ronin-exploits 0.3.1 → 1.0.0.beta2

data/spec/mixins/build_dir.rb

@@ -0,0 +1,66 @@
+require 'spec_helper'
+require 'ronin/exploits/mixins/build_dir'
+
+require 'ronin/exploits/exploit'
+
+describe Ronin::Exploits::Mixins::BuildDir do
+  module TestBuildDirMixin
+    class TestExploit < Ronin::Exploits::Exploit
+      include Ronin::Exploits::Mixins::BuildDir
+
+      id 'test-exploit'
+
+      def build
+        @exploit = 'built exploit'
+      end
+    end
+  end
+
+  let(:exploit_class) { TestBuildDirMixin::TestExploit }
+  subject { exploit_class.new }
+
+  describe "#perform_build" do
+    it "must set #build_dir to a temporary directory using the exploit ID then build the exploit" do
+      expect(subject).to receive(:build)
+
+      subject.perform_build
+
+      expect(subject.build_dir).to match(%r{\A/tmp/ronin-exploit-#{exploit_class.id}-\d+-\d+-[a-z0-9]+\z})
+      expect(File.directory?(subject.build_dir)).to be(true)
+    end
+
+    context "when the exploit ID contains a '/'" do
+      module TestBuildDirmixin
+        class TestExploitWithDirSeparatorInID < Ronin::Exploits::Exploit
+          include Ronin::Exploits::Mixins::BuildDir
+
+          id 'test/exploit'
+
+          def build
+            @exploit = 'built exploit'
+          end
+        end
+      end
+
+      let(:exploit_class) { TestBuildDirmixin::TestExploitWithDirSeparatorInID }
+
+      it "must replace any '/' characters with a '-'" do
+        subject.perform_build
+
+        expect(subject.build_dir).to match(%r{\A/tmp/ronin-exploit-test-exploit-\d+-\d+-[a-z0-9]+\z})
+      end
+    end
+  end
+
+  describe "#perform_cleanup" do
+    it "must delete #build_dir" do
+      subject.perform_build
+
+      build_dir = subject.build_dir
+
+      subject.perform_cleanup
+
+      expect(File.exist?(build_dir)).to be(false)
+    end
+  end
+end

data/spec/mixins/file_builder_spec.rb

@@ -0,0 +1,67 @@
+require 'spec_helper'
+require 'ronin/exploits/mixins/file_builder'
+
+require 'ronin/exploits/exploit'
+require 'fileutils'
+require 'tmpdir'
+
+describe Ronin::Exploits::Mixins::FileBuilder do
+  module TestFileBuilder
+    class TestExploit < Ronin::Exploits::Exploit
+      include Ronin::Exploits::Mixins::FileBuilder
+    end
+  end
+
+  let(:exploit_class) { TestFileBuilder::TestExploit }
+
+  it "must also include Ronin::Exploits::Params::Filename" do
+    expect(exploit_class).to include(Ronin::Exploits::Params::Filename)
+  end
+
+  subject { exploit_class.new }
+
+  describe "#build_file" do
+    before(:all) do
+      @old_cwd = Dir.pwd
+      Dir.chdir(Dir.tmpdir)
+    end
+
+    let(:contents) { 'hello world' }
+
+    context "when given no arguments are given" do
+      context "when #filename returns a filename" do
+        let(:filename) { 'test-file.txt' }
+
+        subject do
+          exploit_class.new(params: {filename: filename})
+        end
+
+        it "must open a file for #filename in the current directory for writing" do
+          subject.build_file do |file|
+            file.write(contents)
+          end
+
+          expect(File.read(filename)).to eq(contents)
+        end
+
+        after { FileUtils.rm(filename) }
+      end
+    end
+
+    context "when a name argument is given" do
+      let(:name) { 'explicit-test-file.txt' }
+
+      it "must open a file with the given name in the current directory for writing" do
+        subject.build_file(name) do |file|
+          file.write(contents)
+        end
+
+        expect(File.read(name)).to eq(contents)
+      end
+
+      after { FileUtils.rm(name) }
+    end
+
+    after { Dir.chdir(@old_cwd) }
+  end
+end

data/spec/mixins/format_string_spec.rb

@@ -0,0 +1,44 @@
+require 'spec_helper'
+require 'ronin/exploits/mixins/format_string'
+
+require 'ronin/exploits/exploit'
+require 'ronin/exploits/metadata/arch'
+require 'ronin/exploits/metadata/os'
+
+describe Ronin::Exploits::Mixins::FormatString do
+  module TestFormatString
+    class TestExploit < Ronin::Exploits::Exploit
+      include Ronin::Exploits::Metadata::Arch
+      include Ronin::Exploits::Metadata::OS
+      include Ronin::Exploits::Mixins::FormatString
+
+      arch :x86
+      os :linux
+    end
+  end
+
+  let(:exploit_class) { TestFormatString::TestExploit }
+  subject { exploit_class.new }
+
+  describe "#build_format_string" do
+    let(:pop_length) { 256        }
+    let(:overwrite)  { 0xffffaaaa }
+    let(:address)    { 0xffffbbbb }
+    let(:payload)    { "shellcode here".b }
+
+    it "must create a '%.DDDd%DDD$hn%.DDDd%DDD$hn' format string using the pop_length, overwrite, address, and payload" do
+      format_string = subject.build_format_string(
+        overwrite:  overwrite,
+        pop_length: pop_length,
+        address:    address,
+        payload:    payload
+      )
+
+      expect(format_string).to eq(
+        [overwrite, overwrite+2].pack('L<2') +
+        "%.16759731d%256$hn%.1056965709d%257$hn" +
+        payload
+      )
+    end
+  end
+end

data/spec/mixins/has_payload_spec.rb

@@ -0,0 +1,333 @@
+require 'spec_helper'
+require 'ronin/exploits/mixins/has_payload'
+require 'ronin/exploits/exploit'
+require 'ronin/payloads/payload'
+
+describe Ronin::Exploits::Mixins::HasPayload do
+  module TestHasPayload
+    class TestPayload < Ronin::Payloads::Payload
+    end
+
+    class InheritedPayload < TestPayload
+    end
+
+    class TestOtherPayload < Ronin::Payloads::Payload
+    end
+
+    class WithNoPayloadClass < Ronin::Exploits::Exploit
+      include Ronin::Exploits::Mixins::HasPayload
+    end
+
+    class WithPayloadClass < Ronin::Exploits::Exploit
+      include Ronin::Exploits::Mixins::HasPayload
+
+      payload_class TestPayload
+    end
+
+    class InheritesPayloadClass < WithPayloadClass
+    end
+
+    class InheritesAndOverridesPayloadClass < WithPayloadClass
+      payload_class TestOtherPayload
+    end
+  end
+
+  describe ".payload_class" do
+    subject { test_class }
+
+    context "when there is no payload_class set in the Exploit class" do
+      let(:test_class) { TestHasPayload::WithNoPayloadClass }
+
+      it "must default to Ronin::Payloads::Payload" do
+        expect(subject.payload_class).to be(Ronin::Payloads::Payload)
+      end
+    end
+
+    context "when the payload_class has been set in the Exploit class" do
+      let(:test_class) { TestHasPayload::WithPayloadClass }
+
+      it "must contain Ronin::Exploits::Target objects" do
+        expect(subject.payload_class).to be(TestHasPayload::TestPayload)
+      end
+    end
+
+    context "when the super-class sets the payload_class" do
+      let(:test_class)  { TestHasPayload::InheritesPayloadClass }
+      let(:super_class) { test_class.superclass }
+
+      it "must inherit the targets from the super-class" do
+        expect(subject.payload_class).to be(super_class.payload_class)
+      end
+
+      context "but the sub-class overrides the payload_class" do
+        let(:test_class) { TestHasPayload::InheritesAndOverridesPayloadClass }
+
+        it "must override the payload_class" do
+          expect(subject.payload_class).to be(TestHasPayload::TestOtherPayload)
+        end
+
+        it "must not modify the superclass'es payload_class" do
+          expect(super_class.payload_class).to be(TestHasPayload::TestPayload)
+        end
+      end
+    end
+  end
+
+  let(:test_class) { TestHasPayload::WithPayloadClass }
+
+  describe "#initialize" do
+    context "when no payload: keyword argument is given" do
+      subject { test_class.new }
+
+      it "must set #payload to nil" do
+        expect(subject.payload).to be(nil)
+      end
+    end
+
+    context "when the payload: keyword argument is given" do
+      subject { test_class.new(payload: payload) }
+
+      context "and it's a Ronin::Payloads::Payload type object" do
+        context "and the Exploit class has not defined a payload_class" do
+          let(:test_class) { TestHasPayload::WithNoPayloadClass }
+          let(:payload)    { TestHasPayload::TestPayload.new    }
+
+          it "must set #payload" do
+            expect(subject.payload).to be(payload)
+          end
+        end
+
+        context "but the Exploit has defined a payload_class" do
+          let(:test_class) { TestHasPayload::WithPayloadClass }
+
+          context "and the given payload object is a kind of payload_class" do
+            let(:payload) { test_class.payload_class.new }
+
+            it "must set #payload" do
+              expect(subject.payload).to be(payload)
+            end
+          end
+
+          context "and the given payload object inherits from payload_class" do
+            let(:payload) { TestHasPayload::InheritedPayload.new }
+
+            it "must set #payload" do
+              expect(subject.payload).to be(payload)
+            end
+          end
+
+          context "but the given payload is not a kind of payload_class" do
+            let(:payload) { TestHasPayload::TestOtherPayload.new }
+
+            it do
+              expect {
+                test_class.new(payload: payload)
+              }.to raise_error(Ronin::Exploits::IncompatiblePayload,"incompatible payload, must be a #{test_class.payload_class} payload: #{payload.inspect}")
+            end
+          end
+        end
+      end
+
+      context "and it's a String" do
+        let(:payload) { "the payload" }
+
+        subject { test_class.new(payload: payload) }
+
+        it "must set #payload to the String" do
+          expect(subject.payload).to be(payload)
+        end
+      end
+    end
+  end
+
+  describe "#payload=" do
+    subject { test_class.new }
+
+    context "and it's a Ronin::Payloads::Payload type object" do
+      context "and the Exploit class has not defined a payload_class" do
+        let(:test_class) { TestHasPayload::WithNoPayloadClass }
+        let(:payload)    { TestHasPayload::TestPayload.new    }
+
+        before { subject.payload = payload }
+
+        it "must set #payload" do
+          expect(subject.payload).to be(payload)
+        end
+      end
+
+      context "but the Exploit has defined a payload_class" do
+        let(:test_class) { TestHasPayload::WithPayloadClass }
+
+        context "and the given payload object is a kind of payload_class" do
+          let(:payload) { test_class.payload_class.new }
+
+          before { subject.payload = payload }
+
+          it "must set #payload" do
+            expect(subject.payload).to be(payload)
+          end
+        end
+
+        context "and the given payload object inherits from payload_class" do
+          let(:payload) { TestHasPayload::InheritedPayload.new }
+
+          before { subject.payload = payload }
+
+          it "must set #payload" do
+            expect(subject.payload).to be(payload)
+          end
+        end
+
+        context "but the given payload is not a kind of payload_class" do
+          let(:payload) { TestHasPayload::TestOtherPayload.new }
+
+          it do
+            expect {
+              subject.payload = payload
+            }.to raise_error(Ronin::Exploits::IncompatiblePayload,"incompatible payload, must be a #{test_class.payload_class} payload: #{payload.inspect}")
+          end
+        end
+      end
+    end
+
+    context "and it's a String" do
+      let(:payload) { "the payload" }
+
+      before { subject.payload = payload }
+
+      it "must set #payload to the String" do
+        expect(subject.payload).to be(payload)
+      end
+    end
+  end
+
+  describe "#perform_validate" do
+    subject { test_class.new(payload: payload) }
+
+    context "when #payload is nil" do
+      let(:payload) { nil }
+
+      it do
+        expect {
+          subject.perform_validate
+        }.to raise_error(Ronin::Exploits::MissingPayload,"exploit requires a payload")
+      end
+    end
+
+    context "when #payload is a Ronin::Payloads::Payload object" do
+      let(:payload) { TestHasPayload::TestPayload.new }
+
+      it "must also call the #payload's #validate_params" do
+        expect(payload).to receive(:validate_params)
+
+        subject.perform_validate
+      end
+    end
+
+    context "when #payload is not a Ronin::Payloads::Payload object" do
+      let(:payload) { "the payload" }
+
+      it "must not call the #payload's #validate_params method" do
+        expect(payload).to_not receive(:validate_params)
+
+        subject.perform_validate
+      end
+    end
+  end
+
+  describe "#perform_build" do
+    subject { test_class.new(payload: payload) }
+
+    context "when #payload is a Ronin::Payloads::Payload object" do
+      let(:payload) { TestHasPayload::TestPayload.new }
+
+      it "must also call the #payload's #perform_build" do
+        expect(payload).to receive(:perform_build)
+
+        subject.perform_build
+      end
+    end
+
+    context "when #payload is not a Ronin::Payloads::Payload object" do
+      let(:payload) { "the payload" }
+
+      it "must not call the #payload's #perform_build method" do
+        expect(payload).to_not receive(:perform_build)
+
+        subject.perform_build
+      end
+    end
+  end
+
+  describe "#perform_launch" do
+    subject { test_class.new(payload: payload) }
+
+    context "when #payload is a Ronin::Payloads::Payload object" do
+      let(:payload) { TestHasPayload::TestPayload.new }
+
+      it "must also call the #payload's #perform_prelaunch" do
+        expect(payload).to receive(:perform_prelaunch)
+
+        subject.perform_launch
+      end
+
+      context "but the Exploit's #launch method raises an exception" do
+        module TestHasPayload
+          class ExploitThatFailsToLaunch < Ronin::Exploits::Exploit
+            include Ronin::Exploits::Mixins::HasPayload
+
+            payload_class TestPayload
+
+            def launch
+              raise("error!")
+            end
+          end
+        end
+
+        let(:test_class) { TestHasPayload::ExploitThatFailsToLaunch }
+
+        it "must call the #payload's #perform_cleanup method then re-raise the exception" do
+          expect(payload).to receive(:perform_cleanup)
+
+          expect {
+            subject.perform_launch
+          }.to raise_error("error!")
+        end
+      end
+    end
+
+    context "when #payload is not a Ronin::Payloads::Payload object" do
+      let(:payload) { "the payload" }
+
+      it "must not call the #payload's #perform_prelaunch method" do
+        expect(payload).to_not receive(:perform_prelaunch)
+
+        subject.perform_launch
+      end
+    end
+  end
+
+  describe "#perform_cleanup" do
+    subject { test_class.new(payload: payload) }
+
+    context "when #payload is a Ronin::Payloads::Payload object" do
+      let(:payload) { TestHasPayload::TestPayload.new }
+
+      it "must also call the #payload's #perform_cleanup" do
+        expect(payload).to receive(:perform_cleanup)
+
+        subject.perform_cleanup
+      end
+    end
+
+    context "when #payload is not a Ronin::Payloads::Payload object" do
+      let(:payload) { "the payload" }
+
+      it "must not call the #payload's #perform_cleanup method" do
+        expect(payload).to_not receive(:perform_cleanup)
+
+        subject.perform_cleanup
+      end
+    end
+  end
+end