metasploit-runner 0.1.8 → 0.1.9

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +4 -4
  3. data/bin/exploit +1 -1
  4. data/lib/MetasploitPenTestScript/version.rb +1 -1
  5. data/lib/metasploit/constants.rb +2 -0
  6. data/lib/metasploit/exploit.rb +18 -2
  7. data/lib/metasploit/exploit_run_description.rb +24 -3
  8. data/spec/exploit_run_description_spec.rb +6 -3
  9. data/spec/exploit_spec.rb +84 -39
  10. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ade37ee5ad6a5f514b47ade631cc9c3c2504ef65
4
- data.tar.gz: f3ca83cd02dec9d40044cd9e6d0f9b636c394bd3
3
+ metadata.gz: 250b963d7aab6e8e6ef915674a0de8edca5c50bf
4
+ data.tar.gz: e54e5098ef8f5f70fff4d7e540ca99e50c087809
5
5
  SHA512:
6
- metadata.gz: 7b8567fecac69cb76a7b1f3ebced3073aff8356a86e0d62d5b0cc361ca93d8a504d1f29d3b3627aadec406e13cb2625c090511256ac5ddedd9d9b9287fd069f9
7
- data.tar.gz: 3a8e4a7e9bd96837186a965a73da69b92d1681ced7b00e9043f49a6d4cd12d08a5b7f5a79e127cac353db45f8646daea9ed216f9dbfe0243b580938c9f7491d2
6
+ metadata.gz: eb5fca636b93affc501761b1aaf9c33bad357dc8fce3a32533eaf71af7c67d01345372948c00634ba663b8e4a82fceaa2077ce43f7fc4a2b32be4657c5257f5e
7
+ data.tar.gz: 58cbe28bc29feda56e45b39de9e82008fbe1f23e7f05e0e5a5c0a45a8f4f844816687daa2d87249cbb0665e10042c16111d84ef6b63a47a31dbc86802e13326b
data/README.md CHANGED
@@ -29,15 +29,15 @@ This gem allows you to specify the Metasploit Connection URL, Metasploit Connect
29
29
  The nexpose_console_name is optional, if you specify a nexpose console name it will use the workspace_name, and nexpose console name to pull scan data from a nexpose console.
30
30
  IMPORTANT: Your "Site Name" in Nexpose, must match your "Workspace" name in Metasploit and you must add your Nexpose Console to Metasploit for this to work properly.
31
31
 
32
- $ exploit "connection_url" "port" "uri" "use_ssl" "token" "workspace_name" "nexpose_console_name" "device_ip_to_scan" "os_filter"
32
+ $ exploit "connection_url" "port" "uri" "use_ssl" "token" "workspace_name" "nexpose_console_name" "device_ip_to_scan" "os_filter" "module_filter"
33
33
 
34
34
  Example WITH Nexpose Console Integration:
35
35
 
36
- $ exploit "sploit.mydomain.com" "3790" "/api/1.0" "<true/false>" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1" "<true/false>"
36
+ $ exploit "sploit.mydomain.com" "3790" "/api/1.0" "<true/false>" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1" "<true/false>" "exploit/windows/smb/psexec"
37
37
 
38
38
  Example WITHOUT Nexpose Console Integration:
39
39
 
40
- $ exploit "sploit.mydomain.com" "3790" "/api/1.0" "true" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "" "10.0.0.1" "false"
40
+ $ exploit "sploit.mydomain.com" "3790" "/api/1.0" "true" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "" "10.0.0.1" "false" "exploit/windows/smb/psexec"
41
41
 
42
42
  Additionally, an os filter may be passed in to determine which modules will be ran during an exploit. The os filter parameter will default to false (all modules will run) if you do not pass a value.
43
43
 
@@ -56,7 +56,7 @@ The if you do not pass the following options they will default to the respective
56
56
 
57
57
  Example using the defaults:
58
58
 
59
- $ exploit "sploit.mydomain.com" "" "" "" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1" ""
59
+ $ exploit "sploit.mydomain.com" "" "" "" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1" "" ""
60
60
 
61
61
  ## Contributing
62
62
 
data/bin/exploit CHANGED
@@ -3,4 +3,4 @@
3
3
  require 'metasploit/exploit'
4
4
 
5
5
  $stdout.sync = true
6
- Metasploit::Exploit.start ARGV[0], ARGV[1], ARGV[2], ARGV[3], ARGV[4], ARGV[5], ARGV[6], ARGV[7], ARGV[8]
6
+ Metasploit::Exploit.start ARGV[0], ARGV[1], ARGV[2], ARGV[3], ARGV[4], ARGV[5], ARGV[6], ARGV[7], ARGV[8], ARGV[9]
data/lib/MetasploitPenTestScript/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module MetasploitPenTestScript
2
- VERSION = "0.1.8"
2
+ VERSION = "0.1.9"
3
3
  end
data/lib/metasploit/constants.rb CHANGED
@@ -20,4 +20,6 @@ module CONSTANTS
20
20
  SKIPPING_IMPORT_MESSAGE = '[*] Nexpose Console option was not passed, skipping Nexpose Import'
21
21
  USING_OS_FILTER_MESSAGE = '[*] The OS Filter is set to TRUE so we are limiting the modules to just the ones applicable to this Operating System'
22
22
  NO_OS_FILTER = '[*] We did not receive an option for the OS Filter or you set it to FALSE, either way we are backing the truck up and using all modules'
23
+ USING_MODULE_FILTER = '[*] Filtering exploits based on your desired modules'
24
+ NO_MODULE_FILTER = '[*] Not filtering any modules'
23
25
  end
data/lib/metasploit/exploit.rb CHANGED
@@ -4,8 +4,17 @@ require 'metasploit/exploit_run_description'
4
4
 
5
5
  module Metasploit
6
6
  module Exploit
7
- def Exploit.start(connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan, use_os_filter)
8
- run_details = ExploitRunDescription.new connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan, use_os_filter
7
+ def Exploit.start(connection_url,
8
+ port,
9
+ uri,
10
+ use_ssl,
11
+ token,
12
+ workspace_name,
13
+ nexpose_console_name,
14
+ device_ip_to_scan,
15
+ use_os_filter,
16
+ module_filter)
17
+ run_details = ExploitRunDescription.new connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan, use_os_filter, module_filter
9
18
  run_details.verify
10
19
 
11
20
  rpc_client = get_new_metasploit_rpc_connection(run_details)
@@ -62,6 +71,13 @@ module Metasploit
62
71
  puts CONSTANTS::NO_OS_FILTER
63
72
  end
64
73
 
74
+ if run_details.module_filter.nil? || run_details.module_filter.empty?
75
+ puts CONSTANTS::NO_MODULE_FILTER
76
+ else
77
+ puts CONSTANTS::USING_MODULE_FILTER
78
+ puts run_details.module_filter
79
+ end
80
+
65
81
  sploit = rpc_client.call('pro.start_exploit', run_details.get_exploit_options)
66
82
 
67
83
  wait_for_task_to_stop_running(rpc_client, CONSTANTS::EXPLOIT_MESSAGE, sploit['task_id'])
data/lib/metasploit/exploit_run_description.rb CHANGED
@@ -1,12 +1,31 @@
1
1
  class ExploitRunDescription
2
- attr_accessor :connection_url, :port, :uri, :use_ssl, :token, :workspace_name, :nexpose_console_name, :device_ip_to_scan, :use_os_filter
2
+ attr_accessor :connection_url,
3
+ :port,
4
+ :uri,
5
+ :use_ssl,
6
+ :token,
7
+ :workspace_name,
8
+ :nexpose_console_name,
9
+ :device_ip_to_scan,
10
+ :use_os_filter,
11
+ :module_filter
12
+
3
13
  @@port_value = ''
4
14
  @@uri_value = ''
5
15
  @@use_ssl_value = ''
6
16
  @@device_ip_to_scan_value = ''
7
17
  @@use_os_filter_value = ''
8
18
 
9
- def initialize(connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan, use_os_filter)
19
+ def initialize(connection_url,
20
+ port,
21
+ uri,
22
+ use_ssl,
23
+ token,
24
+ workspace_name,
25
+ nexpose_console_name,
26
+ device_ip_to_scan,
27
+ use_os_filter,
28
+ module_filter)
10
29
  self.connection_url = connection_url
11
30
  @@port_value = port
12
31
  @@uri_value = uri
@@ -16,6 +35,7 @@ class ExploitRunDescription
16
35
  self.nexpose_console_name = nexpose_console_name
17
36
  @@device_ip_to_scan_value = device_ip_to_scan
18
37
  self.use_os_filter = use_os_filter
38
+ self.module_filter = module_filter
19
39
  end
20
40
 
21
41
  def verify
@@ -57,7 +77,8 @@ class ExploitRunDescription
57
77
  "DS_LimitSessions" => true,
58
78
  "DS_MATCH_VULNS" => true,
59
79
  "DS_MATCH_PORTS" => true,
60
- "DS_FilterByOS" => self.use_os_filter}
80
+ "DS_FilterByOS" => self.use_os_filter,
81
+ "DS_ModuleFilter" => self.module_filter}
61
82
  end
62
83
 
63
84
  def device_ip_to_scan
data/spec/exploit_run_description_spec.rb CHANGED
@@ -9,7 +9,8 @@ describe 'exploit_run_description' do
9
9
  @expected_uri = '/api/1.1'
10
10
  @expected_ssl = false
11
11
  @expected_os_filter = false
12
- @expected_workspace_name = 'workspacename'
12
+ @expected_module_filter = 'exploit/windows/smb/psexec'
13
+ @expected_workspacename = 'workspacename'
13
14
  @expected_nexpose_console_name = 'nexpose_console_name'
14
15
  @expected_webscan_task_id = '12'
15
16
  @expected_import_task_id = '1'
@@ -17,7 +18,7 @@ describe 'exploit_run_description' do
17
18
  @mock_rpc_client = get_mock_rpc_client
18
19
  @mock_device_ip_to_scan = '127.0.0.1'
19
20
  @mock_device_url_to_scan = "http://#{@mock_device_ip_to_scan}"
20
-
21
+
21
22
  @exploit_run_description = ExploitRunDescription.new @expected_connection,
22
23
  @expected_port,
23
24
  @expected_uri,
@@ -26,7 +27,8 @@ describe 'exploit_run_description' do
26
27
  @expected_workspace_name,
27
28
  @expected_nexpose_console_name,
28
29
  @mock_device_ip_to_scan,
29
- @expected_os_filter
30
+ @expected_os_filter,
31
+ @expected_module_filter
30
32
 
31
33
  end
32
34
 
@@ -40,6 +42,7 @@ describe 'exploit_run_description' do
40
42
  expect(@exploit_run_description.nexpose_console_name).to eq(@expected_nexpose_console_name)
41
43
  expect(@exploit_run_description.device_ip_to_scan).to eq(@mock_device_url_to_scan)
42
44
  expect(@exploit_run_description.use_os_filter).to eq(@expected_os_filter)
45
+ expect(@exploit_run_description.module_filter).to eq(@expected_module_filter)
43
46
  end
44
47
 
45
48
  it 'should use 3790 as default if port is empty string' do
data/spec/exploit_spec.rb CHANGED
@@ -31,6 +31,7 @@ describe 'exploit' do
31
31
  @expected_match_vulns = true
32
32
  @expected_match_ports = true
33
33
  @expected_ssl_version ='TLS1'
34
+ @expected_module_filter = 'exploit/windows/smb/psexec'
34
35
  @mock_rpc_client = get_mock_rpc_client
35
36
  @mock_device_ip_to_scan = '127.0.0.1'
36
37
  @mock_device_url_to_scan = "http://#{@mock_device_ip_to_scan}"
@@ -44,22 +45,22 @@ describe 'exploit' do
44
45
  .with(expected_options)
45
46
  .and_return(@mock_rpc_client)
46
47
 
47
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
48
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
48
49
  end
49
50
 
50
51
  it 'should throw an error if no token is passed' do
51
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, '', @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Token is required')
52
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, nil, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Token is required')
52
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, '', @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Token is required')
53
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, nil, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Token is required')
53
54
  end
54
55
 
55
56
  it 'should throw an error if no connection url is passed' do
56
- expect { Metasploit::Exploit.start('', @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
57
- expect { Metasploit::Exploit.start(nil, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
57
+ expect { Metasploit::Exploit.start('', @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
58
+ expect { Metasploit::Exploit.start(nil, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
58
59
  end
59
60
 
60
61
  it 'should throw an error if no ip address is passed' do
61
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, '', @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
62
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, nil, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
62
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, '', @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
63
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, nil, @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
63
64
  end
64
65
 
65
66
  it 'should use 3790 as default if port is empty string' do
@@ -69,7 +70,7 @@ describe 'exploit' do
69
70
  .with(expected_options)
70
71
  .and_return(@mock_rpc_client)
71
72
 
72
- Metasploit::Exploit.start(@expected_connection, '', @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
73
+ Metasploit::Exploit.start(@expected_connection, '', @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
73
74
  end
74
75
  end
75
76
 
@@ -78,21 +79,21 @@ describe 'exploit' do
78
79
  expect(@mock_rpc_client).to receive(:call)
79
80
  .with('pro.workspace_add', {'name' => @expected_workspace_name})
80
81
 
81
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
82
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
82
83
  end
83
84
 
84
85
  it 'should throw an error if workspace name is invalid' do
85
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, '', @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
86
- expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, nil, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
86
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, '', @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
87
+ expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, nil, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
87
88
  end
88
89
  end
89
90
 
90
91
  describe 'should skip nexpose import' do
91
92
  it 'should skip the import if nexpose_console variable is empty or nil' do
92
- expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan, @expected_use_os_filter)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
93
- expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan, @expected_use_os_filter)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
94
- expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan, @expected_use_os_filter)}.to_not output(/\[\*\] Importing.../).to_stdout
95
- expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan, @expected_use_os_filter)}.to_not output(/\[\*\] Importing...'/).to_stdout
93
+ expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
94
+ expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
95
+ expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)}.to_not output(/\[\*\] Importing.../).to_stdout
96
+ expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)}.to_not output(/\[\*\] Importing...'/).to_stdout
96
97
  end
97
98
  end
98
99
 
@@ -104,7 +105,7 @@ describe 'exploit' do
104
105
  'DS_NEXPOSE_CONSOLE' => @expected_nexpose_console_name,
105
106
  'DS_NEXPOSE_SITE' => @expected_workspace_name})
106
107
 
107
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
108
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
108
109
  end
109
110
 
110
111
  describe 'wait to be over' do
@@ -119,7 +120,7 @@ describe 'exploit' do
119
120
  it 'should call to check the status of an import' do
120
121
  expect(@mock_rpc_client).to receive(:call).with('pro.task_status', @expected_import_task_id)
121
122
 
122
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
123
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
123
124
  end
124
125
 
125
126
  it 'should call to check the status until it is not running' do
@@ -135,7 +136,7 @@ describe 'exploit' do
135
136
  .once
136
137
  .ordered
137
138
 
138
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
139
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
139
140
  end
140
141
 
141
142
  it 'should sleep for 3 seconds if the status is still running' do
@@ -154,7 +155,7 @@ describe 'exploit' do
154
155
  #Expecting 7 because we are mocking 6 above and the global :call mock in get_mock_rpc_client
155
156
  expect(Metasploit::Exploit).to receive(:sleep).with(3).exactly(7).times
156
157
 
157
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
158
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
158
159
  end
159
160
  end
160
161
  end
@@ -165,7 +166,7 @@ describe 'exploit' do
165
166
  .with('pro.start_webscan', {'workspace' => @expected_workspace_name,
166
167
  'DS_URLS' => @mock_device_url_to_scan})
167
168
 
168
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
169
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
169
170
  end
170
171
 
171
172
  describe 'wait for scan to be over' do
@@ -179,7 +180,7 @@ describe 'exploit' do
179
180
  it 'should call to check the status of the scan' do
180
181
  expect(@mock_rpc_client).to receive(:call).with('pro.task_status', @expected_webscan_task_id)
181
182
 
182
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
183
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
183
184
  end
184
185
 
185
186
  it 'should call to check the status until it is not running' do
@@ -195,7 +196,7 @@ describe 'exploit' do
195
196
  .once
196
197
  .ordered
197
198
 
198
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
199
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
199
200
  end
200
201
 
201
202
  it 'should sleep for 3 seconds if the status is still running' do
@@ -214,7 +215,7 @@ describe 'exploit' do
214
215
  #Expecting 7 because we are mocking 6 above and the global :call mock in get_mock_rpc_client
215
216
  expect(Metasploit::Exploit).to receive(:sleep).with(3).exactly(7).times
216
217
 
217
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
218
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
218
219
  end
219
220
  end
220
221
  end
@@ -232,7 +233,7 @@ describe 'exploit' do
232
233
  'DS_MAX_INSTANCES' => @expected_audit_max_instances
233
234
  })
234
235
 
235
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
236
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
236
237
  end
237
238
 
238
239
  describe 'wait for audit to be over' do
@@ -253,7 +254,7 @@ describe 'exploit' do
253
254
  it 'should call to check the status of the audit' do
254
255
  expect(@mock_rpc_client).to receive(:call).with('pro.task_status', @expected_audit_task_id)
255
256
 
256
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
257
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
257
258
  end
258
259
 
259
260
  it 'should call to check the status until it is not running' do
@@ -269,7 +270,7 @@ describe 'exploit' do
269
270
  .once
270
271
  .ordered
271
272
 
272
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
273
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
273
274
  end
274
275
 
275
276
  it 'should sleep for 3 seconds if the status is still running' do
@@ -288,7 +289,7 @@ describe 'exploit' do
288
289
  #Expecting 7 because we are mocking 6 above and the global :call mock in get_mock_rpc_client
289
290
  expect(Metasploit::Exploit).to receive(:sleep).with(3).exactly(7).times
290
291
 
291
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
292
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
292
293
  end
293
294
  end
294
295
  end
@@ -297,7 +298,8 @@ describe 'exploit' do
297
298
 
298
299
  it 'should kick off an exploit' do
299
300
  expect(@mock_rpc_client).to receive(:call)
300
- .with('pro.start_exploit', {"workspace" => @expected_workspace_name,
301
+ .with('pro.start_exploit', {
302
+ "workspace" => @expected_workspace_name,
301
303
  "DS_WHITELIST_HOSTS" => @mock_device_ip_to_scan,
302
304
  "DS_MinimumRank" => @expected_minimum_rank,
303
305
  "DS_EXPLOIT_SPEED" => @expected_exploit_speed,
@@ -305,14 +307,17 @@ describe 'exploit' do
305
307
  "DS_LimitSessions" => @expected_session_limit,
306
308
  "DS_MATCH_VULNS" => @expected_match_vulns,
307
309
  "DS_MATCH_PORTS" => @expected_match_ports,
308
- "DS_FilterByOS" => @expected_use_os_filter})
310
+ "DS_FilterByOS" => @expected_use_os_filter,
311
+ "DS_ModuleFilter" => @expected_module_filter
312
+ })
309
313
 
310
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
314
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
311
315
  end
312
316
 
313
317
  it 'should use a operating system filter if its set to true' do
314
318
  expect(@mock_rpc_client).to receive(:call)
315
- .with('pro.start_exploit', {"workspace" => @expected_workspace_name,
319
+ .with('pro.start_exploit', {
320
+ "workspace" => @expected_workspace_name,
316
321
  "DS_WHITELIST_HOSTS" => @mock_device_ip_to_scan,
317
322
  "DS_MinimumRank" => @expected_minimum_rank,
318
323
  "DS_EXPLOIT_SPEED" => @expected_exploit_speed,
@@ -320,9 +325,11 @@ describe 'exploit' do
320
325
  "DS_LimitSessions" => @expected_session_limit,
321
326
  "DS_MATCH_VULNS" => @expected_match_vulns,
322
327
  "DS_MATCH_PORTS" => @expected_match_ports,
323
- "DS_FilterByOS" => @expected_use_os_filter})
328
+ "DS_FilterByOS" => @expected_use_os_filter,
329
+ "DS_ModuleFilter" => @expected_module_filter
330
+ })
324
331
 
325
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, true)
332
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, true, @expected_module_filter)
326
333
  end
327
334
 
328
335
  it 'should not use a operating system filter if its set to false' do
@@ -335,9 +342,45 @@ describe 'exploit' do
335
342
  "DS_LimitSessions" => @expected_session_limit,
336
343
  "DS_MATCH_VULNS" => @expected_match_vulns,
337
344
  "DS_MATCH_PORTS" => @expected_match_ports,
338
- "DS_FilterByOS" => false})
345
+ "DS_FilterByOS" => false,
346
+ "DS_ModuleFilter" => @expected_module_filter
347
+ })
339
348
 
340
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, false)
349
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, false, @expected_module_filter)
350
+ end
351
+
352
+ it 'should not use a module filter if no modules are passed' do
353
+ expect(@mock_rpc_client).to receive(:call)
354
+ .with('pro.start_exploit', {"workspace" => @expected_workspace_name,
355
+ "DS_WHITELIST_HOSTS" => @mock_device_ip_to_scan,
356
+ "DS_MinimumRank" => @expected_minimum_rank,
357
+ "DS_EXPLOIT_SPEED" => @expected_exploit_speed,
358
+ "DS_EXPLOIT_TIMEOUT" => @expected_exploit_timeout,
359
+ "DS_LimitSessions" => @expected_session_limit,
360
+ "DS_MATCH_VULNS" => @expected_match_vulns,
361
+ "DS_MATCH_PORTS" => @expected_match_ports,
362
+ "DS_FilterByOS" => false,
363
+ "DS_ModuleFilter" => ''
364
+ })
365
+
366
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, false, '')
367
+ end
368
+
369
+ it 'should use a module filter if a module is passed' do
370
+ expect(@mock_rpc_client).to receive(:call)
371
+ .with('pro.start_exploit', {"workspace" => @expected_workspace_name,
372
+ "DS_WHITELIST_HOSTS" => @mock_device_ip_to_scan,
373
+ "DS_MinimumRank" => @expected_minimum_rank,
374
+ "DS_EXPLOIT_SPEED" => @expected_exploit_speed,
375
+ "DS_EXPLOIT_TIMEOUT" => @expected_exploit_timeout,
376
+ "DS_LimitSessions" => @expected_session_limit,
377
+ "DS_MATCH_VULNS" => @expected_match_vulns,
378
+ "DS_MATCH_PORTS" => @expected_match_ports,
379
+ "DS_FilterByOS" => false,
380
+ "DS_ModuleFilter" => @expected_module_filter
381
+ })
382
+
383
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, false, @expected_module_filter)
341
384
  end
342
385
 
343
386
  describe 'wait for exploit to be over' do
@@ -352,14 +395,16 @@ describe 'exploit' do
352
395
  "DS_LimitSessions" => @expected_session_limit,
353
396
  "DS_MATCH_VULNS" => @expected_match_vulns,
354
397
  "DS_MATCH_PORTS" => @expected_match_ports,
355
- "DS_FilterByOS" => @expected_use_os_filter})
398
+ "DS_FilterByOS" => @expected_use_os_filter,
399
+ "DS_ModuleFilter" => @expected_module_filter
400
+ })
356
401
  .and_return({'task_id' => @expected_exploit_task_id})
357
402
  end
358
403
 
359
404
  it 'should call to check the status of the exploit' do
360
405
  expect(@mock_rpc_client).to receive(:call).with('pro.task_status', @expected_exploit_task_id)
361
406
 
362
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
407
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
363
408
  end
364
409
 
365
410
  it 'should call to check the status until it is not running' do
@@ -375,7 +420,7 @@ describe 'exploit' do
375
420
  .once
376
421
  .ordered
377
422
 
378
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
423
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
379
424
  end
380
425
 
381
426
  it 'should sleep for 3 seconds if the status is still running' do
@@ -394,7 +439,7 @@ describe 'exploit' do
394
439
  #Expecting 7 because we are mocking 6 above and the global :call mock in get_mock_rpc_client
395
440
  expect(Metasploit::Exploit).to receive(:sleep).with(3).exactly(7).times
396
441
 
397
- Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
442
+ Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
398
443
  end
399
444
  end
400
445
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: metasploit-runner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.8
4
+ version: 0.1.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nathan Gibson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-12-15 00:00:00.000000000 Z
11
+ date: 2015-02-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: msfrpc-client