2014-04-26 12:27:25 +00:00
|
|
|
# -*- coding:binary -*-
|
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
require 'rex/exploitation/powershell'
|
|
|
|
|
|
|
|
describe Rex::Exploitation::Powershell do
|
|
|
|
|
2014-04-25 17:14:39 +00:00
|
|
|
let(:example_script) do
|
|
|
|
"""function DumpHashes
|
|
|
|
{
|
|
|
|
LoadApi
|
|
|
|
$bootkey = Get-BootKey;
|
|
|
|
$hbootKey = Get-HBootKey $bootkey;
|
|
|
|
Get-UserKeys | %{
|
|
|
|
$hashes = Get-UserHashes $_ $hBootKey;
|
|
|
|
\"{0}:{1}:{2}:{3}:::\" -f ($_.UserName,$_.Rid,
|
|
|
|
[BitConverter]::ToString($hashes[0]).Replace(\"-\",\"\").ToLower(),
|
|
|
|
[BitConverter]::ToString($hashes[1]).Replace(\"-\",\"\").ToLower());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
DumpHashes"""
|
|
|
|
end
|
|
|
|
|
2014-04-26 12:27:25 +00:00
|
|
|
describe "::read_script" do
|
|
|
|
it 'should create a script from a string input' do
|
2014-04-25 17:14:39 +00:00
|
|
|
script = described_class.read_script(example_script)
|
2014-04-26 12:27:25 +00:00
|
|
|
script.should be_a_kind_of Rex::Exploitation::Powershell::Script
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-04-25 17:14:39 +00:00
|
|
|
describe "::process_subs" do
|
|
|
|
it 'should create an array of substitutions to process' do
|
|
|
|
subs = described_class.process_subs("BitConverter,ParpConverter;$bootkey,$parpkey;")
|
|
|
|
subs.should eq [['BitConverter','ParpConverter'],['$bootkey','$parpkey']]
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "::make_subs" do
|
|
|
|
it 'should substitute values in script' do
|
|
|
|
script = described_class.make_subs(example_script,[['BitConverter','ParpConverter']])
|
2014-08-25 22:34:55 +00:00
|
|
|
script.include?('BitConverter').should be_falsey
|
2014-09-02 18:22:21 +00:00
|
|
|
script.include?('ParpConverter').should be_truthy
|
2014-04-25 17:14:39 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-04-26 12:27:25 +00:00
|
|
|
end
|
|
|
|
|