metasploit-runner 0.2.3 → 0.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e7e2d2dec14bd740b81ca421a7a055a7532c52dc
-  data.tar.gz: 82b61166b05fac46c87965cc3bf479305d45e0c7
+  metadata.gz: 7c64681c2203eed651d897863f6acd420abed4d9
+  data.tar.gz: 68228e2fe22e7bea7358d0a25bfb03aa85bbdf28
 SHA512:
-  metadata.gz: aa4689843ef2cd354dd0c735c0ddcf44f4ab2c9e8b249c14e90c0c08f74263dfeb6f821f17be7152138637ed4a6963c238f4b6f6a909c7b02e5e1780718a0ff6
-  data.tar.gz: e4cd97fa3a0bfcbf178e8c7e4a4e02b2361c54dc5db4359f29d214340bc9b6062a3895f9af29c6c2a8bbab72423ce64cc98f611ba7ba70b785bfb9482ca237c0
+  metadata.gz: 773aa5020c5fd2b2b930e42a89df9b633bbed3d908c76510e5bb31f9719c221129bd6d2a3c4af724a29626b8ffcb462045f86babef3c776f02c90cfd300fa214
+  data.tar.gz: b5f95158a6bd8a2a7cfed821ce152819b0c788318ce41e26e900d8b8e8432e815e29ece8f75f4fffdf1f582eb5094eb692bb94fff04dafcbcd00e69d0fe8e55e

data/.gitignore

@@ -21,5 +21,6 @@ tmp
 *.a
 mkmf.log
 .idea/
+*.iml
 config/exploit.yml
 config/explout.yml.bak

data/.travis.yml

@@ -1,6 +1,15 @@
 language: ruby
+
 rvm:
 - 2.1.2
+- 2.1.5
+- 2.2.0
+
+before_install:
+  # TODO: Newer versions of rubygems on Travis CI fail on RSpec (see http://stackoverflow.com/a/33800008/4630536). Remove the forced rubygems version when this is fixed.
+  - gem update --system 2.4.8
+  - gem --version
+
 deploy:
   provider: rubygems
   api_key:

data/MetasploitPenTestScript.gemspec

@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency 'msfrpc-client', '1.0.2'
 
-  spec.add_development_dependency 'bundler', '~> 1.6'
+  spec.add_development_dependency 'bundler'
   spec.add_development_dependency 'rake'
-  spec.add_development_dependency 'rspec', '3.0.0'
+  spec.add_development_dependency 'rspec'
 end

data/bin/exploit

@@ -3,17 +3,22 @@
 require 'metasploit/exploit'
 
 $stdout.sync = true
-Metasploit::Exploit.start({
-  'connection_url' => ARGV[0],
-  'port' => ARGV[1],
-  'uri' => ARGV[2],
-  'use_ssl' => ARGV[3],
-  'token' => ARGV[4],
-  'workspace_name' => ARGV[5],
-  'nexpose_console_name' => ARGV[6],
-  'device_ip_to_scan' => ARGV[7],
-  'use_os_filter' => ARGV[8],
-  'module_filter' => ARGV[9],
-  'report_type' => ARGV[10],
-  'whitelist_hosts' => ARGV[11]
-})
+
+if ARGV.grep(/^--/).empty?
+  Metasploit::Exploit.start({
+      'connection_url' => ARGV[0],
+      'port' => ARGV[1],
+      'uri' => ARGV[2],
+      'use_ssl' => ARGV[3],
+      'token' => ARGV[4],
+      'workspace_name' => ARGV[5],
+      'nexpose_console_name' => ARGV[6],
+      'device_ip_to_scan' => ARGV[7],
+      'use_os_filter' => ARGV[8],
+      'module_filter' => ARGV[9],
+      'report_type' => ARGV[10],
+      'whitelist_hosts' => ARGV[11]
+  })
+else
+  Metasploit::Exploit.start(ARGV)
+end

data/lib/MetasploitPenTestScript/version.rb

@@ -1,3 +1,3 @@
 module MetasploitPenTestScript
-  VERSION = "0.2.3"
+  VERSION = "0.2.4"
 end

data/lib/metasploit/command_line_argument_parser.rb

@@ -0,0 +1,75 @@
+require 'optparse'
+
+class CommandLineArgumentParser
+  def self.parse(args)
+    options = {}
+    options['use_ssl'] = false
+    options['use_os_filter'] = false
+    options['exploit_speed'] = 5
+    options['limit_sessions'] = false
+    options['port'] = ''
+    options['uri'] = ''
+
+    opt_parser = OptionParser.new do |opts|
+      opts.banner = 'Usage: exploit [options]'
+
+      opts.separator ''
+      opts.separator 'Specific options:'
+
+      opts.on('--port PORT', 'Metasploit port') do |port|
+        options['port'] = port
+      end
+
+      opts.on('--connection-url URL', 'Metasploit URL') do |url|
+        options['connection_url'] = url
+      end
+
+      opts.on('--use-ssl', 'Use SSL when scanning') do
+        options['use_ssl'] = true
+      end
+
+      opts.on('--token TOKEN', 'Access token for Metasploit') do |token|
+        options['token'] = token
+      end
+
+      opts.on('--workspace-name NAME', 'Name of workspace') do |workspace|
+        options['workspace_name'] = workspace
+      end
+
+      opts.on('--nexpose-console-name NAME', 'Name of Nexpose console') do |console|
+        options['nexpose_console_name'] = console
+      end
+
+      opts.on('--device-ip-to-scan IP-ADDRESS', 'IP address of device to scan') do |ip|
+        options['device_ip_to_scan'] = ip
+      end
+
+      opts.on('--use-os-filter', 'Use OS filter') do
+        options['use_os_filter'] = true
+      end
+
+      opts.on('--module-filter MODULES', 'Comma-separated list of modules to use in scan') do |modules|
+        options['module_filter'] = modules
+      end
+
+      opts.on('--report-type TYPE', 'Type of report to generate') do |type|
+        options['report_type'] = type.to_sym
+      end
+
+      opts.on('--whitelist-hosts HOSTS', 'IP addresses or CIDR blocks to scan') do |whitelist|
+        options['whitelist_hosts'] = whitelist
+      end
+
+      opts.on('--exploit-speed SPEED', 'Exploit speed') do |speed|
+        options['exploit_speed'] = speed
+      end
+
+      opts.on('--limit-sessions', 'Limit sessions') do
+        options['limit_sessions'] = true
+      end
+    end
+
+    opt_parser.parse!(args)
+    options
+  end
+end

data/lib/metasploit/exploit.rb

@@ -78,14 +78,15 @@ module Metasploit
     end
 
     def self.do_metasploit_report(rpc_client, run_details)
-      if run_details.report_type.length > 0
-        puts "Generating a #{run_details.report_type} Report"
+      report_type = run_details.report_type
+      if report_type.nil? || report_type.empty?
+        puts CONSTANTS::NO_REPORT_TYPE_MESSAGE
+      else
+        puts "Generating a #{report_type} Report"
 
         report = rpc_client.call('pro.start_report', run_details.get_report_options)
 
         self.write_report_after_generation(rpc_client, run_details, report['report_id'])
-      else
-        puts CONSTANTS::NO_REPORT_TYPE_MESSAGE
       end
     end
 

data/lib/metasploit/exploit_run_description.rb

@@ -1,4 +1,5 @@
 require 'yaml'
+require 'metasploit/command_line_argument_parser'
 
 class ExploitRunDescription
   attr_accessor :connection_url,
@@ -12,7 +13,9 @@ class ExploitRunDescription
     :use_os_filter,
     :module_filter,
     :report_type,
-    :whitelist_hosts
+    :whitelist_hosts,
+    :exploit_speed,
+    :limit_sessions
 
   @@port_value = ''
   @@uri_value = ''
@@ -23,7 +26,10 @@ class ExploitRunDescription
   def initialize(options)
     if File.file?('config/exploit.yml')
       options = YAML.load_file('config/exploit.yml')
+    elsif options.instance_of? Array
+      options = CommandLineArgumentParser.parse(options)
     end
+
     self.connection_url = options['connection_url']
     @@port_value = options['port']
     @@uri_value = options['uri']
@@ -36,6 +42,8 @@ class ExploitRunDescription
     self.module_filter = options['module_filter']
     self.report_type = options['report_type']
     self.whitelist_hosts = options['whitelist_hosts']
+    self.exploit_speed = options['exploit_speed'] || 5
+    self.limit_sessions = options['limit_sessions'].nil? ? true : options['limit_sessions']
   end
 
   def verify
@@ -74,9 +82,9 @@ class ExploitRunDescription
     { "workspace" => self.workspace_name,
       "DS_WHITELIST_HOSTS" => self.whitelist_hosts,
       "DS_MinimumRank" => "great",
-      "DS_EXPLOIT_SPEED" => 5,
+      "DS_EXPLOIT_SPEED" => self.exploit_speed,
       "DS_EXPLOIT_TIMEOUT" => 2,
-      "DS_LimitSessions" => true,
+      "DS_LimitSessions" => self.limit_sessions,
       "DS_MATCH_VULNS" => true,
       "DS_MATCH_PORTS" => true,
       "DS_FilterByOS" => self.use_os_filter,
@@ -147,7 +155,7 @@ class ExploitRunDescription
   end
 
   def to_bool(str)
-    str == 'true'
+    str == true || str == 'true'
   end
 
 end

data/spec/command_line_argument_parser_spec.rb

@@ -0,0 +1,106 @@
+require 'metasploit/command_line_argument_parser'
+
+describe 'command_line_argument_parser' do
+  describe 'parse' do
+    before(:each) do
+      # noinspection RubyStringKeysInHashInspection
+      @expected_arguments = {
+        '--connection-url' => 'http://test.connection',
+        '--port' => '1234',
+        '--token' => 'testtoken',
+        '--use-ssl' => nil,
+        '--use-os-filter' => nil,
+        '--module-filter' => 'exploit/blah1,exploit/blah2',
+        '--report-type' => 'fisma',
+        '--workspace-name' => 'some-workspace',
+        '--nexpose-console-name' => 'some-console',
+        '--device-ip-to-scan' => '1.2.3.4',
+        '--whitelist-hosts' => '1.2.3.0/24',
+        '--exploit-speed' => '200',
+        '--limit-sessions' => nil,
+      }
+
+      @command_line_argument_parser = CommandLineArgumentParser.parse(hash_to_array(@expected_arguments))
+    end
+
+    it 'should parse --connection-url' do
+      expect(@command_line_argument_parser['connection_url']).to eq(@expected_arguments['--connection-url'])
+    end
+
+    it 'should parse --port' do
+      expect(@command_line_argument_parser['port']).to eq(@expected_arguments['--port'])
+    end
+
+    it 'should parse --token' do
+      expect(@command_line_argument_parser['token']).to eq(@expected_arguments['--token'])
+    end
+
+    it 'should parse --use-ssl' do
+      expect(@command_line_argument_parser['use_ssl']).to eq(true)
+    end
+
+    it 'should pick appropriate default when --use-ssl not present' do
+      @expected_arguments.delete '--use-ssl'
+      @command_line_argument_parser = CommandLineArgumentParser.parse(hash_to_array(@expected_arguments))
+      expect(@command_line_argument_parser['use_ssl']).to eq(false)
+    end
+
+    it 'should parse --use-os-filter' do
+      expect(@command_line_argument_parser['use_os_filter']).to eq(true)
+    end
+
+    it 'should pick appropriate default when --use-os-filter not present' do
+      @expected_arguments.delete '--use-os-filter'
+      @command_line_argument_parser = CommandLineArgumentParser.parse(hash_to_array(@expected_arguments))
+      expect(@command_line_argument_parser['use_os_filter']).to eq(false)
+    end
+
+    it 'should parse --module-filter' do
+      expect(@command_line_argument_parser['module_filter']).to eq(@expected_arguments['--module-filter'])
+    end
+
+    it 'should parse --report-type' do
+      expect(@command_line_argument_parser['report_type']).to eq(@expected_arguments['--report-type'].to_sym)
+    end
+
+    it 'should parse --workspace-name' do
+      expect(@command_line_argument_parser['workspace_name']).to eq(@expected_arguments['--workspace-name'])
+    end
+
+    it 'should parse --nexpose-console-name' do
+      expect(@command_line_argument_parser['nexpose_console_name']).to eq(@expected_arguments['--nexpose-console-name'])
+    end
+
+    it 'should parse --device-ip-to-scan' do
+      expect(@command_line_argument_parser['device_ip_to_scan']).to eq(@expected_arguments['--device-ip-to-scan'])
+    end
+
+    it 'should parse --whitelist-hosts' do
+      expect(@command_line_argument_parser['whitelist_hosts']).to eq(@expected_arguments['--whitelist-hosts'])
+    end
+
+    it 'should parse --exploit-speed' do
+      expect(@command_line_argument_parser['exploit_speed']).to eq(@expected_arguments['--exploit-speed'])
+    end
+
+    it 'should pick appropriate default when --exploit-speed not present' do
+      @expected_arguments.delete '--exploit-speed'
+      @command_line_argument_parser = CommandLineArgumentParser.parse(hash_to_array(@expected_arguments))
+      expect(@command_line_argument_parser['exploit_speed']).to eq(5)
+    end
+
+    it 'should parse --limit-sessions' do
+      expect(@command_line_argument_parser['limit_sessions']).to eq(true)
+    end
+
+    it 'should pick appropriate default when --limit-sessions not present' do
+      @expected_arguments.delete '--limit-sessions'
+      @command_line_argument_parser = CommandLineArgumentParser.parse(hash_to_array(@expected_arguments))
+      expect(@command_line_argument_parser['limit_sessions']).to eq(false)
+    end
+  end
+
+  def hash_to_array(hash)
+    hash.map { |key, value| [key, value] }.flatten.select { |val| !val.nil? }
+  end
+end

data/spec/exploit_run_description_spec.rb

@@ -178,6 +178,11 @@ describe 'exploit_run_description' do
         @exploit_run_description.workspace_name = nil
         expect { @exploit_run_description.verify }.to raise_error(StandardError, CONSTANTS::REQUIRED_WORKSPACE_MESSAGE)
       end
+
+      it 'should handle Array of command-line options' do
+        @exploit_run_description = ExploitRunDescription.new %w(--port 12345)
+        expect(@exploit_run_description.port).to eq('12345')
+      end
     end
   end
 

data/spec/exploit_spec.rb

@@ -53,6 +53,22 @@ describe 'exploit' do
         'report_type' => @expected_report_type,
         'whitelist_hosts' => @mock_whitelist_hosts
       }
+
+      # noinspection RubyStringKeysInHashInspection
+      @command_line_arguments = {
+          '--connection-url' => 'http://test.connection',
+          '--port' => '1234',
+          '--token' => 'testtoken',
+          '--use-ssl' => nil,
+          '--use-os-filter' => nil,
+          '--module-filter' => 'exploit/blah1,exploit/blah2',
+          '--report-type' => 'fisma',
+          '--workspace-name' => 'some-workspace',
+          '--nexpose-console-name' => 'some-console',
+          '--device-ip-to-scan' => '1.2.3.4',
+          '--whitelist-hosts' => '1.2.3.0/24',
+          '--exploit-speed' => '200',
+      }
     end
 
     describe 'get connection' do
@@ -329,6 +345,17 @@ describe 'exploit' do
 
         Metasploit::Exploit.start(@options)
       end
+
+      it 'should skip report if report_type not specified' do
+        expect(@mock_rpc_client).to_not receive(:call).with('pro.start_report', anything)
+
+        @options['report_type'] = ''
+        @options['report_type'] = nil
+        Metasploit::Exploit.start(@options)
+
+        @command_line_arguments.delete '--report-type'
+        Metasploit::Exploit.start(hash_to_array(@command_line_arguments))
+      end
     end
 
     describe 'start an audit' do
@@ -530,6 +557,24 @@ describe 'exploit' do
         Metasploit::Exploit.start(options)
       end
 
+      it 'should set configuration properties based on command-line arguments' do
+        expect(@mock_rpc_client).to receive(:call)
+                                    .with('pro.start_exploit', {
+                                      "workspace" => @command_line_arguments['--workspace-name'],
+                                      "DS_WHITELIST_HOSTS" => @command_line_arguments['--whitelist-hosts'],
+                                      "DS_MinimumRank" => 'great',
+                                      "DS_EXPLOIT_SPEED" => @command_line_arguments['--exploit-speed'],
+                                      "DS_EXPLOIT_TIMEOUT" => 2,
+                                      "DS_LimitSessions" => false,
+                                      "DS_MATCH_VULNS" => true,
+                                      "DS_MATCH_PORTS" => true,
+                                      "DS_FilterByOS" => true,
+                                      "DS_ModuleFilter" => @command_line_arguments['--module-filter']
+                                    })
+
+        Metasploit::Exploit.start(hash_to_array(@command_line_arguments))
+      end
+
       describe 'wait for exploit to be over' do
         before(:each) do
 
@@ -647,3 +692,7 @@ def get_mock_rpc_client
 
   mock_rpc_client
 end
+
+def hash_to_array(hash)
+  hash.map { |key, value| [key, value] }.flatten.select { |val| !val.nil? }
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: metasploit-runner
 version: !ruby/object:Gem::Version
-  version: 0.2.3
+  version: 0.2.4
 platform: ruby
 authors:
 - Nathan Gibson
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-09-04 00:00:00.000000000 Z
+date: 2016-01-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: msfrpc-client
@@ -28,16 +28,16 @@ dependencies:
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -56,16 +56,16 @@ dependencies:
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 3.0.0
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 3.0.0
+        version: '0'
 description: ''
 email:
 - amngibson@gmail.com
@@ -86,9 +86,11 @@ files:
 - config/exploit.yml.example
 - lib/MetasploitPenTestScript.rb
 - lib/MetasploitPenTestScript/version.rb
+- lib/metasploit/command_line_argument_parser.rb
 - lib/metasploit/constants.rb
 - lib/metasploit/exploit.rb
 - lib/metasploit/exploit_run_description.rb
+- spec/command_line_argument_parser_spec.rb
 - spec/exploit_config_spec.rb
 - spec/exploit_run_description_spec.rb
 - spec/exploit_spec.rb
@@ -118,6 +120,7 @@ signing_key:
 specification_version: 4
 summary: Script to run automated Metaspolit Penetration Tests.
 test_files:
+- spec/command_line_argument_parser_spec.rb
 - spec/exploit_config_spec.rb
 - spec/exploit_run_description_spec.rb
 - spec/exploit_spec.rb