ronin-rb / ronin-db-activerecord Goto Github PK

Change WebCredential to be a join model between Credential and URL. This will allow associating the same credential pair (ex: user:password or email:password) with multiple URLs.

ronin-web should have models for logging full Rack::Requests into the Database.

Models

• Web::HeaderName
• Web::Header
• Web::PostParamName
• Web::PostParam
• Web::Request

Add a Note model for associating arbitrary text nodes with IPAddresses, HostNames, URLs, etc.

URL.import is not de-duplicating URLs that are already in the database. This appears to be due to find_or_create_by() not performing the find() query if one of the attributes is an empty Array. The other reason is that SQL UNIQUE INDEXs are not enforced on columns which allow NULL values.

Since Ronin::DB::Service only contains a unique name, it should include Model::Importable and define .import and .lookup class methods similar to Ronin::DB::HostName.

Add a URL.with_fragment query method that simply matching the fragment attribute.

Since certain model names contain acronyms, we must configure ActiveSupport::Inflector to preserve them as acronyms instead of converting them to CamelCase when converting the model name into a human readable name:

• Wrong: IPAddress.model_name.human # => "Ip address"
• Correct: IPAddress.model_name.human # => "IP address"

Add a method which queries all IPAddresses that exist within the ASN's IP range.

Add a query attribute to URL for storing the raw un-parsed query string.

Add a model for storing and querying security advisory IDs in the database.

Change ServiceCredential to be a join model between Credential and OpenPort. This will allow associating the same credential pair (ex: user:password or email:password) with multiple services.

It should be possible to see all of the ports which use that service.

Similar to IPAddress.between, but accepts a Range or any Range-like object (defining #begin and #end methods).

Add a ASN.with_name query method that simply matches the name attribute.

Add a method for looking up the ASN record for a given IPAddress.

It should be possible to see all of the services which use that port.

It should be possible to access the IPAddresses through open_ports.

Add a ASN.with_country_code query method that simply matches the country_code attribute.

Add a method to determine if the database has pending migrations that need to be ran. This will allow any ronin-db commands to warn the user that migrations are necessary.

Add rubocop to the repository.

• Add the rubocop gem to the Gemfile.
• Start with the template rubocop.yml file which closely matches Ronin's general code style.
• Add the rubocop task and add it to the CI.

Generate an ERD diagram based on the models/schema to show the structure of the models/associations. The catch is that this is only a library of ActiveRecord models, so it might be tricky to use existing Rails ERD plugins. YMMV

Add a model for storing received DNS queries, such as from ronin-listener-dns.

Columns

• source_ip
• type
• label

It should be possible to access the IPAddresses through open_ports.

• URL.http
• URI.https
• URL.with_host_name
• URL.with_port_number
• URL.with_directory
• URL.with_ext
• URL.with_query_param
• URL.with_query_param_name
• URL.with_query_param_value
• URL.find_url

Add a model which connects an Advisory model to IPAddress, HostName, URL, OpenPort, etc.

Add the missing ServiceCredential#to_s method which should also include the optional host:port from open_port.

Release bug fixes.

Change the OS.flavor attribute to be an enum mapping of linux: 'Linux', bsd: 'BSD', ....

Add a flavor property to OS so we can group OSes by Linux, BSD or Windows.

Re-add JRuby to the CI matrix now that JRuby 9.4 has been released, which adds Ruby 3.1 support.

Add a URL.with_path query method that simply matching the path attribute.

It should be possible to figure out when a service was first seen.

Document the ActiveRecord attributes using YARD @!attribute macro tags.
https://www.rubydoc.info/gems/yard/file/docs/Tags.md#attribute

Re-order the db/migrate/ files such that any time a reference is created the referenced table should be created before the migration. This will allow the migrations to run on a PostgreSQL database which requires the referenced table to exist before the reference is created.

Remove the URL.last_scanned_at attribute in favor of Model::LastScannedAt.

Add a Cert model for storing SSL/TLS certificate information. The model should store the serial number, common_name, and other subject fields. In order to store the data in a normalized fashion, we will also need CertSubject, CertIssuer, and CertSubjectAltName models as well. The Cert module should also have an .import class method which accepts an OpenSSL::X509::Certificate object.

It must be possible to store and query ASN ranges. Must store the following columns:

• first_ip / first_ip_uint
• last_ip / last_ip_uint
• prefix
• country_code
• name

Instead of running all of the migrations to provision a new database, load a schema dump file.

Example code for dumping and loading the schema: https://github.com/rails/rails/blob/4388275c48d4dda2d59fefc0cb89248b4b037a34/activerecord/lib/active_record/tasks/database_tasks.rb

Add a ASN.with_number query method that simply matching the number attribute.

Add a query method that queries all IPAddresses that exist between a start and end IP address.

It should be possible to figure out when the port was first seen.