Solve conflicts
commit
b37e1a5421
|
@ -20,6 +20,7 @@ require 'msf/core/auxiliary/login'
|
|||
require 'msf/core/auxiliary/rservices'
|
||||
require 'msf/core/auxiliary/cisco'
|
||||
require 'msf/core/auxiliary/nmap'
|
||||
require 'msf/core/auxiliary/natpmp'
|
||||
require 'msf/core/auxiliary/iax2'
|
||||
require 'msf/core/auxiliary/ntp'
|
||||
require 'msf/core/auxiliary/pii'
|
||||
|
|
|
@ -0,0 +1,27 @@
|
|||
# -*- coding: binary -*-
|
||||
require 'rex/proto/natpmp'
|
||||
|
||||
module Msf
|
||||
|
||||
###
|
||||
#
|
||||
# This module provides methods for working with NAT-PMP
|
||||
#
|
||||
###
|
||||
module Auxiliary::NATPMP
|
||||
|
||||
include Auxiliary::Scanner
|
||||
include Rex::Proto::NATPMP
|
||||
|
||||
def initialize(info = {})
|
||||
super
|
||||
register_options(
|
||||
[
|
||||
Opt::RPORT(Rex::Proto::NATPMP::DefaultPort),
|
||||
Opt::CHOST
|
||||
],
|
||||
self.class
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
|
@ -12,20 +12,20 @@ module Proto
|
|||
module NATPMP
|
||||
|
||||
# Return a NAT-PMP request to get the external address.
|
||||
def self.external_address_request
|
||||
def external_address_request
|
||||
[ 0, 0 ].pack('nn')
|
||||
end
|
||||
|
||||
# Parse a NAT-PMP external address response +resp+.
|
||||
# Returns the decoded parts of the response as an array.
|
||||
def self.parse_external_address_response(resp)
|
||||
(ver, op, result, epoch, addr) = resp.unpack("CCvVN")
|
||||
def parse_external_address_response(resp)
|
||||
(ver, op, result, epoch, addr) = resp.unpack("CCnNN")
|
||||
[ ver, op, result, epoch, Rex::Socket::addr_itoa(addr) ]
|
||||
end
|
||||
|
||||
# Return a NAT-PMP request to map remote port +rport+/+protocol+ to local port +lport+ for +lifetime+ ms
|
||||
def self.map_port_request(lport, rport, protocol, lifetime)
|
||||
[ Rex::Proto::NATPMP::Version, # version
|
||||
def map_port_request(lport, rport, protocol, lifetime)
|
||||
[ Rex::Proto::NATPMP::Version, # version
|
||||
protocol, # opcode, which is now the protocol we are asking to forward
|
||||
0, # reserved
|
||||
lport,
|
||||
|
@ -36,8 +36,8 @@ module NATPMP
|
|||
|
||||
# Parse a NAT-PMP mapping response +resp+.
|
||||
# Returns the decoded parts as an array.
|
||||
def self.parse_map_port_response(resp)
|
||||
resp.unpack("CCvVnnN")
|
||||
def parse_map_port_response(resp)
|
||||
resp.unpack("CCnNnnN")
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -4,12 +4,13 @@
|
|||
##
|
||||
|
||||
require 'msf/core'
|
||||
require 'rex/proto/natpmp'
|
||||
|
||||
class Metasploit3 < Msf::Auxiliary
|
||||
|
||||
include Msf::Auxiliary::Report
|
||||
include Msf::Auxiliary::Scanner
|
||||
include Msf::Auxiliary::NATPMP
|
||||
include Rex::Proto::NATPMP
|
||||
|
||||
def initialize
|
||||
super(
|
||||
|
@ -21,12 +22,10 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
register_options(
|
||||
[
|
||||
Opt::LPORT,
|
||||
Opt::RPORT,
|
||||
OptInt.new('NATPMPPORT', [true, "NAT-PMP port to use", Rex::Proto::NATPMP::DefaultPort]),
|
||||
OptPort.new('EXTERNAL_PORT', [true, 'The external port to foward from']),
|
||||
OptPort.new('INTERNAL_PORT', [true, 'The internal port to forward to']),
|
||||
OptInt.new('LIFETIME', [true, "Time in ms to keep this port forwarded", 3600000]),
|
||||
OptEnum.new('PROTOCOL', [true, "Protocol to forward", 'TCP', %w(TCP UDP)]),
|
||||
Opt::CHOST
|
||||
],
|
||||
self.class
|
||||
)
|
||||
|
@ -43,21 +42,20 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
# get the external address first
|
||||
vprint_status "#{host} - NATPMP - Probing for external address"
|
||||
req = Rex::Proto::NATPMP.external_address_request
|
||||
udp_sock.sendto(req, host, datastore['NATPMPPORT'], 0)
|
||||
udp_sock.sendto(external_address_request, host, datastore['RPORT'], 0)
|
||||
external_address = nil
|
||||
while (r = udp_sock.recvfrom(12, 1) and r[1])
|
||||
(ver, op, result, epoch, external_address) = Rex::Proto::NATPMP.parse_external_address_response(r[0])
|
||||
(ver, op, result, epoch, external_address) = parse_external_address_response(r[0])
|
||||
end
|
||||
|
||||
vprint_status "#{host} - NATPMP - Sending mapping request"
|
||||
# build the mapping request
|
||||
req = Rex::Proto::NATPMP.map_port_request(
|
||||
datastore['LPORT'].to_i, datastore['RPORT'].to_i,
|
||||
req = map_port_request(
|
||||
datastore['INTERNAL_PORT'], datastore['EXTERNAL_PORT'],
|
||||
Rex::Proto::NATPMP.const_get(datastore['PROTOCOL']), datastore['LIFETIME']
|
||||
)
|
||||
# send it
|
||||
udp_sock.sendto(req, host, datastore['NATPMPPORT'], 0)
|
||||
udp_sock.sendto(req, host, datastore['RPORT'], 0)
|
||||
# handle the reply
|
||||
while (r = udp_sock.recvfrom(16, 1) and r[1])
|
||||
handle_reply(Rex::Socket.source_address(host), host, external_address, r)
|
||||
|
@ -78,12 +76,12 @@ class Metasploit3 < Msf::Auxiliary
|
|||
pkt[1] = pkt[1].sub(/^::ffff:/, '')
|
||||
end
|
||||
|
||||
(ver, op, result, epoch, internal_port, external_port, lifetime) = Rex::Proto::NATPMP.parse_map_port_response(pkt[0])
|
||||
(ver, op, result, epoch, internal_port, external_port, lifetime) = parse_map_port_response(pkt[0])
|
||||
|
||||
if (result == 0)
|
||||
if (datastore['RPORT'].to_i != external_port)
|
||||
if (datastore['EXTERNAL_PORT'] != external_port)
|
||||
print_status( "#{external_address} " +
|
||||
"#{datastore['RPORT']}/#{datastore['PROTOCOL']} -> #{map_target} " +
|
||||
"#{datastore['EXTERNAL_PORT']}/#{datastore['PROTOCOL']} -> #{map_target} " +
|
||||
"#{internal_port}/#{datastore['PROTOCOL']} couldn't be forwarded")
|
||||
end
|
||||
print_status( "#{external_address} " +
|
||||
|
|
|
@ -4,12 +4,14 @@
|
|||
##
|
||||
|
||||
require 'msf/core'
|
||||
require 'rex/proto/natpmp'
|
||||
|
||||
class Metasploit3 < Msf::Auxiliary
|
||||
|
||||
include Msf::Auxiliary::Report
|
||||
include Msf::Auxiliary::Scanner
|
||||
include Msf::Exploit::Remote::Udp
|
||||
include Msf::Auxiliary::UDPScanner
|
||||
include Msf::Auxiliary::NATPMP
|
||||
include Rex::Proto::NATPMP
|
||||
|
||||
def initialize
|
||||
super(
|
||||
|
@ -19,68 +21,43 @@ class Metasploit3 < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE
|
||||
)
|
||||
|
||||
register_options(
|
||||
[
|
||||
Opt::RPORT(Rex::Proto::NATPMP::DefaultPort),
|
||||
Opt::CHOST
|
||||
],
|
||||
self.class
|
||||
)
|
||||
end
|
||||
|
||||
def run_host(host)
|
||||
begin
|
||||
udp_sock = Rex::Socket::Udp.create({
|
||||
'LocalHost' => datastore['CHOST'] || nil,
|
||||
'Context' => {'Msf' => framework, 'MsfExploit' => self}
|
||||
})
|
||||
add_socket(udp_sock)
|
||||
vprint_status "#{host}:#{datastore['RPORT']} - NATPMP - Probing for external address"
|
||||
def scan_host(ip)
|
||||
scanner_send(@probe, ip, datastore['RPORT'])
|
||||
end
|
||||
|
||||
udp_sock.sendto(Rex::Proto::NATPMP.external_address_request, host, datastore['RPORT'].to_i, 0)
|
||||
while (r = udp_sock.recvfrom(12, 1.0) and r[1])
|
||||
handle_reply(host, r)
|
||||
def scanner_prescan(batch)
|
||||
@probe = external_address_request
|
||||
end
|
||||
|
||||
def scanner_process(data, shost, sport)
|
||||
(ver, op, result, epoch, external_address) = parse_external_address_response(data)
|
||||
|
||||
peer = "#{shost}:#{sport}"
|
||||
if (ver == 0 && op == 128 && result == 0)
|
||||
print_good("#{peer} -- external address #{external_address}")
|
||||
# report its external address as alive
|
||||
if inside_workspace_boundary?(external_address)
|
||||
report_host(
|
||||
:host => external_address,
|
||||
:state => Msf::HostState::Alive
|
||||
)
|
||||
end
|
||||
rescue ::Interrupt
|
||||
raise $!
|
||||
rescue ::Rex::HostUnreachable, ::Rex::ConnectionTimeout, ::Rex::ConnectionRefused
|
||||
nil
|
||||
rescue ::Exception => e
|
||||
print_error("#{host}:#{datastore['RPORT']} Unknown error: #{e.class} #{e}")
|
||||
end
|
||||
end
|
||||
|
||||
def handle_reply(host, pkt)
|
||||
return if not pkt[1]
|
||||
|
||||
if(pkt[1] =~ /^::ffff:/)
|
||||
pkt[1] = pkt[1].sub(/^::ffff:/, '')
|
||||
end
|
||||
|
||||
(ver, op, result, epoch, external_address) = Rex::Proto::NATPMP.parse_external_address_response(pkt[0])
|
||||
|
||||
if (result == 0)
|
||||
print_status("#{host} -- external address #{external_address}")
|
||||
else
|
||||
print_error("#{peer} -- unexpected version/opcode/result/address: #{ver}/#{op}/#{result}/#{external_address}")
|
||||
end
|
||||
|
||||
# report the host we scanned as alive
|
||||
report_host(
|
||||
:host => host,
|
||||
:host => shost,
|
||||
:state => Msf::HostState::Alive
|
||||
)
|
||||
|
||||
# also report its external address as alive
|
||||
if inside_workspace_boundary?(external_address)
|
||||
report_host(
|
||||
:host => external_address,
|
||||
:state => Msf::HostState::Alive
|
||||
)
|
||||
end
|
||||
|
||||
# report NAT-PMP as being open
|
||||
report_service(
|
||||
:host => host,
|
||||
:port => pkt[2],
|
||||
:host => shost,
|
||||
:port => sport,
|
||||
:proto => 'udp',
|
||||
:name => 'natpmp',
|
||||
:state => Msf::ServiceState::Open
|
||||
|
|
|
@ -5,12 +5,13 @@
|
|||
|
||||
|
||||
require 'msf/core'
|
||||
require 'rex/proto/natpmp'
|
||||
|
||||
class Metasploit3 < Msf::Auxiliary
|
||||
|
||||
include Msf::Auxiliary::Report
|
||||
include Msf::Auxiliary::Scanner
|
||||
include Msf::Auxiliary::NATPMP
|
||||
include Rex::Proto::NATPMP
|
||||
|
||||
def initialize
|
||||
super(
|
||||
|
@ -22,10 +23,8 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
register_options(
|
||||
[
|
||||
Opt::RPORT(Rex::Proto::NATPMP::DefaultPort),
|
||||
OptString.new('PORTS', [true, "Ports to scan (e.g. 22-25,80,110-900)", "1-1000"]),
|
||||
OptEnum.new('PROTOCOL', [true, "Protocol to scan", 'TCP', %w(TCP UDP)]),
|
||||
Opt::CHOST
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
@ -36,32 +35,33 @@ class Metasploit3 < Msf::Auxiliary
|
|||
'Context' => {'Msf' => framework, 'MsfExploit' => self} }
|
||||
)
|
||||
add_socket(udp_sock)
|
||||
vprint_status "Scanning #{datastore['PROTOCOL']} ports #{datastore['PORTS']} on #{host} using NATPMP"
|
||||
peer = "#{host}:#{datastore['RPORT']}"
|
||||
vprint_status("#{peer} Scanning #{datastore['PROTOCOL']} ports #{datastore['PORTS']} using NATPMP")
|
||||
|
||||
# first, send a request to get the external address
|
||||
udp_sock.sendto(Rex::Proto::NATPMP.external_address_request, host, datastore['RPORT'].to_i, 0)
|
||||
udp_sock.sendto(external_address_request, host, datastore['RPORT'], 0)
|
||||
external_address = nil
|
||||
while (r = udp_sock.recvfrom(12, 0.25) and r[1])
|
||||
(ver,op,result,epoch,external_address) = Rex::Proto::NATPMP.parse_external_address_response(r[0])
|
||||
(ver,op,result,epoch,external_address) = parse_external_address_response(r[0])
|
||||
end
|
||||
|
||||
if (external_address)
|
||||
print_good("External address of #{host} is #{external_address}")
|
||||
print_good("#{peer} responded with external address of #{external_address}")
|
||||
else
|
||||
print_error("Didn't get a response for #{host}'s external address")
|
||||
vprint_status("#{peer} didn't respond with an external address")
|
||||
return
|
||||
end
|
||||
|
||||
Rex::Socket.portspec_crack(datastore['PORTS']).each do |port|
|
||||
# send one request to clear the mapping if *we've* created it before
|
||||
clear_req = Rex::Proto::NATPMP.map_port_request(port, port, Rex::Proto::NATPMP.const_get(datastore['PROTOCOL']), 0)
|
||||
udp_sock.sendto(clear_req, host, datastore['RPORT'].to_i, 0)
|
||||
clear_req = map_port_request(port, port, Rex::Proto::NATPMP.const_get(datastore['PROTOCOL']), 0)
|
||||
udp_sock.sendto(clear_req, host, datastore['RPORT'], 0)
|
||||
while (r = udp_sock.recvfrom(16, 1.0) and r[1])
|
||||
end
|
||||
|
||||
# now try the real mapping
|
||||
map_req = Rex::Proto::NATPMP.map_port_request(port, port, Rex::Proto::NATPMP.const_get(datastore['PROTOCOL']), 1)
|
||||
udp_sock.sendto(map_req, host, datastore['RPORT'].to_i, 0)
|
||||
map_req = map_port_request(port, port, Rex::Proto::NATPMP.const_get(datastore['PROTOCOL']), 1)
|
||||
udp_sock.sendto(map_req, host, datastore['RPORT'], 0)
|
||||
while (r = udp_sock.recvfrom(16, 1.0) and r[1])
|
||||
handle_reply(host, external_address, r)
|
||||
end
|
||||
|
@ -85,21 +85,22 @@ class Metasploit3 < Msf::Auxiliary
|
|||
host = pkt[1]
|
||||
protocol = datastore['PROTOCOL'].to_s.downcase
|
||||
|
||||
(ver, op, result, epoch, int, ext, lifetime) = Rex::Proto::NATPMP.parse_map_port_response(pkt[0])
|
||||
(ver, op, result, epoch, int, ext, lifetime) = parse_map_port_response(pkt[0])
|
||||
peer = "#{host}:#{datastore['RPORT']}"
|
||||
if (result == 0)
|
||||
# we always ask to map an external port to the same port on us. If
|
||||
# we get a successful reponse back but the port we requested be forwarded
|
||||
# is different, that means that someone else already has it open
|
||||
if (int != ext)
|
||||
state = Msf::ServiceState::Open
|
||||
print_status("#{external_addr} - #{int}/#{protocol} #{state} because of successful mapping with unmatched ports")
|
||||
print_good("#{peer} #{external_addr} - #{int}/#{protocol} #{state} because of successful mapping with unmatched ports")
|
||||
else
|
||||
state = Msf::ServiceState::Closed
|
||||
print_status("#{external_addr} - #{int}/#{protocol} #{state} because of successful mapping with matched ports") if (datastore['DEBUG'])
|
||||
print_status("#{peer} #{external_addr} - #{int}/#{protocol} #{state} because of successful mapping with matched ports") if (datastore['DEBUG'])
|
||||
end
|
||||
else
|
||||
state = Msf::ServiceState::Closed
|
||||
print_status("#{external_addr} - #{int}/#{protocol} #{state} because of code #{result} response") if (datastore['DEBUG'])
|
||||
print_status("#{peer} #{external_addr} - #{int}/#{protocol} #{state} because of code #{result} response") if (datastore['DEBUG'])
|
||||
end
|
||||
|
||||
if inside_workspace_boundary?(external_addr)
|
||||
|
|
|
@ -11,4 +11,4 @@ FactoryGirl.define do
|
|||
sequence :mdm_web_vuln_description do |n|
|
||||
"Mdm::WebVuln#description #{n}"
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -6,4 +6,4 @@ FactoryGirl.modify do
|
|||
}
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -51,7 +51,7 @@ describe ActiveRecord::ConnectionAdapters::ConnectionPool do
|
|||
it 'should be false' do
|
||||
thread = Thread.new do
|
||||
Thread.current.should_not == main_thread
|
||||
expect(active_connection?).to be_false
|
||||
expect(active_connection?).to be_falsey
|
||||
end
|
||||
|
||||
thread.join
|
||||
|
@ -129,7 +129,7 @@ describe ActiveRecord::ConnectionAdapters::ConnectionPool do
|
|||
|
||||
context 'without active thread connection' do
|
||||
it 'should return false from #active_connection?' do
|
||||
expect(connection_pool.active_connection?).to be_false
|
||||
expect(connection_pool.active_connection?).to be_falsey
|
||||
end
|
||||
|
||||
context 'with error' do
|
||||
|
|
|
@ -69,7 +69,7 @@ describe FastLib do
|
|||
end
|
||||
|
||||
it 'should create an archive' do
|
||||
File.exist?(@destination_path).should be_false
|
||||
File.exist?(@destination_path).should be_falsey
|
||||
|
||||
described_class.dump(@destination_path, flag_string, base_path, *unarchived_paths)
|
||||
|
||||
|
@ -127,7 +127,7 @@ describe FastLib do
|
|||
end
|
||||
|
||||
it 'should create an archive' do
|
||||
File.exist?(@destination_path).should be_false
|
||||
File.exist?(@destination_path).should be_falsey
|
||||
|
||||
described_class.dump(@destination_path, flag_string, base_path, *unarchived_paths)
|
||||
|
||||
|
@ -138,8 +138,8 @@ describe FastLib do
|
|||
uncompressed_path = "#{@destination_path}.uncompressed"
|
||||
compressed_path = "#{@destination_path}.compressed"
|
||||
|
||||
File.exist?(uncompressed_path).should be_false
|
||||
File.exist?(compressed_path).should be_false
|
||||
File.exist?(uncompressed_path).should be_falsey
|
||||
File.exist?(compressed_path).should be_falsey
|
||||
|
||||
described_class.dump(uncompressed_path, '', base_path, *unarchived_paths)
|
||||
described_class.dump(compressed_path, flag_string, base_path, *unarchived_paths)
|
||||
|
@ -157,7 +157,7 @@ describe FastLib do
|
|||
end
|
||||
|
||||
it 'should create an archive' do
|
||||
File.exist?(@destination_path).should be_false
|
||||
File.exist?(@destination_path).should be_falsey
|
||||
|
||||
described_class.dump(@destination_path, flag_string, base_path, *unarchived_paths)
|
||||
|
||||
|
@ -171,7 +171,7 @@ describe FastLib do
|
|||
end
|
||||
|
||||
it 'should create an archive' do
|
||||
File.exist?(@destination_path).should be_false
|
||||
File.exist?(@destination_path).should be_falsey
|
||||
|
||||
described_class.dump(@destination_path, flag_string, base_path, *unarchived_paths)
|
||||
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
|
|
@ -245,4 +245,4 @@ describe Metasploit::Framework::JtR::Cracker do
|
|||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -35,4 +35,4 @@ describe Metasploit::Framework::JtR::InvalidWordlist do
|
|||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -135,4 +135,4 @@ describe Metasploit::Framework::JtR::Wordlist do
|
|||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -41,4 +41,4 @@ describe Metasploit::Framework::LoginScanner::DB2 do
|
|||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -131,4 +131,4 @@ describe Metasploit::Framework::LoginScanner::FTP do
|
|||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -90,4 +90,4 @@ describe Metasploit::Framework::LoginScanner::MSSQL do
|
|||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -105,4 +105,4 @@ describe Metasploit::Framework::LoginScanner::MySQL do
|
|||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -8,7 +8,7 @@ describe Metasploit::Framework::LoginScanner::POP3 do
|
|||
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
||||
|
||||
context "#attempt_login" do
|
||||
|
||||
|
||||
let(:pub_blank) do
|
||||
Metasploit::Framework::Credential.new(
|
||||
paired: true,
|
||||
|
@ -41,10 +41,10 @@ describe Metasploit::Framework::LoginScanner::POP3 do
|
|||
expect(result.status).to eq(Metasploit::Model::Login::Status::UNABLE_TO_CONNECT)
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
context "Open Connection" do
|
||||
let(:sock) {double('socket')}
|
||||
|
||||
|
||||
before(:each) do
|
||||
sock.stub(:shutdown)
|
||||
sock.stub(:close)
|
||||
|
@ -53,30 +53,30 @@ describe Metasploit::Framework::LoginScanner::POP3 do
|
|||
scanner.stub(:sock).and_return(sock)
|
||||
scanner.should_receive(:select).with([sock],nil,nil,0.4)
|
||||
end
|
||||
|
||||
|
||||
it "Server returns +OK" do
|
||||
expect(sock).to receive(:get_once).exactly(3).times.and_return("+OK")
|
||||
expect(sock).to receive(:put).with("USER public\r\n").once.ordered
|
||||
expect(sock).to receive(:put).with("PASS \r\n").once.ordered
|
||||
|
||||
|
||||
result = scanner.attempt_login(pub_blank)
|
||||
|
||||
expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result)
|
||||
expect(result.status).to eq(Metasploit::Model::Login::Status::SUCCESSFUL)
|
||||
|
||||
|
||||
end
|
||||
|
||||
|
||||
it "Server Returns Something Else" do
|
||||
sock.stub(:get_once).and_return("+ERROR")
|
||||
|
||||
|
||||
result = scanner.attempt_login(pub_blank)
|
||||
|
||||
expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result)
|
||||
expect(result.status).to eq(Metasploit::Model::Login::Status::INCORRECT)
|
||||
expect(result.proof).to eq("+ERROR")
|
||||
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -72,4 +72,4 @@ describe Metasploit::Framework::LoginScanner::Postgres do
|
|||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -36,10 +36,10 @@ describe Metasploit::Framework::LoginScanner::Result do
|
|||
context 'when the status code is anything else' do
|
||||
let(:status) { :connection_error }
|
||||
it 'returns false' do
|
||||
expect(login_result.success?).to be_false
|
||||
expect(login_result.success?).to be_falsey
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -53,4 +53,4 @@ describe Metasploit::Framework::LoginScanner::SNMP do
|
|||
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -75,4 +75,4 @@ describe Metasploit::Framework::LoginScanner::Telnet do
|
|||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -81,4 +81,4 @@ describe Metasploit::Framework::LoginScanner::VNC do
|
|||
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -8,4 +8,4 @@ describe Msf::Simple::Framework do
|
|||
end
|
||||
|
||||
it_should_behave_like 'Msf::Simple::Framework::ModulePaths'
|
||||
end
|
||||
end
|
||||
|
|
|
@ -358,7 +358,7 @@ describe Msf::Exploit::CmdStager do
|
|||
end
|
||||
|
||||
it "isn't compatible" do
|
||||
expect(subject.compatible_flavor?(flavor)).to be_false
|
||||
expect(subject.compatible_flavor?(flavor)).to be_falsey
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -385,7 +385,7 @@ describe Msf::Exploit::CmdStager do
|
|||
end
|
||||
|
||||
it "isn't compatible" do
|
||||
expect(subject.compatible_flavor?(flavor)).to be_false
|
||||
expect(subject.compatible_flavor?(flavor)).to be_falsey
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -412,7 +412,7 @@ describe Msf::Exploit::CmdStager do
|
|||
end
|
||||
|
||||
it "isn't compatible" do
|
||||
expect(subject.compatible_flavor?(flavor)).to be_false
|
||||
expect(subject.compatible_flavor?(flavor)).to be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -108,7 +108,7 @@ describe Msf::Exploit::Powershell do
|
|||
it 'should substitute variables' do
|
||||
script = File.read(example_script)
|
||||
compressed = subject.compress_script(script)
|
||||
decompress(compressed).include?('$hashes').should be_false
|
||||
decompress(compressed).include?('$hashes').should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -132,7 +132,7 @@ describe Msf::Exploit::Powershell do
|
|||
it 'should substitute functions' do
|
||||
script = File.read(example_script)
|
||||
compressed = subject.compress_script(script)
|
||||
decompress(compressed).include?('DumpHashes').should be_false
|
||||
decompress(compressed).include?('DumpHashes').should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -228,7 +228,7 @@ describe Msf::Exploit::Powershell do
|
|||
end
|
||||
it 'shouldnt add a persistance loop' do
|
||||
code = subject.cmd_psh_payload(payload, arch)
|
||||
decompress(code).include?('while(1){Start-Sleep -s ').should be_false
|
||||
decompress(code).include?('while(1){Start-Sleep -s ').should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -250,7 +250,7 @@ describe Msf::Exploit::Powershell do
|
|||
end
|
||||
it 'shouldnt prepend sleep' do
|
||||
code = subject.cmd_psh_payload(payload, arch)
|
||||
decompress(code).include?('Start-Sleep -s ').should be_false
|
||||
decompress(code).include?('Start-Sleep -s ').should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -261,7 +261,7 @@ describe Msf::Exploit::Powershell do
|
|||
end
|
||||
it 'shouldnt prepend sleep' do
|
||||
code = subject.cmd_psh_payload(payload, arch)
|
||||
decompress(code).include?('Start-Sleep -s ').should be_false
|
||||
decompress(code).include?('Start-Sleep -s ').should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -364,16 +364,16 @@ describe Msf::Exploit::Powershell do
|
|||
context 'when no_equals is false' do
|
||||
it 'should contain a final payload with -e' do
|
||||
code = subject.cmd_psh_payload(payload, arch, {:encode_final_payload => true, :no_equals => false})
|
||||
code.include?(' -e ').should be_truthy
|
||||
code.include?(' -c ').should be_false
|
||||
code.include?(' -e ').should be_true
|
||||
code.include?(' -c ').should be_falsey
|
||||
end
|
||||
end
|
||||
context 'when no_equals is true' do
|
||||
it 'should contain a final payload with -e' do
|
||||
code = subject.cmd_psh_payload(payload, arch, {:encode_final_payload => true, :no_equals => true})
|
||||
code.include?(' -e ').should be_truthy
|
||||
code.include?(' -c ').should be_false
|
||||
code.include?('=').should be_false
|
||||
code.include?(' -e ').should be_true
|
||||
code.include?(' -c ').should be_falsey
|
||||
code.include?('=').should be_falsey
|
||||
end
|
||||
end
|
||||
context 'when encode_inner_payload is true' do
|
||||
|
@ -392,7 +392,7 @@ describe Msf::Exploit::Powershell do
|
|||
context 'when remove_comspec' do
|
||||
it 'shouldnt contain %COMSPEC%' do
|
||||
code = subject.cmd_psh_payload(payload, arch, {:remove_comspec => true})
|
||||
code.include?('%COMSPEC%').should be_false
|
||||
code.include?('%COMSPEC%').should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -292,4 +292,4 @@ describe Msf::Exploit::Remote::BrowserExploitServer do
|
|||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -86,4 +86,4 @@ describe Msf::Handler::ReverseHttp::UriChecksum do
|
|||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -10,7 +10,7 @@ shared_examples "search_filter" do |opts|
|
|||
accept.each do |query|
|
||||
it "should accept a query containing '#{query}'" do
|
||||
# if the subject matches, search_filter returns false ("don't filter me out!")
|
||||
subject.search_filter(query).should be_false
|
||||
subject.search_filter(query).should be_falsey
|
||||
end
|
||||
|
||||
unless opts.has_key?(:test_inverse) and not opts[:test_inverse]
|
||||
|
|
|
@ -127,7 +127,7 @@ describe Msf::Modules::Loader::Archive do
|
|||
end
|
||||
|
||||
it 'should ignore types that are not enabled' do
|
||||
module_manager.type_enabled?(disabled_type).should be_false
|
||||
module_manager.type_enabled?(disabled_type).should be_falsey
|
||||
|
||||
subject.send(:each_module_reference_name, @archive_path) do |parent_path, type, module_reference_name|
|
||||
type.should_not == disabled_type
|
||||
|
@ -180,7 +180,7 @@ describe Msf::Modules::Loader::Archive do
|
|||
|
||||
path.should include(described_class::ARCHIVE_EXTENSION)
|
||||
File.extname(path).should_not == described_class::ARCHIVE_EXTENSION
|
||||
subject.loadable?(path).should be_false
|
||||
subject.loadable?(path).should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -268,7 +268,7 @@ describe Msf::Modules::Loader::Base do
|
|||
end
|
||||
|
||||
it 'should return false if :force is false' do
|
||||
subject.load_module(parent_path, type, module_reference_name, :force => false).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name, :force => false).should be_falsey
|
||||
end
|
||||
|
||||
it 'should not call #read_module_content' do
|
||||
|
@ -352,7 +352,7 @@ describe Msf::Modules::Loader::Base do
|
|||
|
||||
# if the module eval error includes the module_path then the module_path was passed along correctly
|
||||
subject.should_receive(:elog).with(/#{Regexp.escape(module_path)}/)
|
||||
subject.load_module(parent_path, type, module_reference_name, :reload => true).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name, :reload => true).should be_falsey
|
||||
end
|
||||
|
||||
context 'with empty module content' do
|
||||
|
@ -361,12 +361,12 @@ describe Msf::Modules::Loader::Base do
|
|||
end
|
||||
|
||||
it 'should return false' do
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
end
|
||||
|
||||
it 'should not attempt to make a new namespace_module' do
|
||||
subject.should_not_receive(:namespace_module_transaction)
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -426,7 +426,7 @@ describe Msf::Modules::Loader::Base do
|
|||
|
||||
it 'should record the load error using the original error' do
|
||||
subject.should_receive(:load_error).with(module_path, error)
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -457,14 +457,14 @@ describe Msf::Modules::Loader::Base do
|
|||
|
||||
it 'should record the load error using the Msf::Modules::VersionCompatibilityError' do
|
||||
subject.should_receive(:load_error).with(module_path, version_compatibility_error)
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
it 'should return false' do
|
||||
@namespace_module.stub(:version_compatible!).with(module_path, module_reference_name)
|
||||
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -520,11 +520,11 @@ describe Msf::Modules::Loader::Base do
|
|||
|
||||
it 'should record the load error' do
|
||||
subject.should_receive(:load_error).with(module_path, version_compatibility_error)
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
end
|
||||
|
||||
it 'should return false' do
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
end
|
||||
|
||||
it 'should restore the old namespace module' do
|
||||
|
@ -558,16 +558,16 @@ describe Msf::Modules::Loader::Base do
|
|||
module_path,
|
||||
kind_of(Msf::Modules::MetasploitClassCompatibilityError)
|
||||
)
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
end
|
||||
|
||||
it 'should return false' do
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
end
|
||||
|
||||
it 'should restore the old namespace module' do
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
Msf::Modules.const_defined?(relative_name).should be_truthy
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
Msf::Modules.const_defined?(relative_name).should be_true
|
||||
Msf::Modules.const_get(relative_name).should == @original_namespace_module
|
||||
end
|
||||
end
|
||||
|
@ -593,16 +593,16 @@ describe Msf::Modules::Loader::Base do
|
|||
|
||||
it 'should log information' do
|
||||
subject.should_receive(:ilog).with(/#{module_reference_name}/, 'core', LEV_1)
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
end
|
||||
|
||||
it 'should return false' do
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
end
|
||||
|
||||
it 'should restore the old namespace module' do
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
Msf::Modules.const_defined?(relative_name).should be_truthy
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
Msf::Modules.const_defined?(relative_name).should be_true
|
||||
Msf::Modules.const_get(relative_name).should == @original_namespace_module
|
||||
end
|
||||
end
|
||||
|
@ -654,7 +654,7 @@ describe Msf::Modules::Loader::Base do
|
|||
it 'should set the count to 1 if it does not exist' do
|
||||
count_by_type = {}
|
||||
|
||||
count_by_type.has_key?(type).should be_false
|
||||
count_by_type.has_key?(type).should be_falsey
|
||||
subject.load_module(
|
||||
parent_path,
|
||||
type,
|
||||
|
@ -802,7 +802,7 @@ describe Msf::Modules::Loader::Base do
|
|||
end
|
||||
|
||||
it 'should return nil if the module is not defined' do
|
||||
Msf::Modules.const_defined?(relative_name).should be_false
|
||||
Msf::Modules.const_defined?(relative_name).should be_falsey
|
||||
subject.send(:current_module, module_names).should be_nil
|
||||
end
|
||||
|
||||
|
@ -838,7 +838,7 @@ describe Msf::Modules::Loader::Base do
|
|||
it 'should return false if path is hidden' do
|
||||
hidden_path = '.hidden/path/file.rb'
|
||||
|
||||
subject.send(:module_path?, hidden_path).should be_false
|
||||
subject.send(:module_path?, hidden_path).should be_falsey
|
||||
end
|
||||
|
||||
it 'should return false if the file extension is not MODULE_EXTENSION' do
|
||||
|
@ -846,21 +846,21 @@ describe Msf::Modules::Loader::Base do
|
|||
path = "path/with/wrong/extension#{non_module_extension}"
|
||||
|
||||
non_module_extension.should_not == described_class::MODULE_EXTENSION
|
||||
subject.send(:module_path?, path).should be_false
|
||||
subject.send(:module_path?, path).should be_falsey
|
||||
end
|
||||
|
||||
it 'should return false if the file is a unit test' do
|
||||
unit_test_extension = '.rb.ut.rb'
|
||||
path = "path/to/unit_test#{unit_test_extension}"
|
||||
|
||||
subject.send(:module_path?, path).should be_false
|
||||
subject.send(:module_path?, path).should be_falsey
|
||||
end
|
||||
|
||||
it 'should return false if the file is a test suite' do
|
||||
test_suite_extension = '.rb.ts.rb'
|
||||
path = "path/to/test_suite#{test_suite_extension}"
|
||||
|
||||
subject.send(:module_path?, path).should be_false
|
||||
subject.send(:module_path?, path).should be_falsey
|
||||
end
|
||||
|
||||
it 'should return true otherwise' do
|
||||
|
@ -1022,7 +1022,7 @@ describe Msf::Modules::Loader::Base do
|
|||
it 'should return false' do
|
||||
subject.send(:namespace_module_transaction, module_full_name) { |namespace_module|
|
||||
false
|
||||
}.should be_false
|
||||
}.should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -1077,7 +1077,7 @@ describe Msf::Modules::Loader::Base do
|
|||
end
|
||||
|
||||
it 'should remove the created namespace module' do
|
||||
Msf::Modules.const_defined?(relative_name).should be_false
|
||||
Msf::Modules.const_defined?(relative_name).should be_falsey
|
||||
|
||||
begin
|
||||
subject.send(:namespace_module_transaction, module_full_name) do |namespace_module|
|
||||
|
@ -1088,7 +1088,7 @@ describe Msf::Modules::Loader::Base do
|
|||
rescue error_class
|
||||
end
|
||||
|
||||
Msf::Modules.const_defined?(relative_name).should be_false
|
||||
Msf::Modules.const_defined?(relative_name).should be_falsey
|
||||
end
|
||||
|
||||
it 'should re-raise the error' do
|
||||
|
@ -1102,7 +1102,7 @@ describe Msf::Modules::Loader::Base do
|
|||
|
||||
context 'with the block returning false' do
|
||||
it 'should remove the created namespace module' do
|
||||
Msf::Modules.const_defined?(relative_name).should be_false
|
||||
Msf::Modules.const_defined?(relative_name).should be_falsey
|
||||
|
||||
subject.send(:namespace_module_transaction, module_full_name) do |namespace_module|
|
||||
Msf::Modules.const_defined?(relative_name).should be_truthy
|
||||
|
@ -1110,19 +1110,19 @@ describe Msf::Modules::Loader::Base do
|
|||
false
|
||||
end
|
||||
|
||||
Msf::Modules.const_defined?(relative_name).should be_false
|
||||
Msf::Modules.const_defined?(relative_name).should be_falsey
|
||||
end
|
||||
|
||||
it 'should return false' do
|
||||
subject.send(:namespace_module_transaction, module_full_name) { |namespace_module|
|
||||
false
|
||||
}.should be_false
|
||||
}.should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
context 'with the block returning true' do
|
||||
it 'should not restore the non-existent previous namespace module' do
|
||||
Msf::Modules.const_defined?(relative_name).should be_false
|
||||
Msf::Modules.const_defined?(relative_name).should be_falsey
|
||||
|
||||
created_namespace_module = nil
|
||||
|
||||
|
@ -1281,7 +1281,7 @@ describe Msf::Modules::Loader::Base do
|
|||
|
||||
context 'without relative_name being a defined constant' do
|
||||
it 'should set relative_name on parent_module to namespace_module' do
|
||||
parent_module.const_defined?(relative_name).should be_false
|
||||
parent_module.const_defined?(relative_name).should be_falsey
|
||||
|
||||
subject.send(:restore_namespace_module, parent_module, relative_name, @original_namespace_module)
|
||||
|
||||
|
@ -1340,7 +1340,7 @@ describe Msf::Modules::Loader::Base do
|
|||
end
|
||||
|
||||
it 'should return false' do
|
||||
subject.send(:usable?, metasploit_class).should be_false
|
||||
subject.send(:usable?, metasploit_class).should be_falsey
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -74,7 +74,7 @@ describe Msf::Modules::Loader::Directory do
|
|||
end
|
||||
|
||||
it 'should not load the module' do
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -89,7 +89,7 @@ describe Msf::Modules::Loader::Directory do
|
|||
end
|
||||
|
||||
it 'should not load the module' do
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -110,7 +110,7 @@ describe Msf::Modules::Loader::Directory do
|
|||
end
|
||||
|
||||
it 'should not raise an error' do
|
||||
File.exist?(module_path).should be_false
|
||||
File.exist?(module_path).should be_falsey
|
||||
|
||||
expect {
|
||||
subject.load_module(parent_path, type, module_reference_name)
|
||||
|
@ -118,9 +118,9 @@ describe Msf::Modules::Loader::Directory do
|
|||
end
|
||||
|
||||
it 'should return false' do
|
||||
File.exist?(module_path).should be_false
|
||||
File.exist?(module_path).should be_falsey
|
||||
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_false
|
||||
subject.load_module(parent_path, type, module_reference_name).should be_falsey
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -138,7 +138,7 @@ describe Msf::Modules::Loader::Directory do
|
|||
# this ensures that the File.exist?(module_path) checks are checking the same path as the code under test
|
||||
it 'should attempt to open the expected module_path' do
|
||||
File.should_receive(:open).with(module_path, 'rb')
|
||||
File.exist?(module_path).should be_false
|
||||
File.exist?(module_path).should be_falsey
|
||||
|
||||
subject.send(:read_module_content, parent_path, type, module_reference_name)
|
||||
end
|
||||
|
|
|
@ -179,7 +179,7 @@ describe Msf::Modules::Namespace do
|
|||
context 'version_compatible!' do
|
||||
context 'without RequiredVersions' do
|
||||
it 'should not be defined' do
|
||||
subject.const_defined?('RequiredVersions').should be_false
|
||||
subject.const_defined?('RequiredVersions').should be_falsey
|
||||
end
|
||||
|
||||
it 'should not raise an error' do
|
||||
|
|
|
@ -20,4 +20,4 @@ describe Msf::OptEnum do
|
|||
subject.valid?('Bar').should == true
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -12,4 +12,4 @@ describe Msf::OptRaw do
|
|||
invalid_values = []
|
||||
|
||||
it_behaves_like "an option", valid_values, invalid_values, 'raw'
|
||||
end
|
||||
end
|
||||
|
|
|
@ -14,4 +14,4 @@ describe Msf::OptRegexp do
|
|||
]
|
||||
|
||||
it_behaves_like "an option", valid_values, invalid_values, 'regexp'
|
||||
end
|
||||
end
|
||||
|
|
|
@ -530,4 +530,4 @@ describe Msf::PayloadGenerator do
|
|||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -105,4 +105,4 @@ describe Msf::DBManager::Export do
|
|||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1775,7 +1775,7 @@ describe Msf::DBManager do
|
|||
|
||||
# @todo determine how to load a single payload to test payload type outside of msfconsole
|
||||
|
||||
it_should_behave_like 'Msf::DBManager#update_module_details with module',
|
||||
it_should_behave_like 'Msf::DBManager#update_module_details with module',
|
||||
:reference_name => 'windows/escalate/screen_unlock',
|
||||
:type => 'post'
|
||||
end
|
||||
|
|
|
@ -27,4 +27,4 @@ describe Rex::Exploitation::Js::Detect do
|
|||
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -27,4 +27,4 @@ describe Rex::Exploitation::Js::Memory do
|
|||
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -13,4 +13,4 @@ describe Rex::Exploitation::Js::Utils do
|
|||
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -27,7 +27,7 @@ lots \t of whitespace
|
|||
# single_line_comment1
|
||||
# single_line_comment2
|
||||
#
|
||||
# single_line_comment3
|
||||
# single_line_comment3
|
||||
if (-not ($NewLogonAccountDomain -cmatch \"NT\\sAUTHORITY\" -or $NewLogonAccountDomain -cmatch \"Window\\sManager\"))
|
||||
{
|
||||
$Key = $AccountName + $AccountDomain + $NewLogonAccountName + $NewLogonAccountDomain + $LogonType + $WorkstationName + $SourceNetworkAddress + $SourcePort
|
||||
|
@ -84,7 +84,7 @@ lots \t of whitespace
|
|||
# single_line_comment1
|
||||
# single_line_comment2
|
||||
#
|
||||
# single_line_comment3
|
||||
# single_line_comment3
|
||||
$some_literal = @\"
|
||||
using System;
|
||||
using System.Runtime.InteropServices;
|
||||
|
@ -146,14 +146,14 @@ lots \t of whitespace
|
|||
subject.strip_comments
|
||||
subject.code.should be
|
||||
subject.code.should be_kind_of String
|
||||
subject.code.include?('comment').should be_false
|
||||
subject.code.include?('comment').should be_falsey
|
||||
end
|
||||
|
||||
it 'should strip a single line comment' do
|
||||
subject.strip_comments
|
||||
subject.code.should be
|
||||
subject.code.should be_kind_of String
|
||||
subject.code.include?('#').should be_false
|
||||
subject.code.include?('#').should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -163,7 +163,7 @@ lots \t of whitespace
|
|||
subject.code.should be
|
||||
subject.code.should be_kind_of String
|
||||
res = (subject.code =~ /\r\n\r\n/)
|
||||
res.should be_false
|
||||
res.should be_falsey
|
||||
end
|
||||
|
||||
it 'should strip extra unix new lines' do
|
||||
|
@ -171,7 +171,7 @@ lots \t of whitespace
|
|||
subject.code.should be
|
||||
subject.code.should be_kind_of String
|
||||
res = (subject.code =~ /\n\n/)
|
||||
res.should be_false
|
||||
res.should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -189,8 +189,8 @@ lots \t of whitespace
|
|||
subject.sub_vars
|
||||
subject.code.should be
|
||||
subject.code.should be_kind_of String
|
||||
subject.code.include?('$kernel32').should be_false
|
||||
subject.code.include?('$Logon').should be_false
|
||||
subject.code.include?('$kernel32').should be_falsey
|
||||
subject.code.include?('$Logon').should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -199,7 +199,7 @@ lots \t of whitespace
|
|||
subject.sub_funcs
|
||||
subject.code.should be
|
||||
subject.code.should be_kind_of String
|
||||
subject.code.include?('Find-4624Logons').should be_false
|
||||
subject.code.include?('Find-4624Logons').should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -208,24 +208,24 @@ lots \t of whitespace
|
|||
subject_no_literal.standard_subs
|
||||
subject_no_literal.code.should be
|
||||
subject_no_literal.code.should be_kind_of String
|
||||
subject_no_literal.code.include?('Find-4624Logons').should be_false
|
||||
subject_no_literal.code.include?('lots of whitespace').should be_truthy
|
||||
subject_no_literal.code.include?('$kernel32').should be_false
|
||||
subject_no_literal.code.include?('comment').should be_false
|
||||
subject_no_literal.code.include?('Find-4624Logons').should be_falsey
|
||||
subject_no_literal.code.include?('lots of whitespace').should be_true
|
||||
subject_no_literal.code.include?('$kernel32').should be_falsey
|
||||
subject_no_literal.code.include?('comment').should be_falsey
|
||||
res = (subject_no_literal.code =~ /\r\n\r\n/)
|
||||
res.should be_false
|
||||
res.should be_falsey
|
||||
end
|
||||
|
||||
it 'should run all substitutions except strip whitespace when literals are present' do
|
||||
subject.standard_subs
|
||||
subject.code.should be
|
||||
subject.code.should be_kind_of String
|
||||
subject.code.include?('Find-4624Logons').should be_false
|
||||
subject.code.include?('lots of whitespace').should be_false
|
||||
subject.code.include?('$kernel32').should be_false
|
||||
subject.code.include?('comment').should be_false
|
||||
subject.code.include?('Find-4624Logons').should be_falsey
|
||||
subject.code.include?('lots of whitespace').should be_falsey
|
||||
subject.code.include?('$kernel32').should be_falsey
|
||||
subject.code.include?('comment').should be_falsey
|
||||
res = (subject.code =~ /\r\n\r\n/)
|
||||
res.should be_false
|
||||
res.should be_falsey
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -96,7 +96,7 @@ function Find-4624Logons
|
|||
literals.should be
|
||||
literals.should be_kind_of Array
|
||||
literals.length.should be > 0
|
||||
literals[0].include?('parp').should be_false
|
||||
literals[0].include?('parp').should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -152,7 +152,7 @@ function Find-4624Logons
|
|||
|
||||
it 'should delete the function if delete is true' do
|
||||
function = subject.get_func('Find-4624Logons', true)
|
||||
subject.code.include?('DllImport').should be_false
|
||||
subject.code.include?('DllImport').should be_falsey
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -21,8 +21,8 @@ describe Rex::Exploitation::Powershell::Output do
|
|||
subject.rig.should be_kind_of Rex::RandomIdentifierGenerator
|
||||
subject.code.should be
|
||||
subject.code.should be_kind_of String
|
||||
subject.code.empty?.should be_false
|
||||
subject.functions.empty?.should be_truthy
|
||||
subject.code.empty?.should be_falsey
|
||||
subject.functions.empty?.should be_true
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -40,7 +40,7 @@ describe Rex::Exploitation::Powershell::Output do
|
|||
mods = Rex::Exploitation::Powershell::Script.code_modifiers
|
||||
mods.should be
|
||||
mods.should be_kind_of Array
|
||||
mods.empty?.should be_false
|
||||
mods.empty?.should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -38,8 +38,8 @@ DumpHashes"""
|
|||
describe "::make_subs" do
|
||||
it 'should substitute values in script' do
|
||||
script = described_class.make_subs(example_script,[['BitConverter','ParpConverter']])
|
||||
script.include?('BitConverter').should be_false
|
||||
script.include?('ParpConverter').should be_truthy
|
||||
script.include?('BitConverter').should be_falsey
|
||||
script.include?('ParpConverter').should be_true
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -32,7 +32,7 @@ describe Rex::Exploitation::RopDb do
|
|||
end
|
||||
|
||||
it "should return false when I supply an invalid database" do
|
||||
ropdb.has_rop?("sinn3r").should be_false
|
||||
ropdb.has_rop?("sinn3r").should be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -82,4 +82,4 @@ describe Rex::Exploitation::RopDb do
|
|||
end
|
||||
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -33,43 +33,43 @@ xml_serv = '
|
|||
|
||||
xml_ms = '
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<Groups clsid="{3125E937-EB16-4b4c-9934-544FC6D24D26}"
|
||||
<Groups clsid="{3125E937-EB16-4b4c-9934-544FC6D24D26}"
|
||||
disabled="1">
|
||||
<User clsid="{DF5F1855-51E5-4d24-8B1A-D9BDE98BA1D1}"
|
||||
name="DbAdmin"
|
||||
image="2"
|
||||
changed="2007-07-06 20:45:20"
|
||||
<User clsid="{DF5F1855-51E5-4d24-8B1A-D9BDE98BA1D1}"
|
||||
name="DbAdmin"
|
||||
image="2"
|
||||
changed="2007-07-06 20:45:20"
|
||||
uid="{253F4D90-150A-4EFB-BCC8-6E894A9105F7}">
|
||||
<Properties
|
||||
action="U"
|
||||
newName=""
|
||||
fullName="Database Admin"
|
||||
description="Local Database Admin"
|
||||
cpassword="demo"
|
||||
changeLogon="0"
|
||||
noChange="0"
|
||||
neverExpires="0"
|
||||
acctDisabled="1"
|
||||
<Properties
|
||||
action="U"
|
||||
newName=""
|
||||
fullName="Database Admin"
|
||||
description="Local Database Admin"
|
||||
cpassword="demo"
|
||||
changeLogon="0"
|
||||
noChange="0"
|
||||
neverExpires="0"
|
||||
acctDisabled="1"
|
||||
userName="DbAdmin"/>
|
||||
</User>
|
||||
<Group clsid="{6D4A79E4-529C-4481-ABD0-F5BD7EA93BA7}"
|
||||
name="Database Admins"
|
||||
image="2"
|
||||
changed="2007-07-06 20:46:21"
|
||||
<Group clsid="{6D4A79E4-529C-4481-ABD0-F5BD7EA93BA7}"
|
||||
name="Database Admins"
|
||||
image="2"
|
||||
changed="2007-07-06 20:46:21"
|
||||
uid="{C5FB3901-508A-4A9E-9171-60D4FC2B404B}">
|
||||
<Properties
|
||||
action="U"
|
||||
newName=""
|
||||
description="Local Database Admins"
|
||||
userAction="REMOVE"
|
||||
deleteAllUsers="1"
|
||||
deleteAllGroups="1"
|
||||
removeAccounts="0"
|
||||
<Properties
|
||||
action="U"
|
||||
newName=""
|
||||
description="Local Database Admins"
|
||||
userAction="REMOVE"
|
||||
deleteAllUsers="1"
|
||||
deleteAllGroups="1"
|
||||
removeAccounts="0"
|
||||
groupName="Database Admins">
|
||||
<Members>
|
||||
<Member
|
||||
name="domain\sampleuser"
|
||||
action="ADD"
|
||||
<Member
|
||||
name="domain\sampleuser"
|
||||
action="ADD"
|
||||
sid=""/>
|
||||
</Members>
|
||||
</Properties>
|
||||
|
@ -89,12 +89,12 @@ cpassword_bad = "blah"
|
|||
|
||||
describe Rex::Parser::GPP do
|
||||
GPP = Rex::Parser::GPP
|
||||
|
||||
|
||||
##
|
||||
# Decrypt
|
||||
##
|
||||
it "Decrypt returns Local*P4ssword! for normal cpassword" do
|
||||
result = GPP.decrypt(cpassword_normal)
|
||||
result = GPP.decrypt(cpassword_normal)
|
||||
result.should eq("Local*P4ssword!")
|
||||
end
|
||||
|
||||
|
@ -102,7 +102,7 @@ describe Rex::Parser::GPP do
|
|||
result = GPP.decrypt(cpassword_bad)
|
||||
result.should eq("")
|
||||
end
|
||||
|
||||
|
||||
it "Decrypt returns blank for nil cpassword" do
|
||||
result = GPP.decrypt(nil)
|
||||
result.should eq("")
|
||||
|
|
|
@ -16,7 +16,7 @@ comb = REXML::Document.new('<unattend xmlns="urn:schemas-microsoft-com:unattend"
|
|||
describe Rex::Parser::Unattend do
|
||||
|
||||
context "#parse" do
|
||||
it "returns passwords for b64" do
|
||||
it "returns passwords for b64" do
|
||||
results = described_class.parse(b64)
|
||||
results.length.should eq(2)
|
||||
results[0]['password'].should eq(Rex::Text.to_unicode('Temp123'))
|
||||
|
|
|
@ -49,5 +49,5 @@ describe Rex::Post::Meterpreter::ClientCore do
|
|||
|
||||
|
||||
end
|
||||
|
||||
|
||||
end
|
||||
|
|
|
@ -51,7 +51,7 @@ describe Rex::Proto::Http::Client do
|
|||
cli.instance_variable_get(:@hostname).should == ip
|
||||
cli.instance_variable_get(:@port).should == 80
|
||||
cli.instance_variable_get(:@context).should == {}
|
||||
cli.instance_variable_get(:@ssl).should be_false
|
||||
cli.instance_variable_get(:@ssl).should be_falsey
|
||||
cli.instance_variable_get(:@proxies).should be_nil
|
||||
cli.instance_variable_get(:@username).should be_empty
|
||||
cli.instance_variable_get(:@password).should be_empty
|
||||
|
@ -202,7 +202,7 @@ describe Rex::Proto::Http::Client do
|
|||
end
|
||||
|
||||
it "should test if a connection is valid" do
|
||||
cli.conn?.should be_false
|
||||
cli.conn?.should be_falsey
|
||||
end
|
||||
|
||||
it "should tell if pipelining is enabled" do
|
||||
|
|
|
@ -0,0 +1,48 @@
|
|||
# -*- coding: binary -*-
|
||||
require 'spec_helper'
|
||||
|
||||
require 'rex/proto/natpmp/packet'
|
||||
describe Rex::Proto::NATPMP do
|
||||
subject do
|
||||
mod = Module.new
|
||||
mod.extend described_class
|
||||
mod
|
||||
end
|
||||
|
||||
describe '#parse_external_address_response' do
|
||||
it 'should properly parse non-error responses' do
|
||||
data = "\x00\x80\x00\x00\x00\x33\x50\x53\xc0\xa8\x01\x02"
|
||||
subject.parse_external_address_response(data)
|
||||
ver, opcode, result, epoch, addr = subject.parse_external_address_response(data)
|
||||
expect(ver).to eq(0)
|
||||
expect(opcode).to eq(128)
|
||||
expect(result).to eq(0)
|
||||
expect(epoch).to eq(3362899)
|
||||
expect(addr).to eq('192.168.1.2')
|
||||
end
|
||||
it 'should properly parse error responses' do
|
||||
data = "\x00\x80\x00\x03\x00\x00\x70\x90\x00\x00\x00\x00"
|
||||
subject.parse_external_address_response(data)
|
||||
ver, opcode, result, epoch, addr = subject.parse_external_address_response(data)
|
||||
expect(ver).to eq(0)
|
||||
expect(opcode).to eq(128)
|
||||
expect(result).to eq(3)
|
||||
expect(epoch).to eq(28816)
|
||||
expect(addr).to eq('0.0.0.0')
|
||||
end
|
||||
end
|
||||
|
||||
describe '#parse_map_port_response' do
|
||||
it 'should properly parse responses' do
|
||||
data = "\x00\x82\x00\x00\x00\x33\x6f\xd8\x11\x5c\x15\xb3\x00\x36\xee\x80"
|
||||
ver, opcode, result, epoch, internal, external, lifetime = subject.parse_map_port_response(data)
|
||||
expect(ver).to eq(0)
|
||||
expect(opcode).to eq(130)
|
||||
expect(result).to eq(0)
|
||||
expect(epoch).to eq(3370968)
|
||||
expect(internal).to eq(4444)
|
||||
expect(external).to eq(5555)
|
||||
expect(lifetime).to eq(3600000)
|
||||
end
|
||||
end
|
||||
end
|
|
@ -44,7 +44,7 @@ describe Rex::Proto::PJL::Client do
|
|||
expect { cli.info(nil) }.to raise_error(ArgumentError)
|
||||
end
|
||||
|
||||
it "should receive a response for an INFO request" do
|
||||
it "should receive a response for an INFO request" do
|
||||
cli.info(:id).should eq(default_response)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -2,4 +2,4 @@ require 'spec_helper'
|
|||
|
||||
describe Metasploit::Credential::Core do
|
||||
it_should_behave_like 'Metasploit::Credential::Core::ToCredential'
|
||||
end
|
||||
end
|
||||
|
|
|
@ -72,7 +72,7 @@ describe Msfcli do
|
|||
it "should see a help menu" do
|
||||
out = get_stdout {
|
||||
cli = Msfcli.new([])
|
||||
cli.usage
|
||||
cli.usage
|
||||
}
|
||||
out.should =~ /Usage/
|
||||
end
|
||||
|
|
|
@ -14,4 +14,4 @@ shared_context 'Msf::DBManager' do
|
|||
framework.db.workspace = framework.db.default_workspace
|
||||
db_manager.stub(:active => active)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -3,19 +3,19 @@ require 'metasploit/framework/credential'
|
|||
shared_examples_for 'Metasploit::Credential::Core::ToCredential' do
|
||||
context "methods" do
|
||||
context ".to_credential" do
|
||||
|
||||
|
||||
subject(:crednetial_core) do
|
||||
FactoryGirl.create(:metasploit_credential_core)
|
||||
end
|
||||
|
||||
|
||||
it { should respond_to :to_credential }
|
||||
|
||||
|
||||
it "should return a Metasploit::Framework::Credential" do
|
||||
expect(
|
||||
crednetial_core.to_credential
|
||||
).to be_a Metasploit::Framework::Credential
|
||||
end
|
||||
|
||||
|
||||
it "should set the parent to the credential object" do
|
||||
expect(
|
||||
crednetial_core.to_credential.parent
|
||||
|
@ -23,4 +23,4 @@ shared_examples_for 'Metasploit::Credential::Core::ToCredential' do
|
|||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -8,7 +8,7 @@ shared_examples_for 'Metasploit::Framework::LoginScanner::HTTP' do
|
|||
|
||||
context "without ssl, without port" do
|
||||
it "should default :port to #{described_class::DEFAULT_PORT}" do
|
||||
expect(http_scanner.ssl).to be_false
|
||||
expect(http_scanner.ssl).to be_falsey
|
||||
expect(http_scanner.port).to eq(described_class::DEFAULT_PORT)
|
||||
end
|
||||
end
|
||||
|
@ -25,7 +25,7 @@ shared_examples_for 'Metasploit::Framework::LoginScanner::HTTP' do
|
|||
subject(:http_scanner) { described_class.new(port:described_class::DEFAULT_PORT) }
|
||||
it "should set ssl to false" do
|
||||
expect(http_scanner.port).to eq(described_class::DEFAULT_PORT)
|
||||
expect(http_scanner.ssl).to be_false
|
||||
expect(http_scanner.ssl).to be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -20,4 +20,4 @@ shared_examples_for 'Msf::DBManager::Export#extract_module_detail_info module_de
|
|||
child_node.content.should == attribute.to_s
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -134,4 +134,4 @@ shared_examples_for 'Msf::DBManager::Migration' do
|
|||
reset_column_information
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -31,7 +31,7 @@ shared_examples_for 'Msf::DBManager#search_modules Mdm::Module::Platform#name or
|
|||
|
||||
context 'with Mdm::Module::Target#name' do
|
||||
let(:name) do
|
||||
# use inspect to quote spaces in string
|
||||
# use inspect to quote spaces in string
|
||||
module_target.name.inspect
|
||||
end
|
||||
|
||||
|
@ -46,4 +46,4 @@ shared_examples_for 'Msf::DBManager#search_modules Mdm::Module::Platform#name or
|
|||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -41,4 +41,4 @@ shared_examples_for 'Msf::DBManager#search_modules Mdm::Module::Ref#name keyword
|
|||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -57,4 +57,4 @@ shared_examples_for 'Msf::DBManager#update_all_module_details refresh' do
|
|||
update_all_module_details
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -23,4 +23,4 @@ shared_examples_for 'Msf::DBManager#update_module_details with module' do |optio
|
|||
}.to_not raise_error
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -54,7 +54,7 @@ shared_examples_for 'Msf::ModuleManager::Cache' do
|
|||
}
|
||||
end
|
||||
|
||||
it { should be_false }
|
||||
it { should be_falsey }
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -196,7 +196,7 @@ shared_examples_for 'Msf::ModuleManager::Cache' do
|
|||
false
|
||||
end
|
||||
|
||||
it { should be_false }
|
||||
it { should be_falsey }
|
||||
end
|
||||
|
||||
context 'with true' do
|
||||
|
@ -214,7 +214,7 @@ shared_examples_for 'Msf::ModuleManager::Cache' do
|
|||
{}
|
||||
end
|
||||
|
||||
it { should be_false }
|
||||
it { should be_falsey }
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -323,7 +323,7 @@ shared_examples_for 'Msf::ModuleManager::Cache' do
|
|||
false
|
||||
end
|
||||
|
||||
it { should be_false }
|
||||
it { should be_falsey }
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -332,7 +332,7 @@ shared_examples_for 'Msf::ModuleManager::Cache' do
|
|||
framework.stub(:db => nil)
|
||||
end
|
||||
|
||||
it { should be_false }
|
||||
it { should be_falsey }
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -456,4 +456,4 @@ shared_examples_for 'Msf::ModuleManager::Cache' do
|
|||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -41,8 +41,8 @@ shared_examples_for 'Msf::ModuleManager::Loading' do
|
|||
|
||||
tempfile.unlink
|
||||
|
||||
File.exist?(module_path).should be_false
|
||||
subject.file_changed?(module_path).should be_truthy
|
||||
File.exist?(module_path).should be_falsey
|
||||
subject.file_changed?(module_path).should be_true
|
||||
end
|
||||
|
||||
it 'should return true if modification time does not match the cached modification time' do
|
||||
|
@ -71,7 +71,7 @@ shared_examples_for 'Msf::ModuleManager::Loading' do
|
|||
}
|
||||
|
||||
cached_modification_time.should == modification_time
|
||||
subject.file_changed?(module_path).should be_false
|
||||
subject.file_changed?(module_path).should be_falsey
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -159,4 +159,4 @@ shared_examples_for 'Msf::ModuleManager::Loading' do
|
|||
on_module_load
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -21,7 +21,7 @@ shared_examples_for 'Msf::ModuleManager::ModulePaths' do
|
|||
path = file.path
|
||||
file.unlink
|
||||
|
||||
File.exist?(path).should be_false
|
||||
File.exist?(path).should be_falsey
|
||||
|
||||
expect {
|
||||
module_manager.add_module_path(path)
|
||||
|
@ -74,4 +74,4 @@ shared_examples_for 'Msf::ModuleManager::ModulePaths' do
|
|||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -92,4 +92,4 @@ shared_examples_for 'Msf::Simple::Framework::ModulePaths' do
|
|||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -28,4 +28,4 @@ describe CPassword do
|
|||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -50,8 +50,9 @@ end
|
|||
|
||||
changed_files.each_line do |fname|
|
||||
fname.strip!
|
||||
next unless File.exist?(fname) and File.file?(fname)
|
||||
next unless fname =~ /modules.+\.rb/
|
||||
next unless File.exist?(fname)
|
||||
next unless File.file?(fname)
|
||||
next unless fname =~ /^modules.+\.rb/
|
||||
files_to_check << fname
|
||||
end
|
||||
|
||||
|
|
|
@ -12,7 +12,6 @@ require 'time'
|
|||
|
||||
CHECK_OLD_RUBIES = !!ENV['MSF_CHECK_OLD_RUBIES']
|
||||
SUPPRESS_INFO_MESSAGES = !!ENV['MSF_SUPPRESS_INFO_MESSAGES']
|
||||
ENCODING_REGEX = /^# (?:\-\*\- )?encoding:\s*(\S+)/
|
||||
|
||||
if CHECK_OLD_RUBIES
|
||||
require 'rvm'
|
||||
|
@ -48,11 +47,16 @@ class Msftidy
|
|||
WARNINGS = 0x10
|
||||
ERRORS = 0x20
|
||||
|
||||
# Some compiles regexes
|
||||
REGEX_MSF_EXPLOIT = / \< Msf::Exploit/
|
||||
REGEX_IS_BLANK_OR_END = /^\s*end\s*$/
|
||||
|
||||
attr_reader :full_filepath, :source, :stat, :name, :status
|
||||
|
||||
def initialize(source_file)
|
||||
@full_filepath = source_file
|
||||
@source = load_file(source_file)
|
||||
@lines = @source.lines # returns an enumerator
|
||||
@status = OK
|
||||
@name = File.basename(source_file)
|
||||
end
|
||||
|
@ -110,29 +114,8 @@ class Msftidy
|
|||
end
|
||||
end
|
||||
|
||||
# Check that modules don't have any encoding comment and that
|
||||
# non-modules have an explicity binary encoding comment
|
||||
def check_encoding
|
||||
# coding/encoding lines must be the first or second line if present
|
||||
encoding_lines = @source.lines.to_a[0,2].select { |l| l =~ ENCODING_REGEX }
|
||||
if @full_filepath =~ /(?:^|\/)modules\//
|
||||
warn('Modules do not need an encoding comment') unless encoding_lines.empty?
|
||||
else
|
||||
if encoding_lines.empty?
|
||||
warn('Non-modules must have an encoding comment')
|
||||
else
|
||||
encoding_line = encoding_lines.first
|
||||
encoding_line =~ ENCODING_REGEX
|
||||
encoding_type = Regexp.last_match(1)
|
||||
unless encoding_type == 'binary'
|
||||
warn("Non-modules must have a binary encoding comment, not #{encoding_type}")
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def check_shebang
|
||||
if @source.lines.first =~ /^#!/
|
||||
if @lines.first =~ /^#!/
|
||||
warn("Module should not have a #! line")
|
||||
end
|
||||
end
|
||||
|
@ -148,7 +131,7 @@ class Msftidy
|
|||
msg = "Using Nokogiri in modules can be risky, use REXML instead."
|
||||
has_nokogiri = false
|
||||
has_nokogiri_xml_parser = false
|
||||
@source.each_line do |line|
|
||||
@lines.each do |line|
|
||||
if has_nokogiri
|
||||
if line =~ /Nokogiri::XML\.parse/ or line =~ /Nokogiri::XML::Reader/
|
||||
has_nokogiri_xml_parser = true
|
||||
|
@ -165,7 +148,7 @@ class Msftidy
|
|||
in_super = false
|
||||
in_refs = false
|
||||
|
||||
@source.each_line do |line|
|
||||
@lines.each do |line|
|
||||
if !in_super and line =~ /\s+super\(/
|
||||
in_super = true
|
||||
elsif in_super and line =~ /[[:space:]]*def \w+[\(\w+\)]*/
|
||||
|
@ -225,7 +208,7 @@ class Msftidy
|
|||
# warn if so. Since Ruby 1.9 this has not been necessary and
|
||||
# the framework only suports 1.9+
|
||||
def check_rubygems
|
||||
@source.each_line do |line|
|
||||
@lines.each do |line|
|
||||
if line_has_require?(line, 'rubygems')
|
||||
warn("Explicitly requiring/loading rubygems is not necessary")
|
||||
break
|
||||
|
@ -256,7 +239,7 @@ class Msftidy
|
|||
max_count = 10
|
||||
counter = 0
|
||||
if @source =~ /^##/
|
||||
@source.each_line do |line|
|
||||
@lines.each do |line|
|
||||
# If exists, the $Id$ keyword should appear at the top of the code.
|
||||
# If not (within the first 10 lines), then we assume there's no
|
||||
# $Id$, and then bail.
|
||||
|
@ -288,7 +271,7 @@ class Msftidy
|
|||
in_super = false
|
||||
in_author = false
|
||||
|
||||
@source.each_line do |line|
|
||||
@lines.each do |line|
|
||||
#
|
||||
# Mark our "super" code block
|
||||
#
|
||||
|
@ -366,8 +349,37 @@ class Msftidy
|
|||
error("Fails alternate Ruby version check") if rubies.size != res.size
|
||||
end
|
||||
|
||||
def is_exploit_module?
|
||||
ret = false
|
||||
if @source =~ REGEX_MSF_EXPLOIT
|
||||
# having Msf::Exploit is good indicator, but will false positive on
|
||||
# specs and other files containing the string, but not really acting
|
||||
# as exploit modules, so here we check the file for some actual contents
|
||||
# this could be done in a simpler way, but this let's us add more later
|
||||
msf_exploit_line_no = nil
|
||||
@lines.each_with_index do |line, idx|
|
||||
if line = REGEX_MSF_EXPLOIT
|
||||
# note the line number
|
||||
msf_exploit_line_no = idx
|
||||
elsif msf_exploit_line_no
|
||||
# check there is anything but empty space between here and the next end
|
||||
# something more complex could be added here
|
||||
if line !~ REGEX_IS_BLANK_OR_END
|
||||
# if the line is not 'end' and is not blank, prolly exploit module
|
||||
ret = true
|
||||
break
|
||||
else
|
||||
# then keep checking in case there are more than one Msf::Exploit
|
||||
msf_exploit_line_no = nil
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
ret
|
||||
end
|
||||
|
||||
def check_ranking
|
||||
return if @source !~ / \< Msf::Exploit/
|
||||
return unless is_exploit_module?
|
||||
|
||||
available_ranks = [
|
||||
'ManualRanking',
|
||||
|
@ -406,7 +418,7 @@ class Msftidy
|
|||
error('Incorrect disclosure date format')
|
||||
end
|
||||
else
|
||||
error('Exploit is missing a disclosure date') if @source =~ / \< Msf::Exploit/
|
||||
error('Exploit is missing a disclosure date') if is_exploit_module?
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -462,7 +474,7 @@ class Msftidy
|
|||
src_ended = false
|
||||
idx = 0
|
||||
|
||||
@source.each_line { |ln|
|
||||
@lines.each do |ln|
|
||||
idx += 1
|
||||
|
||||
# block comment awareness
|
||||
|
@ -541,7 +553,7 @@ class Msftidy
|
|||
if ln =~ /^\s*Rank\s*=\s*/ and @source =~ /<\sMsf::Auxiliary/
|
||||
warn("Auxiliary modules have no 'Rank': #{ln}", idx)
|
||||
end
|
||||
}
|
||||
end
|
||||
end
|
||||
|
||||
def check_vuln_codes
|
||||
|
@ -605,7 +617,6 @@ def run_checks(full_filepath)
|
|||
tidy = Msftidy.new(full_filepath)
|
||||
tidy.check_mode
|
||||
tidy.check_shebang
|
||||
tidy.check_encoding
|
||||
tidy.check_nokogiri
|
||||
tidy.check_rubygems
|
||||
tidy.check_ref_identifiers
|
||||
|
|
Loading…
Reference in New Issue