gauntlt 0.0.6 → 0.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +3 -3
- data/bin/gauntlt +1 -1
- data/features/attack.feature +11 -3
- data/lib/gauntlt/attack.rb +10 -1
- data/lib/gauntlt/attack_adapters/nmap.rb +3 -4
- data/lib/gauntlt/attack_adapters/support/profile_helper.rb +0 -2
- data/lib/gauntlt/version.rb +1 -1
- data/spec/gauntlt/attack_spec.rb +32 -1
- metadata +2 -2
data/README.md
CHANGED
@@ -95,10 +95,10 @@ Below are some tools we are targeting but don't let that stop you from adding yo
|
|
95
95
|
* [w3af] [w3af]
|
96
96
|
* [arachni] [arachni]
|
97
97
|
|
98
|
-
Have questions? Ask us anything on the [gauntlt google group](http://bit.ly/gauntlt_group).
|
99
98
|
|
100
|
-
## ADD
|
101
|
-
|
99
|
+
## ADD AN ATTACK ADAPTER
|
100
|
+
|
101
|
+
See the wiki on how to add an attack adapter to gauntlt. We would love your contributions.
|
102
102
|
|
103
103
|
## LICENSE
|
104
104
|
|
data/bin/gauntlt
CHANGED
@@ -44,7 +44,7 @@ cmd_opts = case cmd
|
|
44
44
|
|
45
45
|
if cmd == "attack"
|
46
46
|
if cmd_opts[:'attack-file_given'] && cmd_opts[:name]
|
47
|
-
|
47
|
+
puts Gauntlt.attack(cmd_opts[:name], :attack_file => cmd_opts[:'attack-file'])
|
48
48
|
else
|
49
49
|
puts "Available attacks:"
|
50
50
|
puts ""
|
data/features/attack.feature
CHANGED
@@ -33,13 +33,21 @@ Feature: Verify the attack behaviour is correct
|
|
33
33
|
When I run `gauntlt attack --name nmap --attack-file nmap.attack`
|
34
34
|
Then it should pass
|
35
35
|
|
36
|
-
Scenario:
|
37
|
-
|
36
|
+
Scenario: Run attack with undefined steps
|
37
|
+
Given an attack "nmap" exists
|
38
|
+
And a file named "nmap.attack" with:
|
39
|
+
"""
|
40
|
+
Feature: my non-existent attack
|
41
|
+
Scenario: Fail on undefined step definition
|
42
|
+
Given "thisattackwouldneverexist" is installed
|
43
|
+
"""
|
44
|
+
When I run `gauntlt attack --name nmap --attack-file nmap.attack`
|
38
45
|
Then it should fail with:
|
39
46
|
"""
|
40
|
-
|
47
|
+
Bad or undefined attack!
|
41
48
|
"""
|
42
49
|
|
50
|
+
|
43
51
|
Scenario: No attack name specified
|
44
52
|
When I run `gauntlt attack --attack-file thisattackwouldneverexist`
|
45
53
|
Then it should fail with:
|
data/lib/gauntlt/attack.rb
CHANGED
@@ -4,6 +4,7 @@ require 'cucumber/cli/main'
|
|
4
4
|
module Gauntlt
|
5
5
|
class Attack
|
6
6
|
class NotFound < Exception; end
|
7
|
+
class ExecutionFailed < Exception; end
|
7
8
|
|
8
9
|
attr_accessor :name, :opts, :attack_file
|
9
10
|
|
@@ -26,7 +27,15 @@ module Gauntlt
|
|
26
27
|
end
|
27
28
|
|
28
29
|
def run
|
29
|
-
|
30
|
+
@out = StringIO.new ""
|
31
|
+
|
32
|
+
cli = Cucumber::Cli::Main.new([self.attack_file, '--strict', '--require', self.attacks_dir], @out)
|
33
|
+
|
34
|
+
if cli.execute! # cucumber failed, returning true
|
35
|
+
raise ExecutionFailed.new("Bad or undefined attack!")
|
36
|
+
else # cucumber executed successfully, returning false
|
37
|
+
@out.string
|
38
|
+
end
|
30
39
|
end
|
31
40
|
end
|
32
41
|
end
|
@@ -13,12 +13,11 @@ When /^the target tcp_ping_ports are "(.*?)"$/ do |ports|
|
|
13
13
|
end
|
14
14
|
|
15
15
|
When /^I launch an "nmap" attack with:$/ do |command|
|
16
|
+
# hostname defined in Gauntlt::Support::ProfileHelper
|
16
17
|
command.gsub!('<hostname>', hostname)
|
17
18
|
|
18
|
-
|
19
|
-
|
20
|
-
command.gsub!('<tcp_ping_ports>', tcp_ping_ports)
|
21
|
-
end
|
19
|
+
# tcp_ping_ports defined in Gauntlt::Support::ProfileHelper
|
20
|
+
command.gsub!('<tcp_ping_ports>', tcp_ping_ports) if tcp_ping_ports
|
22
21
|
|
23
22
|
run command
|
24
23
|
end
|
data/lib/gauntlt/version.rb
CHANGED
data/spec/gauntlt/attack_spec.rb
CHANGED
@@ -50,9 +50,40 @@ describe Gauntlt::Attack do
|
|
50
50
|
it "executes the attack file, specifies failure for undefined steps and specifies the attacks_dir" do
|
51
51
|
subject.should_receive(:attacks_dir).and_return('/bar')
|
52
52
|
subject.should_receive(:attack_file).and_return('/bar/baz.attack')
|
53
|
-
|
53
|
+
|
54
|
+
mock_io = mock('io')
|
55
|
+
mock_io.stub(:string)
|
56
|
+
StringIO.stub(:new).and_return(mock_io)
|
57
|
+
|
58
|
+
mock_cli = mock(Cucumber::Cli::Main)
|
59
|
+
mock_cli.should_receive(:execute!)
|
60
|
+
Cucumber::Cli::Main.should_receive(:new).with(['/bar/baz.attack', '--strict', '--require', '/bar'], mock_io).and_return(mock_cli)
|
54
61
|
|
55
62
|
subject.run
|
56
63
|
end
|
64
|
+
|
65
|
+
it "returns nil if if Cucumber::Cli::Main.execute succeeds (i.e. returns nil)" do
|
66
|
+
subject.stub(:attacks_dir)
|
67
|
+
subject.stub(:attack_file)
|
68
|
+
|
69
|
+
mock_cli = mock(Cucumber::Cli::Main)
|
70
|
+
mock_cli.should_receive(:execute!).and_return(nil)
|
71
|
+
Cucumber::Cli::Main.stub(:new).and_return(mock_cli)
|
72
|
+
|
73
|
+
subject.run.should be_true
|
74
|
+
end
|
75
|
+
|
76
|
+
it "raises an error if Cucumber::Cli::Main.execute fails (i.e. returns true)" do
|
77
|
+
subject.stub(:attacks_dir)
|
78
|
+
subject.stub(:attack_file)
|
79
|
+
|
80
|
+
mock_cli = mock(Cucumber::Cli::Main)
|
81
|
+
mock_cli.should_receive(:execute!).and_return(true)
|
82
|
+
Cucumber::Cli::Main.stub(:new).and_return(mock_cli)
|
83
|
+
|
84
|
+
expect {
|
85
|
+
subject.run
|
86
|
+
}.to raise_error(subject.class::ExecutionFailed)
|
87
|
+
end
|
57
88
|
end
|
58
89
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: gauntlt
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.7
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2012-08-
|
13
|
+
date: 2012-08-11 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: cucumber
|