add host validations to ssh scanner

add validations to the :host attribute
on the SSH LoginScanner

lib/metasploit/framework/login_scanner/ssh.rb

@@ -15,11 +15,19 @@ module Metasploit
         #   @return [Fixnum] The port to connect to
         attr_accessor :port
 
-        validates :port, numericality: {
-            only_integer:             true,
-            greater_than_or_equal_to: 1,
-            less_than_or_equal_to:    65535
-        }
+        validates :port,
+          presence: true,
+          numericality: {
+              only_integer:             true,
+              greater_than_or_equal_to: 1,
+              less_than_or_equal_to:    65535
+          }
+
+        validates :host, presence: true
+
+        validates :cred_pairs, presence: true
+
+        validate :host_address_must_be_valid
 
         # @param attributes [Hash{Symbol => String,nil}]
         def initialize(attributes={})
@@ -28,6 +36,19 @@ module Metasploit
           end
         end
 
+        private
+
+        def host_address_must_be_valid
+          unless host.kind_of? String
+            errors.add(:host, "must be a string")
+          end
+          begin
+            ::Rex::Socket.getaddress(value, true)
+          rescue
+            errors.add(:host, "could not be resolved")
+          end
+        end
+
 
       end
 

spec/lib/metasploit/framework/login_scanner/ssh_spec.rb

@@ -14,6 +14,11 @@ describe Metasploit::Framework::LoginScanner::SSH do
   context 'validations' do
     context 'port' do
 
+      it 'is not valid for not set' do
+        expect(ssh_scanner).to_not be_valid
+        expect(ssh_scanner.errors[:port]).to include "is not a number"
+      end
+
       it 'is not valid for a non-number' do
         ssh_scanner.port = "a"
         expect(ssh_scanner).to_not be_valid
@@ -43,6 +48,59 @@ describe Metasploit::Framework::LoginScanner::SSH do
         expect(ssh_scanner).to_not be_valid
         expect(ssh_scanner.errors[:port]).to include "must be less than or equal to 65535"
       end
+
+      it 'is valid for a legitimate port number' do
+        ssh_scanner.port = rand(65534) + 1
+        expect(ssh_scanner.errors[:port]).to be_empty
+      end
+    end
+
+    context 'host' do
+
+      it 'is not valid for not set' do
+        expect(ssh_scanner).to_not be_valid
+        expect(ssh_scanner.errors[:host]).to include "can't be blank"
+      end
+
+      it 'is not valid for a non-string input' do
+        ssh_scanner.host = 5
+        expect(ssh_scanner).to_not be_valid
+        expect(ssh_scanner.errors[:host]).to include "must be a string"
+      end
+
+      it 'is not valid for an improper IP address' do
+        ssh_scanner.host = '192.168.1.1.5'
+        expect(ssh_scanner).to_not be_valid
+        expect(ssh_scanner.errors[:host]).to include "could not be resolved"
+      end
+
+      it 'is not valid for an incomplete IP address' do
+        ssh_scanner.host = '192.168'
+        expect(ssh_scanner).to_not be_valid
+        expect(ssh_scanner.errors[:host]).to include "could not be resolved"
+      end
+
+      it 'is not valid for an invalid IP address' do
+        ssh_scanner.host = '192.300.675.123'
+        expect(ssh_scanner).to_not be_valid
+        expect(ssh_scanner.errors[:host]).to include "could not be resolved"
+      end
+
+      it 'is not valid for DNS name that cannot be resolved' do
+        ssh_scanner.host = 'nosuchplace.metasploit.com'
+        expect(ssh_scanner).to_not be_valid
+        expect(ssh_scanner.errors[:host]).to include "could not be resolved"
+      end
+
+      it 'is valid for a valid IP address' do
+        ssh_scanner.host = '127.0.0.1'
+        expect(ssh_scanner.errors[:host]).to be_empty
+      end
+
+      it 'is valid for a DNS name it can resolve' do
+        ssh_scanner.host = 'localhost'
+        expect(ssh_scanner.errors[:host]).to be_empty
+      end
     end
   end
 end