dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Lands #6326, Rspec 3 upgrade 

lands the work to upgrade framework
to RSpec 3

MS-673
This commit is contained in:
David Maloney 2015-12-14 11:27:17 -06:00
parent a0e8878508 6551df6446
commit 08acac6c25
No known key found for this signature in database
GPG Key ID: DEDBA9DC3A913DB2
343 changed files with 3166 additions and 3176 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Gemfile
View File

@ -24,14 +24,12 @@ group :development, :test do
# automatically include factories from spec/factories
gem 'factory_girl_rails', '~> 4.5.0'
# Make rspec output shorter and more useful
gem 'fivemat', '1.2.1'
gem 'fivemat', '~> 1.3.1'
# running documentation generation tasks and rspec tasks
gem 'rake', '>= 10.0.0'
# testing framework
gem 'rspec', '>= 2.12', '< 3.0.0'
# Define `rake spec`. Must be in development AND test so that its available by default as a rake test when the
# environment is development
gem 'rspec-rails' , '>= 2.12', '< 3.0.0'
gem 'rspec-rails' , '~> 3.3'
end
group :test do

45
Gemfile.lock
View File

@ -97,7 +97,7 @@ GEM
railties (>= 3.0.0)
ffi (1.9.8)
filesize (0.1.1)
fivemat (1.2.1)
fivemat (1.3.2)
gherkin (2.12.2)
multi_json (~> 1.3)
hike (1.2.3)
@ -183,25 +183,23 @@ GEM
redcarpet (3.2.3)
rkelly-remix (0.0.6)
robots (0.10.1)
rspec (2.99.0)
rspec-core (~> 2.99.0)
rspec-expectations (~> 2.99.0)
rspec-mocks (~> 2.99.0)
rspec-collection_matchers (1.1.2)
rspec-expectations (>= 2.99.0.beta1)
rspec-core (2.99.2)
rspec-expectations (2.99.2)
diff-lcs (>= 1.1.3, < 2.0)
rspec-mocks (2.99.3)
rspec-rails (2.99.0)
actionpack (>= 3.0)
activemodel (>= 3.0)
activesupport (>= 3.0)
railties (>= 3.0)
rspec-collection_matchers
rspec-core (~> 2.99.0)
rspec-expectations (~> 2.99.0)
rspec-mocks (~> 2.99.0)
rspec-core (3.3.2)
rspec-support (~> 3.3.0)
rspec-expectations (3.3.1)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.3.0)
rspec-mocks (3.3.2)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.3.0)
rspec-rails (3.3.3)
actionpack (>= 3.0, < 4.3)
activesupport (>= 3.0, < 4.3)
railties (>= 3.0, < 4.3)
rspec-core (~> 3.3.0)
rspec-expectations (~> 3.3.0)
rspec-mocks (~> 3.3.0)
rspec-support (~> 3.3.0)
rspec-support (3.3.0)
rubyntlm (0.5.2)
rubyzip (1.1.7)
shoulda-matchers (2.8.0)
@ -226,7 +224,7 @@ GEM
thread_safe (0.3.5)
tilt (1.4.1)
timecop (0.7.3)
tzinfo (0.3.44)
tzinfo (0.3.45)
xpath (2.0.0)
nokogiri (~> 1.3)
yard (0.8.7.6)
@ -238,13 +236,12 @@ DEPENDENCIES
aruba
cucumber-rails
factory_girl_rails (~> 4.5.0)
fivemat (= 1.2.1)
fivemat (~> 1.3.1)
metasploit-framework!
pry
rake (>= 10.0.0)
redcarpet
rspec (>= 2.12, < 3.0.0)
rspec-rails (>= 2.12, < 3.0.0)
rspec-rails (~> 3.3)
shoulda-matchers
simplecov
timecop

3
lib/metasploit/framework/spec/threads/suite.rb
View File

@ -204,7 +204,8 @@ module Metasploit
Thread.list.reject { |thread|
# don't do `is_a? Debugger::DebugThread` because it requires Debugger::DebugThread to be loaded, which it
# won't when not debugging.
thread.class.name == 'Debugger::DebugThread'
thread.class.name == 'Debugger::DebugThread' ||
thread.class.name == 'Debase::DebugThread'
}
end
end

18
spec/lib/active_record/connection_adapters/abstract_adapter/connection_pool_spec.rb
View File

@ -1,7 +1,7 @@
# -*- coding:binary -*-
require 'spec_helper'
describe ActiveRecord::ConnectionAdapters::ConnectionPool do
RSpec.describe ActiveRecord::ConnectionAdapters::ConnectionPool do
self.use_transactional_fixtures = false
def database_configurations
@ -44,13 +44,13 @@ describe ActiveRecord::ConnectionAdapters::ConnectionPool do
end
context 'in thread with connection' do
it { should be_truthy }
it { is_expected.to be_truthy }
end
context 'in thread without connection' do
it 'should be false' do
thread = Thread.new do
Thread.current.should_not == main_thread
expect(Thread.current).not_to eq main_thread
expect(active_connection?).to be_falsey
end
@ -69,7 +69,7 @@ describe ActiveRecord::ConnectionAdapters::ConnectionPool do
end
it 'should call #current_connection_id' do
connection_pool.should_receive(
expect(connection_pool).to receive(
:current_connection_id
).at_least(
:once
@ -80,7 +80,7 @@ describe ActiveRecord::ConnectionAdapters::ConnectionPool do
it 'should yield #connection' do
connection = double('Connection')
connection_pool.stub(:connection => connection)
allow(connection_pool).to receive(:connection).and_return(connection)
expect { |block|
connection_pool.with_connection(&block)
@ -166,18 +166,18 @@ describe ActiveRecord::ConnectionAdapters::ConnectionPool do
child_count = reserved_connection_count
count_change = child_count - before_count
count_change.should == 1
expect(count_change).to eq 1
connection_pool.with_connection do
grandchild_count = reserved_connection_count
grandchild_count.should == child_count
expect(grandchild_count).to eq child_count
end
end
after_count = reserved_connection_count
after_count.should == before_count
expect(after_count).to eq before_count
end
end
@ -197,7 +197,7 @@ describe ActiveRecord::ConnectionAdapters::ConnectionPool do
connection_pool.with_connection do
inside = reserved_connection_count
inside.should == outside
expect(inside).to eq outside
end
end
end

12
spec/lib/metasploit/framework/credential_collection_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/credential_collection'
describe Metasploit::Framework::CredentialCollection do
RSpec.describe Metasploit::Framework::CredentialCollection do
subject(:collection) do
described_class.new(
@ -33,7 +33,7 @@ describe Metasploit::Framework::CredentialCollection do
let(:user_file) do
filename = "foo"
stub_file = StringIO.new("asdf\njkl\n")
File.stub(:open).with(filename,/^r/).and_yield stub_file
allow(File).to receive(:open).with(filename,/^r/).and_yield stub_file
filename
end
@ -51,7 +51,7 @@ describe Metasploit::Framework::CredentialCollection do
let(:pass_file) do
filename = "foo"
stub_file = StringIO.new("asdf\njkl\n")
File.stub(:open).with(filename,/^r/).and_return stub_file
allow(File).to receive(:open).with(filename,/^r/).and_return stub_file
filename
end
@ -71,7 +71,7 @@ describe Metasploit::Framework::CredentialCollection do
let(:userpass_file) do
filename = "foo"
stub_file = StringIO.new("asdf jkl\nfoo bar\n")
File.stub(:open).with(filename,/^r/).and_yield stub_file
allow(File).to receive(:open).with(filename,/^r/).and_yield stub_file
filename
end
@ -90,14 +90,14 @@ describe Metasploit::Framework::CredentialCollection do
let(:user_file) do
filename = "user_file"
stub_file = StringIO.new("asdf\njkl\n")
File.stub(:open).with(filename,/^r/).and_yield stub_file
allow(File).to receive(:open).with(filename,/^r/).and_yield stub_file
filename
end
let(:pass_file) do
filename = "pass_file"
stub_file = StringIO.new("asdf\njkl\n")
File.stub(:open).with(filename,/^r/).and_return stub_file
allow(File).to receive(:open).with(filename,/^r/).and_return stub_file
filename
end

18
spec/lib/metasploit/framework/credential_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/credential'
describe Metasploit::Framework::Credential do
RSpec.describe Metasploit::Framework::Credential do
subject(:cred_detail) {
described_class.new
@ -13,12 +13,12 @@ describe Metasploit::Framework::Credential do
let(:realm_type) { Metasploit::Model::Realm::Key::ACTIVE_DIRECTORY_DOMAIN }
let(:private_type) { :password }
it { should respond_to :paired }
it { should respond_to :private }
it { should respond_to :private_type }
it { should respond_to :public }
it { should respond_to :realm }
it { should respond_to :realm_key }
it { is_expected.to respond_to :paired }
it { is_expected.to respond_to :private }
it { is_expected.to respond_to :private_type }
it { is_expected.to respond_to :public }
it { is_expected.to respond_to :realm }
it { is_expected.to respond_to :realm_key }
describe "#paired" do
it "defaults to true" do
@ -86,9 +86,9 @@ describe Metasploit::Framework::Credential do
subject(:cred_detail) do
described_class.new(public: public, private: private, realm: realm)
end
it { should respond_to :to_credential }
it { is_expected.to respond_to :to_credential }
it "should return self" do
cred_detail.to_credential.should eq(cred_detail)
expect(cred_detail.to_credential).to eq(cred_detail)
end
end

2
spec/lib/metasploit/framework/database_spec.rb
View File

@ -660,7 +660,7 @@ RSpec.describe Metasploit::Framework::Database do
end
before(:each) do
expect(Msf::Config).to receive(:get_config_root).and_return(config_root)
allow(Msf::Config).to receive(:get_config_root).and_return(config_root)
end
it 'is database.yml under the user config root' do

2
spec/lib/metasploit/framework/jtr/cracker_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/jtr/cracker'
describe Metasploit::Framework::JtR::Cracker do
RSpec.describe Metasploit::Framework::JtR::Cracker do
subject(:cracker) { described_class.new }
let(:john_path) { '/path/to/john' }

8
spec/lib/metasploit/framework/jtr/invalid_wordlist_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/jtr/invalid_wordlist'
describe Metasploit::Framework::JtR::InvalidWordlist do
RSpec.describe Metasploit::Framework::JtR::InvalidWordlist do
subject(:invalid) do
described_class.new(model)
@ -17,10 +17,10 @@ describe Metasploit::Framework::JtR::InvalidWordlist do
end
end
it { should be_a StandardError }
it { is_expected.to be_a StandardError }
it 'should use ActiveModel::Errors#full_messages' do
model.errors.should_receive(:full_messages).and_call_original
expect(model.errors).to receive(:full_messages).and_call_original
described_class.new(model)
end
@ -31,7 +31,7 @@ describe Metasploit::Framework::JtR::InvalidWordlist do
end
it 'should be the passed in model' do
error_model.should == model
expect(error_model).to eq model
end
end

20
spec/lib/metasploit/framework/jtr/wordlist_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/jtr/wordlist'
describe Metasploit::Framework::JtR::Wordlist do
RSpec.describe Metasploit::Framework::JtR::Wordlist do
subject(:wordlist) { described_class.new }
@ -28,15 +28,15 @@ describe Metasploit::Framework::JtR::Wordlist do
"p@$$w0rd"
] }
it { should respond_to :appenders }
it { should respond_to :custom_wordlist }
it { should respond_to :mutate }
it { should respond_to :prependers }
it { should respond_to :use_common_root }
it { should respond_to :use_creds }
it { should respond_to :use_db_info }
it { should respond_to :use_default_wordlist }
it { should respond_to :use_hostnames }
it { is_expected.to respond_to :appenders }
it { is_expected.to respond_to :custom_wordlist }
it { is_expected.to respond_to :mutate }
it { is_expected.to respond_to :prependers }
it { is_expected.to respond_to :use_common_root }
it { is_expected.to respond_to :use_creds }
it { is_expected.to respond_to :use_db_info }
it { is_expected.to respond_to :use_default_wordlist }
it { is_expected.to respond_to :use_hostnames }
describe 'validations' do

4
spec/lib/metasploit/framework/login_scanner/afp_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/afp'
describe Metasploit::Framework::LoginScanner::AFP do
RSpec.describe Metasploit::Framework::LoginScanner::AFP do
subject(:scanner) { described_class.new }
@ -10,7 +10,7 @@ describe Metasploit::Framework::LoginScanner::AFP do
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
it_behaves_like 'Metasploit::Framework::Tcp::Client'
it { should respond_to :login_timeout }
it { is_expected.to respond_to :login_timeout }
describe "#attempt_login" do
let(:pub_blank) do

2
spec/lib/metasploit/framework/login_scanner/axis2_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/axis2'
describe Metasploit::Framework::LoginScanner::Axis2 do
RSpec.describe Metasploit::Framework::LoginScanner::Axis2 do
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: false
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'

8
spec/lib/metasploit/framework/login_scanner/base_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/base'
describe Metasploit::Framework::LoginScanner::Base do
RSpec.describe Metasploit::Framework::LoginScanner::Base do
let(:base_class) {
Class.new do
@ -29,7 +29,7 @@ describe Metasploit::Framework::LoginScanner::Base do
base_class.new(options)
}
it { should respond_to :bruteforce_speed }
it { is_expected.to respond_to :bruteforce_speed }
context 'validations' do
@ -70,7 +70,7 @@ describe Metasploit::Framework::LoginScanner::Base do
end
it { should respond_to :sleep_time }
it { is_expected.to respond_to :sleep_time }
context '#sleep_time' do
@ -93,7 +93,7 @@ describe Metasploit::Framework::LoginScanner::Base do
end
end
it { should respond_to :sleep_between_attempts }
it { is_expected.to respond_to :sleep_between_attempts }
context '#sleep_between_attempts'
context 'default' do

2
spec/lib/metasploit/framework/login_scanner/buffalo_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/buffalo'
describe Metasploit::Framework::LoginScanner::Buffalo do
RSpec.describe Metasploit::Framework::LoginScanner::Buffalo do
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: false
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'

2
spec/lib/metasploit/framework/login_scanner/chef_webui_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/chef_webui'
describe Metasploit::Framework::LoginScanner::ChefWebUI do
RSpec.describe Metasploit::Framework::LoginScanner::ChefWebUI do
subject(:http_scanner) { described_class.new }

8
spec/lib/metasploit/framework/login_scanner/db2_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/db2'
describe Metasploit::Framework::LoginScanner::DB2 do
RSpec.describe Metasploit::Framework::LoginScanner::DB2 do
let(:public) { 'root' }
let(:private) { 'toor' }
let(:test_cred) {
@ -18,7 +18,7 @@ describe Metasploit::Framework::LoginScanner::DB2 do
context 'when the socket errors' do
it 'returns a connection_error result for an Rex::ConnectionError' do
my_scanner = login_scanner
my_scanner.should_receive(:connect).and_raise ::Rex::ConnectionError
expect(my_scanner).to receive(:connect).and_raise ::Rex::ConnectionError
result = my_scanner.attempt_login(test_cred)
expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
expect(result.proof).to be_a(::Rex::ConnectionError)
@ -26,7 +26,7 @@ describe Metasploit::Framework::LoginScanner::DB2 do
it 'returns a connection_error result for an Rex::ConnectionTimeout' do
my_scanner = login_scanner
my_scanner.should_receive(:connect).and_raise ::Rex::ConnectionTimeout
expect(my_scanner).to receive(:connect).and_raise ::Rex::ConnectionTimeout
result = my_scanner.attempt_login(test_cred)
expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
expect(result.proof).to be_a(::Rex::ConnectionTimeout)
@ -34,7 +34,7 @@ describe Metasploit::Framework::LoginScanner::DB2 do
it 'returns a connection_error result for an ::Timeout::Error' do
my_scanner = login_scanner
my_scanner.should_receive(:connect).and_raise ::Timeout::Error
expect(my_scanner).to receive(:connect).and_raise ::Timeout::Error
result = my_scanner.attempt_login(test_cred)
expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
expect(result.proof).to be_a(::Timeout::Error)

10
spec/lib/metasploit/framework/login_scanner/ftp_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/ftp'
describe Metasploit::Framework::LoginScanner::FTP do
RSpec.describe Metasploit::Framework::LoginScanner::FTP do
let(:public) { 'root' }
let(:private) { 'toor' }
@ -105,22 +105,22 @@ describe Metasploit::Framework::LoginScanner::FTP do
context 'when it fails' do
it 'returns Metasploit::Model::Login::Status::UNABLE_TO_CONNECT for a Rex::ConnectionError' do
Rex::Socket::Tcp.should_receive(:create) { raise Rex::ConnectionError }
expect(Rex::Socket::Tcp).to receive(:create) { raise Rex::ConnectionError }
expect(ftp_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
it 'returns Metasploit::Model::Login::Status::UNABLE_TO_CONNECT for a Rex::AddressInUse' do
Rex::Socket::Tcp.should_receive(:create) { raise Rex::AddressInUse }
expect(Rex::Socket::Tcp).to receive(:create) { raise Rex::AddressInUse }
expect(ftp_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
it 'returns :connection_disconnect for a ::EOFError' do
Rex::Socket::Tcp.should_receive(:create) { raise ::EOFError }
expect(Rex::Socket::Tcp).to receive(:create) { raise ::EOFError }
expect(ftp_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
it 'returns :connection_disconnect for a ::Timeout::Error' do
Rex::Socket::Tcp.should_receive(:create) { raise ::Timeout::Error }
expect(Rex::Socket::Tcp).to receive(:create) { raise ::Timeout::Error }
expect(ftp_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end

2
spec/lib/metasploit/framework/login_scanner/gitlab_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/gitlab'
describe Metasploit::Framework::LoginScanner::GitLab do
RSpec.describe Metasploit::Framework::LoginScanner::GitLab do
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: false
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'

8
spec/lib/metasploit/framework/login_scanner/glassfish_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/glassfish'
describe Metasploit::Framework::LoginScanner::Glassfish do
RSpec.describe Metasploit::Framework::LoginScanner::Glassfish do
subject(:http_scanner) { described_class.new }
@ -87,13 +87,15 @@ describe Metasploit::Framework::LoginScanner::Glassfish do
context '#is_secure_admin_disabled?' do
it 'returns true when Secure Admin is disabled' do
res = Rex::Proto::Http::Response.new(res_code)
res.stub(:body).and_return('Secure Admin must be enabled')
allow(res).to receive(:body).and_return('Secure Admin must be enabled')
expect(http_scanner.is_secure_admin_disabled?(res)).to be_truthy
end
it 'returns false when Secure Admin is enabled' do
res = Rex::Proto::Http::Response.new(res_code)
res.stub(:body).and_return('')
allow(res).to receive(:body).and_return('')
expect(http_scanner.is_secure_admin_disabled?(res)).to be_falsey
end
end

2
spec/lib/metasploit/framework/login_scanner/http_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/http'
describe Metasploit::Framework::LoginScanner::HTTP do
RSpec.describe Metasploit::Framework::LoginScanner::HTTP do
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: false
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'

8
spec/lib/metasploit/framework/login_scanner/invalid_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/invalid'
describe Metasploit::Framework::LoginScanner::Invalid do
RSpec.describe Metasploit::Framework::LoginScanner::Invalid do
subject(:invalid) do
described_class.new(model)
@ -17,10 +17,10 @@ describe Metasploit::Framework::LoginScanner::Invalid do
end
end
it { should be_a StandardError }
it { is_expected.to be_a StandardError }
it 'should use ActiveModel::Errors#full_messages' do
model.errors.should_receive(:full_messages).and_call_original
expect(model.errors).to receive(:full_messages).and_call_original
described_class.new(model)
end
@ -31,7 +31,7 @@ describe Metasploit::Framework::LoginScanner::Invalid do
end
it 'should be the passed in model' do
error_model.should == model
expect(error_model).to eq model
end
end

2
spec/lib/metasploit/framework/login_scanner/ipboard_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/ipboard'
describe Metasploit::Framework::LoginScanner::IPBoard do
RSpec.describe Metasploit::Framework::LoginScanner::IPBoard do
subject { described_class.new }

2
spec/lib/metasploit/framework/login_scanner/jenkins_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/jenkins'
describe Metasploit::Framework::LoginScanner::Jenkins do
RSpec.describe Metasploit::Framework::LoginScanner::Jenkins do
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: false
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'

2
spec/lib/metasploit/framework/login_scanner/manageengine_desktop_central_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/manageengine_desktop_central'
describe Metasploit::Framework::LoginScanner::ManageEngineDesktopCentral do
RSpec.describe Metasploit::Framework::LoginScanner::ManageEngineDesktopCentral do
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: false
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'

10
spec/lib/metasploit/framework/login_scanner/mssql_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/mssql'
describe Metasploit::Framework::LoginScanner::MSSQL do
RSpec.describe Metasploit::Framework::LoginScanner::MSSQL do
let(:public) { 'root' }
let(:private) { 'toor' }
@ -37,7 +37,7 @@ describe Metasploit::Framework::LoginScanner::MSSQL do
it_behaves_like 'Metasploit::Framework::LoginScanner::NTLM'
it_behaves_like 'Metasploit::Framework::Tcp::Client'
it { should respond_to :windows_authentication }
it { is_expected.to respond_to :windows_authentication }
context 'validations' do
context '#windows_authentication' do
@ -69,7 +69,7 @@ describe Metasploit::Framework::LoginScanner::MSSQL do
context 'when the is a connection error' do
it 'returns a result with the connection_error status' do
my_scanner = login_scanner
my_scanner.should_receive(:mssql_login).and_raise ::Rex::ConnectionError
expect(my_scanner).to receive(:mssql_login).and_raise ::Rex::ConnectionError
expect(my_scanner.attempt_login(pub_blank).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
end
@ -77,7 +77,7 @@ describe Metasploit::Framework::LoginScanner::MSSQL do
context 'when the login fails' do
it 'returns a result object with a status of Metasploit::Model::Login::Status::INCORRECT' do
my_scanner = login_scanner
my_scanner.should_receive(:mssql_login).and_return false
expect(my_scanner).to receive(:mssql_login).and_return false
expect(my_scanner.attempt_login(pub_blank).status).to eq Metasploit::Model::Login::Status::INCORRECT
end
end
@ -85,7 +85,7 @@ describe Metasploit::Framework::LoginScanner::MSSQL do
context 'when the login succeeds' do
it 'returns a result object with a status of Metasploit::Model::Login::Status::SUCCESSFUL' do
my_scanner = login_scanner
my_scanner.should_receive(:mssql_login).and_return true
expect(my_scanner).to receive(:mssql_login).and_return true
expect(my_scanner.attempt_login(pub_blank).status).to eq Metasploit::Model::Login::Status::SUCCESSFUL
end
end

2
spec/lib/metasploit/framework/login_scanner/mybook_live_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/mybook_live'
describe Metasploit::Framework::LoginScanner::MyBookLive do
RSpec.describe Metasploit::Framework::LoginScanner::MyBookLive do
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: false
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'

24
spec/lib/metasploit/framework/login_scanner/mysql_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/mysql'
describe Metasploit::Framework::LoginScanner::MySQL do
RSpec.describe Metasploit::Framework::LoginScanner::MySQL do
let(:public) { 'root' }
let(:private) { 'toor' }
let(:pub_blank) {
@ -37,7 +37,7 @@ describe Metasploit::Framework::LoginScanner::MySQL do
context 'when the attempt is successful' do
it 'returns a result object with a status of Metasploit::Model::Login::Status::SUCCESSFUL' do
::RbMysql.should_receive(:connect).and_return "fake mysql handle"
expect(::RbMysql).to receive(:connect).and_return "fake mysql handle"
expect(login_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::SUCCESSFUL
end
end
@ -45,60 +45,60 @@ describe Metasploit::Framework::LoginScanner::MySQL do
context 'when the attempt is unsuccessful' do
context 'due to connection refused' do
it 'returns a result with a status of Metasploit::Model::Login::Status::UNABLE_TO_CONNECT' do
::RbMysql.should_receive(:connect).and_raise Errno::ECONNREFUSED
expect(::RbMysql).to receive(:connect).and_raise Errno::ECONNREFUSED
expect(login_scanner.attempt_login(pub_pub).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
it 'returns a result with the proof containing an appropriate error message' do
::RbMysql.should_receive(:connect).and_raise Errno::ECONNREFUSED
expect(::RbMysql).to receive(:connect).and_raise Errno::ECONNREFUSED
expect(login_scanner.attempt_login(pub_pub).proof).to be_a(Errno::ECONNREFUSED)
end
end
context 'due to connection timeout' do
it 'returns a result with a status of Metasploit::Model::Login::Status::UNABLE_TO_CONNECT' do
::RbMysql.should_receive(:connect).and_raise RbMysql::ClientError
expect(::RbMysql).to receive(:connect).and_raise RbMysql::ClientError
expect(login_scanner.attempt_login(pub_pub).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
it 'returns a result with the proof containing an appropriate error message' do
::RbMysql.should_receive(:connect).and_raise RbMysql::ClientError
expect(::RbMysql).to receive(:connect).and_raise RbMysql::ClientError
expect(login_scanner.attempt_login(pub_pub).proof).to be_a(RbMysql::ClientError)
end
end
context 'due to operation timeout' do
it 'returns a result with a status of Metasploit::Model::Login::Status::UNABLE_TO_CONNECT' do
::RbMysql.should_receive(:connect).and_raise Errno::ETIMEDOUT
expect(::RbMysql).to receive(:connect).and_raise Errno::ETIMEDOUT
expect(login_scanner.attempt_login(pub_pub).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
it 'returns a result with the proof containing an appropriate error message' do
::RbMysql.should_receive(:connect).and_raise Errno::ETIMEDOUT
expect(::RbMysql).to receive(:connect).and_raise Errno::ETIMEDOUT
expect(login_scanner.attempt_login(pub_pub).proof).to be_a(Errno::ETIMEDOUT)
end
end
context 'due to not being allowed to connect from this host' do
it 'returns a result with a status of Metasploit::Model::Login::Status::UNABLE_TO_CONNECT' do
::RbMysql.should_receive(:connect).and_raise RbMysql::HostNotPrivileged, "Host not privileged"
expect(::RbMysql).to receive(:connect).and_raise RbMysql::HostNotPrivileged, "Host not privileged"
expect(login_scanner.attempt_login(pub_pub).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
it 'returns a result with the proof containing an appropriate error message' do
::RbMysql.should_receive(:connect).and_raise RbMysql::HostNotPrivileged, "Host not privileged"
expect(::RbMysql).to receive(:connect).and_raise RbMysql::HostNotPrivileged, "Host not privileged"
expect(login_scanner.attempt_login(pub_pub).proof).to be_a(RbMysql::HostNotPrivileged)
end
end
context 'due to access denied' do
it 'returns a result with a status of Metasploit::Model::Login::Status::INCORRECT' do
::RbMysql.should_receive(:connect).and_raise RbMysql::AccessDeniedError, "Access Denied"
expect(::RbMysql).to receive(:connect).and_raise RbMysql::AccessDeniedError, "Access Denied"
expect(login_scanner.attempt_login(pub_pub).status).to eq Metasploit::Model::Login::Status::INCORRECT
end
it 'returns a result with the proof containing an appropriate error message' do
::RbMysql.should_receive(:connect).and_raise RbMysql::AccessDeniedError, "Access Denied"
expect(::RbMysql).to receive(:connect).and_raise RbMysql::AccessDeniedError, "Access Denied"
expect(login_scanner.attempt_login(pub_pub).proof).to be_a(RbMysql::AccessDeniedError)
end
end

2
spec/lib/metasploit/framework/login_scanner/nessus_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/nessus'
describe Metasploit::Framework::LoginScanner::Nessus do
RSpec.describe Metasploit::Framework::LoginScanner::Nessus do
subject(:http_scanner) { described_class.new }

16
spec/lib/metasploit/framework/login_scanner/pop3_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/pop3'
describe Metasploit::Framework::LoginScanner::POP3 do
RSpec.describe Metasploit::Framework::LoginScanner::POP3 do
subject(:scanner) { described_class.new }
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false
@ -47,12 +47,14 @@ describe Metasploit::Framework::LoginScanner::POP3 do
let(:sock) {double('socket')}
before(:each) do
sock.stub(:shutdown)
sock.stub(:close)
sock.stub(:closed?)
allow(sock).to receive(:shutdown)
allow(sock).to receive(:close)
allow(sock).to receive(:closed?)
allow(scanner).to receive(:sock).and_return(sock)
expect(scanner).to receive(:connect)
scanner.stub(:sock).and_return(sock)
scanner.should_receive(:select).with([sock],nil,nil,0.4)
expect(scanner).to receive(:select).with([sock],nil,nil,0.4)
end
it "Server returns +OK" do
@ -68,7 +70,7 @@ describe Metasploit::Framework::LoginScanner::POP3 do
end
it "Server Returns Something Else" do
sock.stub(:get_once).and_return("+ERROR")
allow(sock).to receive(:get_once).and_return("+ERROR")
result = scanner.attempt_login(pub_blank)

17
spec/lib/metasploit/framework/login_scanner/postgres_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/postgres'
describe Metasploit::Framework::LoginScanner::Postgres do
RSpec.describe Metasploit::Framework::LoginScanner::Postgres do
let(:public) { 'root' }
let(:private) { 'toor' }
let(:realm) { 'template1' }
@ -30,23 +30,24 @@ describe Metasploit::Framework::LoginScanner::Postgres do
context '#attempt_login' do
context 'when the login is successful' do
it 'returns a result object with a status of success' do
fake_conn = "fake_connection"
Msf::Db::PostgresPR::Connection.should_receive(:new).and_return fake_conn
fake_conn.should_receive(:close)
fake_conn = double('fake_connection')
expect(fake_conn).to receive(:close)
expect(Msf::Db::PostgresPR::Connection).to receive(:new).and_return fake_conn
expect(login_scanner.attempt_login(full_cred).status).to eq Metasploit::Model::Login::Status::SUCCESSFUL
end
end
context 'when there is no realm on the credential' do
it 'uses template1 as the default realm' do
Msf::Db::PostgresPR::Connection.should_receive(:new).with('template1', 'root', 'toor', 'tcp://:')
expect(Msf::Db::PostgresPR::Connection).to receive(:new).with('template1', 'root', 'toor', 'tcp://:')
login_scanner.attempt_login(cred_no_realm)
end
end
context 'when the realm is invalid but the rest of the credential is not' do
it 'includes the details in the result proof' do
Msf::Db::PostgresPR::Connection.should_receive(:new).and_raise RuntimeError, "blah\tC3D000"
expect(Msf::Db::PostgresPR::Connection).to receive(:new).and_raise RuntimeError, "blah\tC3D000"
result = login_scanner.attempt_login(cred_no_realm)
expect(result.status).to eq Metasploit::Model::Login::Status::INCORRECT
expect(result.proof).to eq "C3D000, Creds were good but database was bad"
@ -55,7 +56,7 @@ describe Metasploit::Framework::LoginScanner::Postgres do
context 'when the username or password is invalid' do
it 'includes a message in proof, indicating why it failed' do
Msf::Db::PostgresPR::Connection.should_receive(:new).and_raise RuntimeError, "blah\tC28000"
expect(Msf::Db::PostgresPR::Connection).to receive(:new).and_raise RuntimeError, "blah\tC28000"
result = login_scanner.attempt_login(cred_no_realm)
expect(result.status).to eq Metasploit::Model::Login::Status::INCORRECT
expect(result.proof).to eq "Invalid username or password"
@ -64,7 +65,7 @@ describe Metasploit::Framework::LoginScanner::Postgres do
context 'when any other type of error occurs' do
it 'returns a failure with the error message in the proof' do
Msf::Db::PostgresPR::Connection.should_receive(:new).and_raise RuntimeError, "unknown error"
expect(Msf::Db::PostgresPR::Connection).to receive(:new).and_raise RuntimeError, "unknown error"
result = login_scanner.attempt_login(cred_no_realm)
expect(result.status).to eq Metasploit::Model::Login::Status::INCORRECT
expect(result.proof).to eq "unknown error"

12
spec/lib/metasploit/framework/login_scanner/result_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner'
describe Metasploit::Framework::LoginScanner::Result do
RSpec.describe Metasploit::Framework::LoginScanner::Result do
let(:private) { 'toor' }
let(:proof) { 'foobar' }
@ -20,11 +20,11 @@ describe Metasploit::Framework::LoginScanner::Result do
)
}
it { should respond_to :access_level }
it { should respond_to :credential }
it { should respond_to :proof }
it { should respond_to :status }
it { should respond_to :success? }
it { is_expected.to respond_to :access_level }
it { is_expected.to respond_to :credential }
it { is_expected.to respond_to :proof }
it { is_expected.to respond_to :status }
it { is_expected.to respond_to :success? }
context '#success?' do
context 'when the status code is success' do

48
spec/lib/metasploit/framework/login_scanner/smb_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/smb'
describe Metasploit::Framework::LoginScanner::SMB do
RSpec.describe Metasploit::Framework::LoginScanner::SMB do
let(:public) { 'root' }
let(:private) { 'toor' }
@ -37,14 +37,14 @@ describe Metasploit::Framework::LoginScanner::SMB do
it_behaves_like 'Metasploit::Framework::LoginScanner::NTLM'
it_behaves_like 'Metasploit::Framework::Tcp::Client'
it { should respond_to :smb_chunk_size }
it { should respond_to :smb_name }
it { should respond_to :smb_native_lm }
it { should respond_to :smb_native_os }
it { should respond_to :smb_obscure_trans_pipe_level }
it { should respond_to :smb_pad_data_level }
it { should respond_to :smb_pad_file_level }
it { should respond_to :smb_pipe_evasion }
it { is_expected.to respond_to :smb_chunk_size }
it { is_expected.to respond_to :smb_name }
it { is_expected.to respond_to :smb_native_lm }
it { is_expected.to respond_to :smb_native_os }
it { is_expected.to respond_to :smb_obscure_trans_pipe_level }
it { is_expected.to respond_to :smb_pad_data_level }
it { is_expected.to respond_to :smb_pad_file_level }
it { is_expected.to respond_to :smb_pipe_evasion }
context 'validations' do
context '#smb_verify_signature' do
@ -74,11 +74,11 @@ describe Metasploit::Framework::LoginScanner::SMB do
context '#attempt_login' do
before(:each) do
login_scanner.stub_chain(:simple, :client, :auth_user, :nil?).and_return false
allow(login_scanner).to receive_message_chain(:simple, :client, :auth_user, :nil?).and_return false
end
context 'when there is a connection error' do
it 'returns a result with the connection_error status' do
login_scanner.stub_chain(:simple, :login).and_raise ::Rex::ConnectionError
allow(login_scanner).to receive_message_chain(:simple, :login).and_raise ::Rex::ConnectionError
expect(login_scanner.attempt_login(pub_blank).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
end
@ -98,10 +98,10 @@ describe Metasploit::Framework::LoginScanner::SMB do
exception = Rex::Proto::SMB::Exceptions::LoginError.new
exception.error_code = code
login_scanner.stub_chain(:simple, :login).and_raise exception
login_scanner.stub_chain(:simple, :connect)
login_scanner.stub_chain(:simple, :disconnect)
login_scanner.stub_chain(:simple, :client, :auth_user, :nil?).and_return false
allow(login_scanner).to receive_message_chain(:simple, :login).and_raise exception
allow(login_scanner).to receive_message_chain(:simple, :connect)
allow(login_scanner).to receive_message_chain(:simple, :disconnect)
allow(login_scanner).to receive_message_chain(:simple, :client, :auth_user, :nil?).and_return false
expect(login_scanner.attempt_login(pub_blank).status).to eq Metasploit::Model::Login::Status::DENIED_ACCESS
end
@ -111,8 +111,8 @@ describe Metasploit::Framework::LoginScanner::SMB do
context 'when the login fails' do
it 'returns a result object with a status of Metasploit::Model::Login::Status::INCORRECT' do
login_scanner.stub_chain(:simple, :login).and_return false
login_scanner.stub_chain(:simple, :connect).and_raise Rex::Proto::SMB::Exceptions::Error
allow(login_scanner).to receive_message_chain(:simple, :login).and_return false
allow(login_scanner).to receive_message_chain(:simple, :connect).and_raise Rex::Proto::SMB::Exceptions::Error
expect(login_scanner.attempt_login(pub_blank).status).to eq Metasploit::Model::Login::Status::INCORRECT
end
end
@ -121,13 +121,13 @@ describe Metasploit::Framework::LoginScanner::SMB do
context 'and the user is local admin' do
before(:each) do
login_scanner.simple = double
login_scanner.simple.stub(:connect).with(/.*admin\$/i)
login_scanner.simple.stub(:connect).with(/.*ipc\$/i)
login_scanner.simple.stub(:disconnect)
allow(login_scanner.simple).to receive(:connect).with(/.*admin\$/i)
allow(login_scanner.simple).to receive(:connect).with(/.*ipc\$/i)
allow(login_scanner.simple).to receive(:disconnect)
end
it 'returns a result object with a status of Metasploit::Model::Login::Status::SUCCESSFUL' do
login_scanner.stub_chain(:simple, :login).and_return true
allow(login_scanner).to receive_message_chain(:simple, :login).and_return true
result = login_scanner.attempt_login(pub_blank)
expect(result.status).to eq Metasploit::Model::Login::Status::SUCCESSFUL
expect(result.access_level).to eq described_class::AccessLevels::ADMINISTRATOR
@ -137,15 +137,15 @@ describe Metasploit::Framework::LoginScanner::SMB do
context 'and the user is NOT local admin' do
before(:each) do
login_scanner.simple = double
login_scanner.simple.stub(:connect).with(/.*admin\$/i).and_raise(
allow(login_scanner.simple).to receive(:connect).with(/.*admin\$/i).and_raise(
# STATUS_ACCESS_DENIED
Rex::Proto::SMB::Exceptions::ErrorCode.new.tap{|e|e.error_code = 0xC0000022}
)
login_scanner.simple.stub(:connect).with(/.*ipc\$/i)
allow(login_scanner.simple).to receive(:connect).with(/.*ipc\$/i)
end
it 'returns a result object with a status of Metasploit::Model::Login::Status::SUCCESSFUL' do
login_scanner.stub_chain(:simple, :login).and_return true
allow(login_scanner).to receive_message_chain(:simple, :login).and_return true
result = login_scanner.attempt_login(pub_blank)
expect(result.status).to eq Metasploit::Model::Login::Status::SUCCESSFUL
expect(result.access_level).to_not eq described_class::AccessLevels::ADMINISTRATOR

2
spec/lib/metasploit/framework/login_scanner/smh_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/smh'
describe Metasploit::Framework::LoginScanner::Smh do
RSpec.describe Metasploit::Framework::LoginScanner::Smh do
subject(:smh_cli) { described_class.new }

2
spec/lib/metasploit/framework/login_scanner/snmp_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/snmp'
describe Metasploit::Framework::LoginScanner::SNMP do
RSpec.describe Metasploit::Framework::LoginScanner::SNMP do
let(:public) { 'public' }
let(:private) { nil }

32
spec/lib/metasploit/framework/login_scanner/ssh_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/ssh'
describe Metasploit::Framework::LoginScanner::SSH do
RSpec.describe Metasploit::Framework::LoginScanner::SSH do
let(:public) { 'root' }
let(:private) { 'toor' }
let(:key) { OpenSSL::PKey::RSA.generate(2048).to_s }
@ -58,7 +58,7 @@ describe Metasploit::Framework::LoginScanner::SSH do
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false
it { should respond_to :verbosity }
it { is_expected.to respond_to :verbosity }
context 'validations' do
@ -116,7 +116,7 @@ describe Metasploit::Framework::LoginScanner::SSH do
end
it 'creates a Timeout based on the connection_timeout' do
::Timeout.should_receive(:timeout).with(ssh_scanner.connection_timeout)
expect(::Timeout).to receive(:timeout).with(ssh_scanner.connection_timeout)
ssh_scanner.attempt_login(pub_pri)
end
@ -131,7 +131,7 @@ describe Metasploit::Framework::LoginScanner::SSH do
:verbose => ssh_scanner.verbosity,
:proxies => nil
}
Net::SSH.should_receive(:start).with(
expect(Net::SSH).to receive(:start).with(
ssh_scanner.host,
public,
opt_hash
@ -151,7 +151,7 @@ describe Metasploit::Framework::LoginScanner::SSH do
:verbose => ssh_scanner.verbosity,
:proxies => nil
}
Net::SSH.should_receive(:start).with(
expect(Net::SSH).to receive(:start).with(
ssh_scanner.host,
public,
hash_including(opt_hash)
@ -163,37 +163,37 @@ describe Metasploit::Framework::LoginScanner::SSH do
context 'when it fails' do
it 'returns Metasploit::Model::Login::Status::UNABLE_TO_CONNECT for a Rex::ConnectionError' do
Net::SSH.should_receive(:start) { raise Rex::ConnectionError }
expect(Net::SSH).to receive(:start) { raise Rex::ConnectionError }
expect(ssh_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
it 'returns Metasploit::Model::Login::Status::UNABLE_TO_CONNECT for a Rex::AddressInUse' do
Net::SSH.should_receive(:start) { raise Rex::AddressInUse }
expect(Net::SSH).to receive(:start) { raise Rex::AddressInUse }
expect(ssh_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
it 'returns :connection_disconnect for a Net::SSH::Disconnect' do
Net::SSH.should_receive(:start) { raise Net::SSH::Disconnect }
expect(Net::SSH).to receive(:start) { raise Net::SSH::Disconnect }
expect(ssh_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
it 'returns :connection_disconnect for a ::EOFError' do
Net::SSH.should_receive(:start) { raise ::EOFError }
expect(Net::SSH).to receive(:start) { raise ::EOFError }
expect(ssh_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
it 'returns :connection_disconnect for a ::Timeout::Error' do
Net::SSH.should_receive(:start) { raise ::Timeout::Error }
expect(Net::SSH).to receive(:start) { raise ::Timeout::Error }
expect(ssh_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
it 'returns [:fail,nil] for a Net::SSH::Exception' do
Net::SSH.should_receive(:start) { raise Net::SSH::Exception }
expect(Net::SSH).to receive(:start) { raise Net::SSH::Exception }
expect(ssh_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::INCORRECT
end
it 'returns [:fail,nil] if no socket returned' do
Net::SSH.should_receive(:start).and_return nil
expect(Net::SSH).to receive(:start).and_return nil
expect(ssh_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::INCORRECT
end
end
@ -201,16 +201,16 @@ describe Metasploit::Framework::LoginScanner::SSH do
context 'when it succeeds' do
it 'gathers proof of the connections' do
Net::SSH.should_receive(:start) {"fake_socket"}
expect(Net::SSH).to receive(:start) {"fake_socket"}
my_scanner = ssh_scanner
my_scanner.should_receive(:gather_proof)
expect(my_scanner).to receive(:gather_proof)
my_scanner.attempt_login(pub_pri)
end
it 'returns a success code and proof' do
Net::SSH.should_receive(:start) {"fake_socket"}
expect(Net::SSH).to receive(:start) {"fake_socket"}
my_scanner = ssh_scanner
my_scanner.should_receive(:gather_proof).and_return(public)
expect(my_scanner).to receive(:gather_proof).and_return(public)
expect(my_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::SUCCESSFUL
end
end

2
spec/lib/metasploit/framework/login_scanner/symantec_web_gateway_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/symantec_web_gateway'
describe Metasploit::Framework::LoginScanner::SymantecWebGateway do
RSpec.describe Metasploit::Framework::LoginScanner::SymantecWebGateway do
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: false
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'

6
spec/lib/metasploit/framework/login_scanner/telnet_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/telnet'
describe Metasploit::Framework::LoginScanner::Telnet do
RSpec.describe Metasploit::Framework::LoginScanner::Telnet do
subject(:login_scanner) { described_class.new }
@ -9,8 +9,8 @@ describe Metasploit::Framework::LoginScanner::Telnet do
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
it_behaves_like 'Metasploit::Framework::Tcp::Client'
it { should respond_to :banner_timeout }
it { should respond_to :telnet_timeout }
it { is_expected.to respond_to :banner_timeout }
it { is_expected.to respond_to :telnet_timeout }
context 'validations' do
context 'banner_timeout' do

2
spec/lib/metasploit/framework/login_scanner/tomcat_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/tomcat'
describe Metasploit::Framework::LoginScanner::Tomcat do
RSpec.describe Metasploit::Framework::LoginScanner::Tomcat do
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: false
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'

2
spec/lib/metasploit/framework/login_scanner/vmauthd_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/vmauthd'
describe Metasploit::Framework::LoginScanner::VMAUTHD do
RSpec.describe Metasploit::Framework::LoginScanner::VMAUTHD do
subject(:scanner) { described_class.new }
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false

20
spec/lib/metasploit/framework/login_scanner/vnc_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/vnc'
describe Metasploit::Framework::LoginScanner::VNC do
RSpec.describe Metasploit::Framework::LoginScanner::VNC do
let(:private) { 'password' }
let(:blank) { '' }
let(:test_cred) {
@ -19,19 +19,19 @@ describe Metasploit::Framework::LoginScanner::VNC do
context '#attempt_login' do
it 'creates a new RFB client' do
Rex::Proto::RFB::Client.should_receive(:new).and_call_original
expect(Rex::Proto::RFB::Client).to receive(:new).and_call_original
login_scanner.attempt_login(test_cred)
end
it 'returns a connection_error result when the handshake fails' do
Rex::Proto::RFB::Client.any_instance.should_receive(:handshake).and_return false
expect_any_instance_of(Rex::Proto::RFB::Client).to receive(:handshake).and_return false
result = login_scanner.attempt_login(test_cred)
expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
end
it 'returns a failed result when authentication fails' do
Rex::Proto::RFB::Client.any_instance.should_receive(:handshake).and_return true
Rex::Proto::RFB::Client.any_instance.should_receive(:authenticate).with(private).and_return false
expect_any_instance_of(Rex::Proto::RFB::Client).to receive(:handshake).and_return true
expect_any_instance_of(Rex::Proto::RFB::Client).to receive(:authenticate).with(private).and_return false
result = login_scanner.attempt_login(test_cred)
expect(result.status).to eq Metasploit::Model::Login::Status::INCORRECT
end
@ -39,7 +39,7 @@ describe Metasploit::Framework::LoginScanner::VNC do
context 'when the socket errors' do
it 'returns a connection_error result for an EOFError' do
my_scanner = login_scanner
my_scanner.should_receive(:connect).and_raise ::EOFError
expect(my_scanner).to receive(:connect).and_raise ::EOFError
result = my_scanner.attempt_login(test_cred)
expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
expect(result.proof).to eq ::EOFError.new.to_s
@ -47,7 +47,7 @@ describe Metasploit::Framework::LoginScanner::VNC do
it 'returns a connection_error result for an Rex::AddressInUse' do
my_scanner = login_scanner
my_scanner.should_receive(:connect).and_raise ::Rex::AddressInUse
expect(my_scanner).to receive(:connect).and_raise ::Rex::AddressInUse
result = my_scanner.attempt_login(test_cred)
expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
expect(result.proof).to eq ::Rex::AddressInUse.new.to_s
@ -55,7 +55,7 @@ describe Metasploit::Framework::LoginScanner::VNC do
it 'returns a connection_error result for an Rex::ConnectionError' do
my_scanner = login_scanner
my_scanner.should_receive(:connect).and_raise ::Rex::ConnectionError
expect(my_scanner).to receive(:connect).and_raise ::Rex::ConnectionError
result = my_scanner.attempt_login(test_cred)
expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
expect(result.proof).to eq ::Rex::ConnectionError.new.to_s
@ -63,7 +63,7 @@ describe Metasploit::Framework::LoginScanner::VNC do
it 'returns a connection_error result for an Rex::ConnectionTimeout' do
my_scanner = login_scanner
my_scanner.should_receive(:connect).and_raise ::Rex::ConnectionTimeout
expect(my_scanner).to receive(:connect).and_raise ::Rex::ConnectionTimeout
result = my_scanner.attempt_login(test_cred)
expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
expect(result.proof).to eq ::Rex::ConnectionTimeout.new.to_s
@ -71,7 +71,7 @@ describe Metasploit::Framework::LoginScanner::VNC do
it 'returns a connection_error result for an ::Timeout::Error' do
my_scanner = login_scanner
my_scanner.should_receive(:connect).and_raise ::Timeout::Error
expect(my_scanner).to receive(:connect).and_raise ::Timeout::Error
result = my_scanner.attempt_login(test_cred)
expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
expect(result.proof).to eq ::Timeout::Error.new.to_s

2
spec/lib/metasploit/framework/login_scanner/winrm_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/winrm'
describe Metasploit::Framework::LoginScanner::WinRM do
RSpec.describe Metasploit::Framework::LoginScanner::WinRM do
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: true
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'

2
spec/lib/metasploit/framework/login_scanner/wordpress_rpc_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/wordpress_rpc'
describe Metasploit::Framework::LoginScanner::WordpressRPC do
RSpec.describe Metasploit::Framework::LoginScanner::WordpressRPC do
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: false
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'

2
spec/lib/metasploit/framework/login_scanner/zabbix_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
require 'metasploit/framework/login_scanner/zabbix'
describe Metasploit::Framework::LoginScanner::Zabbix do
RSpec.describe Metasploit::Framework::LoginScanner::Zabbix do
subject(:http_scanner) { described_class.new }

26
spec/lib/metasploit/framework/login_scanner_spec.rb
View File

@ -4,7 +4,7 @@ require 'metasploit/framework/login_scanner/http'
require 'metasploit/framework/login_scanner/smb'
require 'metasploit/framework/login_scanner/vnc'
describe Metasploit::Framework::LoginScanner do
RSpec.describe Metasploit::Framework::LoginScanner do
subject { described_class.classes_for_service(service) }
let(:port) { nil }
@ -20,36 +20,36 @@ describe Metasploit::Framework::LoginScanner do
context "with name 'smb'" do
let(:name) { 'smb' }
it { should include Metasploit::Framework::LoginScanner::SMB }
it { should_not include Metasploit::Framework::LoginScanner::HTTP }
it { is_expected.to include Metasploit::Framework::LoginScanner::SMB }
it { is_expected.not_to include Metasploit::Framework::LoginScanner::HTTP }
end
[ 139, 445 ].each do |foo|
context "with port #{foo}" do
let(:port) { foo }
it { should include Metasploit::Framework::LoginScanner::SMB }
it { should_not include Metasploit::Framework::LoginScanner::HTTP }
it { should_not include Metasploit::Framework::LoginScanner::VNC }
it { is_expected.to include Metasploit::Framework::LoginScanner::SMB }
it { is_expected.not_to include Metasploit::Framework::LoginScanner::HTTP }
it { is_expected.not_to include Metasploit::Framework::LoginScanner::VNC }
end
end
context "with name 'http'" do
let(:name) { 'http' }
it { should include Metasploit::Framework::LoginScanner::HTTP }
it { should_not include Metasploit::Framework::LoginScanner::SMB }
it { should_not include Metasploit::Framework::LoginScanner::VNC }
it { is_expected.to include Metasploit::Framework::LoginScanner::HTTP }
it { is_expected.not_to include Metasploit::Framework::LoginScanner::SMB }
it { is_expected.not_to include Metasploit::Framework::LoginScanner::VNC }
end
[ 80, 8080, 8000, 443 ].each do |foo|
context "with port #{foo}" do
let(:port) { foo }
it { should include Metasploit::Framework::LoginScanner::HTTP }
it { should include Metasploit::Framework::LoginScanner::Axis2 }
it { should include Metasploit::Framework::LoginScanner::Tomcat }
it { should_not include Metasploit::Framework::LoginScanner::SMB }
it { is_expected.to include Metasploit::Framework::LoginScanner::HTTP }
it { is_expected.to include Metasploit::Framework::LoginScanner::Axis2 }
it { is_expected.to include Metasploit::Framework::LoginScanner::Tomcat }
it { is_expected.not_to include Metasploit::Framework::LoginScanner::SMB }
end
end

2
spec/lib/msf/base/sessions/mainframe_shell_spec.rb
View File

@ -7,7 +7,7 @@ require 'msf/base/sessions/mainframe_shell'
# A quick test that MainframeShell is operable
# Author: Bigendian Smalls
#
describe Msf::Sessions::MainframeShell do
RSpec.describe Msf::Sessions::MainframeShell do
it 'extends Msf::Sessions::CommandShell to include EBCDIC cp1047 codepage translation' do
args=[0,
{:datastore=>

7
spec/lib/msf/base/sessions/meterpreter_spec.rb
View File

@ -3,7 +3,7 @@ require 'msf/base/sessions/meterpreter'
require 'rex/post/meterpreter/extensions/stdapi/net/interface'
require 'rex/post/meterpreter/extensions/stdapi/net/route'
describe Msf::Sessions::Meterpreter do
RSpec.describe Msf::Sessions::Meterpreter do
before do
allow_any_instance_of(Rex::Post::Meterpreter::PacketDispatcher).to receive(:monitor_socket)
end
@ -34,8 +34,9 @@ describe Msf::Sessions::Meterpreter do
subject(:connected_address) do
m = described_class.new(StringIO.new(""), skip_ssl: true)
m.stub_chain(:net, :config, :get_interfaces).and_return(interfaces)
m.stub_chain(:net, :config, :get_routes).and_return(routes)
allow(m).to receive_message_chain(:private_methods, :net)
allow(m).to receive_message_chain(:private_methods, :net, :config, :get_interfaces).and_return(interfaces)
allow(m).to receive_message_chain(:private_methods, :net, :config, :get_routes).and_return(routes)
m.session_host = session_host
m.send(:find_internet_connected_address)

2
spec/lib/msf/base/simple/framework_spec.rb
View File

@ -1,6 +1,6 @@
require 'spec_helper'
describe Msf::Simple::Framework do
RSpec.describe Msf::Simple::Framework do
include_context 'Msf::Simple::Framework'
subject do

2
spec/lib/msf/core/author_spec.rb
View File

@ -1,6 +1,6 @@
require 'spec_helper'
describe Msf::Author do
RSpec.describe Msf::Author do
context 'KNOWN' do
subject(:known) {

10
spec/lib/msf/core/auxiliary/drdos_spec.rb
View File

@ -3,7 +3,7 @@ require 'spec_helper'
require 'msf/core/auxiliary/drdos'
describe Msf::Auxiliary::DRDoS do
RSpec.describe Msf::Auxiliary::DRDoS do
subject do
mod = Module.new
mod.extend described_class
@ -14,25 +14,25 @@ describe Msf::Auxiliary::DRDoS do
it 'should detect drdos when there is packet amplification only' do
map = { 'foo' => [ 'a', 'b' ] }
result, _ = subject.prove_amplification(map)
result.should be true
expect(result).to be true
end
it 'should detect drdos when there is bandwidth amplification only' do
map = { 'foo' => [ 'foofoo' ] }
result, _ = subject.prove_amplification(map)
result.should be true
expect(result).to be true
end
it 'should detect drdos when there is packet and bandwidth amplification' do
map = { 'foo' => [ 'foofoo', 'a' ] }
result, _ = subject.prove_amplification(map)
result.should be true
expect(result).to be true
end
it 'should not detect drdos when there is no packet and no bandwidth amplification' do
map = { 'foo' => [ 'foo' ] }
result, _ = subject.prove_amplification(map)
result.should be false
expect(result).to be false
end
end
end

2
spec/lib/msf/core/auxiliary/kademlia_spec.rb
View File

@ -3,7 +3,7 @@
require 'spec_helper'
require 'msf/core/auxiliary/kademlia'
describe Msf::Auxiliary::Kademlia do
RSpec.describe Msf::Auxiliary::Kademlia do
subject(:kad) do
mod = Module.new
mod.extend described_class

42
spec/lib/msf/core/data_store_spec.rb
View File

@ -3,36 +3,36 @@
require 'spec_helper'
require 'msf/core/data_store'
shared_examples "datastore" do
RSpec.shared_examples "datastore" do
it "should have options" do
subject["foo"].should == "bar"
subject["fizz"].should == "buzz"
expect(subject["foo"]).to eq "bar"
expect(subject["fizz"]).to eq "buzz"
end
it "should have case-insensitive keys" do
# Sorted by gray code, just for fun
subject["foo"].should == "bar"
subject["Foo"].should == "bar"
subject["FOo"].should == "bar"
subject["fOo"].should == "bar"
subject["fOO"].should == "bar"
subject["FOO"].should == "bar"
subject["FoO"].should == "bar"
subject["foO"].should == "bar"
expect(subject["foo"]).to eq "bar"
expect(subject["Foo"]).to eq "bar"
expect(subject["FOo"]).to eq "bar"
expect(subject["fOo"]).to eq "bar"
expect(subject["fOO"]).to eq "bar"
expect(subject["FOO"]).to eq "bar"
expect(subject["FoO"]).to eq "bar"
expect(subject["foO"]).to eq "bar"
end
context "#to_h" do
it "should return a Hash with correct values" do
subject.to_h.should == { "foo" => "bar", "fizz" => "buzz" }
expect(subject.to_h).to eq({ "foo" => "bar", "fizz" => "buzz" })
end
end
context "#delete" do
it "should delete the specified case-insensitive key" do
subject.delete("foo").should == "bar"
subject.delete("Fizz").should == "buzz"
expect(subject.delete("foo")).to eq "bar"
expect(subject.delete("Fizz")).to eq "buzz"
end
end
end
describe Msf::DataStore do
RSpec.describe Msf::DataStore do
describe "#import_option" do
subject do
@ -66,12 +66,14 @@ describe Msf::DataStore do
describe "#from_file" do
subject do
ini_instance = double
ini_instance.stub(:group?).and_return(true)
ini_instance.stub(:[]).and_return( { "foo" => "bar", "fizz" => "buzz" } )
ini_instance = double group?: true,
:[] => {
"foo" => "bar",
"fizz" => "buzz"
}
ini_class = double from_file: ini_instance
ini = stub_const("Rex::Parser::Ini", Class.new)
ini.stub(:from_file).and_return(ini_instance)
stub_const("Rex::Parser::Ini", ini_class)
s = described_class.new
s.from_file("path")

7
spec/lib/msf/core/encoded_payload_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'msf/core/encoded_payload'
describe Msf::EncodedPayload do
RSpec.describe Msf::EncodedPayload do
include_context 'Msf::Simple::Framework#modules loading'
before do
@ -62,9 +62,10 @@ describe Msf::EncodedPayload do
end
context 'when passed a valid payload instance' do
# don't ever actually generate payload bytes
before { described_class.any_instance.stub(:generate) }
before(:each) do
allow_any_instance_of(described_class).to receive(:generate)
end
it 'returns an Msf::EncodedPayload instance' do
expect(encoded_payload).to be_a(described_class)

32
spec/lib/msf/core/exe/segment_appender_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'msf/core/exe/segment_appender'
describe Msf::Exe::SegmentAppender do
RSpec.describe Msf::Exe::SegmentAppender do
let(:opts) do
option_hash = {
@ -12,21 +12,21 @@ describe Msf::Exe::SegmentAppender do
end
subject(:injector) { Msf::Exe::SegmentInjector.new(opts) }
it { should respond_to :payload }
it { should respond_to :template }
it { should respond_to :arch }
it { should respond_to :processor }
it { should respond_to :buffer_register }
it { is_expected.to respond_to :payload }
it { is_expected.to respond_to :template }
it { is_expected.to respond_to :arch }
it { is_expected.to respond_to :processor }
it { is_expected.to respond_to :buffer_register }
it 'should return the correct processor for the arch' do
injector.processor.class.should == Metasm::Ia32
expect(injector.processor.class).to eq Metasm::Ia32
injector.arch = :x64
injector.processor.class.should == Metasm::X86_64
expect(injector.processor.class).to eq Metasm::X86_64
end
context '#create_thread_stub' do
it 'should use edx as a default buffer register' do
injector.buffer_register.should == 'edx'
expect(injector.buffer_register).to eq 'edx'
end
context 'when given a non-default buffer register' do
@ -39,14 +39,14 @@ describe Msf::Exe::SegmentAppender do
}
end
it 'should use the correct buffer register' do
injector.buffer_register.should == 'eax'
expect(injector.buffer_register).to eq 'eax'
end
end
end
describe '#generate_pe' do
it 'should return a string' do
injector.generate_pe.kind_of?(String).should == true
expect(injector.generate_pe.kind_of?(String)).to eq true
end
it 'should produce a valid PE exe' do
@ -56,25 +56,25 @@ describe Msf::Exe::SegmentAppender do
context 'the generated exe' do
let(:exe) { Metasm::PE.decode(injector.generate_pe) }
it 'should be the propper arch' do
exe.bitsize.should == 32
expect(exe.bitsize).to eq 32
end
it 'should have 5 sections' do
exe.sections.count.should == 5
expect(exe.sections.count).to eq 5
end
it 'should have all the right original section names' do
s_names = []
exe.sections.collect {|s| s_names << s.name}
s_names[0,4].should == [".text", ".rdata", ".data", ".rsrc"]
expect(s_names[0,4]).to eq [".text", ".rdata", ".data", ".rsrc"]
end
it 'should have the last section set to RWX' do
exe.sections.last.characteristics.should == ["CONTAINS_CODE", "MEM_EXECUTE", "MEM_READ", "MEM_WRITE"]
expect(exe.sections.last.characteristics).to eq ["CONTAINS_CODE", "MEM_EXECUTE", "MEM_READ", "MEM_WRITE"]
end
it 'should have an entrypoint that points to the last section' do
exe.optheader.entrypoint.should == exe.sections.last.virtaddr
expect(exe.optheader.entrypoint).to eq exe.sections.last.virtaddr
end
end
end

34
spec/lib/msf/core/exe/segment_injector_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'msf/core/exe/segment_injector'
describe Msf::Exe::SegmentInjector do
RSpec.describe Msf::Exe::SegmentInjector do
let(:opts) do
option_hash = {
@ -12,21 +12,21 @@ describe Msf::Exe::SegmentInjector do
end
subject(:injector) { Msf::Exe::SegmentInjector.new(opts) }
it { should respond_to :payload }
it { should respond_to :template }
it { should respond_to :arch }
it { should respond_to :processor }
it { should respond_to :buffer_register }
it { is_expected.to respond_to :payload }
it { is_expected.to respond_to :template }
it { is_expected.to respond_to :arch }
it { is_expected.to respond_to :processor }
it { is_expected.to respond_to :buffer_register }
it 'should return the correct processor for the arch' do
injector.processor.class.should == Metasm::Ia32
expect(injector.processor.class).to eq Metasm::Ia32
injector.arch = :x64
injector.processor.class.should == Metasm::X86_64
expect(injector.processor.class).to eq Metasm::X86_64
end
context '#create_thread_stub' do
it 'should use edx as a default buffer register' do
injector.buffer_register.should == 'edx'
expect(injector.buffer_register).to eq 'edx'
end
context 'when given a non-default buffer register' do
@ -39,18 +39,18 @@ describe Msf::Exe::SegmentInjector do
}
end
it 'should use the correct buffer register' do
injector.buffer_register.should == 'eax'
expect(injector.buffer_register).to eq 'eax'
end
end
it 'should set a buffer register for the payload' do
injector.create_thread_stub.should include('lea edx, [thread_hook]')
expect(injector.create_thread_stub).to include('lea edx, [thread_hook]')
end
end
describe '#generate_pe' do
it 'should return a string' do
injector.generate_pe.kind_of?(String).should == true
expect(injector.generate_pe.kind_of?(String)).to eq true
end
it 'should produce a valid PE exe' do
@ -60,25 +60,25 @@ describe Msf::Exe::SegmentInjector do
context 'the generated exe' do
let(:exe) { Metasm::PE.decode(injector.generate_pe) }
it 'should be the propper arch' do
exe.bitsize.should == 32
expect(exe.bitsize).to eq 32
end
it 'should have 5 sections' do
exe.sections.count.should == 5
expect(exe.sections.count).to eq 5
end
it 'should have all the right section names' do
s_names = []
exe.sections.collect {|s| s_names << s.name}
s_names.should == [".text", ".rdata", ".data", ".rsrc", ".text"]
expect(s_names).to eq [".text", ".rdata", ".data", ".rsrc", ".text"]
end
it 'should have the last section set to RWX' do
exe.sections.last.characteristics.should == ["CONTAINS_CODE", "MEM_EXECUTE", "MEM_READ", "MEM_WRITE"]
expect(exe.sections.last.characteristics).to eq ["CONTAINS_CODE", "MEM_EXECUTE", "MEM_READ", "MEM_WRITE"]
end
it 'should have an entrypoint that points to the last section' do
exe.optheader.entrypoint.should == exe.sections.last.virtaddr
expect(exe.optheader.entrypoint).to eq exe.sections.last.virtaddr
end
end
end

78
spec/lib/msf/core/exploit/browser_autopwn2_spec.rb
View File

@ -1,6 +1,6 @@
require 'msf/core'
describe Msf::Exploit::Remote::BrowserAutopwn2 do
RSpec.describe Msf::Exploit::Remote::BrowserAutopwn2 do
@ -44,22 +44,16 @@ describe Msf::Exploit::Remote::BrowserAutopwn2 do
note
end
def mock_stop_job(arg)
framework = double('Msf::Framework', datastore: {})
jobs = subject.framework.jobs.delete_if {|e| e.first == arg.to_s}
allow(jobs).to receive(:stop_job) { |arg| mock_stop_job(arg) }
allow(framework).to receive(:jobs).and_return(jobs)
allow(subject).to receive(:framework).and_return(framework)
end
def create_fake_job(id)
ctx = double('ctx')
handler = create_fake_windows_meterpreter
allow(ctx).to receive(:first).and_return(handler)
job = [id.to_s, double('job')]
allow(job).to receive(:ctx).and_return(ctx)
job
instance_double(
Rex::Job,
ctx: double(
'ctx',
first: create_fake_windows_meterpreter
),
jid: id,
stop: nil
)
end
def create_fake_exploit(opts={})
@ -75,6 +69,7 @@ describe Msf::Exploit::Remote::BrowserAutopwn2 do
mod = Msf::Exploit.new
mod.extend(Msf::Exploit::Remote::BrowserExploitServer)
mod.extend(Msf::Simple::Exploit)
allow(mod).to receive(:fullname).and_return(full_name)
allow(mod).to receive(:rank).and_return(rank)
@ -179,9 +174,8 @@ describe Msf::Exploit::Remote::BrowserAutopwn2 do
datastores['WORKSPACE'] = workspace
allow(p).to receive(:fullname).and_return(fullname)
allow(p).to receive(:shoftname).and_return(shortname)
allow(p).to receive(:shortname).and_return(shortname)
allow(p).to receive(:workspace).and_return(workspace)
allow(p).to receive(:exploit_simple)
p
end
@ -371,21 +365,56 @@ describe Msf::Exploit::Remote::BrowserAutopwn2 do
allow(framework).to receive(:exploits).and_return(exploits)
# Prepare jobs
jobs = {'0' => create_fake_job(0)}
allow(jobs).to receive(:stop_job) { |arg| mock_stop_job(arg) }
jobs = instance_double(Rex::JobContainer)
job_by_id = {
'0' => create_fake_job(0)
}
allow(jobs).to receive(:[]).with('0').and_return(job_by_id['0'])
allow(jobs).to receive(:each) { |&block|
job_by_id.each(&block)
}
allow(jobs).to receive(:empty?) {
job_by_id.empty?
}
allow(jobs).to receive(:length) {
job_by_id.length
}
allow(jobs).to receive(:stop_job) { |job_number|
job_id = job_number.to_s
job = job_by_id[job_id]
if job
job.stop
job_by_id.delete(job_id)
end
}
allow(framework).to receive(:jobs).and_return(jobs)
# Prepare payloads
payloads = {}
payloads = instance_double(Msf::PayloadSet)
payload_class_by_reference_name = {}
allow(payloads).to receive(:[]=) do |reference_name, klass|
payload_class_by_reference_name[reference_name] = klass
end
allow(payloads).to receive(:keys) {
payload_class_by_reference_name.keys
}
available_payloads.each do |p|
payloads[p.fullname] = "__SYMBOLIC__"
end
allow(payloads).to receive(:create) { |arg| mock_payload_create(arg) }
allow(framework).to receive(:payloads).and_return(payloads)
allow_any_instance_of(described_class).to receive(:cli).and_return(cli)
allow_any_instance_of(described_class).to receive(:framework).and_return(framework)
allow_any_instance_of(Msf::Exploit).to receive(:framework).and_return(framework)
allow_any_instance_of(described_class).to receive(:report_note) { |arg| mock_report_note(arg) }
end
@ -435,8 +464,11 @@ describe Msf::Exploit::Remote::BrowserAutopwn2 do
end
describe '#rm_payload_jobs' do
it 'empties jobs' do
before(:each) do
subject.instance_variable_set(:@payload_job_ids, job_ids)
end
it 'empties jobs' do
expect(subject.framework.jobs.length).to eq(1)
subject.rm_payload_jobs
expect(subject.framework.jobs).to be_empty

22
spec/lib/msf/core/exploit/capture_spec.rb
View File

@ -5,7 +5,7 @@ require 'msf/core'
require 'msf/core/module'
require 'msf/core/exploit/capture'
describe Msf::Exploit::Capture do
RSpec.describe Msf::Exploit::Capture do
subject do
mod = Msf::Module.new
@ -14,7 +14,7 @@ describe Msf::Exploit::Capture do
end
it 'should be a kind of Msf::Exploit::Capture' do
subject.should be_a_kind_of Msf::Exploit::Capture
expect(subject).to be_a_kind_of Msf::Exploit::Capture
end
context '#capture_sendto' do
@ -27,20 +27,20 @@ describe Msf::Exploit::Capture do
it 'should return the correct number of bytes if the destination MAC can be determined, regardless of broadcast' do
allow(subject).to receive(:lookup_eth).and_return(%w(de:ad:be:ef:ca:fe 01:02:03:04:05:06))
allow(subject).to receive(:inject_eth).and_return(payload.size)
subject.capture_sendto(payload, '127.0.0.1', false).should == payload.size
subject.capture_sendto(payload, '127.0.0.1', true).should == payload.size
expect(subject.capture_sendto(payload, '127.0.0.1', false)).to eq payload.size
expect(subject.capture_sendto(payload, '127.0.0.1', true)).to eq payload.size
end
it 'should return false if the destination MAC cannot be determined and broadcast is not desired' do
allow(subject).to receive(:lookup_eth).and_return(nil)
subject.capture_sendto(payload, '127.0.0.1').should be_falsey
subject.capture_sendto(payload, '127.0.0.1', false).should be_falsey
expect(subject.capture_sendto(payload, '127.0.0.1')).to be_falsey
expect(subject.capture_sendto(payload, '127.0.0.1', false)).to be_falsey
end
it 'should return the correct number of bytes if the destination MAC cannot be determined and broadcast is desired' do
allow(subject).to receive(:lookup_eth).and_return(nil)
allow(subject).to receive(:inject_eth).and_return(payload.size)
subject.capture_sendto(payload, '127.0.0.1', true).should == payload.size
expect(subject.capture_sendto(payload, '127.0.0.1', true)).to eq payload.size
end
end
@ -48,21 +48,21 @@ describe Msf::Exploit::Capture do
context '#stats_*' do
it 'should show received packets' do
subject.stats_recv.should == 0
expect(subject.stats_recv).to eq 0
end
it 'should show dropped packets' do
subject.stats_drop.should == 0
expect(subject.stats_drop).to eq 0
end
it 'should show interface-dropped packets' do
subject.stats_ifdrop.should == 0
expect(subject.stats_ifdrop).to eq 0
end
end
it 'should respond to open_pcap' do
subject.should respond_to :open_pcap
expect(subject).to respond_to :open_pcap
end
it 'should confirm that pcaprub is available', :skip => "Need to test this without stubbing check_pcaprub_loaded" do

2
spec/lib/msf/core/exploit/cmdstager_spec.rb
View File

@ -3,7 +3,7 @@ require 'spec_helper'
require 'msf/core'
require 'msf/core/exploit/cmdstager'
describe Msf::Exploit::CmdStager do
RSpec.describe Msf::Exploit::CmdStager do
def create_exploit(info ={})
mod = Msf::Exploit.allocate

56
spec/lib/msf/core/exploit/http/client_spec.rb
View File

@ -5,7 +5,7 @@ require 'msf/core'
require 'msf/core/data_store'
require 'msf/core/exploit/http/client'
describe Msf::Exploit::Remote::HttpClient do
RSpec.describe Msf::Exploit::Remote::HttpClient do
subject do
mod = ::Msf::Module.new
mod.extend described_class
@ -28,7 +28,7 @@ describe Msf::Exploit::Remote::HttpClient do
subject
end
it "should return the set vhost" do
cli_vhost.vhost.should == vhost
expect(cli_vhost.vhost).to eq vhost
end
end
@ -38,8 +38,8 @@ describe Msf::Exploit::Remote::HttpClient do
subject
end
it "should return the rhost as the vhost" do
cli_rhost.datastore['VHOST'].should be_nil
cli_rhost.vhost.should == rhost
expect(cli_rhost.datastore['VHOST']).to be_nil
expect(cli_rhost.vhost).to eq rhost
end
end
@ -60,11 +60,11 @@ describe Msf::Exploit::Remote::HttpClient do
end
it "should be '/'" do
unnormalized_uri.should == '/'
expect(unnormalized_uri).to eq '/'
end
it "should return '/'" do
normalized_uri.should == '/'
expect(normalized_uri).to eq '/'
end
end
@ -74,11 +74,11 @@ describe Msf::Exploit::Remote::HttpClient do
end
it "should start with '/'" do
unnormalized_uri[0, 1].should == '/'
expect(unnormalized_uri[0, 1]).to eq '/'
end
it "should not add another starting '/'" do
normalized_uri.should == expected_normalized_uri
expect(normalized_uri).to eq expected_normalized_uri
end
context "with multiple internal '/'" do
@ -87,7 +87,7 @@ describe Msf::Exploit::Remote::HttpClient do
end
it "should remove doubled internal '/'" do
normalized_uri.should == expected_normalized_uri
expect(normalized_uri).to eq expected_normalized_uri
end
end
@ -97,11 +97,11 @@ describe Msf::Exploit::Remote::HttpClient do
end
it "should have at least 2 starting '/'" do
unnormalized_uri[0, 2].should == '//'
expect(unnormalized_uri[0, 2]).to eq '//'
end
it "should return with one starting '/'" do
normalized_uri.should == expected_normalized_uri
expect(normalized_uri).to eq expected_normalized_uri
end
end
@ -115,7 +115,7 @@ describe Msf::Exploit::Remote::HttpClient do
end
it "should end with '/'" do
normalized_uri[-1, 1].should == '/'
expect(normalized_uri[-1, 1]).to eq '/'
end
context "with multiple trailing '/'" do
@ -124,11 +124,11 @@ describe Msf::Exploit::Remote::HttpClient do
end
it "should have multiple trailing '/'" do
unnormalized_uri[-2,2].should == '//'
expect(unnormalized_uri[-2,2]).to eq '//'
end
it "should return only one trailing '/'" do
normalized_uri.should == expected_normalized_uri
expect(normalized_uri).to eq expected_normalized_uri
end
end
end
@ -139,11 +139,11 @@ describe Msf::Exploit::Remote::HttpClient do
end
it "should not have a trailing '/'" do
unnormalized_uri[-1, 1].should_not == '/'
expect(unnormalized_uri[-1, 1]).not_to eq '/'
end
it "should return original string" do
normalized_uri.should == expected_normalized_uri
expect(normalized_uri).to eq expected_normalized_uri
end
end
end
@ -158,19 +158,19 @@ describe Msf::Exploit::Remote::HttpClient do
end
it "should have trailing '/'" do
unnormalized_uri[-1, 1].should == '/'
expect(unnormalized_uri[-1, 1]).to eq '/'
end
it "should add starting '/'" do
normalized_uri[0, 1].should == '/'
expect(normalized_uri[0, 1]).to eq '/'
end
it "should not remove trailing '/'" do
normalized_uri[-1, 1].should == '/'
expect(normalized_uri[-1, 1]).to eq '/'
end
it 'should normalize the uri' do
normalized_uri.should == "#{expected_normalized_uri}"
expect(normalized_uri).to eq "#{expected_normalized_uri}"
end
context "with multiple internal '/'" do
@ -179,7 +179,7 @@ describe Msf::Exploit::Remote::HttpClient do
end
it "should remove doubled internal '/'" do
normalized_uri.should == expected_normalized_uri
expect(normalized_uri).to eq expected_normalized_uri
end
end
end
@ -190,15 +190,15 @@ describe Msf::Exploit::Remote::HttpClient do
end
it "should not have trailing '/'" do
unnormalized_uri[-1, 1].should_not == '/'
expect(unnormalized_uri[-1, 1]).not_to eq '/'
end
it "should add starting '/'" do
normalized_uri[0, 1].should == '/'
expect(normalized_uri[0, 1]).to eq '/'
end
it "should add trailing '/'" do
normalized_uri[-1, 1].should_not == '/'
expect(normalized_uri[-1, 1]).not_to eq '/'
end
end
end
@ -209,11 +209,11 @@ describe Msf::Exploit::Remote::HttpClient do
end
it "should be empty" do
unnormalized_uri.should be_empty
expect(unnormalized_uri).to be_empty
end
it "should return '/'" do
normalized_uri.should == '/'
expect(normalized_uri).to eq '/'
end
end
@ -223,11 +223,11 @@ describe Msf::Exploit::Remote::HttpClient do
end
it 'should be nil' do
unnormalized_uri.should be_nil
expect(unnormalized_uri).to be_nil
end
it "should return '/" do
normalized_uri.should == '/'
expect(normalized_uri).to eq '/'
end
end
end

2
spec/lib/msf/core/exploit/http/jboss/base_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'msf/core'
require 'msf/core/exploit/http/jboss'
describe Msf::Exploit::Remote::HTTP::JBoss::Base do
RSpec.describe Msf::Exploit::Remote::HTTP::JBoss::Base do
subject do
mod = ::Msf::Exploit.new
mod.extend Msf::Exploit::Remote::HTTP::JBoss

2
spec/lib/msf/core/exploit/http/jboss/bean_shell_scripts_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'msf/core'
require 'msf/core/exploit/http/jboss'
describe Msf::Exploit::Remote::HTTP::JBoss::BeanShellScripts do
RSpec.describe Msf::Exploit::Remote::HTTP::JBoss::BeanShellScripts do
subject do
mod = ::Msf::Exploit.new
mod.extend Msf::Exploit::Remote::HTTP::JBoss

2
spec/lib/msf/core/exploit/http/jboss/bean_shell_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'msf/core'
require 'msf/core/exploit/http/jboss'
describe Msf::Exploit::Remote::HTTP::JBoss::BeanShell do
RSpec.describe Msf::Exploit::Remote::HTTP::JBoss::BeanShell do
subject do
mod = ::Msf::Exploit.new

2
spec/lib/msf/core/exploit/http/jboss/deployment_file_repository_scripts_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'msf/core'
require 'msf/core/exploit/http/jboss'
describe Msf::Exploit::Remote::HTTP::JBoss::DeploymentFileRepositoryScripts do
RSpec.describe Msf::Exploit::Remote::HTTP::JBoss::DeploymentFileRepositoryScripts do
subject do
mod = ::Msf::Exploit.new
mod.extend Msf::Exploit::Remote::HTTP::JBoss

3
spec/lib/msf/core/exploit/http/jboss/deployment_file_repository_spec.rb
View File

@ -4,8 +4,7 @@ require 'spec_helper'
require 'msf/core'
require 'msf/core/exploit/http/jboss'
describe Msf::Exploit::Remote::HTTP::JBoss::DeploymentFileRepository do
RSpec.describe Msf::Exploit::Remote::HTTP::JBoss::DeploymentFileRepository do
subject do
mod = ::Msf::Exploit.new
mod.extend Msf::Exploit::Remote::HTTP::JBoss

30
spec/lib/msf/core/exploit/http/server_spec.rb
View File

@ -5,7 +5,7 @@ require 'spec_helper'
require 'msf/core'
require 'msf/core/exploit/http/server'
describe Msf::Exploit::Remote::HttpServer do
RSpec.describe Msf::Exploit::Remote::HttpServer do
subject(:server_module) do
mod = Msf::Exploit.allocate
@ -16,15 +16,13 @@ describe Msf::Exploit::Remote::HttpServer do
end
let(:mock_service) do
mock_service = double("service")
mock_service.stub(:server_name=)
mock_service.stub(:add_resource)
mock_service
double 'service',
add_resource: nil,
:'server_name=' => nil
end
before do
Rex::ServiceManager.stub(:start => mock_service)
allow(Rex::ServiceManager).to receive(:start).and_return(mock_service)
end
# Ensure the class is hooks Metasploit::Concern
@ -34,26 +32,26 @@ describe Msf::Exploit::Remote::HttpServer do
it "should call the ServiceManager's add_resource" do
server_module.start_service
mock_service.should_receive(:add_resource)
expect(mock_service).to receive(:add_resource)
server_module.add_resource('Path' => 'foo')
end
it "should re-raise if the resource has already been added" do
server_module.start_service
mock_service.should_receive(:add_resource).ordered
mock_service.should_receive(:add_resource).ordered.and_raise(RuntimeError)
expect(mock_service).to receive(:add_resource).ordered
expect(mock_service).to receive(:add_resource).ordered.and_raise(RuntimeError)
server_module.add_resource('Path' => 'foo')
expect { server_module.add_resource('Path' => 'foo') }.to raise_error
expect { server_module.add_resource('Path' => 'foo') }.to raise_error(RuntimeError)
end
end
describe "#cleanup" do
it "should not remove resources if none were successfully added" do
server_module.should_not_receive(:remove_resource)
expect(server_module).not_to receive(:remove_resource)
server_module.cleanup
end
@ -65,7 +63,7 @@ describe Msf::Exploit::Remote::HttpServer do
# The service will add one resource as part of #start_service, so
# add that to the number that we added manually
server_module.should_receive(:remove_resource).exactly(resources.count + 1).times
expect(server_module).to receive(:remove_resource).exactly(resources.count + 1).times
server_module.cleanup
end
@ -75,16 +73,16 @@ describe Msf::Exploit::Remote::HttpServer do
it "should call the ServiceManager's add_resource" do
server_module.start_service
mock_service.should_receive(:add_resource)
expect(mock_service).to receive(:add_resource)
server_module.hardcoded_uripath('foo')
end
it "should re-raise if the resource has already been added" do
server_module.start_service
mock_service.should_receive(:add_resource).ordered.and_raise(RuntimeError)
expect(mock_service).to receive(:add_resource).ordered.and_raise(RuntimeError)
expect { server_module.hardcoded_uripath('foo') }.to raise_error
expect { server_module.hardcoded_uripath('foo') }.to raise_error(RuntimeError)
end
end

2
spec/lib/msf/core/exploit/http/typo3_spec.rb
View File

@ -5,7 +5,7 @@ require 'msf/core'
require 'rex/proto/http/response'
require 'msf/core/exploit/http/typo3'
describe Msf::Exploit::Remote::HTTP::Typo3 do
RSpec.describe Msf::Exploit::Remote::HTTP::Typo3 do
subject do
mod = ::Msf::Module.new
mod.extend described_class

2
spec/lib/msf/core/exploit/http/wordpress/base_spec.rb
View File

@ -6,7 +6,7 @@ require 'msf/core/exploit'
require 'rex/proto/http/response'
require 'msf/core/exploit/http/wordpress'
describe Msf::Exploit::Remote::HTTP::Wordpress::Base do
RSpec.describe Msf::Exploit::Remote::HTTP::Wordpress::Base do
subject do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::HTTP::Wordpress

2
spec/lib/msf/core/exploit/http/wordpress/login_spec.rb
View File

@ -6,7 +6,7 @@ require 'msf/core/exploit'
require 'rex/proto/http/response'
require 'msf/core/exploit/http/wordpress'
describe Msf::Exploit::Remote::HTTP::Wordpress::Login do
RSpec.describe Msf::Exploit::Remote::HTTP::Wordpress::Login do
subject do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::HTTP::Wordpress

2
spec/lib/msf/core/exploit/http/wordpress/version_spec.rb
View File

@ -6,7 +6,7 @@ require 'msf/core/exploit'
require 'rex/proto/http/response'
require 'msf/core/exploit/http/wordpress'
describe Msf::Exploit::Remote::HTTP::Wordpress::Version do
RSpec.describe Msf::Exploit::Remote::HTTP::Wordpress::Version do
subject do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::HTTP::Wordpress

2
spec/lib/msf/core/exploit/kerberos/client/as_request_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'rex/proto/kerberos'
require 'msf/core/exploit/kerberos/client'
describe Msf::Exploit::Remote::Kerberos::Client::AsRequest do
RSpec.describe Msf::Exploit::Remote::Kerberos::Client::AsRequest do
subject do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Kerberos::Client

2
spec/lib/msf/core/exploit/kerberos/client/as_response_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'rex/proto/kerberos'
require 'msf/core/exploit/kerberos/client'
describe Msf::Exploit::Remote::Kerberos::Client::AsResponse do
RSpec.describe Msf::Exploit::Remote::Kerberos::Client::AsResponse do
subject do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Kerberos::Client

2
spec/lib/msf/core/exploit/kerberos/client/base_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'rex/proto/kerberos'
require 'msf/core/exploit/kerberos/client'
describe Msf::Exploit::Remote::Kerberos::Client::Base do
RSpec.describe Msf::Exploit::Remote::Kerberos::Client::Base do
subject do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Kerberos::Client

2
spec/lib/msf/core/exploit/kerberos/client/cache_credential_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'rex/proto/kerberos'
require 'msf/core/exploit/kerberos/client'
describe Msf::Exploit::Remote::Kerberos::Client::CacheCredential do
RSpec.describe Msf::Exploit::Remote::Kerberos::Client::CacheCredential do
subject do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Kerberos::Client

2
spec/lib/msf/core/exploit/kerberos/client/pac_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'rex/proto/kerberos'
require 'msf/core/exploit/kerberos/client'
describe Msf::Exploit::Remote::Kerberos::Client::Pac do
RSpec.describe Msf::Exploit::Remote::Kerberos::Client::Pac do
subject do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Kerberos::Client

2
spec/lib/msf/core/exploit/kerberos/client/tgs_request_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'rex/proto/kerberos'
require 'msf/core/exploit/kerberos/client'
describe Msf::Exploit::Remote::Kerberos::Client::TgsRequest do
RSpec.describe Msf::Exploit::Remote::Kerberos::Client::TgsRequest do
subject(:mod) do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Kerberos::Client

2
spec/lib/msf/core/exploit/kerberos/client/tgs_response_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'rex/proto/kerberos'
require 'msf/core/exploit/kerberos/client'
describe Msf::Exploit::Remote::Kerberos::Client::TgsResponse do
RSpec.describe Msf::Exploit::Remote::Kerberos::Client::TgsResponse do
subject do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Kerberos::Client

114
spec/lib/msf/core/exploit/powershell_spec.rb
View File

@ -8,7 +8,7 @@ def decompress(code)
Rex::Powershell::Script.new(code).decompress_code
end
describe Msf::Exploit::Powershell do
RSpec.describe Msf::Exploit::Powershell do
subject do
mod = Msf::Exploit.allocate
mod.extend described_class
@ -32,8 +32,8 @@ describe Msf::Exploit::Powershell do
describe "::encode_script" do
it 'should read and encode a sample script file' do
script = subject.encode_script(example_script)
script.should be
script.length.should be > 0
expect(script).to be
expect(script.length).to be > 0
end
end
@ -42,14 +42,14 @@ describe Msf::Exploit::Powershell do
it 'should create a compressed script' do
script = File.read(example_script)
compressed = subject.compress_script(script)
compressed.length.should be < script.length
compressed.include?('IO.Compression').should be_truthy
expect(compressed.length).to be < script.length
expect(compressed.include?('IO.Compression')).to be_truthy
end
it 'should create a compressed script with eof' do
script = File.read(example_script)
compressed = subject.compress_script(script, 'end_of_file')
compressed.include?('end_of_file').should be_truthy
expect(compressed.include?('end_of_file')).to be_truthy
end
end
@ -61,7 +61,7 @@ describe Msf::Exploit::Powershell do
it 'should strip comments' do
script = File.read(example_script)
compressed = subject.compress_script(script)
compressed.length.should be < script.length
expect(compressed.length).to be < script.length
end
end
context 'when strip_comment is false' do
@ -72,7 +72,7 @@ describe Msf::Exploit::Powershell do
it 'shouldnt strip comments' do
script = File.read(example_script)
compressed = subject.compress_script(script)
compressed.length.should be < script.length
expect(compressed.length).to be < script.length
end
end
@ -85,7 +85,7 @@ describe Msf::Exploit::Powershell do
it 'should strip whitespace' do
script = File.read(example_script)
compressed = subject.compress_script(script)
decompress(compressed).length.should be < script.length
expect(decompress(compressed).length).to be < script.length
end
end
@ -110,7 +110,7 @@ describe Msf::Exploit::Powershell do
it 'should substitute variables' do
script = File.read(example_script)
compressed = subject.compress_script(script)
decompress(compressed).include?('$hashes').should be_falsey
expect(decompress(compressed).include?('$hashes')).to be_falsey
end
end
@ -122,7 +122,7 @@ describe Msf::Exploit::Powershell do
it 'shouldnt substitute variables' do
script = File.read(example_script)
compressed = subject.compress_script(script)
decompress(compressed).include?('$hashes').should be_truthy
expect(decompress(compressed).include?('$hashes')).to be_truthy
end
end
@ -134,7 +134,7 @@ describe Msf::Exploit::Powershell do
it 'should substitute functions' do
script = File.read(example_script)
compressed = subject.compress_script(script)
decompress(compressed).include?('DumpHashes').should be_falsey
expect(decompress(compressed).include?('DumpHashes')).to be_falsey
end
end
@ -146,7 +146,7 @@ describe Msf::Exploit::Powershell do
it 'shouldnt substitute variables' do
script = File.read(example_script)
compressed = subject.compress_script(script)
decompress(compressed).include?('DumpHashes').should be_truthy
expect(decompress(compressed).include?('DumpHashes')).to be_truthy
end
end
end
@ -159,28 +159,28 @@ describe Msf::Exploit::Powershell do
context 'when x86 payload' do
it 'should generate code' do
code = subject.run_hidden_psh(payload, arch, encoded)
code.include?('syswow64').should be_truthy
expect(code.include?('syswow64')).to be_truthy
end
end
context 'when x64 payload' do
it 'should generate code' do
code = subject.run_hidden_psh(payload, 'x86_64', encoded)
code.include?('sysnative').should be_truthy
expect(code.include?('sysnative')).to be_truthy
end
end
context 'when encoded' do
it 'should generate a code including an encoded command' do
code = subject.run_hidden_psh(payload, arch, true)
code.include?('-nop -w hidden -e ').should be_truthy
expect(code.include?('-nop -w hidden -e ')).to be_truthy
end
end
context 'when command' do
it 'should generate code including a -c command' do
code = subject.run_hidden_psh(payload, arch, encoded)
code.include?('-nop -w hidden -c ').should be_truthy
expect(code.include?('-nop -w hidden -c ')).to be_truthy
end
end
@ -191,7 +191,7 @@ describe Msf::Exploit::Powershell do
end
it 'should generate a code including unshorted args' do
code = subject.run_hidden_psh(payload, arch, encoded)
code.include?('-NoProfile -WindowStyle hidden -NoExit -Command ').should be_truthy
expect(code.include?('-NoProfile -WindowStyle hidden -NoExit -Command ')).to be_truthy
end
end
end
@ -206,7 +206,7 @@ describe Msf::Exploit::Powershell do
except = true
end
except.should be_truthy
expect(except).to be_truthy
end
end
@ -217,7 +217,7 @@ describe Msf::Exploit::Powershell do
end
it 'should add a persistance loop' do
code = subject.cmd_psh_payload(payload, arch)
decompress(code).include?('while(1){Start-Sleep -s ').should be_truthy
expect(decompress(code).include?('while(1){Start-Sleep -s ')).to be_truthy
end
end
@ -228,7 +228,7 @@ describe Msf::Exploit::Powershell do
end
it 'shouldnt add a persistance loop' do
code = subject.cmd_psh_payload(payload, arch)
decompress(code).include?('while(1){Start-Sleep -s ').should be_falsey
expect(decompress(code).include?('while(1){Start-Sleep -s ')).to be_falsey
end
end
@ -239,7 +239,7 @@ describe Msf::Exploit::Powershell do
end
it 'should prepend sleep' do
code = subject.cmd_psh_payload(payload, arch)
decompress(code).include?('Start-Sleep -s ').should be_truthy
expect(decompress(code).include?('Start-Sleep -s ')).to be_truthy
end
end
@ -250,7 +250,7 @@ describe Msf::Exploit::Powershell do
end
it 'shouldnt prepend sleep' do
code = subject.cmd_psh_payload(payload, arch)
decompress(code).include?('Start-Sleep -s ').should be_falsey
expect(decompress(code).include?('Start-Sleep -s ')).to be_falsey
end
end
@ -261,7 +261,7 @@ describe Msf::Exploit::Powershell do
end
it 'shouldnt prepend sleep' do
code = subject.cmd_psh_payload(payload, arch)
decompress(code).include?('Start-Sleep -s ').should be_falsey
expect(decompress(code).include?('Start-Sleep -s ')).to be_falsey
end
end
@ -272,15 +272,15 @@ describe Msf::Exploit::Powershell do
end
it 'should generate a command line' do
code = subject.cmd_psh_payload(payload, arch)
decompress(code).include?('-namespace Win32Functions').should be_truthy
expect(decompress(code).include?('-namespace Win32Functions')).to be_truthy
end
it 'shouldnt shorten args' do
code = subject.cmd_psh_payload(payload, arch)
code.include?('-NoProfile -WindowStyle hidden -Command').should be_truthy
expect(code.include?('-NoProfile -WindowStyle hidden -Command')).to be_truthy
end
it 'should include -NoExit' do
code = subject.cmd_psh_payload(payload, arch)
code.include?('-NoProfile -WindowStyle hidden -NoExit -Command').should be_truthy
expect(code.include?('-NoProfile -WindowStyle hidden -NoExit -Command')).to be_truthy
end
end
@ -291,7 +291,7 @@ describe Msf::Exploit::Powershell do
end
it 'should generate a command line' do
code = subject.cmd_psh_payload(payload, arch)
decompress(code).include?('System.Runtime.InteropServices;').should be_truthy
expect(decompress(code).include?('System.Runtime.InteropServices;')).to be_truthy
end
end
@ -302,7 +302,7 @@ describe Msf::Exploit::Powershell do
end
it 'should generate a command line' do
code = subject.cmd_psh_payload(payload, arch)
decompress(code).include?('GlobalAssemblyCache').should be_truthy
expect(decompress(code).include?('GlobalAssemblyCache')).to be_truthy
end
end
@ -318,7 +318,7 @@ describe Msf::Exploit::Powershell do
rescue RuntimeError
except = true
end
except.should be_truthy
expect(except).to be_truthy
end
end
@ -333,7 +333,7 @@ describe Msf::Exploit::Powershell do
rescue RuntimeError
except = true
end
except.should be_truthy
expect(except).to be_truthy
end
after do
subject.datastore['Powershell::method'] = 'reflection'
@ -344,7 +344,7 @@ describe Msf::Exploit::Powershell do
context 'when encode_inner_payload' do
it 'should contain an inner payload with -e' do
code = subject.cmd_psh_payload(payload, arch, {:encode_inner_payload => true})
code.include?(' -e ').should be_truthy
expect(code.include?(' -e ')).to be_truthy
end
context 'when no_equals is true' do
@ -355,7 +355,7 @@ describe Msf::Exploit::Powershell do
rescue RuntimeError
except = true
end
except.should be_truthy
expect(except).to be_truthy
end
end
end
@ -364,16 +364,16 @@ describe Msf::Exploit::Powershell do
context 'when no_equals is false' do
it 'should contain a final payload with -e' do
code = subject.cmd_psh_payload(payload, arch, {:encode_final_payload => true, :no_equals => false})
code.include?(' -e ').should be_truthy
code.include?(' -c ').should be_falsey
expect(code.include?(' -e ')).to be_truthy
expect(code.include?(' -c ')).to be_falsey
end
end
context 'when no_equals is true' do
it 'should contain a final payload with -e' do
code = subject.cmd_psh_payload(payload, arch, {:encode_final_payload => true, :no_equals => true})
code.include?(' -e ').should be_truthy
code.include?(' -c ').should be_falsey
code.include?('=').should be_falsey
expect(code.include?(' -e ')).to be_truthy
expect(code.include?(' -c ')).to be_falsey
expect(code.include?('=')).to be_falsey
end
end
context 'when encode_inner_payload is true' do
@ -384,7 +384,7 @@ describe Msf::Exploit::Powershell do
rescue RuntimeError
except = true
end
except.should be_truthy
expect(except).to be_truthy
end
end
end
@ -392,14 +392,14 @@ describe Msf::Exploit::Powershell do
context 'when remove_comspec' do
it 'shouldnt contain %COMSPEC%' do
code = subject.cmd_psh_payload(payload, arch, {:remove_comspec => true})
code.include?('%COMSPEC%').should be_falsey
expect(code.include?('%COMSPEC%')).to be_falsey
end
end
context 'when use single quotes' do
it 'should wrap in single quotes' do
code = subject.cmd_psh_payload(payload, arch, {:use_single_quotes => true})
code.include?(' -c \'').should be_truthy
expect(code.include?(' -c \'')).to be_truthy
end
end
end
@ -408,33 +408,33 @@ describe Msf::Exploit::Powershell do
it 'should contain no full stop when :no_full_stop' do
opts = {:no_full_stop => true}
command = subject.generate_psh_command_line(opts)
command.include?("powershell ").should be_truthy
expect(command.include?("powershell ")).to be_truthy
end
it 'should contain full stop unless :no_full_stop' do
opts = {}
command = subject.generate_psh_command_line(opts)
command.include?("powershell.exe ").should be_truthy
expect(command.include?("powershell.exe ")).to be_truthy
opts = {:no_full_stop => false}
command = subject.generate_psh_command_line(opts)
command.include?("powershell.exe ").should be_truthy
expect(command.include?("powershell.exe ")).to be_truthy
end
it 'should ensure the path should always ends with \\' do
opts = {:path => "test"}
command = subject.generate_psh_command_line(opts)
command.include?("test\\powershell.exe ").should be_truthy
expect(command.include?("test\\powershell.exe ")).to be_truthy
opts = {:path => "test\\"}
command = subject.generate_psh_command_line(opts)
command.include?("test\\powershell.exe ").should be_truthy
expect(command.include?("test\\powershell.exe ")).to be_truthy
end
end
describe "::generate_psh_args" do
it 'should return empty string for nil opts' do
subject.generate_psh_args(nil).should eql ""
expect(subject.generate_psh_args(nil)).to eql ""
end
command_args = [[:encodedcommand, "parp"],
@ -466,18 +466,18 @@ describe Msf::Exploit::Powershell do
opt_length = opts.length - 1
short_args.should_not be_nil
long_args.should_not be_nil
short_args.count('-').should eql opt_length
long_args.count('-').should eql opt_length
short_args[0].should_not eql " "
long_args[0].should_not eql " "
short_args[-1].should_not eql " "
long_args[-1].should_not eql " "
expect(short_args).not_to be_nil
expect(long_args).not_to be_nil
expect(short_args.count('-')).to eql opt_length
expect(long_args.count('-')).to eql opt_length
expect(short_args[0]).not_to eql " "
expect(long_args[0]).not_to eql " "
expect(short_args[-1]).not_to eql " "
expect(long_args[-1]).not_to eql " "
if opts[:command]
long_args[-10..-1].should eql "-Command Z"
short_args[-4..-1].should eql "-c Z"
expect(long_args[-10..-1]).to eql "-Command Z"
expect(short_args[-4..-1]).to eql "-c Z"
end
end
end

18
spec/lib/msf/core/exploit/remote/browser_exploit_server_spec.rb
View File

@ -1,7 +1,7 @@
#require 'spec_helper'
require 'msf/core'
describe Msf::Exploit::Remote::BrowserExploitServer do
RSpec.describe Msf::Exploit::Remote::BrowserExploitServer do
let(:in_memory_profile) do
{
@ -38,9 +38,14 @@ describe Msf::Exploit::Remote::BrowserExploitServer do
end
let(:cli) do
sock = Rex::Socket::Tcp
sock_class = Class.new do
include Rex::Socket::Tcp
end
sock = sock_class.new
allow(sock).to receive(:peerhost).and_return('0.0.0.0')
allow(sock).to receive(:peerport).and_return(4444)
sock
end
@ -109,7 +114,7 @@ describe Msf::Exploit::Remote::BrowserExploitServer do
end
before do
Rex::ServiceManager.stub(:start => service_double)
allow(Rex::ServiceManager).to receive(:start).and_return(service_double)
end
before(:each) do
@ -149,7 +154,7 @@ describe Msf::Exploit::Remote::BrowserExploitServer do
fake_browser_info = nil
expect {
server.on_request_exploit(fake_cli, fake_request, fake_browser_info)
}.to raise_error
}.to raise_error(NoMethodError)
end
end
@ -157,7 +162,7 @@ describe Msf::Exploit::Remote::BrowserExploitServer do
it "returns a target" do
expected_object = double('Msf::Module::Target')
server.instance_variable_set(:@target, expected_object)
server.get_target.should eq(expected_object)
expect(server.get_target).to eq(expected_object)
end
end
@ -199,9 +204,6 @@ describe Msf::Exploit::Remote::BrowserExploitServer do
describe '#on_request_uri' do
before(:each) do
allow(server).to receive(:get_profile_info) { in_memory_profile }
allow(server).to receive(:init_profile).with(kind_of(String))
allow(server).to receive(:update_profile)
allow(server).to receive(:process_browser_info)
allow(server).to receive(:send_response) { @send_response_called = true }
allow(server).to receive(:send_redirect) { @send_redirect_called = true }

11
spec/lib/msf/core/exploit/remote/browser_profile_manager_spec.rb
View File

@ -1,12 +1,12 @@
require 'msf/core'
describe Msf::Exploit::Remote::BrowserProfileManager do
RSpec.describe Msf::Exploit::Remote::BrowserProfileManager do
subject do
subject(:exploit_remmote) {
mod = Msf::Exploit::Remote.allocate
mod.extend described_class
mod
end
}
let(:default_profile) do
{
@ -15,9 +15,8 @@ describe Msf::Exploit::Remote::BrowserProfileManager do
end
before(:each) do
framework = double('framework')
allow(framework).to receive(:browser_profiles).and_return(default_profile)
allow_any_instance_of(described_class).to receive(:framework).and_return(framework)
framework = double('framework', browser_profiles: default_profile)
allow(exploit_remmote).to receive(:framework).and_return(framework)
end
describe '#browser_profile_prefix' do

55
spec/lib/msf/core/exploit/remote/firefox_addon_generator_spec.rb
View File

@ -1,34 +1,39 @@
require 'spec_helper'
require 'msf/core'
describe Msf::Exploit::Remote::FirefoxAddonGenerator do
let(:datastore) { { 'TARGET' => 0 } }
let(:jar) { double(:pack => '@JAR@', :build_manifest => nil) }
let(:payload) { double(:encoded => '@EXE@', :encoded_jar => jar) }
let(:framework) { double(:nops => nil) }
let(:cli) { double }
subject(:mod) do
mod = Msf::Exploit::Remote.allocate
mod.extend described_class
mod.extend Msf::Exploit::Remote::BrowserExploitServer
mod.send(:initialize, {})
mod.stub(
:payload => payload,
:regenerate_payload => payload,
:framework => framework,
:datastore => datastore
)
mod
RSpec.describe Msf::Exploit::Remote::FirefoxAddonGenerator do
subject(:instance) do
klass.new.tap { |instance|
allow(instance).to receive(:datastore).and_return(datastore)
allow(instance).to receive(:framework).and_return(framework)
allow(instance).to receive(:payload).and_return(payload)
allow(instance).to receive(:regenerate_payload).and_return(payload)
}
end
let(:cli) { double }
let(:datastore) { { 'TARGET' => 0 } }
let(:framework) { double(:nops => nil) }
let(:jar) { double(:pack => '@JAR@', :build_manifest => nil) }
let(:klass) {
context_described_class = described_class
Class.new(Msf::Exploit::Remote) do
include Msf::Exploit::Remote::BrowserExploitServer
include context_described_class
end
}
let(:payload) { double(:encoded => '@EXE@', :encoded_jar => jar) }
it { is_expected.to respond_to :generate_addon_xpi }
describe '#generate_addon_xpi' do
let(:xpi) { mod.generate_addon_xpi(cli) }
subject(:xpi) {
instance.generate_addon_xpi(cli)
}
it { should respond_to :generate_addon_xpi }
it 'should return an instance of Rex::Zip::Archive' do
xpi.should be_kind_of Rex::Zip::Archive
end
it { is_expected.to be_a Rex::Zip::Archive }
end
end

2
spec/lib/msf/core/exploit/remote/firefox_privilege_escalation_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
require 'msf/core'
describe Msf::Exploit::Remote::FirefoxPrivilegeEscalation do
RSpec.describe Msf::Exploit::Remote::FirefoxPrivilegeEscalation do
it_should_behave_like 'Msf::Exploit::JSObfu'

2
spec/lib/msf/core/exploit/remote/java/rmi/builder_spec.rb
View File

@ -5,7 +5,7 @@ require 'rex/java/serialization'
require 'rex/proto/rmi'
require 'msf/core/exploit/java/rmi/builder'
describe Msf::Exploit::Remote::Java::Rmi::Builder do
RSpec.describe Msf::Exploit::Remote::Java::Rmi::Builder do
subject(:mod) do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Java::Rmi::Builder

2
spec/lib/msf/core/exploit/remote/java/rmi/client/jmx/connection/builder_spec.rb
View File

@ -6,7 +6,7 @@ require 'rex/java/serialization'
require 'rex/proto/rmi'
require 'msf/core/exploit/java/rmi/client'
describe Msf::Exploit::Remote::Java::Rmi::Client::Jmx::Connection::Builder do
RSpec.describe Msf::Exploit::Remote::Java::Rmi::Client::Jmx::Connection::Builder do
subject(:mod) do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Java::Rmi::Client

197
spec/lib/msf/core/exploit/remote/java/rmi/client/jmx/connection_spec.rb
View File

@ -4,82 +4,13 @@ require 'spec_helper'
require 'rex/java/serialization'
require 'rex/proto/rmi'
require 'msf/core/exploit/java/rmi/client'
require 'stringio'
describe Msf::Exploit::Remote::Java::Rmi::Client::Jmx::Connection do
RSpec.describe Msf::Exploit::Remote::Java::Rmi::Client::Jmx::Connection do
let(:name_get) { 'DefaultDomain:type=MLet' }
let(:get_object_instance_response) do
"\x51\xac\xed\x00\x05\x77\x0f\x01\x1e\xc8\x7c\x01\x00\x00\x01\x4c" +
"\x4e\x3d\x1c\x2f\x80\x08\x73\x72\x00\x1f\x6a\x61\x76\x61\x78\x2e" +
"\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74\x2e\x4f\x62\x6a\x65\x63" +
"\x74\x49\x6e\x73\x74\x61\x6e\x63\x65\xc7\x1a\x0a\xcf\xad\x28\x7b" +
"\x76\x02\x00\x02\x4c\x00\x09\x63\x6c\x61\x73\x73\x4e\x61\x6d\x65" +
"\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x53\x74" +
"\x72\x69\x6e\x67\x3b\x4c\x00\x04\x6e\x61\x6d\x65\x74\x00\x1d\x4c" +
"\x6a\x61\x76\x61\x78\x2f\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74" +
"\x2f\x4f\x62\x6a\x65\x63\x74\x4e\x61\x6d\x65\x3b\x70\x78\x70\x74" +
"\x00\x1d\x6a\x61\x76\x61\x78\x2e\x6d\x61\x6e\x61\x67\x65\x6d\x65" +
"\x6e\x74\x2e\x6c\x6f\x61\x64\x69\x6e\x67\x2e\x4d\x4c\x65\x74\x73" +
"\x72\x00\x1b\x6a\x61\x76\x61\x78\x2e\x6d\x61\x6e\x61\x67\x65\x6d" +
"\x65\x6e\x74\x2e\x4f\x62\x6a\x65\x63\x74\x4e\x61\x6d\x65\x0f\x03" +
"\xa7\x1b\xeb\x6d\x15\xcf\x03\x00\x00\x70\x78\x70\x74\x00\x17\x44" +
"\x65\x66\x61\x75\x6c\x74\x44\x6f\x6d\x61\x69\x6e\x3a\x74\x79\x70" +
"\x65\x3d\x4d\x4c\x65\x74\x78"
end
include_context "Msf::StringIO"
let(:name_create) { 'javax.management.loading.MLet' }
let(:create_mbean_response) do
"\x51\xac\xed\x00\x05\x77\x0f\x01\x1e\xc8\x7c\x01\x00\x00\x01\x4c" +
"\x4e\x3d\x1c\x2f\x80\x07\x73\x72\x00\x1f\x6a\x61\x76\x61\x78\x2e" +
"\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74\x2e\x4f\x62\x6a\x65\x63" +
"\x74\x49\x6e\x73\x74\x61\x6e\x63\x65\xc7\x1a\x0a\xcf\xad\x28\x7b" +
"\x76\x02\x00\x02\x4c\x00\x09\x63\x6c\x61\x73\x73\x4e\x61\x6d\x65" +
"\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x53\x74" +
"\x72\x69\x6e\x67\x3b\x4c\x00\x04\x6e\x61\x6d\x65\x74\x00\x1d\x4c" +
"\x6a\x61\x76\x61\x78\x2f\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74" +
"\x2f\x4f\x62\x6a\x65\x63\x74\x4e\x61\x6d\x65\x3b\x70\x78\x70\x74" +
"\x00\x1d\x6a\x61\x76\x61\x78\x2e\x6d\x61\x6e\x61\x67\x65\x6d\x65" +
"\x6e\x74\x2e\x6c\x6f\x61\x64\x69\x6e\x67\x2e\x4d\x4c\x65\x74\x73" +
"\x72\x00\x1b\x6a\x61\x76\x61\x78\x2e\x6d\x61\x6e\x61\x67\x65\x6d" +
"\x65\x6e\x74\x2e\x4f\x62\x6a\x65\x63\x74\x4e\x61\x6d\x65\x0f\x03" +
"\xa7\x1b\xeb\x6d\x15\xcf\x03\x00\x00\x70\x78\x70\x74\x00\x17\x44" +
"\x65\x66\x61\x75\x6c\x74\x44\x6f\x6d\x61\x69\x6e\x3a\x74\x79\x70" +
"\x65\x3d\x4d\x4c\x65\x74\x78"
end
let(:invoke_args) do
{
object: 'DefaultDomain:type=MLet',
method: 'getMBeansFromURL',
args: { 'java.lang.String' => 'http:///http://192.168.0.3:8080/nH8rSZGf5WkYF/mlet' }
}
end
let(:invoke_response) do
"\x51\xac\xed\x00\x05\x77\x0f\x01\x1e\xc8\x7c\x01\x00\x00\x01\x4c" +
"\x4e\x3d\x1c\x2f\x80\x09\x73\x72\x00\x11\x6a\x61\x76\x61\x2e\x75" +
"\x74\x69\x6c\x2e\x48\x61\x73\x68\x53\x65\x74\xba\x44\x85\x95\x96" +
"\xb8\xb7\x34\x03\x00\x00\x70\x78\x70\x77\x0c\x00\x00\x00\x10\x3f" +
"\x40\x00\x00\x00\x00\x00\x01\x73\x72\x00\x1f\x6a\x61\x76\x61\x78" +
"\x2e\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74\x2e\x4f\x62\x6a\x65" +
"\x63\x74\x49\x6e\x73\x74\x61\x6e\x63\x65\xc7\x1a\x0a\xcf\xad\x28" +
"\x7b\x76\x02\x00\x02\x4c\x00\x09\x63\x6c\x61\x73\x73\x4e\x61\x6d" +
"\x65\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x53" +
"\x74\x72\x69\x6e\x67\x3b\x4c\x00\x04\x6e\x61\x6d\x65\x74\x00\x1d" +
"\x4c\x6a\x61\x76\x61\x78\x2f\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e" +
"\x74\x2f\x4f\x62\x6a\x65\x63\x74\x4e\x61\x6d\x65\x3b\x70\x78\x70" +
"\x74\x00\x15\x6d\x65\x74\x61\x73\x70\x6c\x6f\x69\x74\x2e\x4a\x4d" +
"\x58\x50\x61\x79\x6c\x6f\x61\x64\x73\x72\x00\x1b\x6a\x61\x76\x61" +
"\x78\x2e\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74\x2e\x4f\x62\x6a" +
"\x65\x63\x74\x4e\x61\x6d\x65\x0f\x03\xa7\x1b\xeb\x6d\x15\xcf\x03" +
"\x00\x00\x70\x78\x70\x74\x00\x21\x4d\x4c\x65\x74\x47\x78\x61\x7a" +
"\x6f\x6f\x6d\x79\x3a\x6e\x61\x6d\x65\x3d\x6a\x6d\x78\x70\x61\x79" +
"\x6c\x6f\x61\x64\x2c\x69\x64\x3d\x31\x78\x78"
end
let(:remote_address) do
'172.16.158.132'
end
@ -91,76 +22,114 @@ describe Msf::Exploit::Remote::Java::Rmi::Client::Jmx::Connection do
mod
end
let(:io) { StringIO.new('', 'w+b') }
describe "#send_jmx_get_object_instance" do
context "when the object exists" do
before(:each) do
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.seek(0)
io.write(get_object_instance_response)
io.seek(0)
end
allow_any_instance_of(::StringIO).to receive(:get_once) do |io, length, timeout|
io.read
end
#
# lets
#
allow_any_instance_of(::StringIO).to receive(:has_read_data?) do |io|
false
end
end
let(:name_get) { 'DefaultDomain:type=MLet' }
let(:get_object_instance_response) {
"\x51\xac\xed\x00\x05\x77\x0f\x01\x1e\xc8\x7c\x01\x00\x00\x01\x4c" +
"\x4e\x3d\x1c\x2f\x80\x08\x73\x72\x00\x1f\x6a\x61\x76\x61\x78\x2e" +
"\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74\x2e\x4f\x62\x6a\x65\x63" +
"\x74\x49\x6e\x73\x74\x61\x6e\x63\x65\xc7\x1a\x0a\xcf\xad\x28\x7b" +
"\x76\x02\x00\x02\x4c\x00\x09\x63\x6c\x61\x73\x73\x4e\x61\x6d\x65" +
"\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x53\x74" +
"\x72\x69\x6e\x67\x3b\x4c\x00\x04\x6e\x61\x6d\x65\x74\x00\x1d\x4c" +
"\x6a\x61\x76\x61\x78\x2f\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74" +
"\x2f\x4f\x62\x6a\x65\x63\x74\x4e\x61\x6d\x65\x3b\x70\x78\x70\x74" +
"\x00\x1d\x6a\x61\x76\x61\x78\x2e\x6d\x61\x6e\x61\x67\x65\x6d\x65" +
"\x6e\x74\x2e\x6c\x6f\x61\x64\x69\x6e\x67\x2e\x4d\x4c\x65\x74\x73" +
"\x72\x00\x1b\x6a\x61\x76\x61\x78\x2e\x6d\x61\x6e\x61\x67\x65\x6d" +
"\x65\x6e\x74\x2e\x4f\x62\x6a\x65\x63\x74\x4e\x61\x6d\x65\x0f\x03" +
"\xa7\x1b\xeb\x6d\x15\xcf\x03\x00\x00\x70\x78\x70\x74\x00\x17\x44" +
"\x65\x66\x61\x75\x6c\x74\x44\x6f\x6d\x61\x69\x6e\x3a\x74\x79\x70" +
"\x65\x3d\x4d\x4c\x65\x74\x78"
}
it "returns true" do
expect(mod.send_jmx_get_object_instance(sock: io, name: name_get)).to be_truthy
msf_io.msf_data = get_object_instance_response
expect(mod.send_jmx_get_object_instance(sock: msf_io, name: name_get)).to be_truthy
end
end
end
describe "#send_jmx_create_mbean" do
context "when the object is created successfully" do
before(:each) do
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.seek(0)
io.write(create_mbean_response)
io.seek(0)
end
allow_any_instance_of(::StringIO).to receive(:get_once) do |io, length, timeout|
io.read
end
#
# lets
#
allow_any_instance_of(::StringIO).to receive(:has_read_data?) do |io|
false
end
end
let(:create_mbean_response) {
"\x51\xac\xed\x00\x05\x77\x0f\x01\x1e\xc8\x7c\x01\x00\x00\x01\x4c" +
"\x4e\x3d\x1c\x2f\x80\x07\x73\x72\x00\x1f\x6a\x61\x76\x61\x78\x2e" +
"\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74\x2e\x4f\x62\x6a\x65\x63" +
"\x74\x49\x6e\x73\x74\x61\x6e\x63\x65\xc7\x1a\x0a\xcf\xad\x28\x7b" +
"\x76\x02\x00\x02\x4c\x00\x09\x63\x6c\x61\x73\x73\x4e\x61\x6d\x65" +
"\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x53\x74" +
"\x72\x69\x6e\x67\x3b\x4c\x00\x04\x6e\x61\x6d\x65\x74\x00\x1d\x4c" +
"\x6a\x61\x76\x61\x78\x2f\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74" +
"\x2f\x4f\x62\x6a\x65\x63\x74\x4e\x61\x6d\x65\x3b\x70\x78\x70\x74" +
"\x00\x1d\x6a\x61\x76\x61\x78\x2e\x6d\x61\x6e\x61\x67\x65\x6d\x65" +
"\x6e\x74\x2e\x6c\x6f\x61\x64\x69\x6e\x67\x2e\x4d\x4c\x65\x74\x73" +
"\x72\x00\x1b\x6a\x61\x76\x61\x78\x2e\x6d\x61\x6e\x61\x67\x65\x6d" +
"\x65\x6e\x74\x2e\x4f\x62\x6a\x65\x63\x74\x4e\x61\x6d\x65\x0f\x03" +
"\xa7\x1b\xeb\x6d\x15\xcf\x03\x00\x00\x70\x78\x70\x74\x00\x17\x44" +
"\x65\x66\x61\x75\x6c\x74\x44\x6f\x6d\x61\x69\x6e\x3a\x74\x79\x70" +
"\x65\x3d\x4d\x4c\x65\x74\x78"
}
it "returns true" do
expect(mod.send_jmx_create_mbean(sock: io, name: name_create)).to be_truthy
msf_io.msf_data = create_mbean_response
expect(mod.send_jmx_create_mbean(sock: msf_io, name: name_create)).to be_truthy
end
end
end
describe "#send_jmx_invoke" do
context "when the remote method is called successfully" do
before(:each) do
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.seek(0)
io.write(invoke_response)
io.seek(0)
end
allow_any_instance_of(::StringIO).to receive(:get_once) do |io, length, timeout|
io.read
end
#
# lets
#
allow_any_instance_of(::StringIO).to receive(:has_read_data?) do |io|
false
end
let(:invoke_args) do
{
object: 'DefaultDomain:type=MLet',
method: 'getMBeansFromURL',
args: { 'java.lang.String' => 'http:///http://192.168.0.3:8080/nH8rSZGf5WkYF/mlet' }
}
end
let(:invoke_response) do
"\x51\xac\xed\x00\x05\x77\x0f\x01\x1e\xc8\x7c\x01\x00\x00\x01\x4c" +
"\x4e\x3d\x1c\x2f\x80\x09\x73\x72\x00\x11\x6a\x61\x76\x61\x2e\x75" +
"\x74\x69\x6c\x2e\x48\x61\x73\x68\x53\x65\x74\xba\x44\x85\x95\x96" +
"\xb8\xb7\x34\x03\x00\x00\x70\x78\x70\x77\x0c\x00\x00\x00\x10\x3f" +
"\x40\x00\x00\x00\x00\x00\x01\x73\x72\x00\x1f\x6a\x61\x76\x61\x78" +
"\x2e\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74\x2e\x4f\x62\x6a\x65" +
"\x63\x74\x49\x6e\x73\x74\x61\x6e\x63\x65\xc7\x1a\x0a\xcf\xad\x28" +
"\x7b\x76\x02\x00\x02\x4c\x00\x09\x63\x6c\x61\x73\x73\x4e\x61\x6d" +
"\x65\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x53" +
"\x74\x72\x69\x6e\x67\x3b\x4c\x00\x04\x6e\x61\x6d\x65\x74\x00\x1d" +
"\x4c\x6a\x61\x76\x61\x78\x2f\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e" +
"\x74\x2f\x4f\x62\x6a\x65\x63\x74\x4e\x61\x6d\x65\x3b\x70\x78\x70" +
"\x74\x00\x15\x6d\x65\x74\x61\x73\x70\x6c\x6f\x69\x74\x2e\x4a\x4d" +
"\x58\x50\x61\x79\x6c\x6f\x61\x64\x73\x72\x00\x1b\x6a\x61\x76\x61" +
"\x78\x2e\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74\x2e\x4f\x62\x6a" +
"\x65\x63\x74\x4e\x61\x6d\x65\x0f\x03\xa7\x1b\xeb\x6d\x15\xcf\x03" +
"\x00\x00\x70\x78\x70\x74\x00\x21\x4d\x4c\x65\x74\x47\x78\x61\x7a" +
"\x6f\x6f\x6d\x79\x3a\x6e\x61\x6d\x65\x3d\x6a\x6d\x78\x70\x61\x79" +
"\x6c\x6f\x61\x64\x2c\x69\x64\x3d\x31\x78\x78"
end
it "returns true" do
expect(mod.send_jmx_invoke(invoke_args.merge(sock: io))).to be_truthy
msf_io.msf_data = invoke_response
expect(mod.send_jmx_invoke(invoke_args.merge(sock: msf_io))).to be_truthy
end
end
end

2
spec/lib/msf/core/exploit/remote/java/rmi/client/jmx/server/builder_spec.rb
View File

@ -6,7 +6,7 @@ require 'rex/java/serialization'
require 'rex/proto/rmi'
require 'msf/core/exploit/java/rmi/client'
describe Msf::Exploit::Remote::Java::Rmi::Client::Jmx::Server::Builder do
RSpec.describe Msf::Exploit::Remote::Java::Rmi::Client::Jmx::Server::Builder do
subject(:mod) do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Java::Rmi::Client

2
spec/lib/msf/core/exploit/remote/java/rmi/client/jmx/server/parser_spec.rb
View File

@ -5,7 +5,7 @@ require 'rex/java/serialization'
require 'rex/proto/rmi'
require 'msf/core/exploit/java/rmi/client'
describe Msf::Exploit::Remote::Java::Rmi::Client::Jmx::Server::Parser do
RSpec.describe Msf::Exploit::Remote::Java::Rmi::Client::Jmx::Server::Parser do
subject(:mod) do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Java::Rmi::Client

82
spec/lib/msf/core/exploit/remote/java/rmi/client/jmx/server_spec.rb
View File

@ -4,61 +4,53 @@ require 'spec_helper'
require 'rex/java/serialization'
require 'rex/proto/rmi'
require 'msf/core/exploit/java/rmi/client'
require 'stringio'
describe Msf::Exploit::Remote::Java::Rmi::Client::Jmx::Server do
RSpec.describe Msf::Exploit::Remote::Java::Rmi::Client::Jmx::Server do
let(:new_client_response) do
"\x51\xac\xed\x00\x05\x77\x0f\x01\x82\x73\x92\x35\x00\x00\x01\x4c" +
"\x48\x27\x84\x49\x80\xbf\x73\x72\x00\x32\x6a\x61\x76\x61\x78\x2e" +
"\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74\x2e\x72\x65\x6d\x6f\x74" +
"\x65\x2e\x72\x6d\x69\x2e\x52\x4d\x49\x43\x6f\x6e\x6e\x65\x63\x74" +
"\x69\x6f\x6e\x49\x6d\x70\x6c\x5f\x53\x74\x75\x62\x00\x00\x00\x00" +
"\x00\x00\x00\x02\x02\x00\x00\x70\x78\x72\x00\x1a\x6a\x61\x76\x61" +
"\x2e\x72\x6d\x69\x2e\x73\x65\x72\x76\x65\x72\x2e\x52\x65\x6d\x6f" +
"\x74\x65\x53\x74\x75\x62\xe9\xfe\xdc\xc9\x8b\xe1\x65\x1a\x02\x00" +
"\x00\x70\x78\x72\x00\x1c\x6a\x61\x76\x61\x2e\x72\x6d\x69\x2e\x73" +
"\x65\x72\x76\x65\x72\x2e\x52\x65\x6d\x6f\x74\x65\x4f\x62\x6a\x65" +
"\x63\x74\xd3\x61\xb4\x91\x0c\x61\x33\x1e\x03\x00\x00\x70\x78\x70" +
"\x77\x37\x00\x0a\x55\x6e\x69\x63\x61\x73\x74\x52\x65\x66\x00\x0e" +
"\x31\x37\x32\x2e\x31\x36\x2e\x31\x35\x38\x2e\x31\x33\x32\x00\x00" +
"\x13\x26\xa2\x01\x50\x97\x40\xd4\x90\xd1\x82\x73\x92\x35\x00\x00" +
"\x01\x4c\x48\x27\x84\x49\x80\xbe\x01\x78"
end
include_context "Msf::StringIO"
subject(:instance) {
klass.new
}
let(:remote_address) do
'172.16.158.132'
end
subject(:mod) do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Java::Rmi::Client
mod.send(:initialize)
mod
end
let(:io) { StringIO.new('', 'w+b') }
let(:klass) {
Class.new(Msf::Exploit) do
include Msf::Exploit::Remote::Java::Rmi::Client
end
}
describe "#send_new_client" do
context "when there is an RMIServerImpl_Stub interface" do
before(:each) do
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.seek(0)
io.write(new_client_response)
io.seek(0)
end
allow_any_instance_of(::StringIO).to receive(:get_once) do |io, length, timeout|
io.read
end
#
# lets
#
allow_any_instance_of(::StringIO).to receive(:has_read_data?) do |io|
false
end
end
let(:remote_address) {
'172.16.158.132'
}
let(:new_client_response) {
"\x51\xac\xed\x00\x05\x77\x0f\x01\x82\x73\x92\x35\x00\x00\x01\x4c" +
"\x48\x27\x84\x49\x80\xbf\x73\x72\x00\x32\x6a\x61\x76\x61\x78\x2e" +
"\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74\x2e\x72\x65\x6d\x6f\x74" +
"\x65\x2e\x72\x6d\x69\x2e\x52\x4d\x49\x43\x6f\x6e\x6e\x65\x63\x74" +
"\x69\x6f\x6e\x49\x6d\x70\x6c\x5f\x53\x74\x75\x62\x00\x00\x00\x00" +
"\x00\x00\x00\x02\x02\x00\x00\x70\x78\x72\x00\x1a\x6a\x61\x76\x61" +
"\x2e\x72\x6d\x69\x2e\x73\x65\x72\x76\x65\x72\x2e\x52\x65\x6d\x6f" +
"\x74\x65\x53\x74\x75\x62\xe9\xfe\xdc\xc9\x8b\xe1\x65\x1a\x02\x00" +
"\x00\x70\x78\x72\x00\x1c\x6a\x61\x76\x61\x2e\x72\x6d\x69\x2e\x73" +
"\x65\x72\x76\x65\x72\x2e\x52\x65\x6d\x6f\x74\x65\x4f\x62\x6a\x65" +
"\x63\x74\xd3\x61\xb4\x91\x0c\x61\x33\x1e\x03\x00\x00\x70\x78\x70" +
"\x77\x37\x00\x0a\x55\x6e\x69\x63\x61\x73\x74\x52\x65\x66\x00\x0e" +
"\x31\x37\x32\x2e\x31\x36\x2e\x31\x35\x38\x2e\x31\x33\x32\x00\x00" +
"\x13\x26\xa2\x01\x50\x97\x40\xd4\x90\xd1\x82\x73\x92\x35\x00\x00" +
"\x01\x4c\x48\x27\x84\x49\x80\xbe\x01\x78"
}
it "returns the reference information" do
expect(mod.send_new_client(sock: io)[:address]).to eq(remote_address)
msf_io.msf_data = new_client_response
expect(instance.send_new_client(sock: msf_io)[:address]).to eq(remote_address)
end
end
end

2
spec/lib/msf/core/exploit/remote/java/rmi/client/registry/builder_spec.rb
View File

@ -5,7 +5,7 @@ require 'rex/java/serialization'
require 'rex/proto/rmi'
require 'msf/core/exploit/java/rmi/client'
describe ::Msf::Exploit::Remote::Java::Rmi::Client::Registry::Builder do
RSpec.describe ::Msf::Exploit::Remote::Java::Rmi::Client::Registry::Builder do
subject(:mod) do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Java::Rmi::Client

2
spec/lib/msf/core/exploit/remote/java/rmi/client/registry/parser_spec.rb
View File

@ -5,7 +5,7 @@ require 'rex/java/serialization'
require 'rex/proto/rmi'
require 'msf/core/exploit/java/rmi/client'
describe Msf::Exploit::Remote::Java::Rmi::Client::Registry::Parser do
RSpec.describe Msf::Exploit::Remote::Java::Rmi::Client::Registry::Parser do
subject(:mod) do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Java::Rmi::Client

326
spec/lib/msf/core/exploit/remote/java/rmi/client/registry_spec.rb
View File

@ -4,135 +4,10 @@ require 'spec_helper'
require 'rex/java/serialization'
require 'rex/proto/rmi'
require 'msf/core/exploit/java/rmi/client'
require 'stringio'
describe Msf::Exploit::Remote::Java::Rmi::Client::Registry do
RSpec.describe Msf::Exploit::Remote::Java::Rmi::Client::Registry do
let(:list_with_names_response) do
"\x51\xac\xed\x00\x05\x77\x0f\x01\x82\x73\x92\x35\x00\x00\x01\x4c" +
"\x48\x27\x84\x49\x80\xb9\x75\x72\x00\x13\x5b\x4c\x6a\x61\x76\x61" +
"\x2e\x6c\x61\x6e\x67\x2e\x53\x74\x72\x69\x6e\x67\x3b\xad\xd2\x56" +
"\xe7\xe9\x1d\x7b\x47\x02\x00\x00\x70\x78\x70\x00\x00\x00\x01\x74" +
"\x00\x06\x6a\x6d\x78\x72\x6d\x69"
end
let(:list_empty_response) do
"\x51\xac\xed\x00\x05\x77\x0f\x01\xbb\x2e\x19\xae\x00\x00\x01\x4c" +
"\x32\xa9\x92\x56\x80\x04\x75\x72\x00\x13\x5b\x4c\x6a\x61\x76\x61" +
"\x2e\x6c\x61\x6e\x67\x2e\x53\x74\x72\x69\x6e\x67\x3b\xad\xd2\x56" +
"\xe7\xe9\x1d\x7b\x47\x02\x00\x00\x70\x78\x70\x00\x00\x00\x00"
end
let(:lookup_response) do
"\x51\xac\xed\x00\x05\x77\x0f\x01\x82\x73\x92\x35\x00\x00\x01\x4c" +
"\x48\x27\x84\x49\x80\xba\x73\x72\x00\x2e\x6a\x61\x76\x61\x78\x2e" +
"\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74\x2e\x72\x65\x6d\x6f\x74" +
"\x65\x2e\x72\x6d\x69\x2e\x52\x4d\x49\x53\x65\x72\x76\x65\x72\x49" +
"\x6d\x70\x6c\x5f\x53\x74\x75\x62\x00\x00\x00\x00\x00\x00\x00\x02" +
"\x02\x00\x00\x70\x78\x72\x00\x1a\x6a\x61\x76\x61\x2e\x72\x6d\x69" +
"\x2e\x73\x65\x72\x76\x65\x72\x2e\x52\x65\x6d\x6f\x74\x65\x53\x74" +
"\x75\x62\xe9\xfe\xdc\xc9\x8b\xe1\x65\x1a\x02\x00\x00\x70\x78\x72" +
"\x00\x1c\x6a\x61\x76\x61\x2e\x72\x6d\x69\x2e\x73\x65\x72\x76\x65" +
"\x72\x2e\x52\x65\x6d\x6f\x74\x65\x4f\x62\x6a\x65\x63\x74\xd3\x61" +
"\xb4\x91\x0c\x61\x33\x1e\x03\x00\x00\x70\x78\x70\x77\x37\x00\x0a" +
"\x55\x6e\x69\x63\x61\x73\x74\x52\x65\x66\x00\x0e\x31\x37\x32\x2e" +
"\x31\x36\x2e\x31\x35\x38\x2e\x31\x33\x32\x00\x00\x13\x26\xa0\x59" +
"\x9d\x0d\x09\xd3\x01\xbd\x82\x73\x92\x35\x00\x00\x01\x4c\x48\x27" +
"\x84\x49\x80\x01\x01\x78"
end
let(:lookup_exception) do
"\x51\xac\xed\x00\x05\x77\x0f\x02\x82\x73\x92\x35\x00\x00\x01\x4c" +
"\x48\x27\x84\x49\x80\xbc\x73\x72\x00\x1a\x6a\x61\x76\x61\x2e\x72" +
"\x6d\x69\x2e\x4e\x6f\x74\x42\x6f\x75\x6e\x64\x45\x78\x63\x65\x70" +
"\x74\x69\x6f\x6e\xe6\x37\xf9\xa7\x2d\x7c\x3a\xfb\x02\x00\x00\x70" +
"\x78\x72\x00\x13\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x45\x78" +
"\x63\x65\x70\x74\x69\x6f\x6e\xd0\xfd\x1f\x3e\x1a\x3b\x1c\xc4\x02" +
"\x00\x00\x70\x78\x72\x00\x13\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67" +
"\x2e\x54\x68\x72\x6f\x77\x61\x62\x6c\x65\xd5\xc6\x35\x27\x39\x77" +
"\xb8\xcb\x03\x00\x04\x4c\x00\x05\x63\x61\x75\x73\x65\x74\x00\x15" +
"\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x54\x68\x72\x6f\x77" +
"\x61\x62\x6c\x65\x3b\x4c\x00\x0d\x64\x65\x74\x61\x69\x6c\x4d\x65" +
"\x73\x73\x61\x67\x65\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61" +
"\x6e\x67\x2f\x53\x74\x72\x69\x6e\x67\x3b\x5b\x00\x0a\x73\x74\x61" +
"\x63\x6b\x54\x72\x61\x63\x65\x74\x00\x1e\x5b\x4c\x6a\x61\x76\x61" +
"\x2f\x6c\x61\x6e\x67\x2f\x53\x74\x61\x63\x6b\x54\x72\x61\x63\x65" +
"\x45\x6c\x65\x6d\x65\x6e\x74\x3b\x4c\x00\x14\x73\x75\x70\x70\x72" +
"\x65\x73\x73\x65\x64\x45\x78\x63\x65\x70\x74\x69\x6f\x6e\x73\x74" +
"\x00\x10\x4c\x6a\x61\x76\x61\x2f\x75\x74\x69\x6c\x2f\x4c\x69\x73" +
"\x74\x3b\x70\x78\x70\x71\x00\x7e\x00\x07\x74\x00\x2f\x4e\x6f\x74" +
"\x20\x62\x6f\x75\x6e\x64\x3a\x20\x22\x74\x65\x73\x74\x22\x20\x28" +
"\x6f\x6e\x6c\x79\x20\x62\x6f\x75\x6e\x64\x20\x6e\x61\x6d\x65\x20" +
"\x69\x73\x20\x22\x6a\x6d\x78\x72\x6d\x69\x22\x29\x75\x72\x00\x1e" +
"\x5b\x4c\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x53\x74\x61\x63" +
"\x6b\x54\x72\x61\x63\x65\x45\x6c\x65\x6d\x65\x6e\x74\x3b\x02\x46" +
"\x2a\x3c\x3c\xfd\x22\x39\x02\x00\x00\x70\x78\x70\x00\x00\x00\x0e" +
"\x73\x72\x00\x1b\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x53\x74" +
"\x61\x63\x6b\x54\x72\x61\x63\x65\x45\x6c\x65\x6d\x65\x6e\x74\x61" +
"\x09\xc5\x9a\x26\x36\xdd\x85\x02\x00\x04\x49\x00\x0a\x6c\x69\x6e" +
"\x65\x4e\x75\x6d\x62\x65\x72\x4c\x00\x0e\x64\x65\x63\x6c\x61\x72" +
"\x69\x6e\x67\x43\x6c\x61\x73\x73\x71\x00\x7e\x00\x04\x4c\x00\x08" +
"\x66\x69\x6c\x65\x4e\x61\x6d\x65\x71\x00\x7e\x00\x04\x4c\x00\x0a" +
"\x6d\x65\x74\x68\x6f\x64\x4e\x61\x6d\x65\x71\x00\x7e\x00\x04\x70" +
"\x78\x70\xff\xff\xff\xff\x74\x00\x2c\x73\x75\x6e\x2e\x6d\x61\x6e" +
"\x61\x67\x65\x6d\x65\x6e\x74\x2e\x6a\x6d\x78\x72\x65\x6d\x6f\x74" +
"\x65\x2e\x53\x69\x6e\x67\x6c\x65\x45\x6e\x74\x72\x79\x52\x65\x67" +
"\x69\x73\x74\x72\x79\x70\x74\x00\x06\x6c\x6f\x6f\x6b\x75\x70\x73" +
"\x71\x00\x7e\x00\x0b\xff\xff\xff\xff\x74\x00\x22\x73\x75\x6e\x2e" +
"\x72\x6d\x69\x2e\x72\x65\x67\x69\x73\x74\x72\x79\x2e\x52\x65\x67" +
"\x69\x73\x74\x72\x79\x49\x6d\x70\x6c\x5f\x53\x6b\x65\x6c\x70\x74" +
"\x00\x08\x64\x69\x73\x70\x61\x74\x63\x68\x73\x71\x00\x7e\x00\x0b" +
"\xff\xff\xff\xff\x74\x00\x1f\x73\x75\x6e\x2e\x72\x6d\x69\x2e\x73" +
"\x65\x72\x76\x65\x72\x2e\x55\x6e\x69\x63\x61\x73\x74\x53\x65\x72" +
"\x76\x65\x72\x52\x65\x66\x70\x74\x00\x0b\x6f\x6c\x64\x44\x69\x73" +
"\x70\x61\x74\x63\x68\x73\x71\x00\x7e\x00\x0b\xff\xff\xff\xff\x71" +
"\x00\x7e\x00\x13\x70\x71\x00\x7e\x00\x11\x73\x71\x00\x7e\x00\x0b" +
"\xff\xff\xff\xff\x74\x00\x1d\x73\x75\x6e\x2e\x72\x6d\x69\x2e\x74" +
"\x72\x61\x6e\x73\x70\x6f\x72\x74\x2e\x54\x72\x61\x6e\x73\x70\x6f" +
"\x72\x74\x24\x31\x70\x74\x00\x03\x72\x75\x6e\x73\x71\x00\x7e\x00" +
"\x0b\xff\xff\xff\xff\x71\x00\x7e\x00\x17\x70\x71\x00\x7e\x00\x18" +
"\x73\x71\x00\x7e\x00\x0b\xff\xff\xff\xfe\x74\x00\x1e\x6a\x61\x76" +
"\x61\x2e\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x41\x63\x63\x65\x73" +
"\x73\x43\x6f\x6e\x74\x72\x6f\x6c\x6c\x65\x72\x70\x74\x00\x0c\x64" +
"\x6f\x50\x72\x69\x76\x69\x6c\x65\x67\x65\x64\x73\x71\x00\x7e\x00" +
"\x0b\xff\xff\xff\xff\x74\x00\x1b\x73\x75\x6e\x2e\x72\x6d\x69\x2e" +
"\x74\x72\x61\x6e\x73\x70\x6f\x72\x74\x2e\x54\x72\x61\x6e\x73\x70" +
"\x6f\x72\x74\x70\x74\x00\x0b\x73\x65\x72\x76\x69\x63\x65\x43\x61" +
"\x6c\x6c\x73\x71\x00\x7e\x00\x0b\xff\xff\xff\xff\x74\x00\x22\x73" +
"\x75\x6e\x2e\x72\x6d\x69\x2e\x74\x72\x61\x6e\x73\x70\x6f\x72\x74" +
"\x2e\x74\x63\x70\x2e\x54\x43\x50\x54\x72\x61\x6e\x73\x70\x6f\x72" +
"\x74\x70\x74\x00\x0e\x68\x61\x6e\x64\x6c\x65\x4d\x65\x73\x73\x61" +
"\x67\x65\x73\x73\x71\x00\x7e\x00\x0b\xff\xff\xff\xff\x74\x00\x34" +
"\x73\x75\x6e\x2e\x72\x6d\x69\x2e\x74\x72\x61\x6e\x73\x70\x6f\x72" +
"\x74\x2e\x74\x63\x70\x2e\x54\x43\x50\x54\x72\x61\x6e\x73\x70\x6f" +
"\x72\x74\x24\x43\x6f\x6e\x6e\x65\x63\x74\x69\x6f\x6e\x48\x61\x6e" +
"\x64\x6c\x65\x72\x70\x74\x00\x04\x72\x75\x6e\x30\x73\x71\x00\x7e" +
"\x00\x0b\xff\xff\xff\xff\x71\x00\x7e\x00\x24\x70\x71\x00\x7e\x00" +
"\x18\x73\x71\x00\x7e\x00\x0b\xff\xff\xff\xff\x74\x00\x27\x6a\x61" +
"\x76\x61\x2e\x75\x74\x69\x6c\x2e\x63\x6f\x6e\x63\x75\x72\x72\x65" +
"\x6e\x74\x2e\x54\x68\x72\x65\x61\x64\x50\x6f\x6f\x6c\x45\x78\x65" +
"\x63\x75\x74\x6f\x72\x70\x74\x00\x09\x72\x75\x6e\x57\x6f\x72\x6b" +
"\x65\x72\x73\x71\x00\x7e\x00\x0b\xff\xff\xff\xff\x74\x00\x2e\x6a" +
"\x61\x76\x61\x2e\x75\x74\x69\x6c\x2e\x63\x6f\x6e\x63\x75\x72\x72" +
"\x65\x6e\x74\x2e\x54\x68\x72\x65\x61\x64\x50\x6f\x6f\x6c\x45\x78" +
"\x65\x63\x75\x74\x6f\x72\x24\x57\x6f\x72\x6b\x65\x72\x70\x71\x00" +
"\x7e\x00\x18\x73\x71\x00\x7e\x00\x0b\xff\xff\xff\xff\x74\x00\x10" +
"\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x54\x68\x72\x65\x61\x64" +
"\x70\x71\x00\x7e\x00\x18\x73\x72\x00\x26\x6a\x61\x76\x61\x2e\x75" +
"\x74\x69\x6c\x2e\x43\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x24" +
"\x55\x6e\x6d\x6f\x64\x69\x66\x69\x61\x62\x6c\x65\x4c\x69\x73\x74" +
"\xfc\x0f\x25\x31\xb5\xec\x8e\x10\x02\x00\x01\x4c\x00\x04\x6c\x69" +
"\x73\x74\x71\x00\x7e\x00\x06\x70\x78\x72\x00\x2c\x6a\x61\x76\x61" +
"\x2e\x75\x74\x69\x6c\x2e\x43\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e" +
"\x73\x24\x55\x6e\x6d\x6f\x64\x69\x66\x69\x61\x62\x6c\x65\x43\x6f" +
"\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x19\x42\x00\x80\xcb\x5e\xf7\x1e" +
"\x02\x00\x01\x4c\x00\x01\x63\x74\x00\x16\x4c\x6a\x61\x76\x61\x2f" +
"\x75\x74\x69\x6c\x2f\x43\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x3b" +
"\x70\x78\x70\x73\x72\x00\x13\x6a\x61\x76\x61\x2e\x75\x74\x69\x6c" +
"\x2e\x41\x72\x72\x61\x79\x4c\x69\x73\x74\x78\x81\xd2\x1d\x99\xc7" +
"\x61\x9d\x03\x00\x01\x49\x00\x04\x73\x69\x7a\x65\x70\x78\x70\x00" +
"\x00\x00\x00\x77\x04\x00\x00\x00\x00\x78\x71\x00\x7e\x00\x33\x78"
end
include_context "Msf::StringIO"
let(:name) do
'jmxrmi'
@ -149,50 +24,33 @@ describe Msf::Exploit::Remote::Java::Rmi::Client::Registry do
mod
end
let(:io) { StringIO.new('', 'w+b') }
describe "#send_registry_list" do
context "when there aren't names registered" do
before(:each) do
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.seek(0)
io.write(list_empty_response)
io.seek(0)
end
allow_any_instance_of(::StringIO).to receive(:get_once) do |io, length, timeout|
io.read
end
allow_any_instance_of(::StringIO).to receive(:has_read_data?) do |io|
false
end
end
let(:list_empty_response) {
"\x51\xac\xed\x00\x05\x77\x0f\x01\xbb\x2e\x19\xae\x00\x00\x01\x4c" +
"\x32\xa9\x92\x56\x80\x04\x75\x72\x00\x13\x5b\x4c\x6a\x61\x76\x61" +
"\x2e\x6c\x61\x6e\x67\x2e\x53\x74\x72\x69\x6e\x67\x3b\xad\xd2\x56" +
"\xe7\xe9\x1d\x7b\x47\x02\x00\x00\x70\x78\x70\x00\x00\x00\x00"
}
it "returns empty array" do
expect(mod.send_registry_list(sock: io)).to eq([])
msf_io.msf_data = list_empty_response
expect(mod.send_registry_list(sock: msf_io)).to eq([])
end
end
context "when there are names registered" do
before(:each) do
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.seek(0)
io.write(list_with_names_response)
io.seek(0)
end
allow_any_instance_of(::StringIO).to receive(:get_once) do |io, length, timeout|
io.read
end
allow_any_instance_of(::StringIO).to receive(:has_read_data?) do |io|
false
end
end
let(:list_with_names_response) {
"\x51\xac\xed\x00\x05\x77\x0f\x01\x82\x73\x92\x35\x00\x00\x01\x4c" +
"\x48\x27\x84\x49\x80\xb9\x75\x72\x00\x13\x5b\x4c\x6a\x61\x76\x61" +
"\x2e\x6c\x61\x6e\x67\x2e\x53\x74\x72\x69\x6e\x67\x3b\xad\xd2\x56" +
"\xe7\xe9\x1d\x7b\x47\x02\x00\x00\x70\x78\x70\x00\x00\x00\x01\x74" +
"\x00\x06\x6a\x6d\x78\x72\x6d\x69"
}
it "returns the list of registered names" do
expect(mod.send_registry_list(sock: io)).to eq([name])
msf_io.msf_data = list_with_names_response
expect(mod.send_registry_list(sock: msf_io)).to eq([name])
end
end
@ -200,46 +58,126 @@ describe Msf::Exploit::Remote::Java::Rmi::Client::Registry do
describe "#send_registry_lookup" do
context "when there isn't an interface bound" do
before(:each) do
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.seek(0)
io.write(lookup_exception)
io.seek(0)
end
allow_any_instance_of(::StringIO).to receive(:get_once) do |io, length, timeout|
io.read
end
allow_any_instance_of(::StringIO).to receive(:has_read_data?) do |io|
false
end
end
let(:lookup_exception) {
"\x51\xac\xed\x00\x05\x77\x0f\x02\x82\x73\x92\x35\x00\x00\x01\x4c" +
"\x48\x27\x84\x49\x80\xbc\x73\x72\x00\x1a\x6a\x61\x76\x61\x2e\x72" +
"\x6d\x69\x2e\x4e\x6f\x74\x42\x6f\x75\x6e\x64\x45\x78\x63\x65\x70" +
"\x74\x69\x6f\x6e\xe6\x37\xf9\xa7\x2d\x7c\x3a\xfb\x02\x00\x00\x70" +
"\x78\x72\x00\x13\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x45\x78" +
"\x63\x65\x70\x74\x69\x6f\x6e\xd0\xfd\x1f\x3e\x1a\x3b\x1c\xc4\x02" +
"\x00\x00\x70\x78\x72\x00\x13\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67" +
"\x2e\x54\x68\x72\x6f\x77\x61\x62\x6c\x65\xd5\xc6\x35\x27\x39\x77" +
"\xb8\xcb\x03\x00\x04\x4c\x00\x05\x63\x61\x75\x73\x65\x74\x00\x15" +
"\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x54\x68\x72\x6f\x77" +
"\x61\x62\x6c\x65\x3b\x4c\x00\x0d\x64\x65\x74\x61\x69\x6c\x4d\x65" +
"\x73\x73\x61\x67\x65\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61" +
"\x6e\x67\x2f\x53\x74\x72\x69\x6e\x67\x3b\x5b\x00\x0a\x73\x74\x61" +
"\x63\x6b\x54\x72\x61\x63\x65\x74\x00\x1e\x5b\x4c\x6a\x61\x76\x61" +
"\x2f\x6c\x61\x6e\x67\x2f\x53\x74\x61\x63\x6b\x54\x72\x61\x63\x65" +
"\x45\x6c\x65\x6d\x65\x6e\x74\x3b\x4c\x00\x14\x73\x75\x70\x70\x72" +
"\x65\x73\x73\x65\x64\x45\x78\x63\x65\x70\x74\x69\x6f\x6e\x73\x74" +
"\x00\x10\x4c\x6a\x61\x76\x61\x2f\x75\x74\x69\x6c\x2f\x4c\x69\x73" +
"\x74\x3b\x70\x78\x70\x71\x00\x7e\x00\x07\x74\x00\x2f\x4e\x6f\x74" +
"\x20\x62\x6f\x75\x6e\x64\x3a\x20\x22\x74\x65\x73\x74\x22\x20\x28" +
"\x6f\x6e\x6c\x79\x20\x62\x6f\x75\x6e\x64\x20\x6e\x61\x6d\x65\x20" +
"\x69\x73\x20\x22\x6a\x6d\x78\x72\x6d\x69\x22\x29\x75\x72\x00\x1e" +
"\x5b\x4c\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x53\x74\x61\x63" +
"\x6b\x54\x72\x61\x63\x65\x45\x6c\x65\x6d\x65\x6e\x74\x3b\x02\x46" +
"\x2a\x3c\x3c\xfd\x22\x39\x02\x00\x00\x70\x78\x70\x00\x00\x00\x0e" +
"\x73\x72\x00\x1b\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x53\x74" +
"\x61\x63\x6b\x54\x72\x61\x63\x65\x45\x6c\x65\x6d\x65\x6e\x74\x61" +
"\x09\xc5\x9a\x26\x36\xdd\x85\x02\x00\x04\x49\x00\x0a\x6c\x69\x6e" +
"\x65\x4e\x75\x6d\x62\x65\x72\x4c\x00\x0e\x64\x65\x63\x6c\x61\x72" +
"\x69\x6e\x67\x43\x6c\x61\x73\x73\x71\x00\x7e\x00\x04\x4c\x00\x08" +
"\x66\x69\x6c\x65\x4e\x61\x6d\x65\x71\x00\x7e\x00\x04\x4c\x00\x0a" +
"\x6d\x65\x74\x68\x6f\x64\x4e\x61\x6d\x65\x71\x00\x7e\x00\x04\x70" +
"\x78\x70\xff\xff\xff\xff\x74\x00\x2c\x73\x75\x6e\x2e\x6d\x61\x6e" +
"\x61\x67\x65\x6d\x65\x6e\x74\x2e\x6a\x6d\x78\x72\x65\x6d\x6f\x74" +
"\x65\x2e\x53\x69\x6e\x67\x6c\x65\x45\x6e\x74\x72\x79\x52\x65\x67" +
"\x69\x73\x74\x72\x79\x70\x74\x00\x06\x6c\x6f\x6f\x6b\x75\x70\x73" +
"\x71\x00\x7e\x00\x0b\xff\xff\xff\xff\x74\x00\x22\x73\x75\x6e\x2e" +
"\x72\x6d\x69\x2e\x72\x65\x67\x69\x73\x74\x72\x79\x2e\x52\x65\x67" +
"\x69\x73\x74\x72\x79\x49\x6d\x70\x6c\x5f\x53\x6b\x65\x6c\x70\x74" +
"\x00\x08\x64\x69\x73\x70\x61\x74\x63\x68\x73\x71\x00\x7e\x00\x0b" +
"\xff\xff\xff\xff\x74\x00\x1f\x73\x75\x6e\x2e\x72\x6d\x69\x2e\x73" +
"\x65\x72\x76\x65\x72\x2e\x55\x6e\x69\x63\x61\x73\x74\x53\x65\x72" +
"\x76\x65\x72\x52\x65\x66\x70\x74\x00\x0b\x6f\x6c\x64\x44\x69\x73" +
"\x70\x61\x74\x63\x68\x73\x71\x00\x7e\x00\x0b\xff\xff\xff\xff\x71" +
"\x00\x7e\x00\x13\x70\x71\x00\x7e\x00\x11\x73\x71\x00\x7e\x00\x0b" +
"\xff\xff\xff\xff\x74\x00\x1d\x73\x75\x6e\x2e\x72\x6d\x69\x2e\x74" +
"\x72\x61\x6e\x73\x70\x6f\x72\x74\x2e\x54\x72\x61\x6e\x73\x70\x6f" +
"\x72\x74\x24\x31\x70\x74\x00\x03\x72\x75\x6e\x73\x71\x00\x7e\x00" +
"\x0b\xff\xff\xff\xff\x71\x00\x7e\x00\x17\x70\x71\x00\x7e\x00\x18" +
"\x73\x71\x00\x7e\x00\x0b\xff\xff\xff\xfe\x74\x00\x1e\x6a\x61\x76" +
"\x61\x2e\x73\x65\x63\x75\x72\x69\x74\x79\x2e\x41\x63\x63\x65\x73" +
"\x73\x43\x6f\x6e\x74\x72\x6f\x6c\x6c\x65\x72\x70\x74\x00\x0c\x64" +
"\x6f\x50\x72\x69\x76\x69\x6c\x65\x67\x65\x64\x73\x71\x00\x7e\x00" +
"\x0b\xff\xff\xff\xff\x74\x00\x1b\x73\x75\x6e\x2e\x72\x6d\x69\x2e" +
"\x74\x72\x61\x6e\x73\x70\x6f\x72\x74\x2e\x54\x72\x61\x6e\x73\x70" +
"\x6f\x72\x74\x70\x74\x00\x0b\x73\x65\x72\x76\x69\x63\x65\x43\x61" +
"\x6c\x6c\x73\x71\x00\x7e\x00\x0b\xff\xff\xff\xff\x74\x00\x22\x73" +
"\x75\x6e\x2e\x72\x6d\x69\x2e\x74\x72\x61\x6e\x73\x70\x6f\x72\x74" +
"\x2e\x74\x63\x70\x2e\x54\x43\x50\x54\x72\x61\x6e\x73\x70\x6f\x72" +
"\x74\x70\x74\x00\x0e\x68\x61\x6e\x64\x6c\x65\x4d\x65\x73\x73\x61" +
"\x67\x65\x73\x73\x71\x00\x7e\x00\x0b\xff\xff\xff\xff\x74\x00\x34" +
"\x73\x75\x6e\x2e\x72\x6d\x69\x2e\x74\x72\x61\x6e\x73\x70\x6f\x72" +
"\x74\x2e\x74\x63\x70\x2e\x54\x43\x50\x54\x72\x61\x6e\x73\x70\x6f" +
"\x72\x74\x24\x43\x6f\x6e\x6e\x65\x63\x74\x69\x6f\x6e\x48\x61\x6e" +
"\x64\x6c\x65\x72\x70\x74\x00\x04\x72\x75\x6e\x30\x73\x71\x00\x7e" +
"\x00\x0b\xff\xff\xff\xff\x71\x00\x7e\x00\x24\x70\x71\x00\x7e\x00" +
"\x18\x73\x71\x00\x7e\x00\x0b\xff\xff\xff\xff\x74\x00\x27\x6a\x61" +
"\x76\x61\x2e\x75\x74\x69\x6c\x2e\x63\x6f\x6e\x63\x75\x72\x72\x65" +
"\x6e\x74\x2e\x54\x68\x72\x65\x61\x64\x50\x6f\x6f\x6c\x45\x78\x65" +
"\x63\x75\x74\x6f\x72\x70\x74\x00\x09\x72\x75\x6e\x57\x6f\x72\x6b" +
"\x65\x72\x73\x71\x00\x7e\x00\x0b\xff\xff\xff\xff\x74\x00\x2e\x6a" +
"\x61\x76\x61\x2e\x75\x74\x69\x6c\x2e\x63\x6f\x6e\x63\x75\x72\x72" +
"\x65\x6e\x74\x2e\x54\x68\x72\x65\x61\x64\x50\x6f\x6f\x6c\x45\x78" +
"\x65\x63\x75\x74\x6f\x72\x24\x57\x6f\x72\x6b\x65\x72\x70\x71\x00" +
"\x7e\x00\x18\x73\x71\x00\x7e\x00\x0b\xff\xff\xff\xff\x74\x00\x10" +
"\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x54\x68\x72\x65\x61\x64" +
"\x70\x71\x00\x7e\x00\x18\x73\x72\x00\x26\x6a\x61\x76\x61\x2e\x75" +
"\x74\x69\x6c\x2e\x43\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x24" +
"\x55\x6e\x6d\x6f\x64\x69\x66\x69\x61\x62\x6c\x65\x4c\x69\x73\x74" +
"\xfc\x0f\x25\x31\xb5\xec\x8e\x10\x02\x00\x01\x4c\x00\x04\x6c\x69" +
"\x73\x74\x71\x00\x7e\x00\x06\x70\x78\x72\x00\x2c\x6a\x61\x76\x61" +
"\x2e\x75\x74\x69\x6c\x2e\x43\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e" +
"\x73\x24\x55\x6e\x6d\x6f\x64\x69\x66\x69\x61\x62\x6c\x65\x43\x6f" +
"\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x19\x42\x00\x80\xcb\x5e\xf7\x1e" +
"\x02\x00\x01\x4c\x00\x01\x63\x74\x00\x16\x4c\x6a\x61\x76\x61\x2f" +
"\x75\x74\x69\x6c\x2f\x43\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x3b" +
"\x70\x78\x70\x73\x72\x00\x13\x6a\x61\x76\x61\x2e\x75\x74\x69\x6c" +
"\x2e\x41\x72\x72\x61\x79\x4c\x69\x73\x74\x78\x81\xd2\x1d\x99\xc7" +
"\x61\x9d\x03\x00\x01\x49\x00\x04\x73\x69\x7a\x65\x70\x78\x70\x00" +
"\x00\x00\x00\x77\x04\x00\x00\x00\x00\x78\x71\x00\x7e\x00\x33\x78"
}
it "raises an Rex::Proto::Rmi::Exception" do
expect { mod.send_registry_lookup(sock: io, name: 'test') }.to raise_error(Rex::Proto::Rmi::Exception)
msf_io.msf_data = lookup_exception
expect { mod.send_registry_lookup(sock: msf_io, name: 'test') }.to raise_error(Rex::Proto::Rmi::Exception)
end
end
context "when there is an interface bound" do
before(:each) do
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.seek(0)
io.write(lookup_response)
io.seek(0)
end
allow_any_instance_of(::StringIO).to receive(:get_once) do |io, length, timeout|
io.read
end
allow_any_instance_of(::StringIO).to receive(:has_read_data?) do |io|
false
end
end
let(:lookup_response) {
"\x51\xac\xed\x00\x05\x77\x0f\x01\x82\x73\x92\x35\x00\x00\x01\x4c" +
"\x48\x27\x84\x49\x80\xba\x73\x72\x00\x2e\x6a\x61\x76\x61\x78\x2e" +
"\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74\x2e\x72\x65\x6d\x6f\x74" +
"\x65\x2e\x72\x6d\x69\x2e\x52\x4d\x49\x53\x65\x72\x76\x65\x72\x49" +
"\x6d\x70\x6c\x5f\x53\x74\x75\x62\x00\x00\x00\x00\x00\x00\x00\x02" +
"\x02\x00\x00\x70\x78\x72\x00\x1a\x6a\x61\x76\x61\x2e\x72\x6d\x69" +
"\x2e\x73\x65\x72\x76\x65\x72\x2e\x52\x65\x6d\x6f\x74\x65\x53\x74" +
"\x75\x62\xe9\xfe\xdc\xc9\x8b\xe1\x65\x1a\x02\x00\x00\x70\x78\x72" +
"\x00\x1c\x6a\x61\x76\x61\x2e\x72\x6d\x69\x2e\x73\x65\x72\x76\x65" +
"\x72\x2e\x52\x65\x6d\x6f\x74\x65\x4f\x62\x6a\x65\x63\x74\xd3\x61" +
"\xb4\x91\x0c\x61\x33\x1e\x03\x00\x00\x70\x78\x70\x77\x37\x00\x0a" +
"\x55\x6e\x69\x63\x61\x73\x74\x52\x65\x66\x00\x0e\x31\x37\x32\x2e" +
"\x31\x36\x2e\x31\x35\x38\x2e\x31\x33\x32\x00\x00\x13\x26\xa0\x59" +
"\x9d\x0d\x09\xd3\x01\xbd\x82\x73\x92\x35\x00\x00\x01\x4c\x48\x27" +
"\x84\x49\x80\x01\x01\x78"
}
it "returns the reference information" do
expect(mod.send_registry_lookup(sock: io, name: name)[:object]).to eq(interface_class)
msf_io.msf_data = lookup_response
expect(mod.send_registry_lookup(sock: msf_io, name: name)[:object]).to eq(interface_class)
end
end
end

104
spec/lib/msf/core/exploit/remote/java/rmi/client_spec.rb
View File

@ -5,97 +5,97 @@ require 'rex/java/serialization'
require 'rex/proto/rmi'
require 'msf/core/exploit/java/rmi/client'
describe Msf::Exploit::Remote::Java::Rmi::Client do
subject(:mod) do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Java::Rmi::Client
mod.send(:initialize)
mod
end
RSpec.describe Msf::Exploit::Remote::Java::Rmi::Client do
let(:io) { StringIO.new('', 'w+b') }
let(:protocol_not_supported) { "\x4f" }
let(:protocol_not_supported_io) { StringIO.new(protocol_not_supported) }
let(:protocol_ack) { "\x4e\x00\x0e\x31\x37\x32\x2e\x31\x36\x2e\x31\x35\x38\x2e\x31\x33\x32\x00\x00\x06\xea" }
let(:protocol_ack_io) { StringIO.new(protocol_ack) }
let(:return_data) do
"\x51\xac\xed\x00\x05\x77\x0f\x01\xd2\x4f\xdf\x47\x00\x00\x01\x49" +
"\xb5\xe4\x92\x78\x80\x15\x73\x72\x00\x12\x6a\x61\x76\x61\x2e\x72" +
"\x6d\x69\x2e\x64\x67\x63\x2e\x4c\x65\x61\x73\x65\xb0\xb5\xe2\x66" +
"\x0c\x4a\xdc\x34\x02\x00\x02\x4a\x00\x05\x76\x61\x6c\x75\x65\x4c" +
"\x00\x04\x76\x6d\x69\x64\x74\x00\x13\x4c\x6a\x61\x76\x61\x2f\x72" +
"\x6d\x69\x2f\x64\x67\x63\x2f\x56\x4d\x49\x44\x3b\x70\x78\x70\x00" +
"\x00\x00\x00\x00\x09\x27\xc0\x73\x72\x00\x11\x6a\x61\x76\x61\x2e" +
"\x72\x6d\x69\x2e\x64\x67\x63\x2e\x56\x4d\x49\x44\xf8\x86\x5b\xaf" +
"\xa4\xa5\x6d\xb6\x02\x00\x02\x5b\x00\x04\x61\x64\x64\x72\x74\x00" +
"\x02\x5b\x42\x4c\x00\x03\x75\x69\x64\x74\x00\x15\x4c\x6a\x61\x76" +
"\x61\x2f\x72\x6d\x69\x2f\x73\x65\x72\x76\x65\x72\x2f\x55\x49\x44" +
"\x3b\x70\x78\x70\x75\x72\x00\x02\x5b\x42\xac\xf3\x17\xf8\x06\x08" +
"\x54\xe0\x02\x00\x00\x70\x78\x70\x00\x00\x00\x08\x6b\x02\xc7\x72" +
"\x60\x1c\xc7\x95\x73\x72\x00\x13\x6a\x61\x76\x61\x2e\x72\x6d\x69" +
"\x2e\x73\x65\x72\x76\x65\x72\x2e\x55\x49\x44\x0f\x12\x70\x0d\xbf" +
"\x36\x4f\x12\x02\x00\x03\x53\x00\x05\x63\x6f\x75\x6e\x74\x4a\x00" +
"\x04\x74\x69\x6d\x65\x49\x00\x06\x75\x6e\x69\x71\x75\x65\x70\x78" +
"\x70\x80\x01\x00\x00\x01\x49\xb5\xf8\x00\xea\xe9\x62\xc1\xc0"
end
let(:return_io) { StringIO.new(return_data) }
include_context "Msf::StringIO"
before(:each) do
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.write(data)
subject(:instance) {
klass.new
}
let(:klass) {
context_described_class = described_class
Class.new(Msf::Exploit) do
include context_described_class
end
allow_any_instance_of(::StringIO).to receive(:get_once) do |io, length, timeout|
io.read
end
allow_any_instance_of(::StringIO).to receive(:has_read_data?) do |io|
false
end
end
}
describe "#send_header" do
it "returns the number of bytes sent" do
expect(mod.send_header(sock: io)).to eq(13)
expect(instance.send_header(sock: msf_io)).to eq(13)
end
end
describe "#send_call" do
it "returns the number of bytes sent" do
expect(mod.send_call(sock: io)).to eq(41)
expect(instance.send_call(sock: msf_io)).to eq(41)
end
end
describe "#send_dgc_ack" do
it "returns the number of bytes sent" do
expect(mod.send_dgc_ack(sock: io)).to eq(15)
expect(instance.send_dgc_ack(sock: msf_io)).to eq(15)
end
end
describe "#recv_protocol_ack" do
context "when end point returns protocol ack" do
let(:protocol_ack) {
"\x4e\x00\x0e\x31\x37\x32\x2e\x31\x36\x2e\x31\x35\x38\x2e\x31\x33\x32\x00\x00\x06\xea"
}
it "returns a Rex::Proto::Rmi::Model::ProtocolAck" do
expect(mod.recv_protocol_ack(sock: protocol_ack_io)).to be_a(Rex::Proto::Rmi::Model::ProtocolAck)
msf_io.pos = 0
msf_io.string = protocol_ack
expect(instance.recv_protocol_ack(sock: msf_io)).to be_a(Rex::Proto::Rmi::Model::ProtocolAck)
end
end
context "when end point returns protocol not supported" do
let(:protocol_not_supported) { "\x4f" }
it "return nil" do
expect(mod.recv_protocol_ack(sock: protocol_not_supported_io)).to be_nil
msf_io.pos = 0
msf_io.string = protocol_not_supported
expect(instance.recv_protocol_ack(sock: msf_io)).to be_nil
end
end
end
describe "#recv_return" do
context "when end point returns a value to the call" do
let(:return_data) do
"\x51\xac\xed\x00\x05\x77\x0f\x01\xd2\x4f\xdf\x47\x00\x00\x01\x49" +
"\xb5\xe4\x92\x78\x80\x15\x73\x72\x00\x12\x6a\x61\x76\x61\x2e\x72" +
"\x6d\x69\x2e\x64\x67\x63\x2e\x4c\x65\x61\x73\x65\xb0\xb5\xe2\x66" +
"\x0c\x4a\xdc\x34\x02\x00\x02\x4a\x00\x05\x76\x61\x6c\x75\x65\x4c" +
"\x00\x04\x76\x6d\x69\x64\x74\x00\x13\x4c\x6a\x61\x76\x61\x2f\x72" +
"\x6d\x69\x2f\x64\x67\x63\x2f\x56\x4d\x49\x44\x3b\x70\x78\x70\x00" +
"\x00\x00\x00\x00\x09\x27\xc0\x73\x72\x00\x11\x6a\x61\x76\x61\x2e" +
"\x72\x6d\x69\x2e\x64\x67\x63\x2e\x56\x4d\x49\x44\xf8\x86\x5b\xaf" +
"\xa4\xa5\x6d\xb6\x02\x00\x02\x5b\x00\x04\x61\x64\x64\x72\x74\x00" +
"\x02\x5b\x42\x4c\x00\x03\x75\x69\x64\x74\x00\x15\x4c\x6a\x61\x76" +
"\x61\x2f\x72\x6d\x69\x2f\x73\x65\x72\x76\x65\x72\x2f\x55\x49\x44" +
"\x3b\x70\x78\x70\x75\x72\x00\x02\x5b\x42\xac\xf3\x17\xf8\x06\x08" +
"\x54\xe0\x02\x00\x00\x70\x78\x70\x00\x00\x00\x08\x6b\x02\xc7\x72" +
"\x60\x1c\xc7\x95\x73\x72\x00\x13\x6a\x61\x76\x61\x2e\x72\x6d\x69" +
"\x2e\x73\x65\x72\x76\x65\x72\x2e\x55\x49\x44\x0f\x12\x70\x0d\xbf" +
"\x36\x4f\x12\x02\x00\x03\x53\x00\x05\x63\x6f\x75\x6e\x74\x4a\x00" +
"\x04\x74\x69\x6d\x65\x49\x00\x06\x75\x6e\x69\x71\x75\x65\x70\x78" +
"\x70\x80\x01\x00\x00\x01\x49\xb5\xf8\x00\xea\xe9\x62\xc1\xc0"
end
it "returns a Rex::Java::Serialization::Model::Stream" do
expect(mod.recv_return(sock: return_io)).to be_a(Rex::Proto::Rmi::Model::ReturnValue)
msf_io.pos = 0
msf_io.string = return_data
expect(instance.recv_return(sock: msf_io)).to be_a(Rex::Proto::Rmi::Model::ReturnValue)
end
end
context "when end point doesn't return a value to the call" do
it "returns nil" do
expect(mod.recv_return(sock: io)).to be_nil
expect(instance.recv_return(sock: msf_io)).to be_nil
end
end
end

2
spec/lib/msf/core/exploit/remote/java/rmi/util_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'rex/java/serialization'
require 'msf/core/exploit/java/rmi/util'
describe Msf::Exploit::Remote::Java::Rmi::Util do
RSpec.describe Msf::Exploit::Remote::Java::Rmi::Util do
subject(:mod) do
mod = ::Msf::Exploit.new
mod.extend ::Msf::Exploit::Remote::Java::Rmi::Util

2
spec/lib/msf/core/exploit/smb/client/local_paths_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'msf/core'
require 'msf/core/data_store'
describe Msf::Exploit::Remote::SMB::Client::LocalPaths do
RSpec.describe Msf::Exploit::Remote::SMB::Client::LocalPaths do
subject do
mod = ::Msf::Module.new
mod.extend described_class

2
spec/lib/msf/core/exploit/smb/client/remote_paths_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'msf/core'
require 'msf/core/data_store'
describe Msf::Exploit::Remote::SMB::Client::RemotePaths do
RSpec.describe Msf::Exploit::Remote::SMB::Client::RemotePaths do
subject do
mod = ::Msf::Module.new
mod.extend described_class

19
spec/lib/msf/core/exploit/smb/server/share/command/close_spec.rb
View File

@ -5,7 +5,9 @@ require 'spec_helper'
require 'msf/core'
require 'msf/core/exploit/smb/server/share'
describe Msf::Exploit::Remote::SMB::Server::Share do
RSpec.describe Msf::Exploit::Remote::SMB::Server::Share do
include_context "Msf::StringIO"
subject(:mod) do
mod = Msf::Exploit.new
@ -15,8 +17,6 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
mod
end
let(:client_string) { '' }
let(:client) { StringIO.new(client_string) }
let(:response_length) { 39 }
let(:valid_response) do
"\x00\x00\x00\x23\xff\x53\x4d\x42" +
@ -28,28 +28,23 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
before(:each) do
mod.instance_variable_set('@state', {
client => {
msf_io => {
:multiplex_id => 0x41424344,
:process_id => 0x45464748,
:file_id => 0xdead,
:dir_id => 0xbeef
}
})
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.write(data)
end
end
describe "#send_close_res" do
it "returns the number of bytes sent" do
expect(mod.send_close_res(client)).to eq(response_length)
expect(mod.send_close_res(msf_io)).to eq(response_length)
end
it "sends a valid SMB_COM_CLOSE response to the client" do
mod.send_close_res(client)
client.seek(0)
res = client.read
mod.send_close_res(msf_io)
res = msf_io.read
expect(res).to eq(valid_response)
end
end

26
spec/lib/msf/core/exploit/smb/server/share/command/negotiate_spec.rb
View File

@ -6,7 +6,9 @@ require 'msf/core'
require 'msf/core/exploit/smb/server/share'
require 'rex/proto/smb/constants'
describe Msf::Exploit::Remote::SMB::Server::Share do
RSpec.describe Msf::Exploit::Remote::SMB::Server::Share do
include_context "Msf::StringIO"
subject(:mod) do
mod = Msf::Exploit.new
@ -16,8 +18,6 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
mod
end
let(:client_string) { '' }
let(:client) { StringIO.new(client_string) }
let(:default_response_length) { 73 }
let(:default_response) do
"\x00\x00\x00\x45\xff\x53\x4d\x42" +
@ -47,7 +47,7 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
before(:each) do
mod.instance_variable_set('@state', {
client => {
msf_io => {
:multiplex_id => 0x41424344,
:process_id => 0x45464748,
:file_id => 0xdead,
@ -56,35 +56,29 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
})
mod.lo = 0
mod.hi = 0
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.write(data)
end
end
describe "#send_negotitate_res" do
it "returns the number of bytes sent" do
expect(mod.send_negotitate_res(client)).to eq(default_response_length)
expect(mod.send_negotitate_res(msf_io)).to eq(default_response_length)
end
it "sends a valid SMB_COM_NEGOTIATE response to the client" do
mod.send_negotitate_res(client)
client.seek(0)
res = client.read
mod.send_negotitate_res(msf_io)
res = msf_io.read
expect(res).to eq(default_response)
end
end
describe "#smb_cmd_negotiate" do
it "returns the number of bytes answered" do
expect(mod.smb_cmd_negotiate(client, valid_request)).to eq(valid_response_length)
expect(mod.smb_cmd_negotiate(msf_io, valid_request)).to eq(valid_response_length)
end
it "returns an 8 byte challenge" do
mod.smb_cmd_negotiate(client, valid_request)
client.seek(0)
mod.smb_cmd_negotiate(msf_io, valid_request)
pkt = Rex::Proto::SMB::Constants::SMB_NEG_RES_NT_PKT.make_struct
pkt.from_s(client.read)
pkt.from_s(msf_io.read)
expect(pkt['Payload'].v['KeyLength']).to eq(challenge_length)
end

35
spec/lib/msf/core/exploit/smb/server/share/command/nt_create_andx_spec.rb
View File

@ -5,7 +5,9 @@ require 'msf/core'
require 'msf/core/exploit/smb/server/share'
require 'rex/proto/smb/constants'
describe Msf::Exploit::Remote::SMB::Server::Share do
RSpec.describe Msf::Exploit::Remote::SMB::Server::Share do
include_context "Msf::StringIO"
subject(:mod) do
mod = Msf::Exploit.new
@ -15,9 +17,6 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
mod
end
let(:client_string) { '' }
let(:client) { StringIO.new(client_string) }
let(:default_response_length) { 139 }
let(:default_response) do
"\x00\x00\x00\x87\xff\x53\x4d\x42\xa2\x00\x00\x00\x00\x88\x01\xc8" +
@ -68,8 +67,9 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
let(:smb_error_length) { 39 }
before(:each) do
msf_io.string = ''
mod.instance_variable_set('@state', {
client => {
msf_io => {
:multiplex_id => 0x41424344,
:process_id => 0x45464748,
:file_id => 0xdead,
@ -81,21 +81,16 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
mod.share = 'test'
mod.file_name = 'false.exe'
mod.file_contents = 'metasploit'
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.write(data)
end
end
describe "#send_nt_create_andx_res" do
it "returns the number of bytes sent" do
expect(mod.send_nt_create_andx_res(client)).to eq(default_response_length)
expect(mod.send_nt_create_andx_res(msf_io)).to eq(default_response_length)
end
it "sends a valid SMB_COM_NT_CREATE_ANDX response to the client" do
mod.send_nt_create_andx_res(client)
client.seek(0)
res = client.read
mod.send_nt_create_andx_res(msf_io)
res = msf_io.read
expect(res).to eq(default_response)
end
end
@ -103,26 +98,24 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
describe "#smb_cmd_nt_create_andx" do
context "when valid request" do
it "returns the number of bytes answered" do
expect(mod.smb_cmd_nt_create_andx(client, valid_request)).to eq(default_response_length)
expect(mod.smb_cmd_nt_create_andx(msf_io, valid_request)).to eq(default_response_length)
end
it "sends a valid SMB_COM_NT_CREATE_ANDX response to the client" do
mod.smb_cmd_nt_create_andx(client, valid_request)
client.seek(0)
res = client.read
mod.smb_cmd_nt_create_andx(msf_io, valid_request)
res = msf_io.read
expect(res).to eq(valid_response)
end
end
context "when non existent path create requests" do
it "returns the number of bytes answered" do
expect(mod.smb_cmd_nt_create_andx(client, non_existent_path_request)).to eq(smb_error_length)
expect(mod.smb_cmd_nt_create_andx(msf_io, non_existent_path_request)).to eq(smb_error_length)
end
it "sends a SMB_STATUS_OBJECT_NAME_NOT_FOUND error response to the client" do
mod.smb_cmd_nt_create_andx(client, non_existent_path_request)
client.seek(0)
res = client.read
mod.smb_cmd_nt_create_andx(msf_io, non_existent_path_request)
res = msf_io.read
expect(res).to eq(smb_error_response)
end
end

35
spec/lib/msf/core/exploit/smb/server/share/command/read_andx_spec.rb
View File

@ -5,7 +5,9 @@ require 'msf/core'
require 'msf/core/exploit/smb/server/share'
require 'rex/proto/smb/constants'
describe Msf::Exploit::Remote::SMB::Server::Share do
RSpec.describe Msf::Exploit::Remote::SMB::Server::Share do
include_context "Msf::StringIO"
subject(:mod) do
mod = Msf::Exploit.new
@ -15,9 +17,6 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
mod
end
let(:client_string) { '' }
let(:client) { StringIO.new(client_string) }
let(:default_response_length) { 63 }
let(:default_response) do
"\x00\x00\x00\x3b\xff\x53\x4d\x42\x2e\x00\x00\x00\x00\x88\x01\xc8" +
@ -56,8 +55,9 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
let(:empty_response_length) { 63 }
before(:each) do
msf_io.string = ''
mod.instance_variable_set('@state', {
client => {
msf_io => {
:multiplex_id => 0x41424344,
:process_id => 0x45464748,
:file_id => 0xdead,
@ -69,21 +69,16 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
mod.share = 'test'
mod.file_name = 'false.exe'
mod.file_contents = 'metasploit'
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.write(data)
end
end
describe "#send_read_andx_res" do
it "returns the number of bytes sent" do
expect(mod.send_read_andx_res(client)).to eq(default_response_length)
expect(mod.send_read_andx_res(msf_io)).to eq(default_response_length)
end
it "sends a valid SMB_COM_NT_CREATE_ANDX response to the client" do
mod.send_read_andx_res(client)
client.seek(0)
res = client.read
mod.send_read_andx_res(msf_io)
res = msf_io.read
expect(res).to eq(default_response)
end
end
@ -92,26 +87,24 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
context "when read request for valid offset" do
it "returns the number of bytes answered" do
expect(mod.smb_cmd_read_andx(client, valid_request)).to eq(valid_response_length)
expect(mod.smb_cmd_read_andx(msf_io, valid_request)).to eq(valid_response_length)
end
it "sends a valid response with the contents to the client" do
mod.smb_cmd_read_andx(client, valid_request)
client.seek(0)
res = client.read
mod.smb_cmd_read_andx(msf_io, valid_request)
res = msf_io.read
expect(res).to eq(valid_response)
end
end
context "when read request for invalid offset" do
it "returns the number of bytes answered" do
expect(mod.smb_cmd_read_andx(client, invalid_offset_request)).to eq(empty_response_length)
expect(mod.smb_cmd_read_andx(msf_io, invalid_offset_request)).to eq(empty_response_length)
end
it "sends an empty read response to the client" do
mod.smb_cmd_read_andx(client, invalid_offset_request)
client.seek(0)
res = client.read
mod.smb_cmd_read_andx(msf_io, invalid_offset_request)
res = msf_io.read
expect(res).to eq(empty_response)
end
end

35
spec/lib/msf/core/exploit/smb/server/share/command/session_setup_andx_spec.rb
View File

@ -5,7 +5,9 @@ require 'msf/core'
require 'msf/core/exploit/smb/server/share'
require 'rex/proto/smb/constants'
describe Msf::Exploit::Remote::SMB::Server::Share do
RSpec.describe Msf::Exploit::Remote::SMB::Server::Share do
include_context "Msf::StringIO"
subject(:mod) do
mod = Msf::Exploit.new
@ -15,9 +17,6 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
mod
end
let(:client_string) { '' }
let(:client) { StringIO.new(client_string) }
let(:default_response_length) { 45 }
let(:default_response) do
"\x00\x00\x00\x29\xff\x53\x4d\x42\x73\x00\x00\x00\x00\x88\x01\xc8" +
@ -67,8 +66,9 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
let(:opts) { {} }
before(:each) do
msf_io.string = ''
mod.instance_variable_set('@state', {
client => {
msf_io => {
:multiplex_id => 0x41424344,
:process_id => 0x45464748,
:file_id => 0xdead,
@ -80,22 +80,17 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
mod.share = 'test'
mod.file_name = 'false.exe'
mod.file_contents = 'metasploit'
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.write(data)
end
end
describe "#send_session_setup_andx_res" do
context "when no extra command" do
it "returns the number of bytes sent" do
expect(mod.send_session_setup_andx_res(client)).to eq(default_response_length)
expect(mod.send_session_setup_andx_res(msf_io)).to eq(default_response_length)
end
it "sends a valid SMB_COM_SESSION_SETUP_ANDX response to the client" do
mod.send_session_setup_andx_res(client)
client.seek(0)
res = client.read
mod.send_session_setup_andx_res(msf_io)
res = msf_io.read
expect(res).to eq(default_response)
end
end
@ -107,13 +102,12 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
end
it "returns the number of bytes sent" do
expect(mod.send_session_setup_andx_res(client, opts)).to eq(default_tree_connect_response_length)
expect(mod.send_session_setup_andx_res(msf_io, opts)).to eq(default_tree_connect_response_length)
end
it "sends a valid SMB_COM_SESSION_SETUP_ANDX response to the client" do
mod.send_session_setup_andx_res(client, opts)
client.seek(0)
res = client.read
mod.send_session_setup_andx_res(msf_io, opts)
res = msf_io.read
expect(res).to eq(default_tree_connect_response)
end
end
@ -121,13 +115,12 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
describe "#smb_cmd_session_setup_andx" do
it "returns the number of bytes answered" do
expect(mod.smb_cmd_session_setup_andx(client, valid_request)).to eq(valid_response_length)
expect(mod.smb_cmd_session_setup_andx(msf_io, valid_request)).to eq(valid_response_length)
end
it "sends a valid SMB_COM_SESSION_SETUP_ANDX response to the client" do
mod.smb_cmd_session_setup_andx(client, valid_request)
client.seek(0)
res = client.read
mod.smb_cmd_session_setup_andx(msf_io, valid_request)
res = msf_io.read
expect(res).to eq(valid_response)
end
end

21
spec/lib/msf/core/exploit/smb/server/share/command/trans2/find_first2_spec.rb
View File

@ -5,7 +5,9 @@ require 'msf/core'
require 'msf/core/exploit/smb/server/share'
require 'rex/proto/smb/constants'
describe Msf::Exploit::Remote::SMB::Server::Share do
RSpec.describe Msf::Exploit::Remote::SMB::Server::Share do
include_context "Msf::StringIO"
subject(:mod) do
mod = Msf::Exploit.new
@ -15,9 +17,6 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
mod
end
let(:client_string) { '' }
let(:client) { StringIO.new(client_string) }
let(:valid_find_file_both_directory_info_params) do
"\x16\x00\x56\x05\x07\x00\x04\x01\x00\x00\x00\x00\x5c\x00\x74\x00" +
"\x65\x00\x73\x00\x74\x00\x2e\x00\x65\x00\x78\x00\x65\x00\x00\x00"
@ -25,8 +24,9 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
let(:find_file_both_directory_info_res_length) { 179 }
before(:each) do
msf_io.string = ''
mod.instance_variable_set('@state', {
client => {
msf_io => {
:multiplex_id => 0x41424344,
:process_id => 0x45464748,
:file_id => 0xdead,
@ -38,23 +38,18 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
mod.share = 'test'
mod.file_name = 'test.exe'
mod.file_contents = 'metasploit'
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.write(data)
end
end
describe "#smb_cmd_trans2_find_first2" do
context "when valid SMB_FIND_FILE_BOTH_DIRECTORY_INFO parameters" do
it "returns the number of bytes answered" do
expect(mod.smb_cmd_trans2_find_first2(client, valid_find_file_both_directory_info_params)).to eq(find_file_both_directory_info_res_length)
expect(mod.smb_cmd_trans2_find_first2(msf_io, valid_find_file_both_directory_info_params)).to eq(find_file_both_directory_info_res_length)
end
it "send TRANSACTIONS2 response with the file name found in the SMB_Data" do
mod.smb_cmd_trans2_find_first2(client, valid_find_file_both_directory_info_params)
client.seek(0)
res = client.read
mod.smb_cmd_trans2_find_first2(msf_io, valid_find_file_both_directory_info_params)
res = msf_io.read
trans2_res = Rex::Proto::SMB::Constants::SMB_TRANS_RES_PKT.make_struct
trans2_res.from_s(res)

20
spec/lib/msf/core/exploit/smb/server/share/command/trans2/query_file_information_spec.rb
View File

@ -5,7 +5,9 @@ require 'msf/core'
require 'msf/core/exploit/smb/server/share'
require 'rex/proto/smb/constants'
describe Msf::Exploit::Remote::SMB::Server::Share do
RSpec.describe Msf::Exploit::Remote::SMB::Server::Share do
include_context "Msf::StringIO"
subject(:mod) do
mod = Msf::Exploit.new
@ -15,9 +17,6 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
mod
end
let(:client_string) { '' }
let(:client) { StringIO.new(client_string) }
let(:valid_query_file_standard_info_params) do
"\xad\xde\xed\x03"
end
@ -25,7 +24,7 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
before(:each) do
mod.instance_variable_set('@state', {
client => {
msf_io => {
:multiplex_id => 0x41424344,
:process_id => 0x45464748,
:file_id => 0xdead,
@ -37,23 +36,18 @@ describe Msf::Exploit::Remote::SMB::Server::Share do
mod.share = 'test'
mod.file_name = 'test.exe'
mod.file_contents = 'metasploit'
allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
io.write(data)
end
end
describe "#smb_cmd_trans2_query_file_information" do
context "when valid SMB_QUERY_FILE_STANDARD_INFO parameters" do
it "returns the number of bytes answered" do
expect(mod.smb_cmd_trans2_query_file_information(client, valid_query_file_standard_info_params)).to eq(query_file_standard_info_res_length)
expect(mod.smb_cmd_trans2_query_file_information(msf_io, valid_query_file_standard_info_params)).to eq(query_file_standard_info_res_length)
end
it "send SMB_QUERY_FILE_STANDARD_INFO response with the file size" do
mod.smb_cmd_trans2_query_file_information(client, valid_query_file_standard_info_params)
client.seek(0)
res = client.read
mod.smb_cmd_trans2_query_file_information(msf_io, valid_query_file_standard_info_params)
res = msf_io.read
trans2_res = Rex::Proto::SMB::Constants::SMB_TRANS_RES_PKT.make_struct
trans2_res.from_s(res)

Some files were not shown because too many files have changed in this diff Show More