Skip to content

Commit

Permalink
Updated to rorm v0.6
Browse files Browse the repository at this point in the history
  • Loading branch information
@myOmikron
myOmikron committed Sep 9, 2023
1 parent 44f7e6d commit a678f2d
Show file tree
Hide file tree
Showing 30 changed files with 1,236 additions and 635 deletions.
543 changes: 321 additions & 222 deletions Cargo.lock
View file

Large diffs are not rendered by default.

5 changes: 1 addition & 4 deletions deny.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,7 @@ allow = [
"LicenseRef-ring",
"AGPL-3.0"
]

deny = [

]
deny = []

# Exception for rings license
[[licenses.clarify]]
Expand Down
5 changes: 3 additions & 2 deletions kraken/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ description = "The core component of kraken-project"
# Webframework
actix-web = { version = "~4" }
# Extensions for actix-web
actix-toolbox = { version = "~0.12", features = ["ws", "logging", "session"] }
actix-toolbox = { version = "~0.13", features = ["ws", "logging", "session-postgres-only"] }
# Webauthn library
webauthn-rs = { version = "~0.4", features = ["danger-allow-state-serialisation"] }

Expand Down Expand Up @@ -67,7 +67,8 @@ prost-types = { version = "~0.12" }
thiserror = { version = "~1" }

# ORM
rorm = { version = "~0.6", default-features = false, features = ["tokio", "rustls", "cli", "uuid", "postgres-only"] }
rorm = { version = "~0.6", default-features = false, features = ["tokio", "rustls", "cli", "uuid", "postgres-only", "chrono"] }
ipnetwork = { version = "~0.20" }

# API for dehashed
dehashed-rs = { version = "~0.3", features = ["tokio", "utoipa"] }
Expand Down
136 changes: 136 additions & 0 deletions kraken/migrations/0002_placeholder.toml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,136 @@
[Migration]
Hash = "15664649178895690706"
Initial = false
Dependency = 1
Replaces = []

[[Migration.Operations]]
Type = "CreateModel"
Name = "certificatetransparencyvaluename"

[[Migration.Operations.Fields]]
Name = "uuid"
Type = "varbinary"

[[Migration.Operations.Fields.Annotations]]
Type = "primary_key"

[[Migration.Operations.Fields]]
Name = "value_name"
Type = "varchar"

[[Migration.Operations.Fields.Annotations]]
Type = "max_length"
Value = 255

[[Migration.Operations.Fields.Annotations]]
Type = "not_null"

[[Migration.Operations]]
Type = "CreateModel"
Name = "certificatetransparencyresult"

[[Migration.Operations.Fields]]
Name = "uuid"
Type = "varbinary"

[[Migration.Operations.Fields.Annotations]]
Type = "primary_key"

[[Migration.Operations.Fields]]
Name = "created_at"
Type = "datetime"

[[Migration.Operations.Fields.Annotations]]
Type = "auto_create_time"

[[Migration.Operations.Fields.Annotations]]
Type = "not_null"

[[Migration.Operations.Fields]]
Name = "issuer_name"
Type = "varchar"

[[Migration.Operations.Fields.Annotations]]
Type = "max_length"
Value = 255

[[Migration.Operations.Fields.Annotations]]
Type = "not_null"

[[Migration.Operations.Fields]]
Name = "common_name"
Type = "varchar"

[[Migration.Operations.Fields.Annotations]]
Type = "max_length"
Value = 255

[[Migration.Operations.Fields.Annotations]]
Type = "not_null"

[[Migration.Operations.Fields]]
Name = "not_before"
Type = "datetime"
Annotations = []

[[Migration.Operations.Fields]]
Name = "not_after"
Type = "datetime"
Annotations = []

[[Migration.Operations.Fields]]
Name = "serial_number"
Type = "varchar"

[[Migration.Operations.Fields.Annotations]]
Type = "max_length"
Value = 255

[[Migration.Operations.Fields.Annotations]]
Type = "not_null"

[[Migration.Operations]]
Type = "CreateField"
Model = "certificatetransparencyvaluename"

[Migration.Operations.Field]
Name = "ct_result"
Type = "varbinary"

[[Migration.Operations.Field.Annotations]]
Type = "foreign_key"

[Migration.Operations.Field.Annotations.Value]
TableName = "certificatetransparencyresult"
ColumnName = "uuid"
OnDelete = "Cascade"
OnUpdate = "Cascade"

[[Migration.Operations.Field.Annotations]]
Type = "not_null"

[[Migration.Operations]]
Type = "CreateField"
Model = "certificatetransparencyresult"

[Migration.Operations.Field]
Name = "attack"
Type = "varbinary"

[[Migration.Operations.Field.Annotations]]
Type = "foreign_key"

[Migration.Operations.Field.Annotations.Value]
TableName = "attack"
ColumnName = "uuid"
OnDelete = "Cascade"
OnUpdate = "Cascade"

[[Migration.Operations.Field.Annotations]]
Type = "not_null"

[[Migration.Operations]]
Type = "DeleteField"
Model = "workspace"
Name = "deletable"
59 changes: 30 additions & 29 deletions kraken/src/api/handler/attacks.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,11 @@ use chrono::{DateTime, NaiveDateTime, TimeZone, Utc};
use dehashed_rs::{DehashedError, ScheduledRequest, SearchResult};
use futures::StreamExt;
use ipnet::IpNet;
use ipnetwork::IpNetwork;
use log::{debug, error, warn};
use rorm::fields::ForeignModelByField;
use rorm::transaction::Transaction;
use rorm::{and, insert, query, update, Database, Model};
use rorm::db::transaction::Transaction;
use rorm::prelude::ForeignModelByField;
use rorm::{and, insert, query, update, Database, FieldAccess, Model};
use serde::{Deserialize, Serialize};
use tokio::sync::oneshot;
use utoipa::{IntoParams, ToSchema};
Expand All @@ -26,9 +27,9 @@ use crate::models::{
Attack, AttackInsert, AttackType, DehashedQueryResultInsert, TcpPortScanResult,
TcpPortScanResultInsert, Workspace, WorkspaceMember,
};
use crate::rpc::rpc_attacks;
use crate::rpc::rpc_attacks::shared::dns_record::Record;
use crate::rpc::rpc_attacks::CertificateTransparencyRequest;
use crate::rpc::rpc_definitions;
use crate::rpc::rpc_definitions::shared::dns_record::Record;
use crate::rpc::rpc_definitions::CertificateTransparencyRequest;

/// The settings of a subdomain bruteforce request
#[derive(Deserialize, ToSchema)]
Expand Down Expand Up @@ -89,7 +90,7 @@ pub async fn bruteforce_subdomains(

// start attack
tokio::spawn(async move {
let req = rpc_attacks::BruteforceSubdomainRequest {
let req = rpc_definitions::BruteforceSubdomainRequest {
attack_uuid: uuid.to_string(),
domain: req.domain.clone(),
wordlist_path: req.wordlist_path.clone(),
Expand Down Expand Up @@ -185,7 +186,7 @@ pub async fn bruteforce_subdomains(

let now = Utc::now();
if let Err(err) = update!(db.as_ref(), Attack)
.condition(Attack::F.uuid.equals(uuid.as_ref()))
.condition(Attack::F.uuid.equals(uuid))
.set(Attack::F.finished_at, Some(now.naive_utc()))
.exec()
.await
Expand Down Expand Up @@ -263,15 +264,15 @@ where
})
}

impl From<&PortOrRange> for rpc_attacks::PortOrRange {
impl From<&PortOrRange> for rpc_definitions::PortOrRange {
fn from(value: &PortOrRange) -> Self {
rpc_attacks::PortOrRange {
rpc_definitions::PortOrRange {
port_or_range: Some(match value {
PortOrRange::Port(port) => {
rpc_attacks::port_or_range::PortOrRange::Single(*port as u32)
rpc_definitions::port_or_range::PortOrRange::Single(*port as u32)
}
PortOrRange::Range(range) => {
rpc_attacks::port_or_range::PortOrRange::Range(rpc_attacks::PortRange {
rpc_definitions::port_or_range::PortOrRange::Range(rpc_definitions::PortRange {
start: *range.start() as u32,
end: *range.end() as u32,
})
Expand Down Expand Up @@ -330,7 +331,7 @@ pub async fn scan_tcp_ports(

// start attack
tokio::spawn(async move {
let req = rpc_attacks::TcpPortScanRequest {
let req = rpc_definitions::TcpPortScanRequest {
attack_uuid: uuid.to_string(),
targets: req.targets.iter().map(|addr| (*addr).into()).collect(),
exclude: req.exclude.iter().map(|addr| addr.to_string()).collect(),
Expand Down Expand Up @@ -360,11 +361,11 @@ pub async fn scan_tcp_ports(
};

let address = match addr {
rpc_attacks::shared::address::Address::Ipv4(addr) => {
rpc_definitions::shared::address::Address::Ipv4(addr) => {
IpAddr::V4(addr.into())
}

rpc_attacks::shared::address::Address::Ipv6(addr) => {
rpc_definitions::shared::address::Address::Ipv6(addr) => {
IpAddr::V6(addr.into())
}
};
Expand All @@ -374,7 +375,7 @@ pub async fn scan_tcp_ports(
.single(&TcpPortScanResultInsert {
uuid: Uuid::new_v4(),
attack: ForeignModelByField::Key(uuid),
address: rorm::fields::Json(address),
address: IpNetwork::from(address),
port: v.port as i32,
})
.await
Expand Down Expand Up @@ -435,7 +436,7 @@ pub async fn scan_tcp_ports(

let now = Utc::now();
if let Err(err) = update!(db.as_ref(), Attack)
.condition(Attack::F.uuid.equals(uuid.as_ref()))
.condition(Attack::F.uuid.equals(uuid))
.set(Attack::F.finished_at, Some(now.naive_utc()))
.exec()
.await
Expand Down Expand Up @@ -598,7 +599,7 @@ pub async fn query_certificate_transparency(

let now = Utc::now();
if let Err(err) = update!(db.as_ref(), Attack)
.condition(Attack::F.uuid.equals(uuid.as_ref()))
.condition(Attack::F.uuid.equals(uuid))
.set(Attack::F.finished_at, Some(now.naive_utc()))
.exec()
.await
Expand Down Expand Up @@ -710,7 +711,7 @@ pub async fn query_dehashed(
address: x.address,
phone: x.phone,
vin: x.vin,
ip_address: rorm::fields::Json(x.ip_address),
ip_address: x.ip_address.map(|x| IpNetwork::from(x)),
attack: ForeignModelByField::Key(attack_uuid),
})
.collect();
Expand Down Expand Up @@ -784,7 +785,7 @@ pub(crate) async fn get_attack(
Attack::F.started_by.display_name,
)
)
.condition(Attack::F.uuid.equals(req.uuid.as_ref()))
.condition(Attack::F.uuid.equals(req.uuid))
.optional()
.await?
.ok_or(ApiError::InvalidUuid)?;
Expand Down Expand Up @@ -856,7 +857,7 @@ pub(crate) struct SimpleTcpPortScanResult {
pub attack: Uuid,
pub created_at: DateTime<Utc>,
#[schema(value_type = String)]
pub address: IpAddr,
pub address: IpNetwork,
pub port: u16,
}

Expand Down Expand Up @@ -888,11 +889,11 @@ pub(crate) async fn get_tcp_port_scan_results(
Err(ApiError::MissingPrivileges)
} else {
let (total,) = query!(&mut tx, (TcpPortScanResult::F.uuid.count(),))
.condition(TcpPortScanResult::F.attack.equals(uuid.as_ref()))
.condition(TcpPortScanResult::F.attack.equals(uuid))
.one()
.await?;
let results = query!(&mut tx, TcpPortScanResult)
.condition(TcpPortScanResult::F.attack.equals(uuid.as_ref()))
.condition(TcpPortScanResult::F.attack.equals(uuid))
.order_asc(TcpPortScanResult::F.uuid)
.limit(limit)
.offset(offset)
Expand All @@ -902,8 +903,8 @@ pub(crate) async fn get_tcp_port_scan_results(
.map(|result| SimpleTcpPortScanResult {
uuid: result.uuid,
attack: *result.attack.key(),
created_at: Utc.from_utc_datetime(&result.created_at),
address: result.address.into_inner(),
created_at: result.created_at,
address: result.address,
port: result.port as u16,
})
.collect();
Expand Down Expand Up @@ -943,7 +944,7 @@ pub(crate) async fn delete_attack(
let user = query_user(&mut tx, &session).await?;

let attack = query!(&mut tx, Attack)
.condition(Attack::F.uuid.equals(req.uuid.as_ref()))
.condition(Attack::F.uuid.equals(req.uuid))
.optional()
.await?
.ok_or(ApiError::InvalidUuid)?;
Expand Down Expand Up @@ -972,7 +973,7 @@ async fn has_access(tx: &mut Transaction, attack_uuid: Uuid, session: &Session)
let uuid: Uuid = session.get("uuid")?.ok_or(ApiError::SessionCorrupt)?;

let (workspace, owner) = query!(&mut *tx, (Workspace::F.uuid, Workspace::F.owner))
.condition(Workspace::F.attacks.uuid.equals(attack_uuid.as_ref()))
.condition(Workspace::F.attacks.uuid.equals(attack_uuid))
.one()
.await?;
if *owner.key() == uuid {
Expand All @@ -981,8 +982,8 @@ async fn has_access(tx: &mut Transaction, attack_uuid: Uuid, session: &Session)

Ok(query!(&mut *tx, (WorkspaceMember::F.id,))
.condition(and!(
WorkspaceMember::F.workspace.equals(workspace.as_ref()),
WorkspaceMember::F.member.equals(uuid.as_ref()),
WorkspaceMember::F.workspace.equals(workspace),
WorkspaceMember::F.member.equals(uuid),
))
.optional()
.await?
Expand Down
Loading

0 comments on commit a678f2d

Please sign in to comment.