mirror of
https://github.com/rapid7/metasploit-framework
synced 2024-10-29 18:07:27 +01:00
Describe ALL the attributes!
This commit is contained in:
parent
e4038af79e
commit
7d7f405234
@ -4,24 +4,37 @@ require 'swagger/blocks'
|
||||
module CredentialApiDoc
|
||||
include Swagger::Blocks
|
||||
|
||||
ORIGIN_ID_DESC = 'The ID of the origin record associated with this credential.'
|
||||
ORIGIN_TYPE = 'The class name within Metasploit::Credential that indicates where this credential came from.'
|
||||
PRIVATE_ID_DESC = 'The ID of the Metasploit::Credential::Private record associated with this credential.'
|
||||
PUBLIC_ID_DESC = 'The ID of the Metasploit::Credential::Public record associated with this credential.'
|
||||
REALM_ID_DESC = 'The ID of the Metasploit::Credential::Realm from where the credential was gathered.'
|
||||
LOGINS_COUNT_DESC = 'The number of successful login attempts that were completed using this credential.'
|
||||
ORIGIN_TYPE_ENUM = [
|
||||
'Metasploit::Credential::Origin::Import',
|
||||
'Metasploit::Credential::Origin::Manual',
|
||||
'Metasploit::Credential::Origin::Service',
|
||||
'Metasploit::Credential::Origin::Session'
|
||||
]
|
||||
|
||||
# Swagger documentation for Credential model
|
||||
swagger_schema :Credential do
|
||||
key :required, [:id, :name]
|
||||
property :id, type: :integer, format: :int32
|
||||
property :origin_id, type: :integer, format: :int32
|
||||
property :origin_type, type: :string
|
||||
property :private_id, type: :integer, format: :int32
|
||||
property :public_id, type: :integer, format: :int32
|
||||
property :realm_id, type: :integer, format: :int32
|
||||
property :workspace_id, type: :integer, format: :int32
|
||||
property :logins_count, type: :integer, format: :int32
|
||||
key :required, [:origin_id]
|
||||
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
|
||||
property :origin_id, type: :integer, format: :int32, description: ORIGIN_ID_DESC
|
||||
property :origin_type, type: :string, description: ORIGIN_TYPE, enum: ORIGIN_TYPE_ENUM
|
||||
property :private_id, type: :integer, format: :int32, description: PRIVATE_ID_DESC
|
||||
property :public_id, type: :integer, format: :int32, description: PUBLIC_ID_DESC
|
||||
property :realm_id, type: :integer, format: :int32, description: REALM_ID_DESC
|
||||
property :workspace_id, type: :integer, format: :int32, description: RootApiDoc::WORKSPACE_ID_DESC
|
||||
property :logins_count, type: :integer, format: :int32, description: LOGINS_COUNT_DESC
|
||||
property :logins do
|
||||
key :type, :array
|
||||
items do
|
||||
end
|
||||
end
|
||||
property :created_at, type: :string, format: :date_time
|
||||
property :updated_at, type: :string, format: :date_time
|
||||
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
|
||||
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
|
||||
end
|
||||
|
||||
swagger_path '/api/v1/credentials' do
|
||||
@ -30,18 +43,13 @@ module CredentialApiDoc
|
||||
key :description, 'Return credentials that are stored in the database.'
|
||||
key :tags, [ 'credential' ]
|
||||
|
||||
parameter :workspace
|
||||
|
||||
parameter do
|
||||
key :in, :body
|
||||
key :name, :body
|
||||
key :required, true
|
||||
schema do
|
||||
property :workspace do
|
||||
key :in, :body
|
||||
key :description, 'The workspace from which to return credentials.'
|
||||
key :type, :string
|
||||
key :required, true
|
||||
end
|
||||
|
||||
property :svcs do
|
||||
key :in, :body
|
||||
key :description, 'Only return credentials of the specified service.'
|
||||
|
@ -6,7 +6,6 @@ module EventApiDoc
|
||||
NAME_DESC = 'The name of the event.'
|
||||
NAME_EXAMPLE = 'module_run'
|
||||
HOST_DESC = 'The address of the host related to this event.'
|
||||
HOST_EXAMPLE = '127.0.0.1'
|
||||
CRITICAL_DESC = 'true if the event is considered critical.'
|
||||
SEEN_DESC = 'true if a user has acknowledged the event.'
|
||||
USERNAME_DESC = 'Name of the user that triggered the event.'
|
||||
@ -16,15 +15,15 @@ module EventApiDoc
|
||||
# Swagger documentation for Event model
|
||||
swagger_schema :Event do
|
||||
key :required, [:name]
|
||||
property :id, type: :integer, format: :int32
|
||||
property :workspace_id, type: :integer, format: :int32
|
||||
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
|
||||
property :workspace_id, type: :integer, format: :int32, description: RootApiDoc::WORKSPACE_ID_DESC
|
||||
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
|
||||
property :critical, type: :boolean, description: CRITICAL_DESC
|
||||
property :seen, type: :string, description: SEEN_DESC
|
||||
property :username, type: :string, description: USERNAME_DESC
|
||||
property :info, type: :string, description: INFO_DESC, example: INFO_EXAMPLE
|
||||
property :created_at, type: :string, format: :date_time
|
||||
property :updated_at, type: :string, format: :date_time
|
||||
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
|
||||
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
|
||||
end
|
||||
|
||||
swagger_path '/api/v1/events' do
|
||||
@ -39,9 +38,9 @@ module EventApiDoc
|
||||
key :description, 'The attributes to assign to the event.'
|
||||
key :required, true
|
||||
schema do
|
||||
property :workspace, type: :string, required: true
|
||||
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_DESC, example: RootApiDoc::WORKSPACE_POST_EXAMPLE
|
||||
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
|
||||
property :host, type: :string, format: :ipv4, description: HOST_DESC, example: HOST_EXAMPLE
|
||||
property :host, type: :string, format: :ipv4, description: HOST_DESC, example: RootApiDoc::HOST_EXAMPLE
|
||||
property :critical, type: :boolean, description: CRITICAL_DESC
|
||||
property :username, type: :string, description: USERNAME_DESC
|
||||
property :info, type: :string, description: INFO_DESC, example: INFO_EXAMPLE
|
||||
|
@ -7,18 +7,34 @@ module HostApiDoc
|
||||
HOST_EXAMPLE = '127.0.0.1'
|
||||
MAC_DESC = 'MAC Address of the host'
|
||||
MAC_EXAMPLE = 'AA:BB:CC:11:22:33'
|
||||
COMM_DESC = 'Unused attribute.'
|
||||
NAME_DESC = 'Hostname of the host.'
|
||||
NAME_EXAMPLE = 'domain_controller'
|
||||
OS_NAME_EXAMPLE = "'Windows', 'Linux', or 'Mac OS X'"
|
||||
STATE_DESC = 'The last seen connectivity state of this host.'
|
||||
OS_NAME_DESC = 'The name of the operating system.'
|
||||
OS_NAME_EXAMPLE = "'Windows XP', 'Ubuntu', or 'Mac OS X'"
|
||||
OS_FLAVOR_DESC = 'The flavor of operating system.'
|
||||
OS_FLAVOR_EXAMPLE = "'Enterprise', 'Pro', or 'Home'"
|
||||
OS_SP_DESC = 'The service pack version the operating system is running.'
|
||||
OS_SP_EXAMPLE = "'SP2'"
|
||||
OS_LANG_DESC = 'The language the operating system is using.'
|
||||
OS_LANG_EXAMPLE = "'English', 'French', or 'en-US'"
|
||||
OS_FAMILY_DESC = 'The major family the operating system belongs to.'
|
||||
OS_FAMILY_EXAMPLE = "'Windows', 'Linux', or 'OS X'"
|
||||
ARCH_DESC = 'The architecture of the host\'s CPU OR the programming language for virtual machine programming language like Ruby, PHP, and Java.'
|
||||
DETECTED_ARCH_DESC = 'The architecture of the host\'s CPU as detected by `Recog`. If arch is not \'unknown\', this is undefined.'
|
||||
PURPOSE_DESC = 'The main function of the host.'
|
||||
INFO_DESC = 'Customizable information about the host.'
|
||||
COMMENTS_DESC = 'A place for storing notes or findings about the host.'
|
||||
SCOPE_DESC = 'Interface identifier for link-local IPv6.'
|
||||
VIRTUAL_HOST_DESC = 'The name of the virtualization software.'
|
||||
VIRTUAL_HOST_EXAMPLE = "'VMWare', 'QEMU', 'Xen', or 'Docker'"
|
||||
NOTE_COUNT_DESC = 'Cached count of the number of associated notes.'
|
||||
VULN_COUNT_DESC = 'Cached count of the number of associated vulns.'
|
||||
SERVICE_COUNT_DESC = 'Cached count of the number of associated services.'
|
||||
HOST_DETAIL_COUNT_DESC = 'Cached count of the number of associated host details.'
|
||||
EXPLOIT_ATTEMPT_COUNT_DESC = 'Cached count of the number of associated exploit attempts.'
|
||||
CRED_COUNT_DESC = 'Cached count of the number of associated creds.'
|
||||
STATE_ENUM = [ 'alive', 'down', 'unknown' ]
|
||||
ARCH_ENUM = [
|
||||
'x86',
|
||||
@ -45,33 +61,33 @@ module HostApiDoc
|
||||
# Swagger documentation for Host model
|
||||
swagger_schema :Host do
|
||||
key :required, [:address, :name]
|
||||
property :id, type: :integer, format: :int32
|
||||
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
|
||||
property :address, type: :string, description: HOST_DESC, example: HOST_EXAMPLE
|
||||
property :mac, type: :string, description: MAC_DESC, example: MAC_EXAMPLE
|
||||
property :comm, type: :string
|
||||
property :comm, type: :string, description: COMM_DESC
|
||||
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
|
||||
property :state, type: :string, enum: STATE_ENUM
|
||||
property :os_name, type: :string, example: OS_NAME_EXAMPLE
|
||||
property :os_flavor, type: :string, example: OS_FLAVOR_EXAMPLE
|
||||
property :os_sp, type: :string, example: OS_SP_EXAMPLE
|
||||
property :os_lang, type: :string, example: OS_LANG_EXAMPLE
|
||||
property :arch, type: :string, enum: ARCH_ENUM
|
||||
property :workspace_id, type: :integer, format: :int32
|
||||
property :state, type: :string, description: STATE_DESC, enum: STATE_ENUM
|
||||
property :os_name, type: :string, description: OS_NAME_DESC, example: OS_NAME_EXAMPLE
|
||||
property :os_flavor, type: :string, description: OS_FLAVOR_DESC, example: OS_FLAVOR_EXAMPLE
|
||||
property :os_sp, type: :string, description: OS_SP_DESC, example: OS_SP_EXAMPLE
|
||||
property :os_lang, type: :string, description: OS_LANG_DESC, example: OS_LANG_EXAMPLE
|
||||
property :os_family, type: :string, description: OS_FAMILY_DESC, example: OS_FAMILY_EXAMPLE
|
||||
property :arch, type: :string, description: ARCH_DESC, enum: ARCH_ENUM
|
||||
property :detected_arch, type: :string, description: DETECTED_ARCH_DESC
|
||||
property :workspace_id, type: :integer, format: :int32, description: RootApiDoc::WORKSPACE_ID_DESC
|
||||
property :purpose, type: :string, description: PURPOSE_DESC
|
||||
property :info, type: :string, description: INFO_DESC
|
||||
property :comments, type: :string, description: COMMENTS_DESC
|
||||
property :scope, type: :string, description: SCOPE_DESC
|
||||
property :virtual_host, type: :string, description: VIRTUAL_HOST_DESC, example: VIRTUAL_HOST_EXAMPLE
|
||||
property :note_count, type: :integer, format: :int32
|
||||
property :vuln_count, type: :integer, format: :int32
|
||||
property :service_count, type: :integer, format: :int32
|
||||
property :host_detail_count, type: :integer, format: :int32
|
||||
property :exploit_attempt_count, type: :integer, format: :int32
|
||||
property :cred_count, type: :integer, format: :int32
|
||||
property :detected_arch, type: :string
|
||||
property :os_family, type: :string
|
||||
property :created_at, type: :string, format: :date_time
|
||||
property :updated_at, type: :string, format: :date_time
|
||||
property :note_count, type: :integer, format: :int32, description: NOTE_COUNT_DESC
|
||||
property :vuln_count, type: :integer, format: :int32, description: VULN_COUNT_DESC
|
||||
property :service_count, type: :integer, format: :int32, description: SERVICE_COUNT_DESC
|
||||
property :host_detail_count, type: :integer, format: :int32, description: HOST_DETAIL_COUNT_DESC
|
||||
property :exploit_attempt_count, type: :integer, format: :int32, description: EXPLOIT_ATTEMPT_COUNT_DESC
|
||||
property :cred_count, type: :integer, format: :int32, description: CRED_COUNT_DESC
|
||||
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
|
||||
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
|
||||
end
|
||||
|
||||
swagger_path '/api/v1/hosts' do
|
||||
@ -106,14 +122,14 @@ module HostApiDoc
|
||||
key :description, 'The attributes to assign to the host.'
|
||||
key :required, true
|
||||
schema do
|
||||
property :workspace, type: :string, required: true
|
||||
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_EXAMPLE
|
||||
property :host, type: :string, format: :ipv4, required: true, description: HOST_DESC, example: HOST_EXAMPLE
|
||||
property :mac, type: :string, description: MAC_DESC, example: MAC_EXAMPLE
|
||||
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
|
||||
property :os_name, type: :string, example: OS_NAME_EXAMPLE
|
||||
property :os_flavor, type: :string, example: OS_FLAVOR_EXAMPLE
|
||||
property :os_sp, type: :string, example: OS_SP_EXAMPLE
|
||||
property :os_lang, type: :string, example: OS_LANG_EXAMPLE
|
||||
property :os_name, type: :string, description: OS_NAME_DESC, example: OS_NAME_EXAMPLE
|
||||
property :os_flavor, type: :string, description: OS_FLAVOR_DESC, example: OS_FLAVOR_EXAMPLE
|
||||
property :os_sp, type: :string, description: OS_SP_DESC, example: OS_SP_EXAMPLE
|
||||
property :os_lang, type: :string, description: OS_LANG_DESC, example: OS_LANG_EXAMPLE
|
||||
property :purpose, type: :string, description: PURPOSE_DESC
|
||||
property :info, type: :string, description: INFO_DESC
|
||||
property :comments, type: :string, description: COMMENTS_DESC
|
||||
@ -122,10 +138,12 @@ module HostApiDoc
|
||||
# Possible values paired down from rex-arch/lib/rex/arch.rb
|
||||
property :arch do
|
||||
key :type, :string
|
||||
key :description, ARCH_DESC
|
||||
key :enum, ARCH_ENUM
|
||||
end
|
||||
property :state do
|
||||
key :type, :string
|
||||
key :description, STATE_DESC
|
||||
key :enum, STATE_ENUM
|
||||
end
|
||||
end
|
||||
|
@ -3,8 +3,9 @@ require 'swagger/blocks'
|
||||
module LootApiDoc
|
||||
include Swagger::Blocks
|
||||
|
||||
HOST_ID_DESC = 'The ID of the host record this loot is associated with.'
|
||||
HOST_DESC = 'The IP address of the host from where the loot was obtained.'
|
||||
HOST_EXAMPLE = '127.0.0.1'
|
||||
SERVICE_ID_DESC = 'The ID of the service record this loot is associated with.'
|
||||
LTYPE_DESC = 'The type of loot.'
|
||||
LTYPE_EXAMPLE = "'file', 'image', 'config_file', etc."
|
||||
PATH_DESC = 'The on-disk path to the loot file.'
|
||||
@ -15,24 +16,25 @@ module LootApiDoc
|
||||
NAME_DESC = 'The name of the loot.'
|
||||
NAME_EXAMPLE = 'password_file.txt'
|
||||
INFO_DESC = 'Information about the loot.'
|
||||
MODULE_RUN_ID_DESC = 'The ID of the module run record this loot is associated with.'
|
||||
|
||||
|
||||
# Swagger documentation for loot model
|
||||
swagger_schema :Loot do
|
||||
key :required, [:name, :ltype, :path]
|
||||
property :workspace_id, type: :integer, format: :int32
|
||||
property :host_id, type: :integer, format: :int32
|
||||
property :service_id, type: :integer, format: :int32
|
||||
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
|
||||
property :workspace_id, type: :integer, format: :int32, description: RootApiDoc::WORKSPACE_ID_DESC
|
||||
property :host_id, type: :integer, format: :int32, description: HOST_ID_DESC
|
||||
property :service_id, type: :integer, format: :int32, description: SERVICE_ID_DESC
|
||||
property :ltype, type: :string, description: LTYPE_DESC, example: LTYPE_EXAMPLE
|
||||
property :path, type: :string, description: PATH_DESC, example: PATH_EXAMPLE
|
||||
property :data, type: :string, description: DATA_DESC
|
||||
property :content_type, type: :string, description: CONTENT_TYPE_DESC, example: CONTENT_TYPE_EXAMPLE
|
||||
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
|
||||
property :info, type: :string, description: INFO_DESC
|
||||
property :module_run_id, type: :integer, format: :int32
|
||||
property :id, type: :integer, format: :int32
|
||||
property :created_at, type: :string, format: :date_time
|
||||
property :updated_at, type: :string, format: :date_time
|
||||
property :module_run_id, type: :integer, format: :int32, description: MODULE_RUN_ID_DESC
|
||||
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
|
||||
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
|
||||
end
|
||||
|
||||
swagger_path '/api/v1/loots' do
|
||||
@ -65,9 +67,9 @@ module LootApiDoc
|
||||
key :description, 'The attributes to assign to the loot.'
|
||||
key :required, true
|
||||
schema do
|
||||
property :workspace, type: :string, required: true
|
||||
property :host, type: :string, format: :ipv4, description: HOST_DESC, example: HOST_EXAMPLE
|
||||
property :service, type: :string
|
||||
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_DESC, example: RootApiDoc::WORKSPACE_POST_EXAMPLE
|
||||
property :host, type: :string, format: :ipv4, description: HOST_DESC, example: RootApiDoc::HOST_EXAMPLE
|
||||
property :service, '$ref': :Service
|
||||
property :ltype, type: :string, description: LTYPE_DESC, example: LTYPE_EXAMPLE, required: true
|
||||
property :path, type: :string, description: PATH_DESC, example: PATH_EXAMPLE, required: true
|
||||
property :data, type: :string, description: DATA_DESC
|
||||
|
@ -4,7 +4,7 @@ module NmapApiDoc
|
||||
include Swagger::Blocks
|
||||
|
||||
swagger_path '/api/v1/nmaps' do
|
||||
# Swagger documentation for /api/v1/nmaps GET
|
||||
# Swagger documentation for /api/v1/nmaps POST
|
||||
operation :post do
|
||||
key :description, 'Upload an Nmap XML file to be processed into corresponding Metasploit data objects.'
|
||||
key :tags, [ 'nmap' ]
|
||||
@ -14,7 +14,7 @@ module NmapApiDoc
|
||||
key :name, :body
|
||||
key :required, true
|
||||
schema do
|
||||
property :workspace, type: :string, required: true
|
||||
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_EXAMPLE
|
||||
property :filename, type: :string, required: true, description: 'The name of the file you are uploading.'
|
||||
property :data, type: :string, required: true, description: 'The Base64 encoded contents of the Nmap XML file.'
|
||||
end
|
||||
|
@ -3,26 +3,30 @@ require 'swagger/blocks'
|
||||
module NoteApiDoc
|
||||
include Swagger::Blocks
|
||||
|
||||
TYPE_DESC = 'The type of note this is.'
|
||||
TYPE_EXAMPLE = "'host.info', 'host.os.session_fingerprint', 'smb_peer_os', etc."
|
||||
NTYPE_DESC = 'The type of note this is.'
|
||||
NTYPE_EXAMPLE = "'host.info', 'host.os.session_fingerprint', 'smb_peer_os', etc."
|
||||
HOST_ID_DESC = 'The ID of the host record this note is associated with.'
|
||||
HOST_DESC = 'The IP address of the host this note is associated with.'
|
||||
SERVICE_ID_DESC = 'The ID of the host record this service is associated with.'
|
||||
VULN_ID_DESC = 'The ID of the host record this note is associated with.'
|
||||
CRITICAL_DESC = 'Boolean regarding the criticality of this note\'s contents.'
|
||||
SEEN_DESC = 'Boolean regarding if this note has been acknowledged.'
|
||||
DATA_DESC = 'The contents of the note.'
|
||||
|
||||
# Swagger documentation for notes model
|
||||
swagger_schema :Note do
|
||||
key :required, [:type]
|
||||
property :id, type: :integer, format: :int32
|
||||
property :type, type: :string, description: TYPE_DESC, example: TYPE_EXAMPLE
|
||||
property :workspace_id, type: :integer, format: :int32
|
||||
property :host_id, type: :integer, format: :int32
|
||||
property :service_id, type: :integer, format: :int32
|
||||
key :required, [:ntype]
|
||||
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
|
||||
property :ntype, type: :string, description: NTYPE_DESC, example: NTYPE_EXAMPLE
|
||||
property :workspace_id, type: :integer, format: :int32, description: RootApiDoc::WORKSPACE_ID_DESC
|
||||
property :host_id, type: :integer, format: :int32, description: HOST_ID_DESC
|
||||
property :service_id, type: :integer, format: :int32, description: SERVICE_ID_DESC
|
||||
property :vuln_id, type: :integer, format: :int32, description: VULN_ID_DESC
|
||||
property :critical, type: :boolean, description: CRITICAL_DESC
|
||||
property :seen, type: :boolean, description: SEEN_DESC
|
||||
property :data, type: :string, description: DATA_DESC
|
||||
property :vuln_id, type: :integer, format: :int32
|
||||
property :created_at, type: :string, format: :date_time
|
||||
property :updated_at, type: :string, format: :date_time
|
||||
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
|
||||
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
|
||||
end
|
||||
|
||||
swagger_path '/api/v1/notes' do
|
||||
@ -55,9 +59,9 @@ module NoteApiDoc
|
||||
key :description, 'The attributes to assign to the note.'
|
||||
key :required, true
|
||||
schema do
|
||||
property :type, type: :string, description: TYPE_DESC, example: TYPE_EXAMPLE, required: true
|
||||
property :workspace, type: :string, required: true
|
||||
property :host, type: :integer, format: :int32
|
||||
property :ntype, type: :string, description: NTYPE_DESC, example: NTYPE_EXAMPLE, required: true
|
||||
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_DESC, example: RootApiDoc::WORKSPACE_POST_EXAMPLE
|
||||
property :host, type: :integer, format: :ipv4, description: HOST_DESC, example: RootApiDoc::HOST_EXAMPLE
|
||||
property :critical, type: :boolean, description: CRITICAL_DESC
|
||||
property :seen, type: :boolean, description: SEEN_DESC
|
||||
property :data, type: :string, description: DATA_DESC
|
||||
|
@ -3,6 +3,14 @@ require 'swagger/blocks'
|
||||
module RootApiDoc
|
||||
include Swagger::Blocks
|
||||
|
||||
ID_DESC = 'The primary key used to identify this object in the database.'
|
||||
CREATED_AT_DESC = 'The date and time this record was added to the database.'
|
||||
UPDATED_AT_DESC = 'The date and time this record was last updated in the database.'
|
||||
WORKSPACE_ID_DESC = 'The ID of the workspace this credential belongs to.'
|
||||
WORKSPACE_POST_DESC = 'The name of the workspace where this record should be created.'
|
||||
WORKSPACE_POST_EXAMPLE = 'default'
|
||||
HOST_EXAMPLE = '127.0.0.1'
|
||||
|
||||
swagger_root do
|
||||
key :swagger, '2.0'
|
||||
info do
|
||||
|
@ -4,7 +4,7 @@ module ServiceApiDoc
|
||||
include Swagger::Blocks
|
||||
|
||||
HOST_DESC = 'The host where this service is running.'
|
||||
HOST_EXAMPLE = '127.0.0.1'
|
||||
HOST_ID_DESC = 'The ID of the host record this service is associated with.'
|
||||
PORT_DESC = 'The port this service is listening on.'
|
||||
PORT_EXAMPLE = '443'
|
||||
PROTO_DESC = 'The transport layer protocol this service is using.'
|
||||
@ -19,15 +19,15 @@ module ServiceApiDoc
|
||||
# Swagger documentation for Service model
|
||||
swagger_schema :Service do
|
||||
key :required, [:id, :port, :proto]
|
||||
property :id, type: :integer, format: :int32
|
||||
property :host_id, type: :integer, format: :int32
|
||||
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
|
||||
property :host_id, type: :integer, format: :int32, description: HOST_ID_DESC
|
||||
property :port, type: :string, description: PORT_DESC, example: PORT_EXAMPLE
|
||||
property :proto, type: :string, description: PROTO_DESC, enum: PROTO_ENUM
|
||||
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
|
||||
property :info, type: :string, description: INFO_DESC, example: INFO_EXAMPLE
|
||||
property :state, type: :string, description: STATE_DESC, enum: STATE_ENUM
|
||||
property :created_at, type: :string, format: :date_time
|
||||
property :updated_at, type: :string, format: :date_time
|
||||
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
|
||||
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
|
||||
end
|
||||
|
||||
swagger_path '/api/v1/services' do
|
||||
@ -60,8 +60,8 @@ module ServiceApiDoc
|
||||
key :description, 'The attributes to assign to the service.'
|
||||
key :required, true
|
||||
schema do
|
||||
property :workspace, type: :string, required: true
|
||||
property :host, type: :string, format: :ipv4, required: true, description: HOST_DESC, example: HOST_EXAMPLE
|
||||
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_DESC, example: RootApiDoc::WORKSPACE_POST_EXAMPLE
|
||||
property :host, type: :string, format: :ipv4, required: true, description: HOST_DESC, example: RootApiDoc::HOST_EXAMPLE
|
||||
property :port, type: :string, required: true, description: PORT_DESC, example: PORT_EXAMPLE
|
||||
property :proto, type: :string, required: true, description: PROTO_DESC, enum: PROTO_ENUM
|
||||
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
|
||||
|
@ -3,6 +3,7 @@ require 'swagger/blocks'
|
||||
module SessionEventApiDoc
|
||||
include Swagger::Blocks
|
||||
|
||||
SESSION_ID_DESC = 'The ID of the session record that caused this event.'
|
||||
ETYPE_DESC = 'The type of session event that occurred.'
|
||||
ETYPE_ENUM = ['command', 'output', 'upload', 'download', 'filedelete']
|
||||
COMMAND_DESC = 'The command that was executed for this event.'
|
||||
@ -15,14 +16,14 @@ module SessionEventApiDoc
|
||||
# Swagger documentation for session events model
|
||||
swagger_schema :SessionEvent do
|
||||
key :required, [:etype, :session_id]
|
||||
property :id, type: :integer, format: :int32
|
||||
property :session_id, type: :integer, format: :int32
|
||||
property :etype, type: :string
|
||||
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
|
||||
property :session_id, type: :integer, format: :int32, description: SESSION_ID_DESC
|
||||
property :etype, type: :string, description: ETYPE_DESC, enum: ETYPE_ENUM
|
||||
property :command, type: :string, description: COMMAND_DESC
|
||||
property :output, type: :string, description: OUTPUT_DESC
|
||||
property :local_path, type: :string, description: LOCAL_PATH_DESC, example: LOCAL_PATH_EXAMPLE
|
||||
property :remote_path, type: :string, description: REMOTE_PATH_DESC, example: REMOTE_PATH_EXAMPLE
|
||||
property :created_at, type: :string, format: :date_time
|
||||
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
|
||||
end
|
||||
|
||||
swagger_path '/api/v1/session-events' do
|
||||
|
@ -3,27 +3,35 @@ require 'swagger/blocks'
|
||||
module VulnApiDoc
|
||||
include Swagger::Blocks
|
||||
|
||||
HOST_ID_DESC = 'The ID of host record associated with this vuln.'
|
||||
HOST_DESC = 'The host where this vuln was discovered.'
|
||||
HOST_EXAMPLE = '127.0.0.1'
|
||||
NAME_DESC = 'The friendly name/title for this vulnerability.'
|
||||
NAME_EXAMPLE = 'Docker Daemon Privilege Escalation'
|
||||
INFO_DESC = 'Information about how this vuln was discovered.'
|
||||
INFO_EXAMPLE = 'Exploited by exploit/linux/local/docker_daemon_privilege_escalation to create session.'
|
||||
EXPLOITED_AT_DESC = 'The date and time this vuln was successfully exploited.'
|
||||
VULN_DETAIL_COUNT = 'Cached count of the number of associated vuln detail objects.'
|
||||
VULN_ATTEMPT_COUNT = 'Cached count of the number of associated vuln attempt object.'
|
||||
ORIGIN_ID_DESC = 'ID of the associated origin record.'
|
||||
ORIGIN_TYPE_DESC = 'The origin type of this vuln.'
|
||||
REFS_DESC = 'An array of public reference IDs for this vuln.'
|
||||
REF_ID_DESC = 'The ID of the related Mdm::ModuleRef or Mdm::VulnRef associated with this vuln.'
|
||||
REF_NAME_DESC = 'Designation for external reference. May include a prefix for the authority, such as \'CVE-\', in which case the rest of the name is the designation assigned by that authority.'
|
||||
REFS_EXAMPLE = ['CVE-2008-4250','OSVDB-49243','MSB-MS08-067']
|
||||
MODULE_REF_DETAIL_ID_DESC = 'The ID of the Mdm::Module::Detail record this ModuleRef is associated with.'
|
||||
|
||||
# Swagger documentation for vulns model
|
||||
swagger_schema :Vuln do
|
||||
key :required, [:host_id, :name]
|
||||
property :id, type: :integer, format: :int32
|
||||
property :host_id, type: :integer, format: :int32
|
||||
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
|
||||
property :host_id, type: :integer, format: :int32, description: HOST_ID_DESC
|
||||
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
|
||||
property :info, type: :string, description: INFO_DESC, example: INFO_EXAMPLE
|
||||
property :exploited_at, type: :string, format: :date_time
|
||||
property :vuln_detail_count, type: :integer, format: :int32
|
||||
property :vuln_attempt_count, type: :integer, format: :int32
|
||||
property :origin_id, type: :integer, format: :int32
|
||||
property :origin_type, type: :integer, format: :int32
|
||||
property :exploited_at, type: :string, format: :date_time, description: EXPLOITED_AT_DESC
|
||||
property :vuln_detail_count, type: :integer, format: :int32, description: VULN_DETAIL_COUNT
|
||||
property :vuln_attempt_count, type: :integer, format: :int32, description: VULN_ATTEMPT_COUNT
|
||||
property :origin_id, type: :integer, format: :int32, description: ORIGIN_ID_DESC
|
||||
property :origin_type, type: :string, description: ORIGIN_TYPE_DESC
|
||||
property :vuln_refs do
|
||||
key :type, :array
|
||||
items do
|
||||
@ -42,31 +50,31 @@ module VulnApiDoc
|
||||
key :'$ref', :ModuleRef
|
||||
end
|
||||
end
|
||||
property :created_at, type: :string, format: :date_time
|
||||
property :updated_at, type: :string, format: :date_time
|
||||
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
|
||||
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
|
||||
end
|
||||
|
||||
swagger_schema :Ref do
|
||||
key :required, [:name]
|
||||
property :id, type: :integer, format: :int32
|
||||
property :ref_id, type: :integer, format: :int32
|
||||
property :name, type: :string, required: true
|
||||
property :created_at, type: :string, format: :date_time
|
||||
property :updated_at, type: :string, format: :date_time
|
||||
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
|
||||
property :ref_id, type: :integer, format: :int32, description: REF_ID_DESC
|
||||
property :name, type: :string, required: true, description: REF_NAME_DESC
|
||||
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
|
||||
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
|
||||
end
|
||||
|
||||
swagger_schema :ModuleRef do
|
||||
key :required, [:name]
|
||||
property :id, type: :integer, format: :int32
|
||||
property :detail_id, type: :integer, format: :int32
|
||||
property :name, type: :string, required: true
|
||||
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
|
||||
property :detail_id, type: :integer, format: :int32, description: MODULE_REF_DETAIL_ID_DESC
|
||||
property :name, type: :string, required: true, description: REF_NAME_DESC
|
||||
end
|
||||
|
||||
swagger_schema :VulnRef do
|
||||
key :required, [:ref_id, :vuln_id]
|
||||
property :id, type: :integer, format: :int32
|
||||
property :ref_id, type: :integer, format: :int32
|
||||
property :vuln_id, type: :integer, format: :int32
|
||||
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
|
||||
property :ref_id, type: :integer, format: :int32, description: RootApiDoc::CREATED_AT_DESC
|
||||
property :vuln_id, type: :integer, format: :int32, description: RootApiDoc::UPDATED_AT_DESC
|
||||
end
|
||||
|
||||
|
||||
@ -100,8 +108,8 @@ module VulnApiDoc
|
||||
key :description, 'The attributes to assign to the vuln.'
|
||||
key :required, true
|
||||
schema do
|
||||
property :workspace, type: :string, required: true
|
||||
property :host, type: :string, format: :ipv4, required: true, description: HOST_DESC, example: HOST_EXAMPLE
|
||||
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_DESC, example: RootApiDoc::WORKSPACE_POST_EXAMPLE
|
||||
property :host, type: :string, format: :ipv4, required: true, description: HOST_DESC, example: RootApiDoc::HOST_EXAMPLE
|
||||
property :name, type: :string, description: NAME_DESC, example: NAME_EXAMPLE
|
||||
property :info, type: :string, description: INFO_DESC, example: INFO_EXAMPLE
|
||||
property :refs do
|
||||
|
@ -3,6 +3,9 @@ require 'swagger/blocks'
|
||||
module VulnAttemptApiDoc
|
||||
include Swagger::Blocks
|
||||
|
||||
VULN_ID_DESC = 'The ID of the vuln record associated with this vuln attempt was exploiting.'
|
||||
SESSION_ID_DESC = 'The ID of the session record associated with this vuln attempt if it was successful.'
|
||||
LOOT_ID_DESC = 'The ID of the loot record associated with this vuln attempt if loot was gathered.'
|
||||
ATTEMPTED_AT_DESC = 'The time that this vuln attempt occurred.'
|
||||
EXPLOITED_DESC = 'true if the vuln attempt was successful.'
|
||||
FAIL_REASON_DESC = 'Short reason why this attempt failed.'
|
||||
@ -14,17 +17,17 @@ module VulnAttemptApiDoc
|
||||
|
||||
# Swagger documentation for vuln_attempts model
|
||||
swagger_schema :VulnAttempt do
|
||||
key :required, [:id]
|
||||
property :id, type: :integer, format: :int32
|
||||
property :vuln_id, type: :integer, format: :int32
|
||||
key :required, [:vuln_id]
|
||||
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
|
||||
property :vuln_id, type: :integer, format: :int32, description: VULN_ID_DESC
|
||||
property :session_id, type: :integer, format: :int32, description: SESSION_ID_DESC
|
||||
property :loot_id, type: :integer, format: :int32, description: LOOT_ID_DESC
|
||||
property :attempted_at, type: :string, format: :date_time, description: ATTEMPTED_AT_DESC
|
||||
property :exploited, type: :boolean, description: EXPLOITED_DESC
|
||||
property :fail_reason, type: :string, description: FAIL_REASON_DESC
|
||||
property :fail_detail, type: :string, description: FAIL_DETAIL_DESC
|
||||
property :module, type: :string, description: MODULE_DESC, example: MODULE_EXAMPLE
|
||||
property :username, type: :string, description: USERNAME_DESC
|
||||
property :session_id, type: :integer, format: :int32
|
||||
property :loot_id, type: :integer, format: :int32
|
||||
end
|
||||
|
||||
swagger_path '/api/v1/vuln-attempts' do
|
||||
@ -55,8 +58,8 @@ module VulnAttemptApiDoc
|
||||
key :description, 'The attributes to assign to the vuln attempt.'
|
||||
key :required, true
|
||||
schema do
|
||||
property :workspace, type: :string, required: true
|
||||
property :vuln_id, type: :integer, format: :int32
|
||||
property :workspace, type: :string, required: true, description: RootApiDoc::WORKSPACE_POST_DESC, example: RootApiDoc::WORKSPACE_POST_EXAMPLE
|
||||
property :vuln_id, type: :integer, format: :int32, description: VULN_ID_DESC
|
||||
property :attempted_at, type: :string, format: :date_time, description: ATTEMPTED_AT_DESC
|
||||
property :exploited, type: :boolean, description: EXPLOITED_DESC
|
||||
property :fail_reason, type: :string, description: FAIL_REASON_DESC
|
||||
|
@ -5,22 +5,24 @@ module WorkspaceApiDoc
|
||||
|
||||
NAME_DESC = 'The name of the workspace. This is the unique identifier for determining which workspace is being accessed.'
|
||||
BOUNDARY_DESC = 'Comma separated list of IP ranges (in various formats) and IP addresses that users of this workspace are allowed to interact with if limit_to_network is true.'
|
||||
BOUNDARY_EXAMPLE = ''
|
||||
BOUNDARY_EXAMPLE = '10.10.1.1-50,10.10.1.100,10.10.2.0/24'
|
||||
DESCRIPTION_DESC = 'Long description that explains the purpose of this workspace.'
|
||||
OWNER_ID_DESC = 'ID of the user who owns this workspace.'
|
||||
LIMIT_TO_NETWORK_DESC = 'true to restrict the hosts and services in this workspace to the IP addresses listed in \'boundary\'.'
|
||||
IMPORT_FINGERPRINT_DESC = 'Identifier that indicates if and where this workspace was imported from.'
|
||||
|
||||
# Swagger documentation for workspaces model
|
||||
swagger_schema :Workspace do
|
||||
key :required, [:name]
|
||||
property :id, type: :integer, format: :int32
|
||||
property :id, type: :integer, format: :int32, description: RootApiDoc::ID_DESC
|
||||
property :name, type: :string, description: NAME_DESC
|
||||
property :boundary, type: :string, description: BOUNDARY_DESC, example: BOUNDARY_EXAMPLE
|
||||
property :description, type: :string, description: DESCRIPTION_DESC
|
||||
property :owner_id, type: :integer, format: :int32
|
||||
property :owner_id, type: :integer, format: :int32, description: OWNER_ID_DESC
|
||||
property :limit_to_network, type: :boolean, description: LIMIT_TO_NETWORK_DESC
|
||||
property :import_fingerprint, type: :boolean
|
||||
property :created_at, type: :string, format: :date_time
|
||||
property :updated_at, type: :string, format: :date_time
|
||||
property :import_fingerprint, type: :boolean, description: IMPORT_FINGERPRINT_DESC
|
||||
property :created_at, type: :string, format: :date_time, description: RootApiDoc::CREATED_AT_DESC
|
||||
property :updated_at, type: :string, format: :date_time, description: RootApiDoc::UPDATED_AT_DESC
|
||||
end
|
||||
|
||||
swagger_path '/api/v1/workspaces' do
|
||||
|
Loading…
Reference in New Issue
Block a user