ronin-exploits 0.2.0 → 0.2.1

data/spec/exploits/ftp_spec.rb

@@ -4,11 +4,7 @@ require 'spec_helper'
 
 describe Exploits::FTP do
   before(:all) do
-    @exploit = Exploits::FTP.new do
-      self.name = 'example_ftp'
-    end
-
-    @exploit.save!
+    @exploit = Exploits::FTP.create(:name => 'example_ftp')
   end
 
   it "should have a default port of 21" do

data/spec/exploits/http_spec.rb

@@ -4,11 +4,11 @@ require 'spec_helper'
 
 describe Exploits::HTTP do
   before(:all) do
-    @exploit = Exploits::HTTP.new do
-      self.name = 'example_httpd'
-    end
+    @exploit = Exploits::HTTP.create(:name => 'example_httpd')
+  end
 
-    @exploit.save!
+  it "should initialize all parameters by default" do
+    @exploit.params.should_not be_empty
   end
 
   it "should have a default port of 80" do

data/spec/exploits/remote_tcp_spec.rb

@@ -4,7 +4,7 @@ require 'spec_helper'
 
 describe Exploits::RemoteTCP do
   before(:all) do
-    @exp = Exploits::RemoteTCP.new(
+    @exploit = Exploits::RemoteTCP.new(
       :default_port => 22,
       :host => '127.0.0.1'
     )
@@ -14,10 +14,14 @@ describe Exploits::RemoteTCP do
     Exploits::RemoteTCP.include?(Sessions::TCP).should == true
   end
 
+  it "should initialize all parameters by default" do
+    @exploit.params.should_not be_empty
+  end
+
   it "should default the port to the default_port before deploying" do
-    @exp.build!
+    @exploit.build!
 
-    @exp.deploy! do |exp|
+    @exploit.deploy! do |exp|
       exp.port.should == 22
     end
   end

data/spec/exploits/remote_udp_spec.rb

@@ -4,7 +4,7 @@ require 'spec_helper'
 
 describe Exploits::RemoteUDP do
   before(:all) do
-    @exp = Exploits::RemoteUDP.new(
+    @exploit = Exploits::RemoteUDP.new(
       :default_port => 22,
       :host => '127.0.0.1'
     )
@@ -14,10 +14,14 @@ describe Exploits::RemoteUDP do
     Exploits::RemoteUDP.include?(Sessions::UDP).should == true
   end
 
+  it "should initialize all parameters by default" do
+    @exploit.params.should_not be_empty
+  end
+
   it "should default the port to the default_port before deploying" do
-    @exp.build!
+    @exploit.build!
 
-    @exp.deploy! do |exp|
+    @exploit.deploy! do |exp|
       exp.port.should == 22
     end
   end

data/spec/exploits/target_spec.rb

@@ -3,9 +3,14 @@ require 'ronin/exploits/target'
 require 'spec_helper'
 
 describe Exploits::Target do
+  before(:all) do
+    @exploit = Exploits::Exploit.create(:name => 'exploit with targets')
+  end
+
   before(:each) do
     @target = Exploits::Target.new(
-      :data => {:var => 1, :test => 'hello'}
+      :data => {:var => 1, :test => 'hello'},
+      :exploit => @exploit
     )
   end
 
@@ -68,9 +73,11 @@ describe Exploits::Target do
   end
 
   it "should be able to serialize and deserialize it's target data" do
-    @target.save!
+    @target.save
 
     target = Exploits::Target.get(@target.id)
+    target.should_not be_nil
+
     target.data[:var].should == 1
     target.data[:test].should == 'hello'
   end

data/spec/exploits/targets/buffer_overflow_spec.rb

@@ -3,8 +3,12 @@ require 'ronin/exploits/targets/buffer_overflow'
 require 'spec_helper'
 
 describe Exploits::Targets::BufferOverflow do
+  before(:all) do
+    @exploit = Exploits::Exploit.create(:name => 'buffer overflow exploit')
+  end
+
   it "should require an ip to overwrite with" do
-    target = Exploits::Targets::BufferOverflow.new
+    target = Exploits::Targets::BufferOverflow.new(:exploit => @exploit)
     target.should_not be_valid
 
     target.ip = 0xffffeeee
@@ -12,7 +16,7 @@ describe Exploits::Targets::BufferOverflow do
   end
 
   it "should have a default frame_repeat of 1" do
-    target = Exploits::Targets::BufferOverflow.new
+    target = Exploits::Targets::BufferOverflow.new(:exploit => @exploit)
     target.frame_repeat.should == 1
   end
 end

data/spec/exploits/web_spec.rb

@@ -4,6 +4,12 @@ require 'spec_helper'
 
 describe Exploits::Web do
   describe "targeted_url" do
+    it "should initialize all parameters by default" do
+      exploit = Exploits::Web.new
+      
+      exploit.params.should_not be_empty
+    end
+
     it "should create a targeted URL using the host param" do
       host = 'www.example.com'
       exploit = Exploits::Web.new(:host => host)

data/spec/model/has_default_port_spec.rb

@@ -0,0 +1,27 @@
+require 'ronin/model/has_default_port'
+
+require 'spec_helper'
+require 'model/models/default_port_model'
+require 'model/models/non_default_port_model'
+
+describe Model::HasDefaultPort do
+  it "should define a default_port property" do
+  end
+
+  it "should initialize the default_port property if DEFAULT_PORT is defined" do
+    model = DefaultPortModel.new
+
+    model.default_port.should == DefaultPortModel::DEFAULT_PORT
+  end
+
+  it "should not initialize the default_port property if DEFAULT_PORT is undefined" do
+    model = NonDefaultPortModel.new
+    model.default_port.should be_nil
+  end
+
+  it "should allow default_port to be overridden" do
+    model = DefaultPortModel.new(:default_port => 70)
+
+    model.default_port.should == 70
+  end
+end

data/spec/model/models/default_port_model.rb

@@ -0,0 +1,13 @@
+require 'ronin/model'
+require 'ronin/model/has_default_port'
+
+class DefaultPortModel
+
+  include Ronin::Model
+  include Ronin::Model::HasDefaultPort
+
+  DEFAULT_PORT = 80
+
+  property :id, Serial
+
+end

data/spec/model/models/non_default_port_model.rb

@@ -0,0 +1,11 @@
+require 'ronin/model'
+require 'ronin/model/has_default_port'
+
+class NonDefaultPortModel
+
+  include Ronin::Model
+  include Ronin::Model::HasDefaultPort
+
+  property :id, Serial
+
+end

data/spec/model/models/targets_arch_model.rb

@@ -0,0 +1,11 @@
+require 'ronin/model'
+require 'ronin/model/targets_arch'
+
+class TargetsArchModel
+
+  include Ronin::Model
+  include Ronin::Model::TargetsArch
+
+  property :id, Serial
+
+end

data/spec/model/models/targets_os_model.rb

@@ -0,0 +1,11 @@
+require 'ronin/model'
+require 'ronin/model/targets_os'
+
+class TargetsOSModel
+
+  include Ronin::Model
+  include Ronin::Model::TargetsOS
+
+  property :id, Serial
+
+end

data/spec/model/targets_arch_spec.rb

@@ -0,0 +1,22 @@
+require 'ronin/model/targets_arch'
+
+require 'spec_helper'
+require 'model/models/targets_arch_model'
+
+describe Model::TargetsArch do
+  it "should define an arch relation" do
+    TargetsArchModel.relationships.has_key?('arch')
+  end
+
+  it "should provide access to the targeted arch" do
+    model = TargetsArchModel.new(:arch => Arch.i386)
+    model.arch.name.should == 'i386'
+  end
+
+  it "should allow the arch to be set via the getter method" do
+    model = TargetsArchModel.new
+    model.arch :i386
+
+    model.arch.name.should == 'i386'
+  end
+end

data/spec/model/targets_os_spec.rb

@@ -0,0 +1,23 @@
+require 'ronin/model/targets_os'
+
+require 'spec_helper'
+require 'model/models/targets_os_model'
+
+describe Model::TargetsOS do
+  it "should define an os relation" do
+    TargetsOSModel.relationships.has_key?('os')
+  end
+
+  it "should provide access to the targeted os" do
+    model = TargetsOSModel.new(:os => OS.linux('2.6.29'))
+    model.os.should == OS.linux('2.6.29')
+  end
+
+  it "should allow the os to be set via the getter method" do
+    model = TargetsOSModel.new
+    model.os :name => 'Linux', :version => '2.6.29'
+
+    model.os.name.should == 'Linux'
+    model.os.version.should == '2.6.29'
+  end
+end

data/spec/objects/exploits/example.rb

@@ -0,0 +1,25 @@
+ronin_exploit do
+  parameter :path,
+            :default => 'data',
+            :description => 'Parameter to be shared with the exploit'
+
+  cache do
+    self.name = 'example'
+
+    author :name => 'Anonymous', :email => 'anonymous@example.com'
+
+    targeting do |target|
+      target.arch :i686
+      target.os :name => 'Linux', :version => '2.6.23'
+      target.product :name => 'ExampleWare', :version => '1.5'
+    end
+  end
+
+  def buffer
+    @buffer
+  end
+
+  def build
+    @buffer = "GET /#{@path}/#{@encoded_payload}"
+  end
+end

data/spec/objects/exploits/test.rb

@@ -1,8 +1,4 @@
 ronin_exploit do
-  parameter :var,
-            :default => 'value1',
-            :description => 'Parameter to be shared with the payload'
-
   cache do
     self.name = 'test'
     self.version = '0.2'

data/spec/objects/payloads/test.rb

@@ -1,4 +1,8 @@
 ronin_payload do
+  parameter :custom,
+            :default => 'func',
+            :description => 'Custom value to use in building the payload'
+
   cache do
     self.name = 'test'
 
@@ -6,6 +10,6 @@ ronin_payload do
   end
 
   def build
-    @payload = 'code'
+    @payload = "code.#{@custom}"
   end
 end

data/spec/payloads/encoder_spec.rb

@@ -4,7 +4,7 @@ require 'spec_helper'
 
 describe Payloads::Encoder do
   before(:all) do
-    @encoder = Payloads::Encoder.new
+    @encoder = Payloads::Encoder.new(:name => 'test')
     @data = 'some data'
   end
 
@@ -23,4 +23,8 @@ describe Payloads::Encoder do
   it "should return the data to be encoded by default" do
     @encoder.call(@data).should == @data
   end
+
+  it "should have a custom inspect method" do
+    @encoder.inspect.should == '#<Ronin::Payloads::Encoder: test>'
+  end
 end

data/spec/payloads/payload_spec.rb

@@ -6,6 +6,7 @@ require 'helpers/objects'
 describe Payloads::Payload do
   before(:each) do
     @payload = load_payload('test')
+    @exploit = load_exploit('example')
   end
 
   it "should require a name attribute" do
@@ -36,24 +37,21 @@ describe Payloads::Payload do
     third_payload.should be_valid
   end
 
+  it "should initialize all parameters by default" do
+    @payload.params.should_not be_empty
+  end
+
   it "should not have any controls by default" do
     @payload.controls.should be_empty
   end
 
   it "should specify what behaviors the payload controls" do
-    @payload.controlling :memory_read
+    @payload.controlling :memory_read, :memory_write
 
-    @payload.behaviors.first.should == Vuln::Behavior[:memory_read]
-  end
-
-  it "should allow for the extending of Helper modules" do
-    @payload.instance_eval { helper :shell }.should == true
-  end
-
-  it "should raise an UnknownHelper when extending an unknown helper" do
-    lambda {
-      @payload.instance_eval { helper :obvious_not_there }
-    }.should raise_error(Payloads::UnknownHelper)
+    @payload.behaviors.should == [
+      Vuln::Behavior[:memory_read],
+      Vuln::Behavior[:memory_write]
+    ]
   end
 
   it "should not have an Arch by default" do
@@ -77,14 +75,45 @@ describe Payloads::Payload do
     @payload.os.version.should == '7.1'
   end
 
+  it "should allow for the extending of Helper modules" do
+    @payload.instance_eval { helper :shell }.should == true
+  end
+
+  it "should raise an UnknownHelper when extending an unknown helper" do
+    lambda {
+      @payload.instance_eval { helper :obvious_not_there }
+    }.should raise_error(Payloads::UnknownHelper)
+  end
+
+  it "should not have an exploit by default" do
+    @payload.exploit.should be_nil
+  end
+
   it "should have 'built' and 'unbiult' states" do
     @payload.should_not be_built
     @payload.build!
     @payload.should be_built
   end
 
-  it "should return the built payload when calling build" do
-    @payload.build!.should == 'code'
+  it "should store the built payload in the @payload instance variable" do
+    @payload.build!
+    @payload.payload.should == "code.func"
+  end
+
+  it "should return the built payload when calling build!" do
+    @payload.build!.should == "code.func"
+  end
+
+  it "should use parameters in the building of the payload" do
+    @payload.custom = 'hello'
+    @payload.build!.should == "code.hello"
+  end
+
+  it "should have 'deployed' and 'undeployed' states" do
+    @payload.should_not be_deployed
+    @payload.build!
+    @payload.deploy!
+    @payload.should be_deployed
   end
 
   it "should have a default deployer method" do
@@ -92,4 +121,38 @@ describe Payloads::Payload do
       payload.should == @payload
     end
   end
+
+  it "should pass the built payload to the exploit when deploying" do
+    @payload.exploit = @exploit
+
+    @payload.build!
+    @payload.deploy! do |payload|
+      payload.exploit.payload.should == "code.func"
+    end
+  end
+
+  it "should call the exploit when deployed" do
+    @payload.exploit = @exploit
+
+    @payload.build!
+    @payload.deploy! do |payload|
+      payload.exploit.should be_built
+      payload.exploit.should be_deployed
+    end
+  end
+
+  it "should build and deploy the payload when called" do
+    @payload.call
+
+    @payload.should be_built
+    @payload.should be_deployed
+  end
+
+  it "should return the name and the version when calling to_s" do
+    @payload.to_s.should == 'test 0.1'
+  end
+
+  it "should have a custom inspect method" do
+    @payload.inspect.should == '#<Ronin::Payloads::Payload: test 0.1 {:custom=>"func"}>'
+  end
 end