Class: Mdm::User

Inherits:

ApplicationRecord

• Object
• ApplicationRecord
• Mdm::User

Extended by:

MetasploitDataModels::SerializedPrefs

Defined in:

app/models/mdm/user.rb

Overview

A user of metasploit-framework or metasploit-pro.

HTTP Proxy

• #http_proxy_host ⇒ String^?

  Proxy host.

• #http_proxy_pass ⇒ String^?

  Password used to login as #http_proxy_user to proxy.

• #http_proxy_port ⇒ String, ...

  Port on which proxy run on #http_proxy_host.

• #http_proxy_user ⇒ String^?

  User used to log into proxy.

Nexpose

• #nexpose_host ⇒ String^?

  Host name for server running Nexpose.

• #nexpose_pass ⇒ String^?

  Password to log into Nexpose.

• #nexpose_port ⇒ String, Integer. nil

  Port on #nexpose_host on which Nexpose is running.

• #nexpose_user ⇒ String^?

  User used to log into Nexpose.

Nexpose Authenticated Scan Credentials

• #nexpose_creds_pass ⇒ String^?
• #nexpose_creds_type ⇒ String^?
• #nexpose_creds_user ⇒ String^?

Instance Attribute Summary

• #admin ⇒ false, true

  Whether this user is an administrator.

• #company ⇒ String^?

  Company at which user works.

• #created_at ⇒ DateTime

  When the user was created.

• #crypted_password ⇒ String

  Hashed password (salted with #password_salt) by Authlogic in metasploit-pro.

• #email ⇒ String^?

  The user's email address.

• #fullname ⇒ String^?

  The user's normal human name.

• #last_login_address ⇒ String^?

  Last IP address from which this user logged in.

• #password_salt ⇒ String

  Salt used when hashing password into #crypted_password by Authlogic in metasploit-pro.

• #persistence_token ⇒ String

  Token used for session and cookie when user is logged using Authlogic in metasploit-pro.

• #phone ⇒ String^?

  Phone number for user.

• #session_key ⇒ String^?

  Holds session[:session_id] so user can only be logged in once.

• #time_zone ⇒ String^?

  User's preferred time zone.

• #updated_at ⇒ DateTime

  When the user was last updated.

• #username ⇒ String

  Username for this user.

Instance Method Summary

• #prefs ⇒ Hash

  Hash of user preferences.

Methods included from MetasploitDataModels::SerializedPrefs

serialized_prefs_attr_accessor

Instance Attribute Details

#admin ⇒ false, true

Whether this user is an administrator. Administrator permissions are only enforced in metasploit-pro through the controllers.

Returns:

• (false) —

  if this is a normal user that must be added to each workspace.

• (true) —

  if this user is an administrator and have access to all workspaces without being added to the workspace explicitly. User is also allowed to add other users to workspaces or make other users admins.

# File 'app/models/mdm/user.rb', line 47

#company ⇒ String^?

Company at which user works.

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 55

#created_at ⇒ DateTime

When the user was created.

Returns:

• (DateTime)

# File 'app/models/mdm/user.rb', line 60

#crypted_password ⇒ String

Hashed password (salted with #password_salt) by Authlogic in metasploit-pro.

Returns:

• (String)

# File 'app/models/mdm/user.rb', line 65

#email ⇒ String^?

The user's email address.

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 70

#fullname ⇒ String^?

The user's normal human name.

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 75

#http_proxy_host ⇒ String^?

Proxy host.

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 152

serialized_prefs_attr_accessor :http_proxy_host

#http_proxy_pass ⇒ String^?

Password used to login as #http_proxy_user to proxy.

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 158

serialized_prefs_attr_accessor :http_proxy_pass

#http_proxy_port ⇒ String, ...

Port on which proxy run on #http_proxy_host.

Returns:

• (String, Integer, nil)

# File 'app/models/mdm/user.rb', line 164

serialized_prefs_attr_accessor :http_proxy_port

#http_proxy_user ⇒ String^?

User used to log into proxy.

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 170

serialized_prefs_attr_accessor :http_proxy_user

#last_login_address ⇒ String^?

Note:

specifically NOT last_login_ip to prevent confusion with AuthLogic magic columns (which dont work for serialized fields)

Last IP address from which this user logged in. Used to report currently active user session's IP when the user is logged off because theire session[:session_id] does not match #session_key.

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 132

serialized_prefs_attr_accessor :last_login_address

#nexpose_creds_pass ⇒ String^?

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 214

serialized_prefs_attr_accessor :nexpose_creds_pass

#nexpose_creds_type ⇒ String^?

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 218

serialized_prefs_attr_accessor :nexpose_creds_type

#nexpose_creds_user ⇒ String^?

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 222

serialized_prefs_attr_accessor :nexpose_creds_user

#nexpose_host ⇒ String^?

Host name for server running Nexpose.

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 184

serialized_prefs_attr_accessor :nexpose_host

#nexpose_pass ⇒ String^?

Password to log into Nexpose.

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 190

serialized_prefs_attr_accessor :nexpose_pass

#nexpose_port ⇒ String, Integer. nil

Port on #nexpose_host on which Nexpose is running.

Returns:

• (String, Integer. nil)

# File 'app/models/mdm/user.rb', line 196

serialized_prefs_attr_accessor :nexpose_port

#nexpose_user ⇒ String^?

User used to log into Nexpose.

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 202

serialized_prefs_attr_accessor :nexpose_user

#password_salt ⇒ String

Salt used when hashing password into #crypted_password by Authlogic in metasploit-pro.

Returns:

• (String)

# File 'app/models/mdm/user.rb', line 80

#persistence_token ⇒ String

Token used for session and cookie when user is logged using Authlogic in metasploit-pro.

Returns:

• (String)

# File 'app/models/mdm/user.rb', line 85

#phone ⇒ String^?

Phone number for user.

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 90

#session_key ⇒ String^?

Holds session[:session_id] so user can only be logged in once. Only enforced in metasploit-pro.

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 138

serialized_prefs_attr_accessor :session_key

#time_zone ⇒ String^?

User's preferred time zone.

Returns:

• (String, nil)

# File 'app/models/mdm/user.rb', line 118

serialized_prefs_attr_accessor :time_zone

#updated_at ⇒ DateTime

When the user was last updated.

Returns:

• (DateTime)

# File 'app/models/mdm/user.rb', line 95

#username ⇒ String

Username for this user. Used to log into metasploit-pro.

Returns:

• (String)

# File 'app/models/mdm/user.rb', line 100

Instance Method Details

#prefs ⇒ Hash

Hash of user preferences

Returns:

• (Hash)

# File 'app/models/mdm/user.rb', line 112

serialize :prefs, MetasploitDataModels::Base64Serializer.new