Redo try_glassfish_3 specs

2014-09-07 21:04:43 -05:00 · 2014-09-07 21:04:43 -05:00 · 768b50974f
parent 07238ef7b3
commit 768b50974f
2 changed files with 55 additions and 14 deletions
--- a/lib/metasploit/framework/login_scanner/glassfish.rb
+++ b/lib/metasploit/framework/login_scanner/glassfish.rb
@ -111,7 +111,7 @@ module Metasploit
        # @return (see #try_glassfish_2)
        def try_glassfish_3(credential)
          res = try_login(credential)
-          if res and res.code == 302
+          if res && res.code == 302
            opts = {
              'uri'     => '/common/applications/uploadFrame.jsf',
              'method'  => 'GET',
--- a/spec/lib/metasploit/framework/login_scanner/glassfish_spec.rb
+++ b/spec/lib/metasploit/framework/login_scanner/glassfish_spec.rb
@ -22,10 +22,18 @@ describe Metasploit::Framework::LoginScanner::Glassfish do
    'admin'
  end

+  let(:username_disabled) do
+    'admin_disabled'
+  end
+
  let(:password) do
    'password'
  end

+  let(:password_disabled) do
+    'password_disabled'
+  end
+
  let(:cred) do
    Metasploit::Framework::Credential.new(
      paired: true,
@ -42,6 +50,14 @@ describe Metasploit::Framework::LoginScanner::Glassfish do
    )
  end

+  let(:disabled_cred) do
+    Metasploit::Framework::Credential.new(
+        paired: true,
+        public: username_disabled,
+        private: password_disabled
+    )
+  end
+
  let(:res_code) do
    200
  end
@ -102,7 +118,6 @@ describe Metasploit::Framework::LoginScanner::Glassfish do

    before :each do
      allow_any_instance_of(Rex::Proto::Http::Client).to receive(:send_recv) do |req|
-        p "#{req.opts['uri']}"
        if req.opts['uri'] && req.opts['uri'].include?('j_security_check') &&
            req.opts['data'] &&
            req.opts['data'].include?("j_username=#{username}") &&
@ -136,26 +151,52 @@ describe Metasploit::Framework::LoginScanner::Glassfish do
  end

  context '#try_glassfish_3' do
+
+    let(:login_ok_message) do
+      '<title>Deploy Enterprise Applications/Modules</title>'
+    end
+
+    before :each do
+      allow_any_instance_of(Rex::Proto::Http::Client).to receive(:send_recv) do |req|
+        if req.opts['uri'] && req.opts['uri'].include?('j_security_check') &&
+            req.opts['data'] &&
+            req.opts['data'].include?("j_username=#{username}") &&
+            req. opts['data'].include?("j_password=#{password}")
+          res = Rex::Proto::Http::Response.new(302)
+          res.headers['Location'] = '/common/applications/uploadFrame.jsf'
+          res.headers['Set-Cookie'] = 'JSESSIONID=GOODSESSIONID'
+          res
+        elsif req.opts['uri'] && req.opts['uri'].include?('j_security_check') &&
+            req.opts['data'] &&
+            req.opts['data'].include?("j_username=#{username_disabled}") &&
+            req. opts['data'].include?("j_password=#{password_disabled}")
+          res = Rex::Proto::Http::Response.new(200)
+          res.body = 'Secure Admin must be enabled'
+        elsif req.opts['uri'] && req.opts['uri'].include?('j_security_check')
+          res = Rex::Proto::Http::Response.new(200)
+          res.body = 'bad login'
+        elsif req.opts['uri'] &&
+            req.opts['uri'].include?('/common/applications/uploadFrame.jsf')
+          res = Rex::Proto::Http::Response.new(200)
+          res.body = '<title>Deploy Applications or Modules'
+        else
+          res = Rex::Proto::Http::Response.new(404)
+        end
+
+        res
+      end
+    end
+
    it 'returns status Metasploit::Model::Login::Status::SUCCESSFUL for a valid credential' do
-      good_auth_res = Rex::Proto::Http::Response.new(302)
-      good_res = Rex::Proto::Http::Response.new(200)
-      good_res.stub(:body).and_return('<title>Deploy Applications or Modules</title>')
-      http_scanner.should_receive(:try_login).with(cred).and_return(good_auth_res)
-      http_scanner.should_receive(:send_request).with(kind_of(Hash)).and_return(good_res)
      http_scanner.try_glassfish_3(cred)[:status].should eq(Metasploit::Model::Login::Status::SUCCESSFUL)
    end

    it 'returns status Metasploit::Model::Login::Status::SUCCESSFUL based on a disabled remote admin message' do
-      good_auth_res = Rex::Proto::Http::Response.new(200)
-      good_auth_res.stub(:body).and_return('Secure Admin must be enabled')
-      http_scanner.should_receive(:try_login).with(cred).and_return(good_auth_res)
-      http_scanner.try_glassfish_3(cred)[:status].should eq(Metasploit::Model::Login::Status::SUCCESSFUL)
+      http_scanner.try_glassfish_3(disabled_cred)[:status].should eq(Metasploit::Model::Login::Status::SUCCESSFUL)
    end

    it 'returns status Metasploit::Model::Login::Status::INCORRECT for an invalid credential' do
-      bad_auth_res = Rex::Proto::Http::Response.new(200)
-      http_scanner.should_receive(:try_login).with(cred).and_return(bad_auth_res)
-      http_scanner.try_glassfish_3(cred)[:status].should eq(Metasploit::Model::Login::Status::INCORRECT)
+      http_scanner.try_glassfish_3(bad_cred)[:status].should eq(Metasploit::Model::Login::Status::INCORRECT)
    end
  end