Squash commit for blank creds search and test

This should fix up #4642 with respect to #4504. Squashed commit of the following: commit 124d53ccb00cd200bede092e893dda7e033d3e17 Merge: cb2bef8 ccad159 Author: Tod Beardsley <tod_beardsley@rapid7.com> Date: Mon Jan 26 16:23:03 2015 -0600 Merge branch 'feature/creds-blank-finders' into temp commit ccad159222eaa949d76e22b588d1ac7709fb2f27 Author: Tod Beardsley <tod_beardsley@rapid7.com> Date: Mon Jan 26 15:58:02 2015 -0600 Clean out whitespace, make vars more meaningful commit 266b45dff26e2778e43d8e4750d212b5aee5a009 Author: Tod Beardsley <tod_beardsley@rapid7.com> Date: Mon Jan 26 15:54:32 2015 -0600 Add some specs for regular users and blank users commit 2e51503f76e9a2f6921c57e86a2f98527f80c874 Author: Tod Beardsley <tod_beardsley@rapid7.com> Date: Mon Jan 26 15:04:03 2015 -0600 Users should be able to find blank user/pass
2015-01-26 16:26:30 -06:00 · 2015-01-26 16:26:30 -06:00 · 2294ea0e93
parent cb2bef878b
commit 2294ea0e93
2 changed files with 77 additions and 0 deletions
--- a/lib/msf/ui/console/command_dispatcher/db.rb
+++ b/lib/msf/ui/console/command_dispatcher/db.rb
@ -868,6 +868,16 @@ class Db
        # Exclude creds that don't match the given type
        next if type.present? && !core.private.kind_of?(type)
        # Exclude non-blank username creds if that's what we're after
        if user_regex.present? && user_regex == // && !core.public.username.blank?
          next
        end
        # Exclude non-blank password creds if that's what we're after
        if pass_regex.present? && pass_regex == // && !core.private.data.blank?
          next
        end
        # Exclude creds that don't match the given user
        if user_regex.present? && !core.public.username.match(user_regex)
          next
--- a/spec/lib/msf/ui/console/command_dispatcher/db_spec.rb
+++ b/spec/lib/msf/ui/console/command_dispatcher/db_spec.rb
@ -65,6 +65,73 @@ describe Msf::Ui::Console::CommandDispatcher::Db do
  it { is_expected.to respond_to :set_rhosts_from_addrs }
  describe "#cmd_creds" do
    describe "-u" do
      let(:username)            { "thisuser" }
      let(:password)            { "thispass" }
      let(:nomatch_username)    { "thatuser" }
      let(:nomatch_password)    { "thatpass" }
      let(:blank_username)      { "" }
      let(:blank_password)      { "" }
      let(:nonblank_username)   { "nonblank_user" }
      let(:nonblank_password)   { "nonblank_pass" }
      before(:each) do
        priv = FactoryGirl.create(:metasploit_credential_password, data: password)
        pub = FactoryGirl.create(:metasploit_credential_username, username: username)
        core = FactoryGirl.create(:metasploit_credential_core,
                                  origin: FactoryGirl.create(:metasploit_credential_origin_import),
                                  private: priv,
                                  public: pub,
                                  realm: nil,
                                  workspace: framework.db.workspace)
        nonblank_priv = FactoryGirl.create(:metasploit_credential_password, data: nonblank_password)
        blank_pub = FactoryGirl.create(:metasploit_credential_blank_username)
        core = FactoryGirl.create(:metasploit_credential_core,
                                  origin: FactoryGirl.create(:metasploit_credential_origin_import),
                                  private: nonblank_priv,
                                  public: blank_pub,
                                  realm: nil,
                                  workspace: framework.db.workspace)
      end
      context "when the credential is present" do
        it "should show a user that matches the given expression" do
          db.cmd_creds("-u", username)
          @output.should =~ [
            "Credentials",
            "===========",
            "",
            "host  service  public    private   realm  private_type",
            "----  -------  ------    -------   -----  ------------",
            "               thisuser  thispass         Password",
          ]
        end
        context "and when the username is blank" do
          it "should show a user that matches the given expression" do
            db.cmd_creds("-u", "")
            @output.should =~ [
              "Credentials",
              "===========",
              "",
              "host  service  public  private        realm  private_type",
              "----  -------  ------  -------        -----  ------------",
              "                       nonblank_pass         Password"
            ]
          end
        end
      end
      context "when the credential is absent" do
        it "should return a blank set" do
          db.cmd_creds("-u", nomatch_username)
          @output.should =~ [
            "===========",
            "Credentials",
            "",
            "----  -------  ------  -------  -----  ------------",
            "host  service  public  private  realm  private_type"
          ]
        end
      end
    end
    describe "add-password" do
      let(:username) { "username" }
      let(:password) { "password" }