2014-06-04 18:01:09 +00:00
|
|
|
require 'spec_helper'
|
|
|
|
require 'metasploit/framework/credential_collection'
|
|
|
|
|
2015-10-16 20:57:04 +00:00
|
|
|
RSpec.describe Metasploit::Framework::CredentialCollection do
|
2014-06-04 18:01:09 +00:00
|
|
|
|
2014-06-11 19:30:45 +00:00
|
|
|
subject(:collection) do
|
|
|
|
described_class.new(
|
2014-06-11 21:21:59 +00:00
|
|
|
blank_passwords: blank_passwords,
|
|
|
|
pass_file: pass_file,
|
2014-06-11 19:30:45 +00:00
|
|
|
password: password,
|
2014-06-11 21:21:59 +00:00
|
|
|
user_as_pass: user_as_pass,
|
2014-06-11 19:30:45 +00:00
|
|
|
user_file: user_file,
|
2014-06-11 21:21:59 +00:00
|
|
|
username: username,
|
2014-06-11 19:30:45 +00:00
|
|
|
userpass_file: userpass_file,
|
2017-01-31 18:10:17 +00:00
|
|
|
prepended_creds: prepended_creds,
|
|
|
|
additional_privates: additional_privates,
|
|
|
|
additional_publics: additional_publics
|
2014-06-11 19:30:45 +00:00
|
|
|
)
|
|
|
|
end
|
2014-06-05 16:37:48 +00:00
|
|
|
|
2014-06-11 21:21:59 +00:00
|
|
|
let(:blank_passwords) { nil }
|
2014-06-11 19:30:45 +00:00
|
|
|
let(:username) { "user" }
|
|
|
|
let(:password) { "pass" }
|
|
|
|
let(:user_file) { nil }
|
|
|
|
let(:pass_file) { nil }
|
2014-06-11 21:21:59 +00:00
|
|
|
let(:user_as_pass) { nil }
|
2014-06-11 19:30:45 +00:00
|
|
|
let(:userpass_file) { nil }
|
2017-01-31 18:10:17 +00:00
|
|
|
let(:prepended_creds) { [] }
|
|
|
|
let(:additional_privates) { [] }
|
|
|
|
let(:additional_publics) { [] }
|
2014-06-05 16:37:48 +00:00
|
|
|
|
2014-06-11 19:30:45 +00:00
|
|
|
describe "#each" do
|
2014-06-04 18:01:09 +00:00
|
|
|
specify do
|
|
|
|
expect { |b| collection.each(&b) }.to yield_with_args(Metasploit::Framework::Credential)
|
|
|
|
end
|
2014-06-05 16:37:48 +00:00
|
|
|
|
|
|
|
context "when given a user_file and password" do
|
|
|
|
let(:username) { nil }
|
|
|
|
let(:user_file) do
|
|
|
|
filename = "foo"
|
|
|
|
stub_file = StringIO.new("asdf\njkl\n")
|
2015-10-20 18:45:31 +00:00
|
|
|
allow(File).to receive(:open).with(filename,/^r/).and_yield stub_file
|
2014-06-05 16:37:48 +00:00
|
|
|
|
|
|
|
filename
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect { |b| collection.each(&b) }.to yield_successive_args(
|
|
|
|
Metasploit::Framework::Credential.new(public: "asdf", private: password),
|
|
|
|
Metasploit::Framework::Credential.new(public: "jkl", private: password),
|
|
|
|
)
|
|
|
|
end
|
|
|
|
end
|
2014-06-05 16:51:11 +00:00
|
|
|
|
|
|
|
context "when given a pass_file and username" do
|
|
|
|
let(:password) { nil }
|
|
|
|
let(:pass_file) do
|
|
|
|
filename = "foo"
|
|
|
|
stub_file = StringIO.new("asdf\njkl\n")
|
2015-10-20 18:45:31 +00:00
|
|
|
allow(File).to receive(:open).with(filename,/^r/).and_return stub_file
|
2014-06-05 16:51:11 +00:00
|
|
|
|
|
|
|
filename
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect { |b| collection.each(&b) }.to yield_successive_args(
|
|
|
|
Metasploit::Framework::Credential.new(public: username, private: "asdf"),
|
|
|
|
Metasploit::Framework::Credential.new(public: username, private: "jkl"),
|
|
|
|
)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-06-05 16:54:59 +00:00
|
|
|
|
|
|
|
context "when given a userspass_file" do
|
|
|
|
let(:username) { nil }
|
|
|
|
let(:password) { nil }
|
|
|
|
let(:userpass_file) do
|
|
|
|
filename = "foo"
|
|
|
|
stub_file = StringIO.new("asdf jkl\nfoo bar\n")
|
2015-10-20 18:45:31 +00:00
|
|
|
allow(File).to receive(:open).with(filename,/^r/).and_yield stub_file
|
2014-06-05 16:54:59 +00:00
|
|
|
|
|
|
|
filename
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect { |b| collection.each(&b) }.to yield_successive_args(
|
|
|
|
Metasploit::Framework::Credential.new(public: "asdf", private: "jkl"),
|
|
|
|
Metasploit::Framework::Credential.new(public: "foo", private: "bar"),
|
|
|
|
)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-06-06 17:12:32 +00:00
|
|
|
context "when given a pass_file and user_file" do
|
|
|
|
let(:password) { nil }
|
|
|
|
let(:username) { nil }
|
|
|
|
let(:user_file) do
|
|
|
|
filename = "user_file"
|
|
|
|
stub_file = StringIO.new("asdf\njkl\n")
|
2015-10-20 18:45:31 +00:00
|
|
|
allow(File).to receive(:open).with(filename,/^r/).and_yield stub_file
|
2014-06-06 17:12:32 +00:00
|
|
|
|
|
|
|
filename
|
|
|
|
end
|
|
|
|
let(:pass_file) do
|
|
|
|
filename = "pass_file"
|
|
|
|
stub_file = StringIO.new("asdf\njkl\n")
|
2015-10-20 18:45:31 +00:00
|
|
|
allow(File).to receive(:open).with(filename,/^r/).and_return stub_file
|
2014-06-06 17:12:32 +00:00
|
|
|
|
|
|
|
filename
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect { |b| collection.each(&b) }.to yield_successive_args(
|
|
|
|
Metasploit::Framework::Credential.new(public: "asdf", private: "asdf"),
|
|
|
|
Metasploit::Framework::Credential.new(public: "asdf", private: "jkl"),
|
|
|
|
Metasploit::Framework::Credential.new(public: "jkl", private: "asdf"),
|
|
|
|
Metasploit::Framework::Credential.new(public: "jkl", private: "jkl"),
|
|
|
|
)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context "when :user_as_pass is true" do
|
|
|
|
let(:user_as_pass) { true }
|
|
|
|
specify do
|
|
|
|
expect { |b| collection.each(&b) }.to yield_successive_args(
|
|
|
|
Metasploit::Framework::Credential.new(public: username, private: password),
|
|
|
|
Metasploit::Framework::Credential.new(public: username, private: username),
|
|
|
|
)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context "when :blank_passwords is true" do
|
|
|
|
let(:blank_passwords) { true }
|
|
|
|
specify do
|
|
|
|
expect { |b| collection.each(&b) }.to yield_successive_args(
|
|
|
|
Metasploit::Framework::Credential.new(public: username, private: password),
|
|
|
|
Metasploit::Framework::Credential.new(public: username, private: ""),
|
|
|
|
)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-06-04 18:01:09 +00:00
|
|
|
end
|
|
|
|
|
2017-01-31 18:10:17 +00:00
|
|
|
describe "#empty?" do
|
2017-02-01 21:42:21 +00:00
|
|
|
context "when only :userpass_file is set" do
|
|
|
|
let(:username) { nil }
|
|
|
|
let(:password) { nil }
|
|
|
|
let(:userpass_file) { "test_file" }
|
|
|
|
specify do
|
|
|
|
expect(collection.empty?).to eq false
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-01-31 18:10:17 +00:00
|
|
|
context "when :username is set" do
|
|
|
|
context "and :password is set" do
|
|
|
|
specify do
|
|
|
|
expect(collection.empty?).to eq false
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context "and :password is not set" do
|
|
|
|
let(:password) { nil }
|
|
|
|
specify do
|
|
|
|
expect(collection.empty?).to eq true
|
|
|
|
end
|
|
|
|
|
|
|
|
context "and :blank_passwords is true" do
|
|
|
|
let(:blank_passwords) { true }
|
|
|
|
specify do
|
|
|
|
expect(collection.empty?).to eq false
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context "when :username is not set" do
|
|
|
|
context "and :password is not set" do
|
|
|
|
let(:username) { nil }
|
|
|
|
let(:password) { nil }
|
|
|
|
specify do
|
|
|
|
expect(collection.empty?).to eq true
|
|
|
|
end
|
|
|
|
|
|
|
|
context "and :prepended_creds is not empty" do
|
|
|
|
let(:prepended_creds) { [ "test" ] }
|
|
|
|
specify do
|
|
|
|
expect(collection.empty?).to eq false
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context "and :additional_privates is not empty" do
|
|
|
|
let(:additional_privates) { [ "test_private" ] }
|
|
|
|
specify do
|
|
|
|
expect(collection.empty?).to eq true
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context "and :additional_publics is not empty" do
|
|
|
|
let(:additional_publics) { [ "test_public" ] }
|
|
|
|
specify do
|
|
|
|
expect(collection.empty?).to eq true
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-06-11 19:30:45 +00:00
|
|
|
describe "#prepend_cred" do
|
|
|
|
specify do
|
|
|
|
prep = Metasploit::Framework::Credential.new(public: "foo", private: "bar")
|
|
|
|
collection.prepend_cred(prep)
|
|
|
|
expect { |b| collection.each(&b) }.to yield_successive_args(
|
|
|
|
prep,
|
|
|
|
Metasploit::Framework::Credential.new(public: username, private: password),
|
|
|
|
)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-06-04 18:01:09 +00:00
|
|
|
end
|