Class: Ronin::DB::Password

Inherits:
ActiveRecord::Base
  • Object
show all
Includes:
Model, Model::Importable
Defined in:
lib/ronin/db/password.rb

Overview

Represents a password used by services or websites.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Model::Importable

included

Methods included from Model

included

Instance Attribute Details

#credentialsArray<Credential>

The credentials which use the password.

Returns:



54
 
# File 'lib/ronin/db/password.rb', line 54

has_many :credentials, dependent: :destroy

#email_addressesArray<EmailAddress>

The email addresses which use the password.

Returns:

Since:

  • 0.2.0



68
 
# File 'lib/ronin/db/password.rb', line 68

has_many :email_addresses, through: :credentials

#idInteger

The primary key of the password.

Returns:

  • (Integer) 


41
 
# File 'lib/ronin/db/password.rb', line 41

attribute :id, :integer

#notesArray<Note>

The associated notes.

Returns:

Since:

  • 0.2.0



92
 
# File 'lib/ronin/db/password.rb', line 92

has_many :notes, dependent: :destroy

#plain_textString

The clear-text of the password.

Returns:

  • (String) 


47
 
# File 'lib/ronin/db/password.rb', line 47

attribute :plain_text, :string

#service_credentialsArray<ServiceCredential>

The service credentials that use the password.

Returns:

Since:

  • 0.2.0



76
 
# File 'lib/ronin/db/password.rb', line 76

has_many :service_credentials, through: :credentials

#user_namesArray<UserName>

The user names which use the password.

Returns:



60
 
# File 'lib/ronin/db/password.rb', line 60

has_many :user_names, through: :credentials

#web_credentialsArray<WebCredential>

Any web credentials that use the password.

Returns:

Since:

  • 0.2.0



84
 
# File 'lib/ronin/db/password.rb', line 84

has_many :web_credentials, through: :credentials

Class Method Details

.for_user(name) ⇒ Array<Password>

Searches for all passwords used by a specific user.

Parameters:

  • name (String)

    The name of the user.

Returns:

  • (Array<Password>)

    The passwords for the user.

Since:

  • 0.2.0



107
108
109
 
# File 'lib/ronin/db/password.rb', line 107

def self.for_user(name)
  joins(credentials: :user_name).where(credentials: {ronin_user_names: {name: name}})
end

.import(password) ⇒ Password

Parses a password.

Parameters:

  • password (#to_s)

    The password to import.

Returns:



170
171
172
 
# File 'lib/ronin/db/password.rb', line 170

def self.import(password)
  create(plain_text: password.to_s)
end

.lookup(password) ⇒ Password?

Looks up the password.

Parameters:

  • password (#to_s)

    The password to lookup.

Returns:

  • (Password, nil)

    The found password.



155
156
157
 
# File 'lib/ronin/db/password.rb', line 155

def self.lookup(password)
  find_by(plain_text: password.to_s)
end

.with_email_address(email) ⇒ Array<Password>

Searches all passwords that are associated with an email address.

Parameters:

  • email (String)

    The email address to search for.

Returns:

  • (Array<Password>)

    The passwords associated with the email address.

Raises:

  • (ArgumentError)

    The given email address was not a valid email address.

Since:

  • 0.2.0



127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
 
# File 'lib/ronin/db/password.rb', line 127

def self.with_email_address(email)
  unless email.include?('@')
    raise(ArgumentError,"invalid email address #{email.inspect}")
  end

  user, domain = email.split('@',2)

  return joins(credentials: {email_address: [:user_name, :host_name]}).where(
    credentials: {
      email_address: {
        ronin_user_names: {name: user},
        ronin_host_names: {name: domain}
      }
    }
  )
end

Instance Method Details

#countInteger

The number of credentials which use this password.

Returns:

  • (Integer)

    The number of credentials that use the password.



229
230
231
 
# File 'lib/ronin/db/password.rb', line 229

def count
  self.credentials.count
end

#digest(algorithm, prepend_salt: nil, append_salt: nil) ⇒ String

Hashes the password.

Examples:

pass = Password.new(plain_text: 'secret')

pass.digest(:sha1)
# => "e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4"

pass.digest(:sha1, prepend_salt: "A\x90\x00")
# => "e2817656a48c49f24839ccf9295b389d8f985904"

pass.digest(:sha1, append_salt: "BBBB")
# => "aa6ca21e446d425fc044bbb26e950a788444a5b8"

Parameters:

  • algorithm (Symbol, String)

    The digest algorithm to use.

  • prepend_salt (String, nil) (defaults to: nil)

    The salt data to prepend to the password.

  • append_salt (String, nil) (defaults to: nil)

    The salt data to append to the password.

Returns:

  • (String)

    The hex-digest of the hashed password.

Raises:

  • (ArgumentError)

    Unknown Digest algorithm.



206
207
208
209
210
211
212
213
214
215
216
217
218
219
 
# File 'lib/ronin/db/password.rb', line 206

def digest(algorithm, prepend_salt: nil, append_salt: nil)
  digest_class = begin
                   Digest.const_get(algorithm.upcase)
                 rescue LoadError
                   raise(ArgumentError,"Unknown Digest algorithm #{algorithm}")
                 end

  hash = digest_class.new
  hash << prepend_salt.to_s if prepend_salt
  hash << self.plain_text
  hash << append_salt.to_s if append_salt

  return hash.hexdigest
end

#to_sString

Converts the password into a String.

Returns:

  • (String)

    The clear-text of the password.



241
242
243
 
# File 'lib/ronin/db/password.rb', line 241

def to_s
  self.plain_text
end