metasploit_data_models 4.0.2 → 4.1.4

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,332 +0,0 @@
1
- RSpec.describe PasswordIsStrongValidator do
2
-
3
- subject(:password_validator) do
4
- described_class.new(
5
- :attributes => attributes
6
- )
7
- end
8
-
9
- let(:attribute) do
10
- :params
11
- end
12
-
13
- let(:attributes) do
14
- attribute
15
- end
16
-
17
-
18
- context '#contains_repetition?' do
19
-
20
- it 'should return true for aaaa' do
21
- expect(password_validator.send(:contains_repetition?, 'aaaa')).to eq(true)
22
- end
23
-
24
- it 'should return true for ababab' do
25
- expect(password_validator.send(:contains_repetition?, 'ababab')).to eq(true)
26
- end
27
-
28
- it 'should return true for abcabcabc' do
29
- expect(password_validator.send(:contains_repetition?, 'abcabcabc')).to eq(true)
30
- end
31
-
32
- it 'should return true for abcdabcd' do
33
- expect(password_validator.send(:contains_repetition?, 'abcdabcd')).to eq(true)
34
- end
35
-
36
- it 'should return false for abcd1234abcd' do
37
- expect(password_validator.send(:contains_repetition?, 'abcd1234abcd')).to eq(false)
38
- end
39
-
40
- end
41
-
42
-
43
-
44
- context '#mutate_pass' do
45
-
46
- variants = [
47
- "metasp1oit",
48
- "me7asploi7",
49
- "me7asp1oi7",
50
- "meta$ploit",
51
- "meta$p1oit",
52
- "me7a$ploi7",
53
- "me7a$p1oi7",
54
- "m3tasploit",
55
- "m3tasp1oit",
56
- "m37asploi7",
57
- "m37asp1oi7",
58
- "m3ta$ploit",
59
- "m3ta$p1oit",
60
- "m37a$ploi7",
61
- "m37a$p1oi7",
62
- "metaspl0it",
63
- "metasp10it",
64
- "me7aspl0i7",
65
- "me7asp10i7",
66
- "meta$pl0it",
67
- "meta$p10it",
68
- "me7a$pl0i7",
69
- "me7a$p10i7",
70
- "m3taspl0it",
71
- "m3tasp10it",
72
- "m37aspl0i7",
73
- "m37asp10i7",
74
- "m3ta$pl0it",
75
- "m3ta$p10it",
76
- "m37a$pl0i7",
77
- "m37a$p10i7",
78
- "met@sploit",
79
- "met@sp1oit",
80
- "me7@sploi7",
81
- "me7@sp1oi7",
82
- "met@$ploit",
83
- "met@$p1oit",
84
- "me7@$ploi7",
85
- "me7@$p1oi7",
86
- "m3t@sploit",
87
- "m3t@sp1oit",
88
- "m37@sploi7",
89
- "m37@sp1oi7",
90
- "m3t@$ploit",
91
- "m3t@$p1oit",
92
- "m37@$ploi7",
93
- "m37@$p1oi7",
94
- "met@spl0it",
95
- "met@sp10it",
96
- "me7@spl0i7",
97
- "me7@sp10i7",
98
- "met@$pl0it",
99
- "met@$p10it",
100
- "me7@$pl0i7",
101
- "me7@$p10i7",
102
- "m3t@spl0it",
103
- "m3t@sp10it",
104
- "m37@spl0i7",
105
- "m37@sp10i7",
106
- "m3t@$pl0it",
107
- "m3t@$p10it",
108
- "m37@$pl0i7",
109
- "m37@$p10i7"
110
- ]
111
-
112
- it 'should return all the expected mutations of a password' do
113
- expect(password_validator.send(:mutate_pass, 'metasploit')).to eq(variants)
114
- end
115
-
116
- end
117
-
118
-
119
- context '#is_common_password?' do
120
-
121
- PasswordIsStrongValidator::COMMON_PASSWORDS.each do |password|
122
-
123
- it "should return true for #{password}" do
124
- expect(password_validator.send(:is_common_password?, password)).to eq(true)
125
- end
126
-
127
- it "should return true for #{password}!" do
128
- expect(password_validator.send(:is_common_password?, "#{password}!")).to eq(true)
129
- end
130
-
131
- it "should return true for #{password}1" do
132
- expect(password_validator.send(:is_common_password?, "#{password}1")).to eq(true)
133
- end
134
-
135
- it "should return true for #{password}9" do
136
- expect(password_validator.send(:is_common_password?, "#{password}1")).to eq(true)
137
- end
138
-
139
- it "should return true for #{password}99" do
140
- expect(password_validator.send(:is_common_password?, "#{password}12")).to eq(true)
141
- end
142
-
143
- it "should return true for #{password}123" do
144
- expect(password_validator.send(:is_common_password?, "#{password}123")).to eq(true)
145
- end
146
-
147
- it "should return true for #{password}123!" do
148
- expect(password_validator.send(:is_common_password?, "#{password}123!")).to eq(true)
149
- end
150
-
151
- end
152
-
153
- it "should return true for r00t" do
154
- expect(password_validator.send(:is_common_password?, "r00t")).to eq(true)
155
- end
156
-
157
- it "should return true for m3t@spl0it" do
158
- expect(password_validator.send(:is_common_password?, "m3t@spl0it")).to eq(true)
159
- end
160
-
161
- it "should return true for m3t@spl0it123!" do
162
- expect(password_validator.send(:is_common_password?, "m3t@spl0it123!")).to eq(true)
163
- end
164
- end
165
-
166
- context '#contains_username' do
167
-
168
- it 'should return true if username and password are the same' do
169
- expect(password_validator.send(:contains_username?, 'admin', 'admin')).to eq(true)
170
- end
171
-
172
- it 'should return true if the password contains the username as part of it' do
173
- expect(password_validator.send(:contains_username?, 'admin', '123admin123')).to eq(true)
174
- end
175
-
176
- it 'should return false otherwise' do
177
- expect(password_validator.send(:contains_username?, 'admin', 'foobar')).to eq(false)
178
- end
179
- end
180
-
181
- context '#is_simple?' do
182
-
183
- it "should return true if no number" do
184
- expect(password_validator.send(:is_simple?, "b@carat")).to eq(true)
185
- end
186
-
187
- it "should return true if no special char" do
188
- expect(password_validator.send(:is_simple?, "bacarat4")).to eq(true)
189
- end
190
-
191
- it "should return true if no letters" do
192
- expect(password_validator.send(:is_simple?, "1337")).to eq(true)
193
- end
194
-
195
- PasswordIsStrongValidator::SPECIAL_CHARS.each_char do |char|
196
-
197
- it "should return false with a #{char}" do
198
- expect(password_validator.send(:is_simple?, "bacarat4#{char}")).to eq(false)
199
- end
200
- end
201
- end
202
-
203
- context '#validate_each' do
204
-
205
- subject(:errors) do
206
- record.errors[attribute]
207
- end
208
-
209
- def validate_each
210
- password_validator.validate_each(record, attribute, value)
211
- end
212
-
213
- let(:record) {
214
- record_class.new.tap { |instance|
215
- instance.username = 'admin'
216
- }
217
- }
218
-
219
- let(:record_class) {
220
- Class.new do
221
- include ActiveModel::Validations
222
-
223
- #
224
- # Attributes
225
- #
226
-
227
- attr_accessor :username
228
- end
229
- }
230
-
231
-
232
- context 'with a password with no special char' do
233
- let(:value) { "bacarat4" }
234
-
235
- it 'should record an error' do
236
- validate_each
237
- expect(errors).not_to be_empty
238
- end
239
-
240
- it 'should have an error of "must contain letters, numbers, and at least one special character"' do
241
- validate_each
242
- expect(errors.include?("must contain letters, numbers, and at least one special character")).to eq(true)
243
- end
244
- end
245
-
246
- context 'with a password with no numbers' do
247
- let(:value) { "b@carat" }
248
-
249
- it 'should record an error' do
250
- validate_each
251
- expect(errors).not_to be_empty
252
- end
253
-
254
- it 'should have an error of "must contain letters, numbers, and at least one special character"' do
255
- validate_each
256
- expect(errors.include?("must contain letters, numbers, and at least one special character")).to eq(true)
257
- end
258
- end
259
-
260
- context 'with a password with no letters' do
261
- let(:value) { "1337@" }
262
-
263
- it 'should record an error' do
264
- validate_each
265
- expect(errors).not_to be_empty
266
- end
267
-
268
- it 'should have an error of "must contain letters, numbers, and at least one special character"' do
269
- validate_each
270
- expect(errors.include?("must contain letters, numbers, and at least one special character")).to eq(true)
271
- end
272
- end
273
-
274
- context 'with a password containing the username' do
275
- let(:value) { "admin1" }
276
-
277
- it 'should record an error' do
278
- validate_each
279
- expect(errors).not_to be_empty
280
- end
281
-
282
- it 'should have an error of "must not contain the username"' do
283
- validate_each
284
- expect(errors.include?("must not contain the username")).to eq(true)
285
- end
286
- end
287
-
288
- context 'with a common password' do
289
- let(:value) { "password" }
290
-
291
- it 'should record an error' do
292
- validate_each
293
- expect(errors).not_to be_empty
294
- end
295
-
296
- it 'should have an error of "must not be a common password"' do
297
- validate_each
298
- expect(errors.include?("must not be a common password")).to eq(true)
299
- end
300
- end
301
-
302
- context 'with a mutated common password' do
303
- let(:value) { "P@ssw0rd1!" }
304
-
305
- it 'should record an error' do
306
- validate_each
307
- expect(errors).not_to be_empty
308
- end
309
-
310
- it 'should have an error of "must not be a common password"' do
311
- validate_each
312
- expect(errors.include?("must not be a common password")).to eq(true)
313
- end
314
- end
315
-
316
- context 'with a repeated pattern' do
317
- let(:value) { "abcdabcd" }
318
-
319
- it 'should record an error' do
320
- validate_each
321
- expect(errors).not_to be_empty
322
- end
323
-
324
- it 'should have an error of "must not be a predictable sequence of characters"' do
325
- validate_each
326
- expect(errors.include?("must not be a predictable sequence of characters")).to eq(true)
327
- end
328
- end
329
-
330
- end
331
-
332
- end