infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

adding more tests 

rubocoping the file
bug/bundler_fix
darkbushido 2016-12-30 15:28:38 -06:00
parent 3674b25885
commit 0c3760a843
1 changed files with 283 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

393
spec/lib/msf/ui/console/command_dispatcher/creds_spec.rb
View File

@ -1,3 +1,4 @@
# frozen_string_literal: true
require 'spec_helper'
require 'msf/ui'
@ -14,18 +15,19 @@ RSpec.describe Msf::Ui::Console::CommandDispatcher::Creds do
it { is_expected.to respond_to :active? }
it { is_expected.to respond_to :creds_add }
it { is_expected.to respond_to :creds_search }
describe "#cmd_creds" do
let(:username) { "thisuser" }
let(:password) { "thispass" }
describe "#cmd_creds" do
let(:username) { 'thisuser' }
let(:password) { 'thispass' }
let(:realm) { 'thisrealm' }
let(:realm_type) { 'Active Directory Domain' }
describe "-u" do
let(:nomatch_username) { "thatuser" }
let(:nomatch_password) { "thatpass" }
let(:blank_username) { "" }
let(:blank_password) { "" }
let(:nonblank_username) { "nonblank_user" }
let(:nonblank_password) { "nonblank_pass" }
let(:nomatch_username) { 'thatuser' }
let(:nomatch_password) { 'thatpass' }
let(:blank_username) { '' }
let(:blank_password) { '' }
let(:nonblank_username) { 'nonblank_user' }
let(:nonblank_password) { 'nonblank_pass' }
let!(:origin) { FactoryGirl.create(:metasploit_credential_origin_import) }
@ -60,62 +62,62 @@ RSpec.describe Msf::Ui::Console::CommandDispatcher::Creds do
it "should show a user that matches the given expression" do
creds.cmd_creds("-u", username)
expect(@output).to eq([
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------",
" thisuser thispass Password"
])
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------",
" thisuser thispass Password"
])
end
it 'should match a regular expression' do
creds.cmd_creds("-u", "^#{username}$")
expect(@output).to eq([
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------",
" thisuser thispass Password"
])
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------",
" thisuser thispass Password"
])
end
it 'should return nothing for a non-matching regular expression' do
creds.cmd_creds("-u", "^#{nomatch_username}$")
expect(@output).to eq([
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------"
])
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------"
])
end
context "and when the username is blank" do
it "should show a user that matches the given expression" do
creds.cmd_creds("-u", blank_username)
expect(@output).to eq([
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------",
" nonblank_pass Password"
])
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------",
" nonblank_pass Password"
])
end
end
context "and when the password is blank" do
it "should show a user that matches the given expression" do
creds.cmd_creds("-P", blank_password)
expect(@output).to eq([
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------",
" nonblank_user Password"
])
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------",
" nonblank_user Password"
])
end
end
end
@ -125,24 +127,24 @@ RSpec.describe Msf::Ui::Console::CommandDispatcher::Creds do
it "should return a blank set" do
creds.cmd_creds("-u", nomatch_username)
expect(@output).to eq([
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------"
])
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------"
])
end
end
context "due to a nonmatching password" do
it "should return a blank set" do
creds.cmd_creds("-P", nomatch_password)
expect(@output).to eq([
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------"
])
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------"
])
end
end
end
@ -174,33 +176,31 @@ RSpec.describe Msf::Ui::Console::CommandDispatcher::Creds do
workspace: framework.db.workspace)
end
=begin
# Somehow this is hitting a unique constraint on Cores with the same
# Public, even though it has a different Private. Skip for now
let!(:ntlm_core) do
priv = FactoryGirl.create(:metasploit_credential_ntlm_hash, data: ntlm_hash)
FactoryGirl.create(:metasploit_credential_core,
origin: FactoryGirl.create(:metasploit_credential_origin_import),
private: priv,
public: pub,
realm: nil,
workspace: framework.db.workspace)
end
let!(:nonreplayable_core) do
priv = FactoryGirl.create(:metasploit_credential_nonreplayable_hash, data: 'asdf')
FactoryGirl.create(:metasploit_credential_core,
origin: FactoryGirl.create(:metasploit_credential_origin_import),
private: priv,
public: pub,
realm: nil,
workspace: framework.db.workspace)
end
=end
# # Somehow this is hitting a unique constraint on Cores with the same
# # Public, even though it has a different Private. Skip for now
# let!(:ntlm_core) do
# priv = FactoryGirl.create(:metasploit_credential_ntlm_hash, data: ntlm_hash)
# FactoryGirl.create(:metasploit_credential_core,
# origin: FactoryGirl.create(:metasploit_credential_origin_import),
# private: priv,
# public: pub,
# realm: nil,
# workspace: framework.db.workspace)
# end
# let!(:nonreplayable_core) do
# priv = FactoryGirl.create(:metasploit_credential_nonreplayable_hash, data: 'asdf')
# FactoryGirl.create(:metasploit_credential_core,
# origin: FactoryGirl.create(:metasploit_credential_origin_import),
# private: priv,
# public: pub,
# realm: nil,
# workspace: framework.db.workspace)
# end
after(:example) do
#ntlm_core.destroy
# ntlm_core.destroy
password_core.destroy
#nonreplayable_core.destroy
# nonreplayable_core.destroy
end
context "password" do
@ -208,13 +208,13 @@ RSpec.describe Msf::Ui::Console::CommandDispatcher::Creds do
creds.cmd_creds("-t", "password")
# Table matching really sucks
expect(@output).to eq([
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------",
" thisuser thispass Password"
])
"Credentials",
"===========",
"",
"host origin service public private realm private_type",
"---- ------ ------- ------ ------- ----- ------------",
" thisuser thispass Password"
])
end
end
@ -230,41 +230,214 @@ RSpec.describe Msf::Ui::Console::CommandDispatcher::Creds do
"",
"host service public private realm private_type",
"---- ------- ------ ------- ----- ------------",
" thisuser #{ntlm_hash } NTLM hash"
" thisuser #{ntlm_hash} NTLM hash"
]
end
end
end
end
describe "add" do
context "when no core exists" do
it "should add a Core" do
expect {
creds.cmd_creds("add", "user:#{username}", "password:#{password}")
}.to change{ Metasploit::Credential::Core.count }.by 1
describe 'add' do
let(:pub) { FactoryGirl.create(:metasploit_credential_username, username: username) }
let(:priv) { FactoryGirl.create(:metasploit_credential_password, data: password) }
let(:r) { FactoryGirl.create(:metasploit_credential_realm, key: realm_type, value: realm) }
context 'username password and realm' do
it 'creates a core if one does not exist' do
expect do
creds.cmd_creds("add", "user:#{username}", "password:#{password}", "realm:#{realm}")
end.to change { Metasploit::Credential::Core.count }.by 1
end
it 'does not create a core if it already exists' do
core = FactoryGirl.create(:metasploit_credential_core,
origin: FactoryGirl.create(:metasploit_credential_origin_import),
private: priv,
public: pub,
realm: r,
workspace: framework.db.workspace)
expect do
creds.cmd_creds("add", "user:#{username}", "password:#{password}", "realm:#{realm}")
end.to_not change { Metasploit::Credential::Core.count }
end
end
context "when a core already exists" do
before(:example) do
priv = FactoryGirl.create(:metasploit_credential_password, data: password)
pub = FactoryGirl.create(:metasploit_credential_username, username: username)
FactoryGirl.create(:metasploit_credential_core,
origin: FactoryGirl.create(:metasploit_credential_origin_import),
private: priv,
public: pub,
realm: nil,
workspace: framework.db.workspace)
context 'username and realm' do
it 'creates a core if one does not exist' do
expect do
creds.cmd_creds("add", "user:#{username}", "realm:#{realm}")
end.to change { Metasploit::Credential::Core.count }.by 1
end
it "should not add a Core" do
expect {
it 'does not create a core if it already exists' do
core = FactoryGirl.create(:metasploit_credential_core,
origin: FactoryGirl.create(:metasploit_credential_origin_import),
private: nil,
public: pub,
realm: r,
workspace: framework.db.workspace)
expect do
creds.cmd_creds("add", "user:#{username}", "realm:#{realm}")
end.to_not change { Metasploit::Credential::Core.count }
end
end
context "username and password" do
it 'creates a core if one does not exist' do
expect do
creds.cmd_creds("add", "user:#{username}", "password:#{password}")
}.to_not change{ Metasploit::Credential::Core.count }
end.to change { Metasploit::Credential::Core.count }.by 1
end
it 'does not create a core if it already exists' do
core = FactoryGirl.create(:metasploit_credential_core,
origin: FactoryGirl.create(:metasploit_credential_origin_import),
private: priv,
public: pub,
realm: nil,
workspace: framework.db.workspace)
expect do
creds.cmd_creds("add", "user:#{username}", "password:#{password}")
end.to_not change { Metasploit::Credential::Core.count }
end
end
context "password and realm" do
it 'creates a core if one does not exist' do
expect do
creds.cmd_creds("add", "password:#{password}", "realm:#{realm}")
end.to change { Metasploit::Credential::Core.count }.by 1
end
it 'does not create a core if it already exists' do
core = FactoryGirl.create(:metasploit_credential_core,
origin: FactoryGirl.create(:metasploit_credential_origin_import),
private: priv,
public: nil,
realm: r,
workspace: framework.db.workspace)
expect do
creds.cmd_creds("add", "password:#{password}", "realm:#{realm}")
end.to_not change { Metasploit::Credential::Core.count }
end
end
context "username" do
it 'creates a core if one does not exist' do
expect do
creds.cmd_creds("add", "user:#{username}")
end.to change { Metasploit::Credential::Core.count }.by 1
end
it 'does not create a core if it already exists' do
core = FactoryGirl.create(:metasploit_credential_core,
origin: FactoryGirl.create(:metasploit_credential_origin_import),
private: nil,
public: pub,
realm: nil,
workspace: framework.db.workspace)
expect do
creds.cmd_creds("add", "user:#{username}")
end.to_not change { Metasploit::Credential::Core.count }
end
end
context 'private_types' do
context 'password' do
it 'creates a core if one does not exist' do
expect do
creds.cmd_creds("add", "password:#{password}")
end.to change { Metasploit::Credential::Core.count }.by 1
end
it 'does not create a core if it already exists' do
core = FactoryGirl.create(:metasploit_credential_core,
origin: FactoryGirl.create(:metasploit_credential_origin_import),
private: priv,
public: nil,
realm: nil,
workspace: framework.db.workspace)
expect do
creds.cmd_creds("add", "password:#{password}")
end.to_not change { Metasploit::Credential::Core.count }
end
end
context 'ntlm' do
let(:priv) { FactoryGirl.create(:metasploit_credential_ntlm_hash) }
it 'creates a core if one does not exist' do
expect do
creds.cmd_creds("add", "ntlm:#{priv.data}")
end.to change { Metasploit::Credential::Core.count }.by 1
end
it 'does not create a core if it already exists' do
core = FactoryGirl.create(:metasploit_credential_core,
origin: FactoryGirl.create(:metasploit_credential_origin_import),
private: priv,
public: nil,
realm: nil,
workspace: framework.db.workspace)
expect do
creds.cmd_creds("add", "ntlm:#{priv.data}")
end.to_not change { Metasploit::Credential::Core.count }
end
end
context 'hash' do
let(:priv) { FactoryGirl.create(:metasploit_credential_nonreplayable_hash) }
it 'creates a core if one does not exist' do
expect do
creds.cmd_creds("add", "hash:#{priv.data}")
end.to change { Metasploit::Credential::Core.count }.by 1
end
it 'does not create a core if it already exists' do
core = FactoryGirl.create(:metasploit_credential_core,
origin: FactoryGirl.create(:metasploit_credential_origin_import),
private: priv,
public: nil,
realm: nil,
workspace: framework.db.workspace)
expect do
creds.cmd_creds("add", "hash:#{priv.data}")
end.to_not change { Metasploit::Credential::Core.count }
end
end
context 'ssh-key' do
let(:priv) { FactoryGirl.create(:metasploit_credential_ssh_key) }
before(:each) do
@file = Tempfile.new('id_rsa')
@file.write(priv.data)
@file.close
end
it 'creates a core if one does not exist' do
expect do
creds.cmd_creds("add", "user:#{username}", "ssh-key:#{@file.path}")
end.to change { Metasploit::Credential::Core.count }.by 1
end
it 'does not create a core if it already exists' do
core = FactoryGirl.create(:metasploit_credential_core,
origin: FactoryGirl.create(:metasploit_credential_origin_import),
private: priv,
public: pub,
realm: nil,
workspace: framework.db.workspace)
expect do
creds.cmd_creds("add", "user:#{username}", "ssh-key:#{@file.path}")
end.to_not change { Metasploit::Credential::Core.count }
end
end
end
context "realm" do
it 'creates a core if one does not exist' do
expect do
creds.cmd_creds("add", "realm:#{realm}")
end.to change { Metasploit::Credential::Core.count }.by 1
end
it 'does not create a core if it already exists' do
core = FactoryGirl.create(:metasploit_credential_core,
origin: FactoryGirl.create(:metasploit_credential_origin_import),
private: nil,
public: nil,
realm: r,
workspace: framework.db.workspace)
expect do
creds.cmd_creds("add", "realm:#{realm}")
end.to_not change { Metasploit::Credential::Core.count }
end
end
end
end
end