metasploit_data_models 4.0.2 → 4.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,332 +0,0 @@
1
- RSpec.describe PasswordIsStrongValidator do
2
-
3
- subject(:password_validator) do
4
- described_class.new(
5
- :attributes => attributes
6
- )
7
- end
8
-
9
- let(:attribute) do
10
- :params
11
- end
12
-
13
- let(:attributes) do
14
- attribute
15
- end
16
-
17
-
18
- context '#contains_repetition?' do
19
-
20
- it 'should return true for aaaa' do
21
- expect(password_validator.send(:contains_repetition?, 'aaaa')).to eq(true)
22
- end
23
-
24
- it 'should return true for ababab' do
25
- expect(password_validator.send(:contains_repetition?, 'ababab')).to eq(true)
26
- end
27
-
28
- it 'should return true for abcabcabc' do
29
- expect(password_validator.send(:contains_repetition?, 'abcabcabc')).to eq(true)
30
- end
31
-
32
- it 'should return true for abcdabcd' do
33
- expect(password_validator.send(:contains_repetition?, 'abcdabcd')).to eq(true)
34
- end
35
-
36
- it 'should return false for abcd1234abcd' do
37
- expect(password_validator.send(:contains_repetition?, 'abcd1234abcd')).to eq(false)
38
- end
39
-
40
- end
41
-
42
-
43
-
44
- context '#mutate_pass' do
45
-
46
- variants = [
47
- "metasp1oit",
48
- "me7asploi7",
49
- "me7asp1oi7",
50
- "meta$ploit",
51
- "meta$p1oit",
52
- "me7a$ploi7",
53
- "me7a$p1oi7",
54
- "m3tasploit",
55
- "m3tasp1oit",
56
- "m37asploi7",
57
- "m37asp1oi7",
58
- "m3ta$ploit",
59
- "m3ta$p1oit",
60
- "m37a$ploi7",
61
- "m37a$p1oi7",
62
- "metaspl0it",
63
- "metasp10it",
64
- "me7aspl0i7",
65
- "me7asp10i7",
66
- "meta$pl0it",
67
- "meta$p10it",
68
- "me7a$pl0i7",
69
- "me7a$p10i7",
70
- "m3taspl0it",
71
- "m3tasp10it",
72
- "m37aspl0i7",
73
- "m37asp10i7",
74
- "m3ta$pl0it",
75
- "m3ta$p10it",
76
- "m37a$pl0i7",
77
- "m37a$p10i7",
78
- "met@sploit",
79
- "met@sp1oit",
80
- "me7@sploi7",
81
- "me7@sp1oi7",
82
- "met@$ploit",
83
- "met@$p1oit",
84
- "me7@$ploi7",
85
- "me7@$p1oi7",
86
- "m3t@sploit",
87
- "m3t@sp1oit",
88
- "m37@sploi7",
89
- "m37@sp1oi7",
90
- "m3t@$ploit",
91
- "m3t@$p1oit",
92
- "m37@$ploi7",
93
- "m37@$p1oi7",
94
- "met@spl0it",
95
- "met@sp10it",
96
- "me7@spl0i7",
97
- "me7@sp10i7",
98
- "met@$pl0it",
99
- "met@$p10it",
100
- "me7@$pl0i7",
101
- "me7@$p10i7",
102
- "m3t@spl0it",
103
- "m3t@sp10it",
104
- "m37@spl0i7",
105
- "m37@sp10i7",
106
- "m3t@$pl0it",
107
- "m3t@$p10it",
108
- "m37@$pl0i7",
109
- "m37@$p10i7"
110
- ]
111
-
112
- it 'should return all the expected mutations of a password' do
113
- expect(password_validator.send(:mutate_pass, 'metasploit')).to eq(variants)
114
- end
115
-
116
- end
117
-
118
-
119
- context '#is_common_password?' do
120
-
121
- PasswordIsStrongValidator::COMMON_PASSWORDS.each do |password|
122
-
123
- it "should return true for #{password}" do
124
- expect(password_validator.send(:is_common_password?, password)).to eq(true)
125
- end
126
-
127
- it "should return true for #{password}!" do
128
- expect(password_validator.send(:is_common_password?, "#{password}!")).to eq(true)
129
- end
130
-
131
- it "should return true for #{password}1" do
132
- expect(password_validator.send(:is_common_password?, "#{password}1")).to eq(true)
133
- end
134
-
135
- it "should return true for #{password}9" do
136
- expect(password_validator.send(:is_common_password?, "#{password}1")).to eq(true)
137
- end
138
-
139
- it "should return true for #{password}99" do
140
- expect(password_validator.send(:is_common_password?, "#{password}12")).to eq(true)
141
- end
142
-
143
- it "should return true for #{password}123" do
144
- expect(password_validator.send(:is_common_password?, "#{password}123")).to eq(true)
145
- end
146
-
147
- it "should return true for #{password}123!" do
148
- expect(password_validator.send(:is_common_password?, "#{password}123!")).to eq(true)
149
- end
150
-
151
- end
152
-
153
- it "should return true for r00t" do
154
- expect(password_validator.send(:is_common_password?, "r00t")).to eq(true)
155
- end
156
-
157
- it "should return true for m3t@spl0it" do
158
- expect(password_validator.send(:is_common_password?, "m3t@spl0it")).to eq(true)
159
- end
160
-
161
- it "should return true for m3t@spl0it123!" do
162
- expect(password_validator.send(:is_common_password?, "m3t@spl0it123!")).to eq(true)
163
- end
164
- end
165
-
166
- context '#contains_username' do
167
-
168
- it 'should return true if username and password are the same' do
169
- expect(password_validator.send(:contains_username?, 'admin', 'admin')).to eq(true)
170
- end
171
-
172
- it 'should return true if the password contains the username as part of it' do
173
- expect(password_validator.send(:contains_username?, 'admin', '123admin123')).to eq(true)
174
- end
175
-
176
- it 'should return false otherwise' do
177
- expect(password_validator.send(:contains_username?, 'admin', 'foobar')).to eq(false)
178
- end
179
- end
180
-
181
- context '#is_simple?' do
182
-
183
- it "should return true if no number" do
184
- expect(password_validator.send(:is_simple?, "b@carat")).to eq(true)
185
- end
186
-
187
- it "should return true if no special char" do
188
- expect(password_validator.send(:is_simple?, "bacarat4")).to eq(true)
189
- end
190
-
191
- it "should return true if no letters" do
192
- expect(password_validator.send(:is_simple?, "1337")).to eq(true)
193
- end
194
-
195
- PasswordIsStrongValidator::SPECIAL_CHARS.each_char do |char|
196
-
197
- it "should return false with a #{char}" do
198
- expect(password_validator.send(:is_simple?, "bacarat4#{char}")).to eq(false)
199
- end
200
- end
201
- end
202
-
203
- context '#validate_each' do
204
-
205
- subject(:errors) do
206
- record.errors[attribute]
207
- end
208
-
209
- def validate_each
210
- password_validator.validate_each(record, attribute, value)
211
- end
212
-
213
- let(:record) {
214
- record_class.new.tap { |instance|
215
- instance.username = 'admin'
216
- }
217
- }
218
-
219
- let(:record_class) {
220
- Class.new do
221
- include ActiveModel::Validations
222
-
223
- #
224
- # Attributes
225
- #
226
-
227
- attr_accessor :username
228
- end
229
- }
230
-
231
-
232
- context 'with a password with no special char' do
233
- let(:value) { "bacarat4" }
234
-
235
- it 'should record an error' do
236
- validate_each
237
- expect(errors).not_to be_empty
238
- end
239
-
240
- it 'should have an error of "must contain letters, numbers, and at least one special character"' do
241
- validate_each
242
- expect(errors.include?("must contain letters, numbers, and at least one special character")).to eq(true)
243
- end
244
- end
245
-
246
- context 'with a password with no numbers' do
247
- let(:value) { "b@carat" }
248
-
249
- it 'should record an error' do
250
- validate_each
251
- expect(errors).not_to be_empty
252
- end
253
-
254
- it 'should have an error of "must contain letters, numbers, and at least one special character"' do
255
- validate_each
256
- expect(errors.include?("must contain letters, numbers, and at least one special character")).to eq(true)
257
- end
258
- end
259
-
260
- context 'with a password with no letters' do
261
- let(:value) { "1337@" }
262
-
263
- it 'should record an error' do
264
- validate_each
265
- expect(errors).not_to be_empty
266
- end
267
-
268
- it 'should have an error of "must contain letters, numbers, and at least one special character"' do
269
- validate_each
270
- expect(errors.include?("must contain letters, numbers, and at least one special character")).to eq(true)
271
- end
272
- end
273
-
274
- context 'with a password containing the username' do
275
- let(:value) { "admin1" }
276
-
277
- it 'should record an error' do
278
- validate_each
279
- expect(errors).not_to be_empty
280
- end
281
-
282
- it 'should have an error of "must not contain the username"' do
283
- validate_each
284
- expect(errors.include?("must not contain the username")).to eq(true)
285
- end
286
- end
287
-
288
- context 'with a common password' do
289
- let(:value) { "password" }
290
-
291
- it 'should record an error' do
292
- validate_each
293
- expect(errors).not_to be_empty
294
- end
295
-
296
- it 'should have an error of "must not be a common password"' do
297
- validate_each
298
- expect(errors.include?("must not be a common password")).to eq(true)
299
- end
300
- end
301
-
302
- context 'with a mutated common password' do
303
- let(:value) { "P@ssw0rd1!" }
304
-
305
- it 'should record an error' do
306
- validate_each
307
- expect(errors).not_to be_empty
308
- end
309
-
310
- it 'should have an error of "must not be a common password"' do
311
- validate_each
312
- expect(errors.include?("must not be a common password")).to eq(true)
313
- end
314
- end
315
-
316
- context 'with a repeated pattern' do
317
- let(:value) { "abcdabcd" }
318
-
319
- it 'should record an error' do
320
- validate_each
321
- expect(errors).not_to be_empty
322
- end
323
-
324
- it 'should have an error of "must not be a predictable sequence of characters"' do
325
- validate_each
326
- expect(errors.include?("must not be a predictable sequence of characters")).to eq(true)
327
- end
328
- end
329
-
330
- end
331
-
332
- end