adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Retab all the things (except external/)

Browse Source
This commit is contained in:
Tab Assassin
2013-09-30 13:47:53 -05:00
parent 0ecba377f5
commit 2e8d19edcf
293 changed files with 32962 additions and 32962 deletions
Download Patch File Download Diff File Expand all files Collapse all files
test/functional/framework/msfconsole_spec.rb
+157 -157
View File
@@ -17,195 +17,195 @@ include MsfTest::MsfMatchers
## This spec exists to help us describe the behavior of msfconsole - TODO
describe "Msfconsole" do
###
# Setup!
###
before :all do
@working_directory = File.dirname(__FILE__)
###
# Setup!
###
before :all do
@working_directory = File.dirname(__FILE__)
## Static specs will make use of RC files here
@static_resource_directory = "#{@working_directory}/msftest/resource"
## Static specs will make use of RC files here
@static_resource_directory = "#{@working_directory}/msftest/resource"
## Directories for the generated specs
@temp_directory = "#{@working_directory}/msfconsole_specs"
@temp_input_directory = "#{@temp_directory}/generated_rc"
## Directories for the generated specs
@temp_directory = "#{@working_directory}/msfconsole_specs"
@temp_input_directory = "#{@temp_directory}/generated_rc"
## Where all output from the runs will go
@temp_output_directory = "#{@temp_directory}/output"
## Where all output from the runs will go
@temp_output_directory = "#{@temp_directory}/output"
## Create a framework object
@framework = ::Msf::Simple::Framework.create
end
## Create a framework object
@framework = ::Msf::Simple::Framework.create
end
before :each do
end
before :each do
end
after :each do
end
after :each do
end
after :all do
## Clean up
#FileUtils.rm_rf(@temp_directory)
end
after :all do
## Clean up
#FileUtils.rm_rf(@temp_directory)
end
###
# Static Test cases!
###
###
# Static Test cases!
###
it "should start and let us run help" do
data = start_console_and_run_rc("help","#{@static_resource_directory}/help.rc")
success_strings = [ 'help',
'Database Backend Commands',
'Core Commands' ]
failure_strings = [] | generic_failure_strings
failure_exception_strings = [] | generic_failure_exception_strings
it "should start and let us run help" do
data = start_console_and_run_rc("help","#{@static_resource_directory}/help.rc")
success_strings = [ 'help',
'Database Backend Commands',
'Core Commands' ]
failure_strings = [] | generic_failure_strings
failure_exception_strings = [] | generic_failure_exception_strings
data.should contain_all_successes(success_strings)
data.should contain_no_failures_except(failure_strings, failure_exception_strings)
end
data.should contain_all_successes(success_strings)
data.should contain_no_failures_except(failure_strings, failure_exception_strings)
end
it "should generate a meterpreter session against a vulnerable win32 host" do
## Set input & output to something sane
input = Rex::Ui::Text::Input::Stdio.new
output = Rex::Ui::Text::Output::File.new("temp.output")
session = generate_x86_meterpreter_session(input, output)
it "should generate a meterpreter session against a vulnerable win32 host" do
## Set input & output to something sane
input = Rex::Ui::Text::Input::Stdio.new
output = Rex::Ui::Text::Output::File.new("temp.output")
session = generate_x86_meterpreter_session(input, output)
session.should_not be_nil
if session
session.load_stdapi
session.run_cmd("help")
else
flunk "Error interacting with session"
end
end
###
# Dynamic Test Cases!!
###
session.should_not be_nil
if session
session.load_stdapi
session.run_cmd("help")
else
flunk "Error interacting with session"
end
end
###
# Dynamic Test Cases!!
###
@working_directory = File.dirname(__FILE__)
@working_directory = File.dirname(__FILE__)
## Directories for the generated specs
@temp_directory = "#{@working_directory}/msfconsole_specs"
@temp_input_directory = "#{@temp_directory}/generated_rc"
## Directories for the generated specs
@temp_directory = "#{@working_directory}/msfconsole_specs"
@temp_input_directory = "#{@temp_directory}/generated_rc"
## Where all output from the runs will go
@temp_output_directory = "#{@temp_directory}/output"
## Where all output from the runs will go
@temp_output_directory = "#{@temp_directory}/output"
if File.directory? @temp_directory
FileUtils.rm_rf(@temp_directory)
end
if File.directory? @temp_directory
FileUtils.rm_rf(@temp_directory)
end
Dir.mkdir(@temp_directory)
Dir.mkdir(@temp_input_directory)
Dir.mkdir(@temp_output_directory)
Dir.glob("#{@working_directory}/msftest/*.msftest").each do |filename|
## Parse this test case
test_case = MsfTestCase.new(filename)
puts "Found #{test_case.name} in: #{filename}"
Dir.mkdir(@temp_directory)
Dir.mkdir(@temp_input_directory)
Dir.mkdir(@temp_output_directory)
Dir.glob("#{@working_directory}/msftest/*.msftest").each do |filename|
## Parse this test case
test_case = MsfTestCase.new(filename)
puts "Found #{test_case.name} in: #{filename}"
## Write the commands back to a temporary RC file
puts "Writing #{@temp_input_directory}/#{test_case.name}.rc"
File.open("#{@temp_input_directory}/#{test_case.name}.rc", 'w') { |f| f.puts test_case.commands }
## Create the rspec Test Case
it "should #{test_case.name}" do
## Gather the success / failure strings, and combine with the generics
success_strings = test_case.expected_successes
failure_strings = test_case.expected_failures | generic_failure_strings
failure_exception_strings = test_case.expected_failure_exceptions | generic_failure_exception_strings
## run the commands
data = start_console_and_run_rc( test_case.name, "#{@temp_input_directory}/#{test_case.name}.rc")
## check the output
data.should contain_all_successes(success_strings)
data.should contain_no_failures_except(failure_strings, failure_exception_strings)
## Clean up
#File.delete("#{@temp_input_directory}/#{test_case.name}.rc")
#File.delete("#{@temp_output_directory}/#{test_case.name}")
end
end
## Write the commands back to a temporary RC file
puts "Writing #{@temp_input_directory}/#{test_case.name}.rc"
File.open("#{@temp_input_directory}/#{test_case.name}.rc", 'w') { |f| f.puts test_case.commands }
## Create the rspec Test Case
it "should #{test_case.name}" do
## Gather the success / failure strings, and combine with the generics
success_strings = test_case.expected_successes
failure_strings = test_case.expected_failures | generic_failure_strings
failure_exception_strings = test_case.expected_failure_exceptions | generic_failure_exception_strings
## run the commands
data = start_console_and_run_rc( test_case.name, "#{@temp_input_directory}/#{test_case.name}.rc")
## check the output
data.should contain_all_successes(success_strings)
data.should contain_no_failures_except(failure_strings, failure_exception_strings)
## Clean up
#File.delete("#{@temp_input_directory}/#{test_case.name}.rc")
#File.delete("#{@temp_output_directory}/#{test_case.name}")
end
end
###
# Test case helpers:
###
def generic_success_strings
[]
end
def generic_failure_strings
['fatal', 'fail', 'error', 'exception']
end
def generic_failure_exception_strings
[]
end
###
# Test case helpers:
###
def generic_success_strings
[]
end
def generic_failure_strings
['fatal', 'fail', 'error', 'exception']
end
def generic_failure_exception_strings
[]
end
def start_console_and_run_rc(name,rc_file, database_file=false)
output_file = "#{@temp_output_directory}/#{name}"
def start_console_and_run_rc(name,rc_file, database_file=false)
output_file = "#{@temp_output_directory}/#{name}"
if database_file
msfconsole_string = "ruby #{@working_directory}/../../../msfconsole -o #{output_file} -r #{rc_file} -y #{database_file}"
else
msfconsole_string = "ruby #{@working_directory}/../../../msfconsole -o #{output_file} -r #{rc_file}"
end
system("#{msfconsole_string}")
if database_file
msfconsole_string = "ruby #{@working_directory}/../../../msfconsole -o #{output_file} -r #{rc_file} -y #{database_file}"
else
msfconsole_string = "ruby #{@working_directory}/../../../msfconsole -o #{output_file} -r #{rc_file}"
end
system("#{msfconsole_string}")
data = hlp_file_to_string("#{output_file}")
end
data = hlp_file_to_string("#{output_file}")
end
def generate_x86_meterpreter_session(input, output)
## Setup for win32
exploit_name = 'windows/smb/psexec'
payload_name = 'windows/meterpreter/bind_tcp'
## Fire it off against a known-vulnerable host
session = @framework.exploits.create(exploit_name).exploit_simple(
'Options' => {'RHOST' => "vulnerable", "SMBUser" => "administrator", "SMBPass" => ""},
'Payload' => payload_name,
'LocalInput' => input,
'LocalOutput' => output)
## Setup for win32
exploit_name = 'windows/smb/psexec'
payload_name = 'windows/meterpreter/bind_tcp'
## Fire it off against a known-vulnerable host
session = @framework.exploits.create(exploit_name).exploit_simple(
'Options' => {'RHOST' => "vulnerable", "SMBUser" => "administrator", "SMBPass" => ""},
'Payload' => payload_name,
'LocalInput' => input,
'LocalOutput' => output)
## If a session came back, try to interact with it.
if session
return session
else
return nil
end
end
## If a session came back, try to interact with it.
if session
return session
else
return nil
end
end
def generate_win64_meterpreter_session(input, output)
raise "Not Implemented"
end
raise "Not Implemented"
end
def generate_java_meterpreter_session(input, output)
raise "Not Implemented"
end
raise "Not Implemented"
end
def generate_php_meterpreter_session(input, output)
raise "Not Implemented"
end
raise "Not Implemented"
end
def hlp_file_to_string(filename)
data = ""
f = File.open(filename, "r")
f.each_line do |line|
data += line
end
return data
end
def hlp_file_to_string(filename)
data = ""
f = File.open(filename, "r")
f.each_line do |line|
data += line
end
return data
end
end
end
test/functional/meterpreter/java_meterpreter_specs.rb
+10 -10
View File
@@ -1,19 +1,19 @@
module MsfTest
module JavaMeterpreterSpecs
## This file is intended to be used in conjunction with a harness,
## such as meterpreter_win32_spec.rb
## This file is intended to be used in conjunction with a harness,
## such as meterpreter_win32_spec.rb
def self.included(base)
def self.included(base)
base.class_eval do
it "should not error when taking a screenshot" do
success_strings = [ 'Screenshot saved to' ]
hlp_run_command_check_output("screenshot","screenshot", success_strings)
end
end
end
it "should not error when taking a screenshot" do
success_strings = [ 'Screenshot saved to' ]
hlp_run_command_check_output("screenshot","screenshot", success_strings)
end
end
end
end
end
test/functional/meterpreter/meterpreter_java_spec.rb
+64 -64
View File
@@ -10,83 +10,83 @@ require 'meterpreter_specs'
module MsfTest
describe "JavaMeterpreter" do
# This include brings in all the spec helper methods
include MsfTest::MeterpreterSpecHelper
# This include brings in all the specs that are generic across the
# meterpreter platforms
include MsfTest::MeterpreterSpecs
# This include brings in all the specs that are specific to the java
# meterpreter
include MsfTest::JavaMeterpreterSpecs
# This include brings in all the spec helper methods
include MsfTest::MeterpreterSpecHelper
# This include brings in all the specs that are generic across the
# meterpreter platforms
include MsfTest::MeterpreterSpecs
# This include brings in all the specs that are specific to the java
# meterpreter
include MsfTest::JavaMeterpreterSpecs
before :all do
@verbose = true
@meterpreter_type = "java"
## Set up an outupt directory
@output_directory = File.join(File.dirname(__FILE__), "test_output_#{@meterpreter_type}")
before :all do
@verbose = true
@meterpreter_type = "java"
## Set up an outupt directory
@output_directory = File.join(File.dirname(__FILE__), "test_output_#{@meterpreter_type}")
if File.directory? @output_directory
FileUtils.rm_rf(@output_directory)
end
if File.directory? @output_directory
FileUtils.rm_rf(@output_directory)
end
Dir.mkdir(@output_directory)
@default_file = "#{@output_directory}/default"
Dir.mkdir(@output_directory)
@default_file = "#{@output_directory}/default"
create_session_java
end
create_session_java
end
before :each do
before :each do
end
end
after :each do
@session.init_ui(@input, @output)
end
after :all do
#FileUtils.rm_rf("*.jpeg")
#FileUtils.rm_rf("payload.jar")
FileUtils.rm_rf(@output_directory)
end
after :each do
@session.init_ui(@input, @output)
end
after :all do
#FileUtils.rm_rf("*.jpeg")
#FileUtils.rm_rf("payload.jar")
FileUtils.rm_rf(@output_directory)
end
def create_session_java
def create_session_java
## Setup for win32
@framework = Msf::Simple::Framework.create
test_modules_path = File.join(File.dirname(__FILE__), '..', '..', 'modules')
@framework.modules.add_module_path(test_modules_path)
@exploit_name = 'test/java_tester'
@payload_name = 'java/meterpreter/bind_tcp'
@input = Rex::Ui::Text::Input::Stdio.new
@output = Rex::Ui::Text::Output::File.new(@default_file)
## Setup for win32
@framework = Msf::Simple::Framework.create
test_modules_path = File.join(File.dirname(__FILE__), '..', '..', 'modules')
@framework.modules.add_module_path(test_modules_path)
@exploit_name = 'test/java_tester'
@payload_name = 'java/meterpreter/bind_tcp'
@input = Rex::Ui::Text::Input::Stdio.new
@output = Rex::Ui::Text::Output::File.new(@default_file)
# Initialize the exploit instance
exploit = @framework.exploits.create(@exploit_name)
# Initialize the exploit instance
exploit = @framework.exploits.create(@exploit_name)
## Fire it off against a known-vulnerable host
@session = exploit.exploit_simple(
'Options' => {},
'Payload' => @payload_name,
'LocalInput' => @input,
'LocalOutput' => @output)
## Fire it off against a known-vulnerable host
@session = exploit.exploit_simple(
'Options' => {},
'Payload' => @payload_name,
'LocalInput' => @input,
'LocalOutput' => @output)
puts @session.inspect
puts @session.inspect
## If a session came back, try to interact with it.
if @session
@session.load_stdapi
else
raise Exception "Couldn't get a session!"
end
end
## If a session came back, try to interact with it.
if @session
@session.load_stdapi
else
raise Exception "Couldn't get a session!"
end
end
end
end
test/functional/meterpreter/meterpreter_php_spec.rb
+55 -55
View File
@@ -10,74 +10,74 @@ require 'meterpreter_specs'
module MsfTest
describe "PhpMeterpreter" do
# This include brings in all the spec helper methods
include MsfTest::MeterpreterSpecHelper
# This include brings in all the specs that are generic across the
# meterpreter platforms
include MsfTest::MeterpreterSpecs
# This include brings in all the spec helper methods
include MsfTest::MeterpreterSpecHelper
# This include brings in all the specs that are generic across the
# meterpreter platforms
include MsfTest::MeterpreterSpecs
before :all do
@verbose = true
@meterpreter_type = "php"
## Set up an outupt directory
@output_directory = File.join(File.dirname(__FILE__), "test_output_#{@meterpreter_type}")
before :all do
@verbose = true
@meterpreter_type = "php"
## Set up an outupt directory
@output_directory = File.join(File.dirname(__FILE__), "test_output_#{@meterpreter_type}")
if File.directory? @output_directory
FileUtils.rm_rf(@output_directory)
end
if File.directory? @output_directory
FileUtils.rm_rf(@output_directory)
end
Dir.mkdir(@output_directory)
@default_file = "#{@output_directory}/default"
Dir.mkdir(@output_directory)
@default_file = "#{@output_directory}/default"
create_session_php
end
create_session_php
end
before :each do
before :each do
end
end
after :each do
@session.init_ui(@input, @output)
end
after :all do
FileUtils.rm_rf(@output_directory)
end
after :each do
@session.init_ui(@input, @output)
end
after :all do
FileUtils.rm_rf(@output_directory)
end
def create_session_php
def create_session_php
## Setup for php
@framework = Msf::Simple::Framework.create
@exploit_name = 'unix/webapp/tikiwiki_graph_formula_exec'
@payload_name = 'php/meterpreter/bind_tcp'
@input = Rex::Ui::Text::Input::Stdio.new
@output = Rex::Ui::Text::Output::File.new(@default_file)
## Setup for php
@framework = Msf::Simple::Framework.create
@exploit_name = 'unix/webapp/tikiwiki_graph_formula_exec'
@payload_name = 'php/meterpreter/bind_tcp'
@input = Rex::Ui::Text::Input::Stdio.new
@output = Rex::Ui::Text::Output::File.new(@default_file)
# Initialize the exploit instance
exploit = @framework.exploits.create(@exploit_name)
# Initialize the exploit instance
exploit = @framework.exploits.create(@exploit_name)
## Fire it off against a known-vulnerable host
@session = exploit.exploit_simple(
'Options' => {'RHOST' => "metasploitable"},
'Payload' => @payload_name,
'LocalInput' => @input,
'LocalOutput' => @output)
## Fire it off against a known-vulnerable host
@session = exploit.exploit_simple(
'Options' => {'RHOST' => "metasploitable"},
'Payload' => @payload_name,
'LocalInput' => @input,
'LocalOutput' => @output)
puts @session.inspect
puts @session.inspect
## If a session came back, try to interact with it.
if @session
@session.load_stdapi
else
raise Exception "Couldn't get a session!"
end
end
## If a session came back, try to interact with it.
if @session
@session.load_stdapi
else
raise Exception "Couldn't get a session!"
end
end
end
end
test/functional/meterpreter/meterpreter_spec_helper.rb
+48 -48
View File
@@ -1,58 +1,58 @@
module MsfTest
module MeterpreterSpecHelper
def self.included(base)
def self.included(base)
base.class_eval do
def generic_failure_strings
['fail', 'error', 'exception']
end
def generic_failure_exception_strings
['nserror.dll', 'tiki-error.php','tiki-error_simple.php','tiki-rss_error.php'] ##ugh, this is dependent on the target
end
def generic_failure_strings
['fail', 'error', 'exception']
end
def generic_failure_exception_strings
['nserror.dll', 'tiki-error.php','tiki-error_simple.php','tiki-rss_error.php'] ##ugh, this is dependent on the target
end
def hlp_run_command_check_output(name,command,success_strings=[],fail_strings=[], fail_exception_strings=[])
def hlp_run_command_check_output(name,command,success_strings=[],fail_strings=[], fail_exception_strings=[])
fail_strings = fail_strings | generic_failure_strings
fail_exception_strings = fail_exception_strings | generic_failure_exception_strings
fail_strings = fail_strings | generic_failure_strings
fail_exception_strings = fail_exception_strings | generic_failure_exception_strings
temp_command_file = "#{@output_directory}/#{name}"
command_output = Rex::Ui::Text::Output::File.new(temp_command_file)
@session.init_ui(@input, command_output)
command_output.print_line("meterpreter_functional_test_start")
if @verbose
puts "Running Command: " + command
end
@session.run_cmd(command)
command_output.print_line("meterpreter_functional_test_end")
data = hlp_file_to_string(temp_command_file)
data.should contain_a_complete_test
data.should contain_all_successes
data.should contain_no_failures_except
end
def hlp_file_to_string(filename)
data = ""
f = File.open(filename, "r")
f.each_line do |line|
data += line
end
return data
end
def hlp_string_to_file(string, filepath)
# Create a new file and write to it
File.open(filepath, 'w') do |f2|
f2.puts string
end
end
end
end
temp_command_file = "#{@output_directory}/#{name}"
command_output = Rex::Ui::Text::Output::File.new(temp_command_file)
@session.init_ui(@input, command_output)
command_output.print_line("meterpreter_functional_test_start")
if @verbose
puts "Running Command: " + command
end
@session.run_cmd(command)
command_output.print_line("meterpreter_functional_test_end")
data = hlp_file_to_string(temp_command_file)
data.should contain_a_complete_test
data.should contain_all_successes
data.should contain_no_failures_except
end
def hlp_file_to_string(filename)
data = ""
f = File.open(filename, "r")
f.each_line do |line|
data += line
end
return data
end
def hlp_string_to_file(string, filepath)
# Create a new file and write to it
File.open(filepath, 'w') do |f2|
f2.puts string
end
end
end
end
end
end
test/functional/meterpreter/meterpreter_specs.rb
+98 -98
View File
@@ -1,108 +1,108 @@
module MsfTest
module MeterpreterSpecs
def self.included(base)
def self.included(base)
base.class_eval do
it "should not error when running each command" do
commands = [ "?",
"background",
"bgkill",
"bglist",
"bgrun",
"channel",
"close",
"exit",
"help",
"interact",
#"irb",
"migrate",
#"quit",
"read",
"run",
"use",
"write",
"cat",
"cd",
"del",
"download",
#"edit",
"getlwd",
"getwd",
"lcd",
"lpwd",
"ls",
"mkdir",
"pwd",
"rm",
"rmdir",
"search",
"upload",
"ipconfig",
"portfwd",
"route",
"clearev",
"drop_token",
"execute",
"getpid",
"getprivs",
"getuid",
"kill",
"ps",
#"reboot",
"reg",
"rev2self",
#"shell",
#"shutdown",
"steal_token",
"sysinfo",
"enumdesktops",
"getdesktop",
"idletime",
"keyscan_dump",
"keyscan_start",
"keyscan_stop",
"screenshot",
"setdesktop",
"uictl",
"getsystem",
"hashdump",
"timestomp"
]
it "should not error when running each command" do
commands = [ "?",
"background",
"bgkill",
"bglist",
"bgrun",
"channel",
"close",
"exit",
"help",
"interact",
#"irb",
"migrate",
#"quit",
"read",
"run",
"use",
"write",
"cat",
"cd",
"del",
"download",
#"edit",
"getlwd",
"getwd",
"lcd",
"lpwd",
"ls",
"mkdir",
"pwd",
"rm",
"rmdir",
"search",
"upload",
"ipconfig",
"portfwd",
"route",
"clearev",
"drop_token",
"execute",
"getpid",
"getprivs",
"getuid",
"kill",
"ps",
#"reboot",
"reg",
"rev2self",
#"shell",
#"shutdown",
"steal_token",
"sysinfo",
"enumdesktops",
"getdesktop",
"idletime",
"keyscan_dump",
"keyscan_start",
"keyscan_stop",
"screenshot",
"setdesktop",
"uictl",
"getsystem",
"hashdump",
"timestomp"
]
## Run each command, check for execeptions
commands.each do |command|
hlp_run_command_check_output("basic_#{command}",command)
end
end
## Run each command, check for execeptions
commands.each do |command|
hlp_run_command_check_output("basic_#{command}",command)
end
end
it "should not error when running help" do
success_strings = [ 'Core Commands',
'Stdapi: File system Commands',
'Stdapi: Networking Commands',
'Stdapi: System Commands',
'Stdapi: User interface Commands']
hlp_run_command_check_output("help","help", success_strings)
end
it "should not error when running the help shortcut" do
success_strings = [ 'Core Commands',
'Stdapi: File system Commands',
'Stdapi: Networking Commands',
'Stdapi: System Commands',
'Stdapi: User interface Commands' ]
hlp_run_command_check_output("help_shortcut","?", success_strings)
end
it "should not error when checking for background channels" do
success_strings = [ 'No active channels.' ]
hlp_run_command_check_output("channel_list_empty","channel -l", success_strings)
end
end
end
it "should not error when running help" do
success_strings = [ 'Core Commands',
'Stdapi: File system Commands',
'Stdapi: Networking Commands',
'Stdapi: System Commands',
'Stdapi: User interface Commands']
hlp_run_command_check_output("help","help", success_strings)
end
it "should not error when running the help shortcut" do
success_strings = [ 'Core Commands',
'Stdapi: File system Commands',
'Stdapi: Networking Commands',
'Stdapi: System Commands',
'Stdapi: User interface Commands' ]
hlp_run_command_check_output("help_shortcut","?", success_strings)
end
it "should not error when checking for background channels" do
success_strings = [ 'No active channels.' ]
hlp_run_command_check_output("channel_list_empty","channel -l", success_strings)
end
end
end
end
end
test/functional/meterpreter/meterpreter_win32_spec.rb
+70 -70
View File
@@ -14,91 +14,91 @@ module MsfTest
describe "Win32Meterpreter" do
# Include Custom Matchers
include MsfTest::MsfMatchers
# Include Custom Matchers
include MsfTest::MsfMatchers
# This include brings in all the spec helper methods
include MsfTest::MeterpreterSpecHelper
# This include brings in all the specs that are generic across the
# meterpreter platforms
include MsfTest::MeterpreterSpecs
# This include brings in all the spec helper methods
include MsfTest::MeterpreterSpecHelper
# This include brings in all the specs that are generic across the
# meterpreter platforms
include MsfTest::MeterpreterSpecs
# This include brings in all the specs that are specific to the
# windows meterpreter platforms
include MsfTest::WindowsMeterpreterSpecs
# This include brings in all the specs that are specific to the
# windows meterpreter platforms
include MsfTest::WindowsMeterpreterSpecs
before :all do
@verbose = true
@meterpreter_type = "win32"
## Set up an outupt directory
@output_directory = File.join(File.dirname(__FILE__), "test_output_#{@meterpreter_type}")
before :all do
@verbose = true
@meterpreter_type = "win32"
## Set up an outupt directory
@output_directory = File.join(File.dirname(__FILE__), "test_output_#{@meterpreter_type}")
if File.directory? @output_directory
FileUtils.rm_rf(@output_directory)
end
if File.directory? @output_directory
FileUtils.rm_rf(@output_directory)
end
Dir.mkdir(@output_directory)
@default_file = "#{@output_directory}/default"
Dir.mkdir(@output_directory)
@default_file = "#{@output_directory}/default"
create_session_windows_x32
end
create_session_windows_x32
end
before :each do
before :each do
end
end
after :each do
@session.init_ui(@input, @output)
end
after :each do
@session.init_ui(@input, @output)
end
after :all do
## Clean up test output
FileUtils.rm_rf(@output_directory)
after :all do
## Clean up test output
FileUtils.rm_rf(@output_directory)
## Screenshot command leaves .jpegs :(
## TODO - fix the meterpreter command to write to
## TODO - an arbitrary file.
Dir.new(File.dirname(__FILE__)).each do |file|
if file =~ /.jpeg/
File.delete(file)
end
end
end
def create_session_windows_x32
## Screenshot command leaves .jpegs :(
## TODO - fix the meterpreter command to write to
## TODO - an arbitrary file.
Dir.new(File.dirname(__FILE__)).each do |file|
if file =~ /.jpeg/
File.delete(file)
end
end
end
def create_session_windows_x32
## Setup for win32
@framework = Msf::Simple::Framework.create
@exploit_name = 'windows/smb/psexec'
@payload_name = 'windows/meterpreter/bind_tcp'
@input = Rex::Ui::Text::Input::Stdio.new
@output = Rex::Ui::Text::Output::File.new(@default_file)
## Setup for win32
@framework = Msf::Simple::Framework.create
@exploit_name = 'windows/smb/psexec'
@payload_name = 'windows/meterpreter/bind_tcp'
@input = Rex::Ui::Text::Input::Stdio.new
@output = Rex::Ui::Text::Output::File.new(@default_file)
# Initialize the exploit instance
exploit = @framework.exploits.create(@exploit_name)
# Initialize the exploit instance
exploit = @framework.exploits.create(@exploit_name)
## Fire it off against a known-vulnerable host
@session = exploit.exploit_simple(
'Options' => {'RHOST' => "vulnerable", "SMBUser" => "administrator", "SMBPass" => ""},
'Payload' => @payload_name,
'LocalInput' => @input,
'LocalOutput' => @output)
## Fire it off against a known-vulnerable host
@session = exploit.exploit_simple(
'Options' => {'RHOST' => "vulnerable", "SMBUser" => "administrator", "SMBPass" => ""},
'Payload' => @payload_name,
'LocalInput' => @input,
'LocalOutput' => @output)
## If a session came back, try to interact with it.
if @session
puts "got a session"
@session.load_stdapi
else
puts "unable to get session"
#flunk "Couldn't get a session!"
end
end
## If a session came back, try to interact with it.
if @session
puts "got a session"
@session.load_stdapi
else
puts "unable to get session"
#flunk "Couldn't get a session!"
end
end
end
end
test/functional/meterpreter/windows_meterpreter_specs.rb
+36 -36
View File
@@ -1,49 +1,49 @@
module MsfTest
module WindowsMeterpreterSpecs
## This file is intended to be used in conjunction with a harness,
## such as meterpreter_win32_spec.rb
## This file is intended to be used in conjunction with a harness,
## such as meterpreter_win32_spec.rb
def self.included(base)
def self.included(base)
base.class_eval do
it "should not error when uploading a file to a windows box" do
upload_success_strings = [ 'uploading',
'uploaded' ]
it "should not error when uploading a file to a windows box" do
upload_success_strings = [ 'uploading',
'uploaded' ]
## create a file to upload
filename = "/tmp/whatever"
if File.exist?(filename)
FileUtils.rm(filename)
end
hlp_string_to_file("owned!", filename)
## create a file to upload
filename = "/tmp/whatever"
if File.exist?(filename)
FileUtils.rm(filename)
end
hlp_string_to_file("owned!", filename)
## run the upload / quit commands
hlp_run_command_check_output("upload","upload #{filename} C:\\", upload_success_strings)
#hlp_run_command_check_output("quit","quit")
## run the upload / quit commands
hlp_run_command_check_output("upload","upload #{filename} C:\\", upload_success_strings)
#hlp_run_command_check_output("quit","quit")
## clean up
FileUtils.rm(filename)
end
it "should show the priv commands when running help" do
success_strings = ['Priv: Elevate Commands',
'Priv: Password database Commands',
'Priv: Timestomp Commands' ]
hlp_run_command_check_output("help_shortcut","help", success_strings)
## clean up
FileUtils.rm(filename)
end
it "should show the priv commands when running help" do
success_strings = ['Priv: Elevate Commands',
'Priv: Password database Commands',
'Priv: Timestomp Commands' ]
hlp_run_command_check_output("help_shortcut","help", success_strings)
end
it "should not error when taking a screenshot" do
success_strings = [ 'Screenshot saved to' ]
hlp_run_command_check_output("screenshot","screenshot", success_strings)
end
end
end
end
it "should not error when taking a screenshot" do
success_strings = [ 'Screenshot saved to' ]
hlp_run_command_check_output("screenshot","screenshot", success_strings)
end
end
end
end
end