infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Adding in some tests 

cleaning up the regex a bit

MSP-9678
bug/bundler_fix
Lance Sanchez 2014-06-02 13:50:30 -05:00
parent f2a2975bc1
commit 15fffb1668
No known key found for this signature in database
GPG Key ID: 3922EB70FB80E8DD
2 changed files with 72 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
lib/metasploit/framework/login_scanner/pop3.rb
View File

@ -31,21 +31,21 @@ module Metasploit
# Check to see if we recieved an OK?
result_options[:proof] = sock.get_once
if result_options[:proof][/^\+OK (.*)/]
if result_options[:proof][/^\+OK.*/]
# If we received an OK we should send the USER
sock.put("USER #{credential.public}\r\n")
result_options[:proof] = sock.get_once
if result_options[:proof][/^\+OK (.*)/]
if result_options[:proof][/^\+OK.*/]
# If we got an OK after the username we can send the PASS
sock.put("PASS #{credential.private}\r\n")
result_options[:proof] = sock.get_once
if result_options[:proof][/^\+OK (.*)/]
if result_options[:proof][/^\+OK.*/]
# if the pass gives an OK, were good to go
result_options[:status] = :success
end
end
end
rescue ::Rex::ConnectionError, ::Timeout::Error, ::Errno::EPIPE => e
rescue Rex::ConnectionError, EOFError, Timeout::Error, Errno::EPIPE => e
result_options.merge!(
proof: e.message,
status: :connection_error
@ -64,11 +64,7 @@ module Metasploit
def set_sane_defaults
self.max_send_size ||= 0
self.send_delay ||= 0
if self.ssl?
self.port ||= 995
else
self.port ||= 110
end
self.port ||= 110
end
end

67
spec/lib/metasploit/framework/login_scanner/pop3_spec.rb
View File

@ -8,7 +8,74 @@ describe Metasploit::Framework::LoginScanner::POP3 do
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
context "#attempt_login" do
let(:pub_blank) do
Metasploit::Framework::LoginScanner::Credential.new(
paired: true,
public: "public",
private: ''
)
end
context "Raised Exceptions" do
it "Rex::ConnectionError should result in status :connection_error" do
expect(scanner).to receive(:connect).and_raise(Rex::ConnectionError)
result = scanner.attempt_login(pub_blank)
expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result)
expect(result.status).to eq(:connection_error)
end
it "Timeout::Error should result in status :connection_error" do
expect(scanner).to receive(:connect).and_raise(Timeout::Error)
result = scanner.attempt_login(pub_blank)
expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result)
expect(result.status).to eq(:connection_error)
end
it "EOFError should result in status :connection_error" do
expect(scanner).to receive(:connect).and_raise(EOFError)
result = scanner.attempt_login(pub_blank)
expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result)
expect(result.status).to eq(:connection_error)
end
end
context "Open Connection" do
let(:sock) {double('socket')}
before(:each) do
sock.stub(:shutdown)
sock.stub(:close)
expect(scanner).to receive(:connect)
scanner.stub(:sock).and_return(sock)
end
it "Server returns +OK" do
expect(sock).to receive(:get_once).exactly(3).times.and_return("+OK")
expect(sock).to receive(:put).with("USER public\r\n").once.ordered
expect(sock).to receive(:put).with("PASS \r\n").once.ordered
result = scanner.attempt_login(pub_blank)
expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result)
expect(result.status).to eq(:success)
end
it "Server Returns Something Else" do
sock.stub(:get_once).and_return("+ERROR")
result = scanner.attempt_login(pub_blank)
expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result)
expect(result.status).to eq(:failed)
expect(result.proof).to eq("+ERROR")
end
end
end
end