metasploit-runner 0.0.9 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3b62c85eea93ad0811660c4edfd7f47710e2db90
-  data.tar.gz: a6f0854d43fea53c523c7d95693a1d876044dd22
+  metadata.gz: 584745bd2ae32c8d7d71c35a305fd617e6d6a595
+  data.tar.gz: a61fc9ba558f10c5374423f9bc4f0c4108bf568f
 SHA512:
-  metadata.gz: e0988fef0a4b916632bc895d131b7cfbb36495d38241553febfd5c0b66e70a891c510995b61f0923e07bf0568845ca34822db6dfb174938aefecf7f411bd9db1
-  data.tar.gz: 273ccd1acb8882347c8ab4ec70d23d7a57cebba93b148861b3fd40681c8f58fe550dc9660585536a8b2efa845bc6565b931e96e63f2a220163b83c1b84bb4191
+  metadata.gz: b52f8aab7f3b39aa716925d6f4d365100ae226df50cac7912d76b903acb3e459bda54a828d3486353b2a5e415b5091f7ba499cfa579aa47b518296f547df492d
+  data.tar.gz: d9406aee5d39984dbdc5b300b499e88664947b9d55df884b7c02afbb837870622a3942f0b6579f5f7aae63f247d1bcf72a3b54fcc71e8dd00da67f9b6deb5fb9

data/README.md

@@ -24,38 +24,39 @@ Or install it yourself as:
 
 ## Usage
 
-This gem allows you to specify the Metasploit Connection URL, Metasploit Connection Port, Metasploit URI, SSL true/false, Token, Workspace Name, Nexpose Console Name, Device/Target IP.
+This gem allows you to specify the Metasploit Connection URL, Metasploit Connection Port, Metasploit URI, SSL true/false, Token, Workspace Name, Nexpose Console Name, Device/Target IP, and Exploit Module OS Filter.
 
 The nexpose_console_name is optional, if you specify a nexpose console name it will use the workspace_name, and nexpose console name to pull scan data from a nexpose console.
 IMPORTANT: Your "Site Name" in Nexpose, must match your "Workspace" name in Metasploit and you must add your Nexpose Console to Metasploit for this to work properly.
 
-    $ exploit "connection_url" "port" "uri" "use_ssl" "token" "workspace_name" "nexpose_console_name" "device_ip_to_scan"
+    $ exploit "connection_url" "port" "uri" "use_ssl" "token" "workspace_name" "nexpose_console_name" "device_ip_to_scan" "os_filter"
 
 Example WITH Nexpose Console Integration:
 
-    $ exploit "sploit.mydomain.com" "3790" "/api/1.0" "true" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1"
+    $ exploit "sploit.mydomain.com" "3790" "/api/1.0" "<true/false>" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1" "<true/false>"
 
 Example WITHOUT Nexpose Console Integration:
 
-    $ exploit "sploit.mydomain.com" "3790" "/api/1.0" "true" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "" "10.0.0.1"
+    $ exploit "sploit.mydomain.com" "3790" "/api/1.0" "true" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "" "10.0.0.1" "false"
 
-Additionally, a module filter may be passed in to determine which modules are whitelisted to run during an exploit.  The module filter parameter is a comma separate value
-for specifying multiple paths.
+Additionally, an os filter may be passed in to determine which modules will be ran during an exploit.  The os filter parameter will default to false (all modules will run) if you do not pass a value.
 
-Example WITH Module Filter:
+    Note: at the time of publishing this version of the gem, that was over 6,000 modules, which is ALOT. This option will only work of metasploit has a high confidence in your O/S type.
 
-    $ exploit "sploit.mydomain.com" "3790" "/api/1.0" "true" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1" "exploit/linux,exploit/multi"
+Example WITH OS Filter:
+
+    $ exploit "sploit.mydomain.com" "3790" "/api/1.0" "true" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1" "true"
 
 The if you do not pass the following options they will default to the respective values:
 
        port -> 3790
        uri -> /api/1.0
        use_ssl -> true
-       module_filter -> nil
+       os_filter -> false
 
 Example using the defaults:
 
-    $ exploit "sploit.mydomain.com" "" "" "" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1"
+    $ exploit "sploit.mydomain.com" "" "" "" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1" ""
 
 ## Contributing
 

data/bin/exploit

@@ -3,4 +3,4 @@
 require 'metasploit/exploit'
 
 $stdout.sync = true
-Metasploit::Exploit.start ARGV[0], ARGV[1], ARGV[2], ARGV[3], ARGV[4], ARGV[5], ARGV[6], ARGV[7]
+Metasploit::Exploit.start ARGV[0], ARGV[1], ARGV[2], ARGV[3], ARGV[4], ARGV[5], ARGV[6], ARGV[7], ARGV[8]

data/lib/MetasploitPenTestScript/version.rb

@@ -1,3 +1,3 @@
 module MetasploitPenTestScript
-  VERSION = "0.0.9"
+  VERSION = "0.1.0"
 end

data/lib/metasploit/constants.rb

@@ -2,6 +2,7 @@ module CONSTANTS
   DEFAULT_PORT = '3790'
   DEFAULT_URI = '/api/1.0'
   DEFAULT_SSL = true
+  DEFAULT_OS_FILTER = false
   RUNNING_IMPORT_STATUS = 'running'
   EXPLOIT_RUNNING_MESSAGE = 'running'
   REQUIRED_TOKEN_MESSAGE = 'PWNED! Token is required'
@@ -17,5 +18,6 @@ module CONSTANTS
   EXPLOIT_MESSAGE = '[*] Exploiting all your things...'
   REQUIRED_WORKSPACE_MESSAGE = 'PWNED! Workspace Name is required'
   SKIPPING_IMPORT_MESSAGE = '[*] Nexpose Console option was not passed, skipping Nexpose Import'
+  USING_OS_FILTER_MESSAGE = '[*] The OS Filter is set to TRUE so we are limiting the modules to just the ones applicable to this Operating System'
 
 end

data/lib/metasploit/exploit.rb

@@ -4,8 +4,8 @@ require 'metasploit/exploit_run_description'
 
 module Metasploit
   module Exploit
-    def Exploit.start(connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan, module_filter=nil)
-      run_details = ExploitRunDescription.new connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan
+    def Exploit.start(connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan, use_os_filter)
+      run_details = ExploitRunDescription.new connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan, use_os_filter
       run_details.verify
 
       rpc_client = get_new_metasploit_rpc_connection(run_details)
@@ -18,7 +18,7 @@ module Metasploit
 
       do_metasploit_audit(rpc_client, run_details)
 
-      do_metasploit_exploit(rpc_client, run_details, module_filter)
+      do_metasploit_exploit(rpc_client, run_details)
     end
 
     private
@@ -61,13 +61,14 @@ module Metasploit
       wait_for_task_to_stop_running(rpc_client, CONSTANTS::AUDIT_MESSAGE, audit['task_id'])
     end
 
-    def self.do_metasploit_exploit(rpc_client, run_details, module_filter)
+    def self.do_metasploit_exploit(rpc_client, run_details)
       options = {
-        'workspace' => run_details.workspace_name
+        'workspace' => run_details.workspace_name,
+        'DS_FilterByOS' => run_details.use_os_filter
       }
-      if !module_filter.nil?
-         options['DS_ModuleFilter'] = module_filter 
-      end
+
+      puts CONSTANTS::USING_OS_FILTER_MESSAGE if run_details.use_os_filter != CONSTANTS::DEFAULT_OS_FILTER
+
       sploit = rpc_client.call('pro.start_exploit', options)
       wait_for_task_to_stop_running(rpc_client, CONSTANTS::EXPLOIT_MESSAGE, sploit['task_id'])
     end

data/lib/metasploit/exploit_run_description.rb

@@ -1,11 +1,12 @@
 class ExploitRunDescription
-  attr_accessor :connection_url, :port, :uri, :use_ssl, :token, :workspace_name, :nexpose_console_name, :device_ip_to_scan
+  attr_accessor :connection_url, :port, :uri, :use_ssl, :token, :workspace_name, :nexpose_console_name, :device_ip_to_scan, :use_os_filter
   @@port_value = ''
   @@uri_value = ''
   @@use_ssl_value = ''
   @@device_ip_to_scan_value = ''
+  @@use_os_filter_value = ''
 
-  def initialize(connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan)
+  def initialize(connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan, use_os_filter)
     self.connection_url = connection_url
     @@port_value = port
     @@uri_value = uri
@@ -14,6 +15,7 @@ class ExploitRunDescription
     self.workspace_name = workspace_name
     self.nexpose_console_name = nexpose_console_name
     @@device_ip_to_scan_value = device_ip_to_scan
+    @@use_os_filter_value = use_os_filter
   end
 
   def verify
@@ -79,6 +81,15 @@ class ExploitRunDescription
     (@@use_ssl_value != false) ? true : false
   end
 
+  def use_os_filter=(value)
+    @@use_os_filter_value = value
+  end
+
+  def use_os_filter
+    (@@use_os_filter_value != true) ? false : true
+  end
+
+
   def get_value(value_to_check, default)
     (value_to_check.nil? || value_to_check.empty?) ? default : value_to_check
   end

data/spec/exploit_run_description_spec.rb

@@ -8,6 +8,7 @@ describe 'exploit_run_description' do
       @expected_port = '3791'
       @expected_uri = '/api/1.1'
       @expected_ssl = false
+      @expected_os_filter = false
       @expected_workspace_name = 'workspacename'
       @expected_nexpose_console_name = 'nexpose_console_name'
       @expected_webscan_task_id = '12'
@@ -23,7 +24,9 @@ describe 'exploit_run_description' do
                                                           @expected_token,
                                                           @expected_workspace_name,
                                                           @expected_nexpose_console_name,
-                                                          @mock_device_ip_to_scan
+                                                          @mock_device_ip_to_scan,
+                                                          @expected_os_filter
+
     end
 
     it 'should accept all of the needed parameters and persist them' do
@@ -35,6 +38,7 @@ describe 'exploit_run_description' do
       expect(@exploit_run_description.workspace_name).to eq(@expected_workspace_name)
       expect(@exploit_run_description.nexpose_console_name).to eq(@expected_nexpose_console_name)
       expect(@exploit_run_description.device_ip_to_scan).to eq(@mock_device_url_to_scan)
+      expect(@exploit_run_description.use_os_filter).to eq(@expected_os_filter)
     end
 
     it 'should use 3790 as default if port is empty string' do
@@ -77,11 +81,36 @@ describe 'exploit_run_description' do
       expect(@exploit_run_description.use_ssl).to eq(CONSTANTS::DEFAULT_SSL)
     end
 
-    it 'should return false if false is passed' do
+    it 'should return false on the SSL Option if false is passed' do
       @exploit_run_description.use_ssl = false
       expect(@exploit_run_description.use_ssl).to eq(false)
     end
 
+    it 'should use os filter false as default if empty string is passed' do
+      @exploit_run_description.use_os_filter = ''
+      expect(@exploit_run_description.use_os_filter).to eq(CONSTANTS::DEFAULT_OS_FILTER)
+    end
+
+    it 'should use os filter false as default if random string is passed' do
+      @exploit_run_description.use_os_filter = 'nathan is god'
+      expect(@exploit_run_description.use_os_filter).to eq(CONSTANTS::DEFAULT_OS_FILTER)
+    end
+
+    it 'should use os filter false as default if nil is passed' do
+      @exploit_run_description.use_os_filter = nil
+      expect(@exploit_run_description.use_os_filter).to eq(CONSTANTS::DEFAULT_OS_FILTER)
+    end
+
+    it 'should use os filter false as default if false is passed' do
+      @exploit_run_description.use_os_filter = false
+      expect(@exploit_run_description.use_os_filter).to eq(CONSTANTS::DEFAULT_OS_FILTER)
+    end
+
+    it 'should return true on the OS Filter option if true is passed' do
+      @exploit_run_description.use_ssl = true
+      expect(@exploit_run_description.use_ssl).to eq(true)
+    end
+
     describe 'get metasploit options' do
       it 'should return the correct options' do
         expect(@exploit_run_description.get_options).to eq({:host => @expected_connection,

data/spec/exploit_spec.rb

@@ -12,12 +12,12 @@ describe 'exploit' do
       @expected_port = '3791'
       @expected_uri = '/api/1.1'
       @expected_ssl = false
+      @expected_use_os_filter = true
       @expected_workspace_name = 'workspacename'
       @expected_nexpose_console_name = 'nexpose_console_name'
       @expected_webscan_task_id = '12'
       @expected_import_task_id = '1'
       @expected_exploit_task_id = '13'
-      @expected_exploit_module_filter = 'exploit/linux,exploit/multi'
       @expected_audit_task_id = '14'
       @expected_audit_max_requests = 1000
       @expected_audit_max_minutes = 3
@@ -36,22 +36,22 @@ describe 'exploit' do
                                     .with(expected_options)
                                     .and_return(@mock_rpc_client)
 
-        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
       end
 
       it 'should throw an error if no token is passed' do
-        expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, '', @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Token is required')
-        expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, nil, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Token is required')
+        expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, '', @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Token is required')
+        expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, nil, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Token is required')
       end
 
       it 'should throw an error if no connection url is passed' do
-        expect { Metasploit::Exploit.start('', @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
-        expect { Metasploit::Exploit.start(nil, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
+        expect { Metasploit::Exploit.start('', @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
+        expect { Metasploit::Exploit.start(nil, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
       end
 
       it 'should throw an error if no ip address is passed' do
-        expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, '') }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
-        expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, nil) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
+        expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, '', @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
+        expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, nil, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
       end
 
       it 'should use 3790 as default if port is empty string' do
@@ -61,7 +61,7 @@ describe 'exploit' do
                                     .with(expected_options)
                                     .and_return(@mock_rpc_client)
 
-        Metasploit::Exploit.start(@expected_connection, '', @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+        Metasploit::Exploit.start(@expected_connection, '', @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
       end
     end
 
@@ -70,21 +70,21 @@ describe 'exploit' do
         expect(@mock_rpc_client).to receive(:call)
                                    .with('pro.workspace_add', {'name' => @expected_workspace_name})
 
-        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
       end
 
       it 'should throw an error if workspace name is invalid' do
-        expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, '', @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
-        expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, nil, @expected_nexpose_console_name, @mock_device_ip_to_scan) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
+        expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, '', @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
+        expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, nil, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
       end
     end
 
     describe 'should skip nexpose import' do
       it 'should skip the import if nexpose_console variable is empty or nil' do
-        expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
-        expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
-        expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan)}.to_not output(/\[\*\] Importing.../).to_stdout
-        expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan)}.to_not output(/\[\*\] Importing...'/).to_stdout
+        expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan, @expected_use_os_filter)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
+        expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan, @expected_use_os_filter)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
+        expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan, @expected_use_os_filter)}.to_not output(/\[\*\] Importing.../).to_stdout
+        expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan, @expected_use_os_filter)}.to_not output(/\[\*\] Importing...'/).to_stdout
       end
     end
 
@@ -96,7 +96,7 @@ describe 'exploit' do
                                                              'DS_NEXPOSE_CONSOLE' => @expected_nexpose_console_name,
                                                              'DS_NEXPOSE_SITE' => @expected_workspace_name})
 
-        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
       end
 
       describe 'wait to be over' do
@@ -111,7 +111,7 @@ describe 'exploit' do
         it 'should call to check the status of an import' do
           expect(@mock_rpc_client).to receive(:call).with('pro.task_status', @expected_import_task_id)
 
-          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
         end
 
         it 'should call to check the status until it is not running' do
@@ -127,7 +127,7 @@ describe 'exploit' do
                                       .once
                                       .ordered
 
-          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
         end
 
         it 'should sleep for 3 seconds if the status is still running' do
@@ -146,7 +146,7 @@ describe 'exploit' do
           #Expecting 7 because we are mocking 6 above and the global :call mock in get_mock_rpc_client
           expect(Metasploit::Exploit).to receive(:sleep).with(3).exactly(7).times
 
-          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
         end
       end
     end
@@ -157,7 +157,7 @@ describe 'exploit' do
                                     .with('pro.start_webscan', {'workspace' => @expected_workspace_name,
                                                                 'DS_URLS' => @mock_device_url_to_scan})
 
-        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
       end
 
       describe 'wait for scan to be over' do
@@ -171,7 +171,7 @@ describe 'exploit' do
         it 'should call to check the status of the scan' do
           expect(@mock_rpc_client).to receive(:call).with('pro.task_status', @expected_webscan_task_id)
 
-          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
         end
 
         it 'should call to check the status until it is not running' do
@@ -187,7 +187,7 @@ describe 'exploit' do
                                       .once
                                       .ordered
 
-          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
         end
 
         it 'should sleep for 3 seconds if the status is still running' do
@@ -206,7 +206,7 @@ describe 'exploit' do
           #Expecting 7 because we are mocking 6 above and the global :call mock in get_mock_rpc_client
           expect(Metasploit::Exploit).to receive(:sleep).with(3).exactly(7).times
 
-          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
         end
       end
     end
@@ -224,7 +224,7 @@ describe 'exploit' do
                                                                   'DS_MAX_INSTANCES' => @expected_audit_max_instances
                                                                 })
 
-        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
       end
 
       describe 'wait for audit to be over' do
@@ -245,7 +245,7 @@ describe 'exploit' do
         it 'should call to check the status of the audit' do
           expect(@mock_rpc_client).to receive(:call).with('pro.task_status', @expected_audit_task_id)
 
-          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
         end
 
         it 'should call to check the status until it is not running' do
@@ -261,7 +261,7 @@ describe 'exploit' do
                                       .once
                                       .ordered
 
-          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
         end
 
         it 'should sleep for 3 seconds if the status is still running' do
@@ -280,7 +280,7 @@ describe 'exploit' do
           #Expecting 7 because we are mocking 6 above and the global :call mock in get_mock_rpc_client
           expect(Metasploit::Exploit).to receive(:sleep).with(3).exactly(7).times
 
-          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
         end
       end
     end
@@ -289,30 +289,30 @@ describe 'exploit' do
 
       it 'should kick off an exploit' do
         expect(@mock_rpc_client).to receive(:call)
-                                    .with('pro.start_exploit', {'workspace' => @expected_workspace_name})
+                                    .with('pro.start_exploit', {'workspace' => @expected_workspace_name, 'DS_FilterByOS' => @expected_use_os_filter})
 
-        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
       end
 
-      it 'should use a module filter if one is specified' do
+      it 'should use a operating system filter if its set to true' do
         expect(@mock_rpc_client).to receive(:call)
-                                    .with('pro.start_exploit', {'workspace' => @expected_workspace_name, 'DS_ModuleFilter' => @expected_exploit_module_filter})
+                                    .with('pro.start_exploit', {'workspace' => @expected_workspace_name, 'DS_FilterByOS' => @expected_use_os_filter})
 
-        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_exploit_module_filter)
+        Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
       end
 
       describe 'wait for exploit to be over' do
         before(:each) do
 
           expect(@mock_rpc_client).to receive(:call)
-                                      .with('pro.start_exploit', {'workspace' => @expected_workspace_name})
+                                      .with('pro.start_exploit', {'workspace' => @expected_workspace_name, 'DS_FilterByOS' => @expected_use_os_filter})
                                       .and_return({'task_id' => @expected_exploit_task_id})
         end
 
         it 'should call to check the status of the exploit' do
           expect(@mock_rpc_client).to receive(:call).with('pro.task_status', @expected_exploit_task_id)
 
-          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
         end
 
         it 'should call to check the status until it is not running' do
@@ -328,7 +328,7 @@ describe 'exploit' do
                                       .once
                                       .ordered
 
-          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
         end
 
         it 'should sleep for 3 seconds if the status is still running' do
@@ -347,7 +347,7 @@ describe 'exploit' do
           #Expecting 7 because we are mocking 6 above and the global :call mock in get_mock_rpc_client
           expect(Metasploit::Exploit).to receive(:sleep).with(3).exactly(7).times
 
-          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
+          Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl,  @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
         end
       end
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: metasploit-runner
 version: !ruby/object:Gem::Version
-  version: 0.0.9
+  version: 0.1.0
 platform: ruby
 authors:
 - Nathan Gibson
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-12-03 00:00:00.000000000 Z
+date: 2014-12-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: msfrpc-client