infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Solve conflicts

bug/bundler_fix
jvazquez-r7 2014-08-26 17:51:37 -05:00
parent 0d9d722525 fe99f4b6e7
commit b37e1a5421
72 changed files with 386 additions and 321 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/msf/core/auxiliary/mixins.rb
View File

@ -20,6 +20,7 @@ require 'msf/core/auxiliary/login'
require 'msf/core/auxiliary/rservices'
require 'msf/core/auxiliary/cisco'
require 'msf/core/auxiliary/nmap'
require 'msf/core/auxiliary/natpmp'
require 'msf/core/auxiliary/iax2'
require 'msf/core/auxiliary/ntp'
require 'msf/core/auxiliary/pii'

27
lib/msf/core/auxiliary/natpmp.rb Normal file
View File

@ -0,0 +1,27 @@
# -*- coding: binary -*-
require 'rex/proto/natpmp'
module Msf
###
#
# This module provides methods for working with NAT-PMP
#
###
module Auxiliary::NATPMP
include Auxiliary::Scanner
include Rex::Proto::NATPMP
def initialize(info = {})
super
register_options(
[
Opt::RPORT(Rex::Proto::NATPMP::DefaultPort),
Opt::CHOST
],
self.class
)
end
end
end

14
lib/rex/proto/natpmp/packet.rb
View File

@ -12,20 +12,20 @@ module Proto
module NATPMP
# Return a NAT-PMP request to get the external address.
def self.external_address_request
def external_address_request
[ 0, 0 ].pack('nn')
end
# Parse a NAT-PMP external address response +resp+.
# Returns the decoded parts of the response as an array.
def self.parse_external_address_response(resp)
(ver, op, result, epoch, addr) = resp.unpack("CCvVN")
def parse_external_address_response(resp)
(ver, op, result, epoch, addr) = resp.unpack("CCnNN")
[ ver, op, result, epoch, Rex::Socket::addr_itoa(addr) ]
end
# Return a NAT-PMP request to map remote port +rport+/+protocol+ to local port +lport+ for +lifetime+ ms
def self.map_port_request(lport, rport, protocol, lifetime)
[ Rex::Proto::NATPMP::Version, # version
def map_port_request(lport, rport, protocol, lifetime)
[ Rex::Proto::NATPMP::Version, # version
protocol, # opcode, which is now the protocol we are asking to forward
0, # reserved
lport,
@ -36,8 +36,8 @@ module NATPMP
# Parse a NAT-PMP mapping response +resp+.
# Returns the decoded parts as an array.
def self.parse_map_port_response(resp)
resp.unpack("CCvVnnN")
def parse_map_port_response(resp)
resp.unpack("CCnNnnN")
end
end

26
modules/auxiliary/admin/natpmp/natpmp_map.rb
View File

@ -4,12 +4,13 @@
##
require 'msf/core'
require 'rex/proto/natpmp'
class Metasploit3 < Msf::Auxiliary
include Msf::Auxiliary::Report
include Msf::Auxiliary::Scanner
include Msf::Auxiliary::NATPMP
include Rex::Proto::NATPMP
def initialize
super(
@ -21,12 +22,10 @@ class Metasploit3 < Msf::Auxiliary
register_options(
[
Opt::LPORT,
Opt::RPORT,
OptInt.new('NATPMPPORT', [true, "NAT-PMP port to use", Rex::Proto::NATPMP::DefaultPort]),
OptPort.new('EXTERNAL_PORT', [true, 'The external port to foward from']),
OptPort.new('INTERNAL_PORT', [true, 'The internal port to forward to']),
OptInt.new('LIFETIME', [true, "Time in ms to keep this port forwarded", 3600000]),
OptEnum.new('PROTOCOL', [true, "Protocol to forward", 'TCP', %w(TCP UDP)]),
Opt::CHOST
],
self.class
)
@ -43,21 +42,20 @@ class Metasploit3 < Msf::Auxiliary
# get the external address first
vprint_status "#{host} - NATPMP - Probing for external address"
req = Rex::Proto::NATPMP.external_address_request
udp_sock.sendto(req, host, datastore['NATPMPPORT'], 0)
udp_sock.sendto(external_address_request, host, datastore['RPORT'], 0)
external_address = nil
while (r = udp_sock.recvfrom(12, 1) and r[1])
(ver, op, result, epoch, external_address) = Rex::Proto::NATPMP.parse_external_address_response(r[0])
(ver, op, result, epoch, external_address) = parse_external_address_response(r[0])
end
vprint_status "#{host} - NATPMP - Sending mapping request"
# build the mapping request
req = Rex::Proto::NATPMP.map_port_request(
datastore['LPORT'].to_i, datastore['RPORT'].to_i,
req = map_port_request(
datastore['INTERNAL_PORT'], datastore['EXTERNAL_PORT'],
Rex::Proto::NATPMP.const_get(datastore['PROTOCOL']), datastore['LIFETIME']
)
# send it
udp_sock.sendto(req, host, datastore['NATPMPPORT'], 0)
udp_sock.sendto(req, host, datastore['RPORT'], 0)
# handle the reply
while (r = udp_sock.recvfrom(16, 1) and r[1])
handle_reply(Rex::Socket.source_address(host), host, external_address, r)
@ -78,12 +76,12 @@ class Metasploit3 < Msf::Auxiliary
pkt[1] = pkt[1].sub(/^::ffff:/, '')
end
(ver, op, result, epoch, internal_port, external_port, lifetime) = Rex::Proto::NATPMP.parse_map_port_response(pkt[0])
(ver, op, result, epoch, internal_port, external_port, lifetime) = parse_map_port_response(pkt[0])
if (result == 0)
if (datastore['RPORT'].to_i != external_port)
if (datastore['EXTERNAL_PORT'] != external_port)
print_status( "#{external_address} " +
"#{datastore['RPORT']}/#{datastore['PROTOCOL']} -> #{map_target} " +
"#{datastore['EXTERNAL_PORT']}/#{datastore['PROTOCOL']} -> #{map_target} " +
"#{internal_port}/#{datastore['PROTOCOL']} couldn't be forwarded")
end
print_status( "#{external_address} " +

79
modules/auxiliary/gather/natpmp_external_address.rb
View File

@ -4,12 +4,14 @@
##
require 'msf/core'
require 'rex/proto/natpmp'
class Metasploit3 < Msf::Auxiliary
include Msf::Auxiliary::Report
include Msf::Auxiliary::Scanner
include Msf::Exploit::Remote::Udp
include Msf::Auxiliary::UDPScanner
include Msf::Auxiliary::NATPMP
include Rex::Proto::NATPMP
def initialize
super(
@ -19,68 +21,43 @@ class Metasploit3 < Msf::Auxiliary
'License' => MSF_LICENSE
)
register_options(
[
Opt::RPORT(Rex::Proto::NATPMP::DefaultPort),
Opt::CHOST
],
self.class
)
end
def run_host(host)
begin
udp_sock = Rex::Socket::Udp.create({
'LocalHost' => datastore['CHOST'] || nil,
'Context' => {'Msf' => framework, 'MsfExploit' => self}
})
add_socket(udp_sock)
vprint_status "#{host}:#{datastore['RPORT']} - NATPMP - Probing for external address"
def scan_host(ip)
scanner_send(@probe, ip, datastore['RPORT'])
end
udp_sock.sendto(Rex::Proto::NATPMP.external_address_request, host, datastore['RPORT'].to_i, 0)
while (r = udp_sock.recvfrom(12, 1.0) and r[1])
handle_reply(host, r)
def scanner_prescan(batch)
@probe = external_address_request
end
def scanner_process(data, shost, sport)
(ver, op, result, epoch, external_address) = parse_external_address_response(data)
peer = "#{shost}:#{sport}"
if (ver == 0 && op == 128 && result == 0)
print_good("#{peer} -- external address #{external_address}")
# report its external address as alive
if inside_workspace_boundary?(external_address)
report_host(
:host => external_address,
:state => Msf::HostState::Alive
)
end
rescue ::Interrupt
raise $!
rescue ::Rex::HostUnreachable, ::Rex::ConnectionTimeout, ::Rex::ConnectionRefused
nil
rescue ::Exception => e
print_error("#{host}:#{datastore['RPORT']} Unknown error: #{e.class} #{e}")
end
end
def handle_reply(host, pkt)
return if not pkt[1]
if(pkt[1] =~ /^::ffff:/)
pkt[1] = pkt[1].sub(/^::ffff:/, '')
end
(ver, op, result, epoch, external_address) = Rex::Proto::NATPMP.parse_external_address_response(pkt[0])
if (result == 0)
print_status("#{host} -- external address #{external_address}")
else
print_error("#{peer} -- unexpected version/opcode/result/address: #{ver}/#{op}/#{result}/#{external_address}")
end
# report the host we scanned as alive
report_host(
:host => host,
:host => shost,
:state => Msf::HostState::Alive
)
# also report its external address as alive
if inside_workspace_boundary?(external_address)
report_host(
:host => external_address,
:state => Msf::HostState::Alive
)
end
# report NAT-PMP as being open
report_service(
:host => host,
:port => pkt[2],
:host => shost,
:port => sport,
:proto => 'udp',
:name => 'natpmp',
:state => Msf::ServiceState::Open

33
modules/auxiliary/scanner/natpmp/natpmp_portscan.rb
View File

@ -5,12 +5,13 @@
require 'msf/core'
require 'rex/proto/natpmp'
class Metasploit3 < Msf::Auxiliary
include Msf::Auxiliary::Report
include Msf::Auxiliary::Scanner
include Msf::Auxiliary::NATPMP
include Rex::Proto::NATPMP
def initialize
super(
@ -22,10 +23,8 @@ class Metasploit3 < Msf::Auxiliary
register_options(
[
Opt::RPORT(Rex::Proto::NATPMP::DefaultPort),
OptString.new('PORTS', [true, "Ports to scan (e.g. 22-25,80,110-900)", "1-1000"]),
OptEnum.new('PROTOCOL', [true, "Protocol to scan", 'TCP', %w(TCP UDP)]),
Opt::CHOST
], self.class)
end
@ -36,32 +35,33 @@ class Metasploit3 < Msf::Auxiliary
'Context' => {'Msf' => framework, 'MsfExploit' => self} }
)
add_socket(udp_sock)
vprint_status "Scanning #{datastore['PROTOCOL']} ports #{datastore['PORTS']} on #{host} using NATPMP"
peer = "#{host}:#{datastore['RPORT']}"
vprint_status("#{peer} Scanning #{datastore['PROTOCOL']} ports #{datastore['PORTS']} using NATPMP")
# first, send a request to get the external address
udp_sock.sendto(Rex::Proto::NATPMP.external_address_request, host, datastore['RPORT'].to_i, 0)
udp_sock.sendto(external_address_request, host, datastore['RPORT'], 0)
external_address = nil
while (r = udp_sock.recvfrom(12, 0.25) and r[1])
(ver,op,result,epoch,external_address) = Rex::Proto::NATPMP.parse_external_address_response(r[0])
(ver,op,result,epoch,external_address) = parse_external_address_response(r[0])
end
if (external_address)
print_good("External address of #{host} is #{external_address}")
print_good("#{peer} responded with external address of #{external_address}")
else
print_error("Didn't get a response for #{host}'s external address")
vprint_status("#{peer} didn't respond with an external address")
return
end
Rex::Socket.portspec_crack(datastore['PORTS']).each do |port|
# send one request to clear the mapping if *we've* created it before
clear_req = Rex::Proto::NATPMP.map_port_request(port, port, Rex::Proto::NATPMP.const_get(datastore['PROTOCOL']), 0)
udp_sock.sendto(clear_req, host, datastore['RPORT'].to_i, 0)
clear_req = map_port_request(port, port, Rex::Proto::NATPMP.const_get(datastore['PROTOCOL']), 0)
udp_sock.sendto(clear_req, host, datastore['RPORT'], 0)
while (r = udp_sock.recvfrom(16, 1.0) and r[1])
end
# now try the real mapping
map_req = Rex::Proto::NATPMP.map_port_request(port, port, Rex::Proto::NATPMP.const_get(datastore['PROTOCOL']), 1)
udp_sock.sendto(map_req, host, datastore['RPORT'].to_i, 0)
map_req = map_port_request(port, port, Rex::Proto::NATPMP.const_get(datastore['PROTOCOL']), 1)
udp_sock.sendto(map_req, host, datastore['RPORT'], 0)
while (r = udp_sock.recvfrom(16, 1.0) and r[1])
handle_reply(host, external_address, r)
end
@ -85,21 +85,22 @@ class Metasploit3 < Msf::Auxiliary
host = pkt[1]
protocol = datastore['PROTOCOL'].to_s.downcase
(ver, op, result, epoch, int, ext, lifetime) = Rex::Proto::NATPMP.parse_map_port_response(pkt[0])
(ver, op, result, epoch, int, ext, lifetime) = parse_map_port_response(pkt[0])
peer = "#{host}:#{datastore['RPORT']}"
if (result == 0)
# we always ask to map an external port to the same port on us. If
# we get a successful reponse back but the port we requested be forwarded
# is different, that means that someone else already has it open
if (int != ext)
state = Msf::ServiceState::Open
print_status("#{external_addr} - #{int}/#{protocol} #{state} because of successful mapping with unmatched ports")
print_good("#{peer} #{external_addr} - #{int}/#{protocol} #{state} because of successful mapping with unmatched ports")
else
state = Msf::ServiceState::Closed
print_status("#{external_addr} - #{int}/#{protocol} #{state} because of successful mapping with matched ports") if (datastore['DEBUG'])
print_status("#{peer} #{external_addr} - #{int}/#{protocol} #{state} because of successful mapping with matched ports") if (datastore['DEBUG'])
end
else
state = Msf::ServiceState::Closed
print_status("#{external_addr} - #{int}/#{protocol} #{state} because of code #{result} response") if (datastore['DEBUG'])
print_status("#{peer} #{external_addr} - #{int}/#{protocol} #{state} because of code #{result} response") if (datastore['DEBUG'])
end
if inside_workspace_boundary?(external_addr)

2
spec/factories/mdm/exported_web_vulns.rb
View File

@ -11,4 +11,4 @@ FactoryGirl.define do
sequence :mdm_web_vuln_description do |n|
"Mdm::WebVuln#description #{n}"
end
end
end

2
spec/factories/mdm/module_details.rb
View File

@ -6,4 +6,4 @@ FactoryGirl.modify do
}
end
end
end
end

4
spec/lib/active_record/connection_adapters/abstract_adapter/connection_pool_spec.rb
View File

@ -51,7 +51,7 @@ describe ActiveRecord::ConnectionAdapters::ConnectionPool do
it 'should be false' do
thread = Thread.new do
Thread.current.should_not == main_thread
expect(active_connection?).to be_false
expect(active_connection?).to be_falsey
end
thread.join
@ -129,7 +129,7 @@ describe ActiveRecord::ConnectionAdapters::ConnectionPool do
context 'without active thread connection' do
it 'should return false from #active_connection?' do
expect(connection_pool.active_connection?).to be_false
expect(connection_pool.active_connection?).to be_falsey
end
context 'with error' do

12
spec/lib/fastlib_spec.rb
View File

@ -69,7 +69,7 @@ describe FastLib do
end
it 'should create an archive' do
File.exist?(@destination_path).should be_false
File.exist?(@destination_path).should be_falsey
described_class.dump(@destination_path, flag_string, base_path, *unarchived_paths)
@ -127,7 +127,7 @@ describe FastLib do
end
it 'should create an archive' do
File.exist?(@destination_path).should be_false
File.exist?(@destination_path).should be_falsey
described_class.dump(@destination_path, flag_string, base_path, *unarchived_paths)
@ -138,8 +138,8 @@ describe FastLib do
uncompressed_path = "#{@destination_path}.uncompressed"
compressed_path = "#{@destination_path}.compressed"
File.exist?(uncompressed_path).should be_false
File.exist?(compressed_path).should be_false
File.exist?(uncompressed_path).should be_falsey
File.exist?(compressed_path).should be_falsey
described_class.dump(uncompressed_path, '', base_path, *unarchived_paths)
described_class.dump(compressed_path, flag_string, base_path, *unarchived_paths)
@ -157,7 +157,7 @@ describe FastLib do
end
it 'should create an archive' do
File.exist?(@destination_path).should be_false
File.exist?(@destination_path).should be_falsey
described_class.dump(@destination_path, flag_string, base_path, *unarchived_paths)
@ -171,7 +171,7 @@ describe FastLib do
end
it 'should create an archive' do
File.exist?(@destination_path).should be_false
File.exist?(@destination_path).should be_falsey
described_class.dump(@destination_path, flag_string, base_path, *unarchived_paths)

1
spec/lib/metasploit/framework/afp/client_spec.rb
View File

@ -0,0 +1 @@

2
spec/lib/metasploit/framework/jtr/cracker_spec.rb
View File

@ -245,4 +245,4 @@ describe Metasploit::Framework::JtR::Cracker do
end
end
end
end
end

2
spec/lib/metasploit/framework/jtr/invalid_wordlist_spec.rb
View File

@ -35,4 +35,4 @@ describe Metasploit::Framework::JtR::InvalidWordlist do
end
end
end
end

2
spec/lib/metasploit/framework/jtr/wordlist_spec.rb
View File

@ -135,4 +135,4 @@ describe Metasploit::Framework::JtR::Wordlist do
end
end
end
end

2
spec/lib/metasploit/framework/login_scanner/db2_spec.rb
View File

@ -41,4 +41,4 @@ describe Metasploit::Framework::LoginScanner::DB2 do
end
end
end
end

2
spec/lib/metasploit/framework/login_scanner/ftp_spec.rb
View File

@ -131,4 +131,4 @@ describe Metasploit::Framework::LoginScanner::FTP do
end
end
end
end

2
spec/lib/metasploit/framework/login_scanner/mssql_spec.rb
View File

@ -90,4 +90,4 @@ describe Metasploit::Framework::LoginScanner::MSSQL do
end
end
end
end

2
spec/lib/metasploit/framework/login_scanner/mysql_spec.rb
View File

@ -105,4 +105,4 @@ describe Metasploit::Framework::LoginScanner::MySQL do
end
end
end
end

20
spec/lib/metasploit/framework/login_scanner/pop3_spec.rb
View File

@ -8,7 +8,7 @@ describe Metasploit::Framework::LoginScanner::POP3 do
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
context "#attempt_login" do
let(:pub_blank) do
Metasploit::Framework::Credential.new(
paired: true,
@ -41,10 +41,10 @@ describe Metasploit::Framework::LoginScanner::POP3 do
expect(result.status).to eq(Metasploit::Model::Login::Status::UNABLE_TO_CONNECT)
end
end
context "Open Connection" do
let(:sock) {double('socket')}
before(:each) do
sock.stub(:shutdown)
sock.stub(:close)
@ -53,30 +53,30 @@ describe Metasploit::Framework::LoginScanner::POP3 do
scanner.stub(:sock).and_return(sock)
scanner.should_receive(:select).with([sock],nil,nil,0.4)
end
it "Server returns +OK" do
expect(sock).to receive(:get_once).exactly(3).times.and_return("+OK")
expect(sock).to receive(:put).with("USER public\r\n").once.ordered
expect(sock).to receive(:put).with("PASS \r\n").once.ordered
result = scanner.attempt_login(pub_blank)
expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result)
expect(result.status).to eq(Metasploit::Model::Login::Status::SUCCESSFUL)
end
it "Server Returns Something Else" do
sock.stub(:get_once).and_return("+ERROR")
result = scanner.attempt_login(pub_blank)
expect(result).to be_kind_of(Metasploit::Framework::LoginScanner::Result)
expect(result.status).to eq(Metasploit::Model::Login::Status::INCORRECT)
expect(result.proof).to eq("+ERROR")
end
end
end
end

2
spec/lib/metasploit/framework/login_scanner/postgres_spec.rb
View File

@ -72,4 +72,4 @@ describe Metasploit::Framework::LoginScanner::Postgres do
end
end
end
end

4
spec/lib/metasploit/framework/login_scanner/result_spec.rb
View File

@ -36,10 +36,10 @@ describe Metasploit::Framework::LoginScanner::Result do
context 'when the status code is anything else' do
let(:status) { :connection_error }
it 'returns false' do
expect(login_result.success?).to be_false
expect(login_result.success?).to be_falsey
end
end
end
end
end

2
spec/lib/metasploit/framework/login_scanner/snmp_spec.rb
View File

@ -53,4 +53,4 @@ describe Metasploit::Framework::LoginScanner::SNMP do
end
end
end

2
spec/lib/metasploit/framework/login_scanner/telnet_spec.rb
View File

@ -75,4 +75,4 @@ describe Metasploit::Framework::LoginScanner::Telnet do
end
end
end
end

2
spec/lib/metasploit/framework/login_scanner/vnc_spec.rb
View File

@ -81,4 +81,4 @@ describe Metasploit::Framework::LoginScanner::VNC do
end
end
end

2
spec/lib/msf/base/simple/framework_spec.rb
View File

@ -8,4 +8,4 @@ describe Msf::Simple::Framework do
end
it_should_behave_like 'Msf::Simple::Framework::ModulePaths'
end
end

6
spec/lib/msf/core/exploit/cmdstager_spec.rb
View File

@ -358,7 +358,7 @@ describe Msf::Exploit::CmdStager do
end
it "isn't compatible" do
expect(subject.compatible_flavor?(flavor)).to be_false
expect(subject.compatible_flavor?(flavor)).to be_falsey
end
end
end
@ -385,7 +385,7 @@ describe Msf::Exploit::CmdStager do
end
it "isn't compatible" do
expect(subject.compatible_flavor?(flavor)).to be_false
expect(subject.compatible_flavor?(flavor)).to be_falsey
end
end
end
@ -412,7 +412,7 @@ describe Msf::Exploit::CmdStager do
end
it "isn't compatible" do
expect(subject.compatible_flavor?(flavor)).to be_false
expect(subject.compatible_flavor?(flavor)).to be_falsey
end
end

22
spec/lib/msf/core/exploit/powershell_spec.rb
View File

@ -108,7 +108,7 @@ describe Msf::Exploit::Powershell do
it 'should substitute variables' do
script = File.read(example_script)
compressed = subject.compress_script(script)
decompress(compressed).include?('$hashes').should be_false
decompress(compressed).include?('$hashes').should be_falsey
end
end
@ -132,7 +132,7 @@ describe Msf::Exploit::Powershell do
it 'should substitute functions' do
script = File.read(example_script)
compressed = subject.compress_script(script)
decompress(compressed).include?('DumpHashes').should be_false
decompress(compressed).include?('DumpHashes').should be_falsey
end
end
@ -228,7 +228,7 @@ describe Msf::Exploit::Powershell do
end
it 'shouldnt add a persistance loop' do
code = subject.cmd_psh_payload(payload, arch)
decompress(code).include?('while(1){Start-Sleep -s ').should be_false
decompress(code).include?('while(1){Start-Sleep -s ').should be_falsey
end
end
@ -250,7 +250,7 @@ describe Msf::Exploit::Powershell do
end
it 'shouldnt prepend sleep' do
code = subject.cmd_psh_payload(payload, arch)
decompress(code).include?('Start-Sleep -s ').should be_false
decompress(code).include?('Start-Sleep -s ').should be_falsey
end
end
@ -261,7 +261,7 @@ describe Msf::Exploit::Powershell do
end
it 'shouldnt prepend sleep' do
code = subject.cmd_psh_payload(payload, arch)
decompress(code).include?('Start-Sleep -s ').should be_false
decompress(code).include?('Start-Sleep -s ').should be_falsey
end
end
@ -364,16 +364,16 @@ describe Msf::Exploit::Powershell do
context 'when no_equals is false' do
it 'should contain a final payload with -e' do
code = subject.cmd_psh_payload(payload, arch, {:encode_final_payload => true, :no_equals => false})
code.include?(' -e ').should be_truthy
code.include?(' -c ').should be_false
code.include?(' -e ').should be_true
code.include?(' -c ').should be_falsey
end
end
context 'when no_equals is true' do
it 'should contain a final payload with -e' do
code = subject.cmd_psh_payload(payload, arch, {:encode_final_payload => true, :no_equals => true})
code.include?(' -e ').should be_truthy
code.include?(' -c ').should be_false
code.include?('=').should be_false
code.include?(' -e ').should be_true
code.include?(' -c ').should be_falsey
code.include?('=').should be_falsey
end
end
context 'when encode_inner_payload is true' do
@ -392,7 +392,7 @@ describe Msf::Exploit::Powershell do
context 'when remove_comspec' do
it 'shouldnt contain %COMSPEC%' do
code = subject.cmd_psh_payload(payload, arch, {:remove_comspec => true})
code.include?('%COMSPEC%').should be_false
code.include?('%COMSPEC%').should be_falsey
end
end

2
spec/lib/msf/core/exploit/remote/browser_exploit_server_spec.rb
View File

@ -292,4 +292,4 @@ describe Msf::Exploit::Remote::BrowserExploitServer do
end
end
end
end

2
spec/lib/msf/core/handler/reverse_http/uri_checksum_spec.rb
View File

@ -86,4 +86,4 @@ describe Msf::Handler::ReverseHttp::UriChecksum do
end
end
end
end

2
spec/lib/msf/core/module_spec.rb
View File

@ -10,7 +10,7 @@ shared_examples "search_filter" do |opts|
accept.each do |query|
it "should accept a query containing '#{query}'" do
# if the subject matches, search_filter returns false ("don't filter me out!")
subject.search_filter(query).should be_false
subject.search_filter(query).should be_falsey
end
unless opts.has_key?(:test_inverse) and not opts[:test_inverse]

4
spec/lib/msf/core/modules/loader/archive_spec.rb
View File

@ -127,7 +127,7 @@ describe Msf::Modules::Loader::Archive do
end
it 'should ignore types that are not enabled' do
module_manager.type_enabled?(disabled_type).should be_false
module_manager.type_enabled?(disabled_type).should be_falsey
subject.send(:each_module_reference_name, @archive_path) do |parent_path, type, module_reference_name|
type.should_not == disabled_type
@ -180,7 +180,7 @@ describe Msf::Modules::Loader::Archive do
path.should include(described_class::ARCHIVE_EXTENSION)
File.extname(path).should_not == described_class::ARCHIVE_EXTENSION
subject.loadable?(path).should be_false
subject.loadable?(path).should be_falsey
end
end

64
spec/lib/msf/core/modules/loader/base_spec.rb
View File

@ -268,7 +268,7 @@ describe Msf::Modules::Loader::Base do
end
it 'should return false if :force is false' do
subject.load_module(parent_path, type, module_reference_name, :force => false).should be_false
subject.load_module(parent_path, type, module_reference_name, :force => false).should be_falsey
end
it 'should not call #read_module_content' do
@ -352,7 +352,7 @@ describe Msf::Modules::Loader::Base do
# if the module eval error includes the module_path then the module_path was passed along correctly
subject.should_receive(:elog).with(/#{Regexp.escape(module_path)}/)
subject.load_module(parent_path, type, module_reference_name, :reload => true).should be_false
subject.load_module(parent_path, type, module_reference_name, :reload => true).should be_falsey
end
context 'with empty module content' do
@ -361,12 +361,12 @@ describe Msf::Modules::Loader::Base do
end
it 'should return false' do
subject.load_module(parent_path, type, module_reference_name).should be_false
subject.load_module(parent_path, type, module_reference_name).should be_falsey
end
it 'should not attempt to make a new namespace_module' do
subject.should_not_receive(:namespace_module_transaction)
subject.load_module(parent_path, type, module_reference_name).should be_false
subject.load_module(parent_path, type, module_reference_name).should be_falsey
end
end
@ -426,7 +426,7 @@ describe Msf::Modules::Loader::Base do
it 'should record the load error using the original error' do
subject.should_receive(:load_error).with(module_path, error)
subject.load_module(parent_path, type, module_reference_name).should be_false
subject.load_module(parent_path, type, module_reference_name).should be_falsey
end
end
@ -457,14 +457,14 @@ describe Msf::Modules::Loader::Base do
it 'should record the load error using the Msf::Modules::VersionCompatibilityError' do
subject.should_receive(:load_error).with(module_path, version_compatibility_error)
subject.load_module(parent_path, type, module_reference_name).should be_false
subject.load_module(parent_path, type, module_reference_name).should be_falsey
end
end
it 'should return false' do
@namespace_module.stub(:version_compatible!).with(module_path, module_reference_name)
subject.load_module(parent_path, type, module_reference_name).should be_false
subject.load_module(parent_path, type, module_reference_name).should be_falsey
end
end
end
@ -520,11 +520,11 @@ describe Msf::Modules::Loader::Base do
it 'should record the load error' do
subject.should_receive(:load_error).with(module_path, version_compatibility_error)
subject.load_module(parent_path, type, module_reference_name).should be_false
subject.load_module(parent_path, type, module_reference_name).should be_falsey
end
it 'should return false' do
subject.load_module(parent_path, type, module_reference_name).should be_false
subject.load_module(parent_path, type, module_reference_name).should be_falsey
end
it 'should restore the old namespace module' do
@ -558,16 +558,16 @@ describe Msf::Modules::Loader::Base do
module_path,
kind_of(Msf::Modules::MetasploitClassCompatibilityError)
)
subject.load_module(parent_path, type, module_reference_name).should be_false
subject.load_module(parent_path, type, module_reference_name).should be_falsey
end
it 'should return false' do
subject.load_module(parent_path, type, module_reference_name).should be_false
subject.load_module(parent_path, type, module_reference_name).should be_falsey
end
it 'should restore the old namespace module' do
subject.load_module(parent_path, type, module_reference_name).should be_false
Msf::Modules.const_defined?(relative_name).should be_truthy
subject.load_module(parent_path, type, module_reference_name).should be_falsey
Msf::Modules.const_defined?(relative_name).should be_true
Msf::Modules.const_get(relative_name).should == @original_namespace_module
end
end
@ -593,16 +593,16 @@ describe Msf::Modules::Loader::Base do
it 'should log information' do
subject.should_receive(:ilog).with(/#{module_reference_name}/, 'core', LEV_1)
subject.load_module(parent_path, type, module_reference_name).should be_false
subject.load_module(parent_path, type, module_reference_name).should be_falsey
end
it 'should return false' do
subject.load_module(parent_path, type, module_reference_name).should be_false
subject.load_module(parent_path, type, module_reference_name).should be_falsey
end
it 'should restore the old namespace module' do
subject.load_module(parent_path, type, module_reference_name).should be_false
Msf::Modules.const_defined?(relative_name).should be_truthy
subject.load_module(parent_path, type, module_reference_name).should be_falsey
Msf::Modules.const_defined?(relative_name).should be_true
Msf::Modules.const_get(relative_name).should == @original_namespace_module
end
end
@ -654,7 +654,7 @@ describe Msf::Modules::Loader::Base do
it 'should set the count to 1 if it does not exist' do
count_by_type = {}
count_by_type.has_key?(type).should be_false
count_by_type.has_key?(type).should be_falsey
subject.load_module(
parent_path,
type,
@ -802,7 +802,7 @@ describe Msf::Modules::Loader::Base do
end
it 'should return nil if the module is not defined' do
Msf::Modules.const_defined?(relative_name).should be_false
Msf::Modules.const_defined?(relative_name).should be_falsey
subject.send(:current_module, module_names).should be_nil
end
@ -838,7 +838,7 @@ describe Msf::Modules::Loader::Base do
it 'should return false if path is hidden' do
hidden_path = '.hidden/path/file.rb'
subject.send(:module_path?, hidden_path).should be_false
subject.send(:module_path?, hidden_path).should be_falsey
end
it 'should return false if the file extension is not MODULE_EXTENSION' do
@ -846,21 +846,21 @@ describe Msf::Modules::Loader::Base do
path = "path/with/wrong/extension#{non_module_extension}"
non_module_extension.should_not == described_class::MODULE_EXTENSION
subject.send(:module_path?, path).should be_false
subject.send(:module_path?, path).should be_falsey
end
it 'should return false if the file is a unit test' do
unit_test_extension = '.rb.ut.rb'
path = "path/to/unit_test#{unit_test_extension}"
subject.send(:module_path?, path).should be_false
subject.send(:module_path?, path).should be_falsey
end
it 'should return false if the file is a test suite' do
test_suite_extension = '.rb.ts.rb'
path = "path/to/test_suite#{test_suite_extension}"
subject.send(:module_path?, path).should be_false
subject.send(:module_path?, path).should be_falsey
end
it 'should return true otherwise' do
@ -1022,7 +1022,7 @@ describe Msf::Modules::Loader::Base do
it 'should return false' do
subject.send(:namespace_module_transaction, module_full_name) { |namespace_module|
false
}.should be_false
}.should be_falsey
end
end
@ -1077,7 +1077,7 @@ describe Msf::Modules::Loader::Base do
end
it 'should remove the created namespace module' do
Msf::Modules.const_defined?(relative_name).should be_false
Msf::Modules.const_defined?(relative_name).should be_falsey
begin
subject.send(:namespace_module_transaction, module_full_name) do |namespace_module|
@ -1088,7 +1088,7 @@ describe Msf::Modules::Loader::Base do
rescue error_class
end
Msf::Modules.const_defined?(relative_name).should be_false
Msf::Modules.const_defined?(relative_name).should be_falsey
end
it 'should re-raise the error' do
@ -1102,7 +1102,7 @@ describe Msf::Modules::Loader::Base do
context 'with the block returning false' do
it 'should remove the created namespace module' do
Msf::Modules.const_defined?(relative_name).should be_false
Msf::Modules.const_defined?(relative_name).should be_falsey
subject.send(:namespace_module_transaction, module_full_name) do |namespace_module|
Msf::Modules.const_defined?(relative_name).should be_truthy
@ -1110,19 +1110,19 @@ describe Msf::Modules::Loader::Base do
false
end
Msf::Modules.const_defined?(relative_name).should be_false
Msf::Modules.const_defined?(relative_name).should be_falsey
end
it 'should return false' do
subject.send(:namespace_module_transaction, module_full_name) { |namespace_module|
false
}.should be_false
}.should be_falsey
end
end
context 'with the block returning true' do
it 'should not restore the non-existent previous namespace module' do
Msf::Modules.const_defined?(relative_name).should be_false
Msf::Modules.const_defined?(relative_name).should be_falsey
created_namespace_module = nil
@ -1281,7 +1281,7 @@ describe Msf::Modules::Loader::Base do
context 'without relative_name being a defined constant' do
it 'should set relative_name on parent_module to namespace_module' do
parent_module.const_defined?(relative_name).should be_false
parent_module.const_defined?(relative_name).should be_falsey
subject.send(:restore_namespace_module, parent_module, relative_name, @original_namespace_module)
@ -1340,7 +1340,7 @@ describe Msf::Modules::Loader::Base do
end
it 'should return false' do
subject.send(:usable?, metasploit_class).should be_false
subject.send(:usable?, metasploit_class).should be_falsey
end
end
end

12
spec/lib/msf/core/modules/loader/directory_spec.rb
View File

@ -74,7 +74,7 @@ describe Msf::Modules::Loader::Directory do
end
it 'should not load the module' do
subject.load_module(parent_path, type, module_reference_name).should be_false
subject.load_module(parent_path, type, module_reference_name).should be_falsey
end
end
@ -89,7 +89,7 @@ describe Msf::Modules::Loader::Directory do
end
it 'should not load the module' do
subject.load_module(parent_path, type, module_reference_name).should be_false
subject.load_module(parent_path, type, module_reference_name).should be_falsey
end
end
end
@ -110,7 +110,7 @@ describe Msf::Modules::Loader::Directory do
end
it 'should not raise an error' do
File.exist?(module_path).should be_false
File.exist?(module_path).should be_falsey
expect {
subject.load_module(parent_path, type, module_reference_name)
@ -118,9 +118,9 @@ describe Msf::Modules::Loader::Directory do
end
it 'should return false' do
File.exist?(module_path).should be_false
File.exist?(module_path).should be_falsey
subject.load_module(parent_path, type, module_reference_name).should be_false
subject.load_module(parent_path, type, module_reference_name).should be_falsey
end
end
end
@ -138,7 +138,7 @@ describe Msf::Modules::Loader::Directory do
# this ensures that the File.exist?(module_path) checks are checking the same path as the code under test
it 'should attempt to open the expected module_path' do
File.should_receive(:open).with(module_path, 'rb')
File.exist?(module_path).should be_false
File.exist?(module_path).should be_falsey
subject.send(:read_module_content, parent_path, type, module_reference_name)
end

2
spec/lib/msf/core/modules/namespace_spec.rb
View File

@ -179,7 +179,7 @@ describe Msf::Modules::Namespace do
context 'version_compatible!' do
context 'without RequiredVersions' do
it 'should not be defined' do
subject.const_defined?('RequiredVersions').should be_false
subject.const_defined?('RequiredVersions').should be_falsey
end
it 'should not raise an error' do

2
spec/lib/msf/core/options/opt_enum_spec.rb
View File

@ -20,4 +20,4 @@ describe Msf::OptEnum do
subject.valid?('Bar').should == true
end
end
end
end

2
spec/lib/msf/core/options/opt_raw_spec.rb
View File

@ -12,4 +12,4 @@ describe Msf::OptRaw do
invalid_values = []
it_behaves_like "an option", valid_values, invalid_values, 'raw'
end
end

2
spec/lib/msf/core/options/opt_regexp_spec.rb
View File

@ -14,4 +14,4 @@ describe Msf::OptRegexp do
]
it_behaves_like "an option", valid_values, invalid_values, 'regexp'
end
end

2
spec/lib/msf/core/payload_generator_spec.rb
View File

@ -530,4 +530,4 @@ describe Msf::PayloadGenerator do
end
end
end
end

2
spec/lib/msf/db_manager/export_spec.rb
View File

@ -105,4 +105,4 @@ describe Msf::DBManager::Export do
end
end
end
end
end

2
spec/lib/msf/db_manager_spec.rb
View File

@ -1775,7 +1775,7 @@ describe Msf::DBManager do
# @todo determine how to load a single payload to test payload type outside of msfconsole
it_should_behave_like 'Msf::DBManager#update_module_details with module',
it_should_behave_like 'Msf::DBManager#update_module_details with module',
:reference_name => 'windows/escalate/screen_unlock',
:type => 'post'
end

2
spec/lib/rex/exploitation/js/detect_spec.rb
View File

@ -27,4 +27,4 @@ describe Rex::Exploitation::Js::Detect do
end
end
end

2
spec/lib/rex/exploitation/js/memory_spec.rb
View File

@ -27,4 +27,4 @@ describe Rex::Exploitation::Js::Memory do
end
end
end

2
spec/lib/rex/exploitation/js/utils_spec.rb
View File

@ -13,4 +13,4 @@ describe Rex::Exploitation::Js::Utils do
end
end
end

38
spec/lib/rex/exploitation/powershell/obfu_spec.rb
View File

@ -27,7 +27,7 @@ lots \t of whitespace
# single_line_comment1
# single_line_comment2
#
# single_line_comment3
# single_line_comment3
if (-not ($NewLogonAccountDomain -cmatch \"NT\\sAUTHORITY\" -or $NewLogonAccountDomain -cmatch \"Window\\sManager\"))
{
$Key = $AccountName + $AccountDomain + $NewLogonAccountName + $NewLogonAccountDomain + $LogonType + $WorkstationName + $SourceNetworkAddress + $SourcePort
@ -84,7 +84,7 @@ lots \t of whitespace
# single_line_comment1
# single_line_comment2
#
# single_line_comment3
# single_line_comment3
$some_literal = @\"
using System;
using System.Runtime.InteropServices;
@ -146,14 +146,14 @@ lots \t of whitespace
subject.strip_comments
subject.code.should be
subject.code.should be_kind_of String
subject.code.include?('comment').should be_false
subject.code.include?('comment').should be_falsey
end
it 'should strip a single line comment' do
subject.strip_comments
subject.code.should be
subject.code.should be_kind_of String
subject.code.include?('#').should be_false
subject.code.include?('#').should be_falsey
end
end
@ -163,7 +163,7 @@ lots \t of whitespace
subject.code.should be
subject.code.should be_kind_of String
res = (subject.code =~ /\r\n\r\n/)
res.should be_false
res.should be_falsey
end
it 'should strip extra unix new lines' do
@ -171,7 +171,7 @@ lots \t of whitespace
subject.code.should be
subject.code.should be_kind_of String
res = (subject.code =~ /\n\n/)
res.should be_false
res.should be_falsey
end
end
@ -189,8 +189,8 @@ lots \t of whitespace
subject.sub_vars
subject.code.should be
subject.code.should be_kind_of String
subject.code.include?('$kernel32').should be_false
subject.code.include?('$Logon').should be_false
subject.code.include?('$kernel32').should be_falsey
subject.code.include?('$Logon').should be_falsey
end
end
@ -199,7 +199,7 @@ lots \t of whitespace
subject.sub_funcs
subject.code.should be
subject.code.should be_kind_of String
subject.code.include?('Find-4624Logons').should be_false
subject.code.include?('Find-4624Logons').should be_falsey
end
end
@ -208,24 +208,24 @@ lots \t of whitespace
subject_no_literal.standard_subs
subject_no_literal.code.should be
subject_no_literal.code.should be_kind_of String
subject_no_literal.code.include?('Find-4624Logons').should be_false
subject_no_literal.code.include?('lots of whitespace').should be_truthy
subject_no_literal.code.include?('$kernel32').should be_false
subject_no_literal.code.include?('comment').should be_false
subject_no_literal.code.include?('Find-4624Logons').should be_falsey
subject_no_literal.code.include?('lots of whitespace').should be_true
subject_no_literal.code.include?('$kernel32').should be_falsey
subject_no_literal.code.include?('comment').should be_falsey
res = (subject_no_literal.code =~ /\r\n\r\n/)
res.should be_false
res.should be_falsey
end
it 'should run all substitutions except strip whitespace when literals are present' do
subject.standard_subs
subject.code.should be
subject.code.should be_kind_of String
subject.code.include?('Find-4624Logons').should be_false
subject.code.include?('lots of whitespace').should be_false
subject.code.include?('$kernel32').should be_false
subject.code.include?('comment').should be_false
subject.code.include?('Find-4624Logons').should be_falsey
subject.code.include?('lots of whitespace').should be_falsey
subject.code.include?('$kernel32').should be_falsey
subject.code.include?('comment').should be_falsey
res = (subject.code =~ /\r\n\r\n/)
res.should be_false
res.should be_falsey
end
end
end

4
spec/lib/rex/exploitation/powershell/parser_spec.rb
View File

@ -96,7 +96,7 @@ function Find-4624Logons
literals.should be
literals.should be_kind_of Array
literals.length.should be > 0
literals[0].include?('parp').should be_false
literals[0].include?('parp').should be_falsey
end
end
@ -152,7 +152,7 @@ function Find-4624Logons
it 'should delete the function if delete is true' do
function = subject.get_func('Find-4624Logons', true)
subject.code.include?('DllImport').should be_false
subject.code.include?('DllImport').should be_falsey
end
end
end

6
spec/lib/rex/exploitation/powershell/script_spec.rb
View File

@ -21,8 +21,8 @@ describe Rex::Exploitation::Powershell::Output do
subject.rig.should be_kind_of Rex::RandomIdentifierGenerator
subject.code.should be
subject.code.should be_kind_of String
subject.code.empty?.should be_false
subject.functions.empty?.should be_truthy
subject.code.empty?.should be_falsey
subject.functions.empty?.should be_true
end
end
@ -40,7 +40,7 @@ describe Rex::Exploitation::Powershell::Output do
mods = Rex::Exploitation::Powershell::Script.code_modifiers
mods.should be
mods.should be_kind_of Array
mods.empty?.should be_false
mods.empty?.should be_falsey
end
end

4
spec/lib/rex/exploitation/powershell_spec.rb
View File

@ -38,8 +38,8 @@ DumpHashes"""
describe "::make_subs" do
it 'should substitute values in script' do
script = described_class.make_subs(example_script,[['BitConverter','ParpConverter']])
script.include?('BitConverter').should be_false
script.include?('ParpConverter').should be_truthy
script.include?('BitConverter').should be_falsey
script.include?('ParpConverter').should be_true
end
end

4
spec/lib/rex/exploitation/ropdb_spec.rb
View File

@ -32,7 +32,7 @@ describe Rex::Exploitation::RopDb do
end
it "should return false when I supply an invalid database" do
ropdb.has_rop?("sinn3r").should be_false
ropdb.has_rop?("sinn3r").should be_falsey
end
end
@ -82,4 +82,4 @@ describe Rex::Exploitation::RopDb do
end
end
end
end

66
spec/lib/rex/parser/group_policy_preferences_spec.rb
View File

@ -33,43 +33,43 @@ xml_serv = '
xml_ms = '
<?xml version="1.0" encoding="utf-8"?>
<Groups clsid="{3125E937-EB16-4b4c-9934-544FC6D24D26}"
<Groups clsid="{3125E937-EB16-4b4c-9934-544FC6D24D26}"
disabled="1">
<User clsid="{DF5F1855-51E5-4d24-8B1A-D9BDE98BA1D1}"
name="DbAdmin"
image="2"
changed="2007-07-06 20:45:20"
<User clsid="{DF5F1855-51E5-4d24-8B1A-D9BDE98BA1D1}"
name="DbAdmin"
image="2"
changed="2007-07-06 20:45:20"
uid="{253F4D90-150A-4EFB-BCC8-6E894A9105F7}">
<Properties
action="U"
newName=""
fullName="Database Admin"
description="Local Database Admin"
cpassword="demo"
changeLogon="0"
noChange="0"
neverExpires="0"
acctDisabled="1"
<Properties
action="U"
newName=""
fullName="Database Admin"
description="Local Database Admin"
cpassword="demo"
changeLogon="0"
noChange="0"
neverExpires="0"
acctDisabled="1"
userName="DbAdmin"/>
</User>
<Group clsid="{6D4A79E4-529C-4481-ABD0-F5BD7EA93BA7}"
name="Database Admins"
image="2"
changed="2007-07-06 20:46:21"
<Group clsid="{6D4A79E4-529C-4481-ABD0-F5BD7EA93BA7}"
name="Database Admins"
image="2"
changed="2007-07-06 20:46:21"
uid="{C5FB3901-508A-4A9E-9171-60D4FC2B404B}">
<Properties
action="U"
newName=""
description="Local Database Admins"
userAction="REMOVE"
deleteAllUsers="1"
deleteAllGroups="1"
removeAccounts="0"
<Properties
action="U"
newName=""
description="Local Database Admins"
userAction="REMOVE"
deleteAllUsers="1"
deleteAllGroups="1"
removeAccounts="0"
groupName="Database Admins">
<Members>
<Member
name="domain\sampleuser"
action="ADD"
<Member
name="domain\sampleuser"
action="ADD"
sid=""/>
</Members>
</Properties>
@ -89,12 +89,12 @@ cpassword_bad = "blah"
describe Rex::Parser::GPP do
GPP = Rex::Parser::GPP
##
# Decrypt
##
it "Decrypt returns Local*P4ssword! for normal cpassword" do
result = GPP.decrypt(cpassword_normal)
result = GPP.decrypt(cpassword_normal)
result.should eq("Local*P4ssword!")
end
@ -102,7 +102,7 @@ describe Rex::Parser::GPP do
result = GPP.decrypt(cpassword_bad)
result.should eq("")
end
it "Decrypt returns blank for nil cpassword" do
result = GPP.decrypt(nil)
result.should eq("")

2
spec/lib/rex/parser/unattend_spec.rb
View File

@ -16,7 +16,7 @@ comb = REXML::Document.new('<unattend xmlns="urn:schemas-microsoft-com:unattend"
describe Rex::Parser::Unattend do
context "#parse" do
it "returns passwords for b64" do
it "returns passwords for b64" do
results = described_class.parse(b64)
results.length.should eq(2)
results[0]['password'].should eq(Rex::Text.to_unicode('Temp123'))

2
spec/lib/rex/post/meterpreter/client_core_spec.rb
View File

@ -49,5 +49,5 @@ describe Rex::Post::Meterpreter::ClientCore do
end
end

4
spec/lib/rex/proto/http/client_spec.rb
View File

@ -51,7 +51,7 @@ describe Rex::Proto::Http::Client do
cli.instance_variable_get(:@hostname).should == ip
cli.instance_variable_get(:@port).should == 80
cli.instance_variable_get(:@context).should == {}
cli.instance_variable_get(:@ssl).should be_false
cli.instance_variable_get(:@ssl).should be_falsey
cli.instance_variable_get(:@proxies).should be_nil
cli.instance_variable_get(:@username).should be_empty
cli.instance_variable_get(:@password).should be_empty
@ -202,7 +202,7 @@ describe Rex::Proto::Http::Client do
end
it "should test if a connection is valid" do
cli.conn?.should be_false
cli.conn?.should be_falsey
end
it "should tell if pipelining is enabled" do

48
spec/lib/rex/proto/natpmp/packet_spec.rb Normal file
View File

@ -0,0 +1,48 @@
# -*- coding: binary -*-
require 'spec_helper'
require 'rex/proto/natpmp/packet'
describe Rex::Proto::NATPMP do
subject do
mod = Module.new
mod.extend described_class
mod
end
describe '#parse_external_address_response' do
it 'should properly parse non-error responses' do
data = "\x00\x80\x00\x00\x00\x33\x50\x53\xc0\xa8\x01\x02"
subject.parse_external_address_response(data)
ver, opcode, result, epoch, addr = subject.parse_external_address_response(data)
expect(ver).to eq(0)
expect(opcode).to eq(128)
expect(result).to eq(0)
expect(epoch).to eq(3362899)
expect(addr).to eq('192.168.1.2')
end
it 'should properly parse error responses' do
data = "\x00\x80\x00\x03\x00\x00\x70\x90\x00\x00\x00\x00"
subject.parse_external_address_response(data)
ver, opcode, result, epoch, addr = subject.parse_external_address_response(data)
expect(ver).to eq(0)
expect(opcode).to eq(128)
expect(result).to eq(3)
expect(epoch).to eq(28816)
expect(addr).to eq('0.0.0.0')
end
end
describe '#parse_map_port_response' do
it 'should properly parse responses' do
data = "\x00\x82\x00\x00\x00\x33\x6f\xd8\x11\x5c\x15\xb3\x00\x36\xee\x80"
ver, opcode, result, epoch, internal, external, lifetime = subject.parse_map_port_response(data)
expect(ver).to eq(0)
expect(opcode).to eq(130)
expect(result).to eq(0)
expect(epoch).to eq(3370968)
expect(internal).to eq(4444)
expect(external).to eq(5555)
expect(lifetime).to eq(3600000)
end
end
end

2
spec/lib/rex/proto/pjl/client_spec.rb
View File

@ -44,7 +44,7 @@ describe Rex::Proto::PJL::Client do
expect { cli.info(nil) }.to raise_error(ArgumentError)
end
it "should receive a response for an INFO request" do
it "should receive a response for an INFO request" do
cli.info(:id).should eq(default_response)
end
end

2
spec/models/metasploit/credential/core_spec.rb
View File

@ -2,4 +2,4 @@ require 'spec_helper'
describe Metasploit::Credential::Core do
it_should_behave_like 'Metasploit::Credential::Core::ToCredential'
end
end

2
spec/msfcli_spec.rb
View File

@ -72,7 +72,7 @@ describe Msfcli do
it "should see a help menu" do
out = get_stdout {
cli = Msfcli.new([])
cli.usage
cli.usage
}
out.should =~ /Usage/
end

2
spec/support/shared/contexts/msf/db_manager.rb
View File

@ -14,4 +14,4 @@ shared_context 'Msf::DBManager' do
framework.db.workspace = framework.db.default_workspace
db_manager.stub(:active => active)
end
end
end

10
spec/support/shared/examples/credential/core/to_credential.rb
View File

@ -3,19 +3,19 @@ require 'metasploit/framework/credential'
shared_examples_for 'Metasploit::Credential::Core::ToCredential' do
context "methods" do
context ".to_credential" do
subject(:crednetial_core) do
FactoryGirl.create(:metasploit_credential_core)
end
it { should respond_to :to_credential }
it "should return a Metasploit::Framework::Credential" do
expect(
crednetial_core.to_credential
).to be_a Metasploit::Framework::Credential
end
it "should set the parent to the credential object" do
expect(
crednetial_core.to_credential.parent
@ -23,4 +23,4 @@ shared_examples_for 'Metasploit::Credential::Core::ToCredential' do
end
end
end
end
end

4
spec/support/shared/examples/metasploit/framework/login_scanner/http.rb
View File

@ -8,7 +8,7 @@ shared_examples_for 'Metasploit::Framework::LoginScanner::HTTP' do
context "without ssl, without port" do
it "should default :port to #{described_class::DEFAULT_PORT}" do
expect(http_scanner.ssl).to be_false
expect(http_scanner.ssl).to be_falsey
expect(http_scanner.port).to eq(described_class::DEFAULT_PORT)
end
end
@ -25,7 +25,7 @@ shared_examples_for 'Metasploit::Framework::LoginScanner::HTTP' do
subject(:http_scanner) { described_class.new(port:described_class::DEFAULT_PORT) }
it "should set ssl to false" do
expect(http_scanner.port).to eq(described_class::DEFAULT_PORT)
expect(http_scanner.ssl).to be_false
expect(http_scanner.ssl).to be_falsey
end
end

2
spec/support/shared/examples/msf/db_manager/export/extract_module_detail_info_module_detail_child.rb
View File

@ -20,4 +20,4 @@ shared_examples_for 'Msf::DBManager::Export#extract_module_detail_info module_de
child_node.content.should == attribute.to_s
end
end
end
end

2
spec/support/shared/examples/msf/db_manager/migration.rb
View File

@ -134,4 +134,4 @@ shared_examples_for 'Msf::DBManager::Migration' do
reset_column_information
end
end
end
end

4
spec/support/shared/examples/msf/db_manager/search_modules/mdm_module_platform_name_or_mdm_module_target_name_keyword.rb
View File

@ -31,7 +31,7 @@ shared_examples_for 'Msf::DBManager#search_modules Mdm::Module::Platform#name or
context 'with Mdm::Module::Target#name' do
let(:name) do
# use inspect to quote spaces in string
# use inspect to quote spaces in string
module_target.name.inspect
end
@ -46,4 +46,4 @@ shared_examples_for 'Msf::DBManager#search_modules Mdm::Module::Platform#name or
end
end
end
end
end

2
spec/support/shared/examples/msf/db_manager/search_modules/mdm_module_ref_name_keyword.rb
View File

@ -41,4 +41,4 @@ shared_examples_for 'Msf::DBManager#search_modules Mdm::Module::Ref#name keyword
end
end
end
end
end

2
spec/support/shared/examples/msf/db_manager/update_all_module_details_refresh.rb
View File

@ -57,4 +57,4 @@ shared_examples_for 'Msf::DBManager#update_all_module_details refresh' do
update_all_module_details
end
end
end
end

2
spec/support/shared/examples/msf/db_manager/update_module_details_with_module_type.rb
View File

@ -23,4 +23,4 @@ shared_examples_for 'Msf::DBManager#update_module_details with module' do |optio
}.to_not raise_error
end
end
end
end

12
spec/support/shared/examples/msf/module_manager/cache.rb
View File

@ -54,7 +54,7 @@ shared_examples_for 'Msf::ModuleManager::Cache' do
}
end
it { should be_false }
it { should be_falsey }
end
end
@ -196,7 +196,7 @@ shared_examples_for 'Msf::ModuleManager::Cache' do
false
end
it { should be_false }
it { should be_falsey }
end
context 'with true' do
@ -214,7 +214,7 @@ shared_examples_for 'Msf::ModuleManager::Cache' do
{}
end
it { should be_false }
it { should be_falsey }
end
end
@ -323,7 +323,7 @@ shared_examples_for 'Msf::ModuleManager::Cache' do
false
end
it { should be_false }
it { should be_falsey }
end
end
@ -332,7 +332,7 @@ shared_examples_for 'Msf::ModuleManager::Cache' do
framework.stub(:db => nil)
end
it { should be_false }
it { should be_falsey }
end
end
@ -456,4 +456,4 @@ shared_examples_for 'Msf::ModuleManager::Cache' do
end
end
end
end
end

8
spec/support/shared/examples/msf/module_manager/loading.rb
View File

@ -41,8 +41,8 @@ shared_examples_for 'Msf::ModuleManager::Loading' do
tempfile.unlink
File.exist?(module_path).should be_false
subject.file_changed?(module_path).should be_truthy
File.exist?(module_path).should be_falsey
subject.file_changed?(module_path).should be_true
end
it 'should return true if modification time does not match the cached modification time' do
@ -71,7 +71,7 @@ shared_examples_for 'Msf::ModuleManager::Loading' do
}
cached_modification_time.should == modification_time
subject.file_changed?(module_path).should be_false
subject.file_changed?(module_path).should be_falsey
end
end
end
@ -159,4 +159,4 @@ shared_examples_for 'Msf::ModuleManager::Loading' do
on_module_load
end
end
end
end

4
spec/support/shared/examples/msf/module_manager/module_paths.rb
View File

@ -21,7 +21,7 @@ shared_examples_for 'Msf::ModuleManager::ModulePaths' do
path = file.path
file.unlink
File.exist?(path).should be_false
File.exist?(path).should be_falsey
expect {
module_manager.add_module_path(path)
@ -74,4 +74,4 @@ shared_examples_for 'Msf::ModuleManager::ModulePaths' do
end
end
end
end
end

2
spec/support/shared/examples/msf/simple/framework/module_paths.rb
View File

@ -92,4 +92,4 @@ shared_examples_for 'Msf::Simple::Framework::ModulePaths' do
end
end
end
end
end

2
spec/tools/cpassword_decrypt_spec.rb
View File

@ -28,4 +28,4 @@ describe CPassword do
end
end
end
end
end

5
tools/dev/pre-commit-hook.rb
View File

@ -50,8 +50,9 @@ end
changed_files.each_line do |fname|
fname.strip!
next unless File.exist?(fname) and File.file?(fname)
next unless fname =~ /modules.+\.rb/
next unless File.exist?(fname)
next unless File.file?(fname)
next unless fname =~ /^modules.+\.rb/
files_to_check << fname
end

77
tools/msftidy.rb
View File

@ -12,7 +12,6 @@ require 'time'
CHECK_OLD_RUBIES = !!ENV['MSF_CHECK_OLD_RUBIES']
SUPPRESS_INFO_MESSAGES = !!ENV['MSF_SUPPRESS_INFO_MESSAGES']
ENCODING_REGEX = /^# (?:\-\*\- )?encoding:\s*(\S+)/
if CHECK_OLD_RUBIES
require 'rvm'
@ -48,11 +47,16 @@ class Msftidy
WARNINGS = 0x10
ERRORS = 0x20
# Some compiles regexes
REGEX_MSF_EXPLOIT = / \< Msf::Exploit/
REGEX_IS_BLANK_OR_END = /^\s*end\s*$/
attr_reader :full_filepath, :source, :stat, :name, :status
def initialize(source_file)
@full_filepath = source_file
@source = load_file(source_file)
@lines = @source.lines # returns an enumerator
@status = OK
@name = File.basename(source_file)
end
@ -110,29 +114,8 @@ class Msftidy
end
end
# Check that modules don't have any encoding comment and that
# non-modules have an explicity binary encoding comment
def check_encoding
# coding/encoding lines must be the first or second line if present
encoding_lines = @source.lines.to_a[0,2].select { |l| l =~ ENCODING_REGEX }
if @full_filepath =~ /(?:^|\/)modules\//
warn('Modules do not need an encoding comment') unless encoding_lines.empty?
else
if encoding_lines.empty?
warn('Non-modules must have an encoding comment')
else
encoding_line = encoding_lines.first
encoding_line =~ ENCODING_REGEX
encoding_type = Regexp.last_match(1)
unless encoding_type == 'binary'
warn("Non-modules must have a binary encoding comment, not #{encoding_type}")
end
end
end
end
def check_shebang
if @source.lines.first =~ /^#!/
if @lines.first =~ /^#!/
warn("Module should not have a #! line")
end
end
@ -148,7 +131,7 @@ class Msftidy
msg = "Using Nokogiri in modules can be risky, use REXML instead."
has_nokogiri = false
has_nokogiri_xml_parser = false
@source.each_line do |line|
@lines.each do |line|
if has_nokogiri
if line =~ /Nokogiri::XML\.parse/ or line =~ /Nokogiri::XML::Reader/
has_nokogiri_xml_parser = true
@ -165,7 +148,7 @@ class Msftidy
in_super = false
in_refs = false
@source.each_line do |line|
@lines.each do |line|
if !in_super and line =~ /\s+super\(/
in_super = true
elsif in_super and line =~ /[[:space:]]*def \w+[\(\w+\)]*/
@ -225,7 +208,7 @@ class Msftidy
# warn if so. Since Ruby 1.9 this has not been necessary and
# the framework only suports 1.9+
def check_rubygems
@source.each_line do |line|
@lines.each do |line|
if line_has_require?(line, 'rubygems')
warn("Explicitly requiring/loading rubygems is not necessary")
break
@ -256,7 +239,7 @@ class Msftidy
max_count = 10
counter = 0
if @source =~ /^##/
@source.each_line do |line|
@lines.each do |line|
# If exists, the $Id$ keyword should appear at the top of the code.
# If not (within the first 10 lines), then we assume there's no
# $Id$, and then bail.
@ -288,7 +271,7 @@ class Msftidy
in_super = false
in_author = false
@source.each_line do |line|
@lines.each do |line|
#
# Mark our "super" code block
#
@ -366,8 +349,37 @@ class Msftidy
error("Fails alternate Ruby version check") if rubies.size != res.size
end
def is_exploit_module?
ret = false
if @source =~ REGEX_MSF_EXPLOIT
# having Msf::Exploit is good indicator, but will false positive on
# specs and other files containing the string, but not really acting
# as exploit modules, so here we check the file for some actual contents
# this could be done in a simpler way, but this let's us add more later
msf_exploit_line_no = nil
@lines.each_with_index do |line, idx|
if line = REGEX_MSF_EXPLOIT
# note the line number
msf_exploit_line_no = idx
elsif msf_exploit_line_no
# check there is anything but empty space between here and the next end
# something more complex could be added here
if line !~ REGEX_IS_BLANK_OR_END
# if the line is not 'end' and is not blank, prolly exploit module
ret = true
break
else
# then keep checking in case there are more than one Msf::Exploit
msf_exploit_line_no = nil
end
end
end
end
ret
end
def check_ranking
return if @source !~ / \< Msf::Exploit/
return unless is_exploit_module?
available_ranks = [
'ManualRanking',
@ -406,7 +418,7 @@ class Msftidy
error('Incorrect disclosure date format')
end
else
error('Exploit is missing a disclosure date') if @source =~ / \< Msf::Exploit/
error('Exploit is missing a disclosure date') if is_exploit_module?
end
end
@ -462,7 +474,7 @@ class Msftidy
src_ended = false
idx = 0
@source.each_line { |ln|
@lines.each do |ln|
idx += 1
# block comment awareness
@ -541,7 +553,7 @@ class Msftidy
if ln =~ /^\s*Rank\s*=\s*/ and @source =~ /<\sMsf::Auxiliary/
warn("Auxiliary modules have no 'Rank': #{ln}", idx)
end
}
end
end
def check_vuln_codes
@ -605,7 +617,6 @@ def run_checks(full_filepath)
tidy = Msftidy.new(full_filepath)
tidy.check_mode
tidy.check_shebang
tidy.check_encoding
tidy.check_nokogiri
tidy.check_rubygems
tidy.check_ref_identifiers