ronin-exploits 0.2.1 → 0.3.0

data/spec/exploits/file_based_exploit_spec.rb

@@ -4,15 +4,15 @@ require 'ronin/exploits/helpers/file_based'
 require 'spec_helper'
 
 describe Exploits::Helpers::FileBased do
-  before(:all) do
+  before(:each) do
     @exploit = Exploits::Local.new do
       helper :file_based
 
       self.name = 'file exploit'
-      self.file_name = 'file_exploit.dat'
+      self.output_file_name = 'file_exploit.dat'
 
       def build
-        file_open do |file|
+        build_file do |file|
           file << 'some data'
         end
       end
@@ -20,20 +20,29 @@ describe Exploits::Helpers::FileBased do
   end
 
   it "should have an absolute path for the file to be built" do
-    @exploit.file_path.should_not be_empty
+    @exploit.output_file_path.should_not be_empty
+  end
+
+  it "should sanitize the output_file_name used in the absolute path" do
+    @exploit.output_file_name = '../evil.txt'
+
+    @exploit.output_file_path.should == File.join(
+      @exploit.output_dir,
+      'evil.txt'
+    )
   end
 
   it "should have a default output directory" do
     @exploit.output_dir.should == Ronin::Config::TMP_DIR
   end
 
-  it "should have a default file name, derived from the exploit name" do
-    @exploit.file_name.should == 'file_exploit.dat'
+  it "should have a default output_file_name, based on the exploit name" do
+    @exploit.output_file_name.should == 'file_exploit.dat'
   end
 
   it "should build a file" do
     @exploit.build!
 
-    File.read(@exploit.file_path).should == 'some data'
+    File.read(@exploit.output_file_path).should == 'some data'
   end
 end

data/spec/exploits/remote_tcp_spec.rb

@@ -11,7 +11,7 @@ describe Exploits::RemoteTCP do
   end
 
   it "should include the TCP Session module" do
-    Exploits::RemoteTCP.include?(Sessions::TCP).should == true
+    Exploits::RemoteTCP.include?(Network::Helpers::TCP).should == true
   end
 
   it "should initialize all parameters by default" do

data/spec/exploits/remote_udp_spec.rb

@@ -11,7 +11,7 @@ describe Exploits::RemoteUDP do
   end
 
   it "should include the UDP Session module" do
-    Exploits::RemoteUDP.include?(Sessions::UDP).should == true
+    Exploits::RemoteUDP.include?(Network::Helpers::UDP).should == true
   end
 
   it "should initialize all parameters by default" do

data/spec/generators/exploits/exploit_examples.rb

@@ -0,0 +1,24 @@
+require 'spec_helper'
+
+shared_examples_for "an Exploit" do
+  it "should set the name property" do
+    @exploit.name.should == Generators::Exploits::Exploit::DEFAULT_NAME
+  end
+
+  it "should set the description property" do
+    @exploit.description.should == Generators::Exploits::Exploit::DEFAULT_DESCRIPTION
+  end
+
+  it "should set the status property" do
+    @exploit.status.should == Generators::Exploits::Exploit::DEFAULT_STATUS
+  end
+
+  it "should set the disclosure property" do
+    @exploit.disclosure.include?(:in_wild).should == true
+  end
+
+  it "should defines an author" do
+    @exploit.authors.length.should == 1
+    @exploit.authors.first.name.should == Author::ANONYMOUSE
+  end
+end

data/spec/generators/exploits/exploit_spec.rb

@@ -0,0 +1,42 @@
+require 'ronin/generators/exploits/exploit'
+require 'ronin/exploits/exploit'
+
+require 'spec_helper'
+require 'generators/exploits/exploit_examples'
+
+require 'tmpdir'
+require 'fileutils'
+
+describe Generators::Exploits::Exploit do
+  before(:all) do
+    @path = File.join(Dir.tmpdir,'generated_exploit.rb')
+
+    Generators::Exploits::Exploit.generate(
+      {
+        :helpers => ['buffer_overflow'],
+        :controls => ['code_exec']
+      },
+      [@path]
+    )
+
+    @exploit = Exploits::Exploit.load_from(@path)
+  end
+
+  it_should_behave_like "an Exploit"
+
+  it "should define an Exploit" do
+    @exploit.class.should == Exploits::Exploit
+  end
+
+  it "should define helpers to load" do
+    @exploit.kind_of?(Exploits::Helpers::BufferOverflow).should == true
+  end
+
+  it "should define behaviors which it controls" do
+    @exploit.behaviors.should == [:code_exec]
+  end
+
+  after(:all) do
+    FileUtils.rm(@path)
+  end
+end

data/spec/generators/exploits/ftp_spec.rb

@@ -0,0 +1,42 @@
+require 'ronin/generators/exploits/ftp'
+require 'ronin/exploits/ftp'
+
+require 'spec_helper'
+require 'generators/exploits/exploit_examples'
+
+require 'tmpdir'
+require 'fileutils'
+
+describe Generators::Exploits::FTP do
+  before(:all) do
+    @path = File.join(Dir.tmpdir,'generated_exploit.rb')
+
+    Generators::Exploits::FTP.generate(
+      {
+        :helpers => ['buffer_overflow'],
+        :controls => ['code_exec']
+      },
+      [@path]
+    )
+
+    @exploit = Exploits::FTP.load_from(@path)
+  end
+
+  it_should_behave_like "an Exploit"
+
+  it "should define a FTP exploit" do
+    @exploit.class.should == Exploits::FTP
+  end
+
+  it "should define helpers to load" do
+    @exploit.kind_of?(Exploits::Helpers::BufferOverflow).should == true
+  end
+
+  it "should define controlled behaviors" do
+    @exploit.behaviors.should == [:code_exec]
+  end
+
+  after(:all) do
+    FileUtils.rm(@path)
+  end
+end

data/spec/generators/exploits/http_spec.rb

@@ -0,0 +1,42 @@
+require 'ronin/generators/exploits/http'
+require 'ronin/exploits/http'
+
+require 'spec_helper'
+require 'generators/exploits/exploit_examples'
+
+require 'tmpdir'
+require 'fileutils'
+
+describe Generators::Exploits::HTTP do
+  before(:all) do
+    @path = File.join(Dir.tmpdir,'generated_exploit.rb')
+
+    Generators::Exploits::HTTP.generate(
+      {
+        :helpers => ['buffer_overflow'],
+        :controls => ['code_exec']
+      },
+      [@path]
+    )
+
+    @exploit = Exploits::HTTP.load_from(@path)
+  end
+
+  it_should_behave_like "an Exploit"
+
+  it "should define a HTTP exploit" do
+    @exploit.class.should == Exploits::HTTP
+  end
+
+  it "should define helpers to load" do
+    @exploit.kind_of?(Exploits::Helpers::BufferOverflow).should == true
+  end
+
+  it "should define controlled behaviors" do
+    @exploit.behaviors.should == [:code_exec]
+  end
+
+  after(:all) do
+    FileUtils.rm(@path)
+  end
+end

data/spec/generators/exploits/local_spec.rb

@@ -0,0 +1,42 @@
+require 'ronin/generators/exploits/local'
+require 'ronin/exploits/local'
+
+require 'spec_helper'
+require 'generators/exploits/exploit_examples'
+
+require 'tmpdir'
+require 'fileutils'
+
+describe Generators::Exploits::Local do
+  before(:all) do
+    @path = File.join(Dir.tmpdir,'generated_exploit.rb')
+
+    Generators::Exploits::Local.generate(
+      {
+        :helpers => ['buffer_overflow'],
+        :controls => ['code_exec']
+      },
+      [@path]
+    )
+
+    @exploit = Exploits::Local.load_from(@path)
+  end
+
+  it_should_behave_like "an Exploit"
+
+  it "should define a Local exploit" do
+    @exploit.class.should == Exploits::Local
+  end
+
+  it "should define helpers to load" do
+    @exploit.kind_of?(Exploits::Helpers::BufferOverflow).should == true
+  end
+
+  it "should define controlled behaviors" do
+    @exploit.behaviors.should == [:code_exec]
+  end
+
+  after(:all) do
+    FileUtils.rm(@path)
+  end
+end

data/spec/generators/exploits/remote_spec.rb

@@ -0,0 +1,42 @@
+require 'ronin/generators/exploits/remote'
+require 'ronin/exploits/remote'
+
+require 'spec_helper'
+require 'generators/exploits/exploit_examples'
+
+require 'tmpdir'
+require 'fileutils'
+
+describe Generators::Exploits::Remote do
+  before(:all) do
+    @path = File.join(Dir.tmpdir,'generated_exploit.rb')
+
+    Generators::Exploits::Remote.generate(
+      {
+        :helpers => ['buffer_overflow'],
+        :controls => ['code_exec']
+      },
+      [@path]
+    )
+
+    @exploit = Exploits::Remote.load_from(@path)
+  end
+
+  it_should_behave_like "an Exploit"
+
+  it "should define a Remote exploit" do
+    @exploit.class.should == Exploits::Remote
+  end
+
+  it "should define helpers to load" do
+    @exploit.kind_of?(Exploits::Helpers::BufferOverflow).should == true
+  end
+
+  it "should define controlled behaviors" do
+    @exploit.behaviors.should == [:code_exec]
+  end
+
+  after(:all) do
+    FileUtils.rm(@path)
+  end
+end

data/spec/generators/exploits/remote_tcp_spec.rb

@@ -0,0 +1,47 @@
+require 'ronin/generators/exploits/remote_tcp'
+require 'ronin/exploits/remote_tcp'
+
+require 'spec_helper'
+require 'generators/exploits/exploit_examples'
+
+require 'tmpdir'
+require 'fileutils'
+
+describe Generators::Exploits::RemoteTCP do
+  before(:all) do
+    @path = File.join(Dir.tmpdir,'generated_exploit.rb')
+
+    Generators::Exploits::RemoteTCP.generate(
+      {
+        :helpers => ['buffer_overflow'],
+        :controls => ['code_exec'],
+        :default_port => 22
+      },
+      [@path]
+    )
+
+    @exploit = Exploits::RemoteTCP.load_from(@path)
+  end
+
+  it_should_behave_like "an Exploit"
+
+  it "should define a RemoteTCP exploit" do
+    @exploit.class.should == Exploits::RemoteTCP
+  end
+
+  it "should define helpers to load" do
+    @exploit.kind_of?(Exploits::Helpers::BufferOverflow).should == true
+  end
+
+  it "should define controlled behaviors" do
+    @exploit.behaviors.should == [:code_exec]
+  end
+
+  it "should set the default_port property" do
+    @exploit.default_port.should == 22
+  end
+
+  after(:all) do
+    FileUtils.rm(@path)
+  end
+end

data/spec/generators/exploits/remote_udp_spec.rb

@@ -0,0 +1,47 @@
+require 'ronin/generators/exploits/remote_udp'
+require 'ronin/exploits/remote_udp'
+
+require 'spec_helper'
+require 'generators/exploits/exploit_examples'
+
+require 'tmpdir'
+require 'fileutils'
+
+describe Generators::Exploits::RemoteUDP do
+  before(:all) do
+    @path = File.join(Dir.tmpdir,'generated_exploit.rb')
+
+    Generators::Exploits::RemoteUDP.generate(
+      {
+        :helpers => ['buffer_overflow'],
+        :controls => ['code_exec'],
+        :default_port => 22
+      },
+      [@path]
+    )
+
+    @exploit = Exploits::RemoteUDP.load_from(@path)
+  end
+
+  it_should_behave_like "an Exploit"
+
+  it "should define a RemoteUDP exploit" do
+    @exploit.class.should == Exploits::RemoteUDP
+  end
+
+  it "should define helpers to load" do
+    @exploit.kind_of?(Exploits::Helpers::BufferOverflow).should == true
+  end
+
+  it "should define controlled behaviors" do
+    @exploit.behaviors.should == [:code_exec]
+  end
+
+  it "should set the default_port property" do
+    @exploit.default_port.should == 22
+  end
+
+  after(:all) do
+    FileUtils.rm(@path)
+  end
+end

data/spec/generators/exploits/web_spec.rb

@@ -0,0 +1,52 @@
+require 'ronin/generators/exploits/web'
+require 'ronin/exploits/web'
+
+require 'spec_helper'
+require 'generators/exploits/exploit_examples'
+
+require 'tmpdir'
+require 'fileutils'
+
+describe Generators::Exploits::Web do
+  before(:all) do
+    @path = File.join(Dir.tmpdir,'generated_exploit.rb')
+
+    Generators::Exploits::Web.generate(
+      {
+        :helpers => ['buffer_overflow'],
+        :controls => ['code_exec'],
+        :url_path => '/some/path',
+        :url_query => 'var=1'
+      },
+      [@path]
+    )
+
+    @exploit = Exploits::Web.load_from(@path)
+  end
+
+  it_should_behave_like "an Exploit"
+
+  it "should define a Web exploit" do
+    @exploit.class.should == Exploits::Web
+  end
+
+  it "should define helpers to load" do
+    @exploit.kind_of?(Exploits::Helpers::BufferOverflow).should == true
+  end
+
+  it "should define controlled behaviors" do
+    @exploit.behaviors.should == [:code_exec]
+  end
+
+  it "should set the url_path property" do
+    @exploit.url_path.should == '/some/path'
+  end
+
+  it "should set the url_query property" do
+    @exploit.url_query.should == 'var=1'
+  end
+
+  after(:all) do
+    FileUtils.rm(@path)
+  end
+end