metasploit-runner 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +5 -0
  3. data/lib/MetasploitPenTestScript/version.rb +1 -1
  4. data/lib/metasploit/constants.rb +3 -2
  5. data/lib/metasploit/exploit.rb +6 -2
  6. data/spec/exploit_spec.rb +21 -11
  7. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 993f0fd305f9c4237449fd4da5d305e13ed4f7eb
4
- data.tar.gz: 17d5ad62828b67045402d81f779de24addd65d45
3
+ metadata.gz: 2ff96df61da304a50fe9261a61ed81b275115bad
4
+ data.tar.gz: b17212e78aa95a8c9577f1928bdbab36975bd410
5
5
  SHA512:
6
- metadata.gz: 594805a578c9a446f1afe68f39ca830cdbecfa6ee88e195f80a5175efcd4fe747a2d2c94b25862357607609b581b94ab7c71c653dd293fc73e7447b78a398a57
7
- data.tar.gz: 59735fe882b949673c733f84a8890e46618b947b2257d05acc10b7994e90c6cbe6ba0f4df3dfa9907112c2d53222ade2ecd7c29a2f28523eab98e3ff63fb0af4
6
+ metadata.gz: 855b16bed365745386841cdc0fae3cc61f5a80a115c74bc1cf613e8561842c97a7d2ea7d3f0fc3de9d2b1723449ef3f41a2892f4cc271af7fce6de12091442b6
7
+ data.tar.gz: 639a94bbe7a5b88808c420a21fae786f52a62a15dfeee2d4f47158aa9c239788017fada5941eb7b9c8bc0bc0cedb13bb6f008527990d289cc059c0d9d0cfcd2e
data/.travis.yml ADDED
@@ -0,0 +1,5 @@
1
+ language: ruby
2
+ rvm:
3
+ - "2.1.2"
4
+ # uncomment this line if your project needs to run something other than `rake`:
5
+ # script: bundle exec rspec spec
data/lib/MetasploitPenTestScript/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module MetasploitPenTestScript
2
- VERSION = "0.0.2"
2
+ VERSION = "0.0.3"
3
3
  end
data/lib/metasploit/constants.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  module CONSTANTS
2
2
  DEFAULT_PORT = '3790'
3
3
  DEFAULT_URI = '/api/1.0'
4
- DEFAULT_SSL= true
4
+ DEFAULT_SSL = true
5
5
  RUNNING_IMPORT_STATUS = 'running'
6
6
  REQUIRED_TOKEN_MESSAGE = 'PWNED! Token is required'
7
7
  REQUIRED_CONNECTION_URL_MESSAGE = 'PWNED! Connection URL is required'
@@ -12,6 +12,7 @@ module CONSTANTS
12
12
  USING_DEFAULT_SSL_MESSAGE = '[*] Using SSL=TRUE'
13
13
  IMPORTING_DATA_MESSAGE = '[*] Importing...'
14
14
  SCANNING_MESSAGE = '[*] Scanning all your things...'
15
- REQUIRED_WORKSPACE_MESSAGE= 'PWNED! Workspace Name is required'
15
+ REQUIRED_WORKSPACE_MESSAGE = 'PWNED! Workspace Name is required'
16
+ SKIPPING_IMPORT_MESSAGE = '[*] Nexpose Console option was not passed, skipping Nexpose Import'
16
17
 
17
18
  end
data/lib/metasploit/exploit.rb CHANGED
@@ -26,9 +26,13 @@ module Metasploit
26
26
  end
27
27
 
28
28
  def self.do_nexpose_import(rpc_client, run_details)
29
- import = rpc_client.call('pro.start_import', {'workspace' => run_details.workspace_name, 'DS_NEXPOSE_CONSOLE' => run_details.nexpose_console_name, 'DS_NEXPOSE_SITE' => run_details.workspace_name})
30
29
 
31
- wait_for_task_to_stop_running(rpc_client, CONSTANTS::IMPORTING_DATA_MESSAGE, import['task_id'])
30
+ if run_details.nexpose_console_name.nil? || run_details.nexpose_console_name.empty?
31
+ puts CONSTANTS::SKIPPING_IMPORT_MESSAGE
32
+ else
33
+ import = rpc_client.call('pro.start_import', {'workspace' => run_details.workspace_name, 'DS_NEXPOSE_CONSOLE' => run_details.nexpose_console_name, 'DS_NEXPOSE_SITE' => run_details.workspace_name})
34
+ wait_for_task_to_stop_running(rpc_client, CONSTANTS::IMPORTING_DATA_MESSAGE, import['task_id'])
35
+ end
32
36
  end
33
37
 
34
38
  def self.create_workspace(rpc_client, workspace_name)
data/spec/exploit_spec.rb CHANGED
@@ -29,22 +29,22 @@ describe 'exploit' do
29
29
  .with(expected_options)
30
30
  .and_return(@mock_rpc_client)
31
31
 
32
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan)
32
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
33
33
  end
34
34
 
35
35
  it 'should throw an error if no token is passed' do
36
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, '', @expected_workspace_name, '', @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Token is required')
37
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, nil, @expected_workspace_name, '', @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Token is required')
36
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, '', @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Token is required')
37
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, nil, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Token is required')
38
38
  end
39
39
 
40
40
  it 'should throw an error if no connection url is passed' do
41
- expect { Metasploit::Exploit.start('', @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
42
- expect { Metasploit::Exploit.start(nil, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
41
+ expect { Metasploit::Exploit.start('', @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
42
+ expect { Metasploit::Exploit.start(nil, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
43
43
  end
44
44
 
45
45
  it 'should throw an error if no ip address is passed' do
46
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', '') }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
47
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', nil) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
46
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, '') }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
47
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, nil) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
48
48
  end
49
49
 
50
50
  it 'should use 3790 as default if port is empty string' do
@@ -54,7 +54,7 @@ describe 'exploit' do
54
54
  .with(expected_options)
55
55
  .and_return(@mock_rpc_client)
56
56
 
57
- Metasploit::Exploit.start(@expected_connection, '', @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan)
57
+ Metasploit::Exploit.start(@expected_connection, '', @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
58
58
  end
59
59
  end
60
60
 
@@ -63,16 +63,26 @@ describe 'exploit' do
63
63
  expect(@mock_rpc_client).to receive(:call)
64
64
  .with('pro.workspace_add', {'name' => @expected_workspace_name})
65
65
 
66
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan)
66
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
67
67
  end
68
68
 
69
69
  it 'should throw an error if workspace name is invalid' do
70
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, '', '', @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
71
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, nil, '', @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
70
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, '', @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
71
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, nil, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
72
+ end
73
+ end
74
+
75
+ describe 'should skip nexpose import' do
76
+ it 'should skip the import if nexpose_console variable is empty or nil' do
77
+ expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
78
+ expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
79
+ expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan)}.to_not output(/\[\*\] Importing.../).to_stdout
80
+ expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan)}.to_not output(/\[\*\] Importing...'/).to_stdout
72
81
  end
73
82
  end
74
83
 
75
84
  describe 'start import from nexpose' do
85
+
76
86
  it 'should start a import' do
77
87
  expect(@mock_rpc_client).to receive(:call)
78
88
  .with('pro.start_import', {'workspace' => @expected_workspace_name,
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: metasploit-runner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.2
4
+ version: 0.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nathan Gibson
@@ -76,6 +76,7 @@ extra_rdoc_files: []
76
76
  files:
77
77
  - ".gitignore"
78
78
  - ".rspec"
79
+ - ".travis.yml"
79
80
  - Gemfile
80
81
  - LICENSE.txt
81
82
  - MetasploitPenTestScript.gemspec