ronin-exploits 0.3.0 → 1.0.0.beta1

data/spec/exploits/exploit_spec.rb

@@ -1,313 +0,0 @@
-require 'ronin/exploits/exploit'
-
-require 'spec_helper'
-require 'helpers/objects'
-require 'controls/behaviors_examples'
-
-describe Exploits::Exploit do
-  before(:each) do
-    @exploit = load_exploit('simple')
-    @payload = load_payload('simple')
-    @controler = @exploit
-  end
-
-  it_should_behave_like "controls behaviors"
-
-  it "should require a name attribute" do
-    exp2 = Exploits::Exploit.new
-    exp2.should_not be_valid
-
-    exp2.name = 'test'
-    exp2.should be_valid
-  end
-
-  it "should have a unique name and version" do
-    first_exp = Exploits::Exploit.create(
-      :name => 'test2',
-      :version => '0.0.1'
-    )
-    first_exp.should be_valid
-
-    second_exp = Exploits::Exploit.new(
-      :name => 'test2',
-      :version => '0.0.1'
-    )
-    second_exp.should_not be_valid
-
-    third_exp = Exploits::Exploit.new(
-      :name => 'test2',
-      :version => '0.0.2'
-    )
-    third_exp.should be_valid
-  end
-
-  it "should allow for the extending of Helper modules" do
-    @exploit.instance_eval { helper :padding }.should == true
-  end
-
-  it "should raise an UnknownHelper when extending an unknown helper" do
-    lambda {
-      @exploit.instance_eval { helper :obvious_not_there }
-    }.should raise_error(Exploits::UnknownHelper)
-  end
-
-  it "should have targeted Archs" do
-    @exploit.targeted_archs.should == [Arch.i686, Arch.i386]
-  end
-
-  it "should have targeted OSes" do
-    @exploit.targeted_oses.should == [
-      OS.linux('2.6.23'),
-      OS.windows('7.1')
-    ]
-  end
-
-  it "should have targeted products" do
-    @exploit.targeted_products.all? { |product|
-      product.name == 'ExampleWare' && product.version == '1.5'
-    }.should == true
-  end
-
-  it "should allow the selection of a target by index" do
-    @exploit.use_target!(1)
-
-    @exploit.target.arch.should == Arch.i386
-  end
-
-  it "should allow the selection of a target that matches a block" do
-    @exploit.use_target! { |target| target.arch == Arch.i386 }
-
-    @exploit.target.arch.should == Arch.i386
-  end
-
-  it "should select the first target if nothing is passed to use_target!" do
-    @exploit.use_target!()
-
-    @exploit.target.arch.should == Arch.i686
-  end
-
-  it "should have a default target" do
-    @exploit.target.should_not be_nil
-
-    @exploit.target.arch.should == Arch.i686
-
-    @exploit.target.os.name.should == 'Linux'
-    @exploit.target.os.version.should == '2.6.23'
-  end
-
-  it "should have a default targeted Arch" do
-    @exploit.arch.should == Arch.i686
-  end
-
-  it "should have a default targeted OS" do
-    @exploit.os.should == OS.linux('2.6.23')
-  end
-
-  it "should have a default targeted Product" do
-    @exploit.product.name.should == 'ExampleWare'
-    @exploit.product.version.should == '1.5'
-  end
-
-  it "should set the payloads exploit when setting the payload" do
-    @payload.exploit.should be_nil
-
-    @exploit.payload = @payload
-    @payload.exploit.should == @exploit
-  end
-
-  it "should be able to set the payload to nil" do
-    @exploit.payload = @payload
-    @exploit.payload = nil
-
-    @exploit.payload.should be_nil
-  end
-
-  it "should set the payload and the exploit of the payload to nil" do
-    @exploit.payload = @payload
-    @exploit.payload = nil
-
-    @payload.exploit.should be_nil
-  end
-
-  it "should specify the additional behaviors controlled by the payload" do
-    @payload.control :code_exec
-    @payload.control :command_exec
-    @exploit.control :code_exec
-
-    @exploit.payload = @payload
-
-    @exploit.behaviors.should == [:code_exec, :command_exec]
-  end
-
-  it "should build a raw payload" do
-    @exploit.payload = @payload
-    @exploit.build_payload!
-
-    @exploit.raw_payload.should == 'code.func'
-  end
-
-  it "should pass options to the payload when building the raw payload" do
-    @exploit.payload = @payload
-    @exploit.build_payload!(:custom => 'test')
-
-    @exploit.raw_payload.should == 'code.test'
-  end
-
-  it "should default raw_payload to an empty String, if payload is nil" do
-    @exploit.payload = nil
-    @exploit.build_payload!
-
-    @exploit.raw_payload.should == ''
-  end
-
-  it "should not reset raw_payload, if payload is nil" do
-    @exploit.payload = nil
-    @exploit.raw_payload = 'data'
-
-    @exploit.build_payload!
-    @exploit.raw_payload.should == 'data'
-  end
-
-  it "should have no payload encoders by default" do
-    @exploit.encoders.should be_empty
-  end
-
-  it "should accept blocks as payload encoders" do
-    @exploit.raw_payload = 'data'
-
-    @exploit.encode_payload do |payload|
-      payload.capitalize
-    end
-
-    @exploit.encode_payload!
-    @exploit.encoded_payload.should == 'Data'
-  end
-
-  it "should accept an object with an #encode method" do
-    @exploit.raw_payload = 'data'
-    @exploit.encode_payload(Payloads::Encoders::Encoder.new)
-
-    @exploit.encode_payload!
-    @exploit.encoded_payload.should == 'data'
-  end
-
-  it "should not accept objects without an #encode method" do
-    lambda {
-      @exploit.encode_payload(Object.new)
-    }.should raise_error(RuntimeError)
-  end
-
-  it "should accept either a payload encoder object or a block" do
-    lambda {
-      @exploit.encode_payload()
-    }.should raise_error(ArgumentError)
-  end
-
-  it "should encode a String payload" do
-    @exploit.raw_payload = 'data'
-
-    @exploit.encode_payload!
-    @exploit.encoded_payload.should == 'data'
-  end
-
-  it "should encode a String using encoders" do
-    @exploit.raw_payload = 'data'
-    @exploit.encoders << lambda { |payload| payload.upcase }
-
-    @exploit.encode_payload!
-    @exploit.encoded_payload.should == 'DATA'
-  end
-
-  it "should ignore payload encoders which return nil" do
-    @exploit.raw_payload = 'data'
-    @exploit.encoders << lambda { |payload| nil }
-
-    @exploit.encode_payload!
-    @exploit.encoded_payload.should == 'data'
-  end
-
-  it "should have 'unbuilt' and 'built' states" do
-    @exploit.should_not be_built
-    @exploit.build!
-    @exploit.should be_built
-  end
-
-  it "should pass the built exploit to a given block" do
-    @exploit.build! do |exploit|
-      exploit.should be_built
-    end
-  end
-
-  it "should respect the arity of blocks passed to build!" do
-    @exploit.build! do
-      @exploit.should be_built
-    end
-  end
-
-  it "should return the built exploit" do
-    @exploit.build!.should be_built
-  end
-
-  it "should require the exploit is built before being deployed" do
-    lambda { @exploit.deploy! }.should raise_error(Exploits::ExploitNotBuilt)
-  end
-
-  it "should have a default deployer method" do
-    @exploit.build!
-
-    @exploit.deploy! do |exploit|
-      @exploit.should == exploit
-    end
-  end
-
-  it "should respect the arity of blocks passed to deploy!" do
-    @exploit.build!
-
-    @exploit.deploy! do
-      @exploit.should be_deployed
-    end
-  end
-
-  it "should deploy the payload after deploying the exploit" do
-    @exploit.payload = @payload
-    @payload.should_not be_deployed
-
-    @exploit.build!
-    @exploit.deploy! do |exploit|
-      exploit.payload.should be_deployed
-    end
-  end
-
-  it "should build and deploy the exploit when exploited" do
-    @exploit.exploit!
-
-    @exploit.should be_built
-    @exploit.should be_deployed
-  end
-
-  it "should not deploy during a dry-run of the exploit" do
-    @exploit.exploit!(:dry_run => true)
-
-    @exploit.should be_built
-    @exploit.should_not be_deployed
-  end
-
-  it "should return the name and the version when calling to_s" do
-    @exploit.to_s.should == 'simple 0.2'
-  end
-
-  it "should have a custom inspect method" do
-    @exploit.inspect.should == '#<Ronin::Exploits::Exploit: simple 0.2>'
-  end
-
-  it "should pass missing methods to the payload" do
-    @exploit.payload = @payload
-    @exploit.some_control.should == 'control data'
-  end
-
-  it "should not pass missing methods, if payload is nil" do
-    lambda {
-      @exploit.some_control
-    }.should raise_error(NoMethodError)
-  end
-end

data/spec/exploits/file_based_exploit_spec.rb

@@ -1,48 +0,0 @@
-require 'ronin/exploits/local'
-require 'ronin/exploits/helpers/file_based'
-
-require 'spec_helper'
-
-describe Exploits::Helpers::FileBased do
-  before(:each) do
-    @exploit = Exploits::Local.new do
-      helper :file_based
-
-      self.name = 'file exploit'
-      self.output_file_name = 'file_exploit.dat'
-
-      def build
-        build_file do |file|
-          file << 'some data'
-        end
-      end
-    end
-  end
-
-  it "should have an absolute path for the file to be built" do
-    @exploit.output_file_path.should_not be_empty
-  end
-
-  it "should sanitize the output_file_name used in the absolute path" do
-    @exploit.output_file_name = '../evil.txt'
-
-    @exploit.output_file_path.should == File.join(
-      @exploit.output_dir,
-      'evil.txt'
-    )
-  end
-
-  it "should have a default output directory" do
-    @exploit.output_dir.should == Ronin::Config::TMP_DIR
-  end
-
-  it "should have a default output_file_name, based on the exploit name" do
-    @exploit.output_file_name.should == 'file_exploit.dat'
-  end
-
-  it "should build a file" do
-    @exploit.build!
-
-    File.read(@exploit.output_file_path).should == 'some data'
-  end
-end

data/spec/exploits/format_string_exploit_spec.rb

@@ -1,32 +0,0 @@
-require 'ronin/exploits/local'
-require 'ronin/exploits/helpers/format_string'
-
-require 'spec_helper'
-
-describe Exploits::Helpers::FormatString do
-  before(:all) do
-    @exploit = Exploits::Local.new do
-      helper :format_string
-
-      self.name = 'example_fmtstring'
-
-      targeting do |target|
-        target.arch = Arch.i686
-        target.pop_length = 256
-        target.overwrite = 0xffffaaaa
-        target.address = 0xffffbbbb
-      end
-    end
-  end
-
-  it "should use Targets::FormatString for targets" do
-    @exploit.targets.all? { |target|
-      target.class == Exploits::Targets::FormatString
-    }.should == true
-  end
-
-  it "should build a format string" do
-    @exploit.target = @exploit.targets[0]
-    @exploit.build!
-  end
-end

data/spec/exploits/ftp_spec.rb

@@ -1,13 +0,0 @@
-require 'ronin/exploits/ftp'
-
-require 'spec_helper'
-
-describe Exploits::FTP do
-  before(:all) do
-    @exploit = Exploits::FTP.create(:name => 'example_ftp')
-  end
-
-  it "should have a default port of 21" do
-    @exploit.default_port.should == 21
-  end
-end

data/spec/exploits/http_spec.rb

@@ -1,17 +0,0 @@
-require 'ronin/exploits/http'
-
-require 'spec_helper'
-
-describe Exploits::HTTP do
-  before(:all) do
-    @exploit = Exploits::HTTP.create(:name => 'example_httpd')
-  end
-
-  it "should initialize all parameters by default" do
-    @exploit.params.should_not be_empty
-  end
-
-  it "should have a default port of 80" do
-    @exploit.default_port.should == 80
-  end
-end

data/spec/exploits/padding_exploit_spec.rb

@@ -1,44 +0,0 @@
-require 'ronin/exploits/local'
-require 'ronin/exploits/helpers/padding'
-
-require 'spec_helper'
-
-describe Exploits::Helpers::Padding do
-  before(:all) do
-    @exploit = Exploits::Local.new do
-      helper :padding
-
-      def pad_buffer
-        pad(1024)
-      end
-
-      def pad_data_left
-        pad_left('hello',1024)
-      end
-
-      def pad_data_right
-        pad_right('hello',1024)
-      end
-    end
-  end
-
-  it "should pad a buffer" do
-    buffer = @exploit.pad_buffer
-
-    buffer.length.should == 1024
-  end
-
-  it "should pad a buffer with data to the left" do
-    buffer = @exploit.pad_data_left
-
-    buffer.length.should == 1024
-    (buffer =~ /hello$/).should_not be_nil
-  end
-
-  it "should pad a buffer with data to the right" do
-    buffer = @exploit.pad_data_right
-
-    buffer.length.should == 1024
-    (buffer =~ /^hello/).should_not be_nil
-  end
-end

data/spec/exploits/remote_tcp_spec.rb

@@ -1,28 +0,0 @@
-require 'ronin/exploits/remote_tcp'
-
-require 'spec_helper'
-
-describe Exploits::RemoteTCP do
-  before(:all) do
-    @exploit = Exploits::RemoteTCP.new(
-      :default_port => 22,
-      :host => '127.0.0.1'
-    )
-  end
-
-  it "should include the TCP Session module" do
-    Exploits::RemoteTCP.include?(Network::Helpers::TCP).should == true
-  end
-
-  it "should initialize all parameters by default" do
-    @exploit.params.should_not be_empty
-  end
-
-  it "should default the port to the default_port before deploying" do
-    @exploit.build!
-
-    @exploit.deploy! do |exp|
-      exp.port.should == 22
-    end
-  end
-end

data/spec/exploits/remote_udp_spec.rb

@@ -1,28 +0,0 @@
-require 'ronin/exploits/remote_udp'
-
-require 'spec_helper'
-
-describe Exploits::RemoteUDP do
-  before(:all) do
-    @exploit = Exploits::RemoteUDP.new(
-      :default_port => 22,
-      :host => '127.0.0.1'
-    )
-  end
-
-  it "should include the UDP Session module" do
-    Exploits::RemoteUDP.include?(Network::Helpers::UDP).should == true
-  end
-
-  it "should initialize all parameters by default" do
-    @exploit.params.should_not be_empty
-  end
-
-  it "should default the port to the default_port before deploying" do
-    @exploit.build!
-
-    @exploit.deploy! do |exp|
-      exp.port.should == 22
-    end
-  end
-end

data/spec/exploits/target_spec.rb

@@ -1,98 +0,0 @@
-require 'ronin/exploits/target'
-
-require 'spec_helper'
-
-describe Exploits::Target do
-  before(:all) do
-    @exploit = Exploits::Exploit.create(:name => 'exploit with targets')
-  end
-
-  before(:each) do
-    @target = Exploits::Target.new(
-      :data => {:var => 1, :test => 'hello'},
-      :exploit => @exploit
-    )
-  end
-
-  it "should not have an Arch by default" do
-    @target.arch.should be_nil
-  end
-
-  it "should set the Arch when called with a name" do
-    @target.arch :i686
-    @target.arch.name.should == 'i686'
-    @target.arch.endian == 'little'
-    @target.arch.address_length == 4
-  end
-
-  it "should not have an OS by default" do
-    @target.os.should be_nil
-  end
-
-  it "should set the OS when called with arguments" do
-    @target.os(:name => 'FreeBSD', :version => '7.1')
-    @target.os.name.should == 'FreeBSD'
-    @target.os.version.should == '7.1'
-  end
-
-  it "should not have a product by default" do
-    @target.product.should be_nil
-  end
-
-  it "should set the product when called with arguments" do
-    @target.product(:name => 'Apache', :version => '1.3.3.7')
-    @target.product.name.should == 'Apache'
-    @target.product.version.should == '1.3.3.7'
-  end
-
-  it "should contain target data" do
-    @target.data[:var].should == 1
-    @target.data[:test].should == 'hello'
-  end
-
-  it "should provide Hash like access to target data" do
-    @target[:var].should == 1
-    @target[:test].should == 'hello'
-  end
-
-  it "should be able to set data like a Hash" do
-    @target[:var] = 2
-
-    @target[:var].should == 2
-  end
-
-  it "should provide OStruct like access to target data" do
-    @target.var.should == 1
-    @target.test.should == 'hello'
-  end
-
-  it "should be able to set data like an OStruct" do
-    @target.var = 2
-
-    @target.var.should == 2
-  end
-
-  it "should be able to serialize and deserialize it's target data" do
-    @target.save
-
-    target = Exploits::Target.get(@target.id)
-    target.should_not be_nil
-
-    target.data[:var].should == 1
-    target.data[:test].should == 'hello'
-  end
-
-  it "should not raise TargetDataMissing when setting new data" do
-    lambda {
-      @target.bla = 'yes'
-    }.should_not raise_error(Exploits::TargetDataMissing)
-
-    @target.bla.should == 'yes'
-  end
-
-  it "should raise TargetDataMissing when accessing non-existant data" do
-    lambda {
-      @target.bla
-    }.should raise_error(Exploits::TargetDataMissing)
-  end
-end

data/spec/exploits/targets/buffer_overflow_spec.rb

@@ -1,22 +0,0 @@
-require 'ronin/exploits/targets/buffer_overflow'
-
-require 'spec_helper'
-
-describe Exploits::Targets::BufferOverflow do
-  before(:all) do
-    @exploit = Exploits::Exploit.create(:name => 'buffer overflow exploit')
-  end
-
-  it "should require an ip to overwrite with" do
-    target = Exploits::Targets::BufferOverflow.new(:exploit => @exploit)
-    target.should_not be_valid
-
-    target.ip = 0xffffeeee
-    target.should be_valid
-  end
-
-  it "should have a default frame_repeat of 1" do
-    target = Exploits::Targets::BufferOverflow.new(:exploit => @exploit)
-    target.frame_repeat.should == 1
-  end
-end

data/spec/exploits/web_spec.rb

@@ -1,35 +0,0 @@
-require 'ronin/exploits/web'
-
-require 'spec_helper'
-
-describe Exploits::Web do
-  describe "targeted_url" do
-    it "should initialize all parameters by default" do
-      exploit = Exploits::Web.new
-      
-      exploit.params.should_not be_empty
-    end
-
-    it "should create a targeted URL using the host param" do
-      host = 'www.example.com'
-      exploit = Exploits::Web.new(:host => host)
-
-      exploit.targeted_url.host.should == host
-    end
-
-    it "should create a targeted URL using the host param and the url_path property" do
-      host = 'www.example.com'
-      path = '/'
-      exploit = Exploits::Web.new(:host => host, :url_path => path)
-
-      exploit.targeted_url.host.should == host
-      exploit.targeted_url.path.should == path
-    end
-
-    it "should raise a MissingParam exception if host params is missing" do
-      exploit = Exploits::Web.new(:url_path => '/')
-
-      lambda { exploit.targeted_url }.should raise_error(Parameters::MissingParam)
-    end
-  end
-end