dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Run rubocop --fix-layout test

This commit is contained in:
adfoster-r7 2022-04-28 15:06:43 +01:00
parent bf00619717
commit 29cc349649
No known key found for this signature in database
GPG Key ID: 3BD4FA3818818F04
52 changed files with 1368 additions and 1440 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
test/functional/framework/msfconsole_spec.rb
View File

@ -7,22 +7,17 @@ require 'fileutils'
require 'msf_matchers'
require 'msf_test_case'
module MsfTest
include MsfTest::MsfMatchers
include MsfTest::MsfMatchers
## This spec exists to help us describe the behavior of msfconsole - TODO
describe "Msfconsole" do
## This spec exists to help us describe the behavior of msfconsole - TODO
describe "Msfconsole" do
###
# Setup!
###
before :all do
@working_directory = File.dirname(__FILE__)
## Static specs will make use of RC files here
@ -43,12 +38,11 @@ describe "Msfconsole" do
end
after :each do
end
after :all do
## Clean up
#FileUtils.rm_rf(@temp_directory)
# FileUtils.rm_rf(@temp_directory)
end
###
@ -56,11 +50,13 @@ describe "Msfconsole" do
###
it "should start and let us run help" do
data = start_console_and_run_rc("help","#{@static_resource_directory}/help.rc")
data = start_console_and_run_rc("help", "#{@static_resource_directory}/help.rc")
success_strings = [ 'help',
success_strings = [
'help',
'Database Backend Commands',
'Core Commands' ]
'Core Commands'
]
failure_strings = [] | generic_failure_strings
failure_exception_strings = [] | generic_failure_exception_strings
@ -106,7 +102,6 @@ describe "Msfconsole" do
Dir.mkdir(@temp_output_directory)
Dir.glob("#{@working_directory}/msftest/*.msftest").each do |filename|
## Parse this test case
test_case = MsfTestCase.new(filename)
puts "Found #{test_case.name} in: #{filename}"
@ -117,22 +112,21 @@ describe "Msfconsole" do
## Create the rspec Test Case
it "should #{test_case.name}" do
## Gather the success / failure strings, and combine with the generics
success_strings = test_case.expected_successes
failure_strings = test_case.expected_failures | generic_failure_strings
failure_exception_strings = test_case.expected_failure_exceptions | generic_failure_exception_strings
## run the commands
data = start_console_and_run_rc( test_case.name, "#{@temp_input_directory}/#{test_case.name}.rc")
data = start_console_and_run_rc(test_case.name, "#{@temp_input_directory}/#{test_case.name}.rc")
## check the output
data.should contain_all_successes(success_strings)
data.should contain_no_failures_except(failure_strings, failure_exception_strings)
## Clean up
#File.delete("#{@temp_input_directory}/#{test_case.name}.rc")
#File.delete("#{@temp_output_directory}/#{test_case.name}")
# File.delete("#{@temp_input_directory}/#{test_case.name}.rc")
# File.delete("#{@temp_output_directory}/#{test_case.name}")
end
end
@ -151,7 +145,7 @@ describe "Msfconsole" do
[]
end
def start_console_and_run_rc(name,rc_file, database_file=false)
def start_console_and_run_rc(name, rc_file, database_file = false)
output_file = "#{@temp_output_directory}/#{name}"
if database_file
@ -172,10 +166,11 @@ describe "Msfconsole" do
## Fire it off against a known-vulnerable host
session = @framework.exploits.create(exploit_name).exploit_simple(
'Options' => {'RHOST' => "vulnerable", "SMBUser" => "administrator", "SMBPass" => ""},
'Options' => { 'RHOST' => "vulnerable", "SMBUser" => "administrator", "SMBPass" => "" },
'Payload' => payload_name,
'LocalInput' => input,
'LocalOutput' => output)
'LocalOutput' => output
)
## If a session came back, try to interact with it.
if session
@ -189,7 +184,6 @@ describe "Msfconsole" do
raise "Not Implemented"
end
def generate_java_meterpreter_session(input, output)
raise "Not Implemented"
end
@ -206,5 +200,5 @@ describe "Msfconsole" do
end
return data
end
end
end
end

12
test/functional/meterpreter/java_meterpreter_specs.rb
View File

@ -1,19 +1,15 @@
module MsfTest
module JavaMeterpreterSpecs
module JavaMeterpreterSpecs
## This file is intended to be used in conjunction with a harness,
## such as meterpreter_win32_spec.rb
def self.included(base)
base.class_eval do
it "should not error when taking a screenshot" do
success_strings = [ 'Screenshot saved to' ]
hlp_run_command_check_output("screenshot","screenshot", success_strings)
end
hlp_run_command_check_output("screenshot", "screenshot", success_strings)
end
end
end
end
end
end

17
test/functional/meterpreter/meterpreter_java_spec.rb
View File

@ -7,9 +7,7 @@ require 'meterpreter_spec_helper'
require 'meterpreter_specs'
module MsfTest
describe "JavaMeterpreter" do
describe "JavaMeterpreter" do
# This include brings in all the spec helper methods
include MsfTest::MeterpreterSpecHelper
@ -40,7 +38,6 @@ describe "JavaMeterpreter" do
end
before :each do
end
after :each do
@ -48,14 +45,12 @@ describe "JavaMeterpreter" do
end
after :all do
#FileUtils.rm_rf("*.jpeg")
#FileUtils.rm_rf("payload.jar")
# FileUtils.rm_rf("*.jpeg")
# FileUtils.rm_rf("payload.jar")
FileUtils.rm_rf(@output_directory)
end
def create_session_java
## Setup for win32
@framework = Msf::Simple::Framework.create
@ -75,7 +70,8 @@ describe "JavaMeterpreter" do
'Options' => {},
'Payload' => @payload_name,
'LocalInput' => @input,
'LocalOutput' => @output)
'LocalOutput' => @output
)
puts @session.inspect
@ -86,6 +82,5 @@ describe "JavaMeterpreter" do
raise Exception "Couldn't get a session!"
end
end
end
end
end

15
test/functional/meterpreter/meterpreter_php_spec.rb
View File

@ -7,9 +7,7 @@ require 'meterpreter_spec_helper'
require 'meterpreter_specs'
module MsfTest
describe "PhpMeterpreter" do
describe "PhpMeterpreter" do
# This include brings in all the spec helper methods
include MsfTest::MeterpreterSpecHelper
@ -36,7 +34,6 @@ describe "PhpMeterpreter" do
end
before :each do
end
after :each do
@ -47,9 +44,7 @@ describe "PhpMeterpreter" do
FileUtils.rm_rf(@output_directory)
end
def create_session_php
## Setup for php
@framework = Msf::Simple::Framework.create
@ -63,10 +58,11 @@ describe "PhpMeterpreter" do
## Fire it off against a known-vulnerable host
@session = exploit.exploit_simple(
'Options' => {'RHOST' => "metasploitable"},
'Options' => { 'RHOST' => "metasploitable" },
'Payload' => @payload_name,
'LocalInput' => @input,
'LocalOutput' => @output)
'LocalOutput' => @output
)
puts @session.inspect
@ -77,6 +73,5 @@ describe "PhpMeterpreter" do
raise Exception "Couldn't get a session!"
end
end
end
end
end

11
test/functional/meterpreter/meterpreter_spec_helper.rb
View File

@ -1,19 +1,16 @@
module MsfTest
module MeterpreterSpecHelper
module MeterpreterSpecHelper
def self.included(base)
base.class_eval do
def generic_failure_strings
['fail', 'error', 'exception']
end
def generic_failure_exception_strings
['nserror.dll', 'tiki-error.php','tiki-error_simple.php','tiki-rss_error.php'] ##ugh, this is dependent on the target
['nserror.dll', 'tiki-error.php', 'tiki-error_simple.php', 'tiki-rss_error.php'] # #ugh, this is dependent on the target
end
def hlp_run_command_check_output(name,command,success_strings=[],fail_strings=[], fail_exception_strings=[])
def hlp_run_command_check_output(name, command, success_strings = [], fail_strings = [], fail_exception_strings = [])
fail_strings = fail_strings | generic_failure_strings
fail_exception_strings = fail_exception_strings | generic_failure_exception_strings
@ -54,5 +51,5 @@ module MeterpreterSpecHelper
end
end
end
end
end
end

45
test/functional/meterpreter/meterpreter_specs.rb
View File

@ -1,11 +1,10 @@
module MsfTest
module MeterpreterSpecs
module MeterpreterSpecs
def self.included(base)
base.class_eval do
it "should not error when running each command" do
commands = [ "?",
commands = [
"?",
"background",
"bgkill",
"bglist",
@ -15,9 +14,9 @@ module MeterpreterSpecs
"exit",
"help",
"interact",
#"irb",
# "irb",
"migrate",
#"quit",
# "quit",
"read",
"run",
"use",
@ -27,7 +26,7 @@ module MeterpreterSpecs
"cd",
"del",
"download",
#"edit",
# "edit",
"getlwd",
"getwd",
"lcd",
@ -50,11 +49,11 @@ module MeterpreterSpecs
"getuid",
"kill",
"ps",
#"reboot",
# "reboot",
"reg",
"rev2self",
#"shell",
#"shutdown",
# "shell",
# "shutdown",
"steal_token",
"sysinfo",
"enumdesktops",
@ -73,37 +72,39 @@ module MeterpreterSpecs
## Run each command, check for execeptions
commands.each do |command|
hlp_run_command_check_output("basic_#{command}",command)
hlp_run_command_check_output("basic_#{command}", command)
end
end
it "should not error when running help" do
success_strings = [ 'Core Commands',
success_strings = [
'Core Commands',
'Stdapi: File system Commands',
'Stdapi: Networking Commands',
'Stdapi: System Commands',
'Stdapi: User interface Commands']
'Stdapi: User interface Commands'
]
hlp_run_command_check_output("help","help", success_strings)
hlp_run_command_check_output("help", "help", success_strings)
end
it "should not error when running the help shortcut" do
success_strings = [ 'Core Commands',
success_strings = [
'Core Commands',
'Stdapi: File system Commands',
'Stdapi: Networking Commands',
'Stdapi: System Commands',
'Stdapi: User interface Commands' ]
'Stdapi: User interface Commands'
]
hlp_run_command_check_output("help_shortcut","?", success_strings)
hlp_run_command_check_output("help_shortcut", "?", success_strings)
end
it "should not error when checking for background channels" do
success_strings = [ 'No active channels.' ]
hlp_run_command_check_output("channel_list_empty","channel -l", success_strings)
end
hlp_run_command_check_output("channel_list_empty", "channel -l", success_strings)
end
end
end
end
end
end

19
test/functional/meterpreter/meterpreter_win32_spec.rb
View File

@ -10,13 +10,10 @@ require 'meterpreter_specs'
require 'windows_meterpreter_specs'
module MsfTest
describe "Win32Meterpreter" do
describe "Win32Meterpreter" do
# Include Custom Matchers
include MsfTest::MsfMatchers
# This include brings in all the spec helper methods
include MsfTest::MeterpreterSpecHelper
@ -47,7 +44,6 @@ describe "Win32Meterpreter" do
end
before :each do
end
after :each do
@ -55,7 +51,6 @@ describe "Win32Meterpreter" do
end
after :all do
## Clean up test output
FileUtils.rm_rf(@output_directory)
@ -67,11 +62,9 @@ describe "Win32Meterpreter" do
File.delete(file)
end
end
end
def create_session_windows_x32
## Setup for win32
@framework = Msf::Simple::Framework.create
@exploit_name = 'windows/smb/psexec'
@ -84,10 +77,11 @@ describe "Win32Meterpreter" do
## Fire it off against a known-vulnerable host
@session = exploit.exploit_simple(
'Options' => {'RHOST' => "vulnerable", "SMBUser" => "administrator", "SMBPass" => ""},
'Options' => { 'RHOST' => "vulnerable", "SMBUser" => "administrator", "SMBPass" => "" },
'Payload' => @payload_name,
'LocalInput' => @input,
'LocalOutput' => @output)
'LocalOutput' => @output
)
## If a session came back, try to interact with it.
if @session
@ -95,9 +89,8 @@ describe "Win32Meterpreter" do
@session.load_stdapi
else
puts "unable to get session"
#flunk "Couldn't get a session!"
# flunk "Couldn't get a session!"
end
end
end
end
end

33
test/functional/meterpreter/windows_meterpreter_specs.rb
View File

@ -1,15 +1,15 @@
module MsfTest
module WindowsMeterpreterSpecs
module WindowsMeterpreterSpecs
## This file is intended to be used in conjunction with a harness,
## such as meterpreter_win32_spec.rb
def self.included(base)
base.class_eval do
it "should not error when uploading a file to a windows box" do
upload_success_strings = [ 'uploading',
'uploaded' ]
upload_success_strings = [
'uploading',
'uploaded'
]
## create a file to upload
filename = "/tmp/whatever"
@ -19,31 +19,28 @@ module WindowsMeterpreterSpecs
hlp_string_to_file("owned!", filename)
## run the upload / quit commands
hlp_run_command_check_output("upload","upload #{filename} C:\\", upload_success_strings)
#hlp_run_command_check_output("quit","quit")
hlp_run_command_check_output("upload", "upload #{filename} C:\\", upload_success_strings)
# hlp_run_command_check_output("quit","quit")
## clean up
FileUtils.rm(filename)
end
it "should show the priv commands when running help" do
success_strings = ['Priv: Elevate Commands',
success_strings = [
'Priv: Elevate Commands',
'Priv: Password database Commands',
'Priv: Timestomp Commands' ]
hlp_run_command_check_output("help_shortcut","help", success_strings)
'Priv: Timestomp Commands'
]
hlp_run_command_check_output("help_shortcut", "help", success_strings)
end
it "should not error when taking a screenshot" do
success_strings = [ 'Screenshot saved to' ]
hlp_run_command_check_output("screenshot","screenshot", success_strings)
end
hlp_run_command_check_output("screenshot", "screenshot", success_strings)
end
end
end
end
end
end

2
test/hooks/array_to_s.rb
View File

@ -1,7 +1,7 @@
class Array
@@to_s_reported = {}
def to_s(*args)
if(not @@to_s_reported[caller[0].to_s])
if (not @@to_s_reported[caller[0].to_s])
$stderr.puts "HOOK: Array#to_s at #{caller.join("\t")}"
@@to_s_reported[caller[0].to_s] = true
end

1
test/hooks/string_idx.rb
View File

@ -1,7 +1,6 @@
class String
@@idx_reported = {}
def [](*args)
if args.length == 1 && args[0].class == ::Integer && !@@idx_reported[caller[0].to_s]
$stderr.puts "HOOK: String[idx] #{caller.join("\t")}\n\n"
@@idx_reported[caller[0].to_s] = true

19
test/lib/module_test.rb
View File

@ -1,12 +1,9 @@
module Msf
module ModuleTest
module ModuleTest
attr_accessor :tests
attr_accessor :failures
def initialize(info={})
def initialize(info = {})
@tests = 0
@failures = 0
super
@ -17,10 +14,9 @@ module ModuleTest
tests.each { |test_method|
self.send(test_method)
}
end
def it(msg="", &block)
def it(msg = "", &block)
@tests += 1
begin
result = block.call
@ -41,12 +37,12 @@ module ModuleTest
print_good("#{msg}")
end
def pending(msg="", &block)
def pending(msg = "", &block)
print_status("PENDING: #{msg}")
end
end
end
module ModuleTest::PostTest
module ModuleTest::PostTest
include ModuleTest
def run
print_status("Running against session #{datastore["SESSION"]}")
@ -63,6 +59,5 @@ module ModuleTest::PostTest
print_status("Passed: #{@tests - @failures}; Failed: #{@failures}")
end
end
end
end
end

30
test/lib/msf_matchers.rb
View File

@ -2,9 +2,7 @@ $:.unshift(File.join((File.dirname(__FILE__))))
require 'regexr'
module MsfTest
module MsfMatchers
module MsfMatchers
class ContainACompleteTest
def initialize()
@ -13,7 +11,7 @@ module MsfMatchers
def matches?(data)
@data = data
return @r.verify_start_and_end(@data,"meterpreter_functional_test_start", "meterpreter_functional_test_end")
return @r.verify_start_and_end(@data, "meterpreter_functional_test_start", "meterpreter_functional_test_end")
end
def failure_message
@ -32,15 +30,16 @@ module MsfMatchers
class ContainAllSuccesses
def initialize(successes=[])
def initialize(successes = [])
@successes = successes
@r = Regexr.new(true)
end
def matches?(data)
@data = data
@string = @r.find_strings_that_dont_exist_in_data(@data,@successes)
@string = @r.find_strings_that_dont_exist_in_data(@data, @successes)
return true if !@string
nil
end
@ -52,16 +51,16 @@ module MsfMatchers
"expected to miss successes but found'm all :("
end
#alias :have_all_successes :contain_all_successes
# alias :have_all_successes :contain_all_successes
end
def contain_all_successes(successes=[])
def contain_all_successes(successes = [])
ContainAllSuccesses.new(successes)
end
class ContainNoFailuresExcept
def initialize(failures=[],exceptions=[])
def initialize(failures = [], exceptions = [])
@failures = failures
@exceptions = exceptions
@r = Regexr.new(true)
@ -69,8 +68,9 @@ module MsfMatchers
def matches?(data)
@data = data
@string = @r.find_strings_that_exist_in_data_except(@data,@failures,@exceptions)
@string = @r.find_strings_that_exist_in_data_except(@data, @failures, @exceptions)
return true if !@string
nil
end
@ -82,13 +82,11 @@ module MsfMatchers
"expected to find failures, but didn't find any :("
end
#alias :have_no_failures :contain_no_failures
# alias :have_no_failures :contain_no_failures
end
def contain_no_failures_except(failures=[],exceptions=[])
ContainNoFailuresExcept.new(failures,exceptions)
def contain_no_failures_except(failures = [], exceptions = [])
ContainNoFailuresExcept.new(failures, exceptions)
end
end
end
end

14
test/lib/regexr.rb
View File

@ -6,13 +6,13 @@
class Regexr
def initialize(verbose=false, case_insensitive=true)
def initialize(verbose = false, case_insensitive = true)
@verbose = verbose
@case_insensitive = case_insensitive
end
# Check for the beginning and end lines. Handy when you need to ensure a log has started & completed
def verify_start_and_end(data,the_start,the_end)
def verify_start_and_end(data, the_start, the_end)
return false unless data
data_lines = data.split("\n")
@ -27,7 +27,7 @@ class Regexr
end
# Scan for any number of success lines. In order to pass, all successes must match.
def find_strings_that_dont_exist_in_data(data,regexes=[])
def find_strings_that_dont_exist_in_data(data, regexes = [])
return false unless data
data_lines = data.split("\n")
@ -38,15 +38,13 @@ class Regexr
target_successes = regexes.size
success_count = 0
regexes.each { |condition|
## assume we haven't got it
found = false
re = Regexp.new(condition, @case_insensitive)
## for each of our data lines
data_lines.each {|line|
data_lines.each { |line|
## if it's a match
if line =~ re
found = true
@ -64,8 +62,7 @@ class Regexr
end
# Scan for failures -- if any single failure matches, the test returns true.
def find_strings_that_exist_in_data_except(data,regexes=[],exceptions=[])
def find_strings_that_exist_in_data_except(data, regexes = [], exceptions = [])
return false unless data
data_lines = data.split("\n")
@ -73,7 +70,6 @@ class Regexr
return nil unless regexes ## count as a pass
regexes.each { |condition|
## for each failure condition that we've been passed
re = Regexp.new(condition, @case_insensitive)

11
test/modules/auxiliary/test/capture.rb
View File

@ -3,8 +3,6 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Auxiliary::Report
@ -16,12 +14,10 @@ class MetasploitModule < Msf::Auxiliary
'Description' => 'This module sniffs HTTP GET requests from the network',
'Author' => 'hdm',
'License' => MSF_LICENSE,
'Actions' =>
[
'Actions' => [
[ 'Sniffer' ]
],
'PassiveActions' =>
[
'PassiveActions' => [
'Sniffer'
],
'DefaultAction' => 'Sniffer'
@ -39,16 +35,15 @@ class MetasploitModule < Msf::Auxiliary
p = PacketFu::Packet.parse(pkt)
next unless p.is_tcp?
next if p.payload.empty?
if (p.payload =~ /GET\s+([^\s]+)\s+HTTP/smi)
url = $1
print_status("GET #{url}")
break if url =~ /StopCapture/
end
end
close_pcap()
print_status("Finished sniffing")
end
end

17
test/modules/auxiliary/test/check.rb
View File

@ -3,33 +3,34 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Auxiliary::Report
include Msf::Exploit::Remote::HttpClient
def initialize(info = {})
super(update_info(info,
super(
update_info(
info,
'Name' => "Check Test",
'Description' => %q{
This module ensures that 'check' actually functions for Auxiilary modules.
},
'References' =>
[
'References' => [
[ 'OSVDB', '0' ]
],
'Author' =>
[
'Author' => [
'todb'
],
'License' => MSF_LICENSE
))
)
)
register_options(
[
Opt::RPORT(80)
], self.class)
], self.class
)
end
def check

5
test/modules/auxiliary/test/eth_spoof.rb
View File

@ -3,8 +3,6 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Auxiliary::Report
@ -16,8 +14,7 @@ class MetasploitModule < Msf::Auxiliary
'Description' => 'This module sends spoofed ethernet frames',
'Author' => 'hdm',
'License' => MSF_LICENSE,
'Actions' =>
[
'Actions' => [
[ 'Spoofer' ]
],
'DefaultAction' => 'Spoofer'

19
test/modules/auxiliary/test/ftp_data.rb
View File

@ -3,7 +3,6 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Remote::Ftp
@ -16,7 +15,6 @@ class MetasploitModule < Msf::Auxiliary
'License' => MSF_LICENSE
)
register_options(
[
OptString.new('UPLOADDIR', [ true, "The directory to use for the upload test", '/incoming' ])
@ -25,7 +23,6 @@ class MetasploitModule < Msf::Auxiliary
end
def run
begin
if (not connect_login)
return
@ -34,24 +31,24 @@ class MetasploitModule < Msf::Auxiliary
curdir = ""
# change to the upload directory
result = send_cmd( ["CWD", datastore['UPLOADDIR']], true )
result = send_cmd(["CWD", datastore['UPLOADDIR']], true)
print_status("CWD response: #{result.inspect}")
# find out what the server thinks this dir is
result = send_cmd( ["PWD"], true )
result = send_cmd(["PWD"], true)
print_status("PWD response: #{result.inspect}")
if (result =~ /257\s\"(.+)\"/)
curdir = $1
end
curdir = "/" + curdir if curdir[0] != "/"
curdir << "/" if curdir[-1,1] != "/"
curdir << "/" if curdir[-1, 1] != "/"
# generate some data to upload
data = Rex::Text.rand_text_alphanumeric(1024)
#print_status("data:\n" + Rex::Text.to_hex_dump(data))
# print_status("data:\n" + Rex::Text.to_hex_dump(data))
# test putting data
result = send_cmd_data(["PUT", curdir+"test"], data, "I")
result = send_cmd_data(["PUT", curdir + "test"], data, "I")
print_status("PUT response: #{result.inspect}")
# test fallthrough
@ -63,7 +60,7 @@ class MetasploitModule < Msf::Auxiliary
print_status("LS response: #{result.inspect}")
# test getting file
result = send_cmd_data(["GET", curdir+"test"], "A")
result = send_cmd_data(["GET", curdir + "test"], "A")
print_status("GET response: #{result[0].inspect}")
# see if it matches
@ -74,13 +71,11 @@ class MetasploitModule < Msf::Auxiliary
end
# adios
result = send_cmd( ["QUIT"], true )
result = send_cmd(["QUIT"], true)
print_status("QUIT response: #{result.inspect}")
ensure
disconnect
end
end
end

20
test/modules/auxiliary/test/heaplib2.rb
View File

@ -3,35 +3,35 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
Rank = NormalRanking
include Msf::Exploit::Remote::HttpServer::HTML
def initialize(info={})
super(update_info(info,
def initialize(info = {})
super(
update_info(
info,
'Name' => "Heaplib2 Test",
'Description' => %q{
This tests heaplib2. Since it is a test module, it's not intended to do much useful work in the field.
},
'License' => MSF_LICENSE,
'Author' => [ 'sinn3r' ],
'References' =>
[
'References' => [
[ 'URL', 'https://metasploit.com' ]
],
'Platform' => 'win',
'Targets' =>
[
'Targets' => [
[ 'Automatic', {} ]
],
'Privileged' => false,
'DisclosureDate' => '2014-03-01',
'DefaultTarget' => 0))
'DefaultTarget' => 0
)
)
end
def on_request_uri(cli, request)
spray = %Q|
function log(msg) {
@ -71,7 +71,7 @@ class MetasploitModule < Msf::Auxiliary
|
print_status("Sending html")
send_response(cli, html, {'Content-Type'=>'text/html'})
send_response(cli, html, { 'Content-Type' => 'text/html' })
end
def run

23
test/modules/auxiliary/test/httpserver.rb
View File

@ -3,13 +3,14 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Remote::HttpServer
def initialize(info = {})
super(update_info(info,
super(
update_info(
info,
'Name' => 'Basic HttpServer Simulator',
'Description' => %q{
This is example of a basic HttpServer simulator, good for PR scenarios when a module
@ -19,30 +20,29 @@ class MetasploitModule < Msf::Auxiliary
This particular simulator will pretend to act like a Cisco ASA ASDM, so the
cisco_asa_asdm.rb module can do a live test against it.
},
'References' =>
[
'References' => [
[ 'URL', 'https://github.com/rapid7/metasploit-framework/pull/2720' ],
],
'DefaultOptions' =>
{
'DefaultOptions' => {
'SRVPORT' => 443,
'SSL' => true,
'URIPATH' => '/'
},
'Author' => [ 'sinn3r' ],
'License' => MSF_LICENSE
))
)
)
register_options(
[
OptString.new('USERNAME', [true, "The valid default username", "cisco"]),
OptString.new('PASSWORD', [true, "The valid default password", "cisco"])
], self.class)
], self.class
)
deregister_options('RHOST')
end
#
# Returns a response when the client is trying to check the connection
#
@ -50,7 +50,6 @@ class MetasploitModule < Msf::Auxiliary
send_response(cli, '')
end
#
# Returns a response when the client is trying to authenticate
#
@ -59,7 +58,7 @@ class MetasploitModule < Msf::Auxiliary
when 'GET'
# This must be the is_app_asdm? method asking
print_status("Responding to the is_app_asdm? method")
send_response(cli, '', {'Set-Cookie'=>'webvpn'})
send_response(cli, '', { 'Set-Cookie' => 'webvpn' })
when 'POST'
# This must be the do_login method. But before it can login, it must meet
@ -97,7 +96,6 @@ class MetasploitModule < Msf::Auxiliary
end
end
def on_request_uri(cli, req)
print_status("Received request: #{req.uri}")
@ -112,7 +110,6 @@ class MetasploitModule < Msf::Auxiliary
send_not_found(cli)
end
def run
exploit
end

10
test/modules/auxiliary/test/ip_spoof.rb
View File

@ -3,8 +3,6 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Capture
@ -25,8 +23,7 @@ class MetasploitModule < Msf::Auxiliary
@@havepcap = false
end
deregister_options('FILTER','PCAPFILE')
deregister_options('FILTER', 'PCAPFILE')
end
def run_host(ip)
@ -39,7 +36,7 @@ class MetasploitModule < Msf::Auxiliary
p.udp_dport = 53
p.payload = "HELLO WORLD"
p.recalc
ret = send(ip,p)
ret = send(ip, p)
if ret == :done
print_good("#{ip}: Sent a packet to #{ip} from #{ip}")
else
@ -48,7 +45,7 @@ class MetasploitModule < Msf::Auxiliary
close_pcap
end
def send(ip,pkt)
def send(ip, pkt)
begin
capture_sendto(pkt, ip)
rescue RuntimeError => e
@ -57,5 +54,4 @@ class MetasploitModule < Msf::Auxiliary
return :done
end
end

12
test/modules/auxiliary/test/recon_passive.rb
View File

@ -3,8 +3,6 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Auxiliary::Report
@ -16,12 +14,10 @@ class MetasploitModule < Msf::Auxiliary
'Description' => 'Simple Recon Module Tester',
'Author' => 'hdm',
'License' => MSF_LICENSE,
'Actions' =>
[
'Actions' => [
['Continuous Port Sweep']
],
'PassiveActions' =>
[
'PassiveActions' => [
'Continuous Port Sweep'
]
)
@ -30,8 +26,8 @@ class MetasploitModule < Msf::Auxiliary
[
Opt::RHOST,
Opt::RPORT,
], self.class)
], self.class
)
end
def run

27
test/modules/auxiliary/test/report_auth_info.rb
View File

@ -3,7 +3,6 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
FAKE_IP = '192.168.12.123'
@ -13,14 +12,17 @@ class MetasploitModule < Msf::Auxiliary
FAKE_PROOF = 'proof'
def initialize(info = {})
super(update_info(info,
super(
update_info(
info,
'Name' => "report_cred Test",
'Description' => %q{
This module will test every auxiliary module's report_cred method
},
'Author' => [ 'sinn3r' ],
'License' => MSF_LICENSE
))
)
)
end
def test_novell_mdm_creds
@ -135,7 +137,7 @@ class MetasploitModule < Msf::Auxiliary
def test_dlink_dsl320b_password_extractor
mod = framework.auxiliary.create('admin/http/dlink_dsl320b_password_extractor')
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'http', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF )
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'http', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
end
def test_nexpose_xxe_file_read
@ -165,7 +167,7 @@ class MetasploitModule < Msf::Auxiliary
def test_vnc
mod = framework.auxiliary.create('server/capture/vnc')
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'vnc_client', user: '', password: FAKE_PASS, proof: FAKE_PROOF )
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'vnc_client', user: '', password: FAKE_PASS, proof: FAKE_PROOF)
end
def test_smtp
@ -175,12 +177,12 @@ class MetasploitModule < Msf::Auxiliary
def test_sip
mod = framework.auxiliary.create('server/capture/sip')
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'sip_client', user:FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'sip_client', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
end
def test_oracle_login
mod = framework.auxiliary.create('admin/oracle/oracle_login')
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'oracle', user: FAKE_USER, password: FAKE_PASS )
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'oracle', user: FAKE_USER, password: FAKE_PASS)
end
def test_postgresql
@ -190,12 +192,12 @@ class MetasploitModule < Msf::Auxiliary
def test_pop3
mod = framework.auxiliary.create('server/capture/pop3')
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'pop3', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF )
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'pop3', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
end
def test_http_basic
mod = framework.auxiliary.create('server/capture/http_basic')
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'HTTP', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF )
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'HTTP', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
end
def test_ftp
@ -245,7 +247,7 @@ class MetasploitModule < Msf::Auxiliary
def test_msf_rpc_login
mod = framework.auxiliary.create('scanner/msf/msf_rpc_login')
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'msf-rpc', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF )
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'msf-rpc', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
end
def test_mongodb_login
@ -305,7 +307,7 @@ class MetasploitModule < Msf::Auxiliary
def test_rfcode_reader_enum
mod = framework.auxiliary.create('scanner/http/rfcode_reader_enum')
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'RFCode Reader', user: FAKE_USER, password:FAKE_PASS, proof: FAKE_PROOF)
mod.report_cred(ip: FAKE_IP, port: FAKE_PORT, service_name: 'RFCode Reader', user: FAKE_USER, password: FAKE_PASS, proof: FAKE_PROOF)
end
def test_radware_appdictor_enum
@ -485,6 +487,7 @@ class MetasploitModule < Msf::Auxiliary
counter_bad = 0
self.methods.each do |m|
next if m.to_s !~ /^test_.+/
print_status("Trying: ##{m.to_s}")
begin
self.send(m)
@ -492,7 +495,7 @@ class MetasploitModule < Msf::Auxiliary
counter_good += 1
rescue ::Exception => e
print_error("That blew up :-(")
print_line("#{e.class} #{e.message}\n#{e.backtrace*"\n"}")
print_line("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
counter_bad += 1
ensure
print_line

6
test/modules/auxiliary/test/scanner_batch.rb
View File

@ -3,8 +3,6 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Auxiliary::Scanner
@ -20,8 +18,8 @@ class MetasploitModule < Msf::Auxiliary
register_options(
[
Opt::RPORT,
], self.class)
], self.class
)
end
def run_batch_size

6
test/modules/auxiliary/test/scanner_host.rb
View File

@ -3,8 +3,6 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Auxiliary::Scanner
@ -20,8 +18,8 @@ class MetasploitModule < Msf::Auxiliary
register_options(
[
Opt::RPORT,
], self.class)
], self.class
)
end
def run_host(ip)

17
test/modules/auxiliary/test/space_check.rb
View File

@ -3,33 +3,34 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Auxiliary::Report
include Msf::Exploit::Remote::HttpClient
def initialize(info = {})
super(update_info(info,
super(
update_info(
info,
'Name' => "Check Test",
'Description' => %q{
This module ensures that 'check' actually functions for Auxiilary modules.
},
'References' =>
[
'References' => [
[ 'OSVDB', '0' ]
],
'Author' =>
[
'Author' => [
'todb'
],
'License' => MSF_LICENSE
))
)
)
register_options(
[
Opt::RPORT(80)
], self.class)
], self.class
)
end
def check

10
test/modules/auxiliary/test/sqlite_lab.rb
View File

@ -8,18 +8,16 @@ class MetasploitModule < Msf::Auxiliary
update_info(
info,
'Name' => 'SQLite injection testing module',
'Description' => '
'Description' => %q{
This module tests the SQL injection library against the SQLite database management system
The target : https://github.com/incredibleindishell/sqlite-lab
',
'Author' =>
[
},
'Author' => [
'Redouane NIBOUCHA <rniboucha[at]yahoo.fr>'
],
'License' => MSF_LICENSE,
'Platform' => %w[linux],
'References' =>
[],
'References' => [],
'Targets' => [['Wildcard Target', {}]],
'DefaultTarget' => 0
)

27
test/modules/exploits/test/aggressive.rb
View File

@ -3,29 +3,27 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = ManualRanking
include Msf::Exploit::Remote::Tcp
def initialize(info = {})
super(update_info(info,
super(
update_info(
info,
'Name' => 'Internal Aggressive Test Exploit',
'Description' =>
"This module tests the exploitation of a test service.",
'Description' => "This module tests the exploitation of a test service.",
'Author' => 'skape',
'License' => MSF_LICENSE,
'Arch' => 'x86',
'Payload' =>
{
'Payload' => {
'Space' => 1000,
'MaxNops' => 0,
'BadChars' => "\x00",
'StackAdjustment' => -3500,
},
'Targets' =>
[
'Targets' => [
# Target 0: Universal
[
'Any Platform',
@ -58,7 +56,8 @@ class MetasploitModule < Msf::Exploit::Remote
}
}
],
[ 'Test context encoder',
[
'Test context encoder',
{
'Platform' => [ 'linux', 'win' ],
'Payload' =>
@ -68,16 +67,18 @@ class MetasploitModule < Msf::Exploit::Remote
}
]
],
'DefaultTarget' => 0))
'DefaultTarget' => 0
)
)
register_options(
[
OptBool.new('WaitForInput', [ false, "Wait for user input before returning from exploit", false ]),
OptInt.new('TestInteger', [ false, "Testing an integer value", nil ])
])
]
)
end
def autofilter
false
end
@ -89,7 +90,7 @@ class MetasploitModule < Msf::Exploit::Remote
def exploit
# Show disassembled payload for context encoder test
if target.name =~ /context encoder/
puts Rex::Assembly::Nasm.disassemble(payload.encoded[0,40])
puts Rex::Assembly::Nasm.disassemble(payload.encoded[0, 40])
end
connect

29
test/modules/exploits/test/browserexploitserver.rb
View File

@ -3,14 +3,15 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking
include Msf::Exploit::Remote::BrowserExploitServer
def initialize(info={})
super(update_info(info,
def initialize(info = {})
super(
update_info(
info,
'Name' => "IE Exploit for BrowserExploitServer Proof-of-Concept",
'Description' => %q{
Here's an example of building an exploit using the BrowserExploitServer.
@ -20,20 +21,17 @@ class MetasploitModule < Msf::Exploit::Remote
},
'License' => MSF_LICENSE,
'Author' => [ 'sinn3r' ],
'References' =>
[
'References' => [
[ 'URL', 'https://metasploit.com' ]
],
'Platform' => 'win',
'BrowserRequirements' =>
{
'BrowserRequirements' => {
:source => /script|headers/i,
#:clsid => "{D27CDB6E-AE6D-11cf-96B8-444553540000}", # ShockwaveFlash.ShockwaveFlash.1
#:method => "LoadMovie",
# :clsid => "{D27CDB6E-AE6D-11cf-96B8-444553540000}", # ShockwaveFlash.ShockwaveFlash.1
# :method => "LoadMovie",
:os_name => /win/i
},
'Targets' =>
[
'Targets' => [
[ 'Automatic', {} ],
[
'Windows XP with IE 8',
@ -67,14 +65,15 @@ class MetasploitModule < Msf::Exploit::Remote
]
],
'Payload' =>
{
'BadChars' => "\x00", #Our spray doesn't like null bytes
'Payload' => {
'BadChars' => "\x00", # Our spray doesn't like null bytes
'StackAdjustment' => -3500
},
'Privileged' => false,
'DisclosureDate' => '2013-04-01',
'DefaultTarget' => 0))
'DefaultTarget' => 0
)
)
end
#

17
test/modules/exploits/test/check.rb
View File

@ -3,31 +3,32 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit
def initialize(info = {})
super(update_info(info,
super(
update_info(
info,
'Name' => "Check Test Exploit",
'Description' => %q{
This module ensures that 'check' actually functions for Exploit modules.
},
'References' =>
[
'References' => [
[ 'OSVDB', '0' ]
],
'Author' =>
[
'Author' => [
'todb'
],
'License' => MSF_LICENSE,
'DisclosureDate' => '2013-05-23'
))
)
)
register_options(
[
Opt::RPORT(80)
], self.class)
], self.class
)
end
def check

30
test/modules/exploits/test/cmdweb.rb
View File

@ -3,7 +3,6 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = ManualRanking
# =( need more targets and perhaps more OS specific return values OS specific would be preferred
@ -12,47 +11,48 @@ class MetasploitModule < Msf::Exploit::Remote
include Msf::Exploit::CmdStager
def initialize(info = {})
super(update_info(info,
super(
update_info(
info,
'Name' => 'Command Stager Web Test',
'Description' => %q{
This module tests the command stager mixin against a shell.jsp application installed
on an Apache Tomcat server.
},
'Author' => 'bannedit',
'References' =>
[
'References' => [
],
'DefaultOptions' =>
{
'DefaultOptions' => {
},
'Payload' =>
{
'Payload' => {
},
'Platform' => 'win',
'Privileged' => true,
'Targets' =>
[
'Targets' => [
# need more but this will likely cover most cases
[ 'Automatic Targeting',
[
'Automatic Targeting',
{
'auto' => true
}
],
],
'DefaultTarget' => 0,
'DisclosureDate' => '2010-02-03'))
'DisclosureDate' => '2010-02-03'
)
)
register_options(
[
Opt::RPORT(8080),
], self.class)
], self.class
)
end
def autofilter
false
end
# This is method required for the CmdStager to work...
def execute_command(cmd, opts)
uri = opts[:uri]
@ -63,7 +63,6 @@ class MetasploitModule < Msf::Exploit::Remote
end
def exploit
opts = {
:delay => 0.5,
:uri => "/shell/shell.jsp?cmd=CMDS"
@ -72,7 +71,6 @@ class MetasploitModule < Msf::Exploit::Remote
execute_cmdstager(opts)
handler
end
end

20
test/modules/exploits/test/dialup.rb
View File

@ -3,37 +3,37 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = ManualRanking
include Msf::Exploit::Remote::Dialup
def initialize(info = {})
super(update_info(info,
super(
update_info(
info,
'Name' => 'Test Dialup Exploit',
'Description' => %q{
This exploit connects to a system's modem over dialup and provides
the user with a readout of the login banner.
},
'Author' =>
[
'Author' => [
'I)ruid',
],
'Arch' => ARCH_TTY,
'Platform' => ['unix'],
'License' => MSF_LICENSE,
'Payload' =>
{
'Payload' => {
'Space' => 1000,
'BadChars' => '',
'DisableNops' => true,
},
'Targets' =>
[
[ 'Automatic', { } ],
'Targets' => [
[ 'Automatic', {} ],
],
'DefaultTarget' => 0))
'DefaultTarget' => 0
)
)
end
def autofilter

29
test/modules/exploits/test/egghunter.rb
View File

@ -3,7 +3,6 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = ManualRanking
@ -11,43 +10,46 @@ class MetasploitModule < Msf::Exploit::Remote
include Msf::Exploit::Egghunter
def initialize(info = {})
super(update_info(info,
super(
update_info(
info,
'Name' => 'Internal Egghunter Test Exploit',
'Description' =>
"This module tests the exploitation of a test service using the Egghunter.",
'Description' => "This module tests the exploitation of a test service using the Egghunter.",
'Author' => 'jduck',
'License' => MSF_LICENSE,
'Arch' => ARCH_X86,
'Payload' =>
{
'Payload' => {
'Space' => 1000,
'MaxNops' => 0,
'BadChars' => "\x00",
'StackAdjustment' => -3500,
},
'Targets' =>
'Targets' => [
[
[ 'Windows',
'Windows',
{
'Platform' => 'win'
}
],
[ 'Linux',
[
'Linux',
{
'Platform' => 'linux'
}
]
],
'DefaultTarget' => 0))
'DefaultTarget' => 0
)
)
register_options(
[
OptBool.new('WaitForInput', [ false, "Wait for user input before returning from exploit", false ])
])
]
)
end
def autofilter
false
end
@ -57,7 +59,6 @@ class MetasploitModule < Msf::Exploit::Remote
end
def exploit
connect
print_status("Sending #{payload.encoded.length} byte payload...")
@ -70,7 +71,7 @@ class MetasploitModule < Msf::Exploit::Remote
sploit = ''
# break before?
#sploit << "\xcc"
# sploit << "\xcc"
sploit << eh_stub
# just return otherwise
sploit << "\xc3"

26
test/modules/exploits/test/explib2_ie11_drop_exec_test_case.rb
View File

@ -3,47 +3,45 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking
include Msf::Exploit::Remote::BrowserExploitServer
include Msf::Exploit::EXE
def initialize(info={})
super(update_info(info,
def initialize(info = {})
super(
update_info(
info,
'Name' => "Explib2 Drop Exec Test Case",
'Description' => %q{
This module allows to test integration of Explib2 into metasploit.
},
'License' => MSF_LICENSE,
'Author' =>
[
'Author' => [
'guhe120', # Original explib2 author
'juan vazquez'
],
'References' =>
[
'References' => [
[ 'URL', 'https://github.com/jvazquez-r7/explib2' ] # The original repo has been deleted
],
'Platform' => 'win',
'BrowserRequirements' =>
{
'BrowserRequirements' => {
:source => /script/i,
:os_name => OperatingSystems::WINDOWS,
:ua_name => HttpClients::IE,
:ua_ver => '11.0'
},
'Targets' =>
[
[ 'Automatic', { } ]
'Targets' => [
[ 'Automatic', {} ]
],
'DisclosureDate' => '2014-03-28',
'DefaultTarget' => 0))
'DefaultTarget' => 0
)
)
end
def exploit_html
exe_js = Rex::Text.to_unescape(generate_payload_exe, ENDIAN_LITTLE, "\\u")
template = %Q|<html>

25
test/modules/exploits/test/explib2_ie11_exec_test_case.rb
View File

@ -3,42 +3,41 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking
include Msf::Exploit::Remote::BrowserExploitServer
def initialize(info={})
super(update_info(info,
def initialize(info = {})
super(
update_info(
info,
'Name' => "Explib2 Exec Test Case",
'Description' => %q{
This module allows to test integration of Explib2 into metasploit.
},
'License' => MSF_LICENSE,
'Author' =>
[
'Author' => [
'guhe120', # Original explib2 author
'juan vazquez'
],
'References' =>
[
'References' => [
[ 'URL', 'https://github.com/jvazquez-r7/explib2' ] # The original repo has been deleted
],
'Platform' => 'win',
'BrowserRequirements' =>
{
'BrowserRequirements' => {
:source => /script/i,
:os_name => OperatingSystems::WINDOWS,
:ua_name => HttpClients::IE,
:ua_ver => '11.0'
},
'Targets' =>
[
[ 'Automatic', { } ]
'Targets' => [
[ 'Automatic', {} ]
],
'DisclosureDate' => '2014-03-28',
'DefaultTarget' => 0))
'DefaultTarget' => 0
)
)
end
def exploit_html

30
test/modules/exploits/test/exploitme.rb
View File

@ -3,27 +3,26 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = ManualRanking
include Msf::Exploit::Remote::Tcp
def initialize(info = {})
super(update_info(info,
super(
update_info(
info,
'Name' => 'MIPS Aggressive Test Exploit',
'Description' => 'This module tests the exploitation of a test service',
'Author' => ['skape', 'Julien Tinnes <julien[at]cr0.org>'],
'License' => MSF_LICENSE,
#'Arch' => ARCH_MIPSBE,
'Payload' =>
{
# 'Arch' => ARCH_MIPSBE,
'Payload' => {
'MaxNops' => 0,
#'BadChars' => "\x00",
#'StackAdjustment' => -3500,
# 'BadChars' => "\x00",
# 'StackAdjustment' => -3500,
},
'Targets' =>
[
'Targets' => [
# Target 0: Universal
[
'Mips big endian',
@ -82,18 +81,19 @@ class MetasploitModule < Msf::Exploit::Remote
}
],
],
'DefaultTarget' => 0))
'DefaultTarget' => 0
)
)
register_options(
[
OptBool.new('WaitForInput', [ false, "Wait for user input before returning from exploit", false ]),
OptInt.new('TestInteger', [ false, "Testing an integer value", nil ])
])
]
)
end
def autofilter
false
end
@ -105,8 +105,8 @@ class MetasploitModule < Msf::Exploit::Remote
def exploit
# Show disassembled payload for context encoder test
if target.name =~ /context encoder/
#puts Rex::Assembly::Nasm.disassemble(payload.encoded[0,40])
#FIXME: do this with metasm for MIPS (import new metasm version which fixes current bug!)
# puts Rex::Assembly::Nasm.disassemble(payload.encoded[0,40])
# FIXME: do this with metasm for MIPS (import new metasm version which fixes current bug!)
end
connect

24
test/modules/exploits/test/java_tester.rb
View File

@ -8,8 +8,10 @@ require 'rex'
class MetasploitModule < Msf::Exploit::Remote
Rank = ManualRanking
def initialize( info = {} )
super( update_info( info,
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Exec',
'Description' => %q{ },
'License' => MSF_LICENSE,
@ -18,20 +20,23 @@ class MetasploitModule < Msf::Exploit::Remote
'Platform' => [ 'java', 'linux' ],
'Arch' => ARCH_JAVA,
'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true },
'Targets' =>
'Targets' => [
[
[ 'Generic (Java Payload)', {
'Generic (Java Payload)', {
'Arch' => ARCH_JAVA,
'Platform' => 'java'
} ],
[ 'Linux', {
}
],
[
'Linux', {
'Arch' => ARCH_X86,
'Platform' => 'linux'
} ],
}
],
],
'DefaultTarget' => 0
))
)
)
end
def exploit
@ -47,4 +52,3 @@ class MetasploitModule < Msf::Exploit::Remote
end
end

19
test/modules/exploits/test/js_tester.rb
View File

@ -1,11 +1,12 @@
class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking
include Msf::Exploit::Remote::HttpServer::HTML
def initialize(info={})
super(update_info(info,
def initialize(info = {})
super(
update_info(
info,
'Name' => "IE Test for Javascript Libs",
'Description' => %q{
Tests Javascript hotness
@ -15,14 +16,15 @@ class MetasploitModule < Msf::Exploit::Remote
'References' => [ [ 'URL', 'https://metasploit.com' ] ],
'Platform' => 'win',
'Targets' => [ [ 'Automatic', {} ] ],
'Payload' =>
{
'Payload' => {
'BadChars' => "\x00",
'StackAdjustment' => -3500
},
'Privileged' => false,
'DisclosureDate' => '2013-04-01',
'DefaultTarget' => 0))
'DefaultTarget' => 0
)
)
end
def test_base64
@ -72,12 +74,10 @@ class MetasploitModule < Msf::Exploit::Remote
|
end
def on_request_uri(cli, request)
# Change the following to a specific function
js = test_base64
html = %Q|
<!doctype html>
<HTML XMLNS:t ="urn:schemas-microsoft-com:time">
@ -95,8 +95,7 @@ class MetasploitModule < Msf::Exploit::Remote
</html>
|
send_response(cli, html, {'Content-Type'=>'text/html', 'Cache-Control'=>'no-cache'})
send_response(cli, html, { 'Content-Type' => 'text/html', 'Cache-Control' => 'no-cache' })
end
end

20
test/modules/exploits/test/kernel.rb
View File

@ -3,7 +3,6 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
#
# This is a test exploit for testing kernel-mode payloads.
#
@ -14,22 +13,21 @@ class MetasploitModule < Msf::Exploit::Remote
include Msf::Exploit::KernelMode
def initialize(info = {})
super(update_info(info,
super(
update_info(
info,
'Name' => 'Internal Kernel-mode Test Exploit',
'Description' =>
"This module tests the exploitation of a kernel-mode test service.",
'Description' => "This module tests the exploitation of a kernel-mode test service.",
'Author' => 'skape',
'License' => MSF_LICENSE,
'Arch' => 'x86',
'Payload' =>
{
'Payload' => {
'Space' => 1000,
'MaxNops' => 0,
'Prepend' => "\x81\xc4\x54\xf2\xff\xff", # add esp, -3500
'PrependEncoder' => "\x81\xC4\x0C\xFE\xFF\xFF" # add esp, -500
},
'Targets' =>
[
'Targets' => [
[
'Windows XP SP2',
{
@ -46,7 +44,9 @@ class MetasploitModule < Msf::Exploit::Remote
}
],
],
'DefaultTarget' => 0))
'DefaultTarget' => 0
)
)
end
def autofilter
@ -72,7 +72,7 @@ class MetasploitModule < Msf::Exploit::Remote
udp_sock.put(buf)
select(nil,nil,nil,2)
select(nil, nil, nil, 2)
disconnect_udp
end

21
test/modules/exploits/test/shell.rb
View File

@ -3,14 +3,15 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = ManualRanking
include Msf::Exploit::Remote::Tcp
def initialize(info = {})
super(update_info(info,
super(
update_info(
info,
'Name' => 'Command Test',
'Description' => %q{
This module tests cmd payloads by targeting (for example) a server
@ -18,23 +19,23 @@ class MetasploitModule < Msf::Exploit::Remote
},
'Author' => 'egypt',
'References' => [ ],
'DefaultOptions' => { },
'Payload' =>
{
'DefaultOptions' => {},
'Payload' => {
},
'Platform' => 'unix',
'Arch' => ARCH_CMD,
'Targets' =>
[
[ 'Automatic Targeting', { } ],
'Targets' => [
[ 'Automatic Targeting', {} ],
],
'DefaultTarget' => 0
))
)
)
register_options(
[
Opt::RPORT(31337),
], self.class)
], self.class
)
end
def autofilter

8
test/modules/post/test/cmd_exec.rb
View File

@ -9,13 +9,16 @@ class MetasploitModule < Msf::Post
include Msf::Post::File
def initialize(info = {})
super(update_info(info,
super(
update_info(
info,
'Name' => 'Meterpreter cmd_exec test',
'Description' => %q( This module will test the meterpreter cmd_exec API ),
'License' => MSF_LICENSE,
'Platform' => ['windows', 'linux', 'unix'],
'SessionTypes' => ['meterpreter']
))
)
)
end
def test_cmd_exec
@ -107,6 +110,5 @@ class MetasploitModule < Msf::Post
output == test_string
end
end
end
end

30
test/modules/post/test/extapi.rb
View File

@ -1,4 +1,3 @@
require 'rex'
lib = File.join(Msf::Config.install_root, "test", "lib")
@ -9,23 +8,24 @@ class MetasploitModule < Msf::Post
include Msf::ModuleTest::PostTest
def initialize(info={})
super( update_info( info,
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Test Meterpreter ExtAPI Stuff',
'Description' => %q{ This module will test Windows Extended API methods },
'License' => MSF_LICENSE,
'Author' => [ 'Ben Campbell'],
'Platform' => [ 'windows', ],
'SessionTypes' => [ 'meterpreter' ]
))
)
)
end
#
# Check the extension is loaded...
#
def setup
unless session.extapi
vprint_status("Loading extapi extension...")
begin
@ -60,9 +60,9 @@ class MetasploitModule < Msf::Post
it "should return clipboard jpg dimensions" do
ret = false
#VK_PRINTSCREEN 154 Maybe needed on XP?
#VK_SNAPSHOT 44
session.railgun.user32.keybd_event(44,0,0,0)
# VK_PRINTSCREEN 154 Maybe needed on XP?
# VK_SNAPSHOT 44
session.railgun.user32.keybd_event(44, 0, 0, 0)
session.railgun.user32.keybd_event(44, 0, 'KEYEVENTF_KEYUP', 0)
clipboard = session.extapi.clipboard.get_data(false)
@ -103,15 +103,15 @@ class MetasploitModule < Msf::Post
it "should download clipboard jpg data" do
ret = false
#VK_PRINTSCREEN 154 Maybe needed on XP?
#VK_SNAPSHOT 44
session.railgun.user32.keybd_event(44,0,0,0)
# VK_PRINTSCREEN 154 Maybe needed on XP?
# VK_SNAPSHOT 44
session.railgun.user32.keybd_event(44, 0, 0, 0)
session.railgun.user32.keybd_event(44, 0, 'KEYEVENTF_KEYUP', 0)
clipboard = session.extapi.clipboard.get_data(true)
if clipboard && clipboard.first && (clipboard.first[:type] == :jpg) && !(clipboard.first[:data].empty?)
# JPG Magic Bytes
ret = (clipboard.first[:data][0,2] == "\xFF\xD8")
ret = (clipboard.first[:data][0, 2] == "\xFF\xD8")
end
ret
@ -183,14 +183,14 @@ class MetasploitModule < Msf::Post
windows = session.extapi.window.enumerate(true, nil)
if windows && windows.any?
unknowns = windows.select {|w| w[:title] == "<unknown>"}
unknowns = windows.select { |w| w[:title] == "<unknown>" }
ret = !unknowns.empty?
end
ret
end
parent = windows.select {|w| w[:title] =~ /program manager/i}
parent = windows.select { |w| w[:title] =~ /program manager/i }
if parent && parent.first
it "should return an array of a windows children" do

19
test/modules/post/test/get_env.rb
View File

@ -1,25 +1,27 @@
lib = File.join(Msf::Config.install_root, "test", "lib")
require 'module_test'
#load 'test/lib/module_test.rb'
#load 'lib/rex/text.rb'
#load 'lib/msf/core/post/common.rb'
# load 'test/lib/module_test.rb'
# load 'lib/rex/text.rb'
# load 'lib/msf/core/post/common.rb'
class MetasploitModule < Msf::Post
include Msf::ModuleTest::PostTest
include Msf::Post::Common
def initialize(info={})
super( update_info( info,
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Test Post::Common Get Envs',
'Description' => %q{ This module will test Post::Common get envs API methods },
'License' => MSF_LICENSE,
'Author' => [ 'Ben Campbell'],
'Platform' => [ 'windows', 'linux', 'java', 'python' ],
'SessionTypes' => [ 'meterpreter', 'shell' ]
))
)
)
end
def test_get_env_windows
@ -52,7 +54,7 @@ class MetasploitModule < Msf::Post
def test_get_envs
it "should return multiple envs" do
res = get_envs('PATH','USERNAME','USER')
res = get_envs('PATH', 'USERNAME', 'USER')
if session.platform =~ /win/i
!res['PATH'].blank? && !res['USERNAME'].blank?
else
@ -62,4 +64,3 @@ class MetasploitModule < Msf::Post
end
end

37
test/modules/post/test/meterpreter.rb
View File

@ -1,4 +1,3 @@
require 'rex/post/meterpreter/extensions/stdapi/command_ids'
require 'rex'
@ -10,20 +9,24 @@ class MetasploitModule < Msf::Post
include Msf::ModuleTest::PostTest
def initialize(info={})
super( update_info( info,
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Testing Meterpreter Stuff',
'Description' => %q{ This module will test meterpreter API methods },
'License' => MSF_LICENSE,
'Author' => [ 'egypt'],
'Platform' => [ 'windows', 'linux', 'java' ],
'SessionTypes' => [ 'meterpreter' ]
))
)
)
register_options(
[
OptBool.new("AddEntropy" , [false, "Add entropy token to file and directory names.", false]),
OptString.new("BaseFileName" , [true, "File/dir base name", "meterpreter-test"])
], self.class)
OptBool.new("AddEntropy", [false, "Add entropy token to file and directory names.", false]),
OptString.new("BaseFileName", [true, "File/dir base name", "meterpreter-test"])
], self.class
)
end
#
@ -81,7 +84,7 @@ class MetasploitModule < Msf::Post
ret &&= (list && list.length > 0)
if session.commands.include? Rex::Post::Meterpreter::Extensions::Stdapi::COMMAND_ID_STDAPI_SYS_PROCESS_GETPID
pid ||= session.sys.process.getpid
process = list.find{ |p| p['pid'] == pid }
process = list.find { |p| p['pid'] == pid }
vprint_status("PID info: #{process.inspect}")
ret &&= !(process.nil?)
else
@ -90,7 +93,6 @@ class MetasploitModule < Msf::Post
ret
end
end
def test_sys_config
@ -125,7 +127,7 @@ class MetasploitModule < Msf::Post
ifaces = session.net.config.get_interfaces
res = !!(ifaces and ifaces.length > 0)
res &&= !! ifaces.find { |iface|
res &&= !!ifaces.find { |iface|
iface.addrs.find { |addr|
addr == session.session_host
}
@ -141,13 +143,12 @@ class MetasploitModule < Msf::Post
routes and routes.length > 0
end
end
end
def test_fs
vprint_status("Starting filesystem tests")
if datastore["AddEntropy"]
entropy_value = '-' + ('a'..'z').to_a.shuffle[0,8].join
entropy_value = '-' + ('a'..'z').to_a.shuffle[0, 8].join
else
entropy_value = ""
end
@ -345,17 +346,16 @@ class MetasploitModule < Msf::Post
local_md5 = Digest::MD5.digest(::File.read(local, mode: 'rb'))
remote_sha = session.fs.file.sha1(remote)
local_sha = Digest::SHA1.digest(::File.read(local, mode: 'rb'))
vprint_status("remote md5: #{Rex::Text.to_hex(remote_md5,'')}")
vprint_status("local md5 : #{Rex::Text.to_hex(local_md5,'')}")
vprint_status("remote sha: #{Rex::Text.to_hex(remote_sha,'')}")
vprint_status("local sha : #{Rex::Text.to_hex(local_sha,'')}")
vprint_status("remote md5: #{Rex::Text.to_hex(remote_md5, '')}")
vprint_status("local md5 : #{Rex::Text.to_hex(local_md5, '')}")
vprint_status("remote sha: #{Rex::Text.to_hex(remote_sha, '')}")
vprint_status("local sha : #{Rex::Text.to_hex(local_sha, '')}")
res &&= (remote_md5 == local_md5)
end
session.fs.file.rm(remote)
res
end
end
=begin
@ -387,7 +387,7 @@ class MetasploitModule < Msf::Post
super
end
protected
protected
def create_directory(name)
res = true
@ -403,5 +403,4 @@ protected
res
end
end

13
test/modules/post/test/railgun.rb
View File

@ -1,5 +1,3 @@
lib = File.join(Msf::Config.install_root, "test", "lib")
require 'module_test'
@ -9,14 +7,17 @@ class MetasploitModule < Msf::Post
include Msf::Post::File
include Msf::Post::Windows::FileInfo
def initialize(info={})
super( update_info( info,
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Railgun API Tests',
'Description' => %q{ This module will test railgun api functions },
'License' => MSF_LICENSE,
'Author' => [ 'Spencer McIntyre' ],
'Platform' => [ 'linux', 'osx', 'windows' ]
))
)
)
end
def test_api_function_calls_libc
@ -89,6 +90,7 @@ class MetasploitModule < Msf::Post
def test_api_function_file_info_windows
return unless session.platform == 'windows'
it "Should retrieve the win32k file version" do
path = expand_path('%WINDIR%\\system32\\win32k.sys')
major, minor, build, revision, brand = file_version(path)
@ -98,6 +100,7 @@ class MetasploitModule < Msf::Post
def test_api_function_calls_windows
return unless session.platform == 'windows'
it "Should include error information in the results" do
ret = true
result = session.railgun.kernel32.GetCurrentProcess()

28
test/modules/post/test/railgun_reverse_lookups.rb
View File

@ -1,4 +1,3 @@
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
@ -14,14 +13,17 @@ class MetasploitModule < Msf::Post
include Msf::ModuleTest::PostTest
def initialize(info={})
super( update_info( info,
def initialize(info = {})
super(
update_info(
info,
'Name' => 'railgun_testing',
'Description' => %q{ This module will test railgun code used in post modules},
'License' => MSF_LICENSE,
'Author' => [ 'kernelsmith'],
'Platform' => [ 'windows' ]
))
)
)
register_options(
[
@ -29,28 +31,27 @@ class MetasploitModule < Msf::Post
OptInt.new("WIN_CONST", [ false, "Windows constant to reverse lookup" ]),
OptRegexp.new("WCREGEX", [ false, "Regexp to apply to constant rev lookup" ]),
OptRegexp.new("ECREGEX", [ false, "Regexp to apply to error code lookup" ]),
], self.class)
], self.class
)
end
#
# Return an array of windows constants names matching +winconst+
#
def select_const_names(winconst, filter_regex=nil)
def select_const_names(winconst, filter_regex = nil)
session.railgun.constant_manager.select_const_names(winconst, filter_regex)
end
#
# Returns an array of windows error code names for a given windows error code matching +err_code+
#
def lookup_error(err_code, filter_regex=nil)
def lookup_error(err_code, filter_regex = nil)
select_const_names(err_code, /^ERROR_/).select do |name|
name =~ filter_regex
end
end
def test_static
it "should return a constant name given a const and a filter" do
ret = true
results = select_const_names(4, /^SERVICE/)
@ -78,16 +79,14 @@ class MetasploitModule < Msf::Post
ret
end
end
def test_datastore
if (datastore["WIN_CONST"])
it "should look up arbitrary constants" do
ret = true
results = select_const_names(datastore['WIN_CONST'], datastore['WCREGEX'])
#vprint_status("RESULTS: #{results.class} #{results.pretty_inspect}")
# vprint_status("RESULTS: #{results.class} #{results.pretty_inspect}")
ret
end
@ -97,13 +96,10 @@ class MetasploitModule < Msf::Post
it "should look up arbitrary error codes" do
ret = true
results = lookup_error(datastore['ERR_CODE'], datastore['ECREGEX'])
#vprint_status("RESULTS: #{results.class} #{results.inspect}")
# vprint_status("RESULTS: #{results.class} #{results.inspect}")
ret
end
end
end
end

15
test/modules/post/test/registry.rb
View File

@ -1,4 +1,3 @@
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
@ -15,8 +14,10 @@ class MetasploitModule < Msf::Post
include Msf::ModuleTest::PostTest
include Msf::Post::Windows::Registry
def initialize(info={})
super( update_info( info,
def initialize(info = {})
super(
update_info(
info,
'Name' => 'registry_post_testing',
'Description' => %q{ This module will test Post::Windows::Registry API methods },
'License' => MSF_LICENSE,
@ -25,7 +26,8 @@ class MetasploitModule < Msf::Post
'egypt', # PostTest conversion
],
'Platform' => [ 'windows' ]
))
)
)
end
def test_0_registry_read
@ -99,7 +101,6 @@ class MetasploitModule < Msf::Post
ret
end
end
def test_1_registry_write
@ -172,7 +173,6 @@ class MetasploitModule < Msf::Post
ret
end
it "should delete unicode keys" do
ret = registry_deleteval(%q#HKCU\σονσλυσιονεμκυε#, "test_val_str")
valinfo = registry_getvalinfo(%q#HKCU\σονσλυσιονεμκυε#, "test_val_str")
@ -185,9 +185,6 @@ class MetasploitModule < Msf::Post
ret
end
end
end

19
test/modules/post/test/search.rb
View File

@ -1,4 +1,3 @@
require 'rex/post/meterpreter/extensions/stdapi/command_ids'
require 'rex'
@ -10,20 +9,24 @@ class MetasploitModule < Msf::Post
include Msf::ModuleTest::PostTest
def initialize(info={})
super( update_info( info,
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Testing Meterpreter Search',
'Description' => %q{ This module will test the meterpreter search method },
'License' => MSF_LICENSE,
'Author' => [ 'timwr'],
'Platform' => [ 'windows', 'linux', 'java' ],
'SessionTypes' => [ 'meterpreter' ]
))
)
)
register_options(
[
OptBool.new("AddEntropy" , [false, "Add entropy token to file and directory names.", false]),
OptString.new("BaseFileName" , [true, "File/dir base name", "meterpreter-test"])
], self.class)
OptBool.new("AddEntropy", [false, "Add entropy token to file and directory names.", false]),
OptString.new("BaseFileName", [true, "File/dir base name", "meterpreter-test"])
], self.class
)
end
def setup
@ -38,7 +41,7 @@ class MetasploitModule < Msf::Post
session.fs.dir.chdir(tmp)
if datastore["AddEntropy"]
entropy_value = '-' + ('a'..'z').to_a.shuffle[0,8].join
entropy_value = '-' + ('a'..'z').to_a.shuffle[0, 8].join
else
entropy_value = ""
end

30
test/modules/post/test/services.rb
View File

@ -13,27 +13,31 @@ class MetasploitModule < Msf::Post
include Msf::Post::Windows::Services
include Msf::ModuleTest::PostTest
def initialize(info={})
super( update_info( info,
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Test Post::Windows::Services',
'Description' => %q{ This module will test windows services methods within a shell},
'License' => MSF_LICENSE,
'Author' => [ 'kernelsmith', 'egypt' ],
'Platform' => [ 'windows' ],
'SessionTypes' => [ 'meterpreter', 'shell' ]
))
)
)
register_options(
[
OptString.new("QSERVICE" , [true, "Service (keyname) to query", "winmgmt"]),
OptString.new("NSERVICE" , [true, "New Service (keyname) to create/del", "testes"]),
OptString.new("SSERVICE" , [true, "Service (keyname) to start/stop", "W32Time"]),
OptString.new("DNAME" , [true, "Display name used for create test", "Cool display name"]),
OptString.new("BINPATH" , [true, "Binary path for create test", "C:\\WINDOWS\\system32\\svchost.exe -k netsvcs"]),
OptEnum.new("MODE", [true, "Mode to use for startup/create tests", "auto",
OptString.new("QSERVICE", [true, "Service (keyname) to query", "winmgmt"]),
OptString.new("NSERVICE", [true, "New Service (keyname) to create/del", "testes"]),
OptString.new("SSERVICE", [true, "Service (keyname) to start/stop", "W32Time"]),
OptString.new("DNAME", [true, "Display name used for create test", "Cool display name"]),
OptString.new("BINPATH", [true, "Binary path for create test", "C:\\WINDOWS\\system32\\svchost.exe -k netsvcs"]),
OptEnum.new("MODE", [
true, "Mode to use for startup/create tests", "auto",
["auto", "manual", "disable"]
]),
], self.class)
], self.class
)
end
def test_start
@ -65,7 +69,7 @@ class MetasploitModule < Msf::Post
ret &&= results.kind_of? Array
ret &&= results.length > 0
ret &&= results.select{|service| service[:name] == datastore["QSERVICE"]}
ret &&= results.select { |service| service[:name] == datastore["QSERVICE"] }
ret
end
@ -160,7 +164,7 @@ class MetasploitModule < Msf::Post
ret &&= results.kind_of? Hash
if ret
original_display = results[:display]
results = service_change_config(service_name, {:display => Rex::Text.rand_text_alpha(5)})
results = service_change_config(service_name, { :display => Rex::Text.rand_text_alpha(5) })
ret &&= (results == Windows::Error::SUCCESS)
results = service_info(service_name)

21
test/modules/post/test/unix.rb
View File

@ -1,12 +1,11 @@
lib = File.join(Msf::Config.install_root, "test", "lib")
$:.push(lib) unless $:.include?(lib)
require 'module_test'
#load 'test/lib/module_test.rb'
#load 'lib/rex/text.rb'
#load 'lib/msf/core/post/linux/system.rb'
#load 'lib/msf/core/post/unix/enum_user_dirs.rb'
# load 'test/lib/module_test.rb'
# load 'lib/rex/text.rb'
# load 'lib/msf/core/post/linux/system.rb'
# load 'lib/msf/core/post/unix/enum_user_dirs.rb'
class MetasploitModule < Msf::Post
@ -15,15 +14,18 @@ class MetasploitModule < Msf::Post
include Msf::Post::Unix
include Msf::Post::Common
def initialize(info={})
super( update_info( info,
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Testing Remote Unix System Manipulation',
'Description' => %q{ This module will test Post::File API methods },
'License' => MSF_LICENSE,
'Author' => [ 'egypt'],
'Platform' => [ 'linux', 'java' ],
'SessionTypes' => [ 'meterpreter', 'shell' ]
))
)
)
end
def test_unix
@ -36,6 +38,7 @@ class MetasploitModule < Msf::Post
if ret
users.each { |u|
next unless u[:name] == "root"
have_root = true
}
end
@ -44,8 +47,6 @@ class MetasploitModule < Msf::Post
ret
end
end
end

1
test/tests/rakefile
View File

@ -4,4 +4,3 @@ Spec::Rake::SpecTask.new do |t|
t.ruby_opts = ['-rtest/unit']
t.spec_files = FileList['*_test.rb']
end

55
test/tests/test_encoders.rb
View File

@ -17,42 +17,40 @@ $msf = Msf::Simple::Framework.create
EXPLOITS = $msf.exploits
def print_line( message )
$stdout.puts( message )
def print_line(message)
$stdout.puts(message)
end
def format_badchars( badchars )
def format_badchars(badchars)
str = ''
if( badchars )
badchars.each_byte do | b |
if (badchars)
badchars.each_byte do |b|
str << "\\x%02X" % [ b ]
end
end
str
end
def encoder_v_payload( encoder_name, payload, verbose=false )
def encoder_v_payload(encoder_name, payload, verbose = false)
success = 0
fail = 0
EXPLOITS.each_module do | name, mod |
EXPLOITS.each_module do |name, mod|
exploit = mod.new
print_line( "\n#{encoder_name} v #{name} (#{ format_badchars( exploit.payload_badchars ) })" ) if verbose
print_line("\n#{encoder_name} v #{name} (#{format_badchars(exploit.payload_badchars)})") if verbose
begin
encoder = $msf.encoders.create( encoder_name )
raw = encoder.encode( payload, exploit.payload_badchars, nil, nil )
encoder = $msf.encoders.create(encoder_name)
raw = encoder.encode(payload, exploit.payload_badchars, nil, nil)
success += 1
rescue
print_line( " FAILED! badchars=#{ format_badchars( exploit.payload_badchars ) }\n" ) if verbose
print_line(" FAILED! badchars=#{format_badchars(exploit.payload_badchars)}\n") if verbose
fail += 1
end
end
return [ success, fail ]
end
def generate_payload( name )
payload = $msf.payloads.create( name )
def generate_payload(name)
payload = $msf.payloads.create(name)
# set options for a reverse_tcp payload
payload.datastore['LHOST'] = '192.168.2.1'
@ -67,30 +65,27 @@ def generate_payload( name )
return payload.generate
end
def run( encoders, payload_name, verbose=false )
payload = generate_payload( payload_name )
def run(encoders, payload_name, verbose = false)
payload = generate_payload(payload_name)
table = Rex::Text::Table.new(
'Header' => 'Encoder v Payload Test - ' + ::Time.new.strftime( "%d-%b-%Y %H:%M:%S" ),
'Header' => 'Encoder v Payload Test - ' + ::Time.new.strftime("%d-%b-%Y %H:%M:%S"),
'Indent' => 4,
'Columns' => [ 'Encoder Name', 'Success', 'Fail' ]
)
encoders.each do | encoder_name |
success, fail = encoder_v_payload( encoder_name, payload, verbose )
encoders.each do |encoder_name|
success, fail = encoder_v_payload(encoder_name, payload, verbose)
table << [ encoder_name, success, fail ]
end
return table
end
if( $0 == __FILE__ )
if ($0 == __FILE__)
print_line( "[+] Starting.\n" )
print_line("[+] Starting.\n")
encoders = [
'x86/bloxor',
@ -105,13 +100,9 @@ if( $0 == __FILE__ )
verbose = false
result_table = run( encoders, payload_name, verbose )
result_table = run(encoders, payload_name, verbose)
print_line( "\n\n#{result_table.to_s}\n\n" )
print_line("\n\n#{result_table.to_s}\n\n")
print_line( "[+] Finished.\n" )
print_line("[+] Finished.\n")
end