metasploit-runner 0.0.2 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +5 -0
- data/lib/MetasploitPenTestScript/version.rb +1 -1
- data/lib/metasploit/constants.rb +3 -2
- data/lib/metasploit/exploit.rb +6 -2
- data/spec/exploit_spec.rb +21 -11
- metadata +2 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2ff96df61da304a50fe9261a61ed81b275115bad
|
4
|
+
data.tar.gz: b17212e78aa95a8c9577f1928bdbab36975bd410
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 855b16bed365745386841cdc0fae3cc61f5a80a115c74bc1cf613e8561842c97a7d2ea7d3f0fc3de9d2b1723449ef3f41a2892f4cc271af7fce6de12091442b6
|
7
|
+
data.tar.gz: 639a94bbe7a5b88808c420a21fae786f52a62a15dfeee2d4f47158aa9c239788017fada5941eb7b9c8bc0bc0cedb13bb6f008527990d289cc059c0d9d0cfcd2e
|
data/.travis.yml
ADDED
data/lib/metasploit/constants.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
module CONSTANTS
|
2
2
|
DEFAULT_PORT = '3790'
|
3
3
|
DEFAULT_URI = '/api/1.0'
|
4
|
-
DEFAULT_SSL= true
|
4
|
+
DEFAULT_SSL = true
|
5
5
|
RUNNING_IMPORT_STATUS = 'running'
|
6
6
|
REQUIRED_TOKEN_MESSAGE = 'PWNED! Token is required'
|
7
7
|
REQUIRED_CONNECTION_URL_MESSAGE = 'PWNED! Connection URL is required'
|
@@ -12,6 +12,7 @@ module CONSTANTS
|
|
12
12
|
USING_DEFAULT_SSL_MESSAGE = '[*] Using SSL=TRUE'
|
13
13
|
IMPORTING_DATA_MESSAGE = '[*] Importing...'
|
14
14
|
SCANNING_MESSAGE = '[*] Scanning all your things...'
|
15
|
-
REQUIRED_WORKSPACE_MESSAGE= 'PWNED! Workspace Name is required'
|
15
|
+
REQUIRED_WORKSPACE_MESSAGE = 'PWNED! Workspace Name is required'
|
16
|
+
SKIPPING_IMPORT_MESSAGE = '[*] Nexpose Console option was not passed, skipping Nexpose Import'
|
16
17
|
|
17
18
|
end
|
data/lib/metasploit/exploit.rb
CHANGED
@@ -26,9 +26,13 @@ module Metasploit
|
|
26
26
|
end
|
27
27
|
|
28
28
|
def self.do_nexpose_import(rpc_client, run_details)
|
29
|
-
import = rpc_client.call('pro.start_import', {'workspace' => run_details.workspace_name, 'DS_NEXPOSE_CONSOLE' => run_details.nexpose_console_name, 'DS_NEXPOSE_SITE' => run_details.workspace_name})
|
30
29
|
|
31
|
-
|
30
|
+
if run_details.nexpose_console_name.nil? || run_details.nexpose_console_name.empty?
|
31
|
+
puts CONSTANTS::SKIPPING_IMPORT_MESSAGE
|
32
|
+
else
|
33
|
+
import = rpc_client.call('pro.start_import', {'workspace' => run_details.workspace_name, 'DS_NEXPOSE_CONSOLE' => run_details.nexpose_console_name, 'DS_NEXPOSE_SITE' => run_details.workspace_name})
|
34
|
+
wait_for_task_to_stop_running(rpc_client, CONSTANTS::IMPORTING_DATA_MESSAGE, import['task_id'])
|
35
|
+
end
|
32
36
|
end
|
33
37
|
|
34
38
|
def self.create_workspace(rpc_client, workspace_name)
|
data/spec/exploit_spec.rb
CHANGED
@@ -29,22 +29,22 @@ describe 'exploit' do
|
|
29
29
|
.with(expected_options)
|
30
30
|
.and_return(@mock_rpc_client)
|
31
31
|
|
32
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name,
|
32
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
|
33
33
|
end
|
34
34
|
|
35
35
|
it 'should throw an error if no token is passed' do
|
36
|
-
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, '', @expected_workspace_name,
|
37
|
-
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, nil, @expected_workspace_name,
|
36
|
+
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, '', @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Token is required')
|
37
|
+
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, nil, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Token is required')
|
38
38
|
end
|
39
39
|
|
40
40
|
it 'should throw an error if no connection url is passed' do
|
41
|
-
expect { Metasploit::Exploit.start('', @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name,
|
42
|
-
expect { Metasploit::Exploit.start(nil, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name,
|
41
|
+
expect { Metasploit::Exploit.start('', @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
|
42
|
+
expect { Metasploit::Exploit.start(nil, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
|
43
43
|
end
|
44
44
|
|
45
45
|
it 'should throw an error if no ip address is passed' do
|
46
|
-
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name,
|
47
|
-
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name,
|
46
|
+
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, '') }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
|
47
|
+
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, nil) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
|
48
48
|
end
|
49
49
|
|
50
50
|
it 'should use 3790 as default if port is empty string' do
|
@@ -54,7 +54,7 @@ describe 'exploit' do
|
|
54
54
|
.with(expected_options)
|
55
55
|
.and_return(@mock_rpc_client)
|
56
56
|
|
57
|
-
Metasploit::Exploit.start(@expected_connection, '', @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name,
|
57
|
+
Metasploit::Exploit.start(@expected_connection, '', @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
|
58
58
|
end
|
59
59
|
end
|
60
60
|
|
@@ -63,16 +63,26 @@ describe 'exploit' do
|
|
63
63
|
expect(@mock_rpc_client).to receive(:call)
|
64
64
|
.with('pro.workspace_add', {'name' => @expected_workspace_name})
|
65
65
|
|
66
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name,
|
66
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
|
67
67
|
end
|
68
68
|
|
69
69
|
it 'should throw an error if workspace name is invalid' do
|
70
|
-
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, '',
|
71
|
-
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, nil,
|
70
|
+
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, '', @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
|
71
|
+
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, nil, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
describe 'should skip nexpose import' do
|
76
|
+
it 'should skip the import if nexpose_console variable is empty or nil' do
|
77
|
+
expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
|
78
|
+
expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
|
79
|
+
expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan)}.to_not output(/\[\*\] Importing.../).to_stdout
|
80
|
+
expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan)}.to_not output(/\[\*\] Importing...'/).to_stdout
|
72
81
|
end
|
73
82
|
end
|
74
83
|
|
75
84
|
describe 'start import from nexpose' do
|
85
|
+
|
76
86
|
it 'should start a import' do
|
77
87
|
expect(@mock_rpc_client).to receive(:call)
|
78
88
|
.with('pro.start_import', {'workspace' => @expected_workspace_name,
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: metasploit-runner
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nathan Gibson
|
@@ -76,6 +76,7 @@ extra_rdoc_files: []
|
|
76
76
|
files:
|
77
77
|
- ".gitignore"
|
78
78
|
- ".rspec"
|
79
|
+
- ".travis.yml"
|
79
80
|
- Gemfile
|
80
81
|
- LICENSE.txt
|
81
82
|
- MetasploitPenTestScript.gemspec
|