id ⇒ Datetime
The Mdm::Session that this was run with, in the case of a post module. In exploit modules, this field will remain null.
|
|
# File 'app/models/metasploit_data_models/module_run.rb', line 52
|
#spawned_session ⇒ Mdm::Session
The session created by running this module. Note that this is NOT the session that modules are run on.
97 98 99 |
# File 'app/models/metasploit_data_models/module_run.rb', line 97 has_one :spawned_session, class_name: 'Mdm::Session', inverse_of: :originating_module_run |
#status ⇒ String
The result of running the module
|
|
# File 'app/models/metasploit_data_models/module_run.rb', line 57
|
#target_session ⇒ Mdm::Session
The session this module was run on, if any. Note that this is NOT a session created by this module run of exploit modules.
109 110 111 112 |
# File 'app/models/metasploit_data_models/module_run.rb', line 109 belongs_to :target_session, class_name: 'Mdm::Session', foreign_key: :session_id, inverse_of: :target_module_runs |
#trackable ⇒ Mdm::Host, Mdm::Vuln
A polymorphic association that is tracked as being related to this module run. Mdm::Host and Mdm::Vuln can each have MetasploitDataModels::ModuleRun objects.
122 |
# File 'app/models/metasploit_data_models/module_run.rb', line 122 belongs_to :trackable, polymorphic: true |
#user ⇒ Mdm::User
The user that launched this module
130 131 132 133 |
# File 'app/models/metasploit_data_models/module_run.rb', line 130 belongs_to :user, class_name: 'Mdm::User', foreign_key: 'user_id', inverse_of: :module_runs |
#username ⇒ String
The name of the user running this module
|
|
# File 'app/models/metasploit_data_models/module_run.rb', line 61
|
Instance Method Details
#module_name_components ⇒ Array
Splits strings formatted like Msf::Module#fullname into components
174 175 176 |
# File 'app/models/metasploit_data_models/module_run.rb', line 174 def module_name_components module_fullname.split('/') end |