metasploit-credential 0.14.7 → 0.14.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +41 -9
- data/lib/metasploit/credential/exporter/core.rb +2 -2
- data/lib/metasploit/credential/exporter/pwdump.rb +2 -2
- data/lib/metasploit/credential/migrator.rb +1 -1
- data/lib/metasploit/credential/version.rb +12 -21
- data/spec/dummy/db/structure.sql +0 -1
- data/spec/lib/metasploit/credential/creation_spec.rb +8 -6
- data/spec/lib/metasploit/credential/exporter/core_spec.rb +85 -100
- data/spec/lib/metasploit/credential/exporter/pwdump_spec.rb +16 -14
- data/spec/lib/metasploit/credential/importer/core_spec.rb +12 -10
- data/spec/lib/metasploit/credential/importer/multi_spec.rb +6 -4
- data/spec/lib/metasploit/credential/importer/pwdump_spec.rb +13 -11
- data/spec/lib/metasploit/credential/importer/zip_spec.rb +7 -5
- data/spec/lib/metasploit/credential/migrator_spec.rb +13 -13
- data/spec/lib/metasploit/credential/version_spec.rb +141 -3
- data/spec/lib/metasploit/credential_spec.rb +15 -4
- data/spec/models/mdm/service_spec.rb +5 -3
- data/spec/models/mdm/session_spec.rb +4 -2
- data/spec/models/mdm/task_spec.rb +6 -4
- data/spec/models/mdm/user_spec.rb +4 -2
- data/spec/models/mdm/workspace_spec.rb +4 -2
- data/spec/models/metasploit/credential/blank_username_spec.rb +7 -5
- data/spec/models/metasploit/credential/core_spec.rb +45 -43
- data/spec/models/metasploit/credential/login/status_spec.rb +21 -19
- data/spec/models/metasploit/credential/login_spec.rb +38 -36
- data/spec/models/metasploit/credential/nonreplayable_hash_spec.rb +5 -3
- data/spec/models/metasploit/credential/ntlm_hash_spec.rb +15 -13
- data/spec/models/metasploit/credential/origin/cracked_password_spec.rb +7 -5
- data/spec/models/metasploit/credential/origin/import_spec.rb +10 -8
- data/spec/models/metasploit/credential/origin/manual_spec.rb +9 -7
- data/spec/models/metasploit/credential/origin/service_spec.rb +12 -10
- data/spec/models/metasploit/credential/origin/session_spec.rb +13 -11
- data/spec/models/metasploit/credential/password_hash_spec.rb +6 -4
- data/spec/models/metasploit/credential/password_spec.rb +5 -3
- data/spec/models/metasploit/credential/postgres_md5_spec.rb +6 -4
- data/spec/models/metasploit/credential/private_spec.rb +10 -8
- data/spec/models/metasploit/credential/public_spec.rb +7 -5
- data/spec/models/metasploit/credential/realm_spec.rb +16 -14
- data/spec/models/metasploit/credential/replayable_hash_spec.rb +5 -3
- data/spec/models/metasploit/credential/ssh_key_spec.rb +17 -15
- data/spec/models/metasploit/credential/username_spec.rb +8 -6
- data/spec/models/metasploit_data_models/search/visitor/relation_spec.rb +3 -1
- data/spec/spec_helper.rb +25 -95
- data/spec/support/shared/contexts/mdm/workspace.rb +1 -1
- data/spec/support/shared/examples/core_validations.rb +42 -117
- data/spec/support/shared/examples/single_table_inheritance_database_columns.rb +2 -2
- data/spec/support/shared/examples/timestamp_database_column.rb +2 -2
- metadata +8 -22
@@ -1,4 +1,15 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Metasploit::Credential do
|
4
|
+
context 'CONSTANTS' do
|
5
|
+
context 'VERSION' do
|
6
|
+
subject(:version) do
|
7
|
+
described_class::VERSION
|
8
|
+
end
|
9
|
+
|
10
|
+
it 'is Metasploit::Credential::Version.full' do
|
11
|
+
expect(version).to eq(Metasploit::Credential::Version.full)
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -1,6 +1,8 @@
|
|
1
|
-
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Mdm::Service do
|
2
4
|
context 'associations' do
|
3
|
-
it {
|
4
|
-
it {
|
5
|
+
it { should have_many(:credential_origins).class_name('Metasploit::Credential::Origin::Service').dependent(:destroy) }
|
6
|
+
it { should have_many(:logins).class_name('Metasploit::Credential::Login').dependent(:destroy) }
|
5
7
|
end
|
6
8
|
end
|
@@ -1,5 +1,7 @@
|
|
1
|
-
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Mdm::Session do
|
2
4
|
context 'associations' do
|
3
|
-
it {
|
5
|
+
it { should have_many(:credential_origins).class_name('Metasploit::Credential::Origin::Session').dependent(:destroy) }
|
4
6
|
end
|
5
7
|
end
|
@@ -1,7 +1,9 @@
|
|
1
|
-
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Mdm::Task do
|
2
4
|
context 'associations' do
|
3
|
-
it {
|
4
|
-
it {
|
5
|
-
it {
|
5
|
+
it { should have_many(:import_credential_origins).class_name('Metasploit::Credential::Origin::Import').dependent(:destroy) }
|
6
|
+
it { should have_and_belong_to_many(:credential_cores).class_name('Metasploit::Credential::Core') }
|
7
|
+
it { should have_and_belong_to_many(:credential_logins).class_name('Metasploit::Credential::Login') }
|
6
8
|
end
|
7
9
|
end
|
@@ -1,5 +1,7 @@
|
|
1
|
-
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Mdm::User do
|
2
4
|
context 'associations' do
|
3
|
-
it {
|
5
|
+
it { should have_many(:credential_origins).class_name('Metasploit::Credential::Origin::Manual').dependent(:destroy) }
|
4
6
|
end
|
5
7
|
end
|
@@ -1,5 +1,7 @@
|
|
1
|
-
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Mdm::Workspace do
|
2
4
|
context 'associations' do
|
3
|
-
it {
|
5
|
+
it { should have_many(:core_credentials).class_name('Metasploit::Credential::Core').dependent(:destroy) }
|
4
6
|
end
|
5
7
|
end
|
@@ -1,23 +1,25 @@
|
|
1
|
-
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Metasploit::Credential::BlankUsername do
|
2
4
|
it_should_behave_like 'Metasploit::Concern.run'
|
3
5
|
|
4
6
|
context 'database' do
|
5
7
|
context 'columns' do
|
6
8
|
it_should_behave_like 'timestamp database columns'
|
7
9
|
|
8
|
-
it {
|
9
|
-
it {
|
10
|
+
it { should have_db_column(:username).of_type(:string).with_options(null: false) }
|
11
|
+
it { should have_db_column(:type).of_type(:string).with_options(null: false) }
|
10
12
|
end
|
11
13
|
|
12
14
|
context 'indices' do
|
13
|
-
it {
|
15
|
+
it { should have_db_index(:username).unique(true) }
|
14
16
|
end
|
15
17
|
end
|
16
18
|
|
17
19
|
context 'mass assignment security' do
|
18
20
|
it { should_not allow_mass_assignment_of(:created_at) }
|
19
21
|
it { should_not allow_mass_assignment_of(:updated_at) }
|
20
|
-
it {
|
22
|
+
it { should allow_mass_assignment_of(:username) }
|
21
23
|
end
|
22
24
|
|
23
25
|
|
@@ -1,3 +1,5 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
1
3
|
# Test plan for unique indexes and uniqueness validators
|
2
4
|
#
|
3
5
|
# Index | First Metasploit::Credential::Core | | | | Second Metasploit::Credential::Core | | | | Collision |
|
@@ -52,7 +54,7 @@
|
|
52
54
|
# complete | non-nil | non-nil | non-nil | non-nil | different | different | different | same | FALSE |
|
53
55
|
# complete | non-nil | non-nil | non-nil | non-nil | different | different | different | different | FALSE |
|
54
56
|
#
|
55
|
-
|
57
|
+
describe Metasploit::Credential::Core do
|
56
58
|
include_context 'Mdm::Workspace'
|
57
59
|
|
58
60
|
subject(:core) do
|
@@ -69,27 +71,27 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
69
71
|
it_should_behave_like 'Metasploit::Concern.run'
|
70
72
|
|
71
73
|
context 'associations' do
|
72
|
-
it {
|
73
|
-
it {
|
74
|
-
it {
|
75
|
-
it {
|
76
|
-
it {
|
77
|
-
it {
|
78
|
-
it {
|
74
|
+
it { should have_and_belong_to_many(:tasks).class_name('Mdm::Task') }
|
75
|
+
it { should have_many(:logins).class_name('Metasploit::Credential::Login').dependent(:destroy) }
|
76
|
+
it { should belong_to(:origin) }
|
77
|
+
it { should belong_to(:private).class_name('Metasploit::Credential::Private') }
|
78
|
+
it { should belong_to(:public).class_name('Metasploit::Credential::Public') }
|
79
|
+
it { should belong_to(:realm).class_name('Metasploit::Credential::Realm') }
|
80
|
+
it { should belong_to(:workspace).class_name('Mdm::Workspace') }
|
79
81
|
end
|
80
82
|
|
81
83
|
context 'database' do
|
82
84
|
context 'columns' do
|
83
85
|
context 'foreign keys' do
|
84
86
|
context 'polymorphic origin' do
|
85
|
-
it {
|
86
|
-
it {
|
87
|
+
it { should have_db_column(:origin_id).of_type(:integer).with_options(null: false) }
|
88
|
+
it { should have_db_column(:origin_type).of_type(:string).with_options(null: false) }
|
87
89
|
end
|
88
90
|
|
89
|
-
it {
|
90
|
-
it {
|
91
|
-
it {
|
92
|
-
it {
|
91
|
+
it { should have_db_column(:private_id).of_type(:integer).with_options(null: true) }
|
92
|
+
it { should have_db_column(:public_id).of_type(:integer).with_options(null: true) }
|
93
|
+
it { should have_db_column(:realm_id).of_type(:integer).with_options(null: true) }
|
94
|
+
it { should have_db_column(:workspace_id).of_type(:integer).with_options(null: false) }
|
93
95
|
end
|
94
96
|
|
95
97
|
it_should_behave_like 'timestamp database columns'
|
@@ -98,11 +100,11 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
98
100
|
context 'indices' do
|
99
101
|
context 'foreign keys' do
|
100
102
|
|
101
|
-
it {
|
102
|
-
it {
|
103
|
-
it {
|
104
|
-
it {
|
105
|
-
it {
|
103
|
+
it { should have_db_index([:origin_type, :origin_id]) }
|
104
|
+
it { should have_db_index(:private_id) }
|
105
|
+
it { should have_db_index(:public_id) }
|
106
|
+
it { should have_db_index(:realm_id) }
|
107
|
+
it { should have_db_index(:workspace_id) }
|
106
108
|
|
107
109
|
|
108
110
|
end
|
@@ -293,7 +295,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
293
295
|
metasploit_credential_core.origin
|
294
296
|
end
|
295
297
|
|
296
|
-
it {
|
298
|
+
it { should be_valid }
|
297
299
|
|
298
300
|
context 'with origin_factory' do
|
299
301
|
subject(:metasploit_credential_core) do
|
@@ -308,7 +310,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
308
310
|
:metasploit_credential_origin_import
|
309
311
|
end
|
310
312
|
|
311
|
-
it {
|
313
|
+
it { should be_valid }
|
312
314
|
end
|
313
315
|
|
314
316
|
context ':metasploit_credential_origin_manual' do
|
@@ -316,14 +318,14 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
316
318
|
:metasploit_credential_origin_manual
|
317
319
|
end
|
318
320
|
|
319
|
-
it {
|
321
|
+
it { should be_valid }
|
320
322
|
|
321
323
|
context '#origin' do
|
322
324
|
subject(:origin) do
|
323
325
|
metasploit_credential_core.origin
|
324
326
|
end
|
325
327
|
|
326
|
-
it {
|
328
|
+
it { should be_a Metasploit::Credential::Origin::Manual }
|
327
329
|
end
|
328
330
|
|
329
331
|
context '#workspace' do
|
@@ -340,7 +342,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
340
342
|
:metasploit_credential_origin_service
|
341
343
|
end
|
342
344
|
|
343
|
-
it {
|
345
|
+
it { should be_valid }
|
344
346
|
|
345
347
|
context '#workspace' do
|
346
348
|
subject(:workspace) do
|
@@ -359,7 +361,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
359
361
|
:metasploit_credential_origin_session
|
360
362
|
end
|
361
363
|
|
362
|
-
it {
|
364
|
+
it { should be_valid }
|
363
365
|
|
364
366
|
context '#workspace' do
|
365
367
|
subject(:workspace) do
|
@@ -380,7 +382,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
380
382
|
FactoryGirl.build(:metasploit_credential_core_import)
|
381
383
|
end
|
382
384
|
|
383
|
-
it {
|
385
|
+
it { should be_valid }
|
384
386
|
end
|
385
387
|
|
386
388
|
context 'metasploit_credential_core_manual' do
|
@@ -388,7 +390,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
388
390
|
FactoryGirl.build(:metasploit_credential_core_manual)
|
389
391
|
end
|
390
392
|
|
391
|
-
it {
|
393
|
+
it { should be_valid }
|
392
394
|
|
393
395
|
context '#workspace' do
|
394
396
|
subject(:workspace) do
|
@@ -404,7 +406,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
404
406
|
FactoryGirl.build(:metasploit_credential_core_service)
|
405
407
|
end
|
406
408
|
|
407
|
-
it {
|
409
|
+
it { should be_valid }
|
408
410
|
|
409
411
|
context '#workspace' do
|
410
412
|
subject(:workspace) do
|
@@ -427,7 +429,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
427
429
|
FactoryGirl.build(:metasploit_credential_core_session)
|
428
430
|
end
|
429
431
|
|
430
|
-
it {
|
432
|
+
it { should be_valid }
|
431
433
|
|
432
434
|
context '#workspace' do
|
433
435
|
subject(:workspace) do
|
@@ -447,7 +449,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
447
449
|
end
|
448
450
|
|
449
451
|
context 'validations' do
|
450
|
-
it {
|
452
|
+
it { should validate_presence_of :origin }
|
451
453
|
|
452
454
|
|
453
455
|
context '#consistent_workspaces' do
|
@@ -536,7 +538,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
536
538
|
end
|
537
539
|
|
538
540
|
context 'without #workspace in Mdm::User#workspaces' do
|
539
|
-
it {
|
541
|
+
it { should include error }
|
540
542
|
end
|
541
543
|
end
|
542
544
|
end
|
@@ -546,7 +548,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
546
548
|
nil
|
547
549
|
end
|
548
550
|
|
549
|
-
it {
|
551
|
+
it { should include error }
|
550
552
|
end
|
551
553
|
end
|
552
554
|
|
@@ -591,7 +593,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
591
593
|
FactoryGirl.create(:mdm_workspace)
|
592
594
|
end
|
593
595
|
|
594
|
-
it {
|
596
|
+
it { should include error }
|
595
597
|
end
|
596
598
|
end
|
597
599
|
|
@@ -600,7 +602,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
600
602
|
nil
|
601
603
|
end
|
602
604
|
|
603
|
-
it {
|
605
|
+
it { should include error }
|
604
606
|
end
|
605
607
|
end
|
606
608
|
|
@@ -609,7 +611,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
609
611
|
nil
|
610
612
|
end
|
611
613
|
|
612
|
-
it {
|
614
|
+
it { should include error }
|
613
615
|
end
|
614
616
|
end
|
615
617
|
|
@@ -655,7 +657,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
655
657
|
FactoryGirl.create(:mdm_workspace)
|
656
658
|
end
|
657
659
|
|
658
|
-
it {
|
660
|
+
it { should include error }
|
659
661
|
end
|
660
662
|
end
|
661
663
|
|
@@ -664,7 +666,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
664
666
|
nil
|
665
667
|
end
|
666
668
|
|
667
|
-
it {
|
669
|
+
it { should include error }
|
668
670
|
end
|
669
671
|
end
|
670
672
|
|
@@ -673,7 +675,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
673
675
|
nil
|
674
676
|
end
|
675
677
|
|
676
|
-
it {
|
678
|
+
it { should include error }
|
677
679
|
end
|
678
680
|
end
|
679
681
|
|
@@ -682,7 +684,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
682
684
|
nil
|
683
685
|
end
|
684
686
|
|
685
|
-
it {
|
687
|
+
it { should include error }
|
686
688
|
end
|
687
689
|
end
|
688
690
|
end
|
@@ -837,7 +839,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
837
839
|
I18n.translate!('activerecord.errors.models.metasploit/credential/core.attributes.base.public_for_ssh_key')
|
838
840
|
end
|
839
841
|
|
840
|
-
|
842
|
+
let(:core) do
|
841
843
|
FactoryGirl.build(
|
842
844
|
:metasploit_credential_core,
|
843
845
|
private: FactoryGirl.build(:metasploit_credential_ssh_key),
|
@@ -845,7 +847,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
845
847
|
)
|
846
848
|
end
|
847
849
|
|
848
|
-
it {
|
850
|
+
it { core.should be_valid }
|
849
851
|
|
850
852
|
context "when the Public is missing" do
|
851
853
|
before(:each) do
|
@@ -853,12 +855,12 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
853
855
|
end
|
854
856
|
|
855
857
|
it 'should not be valid if Private is an SSHKey and Public is missing' do
|
856
|
-
|
858
|
+
core.should_not be_valid
|
857
859
|
end
|
858
860
|
|
859
861
|
it 'should show the proper error' do
|
860
862
|
core.valid?
|
861
|
-
|
863
|
+
core.errors[:base].should include(error)
|
862
864
|
end
|
863
865
|
end
|
864
866
|
|
@@ -1,16 +1,18 @@
|
|
1
|
-
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Metasploit::Model::Login::Status do
|
2
4
|
context 'CONSTANTS' do
|
3
5
|
context 'ALL' do
|
4
6
|
subject(:all) do
|
5
7
|
described_class::ALL
|
6
8
|
end
|
7
9
|
|
8
|
-
it {
|
9
|
-
it {
|
10
|
-
it {
|
11
|
-
it {
|
12
|
-
it {
|
13
|
-
it {
|
10
|
+
it { should include described_class::DENIED_ACCESS }
|
11
|
+
it { should include described_class::DISABLED }
|
12
|
+
it { should include described_class::LOCKED_OUT }
|
13
|
+
it { should include described_class::SUCCESSFUL }
|
14
|
+
it { should include described_class::UNABLE_TO_CONNECT }
|
15
|
+
it { should include described_class::UNTRIED }
|
14
16
|
end
|
15
17
|
|
16
18
|
context 'DENIED_ACCESS' do
|
@@ -18,8 +20,8 @@ RSpec.describe Metasploit::Model::Login::Status, type: :model do
|
|
18
20
|
described_class::DENIED_ACCESS
|
19
21
|
end
|
20
22
|
|
21
|
-
it {
|
22
|
-
it {
|
23
|
+
it { should == 'Denied Access' }
|
24
|
+
it { should be_in described_class::ALL }
|
23
25
|
end
|
24
26
|
|
25
27
|
context 'DISABLED' do
|
@@ -27,8 +29,8 @@ RSpec.describe Metasploit::Model::Login::Status, type: :model do
|
|
27
29
|
described_class::DISABLED
|
28
30
|
end
|
29
31
|
|
30
|
-
it {
|
31
|
-
it {
|
32
|
+
it { should == 'Disabled' }
|
33
|
+
it { should be_in described_class::ALL }
|
32
34
|
end
|
33
35
|
|
34
36
|
context 'LOCKED_OUT' do
|
@@ -36,8 +38,8 @@ RSpec.describe Metasploit::Model::Login::Status, type: :model do
|
|
36
38
|
described_class::LOCKED_OUT
|
37
39
|
end
|
38
40
|
|
39
|
-
it {
|
40
|
-
it {
|
41
|
+
it { should == 'Locked Out' }
|
42
|
+
it { should be_in described_class::ALL }
|
41
43
|
end
|
42
44
|
|
43
45
|
context 'SUCCESSFUL' do
|
@@ -45,8 +47,8 @@ RSpec.describe Metasploit::Model::Login::Status, type: :model do
|
|
45
47
|
described_class::SUCCESSFUL
|
46
48
|
end
|
47
49
|
|
48
|
-
it {
|
49
|
-
it {
|
50
|
+
it { should == 'Successful' }
|
51
|
+
it { should be_in described_class::ALL }
|
50
52
|
end
|
51
53
|
|
52
54
|
context 'UNABLE_TO_CONNECT' do
|
@@ -54,8 +56,8 @@ RSpec.describe Metasploit::Model::Login::Status, type: :model do
|
|
54
56
|
described_class::UNABLE_TO_CONNECT
|
55
57
|
end
|
56
58
|
|
57
|
-
it {
|
58
|
-
it {
|
59
|
+
it { should == 'Unable to Connect' }
|
60
|
+
it { should be_in described_class::ALL }
|
59
61
|
end
|
60
62
|
|
61
63
|
context 'UNTRIED' do
|
@@ -63,8 +65,8 @@ RSpec.describe Metasploit::Model::Login::Status, type: :model do
|
|
63
65
|
described_class::UNTRIED
|
64
66
|
end
|
65
67
|
|
66
|
-
it {
|
67
|
-
it {
|
68
|
+
it { should == 'Untried' }
|
69
|
+
it { should be_in described_class::ALL }
|
68
70
|
end
|
69
71
|
end
|
70
72
|
end
|