From 11001d010cf84e4c03041c95b55961a5b0788e04 Mon Sep 17 00:00:00 2001 From: Wei Chen Date: Thu, 12 Apr 2018 00:58:19 -0500 Subject: [PATCH] Add rspec and fix a bug in XOR in the process --- lib/rex/text/xor.rb | 3 +- spec/rex/text/aes256_spec.rb | 55 ++++++++++++++++++++++++++++++++++++ spec/rex/text/rc4_spec.rb | 28 ++++++++++++++++++ spec/rex/text/xor_spec.rb | 32 +++++++++++++++++++++ 4 files changed, 116 insertions(+), 2 deletions(-) create mode 100644 spec/rex/text/aes256_spec.rb create mode 100644 spec/rex/text/rc4_spec.rb create mode 100644 spec/rex/text/xor_spec.rb diff --git a/lib/rex/text/xor.rb b/lib/rex/text/xor.rb index cd697ea..013789a 100644 --- a/lib/rex/text/xor.rb +++ b/lib/rex/text/xor.rb @@ -18,8 +18,7 @@ module Rex value.each_byte do |byte| xor_byte = byte ^ xor_key - xor_byte = [xor_byte].pack('c').first - buf << xor_byte + buf << [xor_byte].pack('c') end buf diff --git a/spec/rex/text/aes256_spec.rb b/spec/rex/text/aes256_spec.rb new file mode 100644 index 0000000..fa3187b --- /dev/null +++ b/spec/rex/text/aes256_spec.rb @@ -0,0 +1,55 @@ +require 'spec_helper' +require 'securerandom' +require 'openssl' + + +describe Rex::Text do + + let(:iv) { + SecureRandom.random_bytes(16) + } + + let(:key) { + SecureRandom.random_bytes(32) + } + + let(:value) { + 'Hello World' + } + + describe '#encrypt_aes256' do + it 'raises a CipherError exception due to a short IV' do + iv = SecureRandom.random_bytes(1) + expect { Rex::Text.encrypt_aes256(iv, key, value) }.to raise_error(OpenSSL::Cipher::CipherError) + end + + it 'raises a CipherError exception due to a short key' do + key = SecureRandom.random_bytes(1) + expect { Rex::Text.encrypt_aes256(iv, key, value) }.to raise_error(OpenSSL::Cipher::CipherError) + end + + it 'encrypts the string Hello World' do + encrypted_str = Rex::Text.encrypt_aes256(iv, key, value) + expect(encrypted_str).not_to eq(value) + end + end + + describe '#decrypt_aes256' do + it 'raises a CipherError exception due to a short IV' do + iv = SecureRandom.random_bytes(1) + expect { Rex::Text.decrypt_aes256(iv, key, value) }.to raise_error(OpenSSL::Cipher::CipherError) + end + + it 'raises a CipherError exception due to a short key' do + key = SecureRandom.random_bytes(1) + expect { Rex::Text.decrypt_aes256(iv, key, value) }.to raise_error(OpenSSL::Cipher::CipherError) + end + + it 'decrypts the value to Hello World' do + encrypted_str = Rex::Text.encrypt_aes256(iv, key, value) + decrypted_str = Rex::Text.decrypt_aes256(iv, key, encrypted_str) + expect(decrypted_str).to eq(value) + end + end + +end \ No newline at end of file diff --git a/spec/rex/text/rc4_spec.rb b/spec/rex/text/rc4_spec.rb new file mode 100644 index 0000000..4ac88f2 --- /dev/null +++ b/spec/rex/text/rc4_spec.rb @@ -0,0 +1,28 @@ +require 'spec_helper' +require 'securerandom' + + +describe Rex::Text do + + describe '#rc4' do + + let(:key) { + SecureRandom.random_bytes(32) + } + + let(:value) { + 'Hello World' + } + + it 'encrypts a string' do + expect(Rex::Text.rc4(key, value)).not_to eq(value) + end + + it 'decrypts a string' do + encrypted_str = Rex::Text.rc4(key, value) + decrypted_str = Rex::Text.rc4(key, encrypted_str) + expect(decrypted_str).to eq(value) + end + + end +end \ No newline at end of file diff --git a/spec/rex/text/xor_spec.rb b/spec/rex/text/xor_spec.rb new file mode 100644 index 0000000..2bc70a3 --- /dev/null +++ b/spec/rex/text/xor_spec.rb @@ -0,0 +1,32 @@ +require 'spec_helper' + + +describe Rex::Text do + + describe '#xor' do + + let(:hello_world_str) { + 'hello world' + } + + let(:xor_hello_world_str) { + "\x67\x6a\x63\x63\x60\x2f\x78\x60\x7d\x63\x6b" + } + + it 'XORs with an integer type key' do + xor_key = 0x0f + expect(Rex::Text.xor(xor_key, hello_world_str)).to eq(xor_hello_world_str) + end + + it 'XORs with a string type key' do + xor_key = "0x0f" + expect(Rex::Text.xor(xor_key, hello_world_str)).to eq(xor_hello_world_str) + end + + it 'raises an ArgumentError due to an out of range key' do + bad_key = 0x1024 + expect { Rex::Text.xor(bad_key, hello_world_str) }.to raise_error(ArgumentError) + end + + end +end \ No newline at end of file