RubyGems - metasploit-runner - Versions diffs - 0.1.0 → 0.1.1 - Mend

metasploit-runner 0.1.0 → 0.1.1

Files changed (9) hide show

checksums.yaml +4 -4
data/.travis.yml +2 -0
data/lib/MetasploitPenTestScript/version.rb +1 -1
data/lib/metasploit/constants.rb +1 -1
data/lib/metasploit/exploit.rb +12 -14
data/lib/metasploit/exploit_run_description.rb +20 -15
data/spec/exploit_run_description_spec.rb +1 -1
data/spec/exploit_spec.rb +56 -10
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 584745bd2ae32c8d7d71c35a305fd617e6d6a595
-  data.tar.gz: a61fc9ba558f10c5374423f9bc4f0c4108bf568f
+  metadata.gz: fb7b6b62a5e127e5a84acc2e2b558919aa22e67c
+  data.tar.gz: 6acd00b0c82e833ac3a5fe1649d5f23e66c4fe26
 SHA512:
-  metadata.gz: b52f8aab7f3b39aa716925d6f4d365100ae226df50cac7912d76b903acb3e459bda54a828d3486353b2a5e415b5091f7ba499cfa579aa47b518296f547df492d
-  data.tar.gz: d9406aee5d39984dbdc5b300b499e88664947b9d55df884b7c02afbb837870622a3942f0b6579f5f7aae63f247d1bcf72a3b54fcc71e8dd00da67f9b6deb5fb9
+  metadata.gz: 559b8ed2e5a55f2ecdbfe9fbed0f86962205c69badc98e86bbfbc7042f388fceed5037464ff0d52b0e82f7bcd04049f0e47de7b7345bf9f19a99d950371beee6
+  data.tar.gz: 4d0ffb3a6b65c0ae1bf2569094e5993787c632e8d5b299e2ce660dbcb7b7fc7fdc23a4ece5a971da28758ffecf68ff32375b4b517e9cae58df297302849fb987

data/.travis.yml CHANGED Viewed

@@ -9,3 +9,5 @@ deploy:
   on:
     tags: true
     repo: amngibson/metasploit-runner
+  branches:
+    only: master

data/lib/MetasploitPenTestScript/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module MetasploitPenTestScript
-  VERSION = "0.1.0"
+  VERSION = "0.1.1"
 end

data/lib/metasploit/constants.rb CHANGED Viewed

@@ -19,5 +19,5 @@ module CONSTANTS
   REQUIRED_WORKSPACE_MESSAGE = 'PWNED! Workspace Name is required'
   SKIPPING_IMPORT_MESSAGE = '[*] Nexpose Console option was not passed, skipping Nexpose Import'
   USING_OS_FILTER_MESSAGE = '[*] The OS Filter is set to TRUE so we are limiting the modules to just the ones applicable to this Operating System'
+  NO_OS_FILTER = '[*] We did not receive an option for the OS Filter or you set it to FALSE, either way we are backing the truck up and using all modules'
 end

data/lib/metasploit/exploit.rb CHANGED Viewed

@@ -50,26 +50,24 @@ module Metasploit
     end
     def self.do_metasploit_audit(rpc_client, run_details)
-      audit = rpc_client.call('pro.start_webaudit', {
-          'workspace' => run_details.workspace_name,
-          'DS_URLS' => run_details.device_ip_to_scan,
-          'DS_MAX_REQUESTS' => run_details.audit_max_requests,
-          'DS_MAX_MINUTES' => run_details.audit_max_minutes,
-          'DS_MAX_THREADS' => run_details.audit_max_threads,
-          'DS_MAX_INSTANCES' => run_details.audit_max_instances
-      })
+      audit = rpc_client.call('pro.start_webaudit', run_details.get_audit_options)
       wait_for_task_to_stop_running(rpc_client, CONSTANTS::AUDIT_MESSAGE, audit['task_id'])
     end
     def self.do_metasploit_exploit(rpc_client, run_details)
-      options = {
-        'workspace' => run_details.workspace_name,
-        'DS_FilterByOS' => run_details.use_os_filter
-      }
-      puts CONSTANTS::USING_OS_FILTER_MESSAGE if run_details.use_os_filter != CONSTANTS::DEFAULT_OS_FILTER
-      sploit = rpc_client.call('pro.start_exploit', options)
+      if run_details.use_os_filter == true
+        puts CONSTANTS::USING_OS_FILTER_MESSAGE
+      else
+        puts CONSTANTS::NO_OS_FILTER
+      end
+      sploit = rpc_client.call('pro.start_exploit', run_details.get_exploit_options)
       wait_for_task_to_stop_running(rpc_client, CONSTANTS::EXPLOIT_MESSAGE, sploit['task_id'])
     end

data/lib/metasploit/exploit_run_description.rb CHANGED Viewed

@@ -37,20 +37,25 @@ class ExploitRunDescription
     @@device_ip_to_scan_value = value
   end
-  def audit_max_requests
-    1000
-  end
-  def audit_max_minutes
-    3
-  end
-  def audit_max_threads
-    5
-  end
-  def audit_max_instances
-    3
+  def get_audit_options
+    { "workspace" => self.workspace_name,
+      "DS_URLS" => self.device_ip_to_scan,
+      "DS_MAX_REQUESTS" => 1000,
+      "DS_MAX_MINUTES" => 3,
+      "DS_MAX_THREADS" => 5,
+      "DS_MAX_INSTANCES" => 3}
+  end
+  def get_exploit_options
+    { "workspace" => self.workspace_name,
+      "DS_WHITELIST_HOSTS" => @@device_ip_to_scan_value,
+      "DS_MinimumRank" => "great",
+      "DS_EXPLOIT_SPEED" => 5,
+      "DS_EXPLOIT_TIMEOUT" => 2,
+      "DS_LimitSessions" => true,
+      "DS_MATCH_VULNS" => true,
+      "DS_MATCH_PORTS" => true,
+      "DS_FilterByOS" => self.use_os_filter}
   end
   def device_ip_to_scan
@@ -86,7 +91,7 @@ class ExploitRunDescription
   end
   def use_os_filter
-    (@@use_os_filter_value != true) ? false : true
+    (@@use_os_filter_value == false) ? false : true
   end

data/spec/exploit_run_description_spec.rb CHANGED Viewed

@@ -8,7 +8,7 @@ describe 'exploit_run_description' do
       @expected_port = '3791'
       @expected_uri = '/api/1.1'
       @expected_ssl = false
-      @expected_os_filter = false
+      @expected_os_filter = true
       @expected_workspace_name = 'workspacename'
       @expected_nexpose_console_name = 'nexpose_console_name'
       @expected_webscan_task_id = '12'

data/spec/exploit_spec.rb CHANGED Viewed

@@ -13,6 +13,7 @@ describe 'exploit' do
       @expected_uri = '/api/1.1'
       @expected_ssl = false
       @expected_use_os_filter = true
+      @expected_no_os_filter = false
       @expected_workspace_name = 'workspacename'
       @expected_nexpose_console_name = 'nexpose_console_name'
       @expected_webscan_task_id = '12'
@@ -23,6 +24,12 @@ describe 'exploit' do
       @expected_audit_max_minutes = 3
       @expected_audit_max_threads = 5
       @expected_audit_max_instances = 3
+      @expected_minimum_rank = 'great'
+      @expected_exploit_speed = 5
+      @expected_exploit_timeout = 2
+      @expected_session_limit = true
+      @expected_match_vulns = true
+      @expected_match_ports = true
       @mock_rpc_client = get_mock_rpc_client
       @mock_device_ip_to_scan = '127.0.0.1'
       @mock_device_url_to_scan = "http://#{@mock_device_ip_to_scan}"
@@ -232,12 +239,12 @@ describe 'exploit' do
           expect(@mock_rpc_client).to receive(:call)
                                       .with('pro.start_webaudit', {
-                                                                    'workspace' => @expected_workspace_name,
-                                                                    'DS_URLS' => @mock_device_url_to_scan,
-                                                                    'DS_MAX_REQUESTS' => @expected_audit_max_requests,
-                                                                    'DS_MAX_MINUTES' => @expected_audit_max_minutes,
-                                                                    'DS_MAX_THREADS' => @expected_audit_max_threads,
-                                                                    'DS_MAX_INSTANCES' => @expected_audit_max_instances
+                                                                    "workspace" => @expected_workspace_name,
+                                                                    "DS_URLS" => @mock_device_url_to_scan,
+                                                                    "DS_MAX_REQUESTS" => @expected_audit_max_requests,
+                                                                    "DS_MAX_MINUTES" => @expected_audit_max_minutes,
+                                                                    "DS_MAX_THREADS" => @expected_audit_max_threads,
+                                                                    "DS_MAX_INSTANCES" => @expected_audit_max_instances
                                                                   })
                                       .and_return({'task_id' => @expected_audit_task_id})
         end
@@ -289,23 +296,62 @@ describe 'exploit' do
       it 'should kick off an exploit' do
         expect(@mock_rpc_client).to receive(:call)
-                                    .with('pro.start_exploit', {'workspace' => @expected_workspace_name, 'DS_FilterByOS' => @expected_use_os_filter})
+                                    .with('pro.start_exploit', {"workspace" => @expected_workspace_name,
+                                                                "DS_WHITELIST_HOSTS" => @mock_device_ip_to_scan,
+                                                                "DS_MinimumRank" => @expected_minimum_rank,
+                                                                "DS_EXPLOIT_SPEED" => @expected_exploit_speed,
+                                                                "DS_EXPLOIT_TIMEOUT" => @expected_exploit_timeout,
+                                                                "DS_LimitSessions" => @expected_session_limit,
+                                                                "DS_MATCH_VULNS" => @expected_match_vulns,
+                                                                "DS_MATCH_PORTS" => @expected_match_ports,
+                                                                "DS_FilterByOS" =>  @expected_use_os_filter})
         Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
       end
       it 'should use a operating system filter if its set to true' do
         expect(@mock_rpc_client).to receive(:call)
-                                    .with('pro.start_exploit', {'workspace' => @expected_workspace_name, 'DS_FilterByOS' => @expected_use_os_filter})
+                                    .with('pro.start_exploit', {"workspace" => @expected_workspace_name,
+                                                                "DS_WHITELIST_HOSTS" => @mock_device_ip_to_scan,
+                                                                "DS_MinimumRank" => @expected_minimum_rank,
+                                                                "DS_EXPLOIT_SPEED" => @expected_exploit_speed,
+                                                                "DS_EXPLOIT_TIMEOUT" => @expected_exploit_timeout,
+                                                                "DS_LimitSessions" => @expected_session_limit,
+                                                                "DS_MATCH_VULNS" => @expected_match_vulns,
+                                                                "DS_MATCH_PORTS" => @expected_match_ports,
+                                                                "DS_FilterByOS" =>  true})
+        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, true)
+      end
-        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
+      it 'should not use a operating system filter if its set to false' do
+        expect(@mock_rpc_client).to receive(:call)
+                                    .with('pro.start_exploit', {"workspace" => @expected_workspace_name,
+                                                                "DS_WHITELIST_HOSTS" => @mock_device_ip_to_scan,
+                                                                "DS_MinimumRank" => @expected_minimum_rank,
+                                                                "DS_EXPLOIT_SPEED" => @expected_exploit_speed,
+                                                                "DS_EXPLOIT_TIMEOUT" => @expected_exploit_timeout,
+                                                                "DS_LimitSessions" => @expected_session_limit,
+                                                                "DS_MATCH_VULNS" => @expected_match_vulns,
+                                                                "DS_MATCH_PORTS" => @expected_match_ports,
+                                                                "DS_FilterByOS" =>  false})
+        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, false)
       end
       describe 'wait for exploit to be over' do
         before(:each) do
           expect(@mock_rpc_client).to receive(:call)
-                                      .with('pro.start_exploit', {'workspace' => @expected_workspace_name, 'DS_FilterByOS' => @expected_use_os_filter})
+                                      .with('pro.start_exploit', {"workspace" => @expected_workspace_name,
+                                                                  "DS_WHITELIST_HOSTS" => @mock_device_ip_to_scan,
+                                                                  "DS_MinimumRank" => @expected_minimum_rank,
+                                                                  "DS_EXPLOIT_SPEED" => @expected_exploit_speed,
+                                                                  "DS_EXPLOIT_TIMEOUT" => @expected_exploit_timeout,
+                                                                  "DS_LimitSessions" => @expected_session_limit,
+                                                                  "DS_MATCH_VULNS" => @expected_match_vulns,
+                                                                  "DS_MATCH_PORTS" => @expected_match_ports,
+                                                                  "DS_FilterByOS" =>  @expected_use_os_filter})
                                       .and_return({'task_id' => @expected_exploit_task_id})
         end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: metasploit-runner
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Nathan Gibson