Class: Mdm::Workspace

Inherits:
ApplicationRecord
  • Object
show all
Defined in:
app/models/mdm/workspace.rb

Overview

Workspace to separate different collections of #hosts. Can be used to separate pentests against different networks or different clients as reports are normally generated against all records in a workspace.

Constant Summary collapse

DEFAULT =

CONSTANTS

'default'

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#boundaryString

Comma separated list of IP ranges (in various formats) and IP addresses that users of this workspace are allowed to interact with if #limit_to_network is true.

Returns:

  • (String)

# File 'app/models/mdm/workspace.rb', line 89

#created_atDateTime

When this workspace was created.

Returns:

  • (DateTime)

# File 'app/models/mdm/workspace.rb', line 111

#descriptionString

Long description (beyond #name) that explains the purpose of this workspace.

Returns:

  • (String)

# File 'app/models/mdm/workspace.rb', line 95

#limit_to_networkfalse, true

Whether #boundary is respected.

Returns:

  • (false)

    do not limit interactions to #boundary.

  • (true)

    limit interactions to #boundary.


# File 'app/models/mdm/workspace.rb', line 100

#nameString

Name of this workspace.

Returns:

  • (String)

# File 'app/models/mdm/workspace.rb', line 106

#updated_atDateTime

The last time this workspace was updated.

Returns:

  • (DateTime)

# File 'app/models/mdm/workspace.rb', line 116

Class Method Details

.defaultMdm::Workspace

Returns default Mdm::Workspace.

Returns:


154
155
156
# File 'app/models/mdm/workspace.rb', line 154

def self.default
  where(name: DEFAULT).first_or_create
end

Instance Method Details

#credsActiveRecord::Relation<Mdm::Cred>

Deprecated.

Use Mdm::Workspace#credential_cores when Metasploit::Credential::Engine is installed to get Metasploit::Credential::Cores. Use Mdm::Service#logins when Metasploit::Credential::Engine is installed to get Metasploit::Credential::Logins.

Returns:


143
144
145
146
147
148
149
# File 'app/models/mdm/workspace.rb', line 143

def creds
  Mdm::Cred
      .joins(service: :host)
      .where(hosts: {
          workspace_id: self.id
      })
end

#default?true, false

Whether this is the default workspace.

Returns:

  • (true)

    if this is the default workspace.

  • (false)

    if this is not the default workspace.


162
163
164
# File 'app/models/mdm/workspace.rb', line 162

def default?
  name == DEFAULT
end

#each_cred {|cred| ... } ⇒ void

Deprecated.

Use workspace.credential_cores.each when Metasploit::Credential::Engine is installed to enumerate Metasploit::Credential::Cores. Use service.logins.each when Metasploit::Credential::Engine is installed to enumerate Metasploit::Credential::Logins.

This method returns an undefined value.

Enumerates each element of #creds.

Yields:

  • (cred)

Yield Parameters:

  • cred (Mdm::Cred)

    Cred associated with a host or a service in this workspace.

Yield Returns:

  • (void)

176
177
178
179
180
# File 'app/models/mdm/workspace.rb', line 176

def each_cred(&block)
  creds.each do |cred|
    block.call(cred)
  end
end

#each_host_tag {|tag| ... } ⇒ void

This method returns an undefined value.

Enumerates each element of #host_tags.

Yields:

  • (tag)

Yield Parameters:

Yield Returns:

  • (void)

188
189
190
191
192
# File 'app/models/mdm/workspace.rb', line 188

def each_host_tag(&block)
  host_tags.each do |host_tag|
    block.call(host_tag)
  end
end

#host_tagsActiveRecord::Relation<Mdm::Tag>

Tags on #hosts.

Returns:


197
198
199
200
201
202
203
# File 'app/models/mdm/workspace.rb', line 197

def host_tags
  Mdm::Tag
      .joins(:hosts)
      .where(hosts: {
        workspace_id: self.id
      })
end

#unique_web_formsActiveRecord::Relation<Mdm::WebForm>

Web forms on #web_sites.

Returns:


256
257
258
# File 'app/models/mdm/workspace.rb', line 256

def unique_web_forms
  web_forms.select('web_forms.id, web_forms.web_site_id, web_forms.path, web_forms.method, web_forms.query')
end

#web_formsActiveRecord::Relation<Mdm::WebForm>

Web forms found on #web_sites.

Returns:


208
209
210
211
212
213
214
215
# File 'app/models/mdm/workspace.rb', line 208

def web_forms
  Mdm::WebForm.joins(
    Mdm::WebForm.join_association(:web_site),
    Mdm::WebSite.join_association(:service),
    Mdm::Service.join_association(:host),
    Mdm::Host.join_association(:workspace)
  ).where(Mdm::Workspace[:id].eq(id)).distinct
end

#web_pagesActiveRecord::Relation<Mdm::WebPage>

Web pages found on #web_sites.

Returns:


221
222
223
224
225
226
227
228
# File 'app/models/mdm/workspace.rb', line 221

def web_pages
  Mdm::WebPage.joins(
    Mdm::WebPage.join_association(:web_site),
    Mdm::WebSite.join_association(:service),
    Mdm::Service.join_association(:host),
    Mdm::Host.join_association(:workspace)
  ).where(Mdm::Workspace[:id].eq(id)).distinct
end

#web_sitesActiveRecord::Relation<Mdm::WebSite>

Web sites running on #services.

Returns:


233
234
235
236
237
238
239
# File 'app/models/mdm/workspace.rb', line 233

def web_sites
  Mdm::WebSite.joins(
    Mdm::WebSite.join_association(:service),
    Mdm::Service.join_association(:host),
    Mdm::Host.join_association(:workspace)
  ).where(Mdm::Workspace[:id].eq(id)).distinct
end

#web_unique_forms(addrs = nil) ⇒ Array<Mdm::WebForm>

#unique_web_forms hosted on addrs.

Parameters:

  • addrs (Array<IPAddr, String>) (defaults to: nil)

    Host#address for the Service#host for the Mdm::WebSite#service for the Mdm::WebForm#web_site.

Returns:


265
266
267
268
269
270
271
# File 'app/models/mdm/workspace.rb', line 265

def web_unique_forms(addrs=nil)
  forms = unique_web_forms
  if addrs
    forms.to_a.reject!{|f| not addrs.include?( f.web_site.service.host.address.to_s ) }
  end
  forms
end

#web_vulnsActiveRecord::Relation<Mdm::WebVuln>

Web vulnerability found on #web_sites.

Returns:


244
245
246
247
248
249
250
251
# File 'app/models/mdm/workspace.rb', line 244

def web_vulns
  Mdm::WebVuln.joins(
    Mdm::WebVuln.join_association(:web_site),
    Mdm::WebSite.join_association(:service),
    Mdm::Service.join_association(:host),
    Mdm::Host.join_association(:workspace)
  ).where(Mdm::Workspace[:id].eq(id)).distinct
end