From 939e585658883ebaddc1dd395832bc365877ee12 Mon Sep 17 00:00:00 2001 From: David Maloney Date: Tue, 15 Jul 2014 13:17:56 -0500 Subject: [PATCH] refactor all loginscanners loginscanners now use LoginStatus constants for the result statuses --- lib/metasploit/framework/login_scanner/afp.rb | 4 ++-- .../framework/login_scanner/axis2.rb | 6 ++--- lib/metasploit/framework/login_scanner/db2.rb | 8 +++---- lib/metasploit/framework/login_scanner/ftp.rb | 6 ++--- .../framework/login_scanner/http.rb | 6 ++--- .../framework/login_scanner/mssql.rb | 6 ++--- .../framework/login_scanner/mysql.rb | 12 +++++----- .../framework/login_scanner/pop3.rb | 6 ++--- .../framework/login_scanner/postgres.rb | 10 ++++---- lib/metasploit/framework/login_scanner/smb.rb | 14 +++++------ .../framework/login_scanner/snmp.rb | 4 ++-- lib/metasploit/framework/login_scanner/ssh.rb | 8 +++---- .../framework/login_scanner/telnet.rb | 8 +++---- lib/metasploit/framework/login_scanner/vnc.rb | 8 +++---- .../framework/login_scanner/afp_spec.rb | 14 +++++------ .../framework/login_scanner/db2_spec.rb | 6 ++--- .../framework/login_scanner/ftp_spec.rb | 12 +++++----- .../framework/login_scanner/mssql_spec.rb | 10 ++++---- .../framework/login_scanner/mysql_spec.rb | 24 +++++++++---------- .../framework/login_scanner/pop3_spec.rb | 16 ++++++------- .../framework/login_scanner/postgres_spec.rb | 8 +++---- .../framework/login_scanner/smb_spec.rb | 14 +++++------ .../framework/login_scanner/ssh_spec.rb | 20 ++++++++-------- .../framework/login_scanner/vnc_spec.rb | 14 +++++------ .../framework/login_scanner/http.rb | 12 +++++----- 25 files changed, 128 insertions(+), 128 deletions(-) diff --git a/lib/metasploit/framework/login_scanner/afp.rb b/lib/metasploit/framework/login_scanner/afp.rb index 9e23d10084..73d6f59294 100644 --- a/lib/metasploit/framework/login_scanner/afp.rb +++ b/lib/metasploit/framework/login_scanner/afp.rb @@ -29,10 +29,10 @@ module Metasploit begin connect rescue Rex::ConnectionError, EOFError, Timeout::Error - status = :connection_error + status = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT else success = login(credential.public, credential.private) - status = (success == true) ? :success : :failed + status = (success == true) ? Metasploit::Model::Login::Status::SUCCESSFUL : Metasploit::Model::Login::Status::INCORRECT end Result.new(credential: credential, status: status) diff --git a/lib/metasploit/framework/login_scanner/axis2.rb b/lib/metasploit/framework/login_scanner/axis2.rb index f9e06e0354..ef34c31040 100644 --- a/lib/metasploit/framework/login_scanner/axis2.rb +++ b/lib/metasploit/framework/login_scanner/axis2.rb @@ -34,12 +34,12 @@ module Metasploit response = http_client.send_recv(request) if response && response.code == 200 && response.body.include?("upload") - result_opts.merge!(status: :success, proof: response) + result_opts.merge!(status: Metasploit::Model::Login::Status::SUCCESSFUL, proof: response) else - result_opts.merge!(status: :failed, proof: response) + result_opts.merge!(status: Metasploit::Model::Login::Status::INCORRECT, proof: response) end rescue ::EOFError, Rex::ConnectionError, ::Timeout::Error - result_opts.merge!(status: :connection_error) + result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT) end Result.new(result_opts) diff --git a/lib/metasploit/framework/login_scanner/db2.rb b/lib/metasploit/framework/login_scanner/db2.rb index 61bfce756b..889a15d3dc 100644 --- a/lib/metasploit/framework/login_scanner/db2.rb +++ b/lib/metasploit/framework/login_scanner/db2.rb @@ -31,17 +31,17 @@ module Metasploit probe_data = send_probe(credential.realm) if probe_data.empty? - result_options[:status] = :connection_error + result_options[:status] = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT else if authenticate?(credential) - result_options[:status] = :success + result_options[:status] = Metasploit::Model::Login::Status::SUCCESSFUL else - result_options[:status] = :failed + result_options[:status] = Metasploit::Model::Login::Status::INCORRECT end end rescue ::Rex::ConnectionError, ::Rex::ConnectionTimeout, ::Rex::Proto::DRDA::RespError,::Timeout::Error => e result_options.merge!({ - status: :connection_error, + status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: e.message }) end diff --git a/lib/metasploit/framework/login_scanner/ftp.rb b/lib/metasploit/framework/login_scanner/ftp.rb index be93bd7074..3ac0a4d696 100644 --- a/lib/metasploit/framework/login_scanner/ftp.rb +++ b/lib/metasploit/framework/login_scanner/ftp.rb @@ -42,15 +42,15 @@ module Metasploit begin success = connect_login(credential.public, credential.private) rescue ::EOFError, Rex::AddressInUse, Rex::ConnectionError, Rex::ConnectionTimeout, ::Timeout::Error - result_options[:status] = :connection_error + result_options[:status] = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT success = false end if success - result_options[:status] = :success + result_options[:status] = Metasploit::Model::Login::Status::SUCCESSFUL elsif !(result_options.has_key? :status) - result_options[:status] = :failed + result_options[:status] = Metasploit::Model::Login::Status::INCORRECT end ::Metasploit::Framework::LoginScanner::Result.new(result_options) diff --git a/lib/metasploit/framework/login_scanner/http.rb b/lib/metasploit/framework/login_scanner/http.rb index f9a9039535..e3e45e7347 100644 --- a/lib/metasploit/framework/login_scanner/http.rb +++ b/lib/metasploit/framework/login_scanner/http.rb @@ -45,7 +45,7 @@ module Metasploit result_opts = { credential: credential, - status: :failed, + status: Metasploit::Model::Login::Status::INCORRECT, proof: nil } @@ -74,13 +74,13 @@ module Metasploit response, request.opts, connection_timeout, true ) if response && response.code == 200 - result_opts.merge!(status: :success, proof: response.headers) + result_opts.merge!(status: Metasploit::Model::Login::Status::SUCCESSFUL, proof: response.headers) end else result_opts.merge!(status: :no_auth_required) end rescue ::EOFError, Rex::ConnectionError, ::Timeout::Error - result_opts.merge!(status: :connection_error) + result_opts.merge!(status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT) ensure http_client.close end diff --git a/lib/metasploit/framework/login_scanner/mssql.rb b/lib/metasploit/framework/login_scanner/mssql.rb index 2d5ae1b7f2..ef2785e5ed 100644 --- a/lib/metasploit/framework/login_scanner/mssql.rb +++ b/lib/metasploit/framework/login_scanner/mssql.rb @@ -39,12 +39,12 @@ module Metasploit begin if mssql_login(credential.public, credential.private, '', credential.realm) - result_options[:status] = :success + result_options[:status] = Metasploit::Model::Login::Status::SUCCESSFUL else - result_options[:status] = :failed + result_options[:status] = Metasploit::Model::Login::Status::INCORRECT end rescue ::Rex::ConnectionError - result_options[:status] = :connection_error + result_options[:status] = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end ::Metasploit::Framework::LoginScanner::Result.new(result_options) diff --git a/lib/metasploit/framework/login_scanner/mysql.rb b/lib/metasploit/framework/login_scanner/mysql.rb index 2d19fcef46..7ebed038df 100644 --- a/lib/metasploit/framework/login_scanner/mysql.rb +++ b/lib/metasploit/framework/login_scanner/mysql.rb @@ -43,33 +43,33 @@ module Metasploit }) rescue Errno::ECONNREFUSED result_options.merge!({ - status: :connection_error, + status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: "Connection refused" }) rescue RbMysql::ClientError result_options.merge!({ - status: :connection_error, + status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: "Connection timeout" }) rescue Errno::ETIMEDOUT result_options.merge!({ - status: :connection_error, + status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: "Operation Timed out" }) rescue RbMysql::HostNotPrivileged result_options.merge!({ - status: :connection_error, + status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: "Unable to login from this host due to policy" }) rescue RbMysql::AccessDeniedError result_options.merge!({ - status: :failed, + status: Metasploit::Model::Login::Status::INCORRECT, proof: "Access Denied" }) end unless result_options[:status] - result_options[:status] = :success + result_options[:status] = Metasploit::Model::Login::Status::SUCCESSFUL end ::Metasploit::Framework::LoginScanner::Result.new(result_options) diff --git a/lib/metasploit/framework/login_scanner/pop3.rb b/lib/metasploit/framework/login_scanner/pop3.rb index 166f5c2d36..9bf9491029 100644 --- a/lib/metasploit/framework/login_scanner/pop3.rb +++ b/lib/metasploit/framework/login_scanner/pop3.rb @@ -26,7 +26,7 @@ module Metasploit def attempt_login(credential) result_options = { credential: credential, - status: :failed + status: Metasploit::Model::Login::Status::INCORRECT } disconnect if self.sock @@ -52,7 +52,7 @@ module Metasploit if result_options[:proof] && result_options[:proof][/^\+OK.*/] # if the pass gives an OK, were good to go - result_options[:status] = :success + result_options[:status] = Metasploit::Model::Login::Status::SUCCESSFUL end end end @@ -60,7 +60,7 @@ module Metasploit rescue Rex::ConnectionError, EOFError, Timeout::Error, Errno::EPIPE => e result_options.merge!( proof: e.message, - status: :connection_error + status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT ) end diff --git a/lib/metasploit/framework/login_scanner/postgres.rb b/lib/metasploit/framework/login_scanner/postgres.rb index bf81c3cefe..a5cc685ed2 100644 --- a/lib/metasploit/framework/login_scanner/postgres.rb +++ b/lib/metasploit/framework/login_scanner/postgres.rb @@ -42,17 +42,17 @@ module Metasploit case e.to_s.split("\t")[1] when "C3D000" result_options.merge!({ - status: :failed, + status: Metasploit::Model::Login::Status::INCORRECT, proof: "C3D000, Creds were good but database was bad" }) when "C28000", "C28P01" result_options.merge!({ - status: :failed, + status: Metasploit::Model::Login::Status::INCORRECT, proof: "Invalid username or password" }) else result_options.merge!({ - status: :failed, + status: Metasploit::Model::Login::Status::INCORRECT, proof: e.message }) end @@ -60,9 +60,9 @@ module Metasploit if pg_conn pg_conn.close - result_options[:status] = :success + result_options[:status] = Metasploit::Model::Login::Status::SUCCESSFUL else - result_options[:status] = :failed + result_options[:status] = Metasploit::Model::Login::Status::INCORRECT end ::Metasploit::Framework::LoginScanner::Result.new(result_options) diff --git a/lib/metasploit/framework/login_scanner/smb.rb b/lib/metasploit/framework/login_scanner/smb.rb index 2bbb1e3f00..dd40d877ba 100644 --- a/lib/metasploit/framework/login_scanner/smb.rb +++ b/lib/metasploit/framework/login_scanner/smb.rb @@ -149,7 +149,7 @@ module Metasploit begin connect rescue ::Rex::ConnectionError => e - return Result.new(credential:credential, status: :connection_error, proof: e) + return Result.new(credential:credential, status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT, proof: e) end proof = nil @@ -189,26 +189,26 @@ module Metasploit # If we made it this far without raising, we have a valid # login - status = :success + status = Metasploit::Model::Login::Status::SUCCESSFUL rescue ::Rex::Proto::SMB::Exceptions::LoginError => e status = case e.get_error(e.error_code) when *StatusCodes::CORRECT_CREDENTIAL_STATUS_CODES :correct when 'STATUS_LOGON_FAILURE', 'STATUS_ACCESS_DENIED' - :failed + Metasploit::Model::Login::Status::INCORRECT else - :failed + Metasploit::Model::Login::Status::INCORRECT end proof = e rescue ::Rex::Proto::SMB::Exceptions::Error => e - status = :failed + status = Metasploit::Model::Login::Status::INCORRECT proof = e rescue ::Rex::ConnectionError - status = :connection_error + status = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end - if status == :success && simple.client.auth_user.nil? + if status == Metasploit::Model::Login::Status::SUCCESSFUL && simple.client.auth_user.nil? access_level ||= AccessLevels::GUEST end diff --git a/lib/metasploit/framework/login_scanner/snmp.rb b/lib/metasploit/framework/login_scanner/snmp.rb index 8816a1888b..1972f29aef 100644 --- a/lib/metasploit/framework/login_scanner/snmp.rb +++ b/lib/metasploit/framework/login_scanner/snmp.rb @@ -39,9 +39,9 @@ module Metasploit result_options[:proof] = test_read_access(snmp_client) if result_options[:proof].nil? - result_options[:status] = :failed + result_options[:status] = Metasploit::Model::Login::Status::INCORRECT else - result_options[:status] = :success + result_options[:status] = Metasploit::Model::Login::Status::SUCCESSFUL if has_write_access?(snmp_client, result_options[:proof]) result_options[:access_level] = "read-write" else diff --git a/lib/metasploit/framework/login_scanner/ssh.rb b/lib/metasploit/framework/login_scanner/ssh.rb index bf9dbd9b71..d35e03c08b 100644 --- a/lib/metasploit/framework/login_scanner/ssh.rb +++ b/lib/metasploit/framework/login_scanner/ssh.rb @@ -79,17 +79,17 @@ module Metasploit ) end rescue ::EOFError, Net::SSH::Disconnect, Rex::AddressInUse, Rex::ConnectionError, ::Timeout::Error - result_options.merge!( proof: nil, status: :connection_error) + result_options.merge!( proof: nil, status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT) rescue Net::SSH::Exception - result_options.merge!( proof: nil, status: :failed) + result_options.merge!( proof: nil, status: Metasploit::Model::Login::Status::INCORRECT) end unless result_options.has_key? :status if ssh_socket proof = gather_proof - result_options.merge!( proof: proof, status: :success) + result_options.merge!( proof: proof, status: Metasploit::Model::Login::Status::SUCCESSFUL) else - result_options.merge!( proof: nil, status: :failed) + result_options.merge!( proof: nil, status: Metasploit::Model::Login::Status::INCORRECT) end end diff --git a/lib/metasploit/framework/login_scanner/telnet.rb b/lib/metasploit/framework/login_scanner/telnet.rb index 1e1d3f873c..b36b83496f 100644 --- a/lib/metasploit/framework/login_scanner/telnet.rb +++ b/lib/metasploit/framework/login_scanner/telnet.rb @@ -52,11 +52,11 @@ module Metasploit } if connect_reset_safe == :refused - result_options[:status] = :connection_error + result_options[:status] = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT else if busy_message? self.sock.close unless self.sock.closed? - result_options[:status] = :connection_error + result_options[:status] = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end end @@ -81,9 +81,9 @@ module Metasploit end if login_succeeded? - result_options[:status] = :success + result_options[:status] = Metasploit::Model::Login::Status::SUCCESSFUL else - result_options[:status] = :failed + result_options[:status] = Metasploit::Model::Login::Status::INCORRECT end end diff --git a/lib/metasploit/framework/login_scanner/vnc.rb b/lib/metasploit/framework/login_scanner/vnc.rb index 21316aa097..038ee9ffc3 100644 --- a/lib/metasploit/framework/login_scanner/vnc.rb +++ b/lib/metasploit/framework/login_scanner/vnc.rb @@ -53,23 +53,23 @@ module Metasploit if vnc.handshake if vnc_auth(vnc,credential.private) - result_options[:status] = :success + result_options[:status] = Metasploit::Model::Login::Status::SUCCESSFUL else result_options.merge!( proof: vnc.error, - status: :failed + status: Metasploit::Model::Login::Status::INCORRECT ) end else result_options.merge!( proof: vnc.error, - status: :connection_error + status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT ) end rescue ::EOFError, Errno::ENOTCONN, Rex::AddressInUse, Rex::ConnectionError, Rex::ConnectionTimeout, ::Timeout::Error => e result_options.merge!( proof: e.message, - status: :connection_error + status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT ) end diff --git a/spec/lib/metasploit/framework/login_scanner/afp_spec.rb b/spec/lib/metasploit/framework/login_scanner/afp_spec.rb index 5aa0a55d9a..2fc30ea51f 100644 --- a/spec/lib/metasploit/framework/login_scanner/afp_spec.rb +++ b/spec/lib/metasploit/framework/login_scanner/afp_spec.rb @@ -20,28 +20,28 @@ describe Metasploit::Framework::LoginScanner::AFP do ) end - it "Rex::ConnectionError should result in status :connection_error" do + it "Rex::ConnectionError should result in status Metasploit::Model::Login::Status::UNABLE_TO_CONNECT" do expect(scanner).to receive(:connect).and_raise(Rex::ConnectionError) result = scanner.attempt_login(pub_blank) expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result) - expect(result.status).to eq(:connection_error) + expect(result.status).to eq(Metasploit::Model::Login::Status::UNABLE_TO_CONNECT) end - it "Timeout::Error should result in status :connection_error" do + it "Timeout::Error should result in status Metasploit::Model::Login::Status::UNABLE_TO_CONNECT" do expect(scanner).to receive(:connect).and_raise(Timeout::Error) result = scanner.attempt_login(pub_blank) expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result) - expect(result.status).to eq(:connection_error) + expect(result.status).to eq(Metasploit::Model::Login::Status::UNABLE_TO_CONNECT) end - it "EOFError should result in status :connection_error" do + it "EOFError should result in status Metasploit::Model::Login::Status::UNABLE_TO_CONNECT" do expect(scanner).to receive(:connect).and_raise(EOFError) result = scanner.attempt_login(pub_blank) expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result) - expect(result.status).to eq(:connection_error) + expect(result.status).to eq(Metasploit::Model::Login::Status::UNABLE_TO_CONNECT) end it "considers :skip_user to mean failure" do @@ -50,7 +50,7 @@ describe Metasploit::Framework::LoginScanner::AFP do result = scanner.attempt_login(pub_blank) expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result) - expect(result.status).to eq(:failed) + expect(result.status).to eq(Metasploit::Model::Login::Status::INCORRECT) end end diff --git a/spec/lib/metasploit/framework/login_scanner/db2_spec.rb b/spec/lib/metasploit/framework/login_scanner/db2_spec.rb index b189325340..531d788a2d 100644 --- a/spec/lib/metasploit/framework/login_scanner/db2_spec.rb +++ b/spec/lib/metasploit/framework/login_scanner/db2_spec.rb @@ -19,7 +19,7 @@ describe Metasploit::Framework::LoginScanner::DB2 do my_scanner = login_scanner my_scanner.should_receive(:connect).and_raise ::Rex::ConnectionError result = my_scanner.attempt_login(test_cred) - expect(result.status).to eq :connection_error + expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT expect(result.proof).to eq ::Rex::ConnectionError.new.to_s end @@ -27,7 +27,7 @@ describe Metasploit::Framework::LoginScanner::DB2 do my_scanner = login_scanner my_scanner.should_receive(:connect).and_raise ::Rex::ConnectionTimeout result = my_scanner.attempt_login(test_cred) - expect(result.status).to eq :connection_error + expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT expect(result.proof).to eq ::Rex::ConnectionTimeout.new.to_s end @@ -35,7 +35,7 @@ describe Metasploit::Framework::LoginScanner::DB2 do my_scanner = login_scanner my_scanner.should_receive(:connect).and_raise ::Timeout::Error result = my_scanner.attempt_login(test_cred) - expect(result.status).to eq :connection_error + expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT expect(result.proof).to eq ::Timeout::Error.new.to_s end end diff --git a/spec/lib/metasploit/framework/login_scanner/ftp_spec.rb b/spec/lib/metasploit/framework/login_scanner/ftp_spec.rb index a6bff50954..326667e641 100644 --- a/spec/lib/metasploit/framework/login_scanner/ftp_spec.rb +++ b/spec/lib/metasploit/framework/login_scanner/ftp_spec.rb @@ -103,24 +103,24 @@ describe Metasploit::Framework::LoginScanner::FTP do context 'when it fails' do - it 'returns :connection_error for a Rex::ConnectionError' do + it 'returns Metasploit::Model::Login::Status::UNABLE_TO_CONNECT for a Rex::ConnectionError' do Rex::Socket::Tcp.should_receive(:create) { raise Rex::ConnectionError } - expect(ftp_scanner.attempt_login(pub_pri).status).to eq :connection_error + expect(ftp_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end - it 'returns :connection_error for a Rex::AddressInUse' do + it 'returns Metasploit::Model::Login::Status::UNABLE_TO_CONNECT for a Rex::AddressInUse' do Rex::Socket::Tcp.should_receive(:create) { raise Rex::AddressInUse } - expect(ftp_scanner.attempt_login(pub_pri).status).to eq :connection_error + expect(ftp_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end it 'returns :connection_disconnect for a ::EOFError' do Rex::Socket::Tcp.should_receive(:create) { raise ::EOFError } - expect(ftp_scanner.attempt_login(pub_pri).status).to eq :connection_error + expect(ftp_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end it 'returns :connection_disconnect for a ::Timeout::Error' do Rex::Socket::Tcp.should_receive(:create) { raise ::Timeout::Error } - expect(ftp_scanner.attempt_login(pub_pri).status).to eq :connection_error + expect(ftp_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end end diff --git a/spec/lib/metasploit/framework/login_scanner/mssql_spec.rb b/spec/lib/metasploit/framework/login_scanner/mssql_spec.rb index c00f3c61a0..f419105c05 100644 --- a/spec/lib/metasploit/framework/login_scanner/mssql_spec.rb +++ b/spec/lib/metasploit/framework/login_scanner/mssql_spec.rb @@ -69,23 +69,23 @@ describe Metasploit::Framework::LoginScanner::MSSQL do it 'returns a result with the connection_error status' do my_scanner = login_scanner my_scanner.should_receive(:mssql_login).and_raise ::Rex::ConnectionError - expect(my_scanner.attempt_login(pub_blank).status).to eq :connection_error + expect(my_scanner.attempt_login(pub_blank).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end end context 'when the login fails' do - it 'returns a result object with a status of :failed' do + it 'returns a result object with a status of Metasploit::Model::Login::Status::INCORRECT' do my_scanner = login_scanner my_scanner.should_receive(:mssql_login).and_return false - expect(my_scanner.attempt_login(pub_blank).status).to eq :failed + expect(my_scanner.attempt_login(pub_blank).status).to eq Metasploit::Model::Login::Status::INCORRECT end end context 'when the login succeeds' do - it 'returns a result object with a status of :success' do + it 'returns a result object with a status of Metasploit::Model::Login::Status::SUCCESSFUL' do my_scanner = login_scanner my_scanner.should_receive(:mssql_login).and_return true - expect(my_scanner.attempt_login(pub_blank).status).to eq :success + expect(my_scanner.attempt_login(pub_blank).status).to eq Metasploit::Model::Login::Status::SUCCESSFUL end end end diff --git a/spec/lib/metasploit/framework/login_scanner/mysql_spec.rb b/spec/lib/metasploit/framework/login_scanner/mysql_spec.rb index 44f870696e..6bc5a3df61 100644 --- a/spec/lib/metasploit/framework/login_scanner/mysql_spec.rb +++ b/spec/lib/metasploit/framework/login_scanner/mysql_spec.rb @@ -36,17 +36,17 @@ describe Metasploit::Framework::LoginScanner::MySQL do context '#attempt_login' do context 'when the attempt is successful' do - it 'returns a result object with a status of :success' do + it 'returns a result object with a status of Metasploit::Model::Login::Status::SUCCESSFUL' do ::RbMysql.should_receive(:connect).and_return "fake mysql handle" - expect(login_scanner.attempt_login(pub_pri).status).to eq :success + expect(login_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::SUCCESSFUL end end context 'when the attempt is unsuccessful' do context 'due to connection refused' do - it 'returns a result with a status of :connection_error' do + it 'returns a result with a status of Metasploit::Model::Login::Status::UNABLE_TO_CONNECT' do ::RbMysql.should_receive(:connect).and_raise Errno::ECONNREFUSED - expect(login_scanner.attempt_login(pub_pub).status).to eq :connection_error + expect(login_scanner.attempt_login(pub_pub).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end it 'returns a result with the proof containing an appropriate error message' do @@ -56,9 +56,9 @@ describe Metasploit::Framework::LoginScanner::MySQL do end context 'due to connection timeout' do - it 'returns a result with a status of :connection_error' do + it 'returns a result with a status of Metasploit::Model::Login::Status::UNABLE_TO_CONNECT' do ::RbMysql.should_receive(:connect).and_raise RbMysql::ClientError - expect(login_scanner.attempt_login(pub_pub).status).to eq :connection_error + expect(login_scanner.attempt_login(pub_pub).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end it 'returns a result with the proof containing an appropriate error message' do @@ -68,9 +68,9 @@ describe Metasploit::Framework::LoginScanner::MySQL do end context 'due to operation timeout' do - it 'returns a result with a status of :connection_error' do + it 'returns a result with a status of Metasploit::Model::Login::Status::UNABLE_TO_CONNECT' do ::RbMysql.should_receive(:connect).and_raise Errno::ETIMEDOUT - expect(login_scanner.attempt_login(pub_pub).status).to eq :connection_error + expect(login_scanner.attempt_login(pub_pub).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end it 'returns a result with the proof containing an appropriate error message' do @@ -80,9 +80,9 @@ describe Metasploit::Framework::LoginScanner::MySQL do end context 'due to not being allowed to connect from this host' do - it 'returns a result with a status of :connection_error' do + it 'returns a result with a status of Metasploit::Model::Login::Status::UNABLE_TO_CONNECT' do ::RbMysql.should_receive(:connect).and_raise RbMysql::HostNotPrivileged, "Host not privileged" - expect(login_scanner.attempt_login(pub_pub).status).to eq :connection_error + expect(login_scanner.attempt_login(pub_pub).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end it 'returns a result with the proof containing an appropriate error message' do @@ -92,9 +92,9 @@ describe Metasploit::Framework::LoginScanner::MySQL do end context 'due to access denied' do - it 'returns a result with a status of :failed' do + it 'returns a result with a status of Metasploit::Model::Login::Status::INCORRECT' do ::RbMysql.should_receive(:connect).and_raise RbMysql::AccessDeniedError, "Access Denied" - expect(login_scanner.attempt_login(pub_pub).status).to eq :failed + expect(login_scanner.attempt_login(pub_pub).status).to eq Metasploit::Model::Login::Status::INCORRECT end it 'returns a result with the proof containing an appropriate error message' do diff --git a/spec/lib/metasploit/framework/login_scanner/pop3_spec.rb b/spec/lib/metasploit/framework/login_scanner/pop3_spec.rb index e07b7d482e..ccefb2b97e 100644 --- a/spec/lib/metasploit/framework/login_scanner/pop3_spec.rb +++ b/spec/lib/metasploit/framework/login_scanner/pop3_spec.rb @@ -17,28 +17,28 @@ describe Metasploit::Framework::LoginScanner::POP3 do ) end context "Raised Exceptions" do - it "Rex::ConnectionError should result in status :connection_error" do + it "Rex::ConnectionError should result in status Metasploit::Model::Login::Status::UNABLE_TO_CONNECT" do expect(scanner).to receive(:connect).and_raise(Rex::ConnectionError) result = scanner.attempt_login(pub_blank) expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result) - expect(result.status).to eq(:connection_error) + expect(result.status).to eq(Metasploit::Model::Login::Status::UNABLE_TO_CONNECT) end - it "Timeout::Error should result in status :connection_error" do + it "Timeout::Error should result in status Metasploit::Model::Login::Status::UNABLE_TO_CONNECT" do expect(scanner).to receive(:connect).and_raise(Timeout::Error) result = scanner.attempt_login(pub_blank) expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result) - expect(result.status).to eq(:connection_error) + expect(result.status).to eq(Metasploit::Model::Login::Status::UNABLE_TO_CONNECT) end - it "EOFError should result in status :connection_error" do + it "EOFError should result in status Metasploit::Model::Login::Status::UNABLE_TO_CONNECT" do expect(scanner).to receive(:connect).and_raise(EOFError) result = scanner.attempt_login(pub_blank) expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result) - expect(result.status).to eq(:connection_error) + expect(result.status).to eq(Metasploit::Model::Login::Status::UNABLE_TO_CONNECT) end end @@ -62,7 +62,7 @@ describe Metasploit::Framework::LoginScanner::POP3 do result = scanner.attempt_login(pub_blank) expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result) - expect(result.status).to eq(:success) + expect(result.status).to eq(Metasploit::Model::Login::Status::SUCCESSFUL) end @@ -72,7 +72,7 @@ describe Metasploit::Framework::LoginScanner::POP3 do result = scanner.attempt_login(pub_blank) expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result) - expect(result.status).to eq(:failed) + expect(result.status).to eq(Metasploit::Model::Login::Status::INCORRECT) expect(result.proof).to eq("+ERROR") end diff --git a/spec/lib/metasploit/framework/login_scanner/postgres_spec.rb b/spec/lib/metasploit/framework/login_scanner/postgres_spec.rb index 739a25eaec..029f07c642 100644 --- a/spec/lib/metasploit/framework/login_scanner/postgres_spec.rb +++ b/spec/lib/metasploit/framework/login_scanner/postgres_spec.rb @@ -33,7 +33,7 @@ describe Metasploit::Framework::LoginScanner::Postgres do fake_conn = "fake_connection" Msf::Db::PostgresPR::Connection.should_receive(:new).and_return fake_conn fake_conn.should_receive(:close) - expect(login_scanner.attempt_login(full_cred).status).to eq :success + expect(login_scanner.attempt_login(full_cred).status).to eq Metasploit::Model::Login::Status::SUCCESSFUL end end @@ -48,7 +48,7 @@ describe Metasploit::Framework::LoginScanner::Postgres do it 'includes the details in the result proof' do Msf::Db::PostgresPR::Connection.should_receive(:new).and_raise RuntimeError, "blah\tC3D000" result = login_scanner.attempt_login(cred_no_realm) - expect(result.status).to eq :failed + expect(result.status).to eq Metasploit::Model::Login::Status::INCORRECT expect(result.proof).to eq "C3D000, Creds were good but database was bad" end end @@ -57,7 +57,7 @@ describe Metasploit::Framework::LoginScanner::Postgres do it 'includes a message in proof, indicating why it failed' do Msf::Db::PostgresPR::Connection.should_receive(:new).and_raise RuntimeError, "blah\tC28000" result = login_scanner.attempt_login(cred_no_realm) - expect(result.status).to eq :failed + expect(result.status).to eq Metasploit::Model::Login::Status::INCORRECT expect(result.proof).to eq "Invalid username or password" end end @@ -66,7 +66,7 @@ describe Metasploit::Framework::LoginScanner::Postgres do it 'returns a failure with the error message in the proof' do Msf::Db::PostgresPR::Connection.should_receive(:new).and_raise RuntimeError, "unknown error" result = login_scanner.attempt_login(cred_no_realm) - expect(result.status).to eq :failed + expect(result.status).to eq Metasploit::Model::Login::Status::INCORRECT expect(result.proof).to eq "unknown error" end end diff --git a/spec/lib/metasploit/framework/login_scanner/smb_spec.rb b/spec/lib/metasploit/framework/login_scanner/smb_spec.rb index b6ea4c848c..2fecd3c738 100644 --- a/spec/lib/metasploit/framework/login_scanner/smb_spec.rb +++ b/spec/lib/metasploit/framework/login_scanner/smb_spec.rb @@ -78,7 +78,7 @@ describe Metasploit::Framework::LoginScanner::SMB do context 'when there is a connection error' do it 'returns a result with the connection_error status' do login_scanner.stub_chain(:simple, :login).and_raise ::Rex::ConnectionError - expect(login_scanner.attempt_login(pub_blank).status).to eq :connection_error + expect(login_scanner.attempt_login(pub_blank).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end end @@ -109,10 +109,10 @@ describe Metasploit::Framework::LoginScanner::SMB do end context 'when the login fails' do - it 'returns a result object with a status of :failed' do + it 'returns a result object with a status of Metasploit::Model::Login::Status::INCORRECT' do login_scanner.stub_chain(:simple, :login).and_return false login_scanner.stub_chain(:simple, :connect).and_raise Rex::Proto::SMB::Exceptions::Error - expect(login_scanner.attempt_login(pub_blank).status).to eq :failed + expect(login_scanner.attempt_login(pub_blank).status).to eq Metasploit::Model::Login::Status::INCORRECT end end @@ -125,10 +125,10 @@ describe Metasploit::Framework::LoginScanner::SMB do login_scanner.simple.stub(:disconnect) end - it 'returns a result object with a status of :success' do + it 'returns a result object with a status of Metasploit::Model::Login::Status::SUCCESSFUL' do login_scanner.stub_chain(:simple, :login).and_return true result = login_scanner.attempt_login(pub_blank) - expect(result.status).to eq :success + expect(result.status).to eq Metasploit::Model::Login::Status::SUCCESSFUL expect(result.access_level).to eq described_class::AccessLevels::ADMINISTRATOR end end @@ -143,10 +143,10 @@ describe Metasploit::Framework::LoginScanner::SMB do login_scanner.simple.stub(:connect).with(/.*ipc\$/i) end - it 'returns a result object with a status of :success' do + it 'returns a result object with a status of Metasploit::Model::Login::Status::SUCCESSFUL' do login_scanner.stub_chain(:simple, :login).and_return true result = login_scanner.attempt_login(pub_blank) - expect(result.status).to eq :success + expect(result.status).to eq Metasploit::Model::Login::Status::SUCCESSFUL expect(result.access_level).to_not eq described_class::AccessLevels::ADMINISTRATOR end end diff --git a/spec/lib/metasploit/framework/login_scanner/ssh_spec.rb b/spec/lib/metasploit/framework/login_scanner/ssh_spec.rb index 71af4b2aa2..e36d723c72 100644 --- a/spec/lib/metasploit/framework/login_scanner/ssh_spec.rb +++ b/spec/lib/metasploit/framework/login_scanner/ssh_spec.rb @@ -162,39 +162,39 @@ describe Metasploit::Framework::LoginScanner::SSH do context 'when it fails' do - it 'returns :connection_error for a Rex::ConnectionError' do + it 'returns Metasploit::Model::Login::Status::UNABLE_TO_CONNECT for a Rex::ConnectionError' do Net::SSH.should_receive(:start) { raise Rex::ConnectionError } - expect(ssh_scanner.attempt_login(pub_pri).status).to eq :connection_error + expect(ssh_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end - it 'returns :connection_error for a Rex::AddressInUse' do + it 'returns Metasploit::Model::Login::Status::UNABLE_TO_CONNECT for a Rex::AddressInUse' do Net::SSH.should_receive(:start) { raise Rex::AddressInUse } - expect(ssh_scanner.attempt_login(pub_pri).status).to eq :connection_error + expect(ssh_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end it 'returns :connection_disconnect for a Net::SSH::Disconnect' do Net::SSH.should_receive(:start) { raise Net::SSH::Disconnect } - expect(ssh_scanner.attempt_login(pub_pri).status).to eq :connection_error + expect(ssh_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end it 'returns :connection_disconnect for a ::EOFError' do Net::SSH.should_receive(:start) { raise ::EOFError } - expect(ssh_scanner.attempt_login(pub_pri).status).to eq :connection_error + expect(ssh_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end it 'returns :connection_disconnect for a ::Timeout::Error' do Net::SSH.should_receive(:start) { raise ::Timeout::Error } - expect(ssh_scanner.attempt_login(pub_pri).status).to eq :connection_error + expect(ssh_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end it 'returns [:fail,nil] for a Net::SSH::Exception' do Net::SSH.should_receive(:start) { raise Net::SSH::Exception } - expect(ssh_scanner.attempt_login(pub_pri).status).to eq :failed + expect(ssh_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::INCORRECT end it 'returns [:fail,nil] if no socket returned' do Net::SSH.should_receive(:start).and_return nil - expect(ssh_scanner.attempt_login(pub_pri).status).to eq :failed + expect(ssh_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::INCORRECT end end @@ -211,7 +211,7 @@ describe Metasploit::Framework::LoginScanner::SSH do Net::SSH.should_receive(:start) {"fake_socket"} my_scanner = ssh_scanner my_scanner.should_receive(:gather_proof).and_return(public) - expect(my_scanner.attempt_login(pub_pri).status).to eq :success + expect(my_scanner.attempt_login(pub_pri).status).to eq Metasploit::Model::Login::Status::SUCCESSFUL end end end diff --git a/spec/lib/metasploit/framework/login_scanner/vnc_spec.rb b/spec/lib/metasploit/framework/login_scanner/vnc_spec.rb index 50076c4b91..ce265dbddd 100644 --- a/spec/lib/metasploit/framework/login_scanner/vnc_spec.rb +++ b/spec/lib/metasploit/framework/login_scanner/vnc_spec.rb @@ -25,14 +25,14 @@ describe Metasploit::Framework::LoginScanner::VNC do it 'returns a connection_error result when the handshake fails' do Rex::Proto::RFB::Client.any_instance.should_receive(:handshake).and_return false result = login_scanner.attempt_login(test_cred) - expect(result.status).to eq :connection_error + expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT end it 'returns a failed result when authentication fails' do Rex::Proto::RFB::Client.any_instance.should_receive(:handshake).and_return true Rex::Proto::RFB::Client.any_instance.should_receive(:authenticate).with(private).and_return false result = login_scanner.attempt_login(test_cred) - expect(result.status).to eq :failed + expect(result.status).to eq Metasploit::Model::Login::Status::INCORRECT end context 'when the socket errors' do @@ -40,7 +40,7 @@ describe Metasploit::Framework::LoginScanner::VNC do my_scanner = login_scanner my_scanner.should_receive(:connect).and_raise ::EOFError result = my_scanner.attempt_login(test_cred) - expect(result.status).to eq :connection_error + expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT expect(result.proof).to eq ::EOFError.new.to_s end @@ -48,7 +48,7 @@ describe Metasploit::Framework::LoginScanner::VNC do my_scanner = login_scanner my_scanner.should_receive(:connect).and_raise ::Rex::AddressInUse result = my_scanner.attempt_login(test_cred) - expect(result.status).to eq :connection_error + expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT expect(result.proof).to eq ::Rex::AddressInUse.new.to_s end @@ -56,7 +56,7 @@ describe Metasploit::Framework::LoginScanner::VNC do my_scanner = login_scanner my_scanner.should_receive(:connect).and_raise ::Rex::ConnectionError result = my_scanner.attempt_login(test_cred) - expect(result.status).to eq :connection_error + expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT expect(result.proof).to eq ::Rex::ConnectionError.new.to_s end @@ -64,7 +64,7 @@ describe Metasploit::Framework::LoginScanner::VNC do my_scanner = login_scanner my_scanner.should_receive(:connect).and_raise ::Rex::ConnectionTimeout result = my_scanner.attempt_login(test_cred) - expect(result.status).to eq :connection_error + expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT expect(result.proof).to eq ::Rex::ConnectionTimeout.new.to_s end @@ -72,7 +72,7 @@ describe Metasploit::Framework::LoginScanner::VNC do my_scanner = login_scanner my_scanner.should_receive(:connect).and_raise ::Timeout::Error result = my_scanner.attempt_login(test_cred) - expect(result.status).to eq :connection_error + expect(result.status).to eq Metasploit::Model::Login::Status::UNABLE_TO_CONNECT expect(result.proof).to eq ::Timeout::Error.new.to_s end end diff --git a/spec/support/shared/examples/metasploit/framework/login_scanner/http.rb b/spec/support/shared/examples/metasploit/framework/login_scanner/http.rb index 734ac278ab..480e5679a2 100644 --- a/spec/support/shared/examples/metasploit/framework/login_scanner/http.rb +++ b/spec/support/shared/examples/metasploit/framework/login_scanner/http.rb @@ -56,22 +56,22 @@ shared_examples_for 'Metasploit::Framework::LoginScanner::HTTP' do ) } - it "Rex::ConnectionError should result in status :connection_error" do + it "Rex::ConnectionError should result in status Metasploit::Model::Login::Status::UNABLE_TO_CONNECT" do allow_any_instance_of(Rex::Proto::Http::Client).to receive(:connect).and_raise(Rex::ConnectionError) - expect(http_scanner.attempt_login(pub_blank).status).to eq(:connection_error) + expect(http_scanner.attempt_login(pub_blank).status).to eq(Metasploit::Model::Login::Status::UNABLE_TO_CONNECT) end - it "Timeout::Error should result in status :connection_error" do + it "Timeout::Error should result in status Metasploit::Model::Login::Status::UNABLE_TO_CONNECT" do allow_any_instance_of(Rex::Proto::Http::Client).to receive(:connect).and_raise(Timeout::Error) - expect(http_scanner.attempt_login(pub_blank).status).to eq(:connection_error) + expect(http_scanner.attempt_login(pub_blank).status).to eq(Metasploit::Model::Login::Status::UNABLE_TO_CONNECT) end - it "EOFError should result in status :connection_error" do + it "EOFError should result in status Metasploit::Model::Login::Status::UNABLE_TO_CONNECT" do allow_any_instance_of(Rex::Proto::Http::Client).to receive(:connect).and_raise(EOFError) - expect(http_scanner.attempt_login(pub_blank).status).to eq(:connection_error) + expect(http_scanner.attempt_login(pub_blank).status).to eq(Metasploit::Model::Login::Status::UNABLE_TO_CONNECT) end end