final wrap-up specs

successkid.jpg

spec/lib/metasploit/framework/login_scanner/mssql_spec.rb

@@ -2,6 +2,33 @@ require 'spec_helper'
 require 'metasploit/framework/login_scanner/mssql'
 
 describe Metasploit::Framework::LoginScanner::MSSQL do
+  let(:public) { 'root' }
+  let(:private) { 'toor' }
+
+  let(:pub_blank) {
+    Metasploit::Framework::LoginScanner::Credential.new(
+        paired: true,
+        public: public,
+        private: ''
+    )
+  }
+
+  let(:pub_pub) {
+    Metasploit::Framework::LoginScanner::Credential.new(
+        paired: true,
+        public: public,
+        private: public
+    )
+  }
+
+  let(:pub_pri) {
+    Metasploit::Framework::LoginScanner::Credential.new(
+        paired: true,
+        public: public,
+        private: private
+    )
+  }
+
 
   subject(:login_scanner) { described_class.new }
 
@@ -9,4 +36,58 @@ describe Metasploit::Framework::LoginScanner::MSSQL do
   it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
   it_behaves_like 'Metasploit::Framework::LoginScanner::NTLM'
 
+  it { should respond_to :windows_authentication }
+
+  context 'validations' do
+    context '#windows_authentication' do
+      it 'is not valid for the string true' do
+        login_scanner.windows_authentication = 'true'
+        expect(login_scanner).to_not be_valid
+        expect(login_scanner.errors[:windows_authentication]).to include 'is not included in the list'
+      end
+
+      it 'is not valid for the string false' do
+        login_scanner.windows_authentication = 'false'
+        expect(login_scanner).to_not be_valid
+        expect(login_scanner.errors[:windows_authentication]).to include 'is not included in the list'
+      end
+
+      it 'is  valid for true class' do
+        login_scanner.windows_authentication = true
+        expect(login_scanner.errors[:windows_authentication]).to be_empty
+      end
+
+      it 'is  valid for false class' do
+        login_scanner.windows_authentication = false
+        expect(login_scanner.errors[:windows_authentication]).to be_empty
+      end
+    end
+  end
+
+  context '#attempt_login' do
+    context 'when the is a connection error' do
+      it 'returns a result with the connection_error status' do
+        my_scanner = login_scanner
+        my_scanner.should_receive(:mssql_login).and_raise ::Rex::ConnectionError
+        expect(my_scanner.attempt_login(pub_blank).status).to eq :connection_error
+      end
+    end
+
+    context 'when the login fails' do
+      it 'returns a result object with a status of :failed' do
+        my_scanner = login_scanner
+        my_scanner.should_receive(:mssql_login).and_return false
+        expect(my_scanner.attempt_login(pub_blank).status).to eq :failed
+      end
+    end
+
+    context 'when the login succeeds' do
+      it 'returns a result object with a status of :success' do
+        my_scanner = login_scanner
+        my_scanner.should_receive(:mssql_login).and_return true
+        expect(my_scanner.attempt_login(pub_blank).status).to eq :success
+      end
+    end
+  end
+
 end

spec/support/shared/examples/lib/metasploit/framework/login_scanner/ntlm.rb

@@ -66,7 +66,7 @@ shared_examples_for 'Metasploit::Framework::LoginScanner::NTLM' do
       end
 
       it 'is not valid for the string false' do
-        login_scanner.stop_on_success = 'false'
+        login_scanner.send_spn = 'false'
         expect(login_scanner).to_not be_valid
         expect(login_scanner.errors[:send_spn]).to include 'is not included in the list'
       end