metasploit-runner 0.0.2 → 0.0.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +5 -0
  3. data/lib/MetasploitPenTestScript/version.rb +1 -1
  4. data/lib/metasploit/constants.rb +3 -2
  5. data/lib/metasploit/exploit.rb +6 -2
  6. data/spec/exploit_spec.rb +21 -11
  7. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 993f0fd305f9c4237449fd4da5d305e13ed4f7eb
4
- data.tar.gz: 17d5ad62828b67045402d81f779de24addd65d45
3
+ metadata.gz: 2ff96df61da304a50fe9261a61ed81b275115bad
4
+ data.tar.gz: b17212e78aa95a8c9577f1928bdbab36975bd410
5
5
  SHA512:
6
- metadata.gz: 594805a578c9a446f1afe68f39ca830cdbecfa6ee88e195f80a5175efcd4fe747a2d2c94b25862357607609b581b94ab7c71c653dd293fc73e7447b78a398a57
7
- data.tar.gz: 59735fe882b949673c733f84a8890e46618b947b2257d05acc10b7994e90c6cbe6ba0f4df3dfa9907112c2d53222ade2ecd7c29a2f28523eab98e3ff63fb0af4
6
+ metadata.gz: 855b16bed365745386841cdc0fae3cc61f5a80a115c74bc1cf613e8561842c97a7d2ea7d3f0fc3de9d2b1723449ef3f41a2892f4cc271af7fce6de12091442b6
7
+ data.tar.gz: 639a94bbe7a5b88808c420a21fae786f52a62a15dfeee2d4f47158aa9c239788017fada5941eb7b9c8bc0bc0cedb13bb6f008527990d289cc059c0d9d0cfcd2e
data/.travis.yml ADDED
@@ -0,0 +1,5 @@
1
+ language: ruby
2
+ rvm:
3
+ - "2.1.2"
4
+ # uncomment this line if your project needs to run something other than `rake`:
5
+ # script: bundle exec rspec spec
data/lib/MetasploitPenTestScript/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module MetasploitPenTestScript
2
- VERSION = "0.0.2"
2
+ VERSION = "0.0.3"
3
3
  end
data/lib/metasploit/constants.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  module CONSTANTS
2
2
  DEFAULT_PORT = '3790'
3
3
  DEFAULT_URI = '/api/1.0'
4
- DEFAULT_SSL= true
4
+ DEFAULT_SSL = true
5
5
  RUNNING_IMPORT_STATUS = 'running'
6
6
  REQUIRED_TOKEN_MESSAGE = 'PWNED! Token is required'
7
7
  REQUIRED_CONNECTION_URL_MESSAGE = 'PWNED! Connection URL is required'
@@ -12,6 +12,7 @@ module CONSTANTS
12
12
  USING_DEFAULT_SSL_MESSAGE = '[*] Using SSL=TRUE'
13
13
  IMPORTING_DATA_MESSAGE = '[*] Importing...'
14
14
  SCANNING_MESSAGE = '[*] Scanning all your things...'
15
- REQUIRED_WORKSPACE_MESSAGE= 'PWNED! Workspace Name is required'
15
+ REQUIRED_WORKSPACE_MESSAGE = 'PWNED! Workspace Name is required'
16
+ SKIPPING_IMPORT_MESSAGE = '[*] Nexpose Console option was not passed, skipping Nexpose Import'
16
17
 
17
18
  end
data/lib/metasploit/exploit.rb CHANGED
@@ -26,9 +26,13 @@ module Metasploit
26
26
  end
27
27
 
28
28
  def self.do_nexpose_import(rpc_client, run_details)
29
- import = rpc_client.call('pro.start_import', {'workspace' => run_details.workspace_name, 'DS_NEXPOSE_CONSOLE' => run_details.nexpose_console_name, 'DS_NEXPOSE_SITE' => run_details.workspace_name})
30
29
 
31
- wait_for_task_to_stop_running(rpc_client, CONSTANTS::IMPORTING_DATA_MESSAGE, import['task_id'])
30
+ if run_details.nexpose_console_name.nil? || run_details.nexpose_console_name.empty?
31
+ puts CONSTANTS::SKIPPING_IMPORT_MESSAGE
32
+ else
33
+ import = rpc_client.call('pro.start_import', {'workspace' => run_details.workspace_name, 'DS_NEXPOSE_CONSOLE' => run_details.nexpose_console_name, 'DS_NEXPOSE_SITE' => run_details.workspace_name})
34
+ wait_for_task_to_stop_running(rpc_client, CONSTANTS::IMPORTING_DATA_MESSAGE, import['task_id'])
35
+ end
32
36
  end
33
37
 
34
38
  def self.create_workspace(rpc_client, workspace_name)
data/spec/exploit_spec.rb CHANGED
@@ -29,22 +29,22 @@ describe 'exploit' do
29
29
  .with(expected_options)
30
30
  .and_return(@mock_rpc_client)
31
31
 
32
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan)
32
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
33
33
  end
34
34
 
35
35
  it 'should throw an error if no token is passed' do
36
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, '', @expected_workspace_name, '', @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Token is required')
37
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, nil, @expected_workspace_name, '', @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Token is required')
36
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, '', @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Token is required')
37
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, nil, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Token is required')
38
38
  end
39
39
 
40
40
  it 'should throw an error if no connection url is passed' do
41
- expect { Metasploit::Exploit.start('', @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
42
- expect { Metasploit::Exploit.start(nil, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
41
+ expect { Metasploit::Exploit.start('', @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
42
+ expect { Metasploit::Exploit.start(nil, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
43
43
  end
44
44
 
45
45
  it 'should throw an error if no ip address is passed' do
46
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', '') }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
47
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', nil) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
46
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, '') }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
47
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, nil) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
48
48
  end
49
49
 
50
50
  it 'should use 3790 as default if port is empty string' do
@@ -54,7 +54,7 @@ describe 'exploit' do
54
54
  .with(expected_options)
55
55
  .and_return(@mock_rpc_client)
56
56
 
57
- Metasploit::Exploit.start(@expected_connection, '', @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan)
57
+ Metasploit::Exploit.start(@expected_connection, '', @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
58
58
  end
59
59
  end
60
60
 
@@ -63,16 +63,26 @@ describe 'exploit' do
63
63
  expect(@mock_rpc_client).to receive(:call)
64
64
  .with('pro.workspace_add', {'name' => @expected_workspace_name})
65
65
 
66
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan)
66
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
67
67
  end
68
68
 
69
69
  it 'should throw an error if workspace name is invalid' do
70
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, '', '', @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
71
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, nil, '', @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
70
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, '', @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
71
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, nil, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
72
+ end
73
+ end
74
+
75
+ describe 'should skip nexpose import' do
76
+ it 'should skip the import if nexpose_console variable is empty or nil' do
77
+ expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
78
+ expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
79
+ expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan)}.to_not output(/\[\*\] Importing.../).to_stdout
80
+ expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan)}.to_not output(/\[\*\] Importing...'/).to_stdout
72
81
  end
73
82
  end
74
83
 
75
84
  describe 'start import from nexpose' do
85
+
76
86
  it 'should start a import' do
77
87
  expect(@mock_rpc_client).to receive(:call)
78
88
  .with('pro.start_import', {'workspace' => @expected_workspace_name,
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: metasploit-runner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.2
4
+ version: 0.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nathan Gibson
@@ -76,6 +76,7 @@ extra_rdoc_files: []
76
76
  files:
77
77
  - ".gitignore"
78
78
  - ".rspec"
79
+ - ".travis.yml"
79
80
  - Gemfile
80
81
  - LICENSE.txt
81
82
  - MetasploitPenTestScript.gemspec