removing unused step files
changing the ms08_067 tests to fail when proxies show up in the wrong sectionbug/bundler_fix
darkbushido
parent
93cd53a800
commit
4ef60d1a00
|
|
@ -1,6 +1,9 @@
|
|||
Feature: MS08-067 netapi
|
||||
|
||||
Background:
|
||||
Given a directory named "home"
|
||||
And I cd to "home"
|
||||
And a mocked home directory
|
||||
Given I run `msfconsole` interactively
|
||||
And I wait for stdout to contain "Free Metasploit Pro trial: http://r-7.co/trymsp"
|
||||
|
||||
|
|
@ -8,90 +11,162 @@ Feature: MS08-067 netapi
|
|||
When I type "use exploit/windows/smb/ms08_067_netapi"
|
||||
And I type "show options"
|
||||
And I type "exit"
|
||||
Then the output should contain the following:
|
||||
| Module options (exploit/windows/smb/ms08_067_netapi) |
|
||||
| Name Current Setting Required Description |
|
||||
| ---- --------------- -------- ----------- |
|
||||
| RHOST yes The target address |
|
||||
| RPORT 445 yes Set the SMB service port |
|
||||
| RPORT 445 yes Set the SMB service port |
|
||||
Then the output should contain:
|
||||
"""
|
||||
Module options (exploit/windows/smb/ms08_067_netapi):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
RHOST yes The target address
|
||||
RPORT 445 yes Set the SMB service port
|
||||
SMBPIPE BROWSER yes The pipe name to use (BROWSER, SRVSVC)
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
0 Automatic Targeting
|
||||
|
||||
"""
|
||||
|
||||
Scenario: The MS08-067 Module should have the following advanced options
|
||||
When I type "use exploit/windows/smb/ms08_067_netapi"
|
||||
And I type "show advanced"
|
||||
And I type "exit"
|
||||
Then the output should contain the following:
|
||||
| Name : CHOST |
|
||||
| Description : The local client address |
|
||||
| Name : CPORT |
|
||||
| Description : The local client port |
|
||||
| Name : ConnectTimeout |
|
||||
| Description : Maximum number of seconds to establish a TCP connection |
|
||||
| Name : ContextInformationFile |
|
||||
| Description : The information file that contains context information |
|
||||
| Name : DCERPC::ReadTimeout |
|
||||
| Description : The number of seconds to wait for DCERPC responses |
|
||||
| Name : DisablePayloadHandler |
|
||||
| Description : Disable the handler code for the selected payload |
|
||||
| Name : EnableContextEncoding |
|
||||
| Description : Use transient context when encoding payloads |
|
||||
| Name : NTLM::SendLM |
|
||||
| Description : Always send the LANMAN response (except when NTLMv2_session is |
|
||||
| specified) |
|
||||
| Name : NTLM::SendNTLM |
|
||||
| Description : Activate the 'Negotiate NTLM key' flag, indicating the use of |
|
||||
| NTLM responses |
|
||||
| Name : NTLM::SendSPN |
|
||||
| Current Setting: true |
|
||||
| Description : Send an avp of type SPN in the ntlmv2 client Blob, this allow |
|
||||
| authentification on windows Seven/2008r2 when SPN is required |
|
||||
| Name : NTLM::UseLMKey |
|
||||
| Description : Activate the 'Negotiate Lan Manager Key' flag, using the LM key |
|
||||
| when the LM response is sent |
|
||||
| Name : NTLM::UseNTLM2_session |
|
||||
| Description : Activate the 'Negotiate NTLM2 key' flag, forcing the use of a |
|
||||
| NTLMv2_session |
|
||||
| Name : NTLM::UseNTLMv2 |
|
||||
| Description : Use NTLMv2 instead of NTLM2_session when 'Negotiate NTLM2' key |
|
||||
| is true |
|
||||
# | Name : Proxies |
|
||||
# | Description : Use a proxy chain |
|
||||
| Name : SMB::ChunkSize |
|
||||
| Current Setting: 500 |
|
||||
| Description : The chunk size for SMB segments, bigger values will increase |
|
||||
| speed but break NT 4.0 and SMB signing |
|
||||
| Name : SMB::Native_LM |
|
||||
| Description : The Native LM to send during authentication |
|
||||
| Name : SMB::Native_OS |
|
||||
| Description : The Native OS to send during authentication |
|
||||
| Name : SMB::VerifySignature |
|
||||
| Description : Enforces client-side verification of server response signatures |
|
||||
| Name : SMBDirect |
|
||||
| Description : The target port is a raw SMB service (not NetBIOS) |
|
||||
| Name : SMBDomain |
|
||||
| Description : The Windows domain to use for authentication |
|
||||
| Name : SMBName |
|
||||
| Description : The NetBIOS hostname (required for port 139 connections) |
|
||||
| Name : SMBPass |
|
||||
| Description : The password for the specified username |
|
||||
| Name : SMBUser |
|
||||
| Description : The username to authenticate as |
|
||||
| Name : SSL |
|
||||
| Description : Negotiate SSL for outgoing connections |
|
||||
| Name : SSLCipher |
|
||||
| Description : String for SSL cipher - "DHE-RSA-AES256-SHA" or "ADH" |
|
||||
| Name : SSLVerifyMode |
|
||||
| Description : SSL verification method (accepted: CLIENT_ONCE, |
|
||||
| FAIL_IF_NO_PEER_CERT, NONE, PEER) |
|
||||
| Name : SSLVersion |
|
||||
| Description : Specify the version of SSL that should be used (accepted: SSL2, |
|
||||
| SSL3, TLS1) |
|
||||
| Name : VERBOSE |
|
||||
| Description : Enable detailed status messages |
|
||||
| Name : WORKSPACE |
|
||||
| Description : Specify the workspace for this module |
|
||||
| Name : WfsDelay |
|
||||
| Description : Additional delay when waiting for a session |
|
||||
Then the output should contain:
|
||||
"""
|
||||
Module advanced options:
|
||||
|
||||
Name : CHOST
|
||||
Current Setting:
|
||||
Description : The local client address
|
||||
|
||||
Name : CPORT
|
||||
Current Setting:
|
||||
Description : The local client port
|
||||
|
||||
Name : ConnectTimeout
|
||||
Current Setting: 10
|
||||
Description : Maximum number of seconds to establish a TCP connection
|
||||
|
||||
Name : ContextInformationFile
|
||||
Current Setting:
|
||||
Description : The information file that contains context information
|
||||
|
||||
Name : DCERPC::ReadTimeout
|
||||
Current Setting: 10
|
||||
Description : The number of seconds to wait for DCERPC responses
|
||||
|
||||
Name : DisablePayloadHandler
|
||||
Current Setting: false
|
||||
Description : Disable the handler code for the selected payload
|
||||
|
||||
Name : EnableContextEncoding
|
||||
Current Setting: false
|
||||
Description : Use transient context when encoding payloads
|
||||
|
||||
Name : NTLM::SendLM
|
||||
Current Setting: true
|
||||
Description : Always send the LANMAN response (except when NTLMv2_session is
|
||||
specified)
|
||||
|
||||
Name : NTLM::SendNTLM
|
||||
Current Setting: true
|
||||
Description : Activate the 'Negotiate NTLM key' flag, indicating the use of
|
||||
NTLM responses
|
||||
|
||||
Name : NTLM::SendSPN
|
||||
Current Setting: true
|
||||
Description : Send an avp of type SPN in the ntlmv2 client Blob, this allow
|
||||
authentification on windows Seven/2008r2 when SPN is required
|
||||
|
||||
Name : NTLM::UseLMKey
|
||||
Current Setting: false
|
||||
Description : Activate the 'Negotiate Lan Manager Key' flag, using the LM key
|
||||
when the LM response is sent
|
||||
|
||||
Name : NTLM::UseNTLM2_session
|
||||
Current Setting: true
|
||||
Description : Activate the 'Negotiate NTLM2 key' flag, forcing the use of a
|
||||
NTLMv2_session
|
||||
|
||||
Name : NTLM::UseNTLMv2
|
||||
Current Setting: true
|
||||
Description : Use NTLMv2 instead of NTLM2_session when 'Negotiate NTLM2' key
|
||||
is true
|
||||
|
||||
Name : Proxies
|
||||
Current Setting:
|
||||
Description : Use a proxy chain
|
||||
|
||||
Name : SMB::ChunkSize
|
||||
Current Setting: 500
|
||||
Description : The chunk size for SMB segments, bigger values will increase
|
||||
speed but break NT 4.0 and SMB signing
|
||||
|
||||
Name : SMB::Native_LM
|
||||
Current Setting: Windows 2000 5.0
|
||||
Description : The Native LM to send during authentication
|
||||
|
||||
Name : SMB::Native_OS
|
||||
Current Setting: Windows 2000 2195
|
||||
Description : The Native OS to send during authentication
|
||||
|
||||
Name : SMB::VerifySignature
|
||||
Current Setting: false
|
||||
Description : Enforces client-side verification of server response signatures
|
||||
|
||||
Name : SMBDirect
|
||||
Current Setting: true
|
||||
Description : The target port is a raw SMB service (not NetBIOS)
|
||||
|
||||
Name : SMBDomain
|
||||
Current Setting: .
|
||||
Description : The Windows domain to use for authentication
|
||||
|
||||
Name : SMBName
|
||||
Current Setting: *SMBSERVER
|
||||
Description : The NetBIOS hostname (required for port 139 connections)
|
||||
|
||||
Name : SMBPass
|
||||
Current Setting:
|
||||
Description : The password for the specified username
|
||||
|
||||
Name : SMBUser
|
||||
Current Setting:
|
||||
Description : The username to authenticate as
|
||||
|
||||
Name : SSL
|
||||
Current Setting: false
|
||||
Description : Negotiate SSL for outgoing connections
|
||||
|
||||
Name : SSLCipher
|
||||
Current Setting:
|
||||
Description : String for SSL cipher - "DHE-RSA-AES256-SHA" or "ADH"
|
||||
|
||||
Name : SSLVerifyMode
|
||||
Current Setting: PEER
|
||||
Description : SSL verification method (accepted: CLIENT_ONCE,
|
||||
FAIL_IF_NO_PEER_CERT, NONE, PEER)
|
||||
|
||||
Name : SSLVersion
|
||||
Current Setting: SSL3
|
||||
Description : Specify the version of SSL that should be used (accepted: SSL2,
|
||||
SSL3, TLS1)
|
||||
|
||||
Name : VERBOSE
|
||||
Current Setting: false
|
||||
Description : Enable detailed status messages
|
||||
|
||||
Name : WORKSPACE
|
||||
Current Setting:
|
||||
Description : Specify the workspace for this module
|
||||
|
||||
Name : WfsDelay
|
||||
Current Setting: 0
|
||||
Description : Additional delay when waiting for a session
|
||||
"""
|
||||
|
||||
@targets
|
||||
Scenario: Show RHOST/etc variable expansion from a config file
|
||||
|
|
|
|||
|
|
@ -1,5 +0,0 @@
|
|||
Then /^the output should contain the following:$/ do |table|
|
||||
table.raw.flatten.each do |expected|
|
||||
assert_partial_output(expected, all_output)
|
||||
end
|
||||
end
|
||||
Loading…
Reference in New Issue