@wip Feature: MS08-067 netapi Background: Given a directory named "home" And I cd to "home" And a mocked home directory Given I run `msfconsole` interactively And I wait for stdout to contain "Free Metasploit Pro trial: http://r-7.co/trymsp" Scenario: The MS08-067 Module should have the following options When I type "use exploit/windows/smb/ms08_067_netapi" And I type "show options" And I type "exit" Then the output should contain: """ Module options (exploit/windows/smb/ms08_067_netapi): Name Current Setting Required Description ---- --------------- -------- ----------- RHOST yes The target address RPORT 445 yes Set the SMB service port SMBPIPE BROWSER yes The pipe name to use (BROWSER, SRVSVC) Exploit target: Id Name -- ---- 0 Automatic Targeting """ Scenario: The MS08-067 Module should have the following advanced options When I type "use exploit/windows/smb/ms08_067_netapi" And I type "show advanced" And I type "exit" Then the output should contain: """ Module advanced options: Name : CHOST Current Setting: Description : The local client address Name : CPORT Current Setting: Description : The local client port Name : ConnectTimeout Current Setting: 10 Description : Maximum number of seconds to establish a TCP connection Name : ContextInformationFile Current Setting: Description : The information file that contains context information Name : DCERPC::ReadTimeout Current Setting: 10 Description : The number of seconds to wait for DCERPC responses Name : DisablePayloadHandler Current Setting: false Description : Disable the handler code for the selected payload Name : EnableContextEncoding Current Setting: false Description : Use transient context when encoding payloads Name : NTLM::SendLM Current Setting: true Description : Always send the LANMAN response (except when NTLMv2_session is specified) Name : NTLM::SendNTLM Current Setting: true Description : Activate the 'Negotiate NTLM key' flag, indicating the use of NTLM responses Name : NTLM::SendSPN Current Setting: true Description : Send an avp of type SPN in the ntlmv2 client Blob, this allow authentification on windows Seven/2008r2 when SPN is required Name : NTLM::UseLMKey Current Setting: false Description : Activate the 'Negotiate Lan Manager Key' flag, using the LM key when the LM response is sent Name : NTLM::UseNTLM2_session Current Setting: true Description : Activate the 'Negotiate NTLM2 key' flag, forcing the use of a NTLMv2_session Name : NTLM::UseNTLMv2 Current Setting: true Description : Use NTLMv2 instead of NTLM2_session when 'Negotiate NTLM2' key is true Name : Proxies Current Setting: Description : A proxy chain of format type:host:port[,type:host:port][...] Name : SMB::ChunkSize Current Setting: 500 Description : The chunk size for SMB segments, bigger values will increase speed but break NT 4.0 and SMB signing Name : SMB::Native_LM Current Setting: Windows 2000 5.0 Description : The Native LM to send during authentication Name : SMB::Native_OS Current Setting: Windows 2000 2195 Description : The Native OS to send during authentication Name : SMB::VerifySignature Current Setting: false Description : Enforces client-side verification of server response signatures Name : SMBDirect Current Setting: true Description : The target port is a raw SMB service (not NetBIOS) Name : SMBDomain Current Setting: . Description : The Windows domain to use for authentication Name : SMBName Current Setting: *SMBSERVER Description : The NetBIOS hostname (required for port 139 connections) Name : SMBPass Current Setting: Description : The password for the specified username Name : SMBUser Current Setting: Description : The username to authenticate as Name : SSL Current Setting: false Description : Negotiate SSL for outgoing connections Name : SSLCipher Current Setting: Description : String for SSL cipher - "DHE-RSA-AES256-SHA" or "ADH" Name : SSLVerifyMode Current Setting: PEER Description : SSL verification method (accepted: CLIENT_ONCE, FAIL_IF_NO_PEER_CERT, NONE, PEER) Name : SSLVersion Current Setting: SSL3 Description : Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1) Name : VERBOSE Current Setting: false Description : Enable detailed status messages Name : WORKSPACE Current Setting: Description : Specify the workspace for this module Name : WfsDelay Current Setting: 0 Description : Additional delay when waiting for a session """ @targets Scenario: Show RHOST/etc variable expansion from a config file When I type "use exploit/windows/smb/ms08_067_netapi" When RHOST is WINDOWS And I type "set PAYLOAD windows/meterpreter/bind_tcp" And I type "show options" And I type "run" And I type "exit" And I type "exit" Then the output should match /spider-wxp/