metasploit-runner 0.1.8 → 0.1.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +4 -4
- data/bin/exploit +1 -1
- data/lib/MetasploitPenTestScript/version.rb +1 -1
- data/lib/metasploit/constants.rb +2 -0
- data/lib/metasploit/exploit.rb +18 -2
- data/lib/metasploit/exploit_run_description.rb +24 -3
- data/spec/exploit_run_description_spec.rb +6 -3
- data/spec/exploit_spec.rb +84 -39
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 250b963d7aab6e8e6ef915674a0de8edca5c50bf
|
4
|
+
data.tar.gz: e54e5098ef8f5f70fff4d7e540ca99e50c087809
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: eb5fca636b93affc501761b1aaf9c33bad357dc8fce3a32533eaf71af7c67d01345372948c00634ba663b8e4a82fceaa2077ce43f7fc4a2b32be4657c5257f5e
|
7
|
+
data.tar.gz: 58cbe28bc29feda56e45b39de9e82008fbe1f23e7f05e0e5a5c0a45a8f4f844816687daa2d87249cbb0665e10042c16111d84ef6b63a47a31dbc86802e13326b
|
data/README.md
CHANGED
@@ -29,15 +29,15 @@ This gem allows you to specify the Metasploit Connection URL, Metasploit Connect
|
|
29
29
|
The nexpose_console_name is optional, if you specify a nexpose console name it will use the workspace_name, and nexpose console name to pull scan data from a nexpose console.
|
30
30
|
IMPORTANT: Your "Site Name" in Nexpose, must match your "Workspace" name in Metasploit and you must add your Nexpose Console to Metasploit for this to work properly.
|
31
31
|
|
32
|
-
$ exploit "connection_url" "port" "uri" "use_ssl" "token" "workspace_name" "nexpose_console_name" "device_ip_to_scan" "os_filter"
|
32
|
+
$ exploit "connection_url" "port" "uri" "use_ssl" "token" "workspace_name" "nexpose_console_name" "device_ip_to_scan" "os_filter" "module_filter"
|
33
33
|
|
34
34
|
Example WITH Nexpose Console Integration:
|
35
35
|
|
36
|
-
$ exploit "sploit.mydomain.com" "3790" "/api/1.0" "<true/false>" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1" "<true/false>"
|
36
|
+
$ exploit "sploit.mydomain.com" "3790" "/api/1.0" "<true/false>" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1" "<true/false>" "exploit/windows/smb/psexec"
|
37
37
|
|
38
38
|
Example WITHOUT Nexpose Console Integration:
|
39
39
|
|
40
|
-
$ exploit "sploit.mydomain.com" "3790" "/api/1.0" "true" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "" "10.0.0.1" "false"
|
40
|
+
$ exploit "sploit.mydomain.com" "3790" "/api/1.0" "true" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "" "10.0.0.1" "false" "exploit/windows/smb/psexec"
|
41
41
|
|
42
42
|
Additionally, an os filter may be passed in to determine which modules will be ran during an exploit. The os filter parameter will default to false (all modules will run) if you do not pass a value.
|
43
43
|
|
@@ -56,7 +56,7 @@ The if you do not pass the following options they will default to the respective
|
|
56
56
|
|
57
57
|
Example using the defaults:
|
58
58
|
|
59
|
-
$ exploit "sploit.mydomain.com" "" "" "" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1" ""
|
59
|
+
$ exploit "sploit.mydomain.com" "" "" "" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1" "" ""
|
60
60
|
|
61
61
|
## Contributing
|
62
62
|
|
data/bin/exploit
CHANGED
@@ -3,4 +3,4 @@
|
|
3
3
|
require 'metasploit/exploit'
|
4
4
|
|
5
5
|
$stdout.sync = true
|
6
|
-
Metasploit::Exploit.start ARGV[0], ARGV[1], ARGV[2], ARGV[3], ARGV[4], ARGV[5], ARGV[6], ARGV[7], ARGV[8]
|
6
|
+
Metasploit::Exploit.start ARGV[0], ARGV[1], ARGV[2], ARGV[3], ARGV[4], ARGV[5], ARGV[6], ARGV[7], ARGV[8], ARGV[9]
|
data/lib/metasploit/constants.rb
CHANGED
@@ -20,4 +20,6 @@ module CONSTANTS
|
|
20
20
|
SKIPPING_IMPORT_MESSAGE = '[*] Nexpose Console option was not passed, skipping Nexpose Import'
|
21
21
|
USING_OS_FILTER_MESSAGE = '[*] The OS Filter is set to TRUE so we are limiting the modules to just the ones applicable to this Operating System'
|
22
22
|
NO_OS_FILTER = '[*] We did not receive an option for the OS Filter or you set it to FALSE, either way we are backing the truck up and using all modules'
|
23
|
+
USING_MODULE_FILTER = '[*] Filtering exploits based on your desired modules'
|
24
|
+
NO_MODULE_FILTER = '[*] Not filtering any modules'
|
23
25
|
end
|
data/lib/metasploit/exploit.rb
CHANGED
@@ -4,8 +4,17 @@ require 'metasploit/exploit_run_description'
|
|
4
4
|
|
5
5
|
module Metasploit
|
6
6
|
module Exploit
|
7
|
-
def Exploit.start(connection_url,
|
8
|
-
|
7
|
+
def Exploit.start(connection_url,
|
8
|
+
port,
|
9
|
+
uri,
|
10
|
+
use_ssl,
|
11
|
+
token,
|
12
|
+
workspace_name,
|
13
|
+
nexpose_console_name,
|
14
|
+
device_ip_to_scan,
|
15
|
+
use_os_filter,
|
16
|
+
module_filter)
|
17
|
+
run_details = ExploitRunDescription.new connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan, use_os_filter, module_filter
|
9
18
|
run_details.verify
|
10
19
|
|
11
20
|
rpc_client = get_new_metasploit_rpc_connection(run_details)
|
@@ -62,6 +71,13 @@ module Metasploit
|
|
62
71
|
puts CONSTANTS::NO_OS_FILTER
|
63
72
|
end
|
64
73
|
|
74
|
+
if run_details.module_filter.nil? || run_details.module_filter.empty?
|
75
|
+
puts CONSTANTS::NO_MODULE_FILTER
|
76
|
+
else
|
77
|
+
puts CONSTANTS::USING_MODULE_FILTER
|
78
|
+
puts run_details.module_filter
|
79
|
+
end
|
80
|
+
|
65
81
|
sploit = rpc_client.call('pro.start_exploit', run_details.get_exploit_options)
|
66
82
|
|
67
83
|
wait_for_task_to_stop_running(rpc_client, CONSTANTS::EXPLOIT_MESSAGE, sploit['task_id'])
|
@@ -1,12 +1,31 @@
|
|
1
1
|
class ExploitRunDescription
|
2
|
-
attr_accessor :connection_url,
|
2
|
+
attr_accessor :connection_url,
|
3
|
+
:port,
|
4
|
+
:uri,
|
5
|
+
:use_ssl,
|
6
|
+
:token,
|
7
|
+
:workspace_name,
|
8
|
+
:nexpose_console_name,
|
9
|
+
:device_ip_to_scan,
|
10
|
+
:use_os_filter,
|
11
|
+
:module_filter
|
12
|
+
|
3
13
|
@@port_value = ''
|
4
14
|
@@uri_value = ''
|
5
15
|
@@use_ssl_value = ''
|
6
16
|
@@device_ip_to_scan_value = ''
|
7
17
|
@@use_os_filter_value = ''
|
8
18
|
|
9
|
-
def initialize(connection_url,
|
19
|
+
def initialize(connection_url,
|
20
|
+
port,
|
21
|
+
uri,
|
22
|
+
use_ssl,
|
23
|
+
token,
|
24
|
+
workspace_name,
|
25
|
+
nexpose_console_name,
|
26
|
+
device_ip_to_scan,
|
27
|
+
use_os_filter,
|
28
|
+
module_filter)
|
10
29
|
self.connection_url = connection_url
|
11
30
|
@@port_value = port
|
12
31
|
@@uri_value = uri
|
@@ -16,6 +35,7 @@ class ExploitRunDescription
|
|
16
35
|
self.nexpose_console_name = nexpose_console_name
|
17
36
|
@@device_ip_to_scan_value = device_ip_to_scan
|
18
37
|
self.use_os_filter = use_os_filter
|
38
|
+
self.module_filter = module_filter
|
19
39
|
end
|
20
40
|
|
21
41
|
def verify
|
@@ -57,7 +77,8 @@ class ExploitRunDescription
|
|
57
77
|
"DS_LimitSessions" => true,
|
58
78
|
"DS_MATCH_VULNS" => true,
|
59
79
|
"DS_MATCH_PORTS" => true,
|
60
|
-
"DS_FilterByOS" => self.use_os_filter
|
80
|
+
"DS_FilterByOS" => self.use_os_filter,
|
81
|
+
"DS_ModuleFilter" => self.module_filter}
|
61
82
|
end
|
62
83
|
|
63
84
|
def device_ip_to_scan
|
@@ -9,7 +9,8 @@ describe 'exploit_run_description' do
|
|
9
9
|
@expected_uri = '/api/1.1'
|
10
10
|
@expected_ssl = false
|
11
11
|
@expected_os_filter = false
|
12
|
-
@
|
12
|
+
@expected_module_filter = 'exploit/windows/smb/psexec'
|
13
|
+
@expected_workspacename = 'workspacename'
|
13
14
|
@expected_nexpose_console_name = 'nexpose_console_name'
|
14
15
|
@expected_webscan_task_id = '12'
|
15
16
|
@expected_import_task_id = '1'
|
@@ -17,7 +18,7 @@ describe 'exploit_run_description' do
|
|
17
18
|
@mock_rpc_client = get_mock_rpc_client
|
18
19
|
@mock_device_ip_to_scan = '127.0.0.1'
|
19
20
|
@mock_device_url_to_scan = "http://#{@mock_device_ip_to_scan}"
|
20
|
-
|
21
|
+
|
21
22
|
@exploit_run_description = ExploitRunDescription.new @expected_connection,
|
22
23
|
@expected_port,
|
23
24
|
@expected_uri,
|
@@ -26,7 +27,8 @@ describe 'exploit_run_description' do
|
|
26
27
|
@expected_workspace_name,
|
27
28
|
@expected_nexpose_console_name,
|
28
29
|
@mock_device_ip_to_scan,
|
29
|
-
@expected_os_filter
|
30
|
+
@expected_os_filter,
|
31
|
+
@expected_module_filter
|
30
32
|
|
31
33
|
end
|
32
34
|
|
@@ -40,6 +42,7 @@ describe 'exploit_run_description' do
|
|
40
42
|
expect(@exploit_run_description.nexpose_console_name).to eq(@expected_nexpose_console_name)
|
41
43
|
expect(@exploit_run_description.device_ip_to_scan).to eq(@mock_device_url_to_scan)
|
42
44
|
expect(@exploit_run_description.use_os_filter).to eq(@expected_os_filter)
|
45
|
+
expect(@exploit_run_description.module_filter).to eq(@expected_module_filter)
|
43
46
|
end
|
44
47
|
|
45
48
|
it 'should use 3790 as default if port is empty string' do
|
data/spec/exploit_spec.rb
CHANGED
@@ -31,6 +31,7 @@ describe 'exploit' do
|
|
31
31
|
@expected_match_vulns = true
|
32
32
|
@expected_match_ports = true
|
33
33
|
@expected_ssl_version ='TLS1'
|
34
|
+
@expected_module_filter = 'exploit/windows/smb/psexec'
|
34
35
|
@mock_rpc_client = get_mock_rpc_client
|
35
36
|
@mock_device_ip_to_scan = '127.0.0.1'
|
36
37
|
@mock_device_url_to_scan = "http://#{@mock_device_ip_to_scan}"
|
@@ -44,22 +45,22 @@ describe 'exploit' do
|
|
44
45
|
.with(expected_options)
|
45
46
|
.and_return(@mock_rpc_client)
|
46
47
|
|
47
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
48
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
48
49
|
end
|
49
50
|
|
50
51
|
it 'should throw an error if no token is passed' do
|
51
|
-
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, '', @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Token is required')
|
52
|
-
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, nil, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Token is required')
|
52
|
+
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, '', @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Token is required')
|
53
|
+
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, nil, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Token is required')
|
53
54
|
end
|
54
55
|
|
55
56
|
it 'should throw an error if no connection url is passed' do
|
56
|
-
expect { Metasploit::Exploit.start('', @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
|
57
|
-
expect { Metasploit::Exploit.start(nil, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
|
57
|
+
expect { Metasploit::Exploit.start('', @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
|
58
|
+
expect { Metasploit::Exploit.start(nil, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Connection URL is required')
|
58
59
|
end
|
59
60
|
|
60
61
|
it 'should throw an error if no ip address is passed' do
|
61
|
-
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, '', @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
|
62
|
-
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, nil, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
|
62
|
+
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, '', @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
|
63
|
+
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, nil, @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Device IP to scan is required')
|
63
64
|
end
|
64
65
|
|
65
66
|
it 'should use 3790 as default if port is empty string' do
|
@@ -69,7 +70,7 @@ describe 'exploit' do
|
|
69
70
|
.with(expected_options)
|
70
71
|
.and_return(@mock_rpc_client)
|
71
72
|
|
72
|
-
Metasploit::Exploit.start(@expected_connection, '', @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
73
|
+
Metasploit::Exploit.start(@expected_connection, '', @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
73
74
|
end
|
74
75
|
end
|
75
76
|
|
@@ -78,21 +79,21 @@ describe 'exploit' do
|
|
78
79
|
expect(@mock_rpc_client).to receive(:call)
|
79
80
|
.with('pro.workspace_add', {'name' => @expected_workspace_name})
|
80
81
|
|
81
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
82
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
82
83
|
end
|
83
84
|
|
84
85
|
it 'should throw an error if workspace name is invalid' do
|
85
|
-
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, '', @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
|
86
|
-
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, nil, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
|
86
|
+
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, '', @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
|
87
|
+
expect { Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, nil, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter) }.to raise_error(StandardError, 'PWNED! Workspace Name is required')
|
87
88
|
end
|
88
89
|
end
|
89
90
|
|
90
91
|
describe 'should skip nexpose import' do
|
91
92
|
it 'should skip the import if nexpose_console variable is empty or nil' do
|
92
|
-
expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan, @expected_use_os_filter)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
|
93
|
-
expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan, @expected_use_os_filter)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
|
94
|
-
expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan, @expected_use_os_filter)}.to_not output(/\[\*\] Importing.../).to_stdout
|
95
|
-
expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan, @expected_use_os_filter)}.to_not output(/\[\*\] Importing...'/).to_stdout
|
93
|
+
expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
|
94
|
+
expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)}.to output(/\[\*\] Nexpose Console option was not passed, skipping Nexpose Import/).to_stdout
|
95
|
+
expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, '', @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)}.to_not output(/\[\*\] Importing.../).to_stdout
|
96
|
+
expect {Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, nil, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)}.to_not output(/\[\*\] Importing...'/).to_stdout
|
96
97
|
end
|
97
98
|
end
|
98
99
|
|
@@ -104,7 +105,7 @@ describe 'exploit' do
|
|
104
105
|
'DS_NEXPOSE_CONSOLE' => @expected_nexpose_console_name,
|
105
106
|
'DS_NEXPOSE_SITE' => @expected_workspace_name})
|
106
107
|
|
107
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
108
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
108
109
|
end
|
109
110
|
|
110
111
|
describe 'wait to be over' do
|
@@ -119,7 +120,7 @@ describe 'exploit' do
|
|
119
120
|
it 'should call to check the status of an import' do
|
120
121
|
expect(@mock_rpc_client).to receive(:call).with('pro.task_status', @expected_import_task_id)
|
121
122
|
|
122
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
123
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
123
124
|
end
|
124
125
|
|
125
126
|
it 'should call to check the status until it is not running' do
|
@@ -135,7 +136,7 @@ describe 'exploit' do
|
|
135
136
|
.once
|
136
137
|
.ordered
|
137
138
|
|
138
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
139
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
139
140
|
end
|
140
141
|
|
141
142
|
it 'should sleep for 3 seconds if the status is still running' do
|
@@ -154,7 +155,7 @@ describe 'exploit' do
|
|
154
155
|
#Expecting 7 because we are mocking 6 above and the global :call mock in get_mock_rpc_client
|
155
156
|
expect(Metasploit::Exploit).to receive(:sleep).with(3).exactly(7).times
|
156
157
|
|
157
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
158
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
158
159
|
end
|
159
160
|
end
|
160
161
|
end
|
@@ -165,7 +166,7 @@ describe 'exploit' do
|
|
165
166
|
.with('pro.start_webscan', {'workspace' => @expected_workspace_name,
|
166
167
|
'DS_URLS' => @mock_device_url_to_scan})
|
167
168
|
|
168
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
169
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
169
170
|
end
|
170
171
|
|
171
172
|
describe 'wait for scan to be over' do
|
@@ -179,7 +180,7 @@ describe 'exploit' do
|
|
179
180
|
it 'should call to check the status of the scan' do
|
180
181
|
expect(@mock_rpc_client).to receive(:call).with('pro.task_status', @expected_webscan_task_id)
|
181
182
|
|
182
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
183
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
183
184
|
end
|
184
185
|
|
185
186
|
it 'should call to check the status until it is not running' do
|
@@ -195,7 +196,7 @@ describe 'exploit' do
|
|
195
196
|
.once
|
196
197
|
.ordered
|
197
198
|
|
198
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
199
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
199
200
|
end
|
200
201
|
|
201
202
|
it 'should sleep for 3 seconds if the status is still running' do
|
@@ -214,7 +215,7 @@ describe 'exploit' do
|
|
214
215
|
#Expecting 7 because we are mocking 6 above and the global :call mock in get_mock_rpc_client
|
215
216
|
expect(Metasploit::Exploit).to receive(:sleep).with(3).exactly(7).times
|
216
217
|
|
217
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
218
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
218
219
|
end
|
219
220
|
end
|
220
221
|
end
|
@@ -232,7 +233,7 @@ describe 'exploit' do
|
|
232
233
|
'DS_MAX_INSTANCES' => @expected_audit_max_instances
|
233
234
|
})
|
234
235
|
|
235
|
-
|
236
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
236
237
|
end
|
237
238
|
|
238
239
|
describe 'wait for audit to be over' do
|
@@ -253,7 +254,7 @@ describe 'exploit' do
|
|
253
254
|
it 'should call to check the status of the audit' do
|
254
255
|
expect(@mock_rpc_client).to receive(:call).with('pro.task_status', @expected_audit_task_id)
|
255
256
|
|
256
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
257
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
257
258
|
end
|
258
259
|
|
259
260
|
it 'should call to check the status until it is not running' do
|
@@ -269,7 +270,7 @@ describe 'exploit' do
|
|
269
270
|
.once
|
270
271
|
.ordered
|
271
272
|
|
272
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
273
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
273
274
|
end
|
274
275
|
|
275
276
|
it 'should sleep for 3 seconds if the status is still running' do
|
@@ -288,7 +289,7 @@ describe 'exploit' do
|
|
288
289
|
#Expecting 7 because we are mocking 6 above and the global :call mock in get_mock_rpc_client
|
289
290
|
expect(Metasploit::Exploit).to receive(:sleep).with(3).exactly(7).times
|
290
291
|
|
291
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
292
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
292
293
|
end
|
293
294
|
end
|
294
295
|
end
|
@@ -297,7 +298,8 @@ describe 'exploit' do
|
|
297
298
|
|
298
299
|
it 'should kick off an exploit' do
|
299
300
|
expect(@mock_rpc_client).to receive(:call)
|
300
|
-
.with('pro.start_exploit', {
|
301
|
+
.with('pro.start_exploit', {
|
302
|
+
"workspace" => @expected_workspace_name,
|
301
303
|
"DS_WHITELIST_HOSTS" => @mock_device_ip_to_scan,
|
302
304
|
"DS_MinimumRank" => @expected_minimum_rank,
|
303
305
|
"DS_EXPLOIT_SPEED" => @expected_exploit_speed,
|
@@ -305,14 +307,17 @@ describe 'exploit' do
|
|
305
307
|
"DS_LimitSessions" => @expected_session_limit,
|
306
308
|
"DS_MATCH_VULNS" => @expected_match_vulns,
|
307
309
|
"DS_MATCH_PORTS" => @expected_match_ports,
|
308
|
-
"DS_FilterByOS" => @expected_use_os_filter
|
310
|
+
"DS_FilterByOS" => @expected_use_os_filter,
|
311
|
+
"DS_ModuleFilter" => @expected_module_filter
|
312
|
+
})
|
309
313
|
|
310
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
314
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
311
315
|
end
|
312
316
|
|
313
317
|
it 'should use a operating system filter if its set to true' do
|
314
318
|
expect(@mock_rpc_client).to receive(:call)
|
315
|
-
.with('pro.start_exploit', {
|
319
|
+
.with('pro.start_exploit', {
|
320
|
+
"workspace" => @expected_workspace_name,
|
316
321
|
"DS_WHITELIST_HOSTS" => @mock_device_ip_to_scan,
|
317
322
|
"DS_MinimumRank" => @expected_minimum_rank,
|
318
323
|
"DS_EXPLOIT_SPEED" => @expected_exploit_speed,
|
@@ -320,9 +325,11 @@ describe 'exploit' do
|
|
320
325
|
"DS_LimitSessions" => @expected_session_limit,
|
321
326
|
"DS_MATCH_VULNS" => @expected_match_vulns,
|
322
327
|
"DS_MATCH_PORTS" => @expected_match_ports,
|
323
|
-
"DS_FilterByOS" => @expected_use_os_filter
|
328
|
+
"DS_FilterByOS" => @expected_use_os_filter,
|
329
|
+
"DS_ModuleFilter" => @expected_module_filter
|
330
|
+
})
|
324
331
|
|
325
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, true)
|
332
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, true, @expected_module_filter)
|
326
333
|
end
|
327
334
|
|
328
335
|
it 'should not use a operating system filter if its set to false' do
|
@@ -335,9 +342,45 @@ describe 'exploit' do
|
|
335
342
|
"DS_LimitSessions" => @expected_session_limit,
|
336
343
|
"DS_MATCH_VULNS" => @expected_match_vulns,
|
337
344
|
"DS_MATCH_PORTS" => @expected_match_ports,
|
338
|
-
"DS_FilterByOS" => false
|
345
|
+
"DS_FilterByOS" => false,
|
346
|
+
"DS_ModuleFilter" => @expected_module_filter
|
347
|
+
})
|
339
348
|
|
340
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, false)
|
349
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, false, @expected_module_filter)
|
350
|
+
end
|
351
|
+
|
352
|
+
it 'should not use a module filter if no modules are passed' do
|
353
|
+
expect(@mock_rpc_client).to receive(:call)
|
354
|
+
.with('pro.start_exploit', {"workspace" => @expected_workspace_name,
|
355
|
+
"DS_WHITELIST_HOSTS" => @mock_device_ip_to_scan,
|
356
|
+
"DS_MinimumRank" => @expected_minimum_rank,
|
357
|
+
"DS_EXPLOIT_SPEED" => @expected_exploit_speed,
|
358
|
+
"DS_EXPLOIT_TIMEOUT" => @expected_exploit_timeout,
|
359
|
+
"DS_LimitSessions" => @expected_session_limit,
|
360
|
+
"DS_MATCH_VULNS" => @expected_match_vulns,
|
361
|
+
"DS_MATCH_PORTS" => @expected_match_ports,
|
362
|
+
"DS_FilterByOS" => false,
|
363
|
+
"DS_ModuleFilter" => ''
|
364
|
+
})
|
365
|
+
|
366
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, false, '')
|
367
|
+
end
|
368
|
+
|
369
|
+
it 'should use a module filter if a module is passed' do
|
370
|
+
expect(@mock_rpc_client).to receive(:call)
|
371
|
+
.with('pro.start_exploit', {"workspace" => @expected_workspace_name,
|
372
|
+
"DS_WHITELIST_HOSTS" => @mock_device_ip_to_scan,
|
373
|
+
"DS_MinimumRank" => @expected_minimum_rank,
|
374
|
+
"DS_EXPLOIT_SPEED" => @expected_exploit_speed,
|
375
|
+
"DS_EXPLOIT_TIMEOUT" => @expected_exploit_timeout,
|
376
|
+
"DS_LimitSessions" => @expected_session_limit,
|
377
|
+
"DS_MATCH_VULNS" => @expected_match_vulns,
|
378
|
+
"DS_MATCH_PORTS" => @expected_match_ports,
|
379
|
+
"DS_FilterByOS" => false,
|
380
|
+
"DS_ModuleFilter" => @expected_module_filter
|
381
|
+
})
|
382
|
+
|
383
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, false, @expected_module_filter)
|
341
384
|
end
|
342
385
|
|
343
386
|
describe 'wait for exploit to be over' do
|
@@ -352,14 +395,16 @@ describe 'exploit' do
|
|
352
395
|
"DS_LimitSessions" => @expected_session_limit,
|
353
396
|
"DS_MATCH_VULNS" => @expected_match_vulns,
|
354
397
|
"DS_MATCH_PORTS" => @expected_match_ports,
|
355
|
-
"DS_FilterByOS" => @expected_use_os_filter
|
398
|
+
"DS_FilterByOS" => @expected_use_os_filter,
|
399
|
+
"DS_ModuleFilter" => @expected_module_filter
|
400
|
+
})
|
356
401
|
.and_return({'task_id' => @expected_exploit_task_id})
|
357
402
|
end
|
358
403
|
|
359
404
|
it 'should call to check the status of the exploit' do
|
360
405
|
expect(@mock_rpc_client).to receive(:call).with('pro.task_status', @expected_exploit_task_id)
|
361
406
|
|
362
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
407
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
363
408
|
end
|
364
409
|
|
365
410
|
it 'should call to check the status until it is not running' do
|
@@ -375,7 +420,7 @@ describe 'exploit' do
|
|
375
420
|
.once
|
376
421
|
.ordered
|
377
422
|
|
378
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
423
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
379
424
|
end
|
380
425
|
|
381
426
|
it 'should sleep for 3 seconds if the status is still running' do
|
@@ -394,7 +439,7 @@ describe 'exploit' do
|
|
394
439
|
#Expecting 7 because we are mocking 6 above and the global :call mock in get_mock_rpc_client
|
395
440
|
expect(Metasploit::Exploit).to receive(:sleep).with(3).exactly(7).times
|
396
441
|
|
397
|
-
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter)
|
442
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_use_os_filter, @expected_module_filter)
|
398
443
|
end
|
399
444
|
end
|
400
445
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: metasploit-runner
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.9
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nathan Gibson
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2015-02-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: msfrpc-client
|