Add a couple more specs for CredentialCollection

Also fixes some typos in docs
2014-06-06 12:12:32 -05:00 · 2014-06-06 12:12:32 -05:00 · 552899ef13
parent 2ee408e9db
commit 552899ef13
2 changed files with 59 additions and 7 deletions
--- a/lib/metasploit/framework/credential_collection.rb
+++ b/lib/metasploit/framework/credential_collection.rb
@ -10,12 +10,12 @@ class Metasploit::Framework::CredentialCollection
  #   Path to a file containing passwords, one per line
  #   @return [String]
  attr_accessor :pass_file
-  # @!attribute realm
-  #   @return [String]
-  attr_accessor :realm
  # @!attribute password
  #   @return [String]
  attr_accessor :password
+  # @!attribute realm
+  #   @return [String]
+  attr_accessor :realm
  # @!attribute user_as_pass
  #   Whether each username should be tried as a password for that user
  #   @return [Boolean]
@ -27,7 +27,7 @@ class Metasploit::Framework::CredentialCollection
  # @!attribute username
  #   @return [String]
  attr_accessor :username
-  # @!attribute user_file
+  # @!attribute userpass_file
  #   Path to a file containing usernames and passwords seperated by a space,
  #   one pair per line
  #   @return [String]
--- a/spec/lib/metasploit/framework/credential_collection_spec.rb
+++ b/spec/lib/metasploit/framework/credential_collection_spec.rb
@ -6,18 +6,22 @@ describe Metasploit::Framework::CredentialCollection do
  describe "#each" do
    subject(:collection) do
      described_class.new(
-        username: username,
-        password: password,
-        user_file: user_file,
+        blank_passwords: blank_passwords,
        pass_file: pass_file,
+        password: password,
+        user_as_pass: user_as_pass,
+        user_file: user_file,
+        username: username,
        userpass_file: userpass_file,
      )
    end

+    let(:blank_passwords) { nil }
    let(:username) { "user" }
    let(:password) { "pass" }
    let(:user_file) { nil }
    let(:pass_file) { nil }
+    let(:user_as_pass) { nil }
    let(:userpass_file) { nil }

    specify do
@ -80,6 +84,54 @@ describe Metasploit::Framework::CredentialCollection do
      end
    end

+    context "when given a pass_file and user_file" do
+      let(:password) { nil }
+      let(:username) { nil }
+      let(:user_file) do
+        filename = "user_file"
+        stub_file = StringIO.new("asdf\njkl\n")
+        File.stub(:open).with(filename,/^r/).and_yield stub_file
+
+        filename
+      end
+      let(:pass_file) do
+        filename = "pass_file"
+        stub_file = StringIO.new("asdf\njkl\n")
+        File.stub(:open).with(filename,/^r/).and_return stub_file
+
+        filename
+      end
+
+      specify  do
+        expect { |b| collection.each(&b) }.to yield_successive_args(
+          Metasploit::Framework::Credential.new(public: "asdf", private: "asdf"),
+          Metasploit::Framework::Credential.new(public: "asdf", private: "jkl"),
+          Metasploit::Framework::Credential.new(public: "jkl", private: "asdf"),
+          Metasploit::Framework::Credential.new(public: "jkl", private: "jkl"),
+        )
+      end
+    end
+
+    context "when :user_as_pass is true" do
+      let(:user_as_pass) { true }
+      specify  do
+        expect { |b| collection.each(&b) }.to yield_successive_args(
+          Metasploit::Framework::Credential.new(public: username, private: password),
+          Metasploit::Framework::Credential.new(public: username, private: username),
+        )
+      end
+    end
+
+    context "when :blank_passwords is true" do
+      let(:blank_passwords) { true }
+      specify  do
+        expect { |b| collection.each(&b) }.to yield_successive_args(
+          Metasploit::Framework::Credential.new(public: username, private: password),
+          Metasploit::Framework::Credential.new(public: username, private: ""),
+        )
+      end
+    end
+
  end

 end