metasploit-credential 0.14.5 → 0.14.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/metasploit/credential/exporter/core.rb +2 -2
- data/lib/metasploit/credential/exporter/pwdump.rb +2 -2
- data/lib/metasploit/credential/migrator.rb +1 -1
- data/lib/metasploit/credential/version.rb +1 -3
- data/spec/dummy/config/database.yml +13 -11
- data/spec/dummy/db/structure.sql +1 -0
- data/spec/lib/metasploit/credential/creation_spec.rb +6 -8
- data/spec/lib/metasploit/credential/exporter/core_spec.rb +100 -85
- data/spec/lib/metasploit/credential/exporter/pwdump_spec.rb +14 -16
- data/spec/lib/metasploit/credential/importer/core_spec.rb +10 -12
- data/spec/lib/metasploit/credential/importer/multi_spec.rb +4 -6
- data/spec/lib/metasploit/credential/importer/pwdump_spec.rb +11 -13
- data/spec/lib/metasploit/credential/importer/zip_spec.rb +5 -7
- data/spec/lib/metasploit/credential/migrator_spec.rb +13 -13
- data/spec/lib/metasploit/credential/version_spec.rb +3 -5
- data/spec/lib/metasploit/credential_spec.rb +1 -3
- data/spec/models/mdm/service_spec.rb +3 -5
- data/spec/models/mdm/session_spec.rb +2 -4
- data/spec/models/mdm/task_spec.rb +4 -6
- data/spec/models/mdm/user_spec.rb +2 -4
- data/spec/models/mdm/workspace_spec.rb +2 -4
- data/spec/models/metasploit/credential/blank_username_spec.rb +5 -7
- data/spec/models/metasploit/credential/core_spec.rb +43 -45
- data/spec/models/metasploit/credential/login/status_spec.rb +19 -21
- data/spec/models/metasploit/credential/login_spec.rb +36 -38
- data/spec/models/metasploit/credential/nonreplayable_hash_spec.rb +3 -5
- data/spec/models/metasploit/credential/ntlm_hash_spec.rb +13 -15
- data/spec/models/metasploit/credential/origin/cracked_password_spec.rb +5 -7
- data/spec/models/metasploit/credential/origin/import_spec.rb +8 -10
- data/spec/models/metasploit/credential/origin/manual_spec.rb +7 -9
- data/spec/models/metasploit/credential/origin/service_spec.rb +10 -12
- data/spec/models/metasploit/credential/origin/session_spec.rb +11 -13
- data/spec/models/metasploit/credential/password_hash_spec.rb +4 -6
- data/spec/models/metasploit/credential/password_spec.rb +3 -5
- data/spec/models/metasploit/credential/postgres_md5_spec.rb +4 -6
- data/spec/models/metasploit/credential/private_spec.rb +8 -10
- data/spec/models/metasploit/credential/public_spec.rb +5 -7
- data/spec/models/metasploit/credential/realm_spec.rb +14 -16
- data/spec/models/metasploit/credential/replayable_hash_spec.rb +3 -5
- data/spec/models/metasploit/credential/ssh_key_spec.rb +15 -17
- data/spec/models/metasploit/credential/username_spec.rb +6 -8
- data/spec/models/metasploit_data_models/search/visitor/relation_spec.rb +1 -3
- data/spec/spec_helper.rb +83 -18
- data/spec/support/shared/contexts/mdm/workspace.rb +1 -1
- data/spec/support/shared/examples/core_validations.rb +117 -42
- data/spec/support/shared/examples/single_table_inheritance_database_columns.rb +2 -2
- data/spec/support/shared/examples/timestamp_database_column.rb +2 -2
- metadata +9 -9
|
@@ -1,6 +1,4 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
describe Metasploit::Credential::Origin::Service do
|
|
1
|
+
RSpec.describe Metasploit::Credential::Origin::Service, type: :model do
|
|
4
2
|
include_context 'Mdm::Workspace'
|
|
5
3
|
|
|
6
4
|
subject(:service_origin) do
|
|
@@ -10,23 +8,23 @@ describe Metasploit::Credential::Origin::Service do
|
|
|
10
8
|
it_should_behave_like 'Metasploit::Concern.run'
|
|
11
9
|
|
|
12
10
|
context 'associations' do
|
|
13
|
-
it {
|
|
14
|
-
it {
|
|
11
|
+
it { is_expected.to have_many(:cores).class_name('Metasploit::Credential::Core').dependent(:destroy) }
|
|
12
|
+
it { is_expected.to belong_to(:service).class_name('Mdm::Service') }
|
|
15
13
|
end
|
|
16
14
|
|
|
17
15
|
context 'database' do
|
|
18
16
|
context 'columns' do
|
|
19
17
|
it_should_behave_like 'timestamp database columns'
|
|
20
18
|
|
|
21
|
-
it {
|
|
19
|
+
it { is_expected.to have_db_column(:module_full_name).of_type(:text).with_options(null: false) }
|
|
22
20
|
|
|
23
21
|
context 'foreign keys' do
|
|
24
|
-
it {
|
|
22
|
+
it { is_expected.to have_db_column(:service_id).of_type(:integer).with_options(null: false) }
|
|
25
23
|
end
|
|
26
24
|
end
|
|
27
25
|
|
|
28
26
|
context 'indices' do
|
|
29
|
-
it {
|
|
27
|
+
it { is_expected.to have_db_index([:service_id, :module_full_name]).unique(true) }
|
|
30
28
|
end
|
|
31
29
|
end
|
|
32
30
|
|
|
@@ -36,13 +34,13 @@ describe Metasploit::Credential::Origin::Service do
|
|
|
36
34
|
FactoryGirl.build(:metasploit_credential_origin_service)
|
|
37
35
|
end
|
|
38
36
|
|
|
39
|
-
it {
|
|
37
|
+
it { is_expected.to be_valid }
|
|
40
38
|
end
|
|
41
39
|
end
|
|
42
40
|
|
|
43
41
|
context 'mass assignment security' do
|
|
44
42
|
it { should_not allow_mass_assignment_of :created_at }
|
|
45
|
-
it {
|
|
43
|
+
it { is_expected.to allow_mass_assignment_of :module_full_name }
|
|
46
44
|
it { should_not allow_mass_assignment_of :service }
|
|
47
45
|
it { should_not allow_mass_assignment_of :service_id }
|
|
48
46
|
it { should_not allow_mass_assignment_of :updated_at }
|
|
@@ -164,10 +162,10 @@ describe Metasploit::Credential::Origin::Service do
|
|
|
164
162
|
FactoryGirl.create(:metasploit_credential_origin_service)
|
|
165
163
|
end
|
|
166
164
|
|
|
167
|
-
it {
|
|
165
|
+
it { is_expected.to validate_uniqueness_of(:module_full_name).scoped_to(:service_id) }
|
|
168
166
|
end
|
|
169
167
|
end
|
|
170
168
|
|
|
171
|
-
it {
|
|
169
|
+
it { is_expected.to validate_presence_of :service }
|
|
172
170
|
end
|
|
173
171
|
end
|
|
@@ -1,26 +1,24 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
describe Metasploit::Credential::Origin::Session do
|
|
1
|
+
RSpec.describe Metasploit::Credential::Origin::Session, type: :model do
|
|
4
2
|
it_should_behave_like 'Metasploit::Concern.run'
|
|
5
3
|
|
|
6
4
|
context 'associations' do
|
|
7
|
-
it {
|
|
8
|
-
it {
|
|
5
|
+
it { is_expected.to have_many(:cores).class_name('Metasploit::Credential::Core').dependent(:destroy) }
|
|
6
|
+
it { is_expected.to belong_to(:session).class_name('Mdm::Session') }
|
|
9
7
|
end
|
|
10
8
|
|
|
11
9
|
context 'database' do
|
|
12
10
|
context 'columns' do
|
|
13
|
-
it {
|
|
11
|
+
it { is_expected.to have_db_column(:post_reference_name).of_type(:text).with_options(null: false) }
|
|
14
12
|
|
|
15
13
|
it_should_behave_like 'timestamp database columns'
|
|
16
14
|
|
|
17
15
|
context 'foreign keys' do
|
|
18
|
-
it {
|
|
16
|
+
it { is_expected.to have_db_column(:session_id).of_type(:integer).with_options(null: false) }
|
|
19
17
|
end
|
|
20
18
|
end
|
|
21
19
|
|
|
22
20
|
context 'columns' do
|
|
23
|
-
it {
|
|
21
|
+
it { is_expected.to have_db_index([:session_id, :post_reference_name]).unique(true) }
|
|
24
22
|
end
|
|
25
23
|
end
|
|
26
24
|
|
|
@@ -32,13 +30,13 @@ describe Metasploit::Credential::Origin::Session do
|
|
|
32
30
|
FactoryGirl.build(:metasploit_credential_origin_session)
|
|
33
31
|
end
|
|
34
32
|
|
|
35
|
-
it {
|
|
33
|
+
it { is_expected.to be_valid }
|
|
36
34
|
end
|
|
37
35
|
end
|
|
38
36
|
|
|
39
37
|
context 'mass assignment security' do
|
|
40
38
|
it { should_not allow_mass_assignment_of(:created_at) }
|
|
41
|
-
it {
|
|
39
|
+
it { is_expected.to allow_mass_assignment_of(:post_reference_name) }
|
|
42
40
|
it { should_not allow_mass_assignment_of(:session) }
|
|
43
41
|
it { should_not allow_mass_assignment_of(:session_id) }
|
|
44
42
|
it { should_not allow_mass_assignment_of(:updated_at) }
|
|
@@ -52,10 +50,10 @@ describe Metasploit::Credential::Origin::Session do
|
|
|
52
50
|
FactoryGirl.create(:metasploit_credential_origin_session)
|
|
53
51
|
end
|
|
54
52
|
|
|
55
|
-
it {
|
|
56
|
-
it {
|
|
53
|
+
it { is_expected.to validate_presence_of :post_reference_name }
|
|
54
|
+
it { is_expected.to validate_uniqueness_of(:post_reference_name).scoped_to(:session_id) }
|
|
57
55
|
end
|
|
58
56
|
|
|
59
|
-
it {
|
|
57
|
+
it { is_expected.to validate_presence_of :session }
|
|
60
58
|
end
|
|
61
59
|
end
|
|
@@ -1,9 +1,7 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
describe Metasploit::Credential::PasswordHash do
|
|
1
|
+
RSpec.describe Metasploit::Credential::PasswordHash, type: :model do
|
|
4
2
|
it_should_behave_like 'Metasploit::Concern.run'
|
|
5
3
|
|
|
6
|
-
it {
|
|
4
|
+
it { is_expected.to be_a Metasploit::Credential::Private }
|
|
7
5
|
|
|
8
6
|
context 'factories' do
|
|
9
7
|
context 'metasploit_credential_password_hash' do
|
|
@@ -11,11 +9,11 @@ describe Metasploit::Credential::PasswordHash do
|
|
|
11
9
|
FactoryGirl.build(:metasploit_credential_password_hash)
|
|
12
10
|
end
|
|
13
11
|
|
|
14
|
-
it {
|
|
12
|
+
it { is_expected.to be_valid }
|
|
15
13
|
end
|
|
16
14
|
end
|
|
17
15
|
|
|
18
16
|
context 'validations' do
|
|
19
|
-
it {
|
|
17
|
+
it { is_expected.to validate_presence_of :data }
|
|
20
18
|
end
|
|
21
19
|
end
|
|
@@ -1,9 +1,7 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
describe Metasploit::Credential::Password do
|
|
1
|
+
RSpec.describe Metasploit::Credential::Password, type: :model do
|
|
4
2
|
it_should_behave_like 'Metasploit::Concern.run'
|
|
5
3
|
|
|
6
|
-
it {
|
|
4
|
+
it { is_expected.to be_a Metasploit::Credential::Private }
|
|
7
5
|
|
|
8
6
|
context 'factories' do
|
|
9
7
|
context 'metasploit_credential_password' do
|
|
@@ -11,7 +9,7 @@ describe Metasploit::Credential::Password do
|
|
|
11
9
|
FactoryGirl.build(:metasploit_credential_password)
|
|
12
10
|
end
|
|
13
11
|
|
|
14
|
-
it {
|
|
12
|
+
it { is_expected.to be_valid }
|
|
15
13
|
end
|
|
16
14
|
end
|
|
17
15
|
end
|
|
@@ -1,9 +1,7 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
describe Metasploit::Credential::PostgresMD5 do
|
|
1
|
+
RSpec.describe Metasploit::Credential::PostgresMD5, type: :model do
|
|
4
2
|
it_should_behave_like 'Metasploit::Concern.run'
|
|
5
3
|
|
|
6
|
-
it {
|
|
4
|
+
it { is_expected.to be_a Metasploit::Credential::ReplayableHash }
|
|
7
5
|
|
|
8
6
|
context 'CONSTANTS' do
|
|
9
7
|
context 'DATA_REGEXP' do
|
|
@@ -55,7 +53,7 @@ describe Metasploit::Credential::PostgresMD5 do
|
|
|
55
53
|
nil
|
|
56
54
|
end
|
|
57
55
|
|
|
58
|
-
it {
|
|
56
|
+
it { is_expected.to be_nil }
|
|
59
57
|
end
|
|
60
58
|
|
|
61
59
|
context 'with upper case characters' do
|
|
@@ -87,7 +85,7 @@ describe Metasploit::Credential::PostgresMD5 do
|
|
|
87
85
|
FactoryGirl.build(:metasploit_credential_postgres_md5)
|
|
88
86
|
end
|
|
89
87
|
|
|
90
|
-
it {
|
|
88
|
+
it { is_expected.to be_valid }
|
|
91
89
|
end
|
|
92
90
|
end
|
|
93
91
|
|
|
@@ -1,6 +1,4 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
describe Metasploit::Credential::Private do
|
|
1
|
+
RSpec.describe Metasploit::Credential::Private, type: :model do
|
|
4
2
|
it_should_behave_like 'Metasploit::Concern.run'
|
|
5
3
|
|
|
6
4
|
context 'database' do
|
|
@@ -8,11 +6,11 @@ describe Metasploit::Credential::Private do
|
|
|
8
6
|
it_should_behave_like 'single table inheritance database columns'
|
|
9
7
|
it_should_behave_like 'timestamp database columns'
|
|
10
8
|
|
|
11
|
-
it {
|
|
9
|
+
it { is_expected.to have_db_column(:data).of_type(:text).with_options(null: false) }
|
|
12
10
|
end
|
|
13
11
|
|
|
14
12
|
context 'indices' do
|
|
15
|
-
it {
|
|
13
|
+
it { is_expected.to have_db_index([:type, :data]).unique(true) }
|
|
16
14
|
end
|
|
17
15
|
end
|
|
18
16
|
|
|
@@ -22,13 +20,13 @@ describe Metasploit::Credential::Private do
|
|
|
22
20
|
FactoryGirl.build(:metasploit_credential_private)
|
|
23
21
|
end
|
|
24
22
|
|
|
25
|
-
it {
|
|
23
|
+
it { is_expected.to be_valid }
|
|
26
24
|
end
|
|
27
25
|
end
|
|
28
26
|
|
|
29
27
|
context 'mass assignement security' do
|
|
30
28
|
it { should_not allow_mass_assignment_of :created_at }
|
|
31
|
-
it {
|
|
29
|
+
it { is_expected.to allow_mass_assignment_of :data }
|
|
32
30
|
it { should_not allow_mass_assignment_of :id }
|
|
33
31
|
it { should_not allow_mass_assignment_of :updated_at }
|
|
34
32
|
it { should_not allow_mass_assignment_of :type }
|
|
@@ -36,9 +34,9 @@ describe Metasploit::Credential::Private do
|
|
|
36
34
|
|
|
37
35
|
context 'validations' do
|
|
38
36
|
context 'data' do
|
|
39
|
-
it {
|
|
37
|
+
it { is_expected.to validate_non_nilness_of :data }
|
|
40
38
|
|
|
41
|
-
# `it {
|
|
39
|
+
# `it { is_expected.to validate_uniqueness_of(:data).scoped_to(:type) }` tries to use a NULL type, which isn't allowed, so
|
|
42
40
|
# have to perform validation check manually
|
|
43
41
|
context 'validates uniqueness of #data scoped to #type' do
|
|
44
42
|
subject(:data_errors) do
|
|
@@ -89,7 +87,7 @@ describe Metasploit::Credential::Private do
|
|
|
89
87
|
existent_private.type
|
|
90
88
|
end
|
|
91
89
|
|
|
92
|
-
it {
|
|
90
|
+
it { is_expected.to include(error) }
|
|
93
91
|
end
|
|
94
92
|
|
|
95
93
|
context 'without same #type' do
|
|
@@ -1,17 +1,15 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
describe Metasploit::Credential::Public do
|
|
1
|
+
RSpec.describe Metasploit::Credential::Public, type: :model do
|
|
4
2
|
it_should_behave_like 'Metasploit::Concern.run'
|
|
5
3
|
|
|
6
4
|
context 'database' do
|
|
7
5
|
context 'columns' do
|
|
8
6
|
it_should_behave_like 'timestamp database columns'
|
|
9
7
|
|
|
10
|
-
it {
|
|
8
|
+
it { is_expected.to have_db_column(:username).of_type(:string).with_options(null: false) }
|
|
11
9
|
end
|
|
12
10
|
|
|
13
11
|
context 'indices' do
|
|
14
|
-
it {
|
|
12
|
+
it { is_expected.to have_db_index(:username).unique(true) }
|
|
15
13
|
end
|
|
16
14
|
end
|
|
17
15
|
|
|
@@ -21,14 +19,14 @@ describe Metasploit::Credential::Public do
|
|
|
21
19
|
FactoryGirl.build(:metasploit_credential_public)
|
|
22
20
|
end
|
|
23
21
|
|
|
24
|
-
it {
|
|
22
|
+
it { is_expected.to be_valid }
|
|
25
23
|
end
|
|
26
24
|
end
|
|
27
25
|
|
|
28
26
|
context 'mass assignment security' do
|
|
29
27
|
it { should_not allow_mass_assignment_of(:created_at) }
|
|
30
28
|
it { should_not allow_mass_assignment_of(:updated_at) }
|
|
31
|
-
it {
|
|
29
|
+
it { is_expected.to allow_mass_assignment_of(:username) }
|
|
32
30
|
end
|
|
33
31
|
|
|
34
32
|
context 'search' do
|
|
@@ -1,18 +1,16 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
describe Metasploit::Credential::Realm do
|
|
1
|
+
RSpec.describe Metasploit::Credential::Realm, type: :model do
|
|
4
2
|
it_should_behave_like 'Metasploit::Concern.run'
|
|
5
3
|
|
|
6
4
|
context 'database' do
|
|
7
5
|
context 'columns' do
|
|
8
|
-
it {
|
|
9
|
-
it {
|
|
6
|
+
it { is_expected.to have_db_column(:key).of_type(:string).with_options(null: false) }
|
|
7
|
+
it { is_expected.to have_db_column(:value).of_type(:string).with_options(null: false) }
|
|
10
8
|
|
|
11
9
|
it_should_behave_like 'timestamp database columns'
|
|
12
10
|
end
|
|
13
11
|
|
|
14
12
|
context 'indices' do
|
|
15
|
-
it {
|
|
13
|
+
it { is_expected.to have_db_index([:key, :value]).unique(true) }
|
|
16
14
|
end
|
|
17
15
|
end
|
|
18
16
|
|
|
@@ -22,7 +20,7 @@ describe Metasploit::Credential::Realm do
|
|
|
22
20
|
FactoryGirl.build(:metasploit_credential_active_directory_domain)
|
|
23
21
|
end
|
|
24
22
|
|
|
25
|
-
it {
|
|
23
|
+
it { is_expected.to be_valid }
|
|
26
24
|
|
|
27
25
|
context '#key' do
|
|
28
26
|
subject(:key) {
|
|
@@ -40,7 +38,7 @@ describe Metasploit::Credential::Realm do
|
|
|
40
38
|
FactoryGirl.build(:metasploit_credential_oracle_system_identifier)
|
|
41
39
|
end
|
|
42
40
|
|
|
43
|
-
it {
|
|
41
|
+
it { is_expected.to be_valid }
|
|
44
42
|
|
|
45
43
|
context '#key' do
|
|
46
44
|
subject(:key) {
|
|
@@ -58,7 +56,7 @@ describe Metasploit::Credential::Realm do
|
|
|
58
56
|
FactoryGirl.build(:metasploit_credential_postgresql_database)
|
|
59
57
|
end
|
|
60
58
|
|
|
61
|
-
it {
|
|
59
|
+
it { is_expected.to be_valid }
|
|
62
60
|
|
|
63
61
|
context '#key' do
|
|
64
62
|
subject(:key) {
|
|
@@ -76,13 +74,13 @@ describe Metasploit::Credential::Realm do
|
|
|
76
74
|
FactoryGirl.build(:metasploit_credential_realm)
|
|
77
75
|
end
|
|
78
76
|
|
|
79
|
-
it {
|
|
77
|
+
it { is_expected.to be_valid }
|
|
80
78
|
end
|
|
81
79
|
end
|
|
82
80
|
|
|
83
81
|
context 'mass assignment security' do
|
|
84
|
-
it {
|
|
85
|
-
it {
|
|
82
|
+
it { is_expected.to allow_mass_assignment_of(:key) }
|
|
83
|
+
it { is_expected.to allow_mass_assignment_of(:value) }
|
|
86
84
|
end
|
|
87
85
|
|
|
88
86
|
|
|
@@ -106,12 +104,12 @@ describe Metasploit::Credential::Realm do
|
|
|
106
104
|
|
|
107
105
|
context 'validations' do
|
|
108
106
|
context 'on #key' do
|
|
109
|
-
it {
|
|
110
|
-
it {
|
|
107
|
+
it { is_expected.to ensure_inclusion_of(:key).in_array(Metasploit::Model::Realm::Key::ALL) }
|
|
108
|
+
it { is_expected.to validate_presence_of :key }
|
|
111
109
|
end
|
|
112
110
|
|
|
113
111
|
context 'on #value' do
|
|
114
|
-
it {
|
|
112
|
+
it { is_expected.to validate_presence_of :value }
|
|
115
113
|
|
|
116
114
|
# key cannot be NULL so `validate_uniqueness_of(:value).scoped_to(:key)` does not work because it tries a NULL
|
|
117
115
|
# key
|
|
@@ -164,7 +162,7 @@ describe Metasploit::Credential::Realm do
|
|
|
164
162
|
existent_realm.value
|
|
165
163
|
end
|
|
166
164
|
|
|
167
|
-
it {
|
|
165
|
+
it { is_expected.to include(error) }
|
|
168
166
|
end
|
|
169
167
|
|
|
170
168
|
context 'without same #value' do
|
|
@@ -1,9 +1,7 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
describe Metasploit::Credential::ReplayableHash do
|
|
1
|
+
RSpec.describe Metasploit::Credential::ReplayableHash, type: :model do
|
|
4
2
|
it_should_behave_like 'Metasploit::Concern.run'
|
|
5
3
|
|
|
6
|
-
it {
|
|
4
|
+
it { is_expected.to be_a Metasploit::Credential::PasswordHash }
|
|
7
5
|
|
|
8
6
|
context 'factories' do
|
|
9
7
|
context 'metasploit_credential_replayable_hash' do
|
|
@@ -11,7 +9,7 @@ describe Metasploit::Credential::ReplayableHash do
|
|
|
11
9
|
FactoryGirl.build(:metasploit_credential_replayable_hash)
|
|
12
10
|
end
|
|
13
11
|
|
|
14
|
-
it {
|
|
12
|
+
it { is_expected.to be_valid }
|
|
15
13
|
end
|
|
16
14
|
end
|
|
17
15
|
end
|
|
@@ -1,6 +1,4 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
describe Metasploit::Credential::SSHKey do
|
|
1
|
+
RSpec.describe Metasploit::Credential::SSHKey, type: :model do
|
|
4
2
|
it_should_behave_like 'Metasploit::Concern.run'
|
|
5
3
|
|
|
6
4
|
#
|
|
@@ -18,7 +16,7 @@ describe Metasploit::Credential::SSHKey do
|
|
|
18
16
|
FactoryGirl.build(:metasploit_credential_dsa_key)
|
|
19
17
|
end
|
|
20
18
|
|
|
21
|
-
it {
|
|
19
|
+
it { is_expected.to be_valid }
|
|
22
20
|
|
|
23
21
|
it 'has DSA key type' do
|
|
24
22
|
expect(metasploit_credential_dsa_key.data).to match(/-----BEGIN DSA PRIVATE KEY-----/)
|
|
@@ -31,7 +29,7 @@ describe Metasploit::Credential::SSHKey do
|
|
|
31
29
|
FactoryGirl.build(:metasploit_credential_rsa_key)
|
|
32
30
|
end
|
|
33
31
|
|
|
34
|
-
it {
|
|
32
|
+
it { is_expected.to be_valid }
|
|
35
33
|
|
|
36
34
|
it 'has RSA key type' do
|
|
37
35
|
expect(metasploit_credential_rsa_key.data).to match(/-----BEGIN RSA PRIVATE KEY-----/)
|
|
@@ -44,12 +42,12 @@ describe Metasploit::Credential::SSHKey do
|
|
|
44
42
|
FactoryGirl.build(:metasploit_credential_ssh_key)
|
|
45
43
|
end
|
|
46
44
|
|
|
47
|
-
it {
|
|
45
|
+
it { is_expected.to be_valid }
|
|
48
46
|
end
|
|
49
47
|
end
|
|
50
48
|
|
|
51
49
|
context 'validations' do
|
|
52
|
-
it {
|
|
50
|
+
it { is_expected.to validate_presence_of :data }
|
|
53
51
|
|
|
54
52
|
context 'on #data' do
|
|
55
53
|
subject(:data_errors) do
|
|
@@ -92,7 +90,7 @@ describe Metasploit::Credential::SSHKey do
|
|
|
92
90
|
false
|
|
93
91
|
end
|
|
94
92
|
|
|
95
|
-
it {
|
|
93
|
+
it { is_expected.to include(error) }
|
|
96
94
|
end
|
|
97
95
|
end
|
|
98
96
|
|
|
@@ -156,7 +154,7 @@ describe Metasploit::Credential::SSHKey do
|
|
|
156
154
|
ssh_key.valid?
|
|
157
155
|
end
|
|
158
156
|
|
|
159
|
-
it {
|
|
157
|
+
it { is_expected.to be_empty }
|
|
160
158
|
end
|
|
161
159
|
end
|
|
162
160
|
|
|
@@ -175,7 +173,7 @@ describe Metasploit::Credential::SSHKey do
|
|
|
175
173
|
ssh_key.valid?
|
|
176
174
|
end
|
|
177
175
|
|
|
178
|
-
it {
|
|
176
|
+
it { is_expected.to include(error) }
|
|
179
177
|
end
|
|
180
178
|
end
|
|
181
179
|
|
|
@@ -203,7 +201,7 @@ describe Metasploit::Credential::SSHKey do
|
|
|
203
201
|
true
|
|
204
202
|
end
|
|
205
203
|
|
|
206
|
-
it {
|
|
204
|
+
it { is_expected.to include(error) }
|
|
207
205
|
end
|
|
208
206
|
|
|
209
207
|
context 'without #encrypted' do
|
|
@@ -255,7 +253,7 @@ describe Metasploit::Credential::SSHKey do
|
|
|
255
253
|
cipher.random_key
|
|
256
254
|
end
|
|
257
255
|
|
|
258
|
-
it {
|
|
256
|
+
it { is_expected.to be_encrypted }
|
|
259
257
|
end
|
|
260
258
|
|
|
261
259
|
context 'without encrypted' do
|
|
@@ -333,7 +331,7 @@ describe Metasploit::Credential::SSHKey do
|
|
|
333
331
|
unencrypted_key.to_pem
|
|
334
332
|
end
|
|
335
333
|
|
|
336
|
-
it {
|
|
334
|
+
it { is_expected.to be_a OpenSSL::PKey.const_get(key_type) }
|
|
337
335
|
end
|
|
338
336
|
end
|
|
339
337
|
end
|
|
@@ -359,7 +357,7 @@ describe Metasploit::Credential::SSHKey do
|
|
|
359
357
|
nil
|
|
360
358
|
end
|
|
361
359
|
|
|
362
|
-
it {
|
|
360
|
+
it { is_expected.to be_nil }
|
|
363
361
|
end
|
|
364
362
|
|
|
365
363
|
context 'with DSA key' do
|
|
@@ -367,7 +365,7 @@ describe Metasploit::Credential::SSHKey do
|
|
|
367
365
|
FactoryGirl.build(:metasploit_credential_dsa_key)
|
|
368
366
|
end
|
|
369
367
|
|
|
370
|
-
it {
|
|
368
|
+
it { is_expected.to be_a OpenSSL::PKey::DSA }
|
|
371
369
|
end
|
|
372
370
|
|
|
373
371
|
context 'with RSA key' do
|
|
@@ -375,7 +373,7 @@ describe Metasploit::Credential::SSHKey do
|
|
|
375
373
|
FactoryGirl.build(:metasploit_credential_rsa_key)
|
|
376
374
|
end
|
|
377
375
|
|
|
378
|
-
it {
|
|
376
|
+
it { is_expected.to be_a OpenSSL::PKey::RSA }
|
|
379
377
|
end
|
|
380
378
|
|
|
381
379
|
context 'with nil' do
|
|
@@ -419,7 +417,7 @@ describe Metasploit::Credential::SSHKey do
|
|
|
419
417
|
private_key
|
|
420
418
|
end
|
|
421
419
|
|
|
422
|
-
it {
|
|
420
|
+
it { is_expected.to be_private }
|
|
423
421
|
end
|
|
424
422
|
end
|
|
425
423
|
end
|