1
mirror of https://github.com/rapid7/metasploit-framework synced 2024-10-29 18:07:27 +01:00

Describe ALL the attributes!

This commit is contained in:
James Barnett 2018-05-22 14:57:21 -05:00
parent e4038af79e
commit 7d7f405234
No known key found for this signature in database
GPG Key ID: 647983861A4EC5EA
12 changed files with 177 additions and 124 deletions

View File

@ -4,24 +4,37 @@ require 'swagger/blocks'
module CredentialApiDoc
include Swagger::Blocks
ORIGIN_ID_DESC = 'The ID of the origin record associated with this credential.'
ORIGIN_TYPE = 'The class name within Metasploit::Credential that indicates where this credential came from.'
PRIVATE_ID_DESC = 'The ID of the Metasploit::Credential::Private record associated with this credential.'
PUBLIC_ID_DESC = 'The ID of the Metasploit::Credential::Public record associated with this credential.'
REALM_ID_DESC = 'The ID of the Metasploit::Credential::Realm from where the credential was gathered.'
LOGINS_COUNT_DESC = 'The number of successful login attempts that were completed using this credential.'
ORIGIN_TYPE_ENUM = [
'Metasploit::Credential::Origin::Import',
'Metasploit::Credential::Origin::Manual',
'Metasploit::Credential::Origin::Service',
'Metasploit::Credential::Origin::Session'
]
# Swagger documentation for Credential model
swagger_schema :Credential do
key :required, [:id, :name]
property :id, type: :integer, format: :int32
property :origin_id, type: :integer, format: :int32
property :origin_type, type: :string
property :private_id, type: :integer, format: :int32
property :public_id, type: :integer, format: :int32
property :realm_id, type: :integer, format: :int32
property :workspace_id, type: :integer, format: :int32
property :logins_count, type: :integer, format: :int32
key :required, [:origin_id]
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :origin_id, type: :integer, format: :int32, description: ORIGIN_ID_DESC
property :origin_type, type: :string, description: ORIGIN_TYPE, enum: ORIGIN_TYPE_ENUM
property :private_id, type: :integer, format: :int32, description: PRIVATE_ID_DESC
property :public_id, type: :integer, format: :int32, description: PUBLIC_ID_DESC
property :realm_id, type: :integer, format: :int32, description: REALM_ID_DESC
property :workspace_id, type: :integer, format: :int32, description: RootApiDoc::WORKSPACE_ID_DESC
property :logins_count, type: :integer, format: :int32, description: LOGINS_COUNT_DESC
property :logins do
key :type, :array
items do
end
end
property :created_at, type: :string, format: :date_time
property :updated_at, type: :string, format: :date_time
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
end
swagger_path '/api/v1/credentials' do
@ -30,18 +43,13 @@ module CredentialApiDoc
key :description, 'Return credentials that are stored in the database.'
key :tags, [ 'credential' ]
parameter :workspace
parameter do
key :in, :body
key :name, :body
key :required, true
schema do
property :workspace do
key :in, :body
key :description, 'The workspace from which to return credentials.'
key :type, :string
key :required, true
end
property :svcs do
key :in, :body
key :description, 'Only return credentials of the specified service.'

View File

@ -6,7 +6,6 @@ module EventApiDoc
NAME_DESC = 'The name of the event.'
NAME_EXAMPLE = 'module_run'
HOST_DESC = 'The address of the host related to this event.'
HOST_EXAMPLE = '127.0.0.1'
CRITICAL_DESC = 'true if the event is considered critical.'
SEEN_DESC = 'true if a user has acknowledged the event.'
USERNAME_DESC = 'Name of the user that triggered the event.'
@ -16,15 +15,15 @@ module EventApiDoc
# Swagger documentation for Event model
swagger_schema :Event do
key :required, [:name]
property :id, type: :integer, format: :int32
property :workspace_id, type: :integer, format: :int32
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :workspace_id, type: :integer, format: :int32, description: RootApiDoc::WORKSPACE_ID_DESC
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
property :critical, type: :boolean, description: CRITICAL_DESC
property :seen, type: :string, description: SEEN_DESC
property :username, type: :string, description: USERNAME_DESC
property :info, type: :string, description: INFO_DESC, example: INFO_EXAMPLE
property :created_at, type: :string, format: :date_time
property :updated_at, type: :string, format: :date_time
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
end
swagger_path '/api/v1/events' do
@ -39,9 +38,9 @@ module EventApiDoc
key :description, 'The attributes to assign to the event.'
key :required, true
schema do
property :workspace, type: :string, required: true
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_DESC, example: RootApiDoc::WORKSPACE_POST_EXAMPLE
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
property :host, type: :string, format: :ipv4, description: HOST_DESC, example: HOST_EXAMPLE
property :host, type: :string, format: :ipv4, description: HOST_DESC, example: RootApiDoc::HOST_EXAMPLE
property :critical, type: :boolean, description: CRITICAL_DESC
property :username, type: :string, description: USERNAME_DESC
property :info, type: :string, description: INFO_DESC, example: INFO_EXAMPLE

View File

@ -7,18 +7,34 @@ module HostApiDoc
HOST_EXAMPLE = '127.0.0.1'
MAC_DESC = 'MAC Address of the host'
MAC_EXAMPLE = 'AA:BB:CC:11:22:33'
COMM_DESC = 'Unused attribute.'
NAME_DESC = 'Hostname of the host.'
NAME_EXAMPLE = 'domain_controller'
OS_NAME_EXAMPLE = "'Windows', 'Linux', or 'Mac OS X'"
STATE_DESC = 'The last seen connectivity state of this host.'
OS_NAME_DESC = 'The name of the operating system.'
OS_NAME_EXAMPLE = "'Windows XP', 'Ubuntu', or 'Mac OS X'"
OS_FLAVOR_DESC = 'The flavor of operating system.'
OS_FLAVOR_EXAMPLE = "'Enterprise', 'Pro', or 'Home'"
OS_SP_DESC = 'The service pack version the operating system is running.'
OS_SP_EXAMPLE = "'SP2'"
OS_LANG_DESC = 'The language the operating system is using.'
OS_LANG_EXAMPLE = "'English', 'French', or 'en-US'"
OS_FAMILY_DESC = 'The major family the operating system belongs to.'
OS_FAMILY_EXAMPLE = "'Windows', 'Linux', or 'OS X'"
ARCH_DESC = 'The architecture of the host\'s CPU OR the programming language for virtual machine programming language like Ruby, PHP, and Java.'
DETECTED_ARCH_DESC = 'The architecture of the host\'s CPU as detected by `Recog`. If arch is not \'unknown\', this is undefined.'
PURPOSE_DESC = 'The main function of the host.'
INFO_DESC = 'Customizable information about the host.'
COMMENTS_DESC = 'A place for storing notes or findings about the host.'
SCOPE_DESC = 'Interface identifier for link-local IPv6.'
VIRTUAL_HOST_DESC = 'The name of the virtualization software.'
VIRTUAL_HOST_EXAMPLE = "'VMWare', 'QEMU', 'Xen', or 'Docker'"
NOTE_COUNT_DESC = 'Cached count of the number of associated notes.'
VULN_COUNT_DESC = 'Cached count of the number of associated vulns.'
SERVICE_COUNT_DESC = 'Cached count of the number of associated services.'
HOST_DETAIL_COUNT_DESC = 'Cached count of the number of associated host details.'
EXPLOIT_ATTEMPT_COUNT_DESC = 'Cached count of the number of associated exploit attempts.'
CRED_COUNT_DESC = 'Cached count of the number of associated creds.'
STATE_ENUM = [ 'alive', 'down', 'unknown' ]
ARCH_ENUM = [
'x86',
@ -45,33 +61,33 @@ module HostApiDoc
# Swagger documentation for Host model
swagger_schema :Host do
key :required, [:address, :name]
property :id, type: :integer, format: :int32
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :address, type: :string, description: HOST_DESC, example: HOST_EXAMPLE
property :mac, type: :string, description: MAC_DESC, example: MAC_EXAMPLE
property :comm, type: :string
property :comm, type: :string, description: COMM_DESC
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
property :state, type: :string, enum: STATE_ENUM
property :os_name, type: :string, example: OS_NAME_EXAMPLE
property :os_flavor, type: :string, example: OS_FLAVOR_EXAMPLE
property :os_sp, type: :string, example: OS_SP_EXAMPLE
property :os_lang, type: :string, example: OS_LANG_EXAMPLE
property :arch, type: :string, enum: ARCH_ENUM
property :workspace_id, type: :integer, format: :int32
property :state, type: :string, description: STATE_DESC, enum: STATE_ENUM
property :os_name, type: :string, description: OS_NAME_DESC, example: OS_NAME_EXAMPLE
property :os_flavor, type: :string, description: OS_FLAVOR_DESC, example: OS_FLAVOR_EXAMPLE
property :os_sp, type: :string, description: OS_SP_DESC, example: OS_SP_EXAMPLE
property :os_lang, type: :string, description: OS_LANG_DESC, example: OS_LANG_EXAMPLE
property :os_family, type: :string, description: OS_FAMILY_DESC, example: OS_FAMILY_EXAMPLE
property :arch, type: :string, description: ARCH_DESC, enum: ARCH_ENUM
property :detected_arch, type: :string, description: DETECTED_ARCH_DESC
property :workspace_id, type: :integer, format: :int32, description: RootApiDoc::WORKSPACE_ID_DESC
property :purpose, type: :string, description: PURPOSE_DESC
property :info, type: :string, description: INFO_DESC
property :comments, type: :string, description: COMMENTS_DESC
property :scope, type: :string, description: SCOPE_DESC
property :virtual_host, type: :string, description: VIRTUAL_HOST_DESC, example: VIRTUAL_HOST_EXAMPLE
property :note_count, type: :integer, format: :int32
property :vuln_count, type: :integer, format: :int32
property :service_count, type: :integer, format: :int32
property :host_detail_count, type: :integer, format: :int32
property :exploit_attempt_count, type: :integer, format: :int32
property :cred_count, type: :integer, format: :int32
property :detected_arch, type: :string
property :os_family, type: :string
property :created_at, type: :string, format: :date_time
property :updated_at, type: :string, format: :date_time
property :note_count, type: :integer, format: :int32, description: NOTE_COUNT_DESC
property :vuln_count, type: :integer, format: :int32, description: VULN_COUNT_DESC
property :service_count, type: :integer, format: :int32, description: SERVICE_COUNT_DESC
property :host_detail_count, type: :integer, format: :int32, description: HOST_DETAIL_COUNT_DESC
property :exploit_attempt_count, type: :integer, format: :int32, description: EXPLOIT_ATTEMPT_COUNT_DESC
property :cred_count, type: :integer, format: :int32, description: CRED_COUNT_DESC
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
end
swagger_path '/api/v1/hosts' do
@ -106,14 +122,14 @@ module HostApiDoc
key :description, 'The attributes to assign to the host.'
key :required, true
schema do
property :workspace, type: :string, required: true
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_EXAMPLE
property :host, type: :string, format: :ipv4, required: true, description: HOST_DESC, example: HOST_EXAMPLE
property :mac, type: :string, description: MAC_DESC, example: MAC_EXAMPLE
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
property :os_name, type: :string, example: OS_NAME_EXAMPLE
property :os_flavor, type: :string, example: OS_FLAVOR_EXAMPLE
property :os_sp, type: :string, example: OS_SP_EXAMPLE
property :os_lang, type: :string, example: OS_LANG_EXAMPLE
property :os_name, type: :string, description: OS_NAME_DESC, example: OS_NAME_EXAMPLE
property :os_flavor, type: :string, description: OS_FLAVOR_DESC, example: OS_FLAVOR_EXAMPLE
property :os_sp, type: :string, description: OS_SP_DESC, example: OS_SP_EXAMPLE
property :os_lang, type: :string, description: OS_LANG_DESC, example: OS_LANG_EXAMPLE
property :purpose, type: :string, description: PURPOSE_DESC
property :info, type: :string, description: INFO_DESC
property :comments, type: :string, description: COMMENTS_DESC
@ -122,10 +138,12 @@ module HostApiDoc
# Possible values paired down from rex-arch/lib/rex/arch.rb
property :arch do
key :type, :string
key :description, ARCH_DESC
key :enum, ARCH_ENUM
end
property :state do
key :type, :string
key :description, STATE_DESC
key :enum, STATE_ENUM
end
end

View File

@ -3,8 +3,9 @@ require 'swagger/blocks'
module LootApiDoc
include Swagger::Blocks
HOST_ID_DESC = 'The ID of the host record this loot is associated with.'
HOST_DESC = 'The IP address of the host from where the loot was obtained.'
HOST_EXAMPLE = '127.0.0.1'
SERVICE_ID_DESC = 'The ID of the service record this loot is associated with.'
LTYPE_DESC = 'The type of loot.'
LTYPE_EXAMPLE = "'file', 'image', 'config_file', etc."
PATH_DESC = 'The on-disk path to the loot file.'
@ -15,24 +16,25 @@ module LootApiDoc
NAME_DESC = 'The name of the loot.'
NAME_EXAMPLE = 'password_file.txt'
INFO_DESC = 'Information about the loot.'
MODULE_RUN_ID_DESC = 'The ID of the module run record this loot is associated with.'
# Swagger documentation for loot model
swagger_schema :Loot do
key :required, [:name, :ltype, :path]
property :workspace_id, type: :integer, format: :int32
property :host_id, type: :integer, format: :int32
property :service_id, type: :integer, format: :int32
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :workspace_id, type: :integer, format: :int32, description: RootApiDoc::WORKSPACE_ID_DESC
property :host_id, type: :integer, format: :int32, description: HOST_ID_DESC
property :service_id, type: :integer, format: :int32, description: SERVICE_ID_DESC
property :ltype, type: :string, description: LTYPE_DESC, example: LTYPE_EXAMPLE
property :path, type: :string, description: PATH_DESC, example: PATH_EXAMPLE
property :data, type: :string, description: DATA_DESC
property :content_type, type: :string, description: CONTENT_TYPE_DESC, example: CONTENT_TYPE_EXAMPLE
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
property :info, type: :string, description: INFO_DESC
property :module_run_id, type: :integer, format: :int32
property :id, type: :integer, format: :int32
property :created_at, type: :string, format: :date_time
property :updated_at, type: :string, format: :date_time
property :module_run_id, type: :integer, format: :int32, description: MODULE_RUN_ID_DESC
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
end
swagger_path '/api/v1/loots' do
@ -65,9 +67,9 @@ module LootApiDoc
key :description, 'The attributes to assign to the loot.'
key :required, true
schema do
property :workspace, type: :string, required: true
property :host, type: :string, format: :ipv4, description: HOST_DESC, example: HOST_EXAMPLE
property :service, type: :string
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_DESC, example: RootApiDoc::WORKSPACE_POST_EXAMPLE
property :host, type: :string, format: :ipv4, description: HOST_DESC, example: RootApiDoc::HOST_EXAMPLE
property :service, '$ref': :Service
property :ltype, type: :string, description: LTYPE_DESC, example: LTYPE_EXAMPLE, required: true
property :path, type: :string, description: PATH_DESC, example: PATH_EXAMPLE, required: true
property :data, type: :string, description: DATA_DESC

View File

@ -4,7 +4,7 @@ module NmapApiDoc
include Swagger::Blocks
swagger_path '/api/v1/nmaps' do
# Swagger documentation for /api/v1/nmaps GET
# Swagger documentation for /api/v1/nmaps POST
operation :post do
key :description, 'Upload an Nmap XML file to be processed into corresponding Metasploit data objects.'
key :tags, [ 'nmap' ]
@ -14,7 +14,7 @@ module NmapApiDoc
key :name, :body
key :required, true
schema do
property :workspace, type: :string, required: true
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_EXAMPLE
property :filename, type: :string, required: true, description: 'The name of the file you are uploading.'
property :data, type: :string, required: true, description: 'The Base64 encoded contents of the Nmap XML file.'
end

View File

@ -3,26 +3,30 @@ require 'swagger/blocks'
module NoteApiDoc
include Swagger::Blocks
TYPE_DESC = 'The type of note this is.'
TYPE_EXAMPLE = "'host.info', 'host.os.session_fingerprint', 'smb_peer_os', etc."
NTYPE_DESC = 'The type of note this is.'
NTYPE_EXAMPLE = "'host.info', 'host.os.session_fingerprint', 'smb_peer_os', etc."
HOST_ID_DESC = 'The ID of the host record this note is associated with.'
HOST_DESC = 'The IP address of the host this note is associated with.'
SERVICE_ID_DESC = 'The ID of the host record this service is associated with.'
VULN_ID_DESC = 'The ID of the host record this note is associated with.'
CRITICAL_DESC = 'Boolean regarding the criticality of this note\'s contents.'
SEEN_DESC = 'Boolean regarding if this note has been acknowledged.'
DATA_DESC = 'The contents of the note.'
# Swagger documentation for notes model
swagger_schema :Note do
key :required, [:type]
property :id, type: :integer, format: :int32
property :type, type: :string, description: TYPE_DESC, example: TYPE_EXAMPLE
property :workspace_id, type: :integer, format: :int32
property :host_id, type: :integer, format: :int32
property :service_id, type: :integer, format: :int32
key :required, [:ntype]
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :ntype, type: :string, description: NTYPE_DESC, example: NTYPE_EXAMPLE
property :workspace_id, type: :integer, format: :int32, description: RootApiDoc::WORKSPACE_ID_DESC
property :host_id, type: :integer, format: :int32, description: HOST_ID_DESC
property :service_id, type: :integer, format: :int32, description: SERVICE_ID_DESC
property :vuln_id, type: :integer, format: :int32, description: VULN_ID_DESC
property :critical, type: :boolean, description: CRITICAL_DESC
property :seen, type: :boolean, description: SEEN_DESC
property :data, type: :string, description: DATA_DESC
property :vuln_id, type: :integer, format: :int32
property :created_at, type: :string, format: :date_time
property :updated_at, type: :string, format: :date_time
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
end
swagger_path '/api/v1/notes' do
@ -55,9 +59,9 @@ module NoteApiDoc
key :description, 'The attributes to assign to the note.'
key :required, true
schema do
property :type, type: :string, description: TYPE_DESC, example: TYPE_EXAMPLE, required: true
property :workspace, type: :string, required: true
property :host, type: :integer, format: :int32
property :ntype, type: :string, description: NTYPE_DESC, example: NTYPE_EXAMPLE, required: true
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_DESC, example: RootApiDoc::WORKSPACE_POST_EXAMPLE
property :host, type: :integer, format: :ipv4, description: HOST_DESC, example: RootApiDoc::HOST_EXAMPLE
property :critical, type: :boolean, description: CRITICAL_DESC
property :seen, type: :boolean, description: SEEN_DESC
property :data, type: :string, description: DATA_DESC

View File

@ -3,6 +3,14 @@ require 'swagger/blocks'
module RootApiDoc
include Swagger::Blocks
ID_DESC = 'The primary key used to identify this object in the database.'
CREATED_AT_DESC = 'The date and time this record was added to the database.'
UPDATED_AT_DESC = 'The date and time this record was last updated in the database.'
WORKSPACE_ID_DESC = 'The ID of the workspace this credential belongs to.'
WORKSPACE_POST_DESC = 'The name of the workspace where this record should be created.'
WORKSPACE_POST_EXAMPLE = 'default'
HOST_EXAMPLE = '127.0.0.1'
swagger_root do
key :swagger, '2.0'
info do

View File

@ -4,7 +4,7 @@ module ServiceApiDoc
include Swagger::Blocks
HOST_DESC = 'The host where this service is running.'
HOST_EXAMPLE = '127.0.0.1'
HOST_ID_DESC = 'The ID of the host record this service is associated with.'
PORT_DESC = 'The port this service is listening on.'
PORT_EXAMPLE = '443'
PROTO_DESC = 'The transport layer protocol this service is using.'
@ -19,15 +19,15 @@ module ServiceApiDoc
# Swagger documentation for Service model
swagger_schema :Service do
key :required, [:id, :port, :proto]
property :id, type: :integer, format: :int32
property :host_id, type: :integer, format: :int32
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :host_id, type: :integer, format: :int32, description: HOST_ID_DESC
property :port, type: :string, description: PORT_DESC, example: PORT_EXAMPLE
property :proto, type: :string, description: PROTO_DESC, enum: PROTO_ENUM
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
property :info, type: :string, description: INFO_DESC, example: INFO_EXAMPLE
property :state, type: :string, description: STATE_DESC, enum: STATE_ENUM
property :created_at, type: :string, format: :date_time
property :updated_at, type: :string, format: :date_time
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
end
swagger_path '/api/v1/services' do
@ -60,8 +60,8 @@ module ServiceApiDoc
key :description, 'The attributes to assign to the service.'
key :required, true
schema do
property :workspace, type: :string, required: true
property :host, type: :string, format: :ipv4, required: true, description: HOST_DESC, example: HOST_EXAMPLE
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_DESC, example: RootApiDoc::WORKSPACE_POST_EXAMPLE
property :host, type: :string, format: :ipv4, required: true, description: HOST_DESC, example: RootApiDoc::HOST_EXAMPLE
property :port, type: :string, required: true, description: PORT_DESC, example: PORT_EXAMPLE
property :proto, type: :string, required: true, description: PROTO_DESC, enum: PROTO_ENUM
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE

View File

@ -3,6 +3,7 @@ require 'swagger/blocks'
module SessionEventApiDoc
include Swagger::Blocks
SESSION_ID_DESC = 'The ID of the session record that caused this event.'
ETYPE_DESC = 'The type of session event that occurred.'
ETYPE_ENUM = ['command', 'output', 'upload', 'download', 'filedelete']
COMMAND_DESC = 'The command that was executed for this event.'
@ -15,14 +16,14 @@ module SessionEventApiDoc
# Swagger documentation for session events model
swagger_schema :SessionEvent do
key :required, [:etype, :session_id]
property :id, type: :integer, format: :int32
property :session_id, type: :integer, format: :int32
property :etype, type: :string
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :session_id, type: :integer, format: :int32, description: SESSION_ID_DESC
property :etype, type: :string, description: ETYPE_DESC, enum: ETYPE_ENUM
property :command, type: :string, description: COMMAND_DESC
property :output, type: :string, description: OUTPUT_DESC
property :local_path, type: :string, description: LOCAL_PATH_DESC, example: LOCAL_PATH_EXAMPLE
property :remote_path, type: :string, description: REMOTE_PATH_DESC, example: REMOTE_PATH_EXAMPLE
property :created_at, type: :string, format: :date_time
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
end
swagger_path '/api/v1/session-events' do

View File

@ -3,27 +3,35 @@ require 'swagger/blocks'
module VulnApiDoc
include Swagger::Blocks
HOST_ID_DESC = 'The ID of host record associated with this vuln.'
HOST_DESC = 'The host where this vuln was discovered.'
HOST_EXAMPLE = '127.0.0.1'
NAME_DESC = 'The friendly name/title for this vulnerability.'
NAME_EXAMPLE = 'Docker Daemon Privilege Escalation'
INFO_DESC = 'Information about how this vuln was discovered.'
INFO_EXAMPLE = 'Exploited by exploit/linux/local/docker_daemon_privilege_escalation to create session.'
EXPLOITED_AT_DESC = 'The date and time this vuln was successfully exploited.'
VULN_DETAIL_COUNT = 'Cached count of the number of associated vuln detail objects.'
VULN_ATTEMPT_COUNT = 'Cached count of the number of associated vuln attempt object.'
ORIGIN_ID_DESC = 'ID of the associated origin record.'
ORIGIN_TYPE_DESC = 'The origin type of this vuln.'
REFS_DESC = 'An array of public reference IDs for this vuln.'
REF_ID_DESC = 'The ID of the related Mdm::ModuleRef or Mdm::VulnRef associated with this vuln.'
REF_NAME_DESC = 'Designation for external reference. May include a prefix for the authority, such as \'CVE-\', in which case the rest of the name is the designation assigned by that authority.'
REFS_EXAMPLE = ['CVE-2008-4250','OSVDB-49243','MSB-MS08-067']
MODULE_REF_DETAIL_ID_DESC = 'The ID of the Mdm::Module::Detail record this ModuleRef is associated with.'
# Swagger documentation for vulns model
swagger_schema :Vuln do
key :required, [:host_id, :name]
property :id, type: :integer, format: :int32
property :host_id, type: :integer, format: :int32
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :host_id, type: :integer, format: :int32, description: HOST_ID_DESC
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
property :info, type: :string, description: INFO_DESC, example: INFO_EXAMPLE
property :exploited_at, type: :string, format: :date_time
property :vuln_detail_count, type: :integer, format: :int32
property :vuln_attempt_count, type: :integer, format: :int32
property :origin_id, type: :integer, format: :int32
property :origin_type, type: :integer, format: :int32
property :exploited_at, type: :string, format: :date_time, description: EXPLOITED_AT_DESC
property :vuln_detail_count, type: :integer, format: :int32, description: VULN_DETAIL_COUNT
property :vuln_attempt_count, type: :integer, format: :int32, description: VULN_ATTEMPT_COUNT
property :origin_id, type: :integer, format: :int32, description: ORIGIN_ID_DESC
property :origin_type, type: :string, description: ORIGIN_TYPE_DESC
property :vuln_refs do
key :type, :array
items do
@ -42,31 +50,31 @@ module VulnApiDoc
key :'$ref', :ModuleRef
end
end
property :created_at, type: :string, format: :date_time
property :updated_at, type: :string, format: :date_time
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
end
swagger_schema :Ref do
key :required, [:name]
property :id, type: :integer, format: :int32
property :ref_id, type: :integer, format: :int32
property :name, type: :string, required: true
property :created_at, type: :string, format: :date_time
property :updated_at, type: :string, format: :date_time
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :ref_id, type: :integer, format: :int32, description: REF_ID_DESC
property :name, type: :string, required: true, description: REF_NAME_DESC
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
end
swagger_schema :ModuleRef do
key :required, [:name]
property :id, type: :integer, format: :int32
property :detail_id, type: :integer, format: :int32
property :name, type: :string, required: true
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :detail_id, type: :integer, format: :int32, description: MODULE_REF_DETAIL_ID_DESC
property :name, type: :string, required: true, description: REF_NAME_DESC
end
swagger_schema :VulnRef do
key :required, [:ref_id, :vuln_id]
property :id, type: :integer, format: :int32
property :ref_id, type: :integer, format: :int32
property :vuln_id, type: :integer, format: :int32
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :ref_id, type: :integer, format: :int32, description: RootApiDoc::CREATED_AT_DESC
property :vuln_id, type: :integer, format: :int32, description: RootApiDoc::UPDATED_AT_DESC
end
@ -100,8 +108,8 @@ module VulnApiDoc
key :description, 'The attributes to assign to the vuln.'
key :required, true
schema do
property :workspace, type: :string, required: true
property :host, type: :string, format: :ipv4, required: true, description: HOST_DESC, example: HOST_EXAMPLE
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_DESC, example: RootApiDoc::WORKSPACE_POST_EXAMPLE
property :host, type: :string, format: :ipv4, required: true, description: HOST_DESC, example: RootApiDoc::HOST_EXAMPLE
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
property :info, type: :string, description: INFO_DESC, example: INFO_EXAMPLE
property :refs do

View File

@ -3,6 +3,9 @@ require 'swagger/blocks'
module VulnAttemptApiDoc
include Swagger::Blocks
VULN_ID_DESC = 'The ID of the vuln record associated with this vuln attempt was exploiting.'
SESSION_ID_DESC = 'The ID of the session record associated with this vuln attempt if it was successful.'
LOOT_ID_DESC = 'The ID of the loot record associated with this vuln attempt if loot was gathered.'
ATTEMPTED_AT_DESC = 'The time that this vuln attempt occurred.'
EXPLOITED_DESC = 'true if the vuln attempt was successful.'
FAIL_REASON_DESC = 'Short reason why this attempt failed.'
@ -14,17 +17,17 @@ module VulnAttemptApiDoc
# Swagger documentation for vuln_attempts model
swagger_schema :VulnAttempt do
key :required, [:id]
property :id, type: :integer, format: :int32
property :vuln_id, type: :integer, format: :int32
key :required, [:vuln_id]
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :vuln_id, type: :integer, format: :int32, description: VULN_ID_DESC
property :session_id, type: :integer, format: :int32, description: SESSION_ID_DESC
property :loot_id, type: :integer, format: :int32, description: LOOT_ID_DESC
property :attempted_at, type: :string, format: :date_time, description: ATTEMPTED_AT_DESC
property :exploited, type: :boolean, description: EXPLOITED_DESC
property :fail_reason, type: :string, description: FAIL_REASON_DESC
property :fail_detail, type: :string, description: FAIL_DETAIL_DESC
property :module, type: :string, description: MODULE_DESC, example: MODULE_EXAMPLE
property :username, type: :string, description: USERNAME_DESC
property :session_id, type: :integer, format: :int32
property :loot_id, type: :integer, format: :int32
end
swagger_path '/api/v1/vuln-attempts' do
@ -55,8 +58,8 @@ module VulnAttemptApiDoc
key :description, 'The attributes to assign to the vuln attempt.'
key :required, true
schema do
property :workspace, type: :string, required: true
property :vuln_id, type: :integer, format: :int32
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_DESC, example: RootApiDoc::WORKSPACE_POST_EXAMPLE
property :vuln_id, type: :integer, format: :int32, description: VULN_ID_DESC
property :attempted_at, type: :string, format: :date_time, description: ATTEMPTED_AT_DESC
property :exploited, type: :boolean, description: EXPLOITED_DESC
property :fail_reason, type: :string, description: FAIL_REASON_DESC

View File

@ -5,22 +5,24 @@ module WorkspaceApiDoc
NAME_DESC = 'The name of the workspace. This is the unique identifier for determining which workspace is being accessed.'
BOUNDARY_DESC = 'Comma separated list of IP ranges (in various formats) and IP addresses that users of this workspace are allowed to interact with if limit_to_network is true.'
BOUNDARY_EXAMPLE = ''
BOUNDARY_EXAMPLE = '10.10.1.1-50,10.10.1.100,10.10.2.0/24'
DESCRIPTION_DESC = 'Long description that explains the purpose of this workspace.'
OWNER_ID_DESC = 'ID of the user who owns this workspace.'
LIMIT_TO_NETWORK_DESC = 'true to restrict the hosts and services in this workspace to the IP addresses listed in \'boundary\'.'
IMPORT_FINGERPRINT_DESC = 'Identifier that indicates if and where this workspace was imported from.'
# Swagger documentation for workspaces model
swagger_schema :Workspace do
key :required, [:name]
property :id, type: :integer, format: :int32
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
property :name, type: :string, description: NAME_DESC
property :boundary, type: :string, description: BOUNDARY_DESC, example: BOUNDARY_EXAMPLE
property :description, type: :string, description: DESCRIPTION_DESC
property :owner_id, type: :integer, format: :int32
property :owner_id, type: :integer, format: :int32, description: OWNER_ID_DESC
property :limit_to_network, type: :boolean, description: LIMIT_TO_NETWORK_DESC
property :import_fingerprint, type: :boolean
property :created_at, type: :string, format: :date_time
property :updated_at, type: :string, format: :date_time
property :import_fingerprint, type: :boolean, description: IMPORT_FINGERPRINT_DESC
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
end
swagger_path '/api/v1/workspaces' do