metasploit-credential 2.0.14 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/lib/metasploit/credential/engine.rb +2 -2
- data/lib/metasploit/credential/version.rb +3 -3
- data/spec/dummy/config/database.yml +2 -2
- data/spec/factories/metasploit/credential/blank_usernames.rb +1 -1
- data/spec/factories/metasploit/credential/cores.rb +6 -6
- data/spec/factories/metasploit/credential/importer/cores.rb +2 -2
- data/spec/factories/metasploit/credential/importer/pwdumps.rb +3 -3
- data/spec/factories/metasploit/credential/importer/zips.rb +8 -8
- data/spec/factories/metasploit/credential/logins.rb +3 -3
- data/spec/factories/metasploit/credential/nonreplayable_hashes.rb +1 -1
- data/spec/factories/metasploit/credential/ntlm_hashes.rb +1 -1
- data/spec/factories/metasploit/credential/origin/imports.rb +1 -1
- data/spec/factories/metasploit/credential/origin/manuals.rb +1 -1
- data/spec/factories/metasploit/credential/origin/services.rb +1 -1
- data/spec/factories/metasploit/credential/origin/sessions.rb +1 -1
- data/spec/factories/metasploit/credential/password_hashes.rb +1 -1
- data/spec/factories/metasploit/credential/passwords.rb +1 -1
- data/spec/factories/metasploit/credential/postgres_md5.rb +1 -1
- data/spec/factories/metasploit/credential/privates.rb +1 -1
- data/spec/factories/metasploit/credential/publics.rb +2 -2
- data/spec/factories/metasploit/credential/realms.rb +1 -1
- data/spec/factories/metasploit/credential/replayable_hashes.rb +1 -1
- data/spec/factories/metasploit/credential/ssh_keys.rb +1 -1
- data/spec/factories/metasploit/credential/usernames.rb +1 -1
- data/spec/lib/metasploit/credential/creation_spec.rb +52 -52
- data/spec/lib/metasploit/credential/exporter/core_spec.rb +3 -3
- data/spec/lib/metasploit/credential/exporter/pwdump_spec.rb +11 -11
- data/spec/lib/metasploit/credential/importer/core_spec.rb +19 -19
- data/spec/lib/metasploit/credential/importer/multi_spec.rb +4 -4
- data/spec/lib/metasploit/credential/importer/pwdump_spec.rb +3 -3
- data/spec/lib/metasploit/credential/importer/zip_spec.rb +3 -3
- data/spec/lib/metasploit/credential/migrator_spec.rb +22 -22
- data/spec/models/metasploit/credential/core_spec.rb +42 -42
- data/spec/models/metasploit/credential/login_spec.rb +20 -20
- data/spec/models/metasploit/credential/nonreplayable_hash_spec.rb +1 -1
- data/spec/models/metasploit/credential/ntlm_hash_spec.rb +5 -5
- data/spec/models/metasploit/credential/origin/import_spec.rb +1 -1
- data/spec/models/metasploit/credential/origin/manual_spec.rb +1 -1
- data/spec/models/metasploit/credential/origin/service_spec.rb +3 -3
- data/spec/models/metasploit/credential/origin/session_spec.rb +2 -2
- data/spec/models/metasploit/credential/password_hash_spec.rb +1 -1
- data/spec/models/metasploit/credential/password_spec.rb +1 -1
- data/spec/models/metasploit/credential/postgres_md5_spec.rb +3 -3
- data/spec/models/metasploit/credential/private_spec.rb +6 -6
- data/spec/models/metasploit/credential/public_spec.rb +1 -1
- data/spec/models/metasploit/credential/realm_spec.rb +9 -9
- data/spec/models/metasploit/credential/replayable_hash_spec.rb +1 -1
- data/spec/models/metasploit/credential/ssh_key_spec.rb +9 -27
- data/spec/models/metasploit/credential/username_spec.rb +1 -1
- data/spec/models/metasploit_data_models/search/visitor/relation_spec.rb +30 -30
- data/spec/support/shared/contexts/metasploit/credential/exporter/export_objects.rb +18 -18
- data/spec/support/shared/examples/core_validations.rb +38 -38
- metadata +18 -4
- metadata.gz.sig +0 -0
@@ -85,7 +85,7 @@ RSpec.describe Metasploit::Credential::Exporter::Core do
|
|
85
85
|
end
|
86
86
|
|
87
87
|
describe "#line_for_login" do
|
88
|
-
let(:login){
|
88
|
+
let(:login){ FactoryBot.create(:metasploit_credential_login, core: core, service: service) }
|
89
89
|
let(:result_hash) { core_exporter.line_for_login(login) }
|
90
90
|
|
91
91
|
it 'should produce values in the proper order' do
|
@@ -402,8 +402,8 @@ RSpec.describe Metasploit::Credential::Exporter::Core do
|
|
402
402
|
end
|
403
403
|
|
404
404
|
describe "when there ARE SSH keys in the dataset" do
|
405
|
-
let(:private_with_key){
|
406
|
-
let!(:core_with_key){
|
405
|
+
let(:private_with_key){ FactoryBot.create(:metasploit_credential_ssh_key)}
|
406
|
+
let!(:core_with_key){ FactoryBot.create(:metasploit_credential_core,
|
407
407
|
origin: origin,
|
408
408
|
public: public1,
|
409
409
|
private: private_with_key,
|
@@ -3,9 +3,9 @@ RSpec.describe Metasploit::Credential::Exporter::Pwdump do
|
|
3
3
|
|
4
4
|
subject(:exporter){ Metasploit::Credential::Exporter::Pwdump.new}
|
5
5
|
|
6
|
-
let(:public) {
|
7
|
-
let(:core){
|
8
|
-
let(:login){
|
6
|
+
let(:public) { FactoryBot.create(:metasploit_credential_username)}
|
7
|
+
let(:core){ FactoryBot.create :metasploit_credential_core, public: public }
|
8
|
+
let(:login){ FactoryBot.create(:metasploit_credential_login, core: core) }
|
9
9
|
|
10
10
|
describe "formatting" do
|
11
11
|
describe "associated Mdm::Service objects" do
|
@@ -16,7 +16,7 @@ RSpec.describe Metasploit::Credential::Exporter::Pwdump do
|
|
16
16
|
end
|
17
17
|
|
18
18
|
describe "plaintext passwords" do
|
19
|
-
let(:private){
|
19
|
+
let(:private){ FactoryBot.build :metasploit_credential_password }
|
20
20
|
|
21
21
|
before(:example) do
|
22
22
|
core.private = private
|
@@ -38,7 +38,7 @@ RSpec.describe Metasploit::Credential::Exporter::Pwdump do
|
|
38
38
|
end
|
39
39
|
|
40
40
|
describe "non-replayable" do
|
41
|
-
let(:private){
|
41
|
+
let(:private){ FactoryBot.build :metasploit_credential_nonreplayable_hash }
|
42
42
|
|
43
43
|
before(:example) do
|
44
44
|
core.private = private
|
@@ -60,7 +60,7 @@ RSpec.describe Metasploit::Credential::Exporter::Pwdump do
|
|
60
60
|
end
|
61
61
|
|
62
62
|
describe "NTLM" do
|
63
|
-
let(:private){
|
63
|
+
let(:private){ FactoryBot.build :metasploit_credential_ntlm_hash }
|
64
64
|
|
65
65
|
before(:example) do
|
66
66
|
core.private = private
|
@@ -82,7 +82,7 @@ RSpec.describe Metasploit::Credential::Exporter::Pwdump do
|
|
82
82
|
end
|
83
83
|
|
84
84
|
describe "PostgresMD5" do
|
85
|
-
let(:private){
|
85
|
+
let(:private){ FactoryBot.build :metasploit_credential_postgres_md5 }
|
86
86
|
|
87
87
|
before(:example) do
|
88
88
|
core.private = private
|
@@ -107,7 +107,7 @@ RSpec.describe Metasploit::Credential::Exporter::Pwdump do
|
|
107
107
|
describe "SMB net hashes" do
|
108
108
|
describe "v1" do
|
109
109
|
describe "netlm" do
|
110
|
-
let(:private){
|
110
|
+
let(:private){ FactoryBot.build :metasploit_credential_nonreplayable_hash, jtr_type: 'netlm' }
|
111
111
|
|
112
112
|
before(:example) do
|
113
113
|
core.private = private
|
@@ -119,7 +119,7 @@ RSpec.describe Metasploit::Credential::Exporter::Pwdump do
|
|
119
119
|
end
|
120
120
|
|
121
121
|
describe "netntlm" do
|
122
|
-
let(:private){
|
122
|
+
let(:private){ FactoryBot.build :metasploit_credential_nonreplayable_hash, jtr_type: 'netntlm' }
|
123
123
|
|
124
124
|
before(:example) do
|
125
125
|
core.private = private
|
@@ -133,7 +133,7 @@ RSpec.describe Metasploit::Credential::Exporter::Pwdump do
|
|
133
133
|
|
134
134
|
describe "v2" do
|
135
135
|
describe "netlmv2" do
|
136
|
-
let(:private){
|
136
|
+
let(:private){ FactoryBot.build :metasploit_credential_non_replayable_hash, jtr_type: 'netlmv2' }
|
137
137
|
|
138
138
|
before(:example) do
|
139
139
|
core.private = private
|
@@ -145,7 +145,7 @@ RSpec.describe Metasploit::Credential::Exporter::Pwdump do
|
|
145
145
|
end
|
146
146
|
|
147
147
|
describe "netntlmv2" do
|
148
|
-
let(:private){
|
148
|
+
let(:private){ FactoryBot.build :metasploit_credential_non_replayable_hash, jtr_type: 'netntlmv2' }
|
149
149
|
|
150
150
|
before(:example) do
|
151
151
|
core.private = private
|
@@ -1,8 +1,8 @@
|
|
1
1
|
RSpec.describe Metasploit::Credential::Importer::Core do
|
2
2
|
|
3
|
-
let(:workspace){
|
3
|
+
let(:workspace){FactoryBot.create(:mdm_workspace)}
|
4
4
|
|
5
|
-
subject(:core_csv_importer){
|
5
|
+
subject(:core_csv_importer){FactoryBot.build(:metasploit_credential_core_importer, workspace:workspace)}
|
6
6
|
|
7
7
|
# CSV objects are IOs
|
8
8
|
after(:example) do
|
@@ -13,7 +13,7 @@ RSpec.describe Metasploit::Credential::Importer::Core do
|
|
13
13
|
describe "short-form imports" do
|
14
14
|
describe "with well-formed CSV data" do
|
15
15
|
before(:example) do
|
16
|
-
core_csv_importer.input =
|
16
|
+
core_csv_importer.input = FactoryBot.generate :short_well_formed_csv
|
17
17
|
core_csv_importer.private_credential_type = "Metasploit::Credential::Password"
|
18
18
|
end
|
19
19
|
|
@@ -26,7 +26,7 @@ RSpec.describe Metasploit::Credential::Importer::Core do
|
|
26
26
|
end
|
27
27
|
|
28
28
|
before(:example) do
|
29
|
-
core_csv_importer.input =
|
29
|
+
core_csv_importer.input = FactoryBot.generate :short_well_formed_csv
|
30
30
|
core_csv_importer.private_credential_type = "Metasploit::Credential::SSHKey"
|
31
31
|
end
|
32
32
|
|
@@ -44,7 +44,7 @@ RSpec.describe Metasploit::Credential::Importer::Core do
|
|
44
44
|
end
|
45
45
|
|
46
46
|
before(:example) do
|
47
|
-
core_csv_importer.input =
|
47
|
+
core_csv_importer.input = FactoryBot.generate :short_well_formed_csv_non_compliant_header
|
48
48
|
core_csv_importer.private_credential_type = "Metasploit::Credential::Password"
|
49
49
|
end
|
50
50
|
|
@@ -65,7 +65,7 @@ RSpec.describe Metasploit::Credential::Importer::Core do
|
|
65
65
|
|
66
66
|
describe "with data that includes a missing Public (username)" do
|
67
67
|
before(:example) do
|
68
|
-
core_csv_importer.input =
|
68
|
+
core_csv_importer.input = FactoryBot.generate :well_formed_csv_compliant_header_missing_public
|
69
69
|
end
|
70
70
|
|
71
71
|
it 'should create a new Metasploit::Credential::Username for each unique Public in the import' do
|
@@ -75,7 +75,7 @@ RSpec.describe Metasploit::Credential::Importer::Core do
|
|
75
75
|
|
76
76
|
describe "with data that includes a missing Private" do
|
77
77
|
before(:example) do
|
78
|
-
core_csv_importer.input =
|
78
|
+
core_csv_importer.input = FactoryBot.generate :well_formed_csv_compliant_header_missing_private
|
79
79
|
end
|
80
80
|
|
81
81
|
it 'should create a new Metasploit::Credential::Private for each unique Private in the import' do
|
@@ -98,11 +98,11 @@ RSpec.describe Metasploit::Credential::Importer::Core do
|
|
98
98
|
|
99
99
|
before(:example) do
|
100
100
|
core = Metasploit::Credential::Core.new
|
101
|
-
core.public =
|
102
|
-
core.private =
|
103
|
-
core.realm =
|
101
|
+
core.public = FactoryBot.create(:metasploit_credential_username, username: preexisting_cred_data[:username])
|
102
|
+
core.private = FactoryBot.create(:metasploit_credential_password, data: preexisting_cred_data[:private_data])
|
103
|
+
core.realm = FactoryBot.create(:metasploit_credential_realm, key: preexisting_cred_data[:realm_key],
|
104
104
|
value: preexisting_cred_data[:realm_value])
|
105
|
-
core.origin =
|
105
|
+
core.origin = FactoryBot.create(:metasploit_credential_origin_import)
|
106
106
|
core.workspace = workspace
|
107
107
|
core.save!
|
108
108
|
end
|
@@ -118,7 +118,7 @@ RSpec.describe Metasploit::Credential::Importer::Core do
|
|
118
118
|
end
|
119
119
|
|
120
120
|
before(:example) do
|
121
|
-
core_csv_importer.input =
|
121
|
+
core_csv_importer.input = FactoryBot.generate(:well_formed_csv_non_compliant_header)
|
122
122
|
end
|
123
123
|
|
124
124
|
it { is_expected.not_to be_valid }
|
@@ -135,7 +135,7 @@ RSpec.describe Metasploit::Credential::Importer::Core do
|
|
135
135
|
end
|
136
136
|
|
137
137
|
before(:example) do
|
138
|
-
core_csv_importer.input =
|
138
|
+
core_csv_importer.input = FactoryBot.generate(:malformed_csv)
|
139
139
|
end
|
140
140
|
|
141
141
|
it { is_expected.to be_invalid }
|
@@ -152,7 +152,7 @@ RSpec.describe Metasploit::Credential::Importer::Core do
|
|
152
152
|
end
|
153
153
|
|
154
154
|
before(:example) do
|
155
|
-
core_csv_importer.input =
|
155
|
+
core_csv_importer.input = FactoryBot.generate(:empty_core_csv)
|
156
156
|
end
|
157
157
|
|
158
158
|
it { is_expected.to be_invalid }
|
@@ -178,7 +178,7 @@ RSpec.describe Metasploit::Credential::Importer::Core do
|
|
178
178
|
describe "short-form imports" do
|
179
179
|
before(:example) do
|
180
180
|
core_csv_importer.private_credential_type = "Metasploit::Credential::Password"
|
181
|
-
core_csv_importer.input =
|
181
|
+
core_csv_importer.input = FactoryBot.generate :short_well_formed_csv
|
182
182
|
end
|
183
183
|
|
184
184
|
describe "when the data in the CSV is all new" do
|
@@ -204,9 +204,9 @@ RSpec.describe Metasploit::Credential::Importer::Core do
|
|
204
204
|
|
205
205
|
before(:example) do
|
206
206
|
core = Metasploit::Credential::Core.new
|
207
|
-
core.public =
|
208
|
-
core.private =
|
209
|
-
core.origin =
|
207
|
+
core.public = FactoryBot.create(:metasploit_credential_username, username: preexisting_cred_data[:username])
|
208
|
+
core.private = FactoryBot.create(:metasploit_credential_password, data: preexisting_cred_data[:private_data])
|
209
|
+
core.origin = FactoryBot.create(:metasploit_credential_origin_import)
|
210
210
|
core.workspace = workspace
|
211
211
|
core.save!
|
212
212
|
end
|
@@ -297,7 +297,7 @@ RSpec.describe Metasploit::Credential::Importer::Core do
|
|
297
297
|
|
298
298
|
context "when there are Logins in the input" do
|
299
299
|
before(:example) do
|
300
|
-
core_csv_importer.input =
|
300
|
+
core_csv_importer.input = FactoryBot.generate :well_formed_csv_compliant_header_with_service_info
|
301
301
|
end
|
302
302
|
|
303
303
|
it 'should create Logins' do
|
@@ -6,12 +6,12 @@ RSpec.describe Metasploit::Credential::Importer::Multi do
|
|
6
6
|
INVALID_CSV_FILE = 'malformed.csv'
|
7
7
|
VALID_CSV_FILE = 'well-formed.csv'
|
8
8
|
|
9
|
-
let(:import_origin){
|
10
|
-
let(:supported_file){
|
9
|
+
let(:import_origin){ FactoryBot.create :metasploit_credential_origin_import }
|
10
|
+
let(:supported_file){ FactoryBot.generate :metasploit_credential_importer_zip_file }
|
11
11
|
let(:unsupported_file){ File.open("#{Dir.tmpdir}/#{UNSUPPORTED_FILE}", 'wb') }
|
12
12
|
|
13
|
-
let(:invalid_csv){
|
14
|
-
let(:valid_csv){
|
13
|
+
let(:invalid_csv){ FactoryBot.generate(:malformed_csv)}
|
14
|
+
let(:valid_csv){ FactoryBot.generate(:well_formed_csv_compliant_header)}
|
15
15
|
|
16
16
|
let(:valid_csv_file) do
|
17
17
|
File.open("#{Dir.tmpdir}/#{VALID_CSV_FILE}", 'w') do |file|
|
@@ -1,10 +1,10 @@
|
|
1
1
|
RSpec.describe Metasploit::Credential::Importer::Pwdump do
|
2
2
|
|
3
3
|
|
4
|
-
let(:workspace) {
|
5
|
-
let(:origin) {
|
4
|
+
let(:workspace) {FactoryBot.create(:mdm_workspace)}
|
5
|
+
let(:origin) { FactoryBot.create(:metasploit_credential_origin_import) }
|
6
6
|
|
7
|
-
subject(:pwdump_importer){
|
7
|
+
subject(:pwdump_importer){ FactoryBot.build(:metasploit_credential_importer_pwdump,
|
8
8
|
workspace: workspace,
|
9
9
|
origin: origin)}
|
10
10
|
|
@@ -2,8 +2,8 @@ RSpec.describe Metasploit::Credential::Importer::Zip do
|
|
2
2
|
|
3
3
|
include_context 'metasploit_credential_importer_zip_file'
|
4
4
|
|
5
|
-
let(:workspace){
|
6
|
-
subject(:zip_importer){
|
5
|
+
let(:workspace){FactoryBot.create(:mdm_workspace)}
|
6
|
+
subject(:zip_importer){ FactoryBot.build :metasploit_credential_importer_zip, workspace: workspace }
|
7
7
|
|
8
8
|
describe "validations" do
|
9
9
|
DUMMY_ZIP_PATH = "/tmp/import-test-dummy.zip"
|
@@ -40,7 +40,7 @@ RSpec.describe Metasploit::Credential::Importer::Zip do
|
|
40
40
|
end
|
41
41
|
|
42
42
|
before(:example) do
|
43
|
-
zip_importer.input =
|
43
|
+
zip_importer.input = FactoryBot.generate :metasploit_credential_importer_zip_file_without_manifest
|
44
44
|
end
|
45
45
|
|
46
46
|
it { is_expected.not_to be_valid }
|
@@ -4,9 +4,9 @@ require 'tempfile'
|
|
4
4
|
RSpec.describe Metasploit::Credential::Migrator do
|
5
5
|
|
6
6
|
|
7
|
-
let(:workspace){
|
8
|
-
let(:host){
|
9
|
-
let(:service){
|
7
|
+
let(:workspace){ FactoryBot.create(:mdm_workspace) }
|
8
|
+
let(:host){ FactoryBot.create(:mdm_host, workspace: workspace)}
|
9
|
+
let(:service){ FactoryBot.create(:mdm_service, host: host)}
|
10
10
|
|
11
11
|
|
12
12
|
subject(:migrator){ Metasploit::Credential::Migrator.new(workspace) }
|
@@ -38,17 +38,17 @@ RSpec.describe Metasploit::Credential::Migrator do
|
|
38
38
|
|
39
39
|
describe "when there are Mdm::Cred objects present in the workspace" do
|
40
40
|
|
41
|
-
let(:host1){
|
42
|
-
let(:host2){
|
43
|
-
let(:host3){
|
41
|
+
let(:host1){ FactoryBot.create(:mdm_host, workspace: workspace)}
|
42
|
+
let(:host2){ FactoryBot.create(:mdm_host, workspace: workspace)}
|
43
|
+
let(:host3){ FactoryBot.create(:mdm_host, workspace: workspace)}
|
44
44
|
|
45
|
-
let(:service1){
|
46
|
-
let(:service2){
|
47
|
-
let(:service3){
|
45
|
+
let(:service1){ FactoryBot.create(:mdm_service, host: host1)}
|
46
|
+
let(:service2){ FactoryBot.create(:mdm_service, host: host2)}
|
47
|
+
let(:service3){ FactoryBot.create(:mdm_service, host: host3)}
|
48
48
|
|
49
|
-
let!(:cred1){
|
50
|
-
let!(:cred2){
|
51
|
-
let!(:cred3){
|
49
|
+
let!(:cred1){ FactoryBot.create(:mdm_cred, service: service1)}
|
50
|
+
let!(:cred2){ FactoryBot.create(:mdm_cred, service: service2)}
|
51
|
+
let!(:cred3){ FactoryBot.create(:mdm_cred, service: service3)}
|
52
52
|
|
53
53
|
it 'should migrate them into Metasploit::Credential::Core objects' do
|
54
54
|
expect{migrator.convert_creds_in_workspace(workspace)}.to change(Metasploit::Credential::Core, :count).from(0).to(3)
|
@@ -78,10 +78,10 @@ RSpec.describe Metasploit::Credential::Migrator do
|
|
78
78
|
describe "creating the proper kinds of Private objects" do
|
79
79
|
describe "when an Mdm::Cred is an SMB hash" do
|
80
80
|
let(:cred) do
|
81
|
-
|
81
|
+
FactoryBot.create(:mdm_cred,
|
82
82
|
service: service,
|
83
83
|
ptype: 'smb_hash',
|
84
|
-
pass:
|
84
|
+
pass: FactoryBot.build(:metasploit_credential_ntlm_hash, password_data: 'f00b4rawesomesauc3!').data
|
85
85
|
)
|
86
86
|
end
|
87
87
|
|
@@ -95,7 +95,7 @@ RSpec.describe Metasploit::Credential::Migrator do
|
|
95
95
|
end
|
96
96
|
|
97
97
|
describe "when an Mdm::Cred is an SSH key" do
|
98
|
-
let(:ssh_key_content){
|
98
|
+
let(:ssh_key_content){ FactoryBot.build(:metasploit_credential_ssh_key).data }
|
99
99
|
|
100
100
|
context "when Cred#pass points to a file system path" do
|
101
101
|
|
@@ -107,7 +107,7 @@ RSpec.describe Metasploit::Credential::Migrator do
|
|
107
107
|
end
|
108
108
|
|
109
109
|
let(:cred) do
|
110
|
-
|
110
|
+
FactoryBot.create(:mdm_cred,
|
111
111
|
service: service,
|
112
112
|
ptype: 'ssh_key',
|
113
113
|
pass: path_to_ssh_key
|
@@ -125,7 +125,7 @@ RSpec.describe Metasploit::Credential::Migrator do
|
|
125
125
|
|
126
126
|
context "when Cred#pass just straight up contains the private key" do
|
127
127
|
let(:cred) do
|
128
|
-
|
128
|
+
FactoryBot.create(:mdm_cred,
|
129
129
|
service: service,
|
130
130
|
ptype: 'ssh_key',
|
131
131
|
pass: ssh_key_content
|
@@ -143,7 +143,7 @@ RSpec.describe Metasploit::Credential::Migrator do
|
|
143
143
|
|
144
144
|
context "when Cred#pass is just total garbage" do
|
145
145
|
let(:cred) do
|
146
|
-
|
146
|
+
FactoryBot.create(:mdm_cred,
|
147
147
|
service: service,
|
148
148
|
ptype: 'ssh_key',
|
149
149
|
pass: '#YOLOSWAG'
|
@@ -163,10 +163,10 @@ RSpec.describe Metasploit::Credential::Migrator do
|
|
163
163
|
|
164
164
|
describe "when an Mdm::Cred is a password" do
|
165
165
|
let(:cred) do
|
166
|
-
|
166
|
+
FactoryBot.create(:mdm_cred,
|
167
167
|
service: service,
|
168
168
|
ptype: 'password',
|
169
|
-
pass:
|
169
|
+
pass: FactoryBot.build(:metasploit_credential_password, data: 'f00b4rawesomesauc3!').data
|
170
170
|
)
|
171
171
|
end
|
172
172
|
|
@@ -181,10 +181,10 @@ RSpec.describe Metasploit::Credential::Migrator do
|
|
181
181
|
|
182
182
|
describe "when an Mdm::Cred is another kind of hash" do
|
183
183
|
let(:cred) do
|
184
|
-
|
184
|
+
FactoryBot.create(:mdm_cred,
|
185
185
|
service: service,
|
186
186
|
ptype: 'salted_sha1_hash',
|
187
|
-
pass:
|
187
|
+
pass: FactoryBot.build(:metasploit_credential_nonreplayable_hash, password_data: 'f00b4rawesomesauc3!').data
|
188
188
|
)
|
189
189
|
end
|
190
190
|
|
@@ -115,7 +115,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
115
115
|
let(:query) { described_class.workspace_id(workspace_id) }
|
116
116
|
|
117
117
|
subject(:metasploit_credential_core) do
|
118
|
-
|
118
|
+
FactoryBot.create(:metasploit_credential_core)
|
119
119
|
end
|
120
120
|
|
121
121
|
context 'when given a valid workspace id' do
|
@@ -137,7 +137,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
137
137
|
|
138
138
|
context '.login_host_id' do
|
139
139
|
let(:query) { described_class.login_host_id(host_id) }
|
140
|
-
let(:login) {
|
140
|
+
let(:login) { FactoryBot.create(:metasploit_credential_login) }
|
141
141
|
subject(:metasploit_credential_core) { login.core }
|
142
142
|
|
143
143
|
context 'when given a valid host id' do
|
@@ -159,10 +159,10 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
159
159
|
|
160
160
|
context '.origin_service_host_id' do
|
161
161
|
let(:query) { described_class.origin_service_host_id(host_id) }
|
162
|
-
let(:workspace) {
|
162
|
+
let(:workspace) { FactoryBot.create(:mdm_workspace) }
|
163
163
|
|
164
164
|
subject(:metasploit_credential_core) do
|
165
|
-
|
165
|
+
FactoryBot.create(:metasploit_credential_core_service)
|
166
166
|
end
|
167
167
|
|
168
168
|
context 'when given a valid host id' do
|
@@ -186,7 +186,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
186
186
|
let(:query) { described_class.origin_session_host_id(host_id) }
|
187
187
|
|
188
188
|
subject(:metasploit_credential_core) do
|
189
|
-
|
189
|
+
FactoryBot.create(:metasploit_credential_core_session)
|
190
190
|
end
|
191
191
|
|
192
192
|
context 'when given a valid host id' do
|
@@ -211,17 +211,17 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
211
211
|
|
212
212
|
# Create a couple Cores that are related to the host via session
|
213
213
|
let(:metasploit_credential_core_sessions) do
|
214
|
-
|
214
|
+
FactoryBot.create_list(:metasploit_credential_core_session, 2)
|
215
215
|
end
|
216
216
|
|
217
217
|
# Create a couple Cores that are related to the host via service
|
218
218
|
let(:metasploit_credential_core_services) do
|
219
|
-
|
219
|
+
FactoryBot.create_list(:metasploit_credential_core_service, 2)
|
220
220
|
end
|
221
221
|
|
222
222
|
# Create an unrelated Core
|
223
223
|
let(:unrelated_metasploit_credential_core) do
|
224
|
-
|
224
|
+
FactoryBot.create(:metasploit_credential_core_service)
|
225
225
|
end
|
226
226
|
|
227
227
|
before do
|
@@ -286,7 +286,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
286
286
|
context 'factories' do
|
287
287
|
context 'metasploit_credential_core' do
|
288
288
|
subject(:metasploit_credential_core) do
|
289
|
-
|
289
|
+
FactoryBot.build(:metasploit_credential_core)
|
290
290
|
end
|
291
291
|
|
292
292
|
let(:origin) do
|
@@ -297,7 +297,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
297
297
|
|
298
298
|
context 'with origin_factory' do
|
299
299
|
subject(:metasploit_credential_core) do
|
300
|
-
|
300
|
+
FactoryBot.build(
|
301
301
|
:metasploit_credential_core,
|
302
302
|
origin_factory: origin_factory
|
303
303
|
)
|
@@ -377,7 +377,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
377
377
|
|
378
378
|
context 'metasploit_credential_core_import' do
|
379
379
|
subject(:metasploit_credential_core_import) do
|
380
|
-
|
380
|
+
FactoryBot.build(:metasploit_credential_core_import)
|
381
381
|
end
|
382
382
|
|
383
383
|
it { is_expected.to be_valid }
|
@@ -385,7 +385,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
385
385
|
|
386
386
|
context 'metasploit_credential_core_manual' do
|
387
387
|
subject(:metasploit_credential_core_manual) do
|
388
|
-
|
388
|
+
FactoryBot.build(:metasploit_credential_core_manual)
|
389
389
|
end
|
390
390
|
|
391
391
|
it { is_expected.to be_valid }
|
@@ -401,7 +401,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
401
401
|
|
402
402
|
context 'metasploit_credential_core_service' do
|
403
403
|
subject(:metasploit_credential_core_service) do
|
404
|
-
|
404
|
+
FactoryBot.build(:metasploit_credential_core_service)
|
405
405
|
end
|
406
406
|
|
407
407
|
it { is_expected.to be_valid }
|
@@ -424,7 +424,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
424
424
|
|
425
425
|
context 'metasploit_credential_core_session' do
|
426
426
|
subject(:metasploit_credential_core_session) do
|
427
|
-
|
427
|
+
FactoryBot.build(:metasploit_credential_core_session)
|
428
428
|
end
|
429
429
|
|
430
430
|
it { is_expected.to be_valid }
|
@@ -460,7 +460,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
460
460
|
#
|
461
461
|
|
462
462
|
let(:core) do
|
463
|
-
|
463
|
+
FactoryBot.build(
|
464
464
|
:metasploit_credential_core,
|
465
465
|
origin: origin,
|
466
466
|
workspace: workspace
|
@@ -468,7 +468,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
468
468
|
end
|
469
469
|
|
470
470
|
let(:workspace) do
|
471
|
-
|
471
|
+
FactoryBot.create(:mdm_workspace)
|
472
472
|
end
|
473
473
|
|
474
474
|
#
|
@@ -486,7 +486,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
486
486
|
end
|
487
487
|
|
488
488
|
let(:origin) do
|
489
|
-
|
489
|
+
FactoryBot.build(
|
490
490
|
:metasploit_credential_origin_manual,
|
491
491
|
user: user
|
492
492
|
)
|
@@ -494,7 +494,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
494
494
|
|
495
495
|
context 'with Metasploit::Credential::Origin::Manual#user' do
|
496
496
|
let(:user) do
|
497
|
-
|
497
|
+
FactoryBot.build(
|
498
498
|
:mdm_user,
|
499
499
|
admin: admin
|
500
500
|
)
|
@@ -556,7 +556,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
556
556
|
end
|
557
557
|
|
558
558
|
let(:origin) do
|
559
|
-
|
559
|
+
FactoryBot.build(
|
560
560
|
:metasploit_credential_origin_service,
|
561
561
|
service: service
|
562
562
|
)
|
@@ -564,7 +564,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
564
564
|
|
565
565
|
context 'with Metasploit::Credential::Origin::Service#service' do
|
566
566
|
let(:service) do
|
567
|
-
|
567
|
+
FactoryBot.build(
|
568
568
|
:mdm_service,
|
569
569
|
host: host
|
570
570
|
)
|
@@ -572,7 +572,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
572
572
|
|
573
573
|
context 'with Mdm::Service#host' do
|
574
574
|
let(:host) do
|
575
|
-
|
575
|
+
FactoryBot.build(
|
576
576
|
:mdm_host,
|
577
577
|
workspace: host_workspace
|
578
578
|
)
|
@@ -588,7 +588,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
588
588
|
|
589
589
|
context 'different than #workspace' do
|
590
590
|
let(:host_workspace) do
|
591
|
-
|
591
|
+
FactoryBot.create(:mdm_workspace)
|
592
592
|
end
|
593
593
|
|
594
594
|
it { is_expected.to include error }
|
@@ -619,7 +619,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
619
619
|
end
|
620
620
|
|
621
621
|
let(:origin) do
|
622
|
-
|
622
|
+
FactoryBot.build(
|
623
623
|
:metasploit_credential_origin_session,
|
624
624
|
session: session
|
625
625
|
)
|
@@ -627,7 +627,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
627
627
|
|
628
628
|
context 'with Metasploit::Credential::Origin::Session#session' do
|
629
629
|
let(:session) do
|
630
|
-
|
630
|
+
FactoryBot.build(
|
631
631
|
:mdm_session,
|
632
632
|
host: host
|
633
633
|
)
|
@@ -635,7 +635,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
635
635
|
|
636
636
|
context 'with Mdm::Session#host' do
|
637
637
|
let(:host) do
|
638
|
-
|
638
|
+
FactoryBot.build(
|
639
639
|
:mdm_host,
|
640
640
|
workspace: host_workspace
|
641
641
|
)
|
@@ -652,7 +652,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
652
652
|
|
653
653
|
context 'different than #workspace' do
|
654
654
|
let(:host_workspace) do
|
655
|
-
|
655
|
+
FactoryBot.create(:mdm_workspace)
|
656
656
|
end
|
657
657
|
|
658
658
|
it { is_expected.to include error }
|
@@ -698,7 +698,7 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
698
698
|
#
|
699
699
|
|
700
700
|
let(:core) do
|
701
|
-
|
701
|
+
FactoryBot.build(
|
702
702
|
:metasploit_credential_core,
|
703
703
|
private: private,
|
704
704
|
public: public,
|
@@ -720,25 +720,25 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
720
720
|
|
721
721
|
context 'with #private' do
|
722
722
|
let(:private) do
|
723
|
-
|
723
|
+
FactoryBot.build(private_factory)
|
724
724
|
end
|
725
725
|
|
726
726
|
let(:private_factory) do
|
727
|
-
|
727
|
+
FactoryBot.generate :metasploit_credential_core_private_factory
|
728
728
|
end
|
729
729
|
|
730
730
|
context 'with #public' do
|
731
731
|
let(:public) do
|
732
|
-
|
732
|
+
FactoryBot.build(:metasploit_credential_public)
|
733
733
|
end
|
734
734
|
|
735
735
|
context 'with #realm' do
|
736
736
|
let(:realm) do
|
737
|
-
|
737
|
+
FactoryBot.build(realm_factory)
|
738
738
|
end
|
739
739
|
|
740
740
|
let(:realm_factory) do
|
741
|
-
|
741
|
+
FactoryBot.generate :metasploit_credential_core_realm_factory
|
742
742
|
end
|
743
743
|
|
744
744
|
it { is_expected.not_to include(error) }
|
@@ -760,11 +760,11 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
760
760
|
|
761
761
|
context 'with #realm' do
|
762
762
|
let(:realm) do
|
763
|
-
|
763
|
+
FactoryBot.build(realm_factory)
|
764
764
|
end
|
765
765
|
|
766
766
|
let(:realm_factory) do
|
767
|
-
|
767
|
+
FactoryBot.generate :metasploit_credential_core_realm_factory
|
768
768
|
end
|
769
769
|
|
770
770
|
it { is_expected.not_to include(error) }
|
@@ -787,16 +787,16 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
787
787
|
|
788
788
|
context 'with #public' do
|
789
789
|
let(:public) do
|
790
|
-
|
790
|
+
FactoryBot.build(:metasploit_credential_public)
|
791
791
|
end
|
792
792
|
|
793
793
|
context 'with #realm' do
|
794
794
|
let(:realm) do
|
795
|
-
|
795
|
+
FactoryBot.build(realm_factory)
|
796
796
|
end
|
797
797
|
|
798
798
|
let(:realm_factory) do
|
799
|
-
|
799
|
+
FactoryBot.generate :metasploit_credential_core_realm_factory
|
800
800
|
end
|
801
801
|
|
802
802
|
it { is_expected.not_to include(error) }
|
@@ -818,11 +818,11 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
818
818
|
|
819
819
|
context 'with #realm' do
|
820
820
|
let(:realm) do
|
821
|
-
|
821
|
+
FactoryBot.build(realm_factory)
|
822
822
|
end
|
823
823
|
|
824
824
|
let(:realm_factory) do
|
825
|
-
|
825
|
+
FactoryBot.generate :metasploit_credential_core_realm_factory
|
826
826
|
end
|
827
827
|
|
828
828
|
it { is_expected.not_to include(error) }
|
@@ -838,10 +838,10 @@ RSpec.describe Metasploit::Credential::Core, type: :model do
|
|
838
838
|
end
|
839
839
|
|
840
840
|
subject(:core) do
|
841
|
-
|
841
|
+
FactoryBot.build(
|
842
842
|
:metasploit_credential_core,
|
843
|
-
private:
|
844
|
-
public:
|
843
|
+
private: FactoryBot.build(:metasploit_credential_ssh_key),
|
844
|
+
public: FactoryBot.build(:metasploit_credential_public)
|
845
845
|
)
|
846
846
|
end
|
847
847
|
|