diff --git a/test/features/data/test.exe b/test/features/data/test.exe new file mode 100644 index 0000000000..792d600548 --- /dev/null +++ b/test/features/data/test.exe @@ -0,0 +1 @@ +# diff --git a/test/features/encoders.feature b/test/features/encoders.feature new file mode 100644 index 0000000000..2eff0c65a5 --- /dev/null +++ b/test/features/encoders.feature @@ -0,0 +1,18 @@ +#This feature contains scenarios that test the various encoders within the metasploit framework + +@announce-stdout + +Feature: As a Metasploit Framework user + I want to user encoders + So that I can encode various payloads I might use for attacks + +Scenario: Create a windows tcp bind payload using the x86/unicode mixed encoder + When I run msfvenom to encode for windows using the "x86/unicode_mixed" encoder with "-i 1" options and a buffer register + #When I run `./msfvenom -p windows/shell/bind_tcp -e x86/unicode_mixed -i 1 BufferRegister=eax` interactively + Then the output should contain "x86/unicode_mixed succeeded with size" + +Scenario: Create a windows tcp bind payload encoded with x86 alpha mixed + When I run msfvenom to encode for windows using the "x86/alpha_mixed" encoder with "-b '\x00' -i 1" options + #When I run `./msfvenom -p windows/shell/bind_tcp -e x86/alpha_mixed -b '\x00' -i 1` interactively + Then the output should contain "x86/alpha_mixed succeeded with size" + diff --git a/test/features/handler.feature b/test/features/handler.feature new file mode 100644 index 0000000000..3c3a64c539 --- /dev/null +++ b/test/features/handler.feature @@ -0,0 +1,19 @@ +#This feature contains scenarios that test different handlers within the metasploit framework +@announce + +Feature: As a MS Framework User + I want to launch various handlers + So the framework can properly handle input and output from exploits + +Scenario: Launching the exploit multi handler in Check mode + When I run `./msfcli exploit/multi/handler C` + Then the output should contain "module tree" + Then the output should contain "This exploit does not support check." + +Scenario: Launching the generic multi handler in Check mode + When I run `./msfcli multi/handler C` + Then the output should contain "module tree" + Then the output should contain "This exploit does not support check." + + + diff --git a/test/features/payloads.feature b/test/features/payloads.feature new file mode 100644 index 0000000000..8c50d4262b --- /dev/null +++ b/test/features/payloads.feature @@ -0,0 +1,24 @@ +#This feature contains scenarios to test the ability to run/access payloads from the metasploit framework + +Feature: I want access to Metasploit payloads + So that I can define payload options for exploits + +Scenario: Verify the windows shell reverse tcp payload option in ruby + When I run msfpayload to generate a "windows/shell_reverse_tcp" on the local host + Then the output should contain "# windows/shell_reverse_tcp" + Then the output should contain "# http://www.metasploit.com" + +Scenario: Verify the windows x64 shell reverse tcp payload option in ruby + When I run msfpayload to generate a "windows/x64/shell_reverse_tcp" on the local host + Then the output should contain "# windows/x64/shell_reverse_tcp" + Then the output should contain "# http://www.metasploit.com" + +Scenario: Verify the linux x86 shell reverse tcp payload option in ruby + When I run msfpayload to generate a "linux/x86/shell_reverse_tcp" on the local host + Then the output should contain "# linux/x86/shell_reverse_tcp" + Then the output should contain "# http://www.metasploit.com" + +Scenario: Verify the windows meterpreter reverse tcp payload can output its contents in ruby + When I run msfpayload to generate a "windows/meterpreter/reverse_tcp" on the local host + Then the output should contain "# windows/meterpreter/reverse_tcp - 290 bytes (stage 1)" + Then the output should contain "# http://www.metasploit.com" diff --git a/test/features/steps/common_steps.rb b/test/features/steps/common_steps.rb new file mode 100644 index 0000000000..11c79c5ae9 --- /dev/null +++ b/test/features/steps/common_steps.rb @@ -0,0 +1,31 @@ +#This is the step definition file for common framework testing steps or meta steps + +When /^I run the "([^"]*)" exploit with standard target options$/ do |exploit| + steps %Q{ + When I run `#{exploit} RHOST=#{TestConfig.instance.rhost} SMBPass=#{TestConfig.instance.smbpass} SMBUser=#{TestConfig.instance.smbuser} E` interactively + } + end + +When /^I run the "([^"]*)" exploit with standard target options in check mode$/ do |exploit| + steps %Q{ + When I run `#{exploit} RHOST=#{TestConfig.instance.rhost} SMBPass=#{TestConfig.instance.smbpass} SMBUser=#{TestConfig.instance.smbuser} C` interactively + } + end + +When /^I run msfvenom to encode for windows using the "([^"]*)" encoder with "(.*)" options$/ do |encoder, options| + steps %Q{ + When I run `./msfvenom ./msfvenom -p windows/shell/bind_tcp -e #{encoder} #{options}` interactively + } + end + +When /^I run msfvenom to encode for windows using the "([^"]*)" encoder with "(.*)" options and a buffer register$/ do |encoder, options| + steps %Q{ + When I run `./msfvenom ./msfvenom -p windows/shell/bind_tcp -e #{encoder} #{options} BufferRegister=eax` interactively + } + end + +When /^I run msfpayload to generate a "([^"]*)" on the local host$/ do |payload| + steps %Q{ + When I run `./msfpayload #{payload} LHOST=127.0.0.1 y` + } + end \ No newline at end of file diff --git a/test/features/steps/handler_steps.rb b/test/features/steps/handler_steps.rb new file mode 100644 index 0000000000..4ede133d5c --- /dev/null +++ b/test/features/steps/handler_steps.rb @@ -0,0 +1,23 @@ +#This is the step definition file for cucumber features relating to the framework handler feature + + Given /^I launch the exploit multi handler$/ do + steps %Q{ + + When I run `./msfcli exploit/multi/handler E` + Then the output should contain "Please wait while we load the module tree..." + Then the output should contain "Started reverse handler on" + Then the output should contain "Starting the payload handler..." + + } + end + +Given /^I launch the generic multi handler$/ do + steps %Q{ + + When I run `./msfcli multi/handler E` + Then the output should contain "Please wait while we load the module tree..." + Then the output should contain "Started reverse handler on" + Then the output should contain "Starting the payload handler..." + + } + end diff --git a/test/features/support/.gitignore b/test/features/support/.gitignore new file mode 100644 index 0000000000..10eca368d9 --- /dev/null +++ b/test/features/support/.gitignore @@ -0,0 +1,3 @@ +# These files are to be excluded from git # + +test_config.yml diff --git a/test/features/support/env.rb b/test/features/support/env.rb new file mode 100644 index 0000000000..694458ba09 --- /dev/null +++ b/test/features/support/env.rb @@ -0,0 +1,21 @@ +#Cucumber automation environment setup class for MSF Testing + +require 'cucumber' +require 'aruba/cucumber' +require_relative 'test_config' + +Before do +#before automation execution methods go here + + @dirs = ["/Users/gary/rapid7/framework"] + @aruba_timeout_seconds = 150 +end + +Before('@slow_process') do + @aruba_io_wait_seconds = 150 +end + +@After +#after automation execution methods go here + + diff --git a/test/features/support/test_config.rb b/test/features/support/test_config.rb new file mode 100644 index 0000000000..186d841e80 --- /dev/null +++ b/test/features/support/test_config.rb @@ -0,0 +1,41 @@ +#Test config class provides public methods or varables to use for ever test +#Includes housing data such as default web site to test, time out varaibels, etc +require 'singleton' +class TestConfig + include Singleton + + def initialize(*args) + if @yaml_options = YAML::load(File.open(File.join(File.dirname(__FILE__),'test_config.yml'))) + + else + @yaml_options = {} + end + + @options = { + "rhost" => "localhost", + "smbuser" => "user", + "smbpass" => "password" + } + end + + def run_server + @options[:define_site].nil? + end + + def method_missing(method) + if @options.has_key? method.to_s + return @options[method.to_s] + else + super + end + end + +def respond_to?(method_sym, include_private = false) + if @options.include? method_s + true + else + super + end + end + +end diff --git a/test/features/windows_exploits.feature b/test/features/windows_exploits.feature new file mode 100644 index 0000000000..5739874cd9 --- /dev/null +++ b/test/features/windows_exploits.feature @@ -0,0 +1,31 @@ +#This feature contains scenarios that test running exploits related to microsft windows platforms + +@announce-stdout + +Feature: I want to launch Windows based exploits + So that I can hack Windows targets + So that I can prove how totally unsecured Windows can be + +Scenario: Launch Psexec against a Windows Host + When I run the "./msfcli windows/smb/psexec" exploit with standard target options + Then the output should contain "445|WORKGROUP as user" + Then the output should contain "module tree" + +Scenario: Launch PSexec in Internal Check Mode + When I run the "./msfcli windows/smb/psexec" exploit with standard target options in check mode + Then the output should contain "module tree" + Then the output should contain "This exploit does not support check." + +Scenario: Launch ms08-067 in Internal Check Mode + When I run the "./msfcli windows/smb/ms08_067_netapi" exploit with standard target options in check mode + #When I run `./msfcli windows/smb/ms08_067_netapi RHOST=10.6.0.194 C` interactively + Then the output should contain "module tree" + Then the output should not contain "Check failed:" + +Scenario: Launch ms08-067 against a windows remote host + When I run the "./msfcli windows/smb/ms08_067_netapi" exploit with standard target options + Then the output should contain "module tree" + Then the output should contain "Started reverse handler" + + +