ronin-exploits 1.0.0.beta1 → 1.0.0.beta3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (129) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ruby.yml +1 -0
  3. data/.yardopts +1 -1
  4. data/README.md +5 -1
  5. data/data/new/exploit.rb.erb +2 -2
  6. data/gemspec.yml +10 -1
  7. data/lib/ronin/exploits/advisory.rb +1 -1
  8. data/lib/ronin/exploits/cli/command.rb +1 -1
  9. data/lib/ronin/exploits/cli/commands/irb.rb +1 -1
  10. data/lib/ronin/exploits/cli/commands/list.rb +1 -1
  11. data/lib/ronin/exploits/cli/commands/new.rb +1 -1
  12. data/lib/ronin/exploits/cli/commands/run.rb +56 -6
  13. data/lib/ronin/exploits/cli/commands/show.rb +91 -65
  14. data/lib/ronin/exploits/cli/exploit_command.rb +1 -1
  15. data/lib/ronin/exploits/cli/exploit_methods.rb +1 -1
  16. data/lib/ronin/exploits/cli/ruby_shell.rb +1 -1
  17. data/lib/ronin/exploits/cli.rb +6 -1
  18. data/lib/ronin/exploits/client_side_web_vuln.rb +1 -1
  19. data/lib/ronin/exploits/exceptions.rb +1 -1
  20. data/lib/ronin/exploits/exploit.rb +1 -1
  21. data/lib/ronin/exploits/heap_overflow.rb +1 -1
  22. data/lib/ronin/exploits/lfi.rb +1 -1
  23. data/lib/ronin/exploits/loot/file.rb +1 -1
  24. data/lib/ronin/exploits/loot.rb +1 -1
  25. data/lib/ronin/exploits/memory_corruption.rb +1 -1
  26. data/lib/ronin/exploits/metadata/arch.rb +1 -1
  27. data/lib/ronin/exploits/metadata/cookie_param.rb +1 -1
  28. data/lib/ronin/exploits/metadata/default_filename.rb +1 -1
  29. data/lib/ronin/exploits/metadata/default_port.rb +1 -1
  30. data/lib/ronin/exploits/metadata/header_name.rb +1 -1
  31. data/lib/ronin/exploits/metadata/os.rb +1 -1
  32. data/lib/ronin/exploits/metadata/shouts.rb +1 -1
  33. data/lib/ronin/exploits/metadata/url_path.rb +1 -1
  34. data/lib/ronin/exploits/metadata/url_query_param.rb +1 -1
  35. data/lib/ronin/exploits/mixins/binary.rb +1 -1
  36. data/lib/ronin/exploits/mixins/build_dir.rb +1 -1
  37. data/lib/ronin/exploits/mixins/file_builder.rb +1 -1
  38. data/lib/ronin/exploits/mixins/format_string.rb +1 -1
  39. data/lib/ronin/exploits/mixins/has_payload.rb +1 -1
  40. data/lib/ronin/exploits/mixins/has_targets.rb +1 -1
  41. data/lib/ronin/exploits/mixins/html.rb +1 -1
  42. data/lib/ronin/exploits/mixins/http.rb +1 -1
  43. data/lib/ronin/exploits/mixins/loot.rb +1 -1
  44. data/lib/ronin/exploits/mixins/nops.rb +1 -1
  45. data/lib/ronin/exploits/mixins/remote_tcp.rb +1 -1
  46. data/lib/ronin/exploits/mixins/remote_udp.rb +1 -1
  47. data/lib/ronin/exploits/mixins/seh.rb +1 -1
  48. data/lib/ronin/exploits/mixins/stack_overflow.rb +1 -1
  49. data/lib/ronin/exploits/mixins/text.rb +1 -1
  50. data/lib/ronin/exploits/mixins.rb +1 -1
  51. data/lib/ronin/exploits/open_redirect.rb +1 -1
  52. data/lib/ronin/exploits/params/base_url.rb +1 -1
  53. data/lib/ronin/exploits/params/bind_host.rb +1 -1
  54. data/lib/ronin/exploits/params/bind_port.rb +1 -1
  55. data/lib/ronin/exploits/params/filename.rb +1 -1
  56. data/lib/ronin/exploits/params/host.rb +1 -1
  57. data/lib/ronin/exploits/params/port.rb +1 -1
  58. data/lib/ronin/exploits/registry.rb +1 -1
  59. data/lib/ronin/exploits/rfi.rb +1 -1
  60. data/lib/ronin/exploits/root.rb +1 -1
  61. data/lib/ronin/exploits/seh_overflow.rb +1 -1
  62. data/lib/ronin/exploits/sqli.rb +1 -1
  63. data/lib/ronin/exploits/ssti.rb +1 -1
  64. data/lib/ronin/exploits/stack_overflow.rb +1 -1
  65. data/lib/ronin/exploits/target.rb +1 -1
  66. data/lib/ronin/exploits/test_result.rb +1 -1
  67. data/lib/ronin/exploits/use_after_free.rb +1 -1
  68. data/lib/ronin/exploits/version.rb +2 -2
  69. data/lib/ronin/exploits/web.rb +1 -1
  70. data/lib/ronin/exploits/web_vuln.rb +1 -1
  71. data/lib/ronin/exploits/xss.rb +1 -1
  72. data/lib/ronin/exploits.rb +1 -1
  73. data/ronin-exploits.gemspec +2 -1
  74. metadata +16 -116
  75. data/spec/advisory_spec.rb +0 -71
  76. data/spec/cli/exploit_command_spec.rb +0 -68
  77. data/spec/cli/exploit_methods_spec.rb +0 -208
  78. data/spec/cli/ruby_shell_spec.rb +0 -14
  79. data/spec/client_side_web_vuln_spec.rb +0 -117
  80. data/spec/exploit_spec.rb +0 -538
  81. data/spec/exploits_spec.rb +0 -8
  82. data/spec/heap_overflow_spec.rb +0 -14
  83. data/spec/lfi_spec.rb +0 -162
  84. data/spec/loot/file_spec.rb +0 -131
  85. data/spec/loot_spec.rb +0 -138
  86. data/spec/memory_corruption_spec.rb +0 -22
  87. data/spec/metadata/arch_spec.rb +0 -82
  88. data/spec/metadata/cookie_param_spec.rb +0 -67
  89. data/spec/metadata/default_filename_spec.rb +0 -62
  90. data/spec/metadata/default_port_spec.rb +0 -62
  91. data/spec/metadata/header_name_spec.rb +0 -67
  92. data/spec/metadata/os_spec.rb +0 -164
  93. data/spec/metadata/shouts_spec.rb +0 -100
  94. data/spec/metadata/url_path_spec.rb +0 -67
  95. data/spec/metadata/url_query_param_spec.rb +0 -67
  96. data/spec/mixins/binary_spec.rb +0 -129
  97. data/spec/mixins/build_dir.rb +0 -66
  98. data/spec/mixins/file_builder_spec.rb +0 -67
  99. data/spec/mixins/format_string_spec.rb +0 -44
  100. data/spec/mixins/has_payload_spec.rb +0 -333
  101. data/spec/mixins/has_targets_spec.rb +0 -434
  102. data/spec/mixins/html_spec.rb +0 -772
  103. data/spec/mixins/http_spec.rb +0 -1227
  104. data/spec/mixins/loot_spec.rb +0 -20
  105. data/spec/mixins/nops_spec.rb +0 -165
  106. data/spec/mixins/remote_tcp_spec.rb +0 -217
  107. data/spec/mixins/remote_udp_spec.rb +0 -217
  108. data/spec/mixins/seh_spec.rb +0 -89
  109. data/spec/mixins/stack_overflow_spec.rb +0 -87
  110. data/spec/mixins/text_spec.rb +0 -43
  111. data/spec/open_redirect_spec.rb +0 -71
  112. data/spec/params/base_url_spec.rb +0 -71
  113. data/spec/params/bind_host_spec.rb +0 -34
  114. data/spec/params/bind_port_spec.rb +0 -35
  115. data/spec/params/filename_spec.rb +0 -77
  116. data/spec/params/host_spec.rb +0 -34
  117. data/spec/params/port_spec.rb +0 -77
  118. data/spec/rfi_spec.rb +0 -107
  119. data/spec/seh_overflow_spec.rb +0 -18
  120. data/spec/spec_helper.rb +0 -8
  121. data/spec/sqli_spec.rb +0 -306
  122. data/spec/ssti_spec.rb +0 -121
  123. data/spec/stack_overflow_spec.rb +0 -18
  124. data/spec/target_spec.rb +0 -92
  125. data/spec/test_result_spec.rb +0 -32
  126. data/spec/use_after_free_spec.rb +0 -14
  127. data/spec/web_spec.rb +0 -12
  128. data/spec/web_vuln_spec.rb +0 -854
  129. data/spec/xss_spec.rb +0 -69
@@ -1,20 +0,0 @@
1
- require 'ronin/exploits/mixins/loot'
2
-
3
- require 'ronin/exploits/exploit'
4
-
5
- describe Ronin::Exploits::Mixins::Loot do
6
- module TestLootMixin
7
- class TestExploit < Ronin::Exploits::Exploit
8
- include Ronin::Exploits::Mixins::Loot
9
- end
10
- end
11
-
12
- let(:exploit_class) { TestLootMixin::TestExploit }
13
- subject { exploit_class.new }
14
-
15
- describe "#initialize" do
16
- it "must initialize #loot to a Ronin::Exploits::Loot object" do
17
- expect(subject.loot).to be_kind_of(Ronin::Exploits::Loot)
18
- end
19
- end
20
- end
@@ -1,165 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/mixins/nops'
3
-
4
- require 'ronin/exploits/exploit'
5
- require 'ronin/exploits/metadata/arch'
6
-
7
- describe Ronin::Exploits::Mixins::NOPS do
8
- describe "NOPS" do
9
- subject { described_class::NOPS }
10
-
11
- describe ":x86" do
12
- subject { super()[:x86] }
13
-
14
- it "must return \"\\x90\"" do
15
- expect(subject).to eq("\x90".b)
16
- end
17
- end
18
-
19
- describe ":x86_64" do
20
- subject { super()[:x86_64] }
21
-
22
- it "must return \"\\x90\"" do
23
- expect(subject).to eq("\x90".b)
24
- end
25
- end
26
-
27
- describe ":arm" do
28
- subject { super()[:arm] }
29
-
30
- it "must return \"\\x05P\\xa0\\xe1\"" do
31
- expect(subject).to eq("\x05P\xa0\xe1".b)
32
- end
33
- end
34
-
35
- describe ":arm64" do
36
- subject { super()[:arm64] }
37
-
38
- it "must return \"\\xe5\\x03\\x05\\xaa\"" do
39
- expect(subject).to eq("\xe5\x03\x05\xaa".b)
40
- end
41
- end
42
- end
43
-
44
- module TestNOPSMixin
45
- class ExploitWithArchSet < Ronin::Exploits::Exploit
46
- include Ronin::Exploits::Metadata::Arch
47
- include Ronin::Exploits::Mixins::NOPS
48
-
49
- arch :x86
50
- end
51
-
52
- class ExploitWithMultiByteNopArchSet < Ronin::Exploits::Exploit
53
- include Ronin::Exploits::Metadata::Arch
54
- include Ronin::Exploits::Mixins::NOPS
55
-
56
- arch :arm
57
- end
58
-
59
- class ExploitWithoutArch < Ronin::Exploits::Exploit
60
- include Ronin::Exploits::Mixins::NOPS
61
- end
62
-
63
- class ExploitWithoutArchSet < Ronin::Exploits::Exploit
64
- include Ronin::Exploits::Metadata::Arch
65
- include Ronin::Exploits::Mixins::NOPS
66
- end
67
-
68
- class ExploitWithUnsupportedArch < Ronin::Exploits::Exploit
69
- include Ronin::Exploits::Metadata::Arch
70
- include Ronin::Exploits::Mixins::NOPS
71
-
72
- arch :mips
73
- end
74
- end
75
-
76
- subject { exploit_class.new }
77
-
78
- describe "#perform_validate" do
79
- context "when the exploit class does not define an #arch method" do
80
- let(:exploit_class) { TestNOPSMixin::ExploitWithoutArch }
81
-
82
- it do
83
- expect {
84
- subject.perform_validate
85
- }.to raise_error(Ronin::Exploits::ValidationError,"exploit #{exploit_class} did not include Ronin::Exploits::Metadata::Arch or Ronin::Exploits::Mixins::HasTargets")
86
- end
87
- end
88
-
89
- context "when the exploit class's #arch method returns nil" do
90
- let(:exploit_class) { TestNOPSMixin::ExploitWithoutArchSet }
91
-
92
- it do
93
- expect {
94
- subject.perform_validate
95
- }.to raise_error(Ronin::Exploits::ValidationError,"exploit #{exploit_class} did not include define an architecture")
96
- end
97
- end
98
-
99
- context "when the exploit class defines an architecture" do
100
- let(:exploit_class) { TestNOPSMixin::ExploitWithArchSet }
101
-
102
- it do
103
- expect {
104
- subject.perform_validate
105
- }.to_not raise_error
106
- end
107
- end
108
- end
109
-
110
- describe "#nop" do
111
- context "when #arch returns an architecture name" do
112
- context "and it's supported" do
113
- let(:exploit_class) { TestNOPSMixin::ExploitWithArchSet }
114
-
115
- it "must return the String from #{described_class}::NOPS for the #arch" do
116
- expect(subject.nop).to eq(described_class::NOPS.fetch(subject.arch))
117
- end
118
- end
119
-
120
- context "but it's not supported" do
121
- let(:exploit_class) { TestNOPSMixin::ExploitWithUnsupportedArch }
122
-
123
- it do
124
- expect {
125
- subject.nop
126
- }.to raise_error(NotImplementedError,"no NOP string is currently defined for the architecture: #{subject.arch.inspect}")
127
- end
128
- end
129
- end
130
- end
131
-
132
- describe "#nops" do
133
- let(:size) { 100 }
134
-
135
- context "when #arch returns an architecture name" do
136
- context "and it's supported" do
137
- let(:exploit_class) { TestNOPSMixin::ExploitWithArchSet }
138
-
139
- let(:nop) { described_class::NOPS.fetch(subject.arch) }
140
-
141
- it "must return a String of the NOP instruction for the #arch repeated size times" do
142
- expect(subject.nops(size)).to eq(nop * size)
143
- end
144
-
145
- context "but the NOP instruction for the architecture is more than one byte" do
146
- let(:exploit_class) { TestNOPSMixin::ExploitWithMultiByteNopArchSet }
147
-
148
- it "must return a String of the desired length containing as many of the NOP instructions as possible" do
149
- expect(subject.nops(size)).to eq(nop * (size / nop.bytesize))
150
- end
151
- end
152
- end
153
-
154
- context "but it's not supported" do
155
- let(:exploit_class) { TestNOPSMixin::ExploitWithUnsupportedArch }
156
-
157
- it do
158
- expect {
159
- subject.nops(size)
160
- }.to raise_error(NotImplementedError,"no NOP string is currently defined for the architecture: #{subject.arch.inspect}")
161
- end
162
- end
163
- end
164
- end
165
- end
@@ -1,217 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/mixins/remote_tcp'
3
- require 'ronin/exploits/exploit'
4
-
5
- describe Ronin::Exploits::Mixins::RemoteTCP do
6
- module TestMixinsRemoteTCP
7
- class TestExploit < Ronin::Exploits::Exploit
8
- include Ronin::Exploits::Mixins::RemoteTCP
9
- end
10
- end
11
-
12
- let(:test_class) { TestMixinsRemoteTCP::TestExploit }
13
-
14
- describe ".included" do
15
- subject { test_class }
16
-
17
- it "must include Ronin::Support::Network::TCP::Mixin" do
18
- expect(subject).to include(Ronin::Support::Network::TCP::Mixin)
19
- end
20
-
21
- it "must include Ronin::Exploits::Params::Host" do
22
- expect(subject).to include(Ronin::Exploits::Params::Host)
23
- end
24
-
25
- it "must include Ronin::Exploits::Params::Port" do
26
- expect(subject).to include(Ronin::Exploits::Params::Port)
27
- end
28
-
29
- it "must include Ronin::Exploits::Params::BindHost" do
30
- expect(subject).to include(Ronin::Exploits::Params::BindHost)
31
- end
32
-
33
- it "must include Ronin::Exploits::Params::BindPort" do
34
- expect(subject).to include(Ronin::Exploits::Params::BindPort)
35
- end
36
- end
37
-
38
- let(:host) { 'example.com' }
39
- let(:port) { 1337 }
40
- let(:bind_host) { 'localhost' }
41
- let(:bind_port) { 9000 }
42
-
43
- subject do
44
- test_class.new(
45
- params: {
46
- host: host,
47
- port: port,
48
- bind_host: bind_host,
49
- bind_port: bind_port
50
- }
51
- )
52
- end
53
-
54
- describe "#tcp_open?" do
55
- context "when given no arguments" do
56
- it "must call Ronin::Support::Network::TCP.open? with #host, #port, bind_host: #bind_host, bind_port: #bind_port" do
57
- expect(Ronin::Support::Network::TCP).to receive(:open?).with(
58
- subject.host, subject.port, bind_host: subject.bind_host,
59
- bind_port: subject.bind_port
60
- )
61
-
62
- subject.tcp_open?
63
- end
64
-
65
- context "when debug messages are enabled" do
66
- before { Ronin::Support::CLI::Printing.debug = true }
67
-
68
- it "must print a debugging message" do
69
- allow(Ronin::Support::Network::TCP).to receive(:open?).with(
70
- subject.host, subject.port, bind_host: subject.bind_host,
71
- bind_port: subject.bind_port
72
- )
73
-
74
- expect(subject).to receive(:print_debug).with(
75
- "Testing if #{subject.host}:#{subject.port} is open ..."
76
- )
77
-
78
- subject.tcp_open?
79
- end
80
-
81
- after { Ronin::Support::CLI::Printing.debug = false }
82
- end
83
- end
84
- end
85
-
86
- describe "#tcp_connect" do
87
- context "when given no arguments" do
88
- it "must call Ronin::Support::Network::TCP.connect with #host, #port, bind_host: #bind_host, bind_port: #bind_port" do
89
- expect(Ronin::Support::Network::TCP).to receive(:connect).with(
90
- subject.host, subject.port, bind_host: subject.bind_host,
91
- bind_port: subject.bind_port
92
- )
93
-
94
- subject.tcp_connect
95
- end
96
-
97
- context "when debug messages are enabled" do
98
- before { Ronin::Support::CLI::Printing.debug = true }
99
-
100
- it "must print a debugging message" do
101
- allow(Ronin::Support::Network::TCP).to receive(:connect).with(
102
- subject.host, subject.port, bind_host: subject.bind_host,
103
- bind_port: subject.bind_port
104
- )
105
-
106
- expect(subject).to receive(:print_debug).with(
107
- "Connecting to #{subject.host}:#{subject.port} ..."
108
- )
109
-
110
- subject.tcp_connect
111
- end
112
-
113
- after { Ronin::Support::CLI::Printing.debug = false }
114
- end
115
- end
116
- end
117
-
118
- describe "#tcp_connect_and_send" do
119
- context "when given one argument" do
120
- let(:data) { 'foo' }
121
-
122
- it "must call Ronin::Support::Network::TCP.connect_and_send with data, #host, #port, bind_host: #bind_host, bind_port: #bind_port" do
123
- expect(Ronin::Support::Network::TCP).to receive(:connect_and_send).with(
124
- data, subject.host, subject.port, bind_host: subject.bind_host,
125
- bind_port: subject.bind_port
126
- )
127
-
128
- subject.tcp_connect_and_send(data)
129
- end
130
-
131
- context "when debug messages are enabled" do
132
- before { Ronin::Support::CLI::Printing.debug = true }
133
-
134
- it "must print a debugging message" do
135
- allow(Ronin::Support::Network::TCP).to receive(:connect_and_send).with(
136
- data, subject.host, subject.port, bind_host: subject.bind_host,
137
- bind_port: subject.bind_port
138
- )
139
-
140
- expect(subject).to receive(:print_debug).with(
141
- "Connecting to #{subject.host}:#{subject.port} and sending #{data.inspect} ..."
142
- )
143
-
144
- subject.tcp_connect_and_send(data)
145
- end
146
-
147
- after { Ronin::Support::CLI::Printing.debug = false }
148
- end
149
- end
150
- end
151
-
152
- describe "#tcp_banner" do
153
- context "when given no arguments" do
154
- it "must call Ronin::Support::Network::TCP.banner with #host, #port, bind_host: #bind_host, bind_port: #bind_port" do
155
- expect(Ronin::Support::Network::TCP).to receive(:banner).with(
156
- subject.host, subject.port, bind_host: subject.bind_host,
157
- bind_port: subject.bind_port
158
- )
159
-
160
- subject.tcp_banner
161
- end
162
-
163
- context "when debug messages are enabled" do
164
- before { Ronin::Support::CLI::Printing.debug = true }
165
-
166
- it "must print a debugging message" do
167
- allow(Ronin::Support::Network::TCP).to receive(:banner).with(
168
- subject.host, subject.port, bind_host: subject.bind_host,
169
- bind_port: subject.bind_port
170
- )
171
-
172
- expect(subject).to receive(:print_debug).with(
173
- "Fetching the banner for #{subject.host}:#{subject.port} ..."
174
- )
175
-
176
- subject.tcp_banner
177
- end
178
-
179
- after { Ronin::Support::CLI::Printing.debug = false }
180
- end
181
- end
182
- end
183
-
184
- describe "#tcp_send" do
185
- context "when given one argument" do
186
- let(:data) { 'foo' }
187
-
188
- it "must call Ronin::Support::Network::TCP.send with data, #host, #port, bind_host: #bind_host, bind_port: #bind_port" do
189
- expect(Ronin::Support::Network::TCP).to receive(:send).with(
190
- data, subject.host, subject.port, bind_host: subject.bind_host,
191
- bind_port: subject.bind_port
192
- )
193
-
194
- subject.tcp_send(data)
195
- end
196
-
197
- context "when debug messages are enabled" do
198
- before { Ronin::Support::CLI::Printing.debug = true }
199
-
200
- it "must print a debugging message" do
201
- allow(Ronin::Support::Network::TCP).to receive(:send).with(
202
- data, subject.host, subject.port, bind_host: subject.bind_host,
203
- bind_port: subject.bind_port
204
- )
205
-
206
- expect(subject).to receive(:print_debug).with(
207
- "Sending #{data.inspect} to #{subject.host}:#{subject.port} ..."
208
- )
209
-
210
- subject.tcp_send(data)
211
- end
212
-
213
- after { Ronin::Support::CLI::Printing.debug = false }
214
- end
215
- end
216
- end
217
- end
@@ -1,217 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/mixins/remote_udp'
3
- require 'ronin/exploits/exploit'
4
-
5
- describe Ronin::Exploits::Mixins::RemoteUDP do
6
- module TestMixinsRemoteUDP
7
- class TestExploit < Ronin::Exploits::Exploit
8
- include Ronin::Exploits::Mixins::RemoteUDP
9
- end
10
- end
11
-
12
- let(:test_class) { TestMixinsRemoteUDP::TestExploit }
13
-
14
- describe ".included" do
15
- subject { test_class }
16
-
17
- it "must include Ronin::Support::Network::UDP::Mixin" do
18
- expect(subject).to include(Ronin::Support::Network::UDP::Mixin)
19
- end
20
-
21
- it "must include Ronin::Exploits::Params::Host" do
22
- expect(subject).to include(Ronin::Exploits::Params::Host)
23
- end
24
-
25
- it "must include Ronin::Exploits::Params::Port" do
26
- expect(subject).to include(Ronin::Exploits::Params::Port)
27
- end
28
-
29
- it "must include Ronin::Exploits::Params::BindHost" do
30
- expect(subject).to include(Ronin::Exploits::Params::BindHost)
31
- end
32
-
33
- it "must include Ronin::Exploits::Params::BindPort" do
34
- expect(subject).to include(Ronin::Exploits::Params::BindPort)
35
- end
36
- end
37
-
38
- let(:host) { 'example.com' }
39
- let(:port) { 1337 }
40
- let(:bind_host) { 'localhost' }
41
- let(:bind_port) { 9000 }
42
-
43
- subject do
44
- test_class.new(
45
- params: {
46
- host: host,
47
- port: port,
48
- bind_host: bind_host,
49
- bind_port: bind_port
50
- }
51
- )
52
- end
53
-
54
- describe "#udp_open?" do
55
- context "when given no arguments" do
56
- it "must call Ronin::Support::Network::UDP.open? with #host, #port, bind_host: #bind_host, bind_port: #bind_port" do
57
- expect(Ronin::Support::Network::UDP).to receive(:open?).with(
58
- subject.host, subject.port, bind_host: subject.bind_host,
59
- bind_port: subject.bind_port
60
- )
61
-
62
- subject.udp_open?
63
- end
64
-
65
- context "when debug messages are enabled" do
66
- before { Ronin::Support::CLI::Printing.debug = true }
67
-
68
- it "must print a debugging message" do
69
- allow(Ronin::Support::Network::UDP).to receive(:open?).with(
70
- subject.host, subject.port, bind_host: subject.bind_host,
71
- bind_port: subject.bind_port
72
- )
73
-
74
- expect(subject).to receive(:print_debug).with(
75
- "Testing if #{subject.host}:#{subject.port} is open ..."
76
- )
77
-
78
- subject.udp_open?
79
- end
80
-
81
- after { Ronin::Support::CLI::Printing.debug = false }
82
- end
83
- end
84
- end
85
-
86
- describe "#udp_connect" do
87
- context "when given no arguments" do
88
- it "must call Ronin::Support::Network::UDP.connect with #host, #port, bind_host: #bind_host, bind_port: #bind_port" do
89
- expect(Ronin::Support::Network::UDP).to receive(:connect).with(
90
- subject.host, subject.port, bind_host: subject.bind_host,
91
- bind_port: subject.bind_port
92
- )
93
-
94
- subject.udp_connect
95
- end
96
-
97
- context "when debug messages are enabled" do
98
- before { Ronin::Support::CLI::Printing.debug = true }
99
-
100
- it "must print a debugging message" do
101
- allow(Ronin::Support::Network::UDP).to receive(:connect).with(
102
- subject.host, subject.port, bind_host: subject.bind_host,
103
- bind_port: subject.bind_port
104
- )
105
-
106
- expect(subject).to receive(:print_debug).with(
107
- "Connecting to #{subject.host}:#{subject.port} ..."
108
- )
109
-
110
- subject.udp_connect
111
- end
112
-
113
- after { Ronin::Support::CLI::Printing.debug = false }
114
- end
115
- end
116
- end
117
-
118
- describe "#udp_connect_and_send" do
119
- context "when given one argument" do
120
- let(:data) { 'foo' }
121
-
122
- it "must call Ronin::Support::Network::UDP.connect_and_send with data, #host, #port, bind_host: #bind_host, bind_port: #bind_port" do
123
- expect(Ronin::Support::Network::UDP).to receive(:connect_and_send).with(
124
- data, subject.host, subject.port, bind_host: subject.bind_host,
125
- bind_port: subject.bind_port
126
- )
127
-
128
- subject.udp_connect_and_send(data)
129
- end
130
-
131
- context "when debug messages are enabled" do
132
- before { Ronin::Support::CLI::Printing.debug = true }
133
-
134
- it "must print a debugging message" do
135
- allow(Ronin::Support::Network::UDP).to receive(:connect_and_send).with(
136
- data, subject.host, subject.port, bind_host: subject.bind_host,
137
- bind_port: subject.bind_port
138
- )
139
-
140
- expect(subject).to receive(:print_debug).with(
141
- "Connecting to #{subject.host}:#{subject.port} and sending #{data.inspect} ..."
142
- )
143
-
144
- subject.udp_connect_and_send(data)
145
- end
146
-
147
- after { Ronin::Support::CLI::Printing.debug = false }
148
- end
149
- end
150
- end
151
-
152
- describe "#udp_banner" do
153
- context "when given no arguments" do
154
- it "must call Ronin::Support::Network::UDP.banner with #host, #port, bind_host: #bind_host, bind_port: #bind_port" do
155
- expect(Ronin::Support::Network::UDP).to receive(:banner).with(
156
- subject.host, subject.port, bind_host: subject.bind_host,
157
- bind_port: subject.bind_port
158
- )
159
-
160
- subject.udp_banner
161
- end
162
-
163
- context "when debug messages are enabled" do
164
- before { Ronin::Support::CLI::Printing.debug = true }
165
-
166
- it "must print a debugging message" do
167
- allow(Ronin::Support::Network::UDP).to receive(:banner).with(
168
- subject.host, subject.port, bind_host: subject.bind_host,
169
- bind_port: subject.bind_port
170
- )
171
-
172
- expect(subject).to receive(:print_debug).with(
173
- "Fetching the banner for #{subject.host}:#{subject.port} ..."
174
- )
175
-
176
- subject.udp_banner
177
- end
178
-
179
- after { Ronin::Support::CLI::Printing.debug = false }
180
- end
181
- end
182
- end
183
-
184
- describe "#udp_send" do
185
- context "when given one argument" do
186
- let(:data) { 'foo' }
187
-
188
- it "must call Ronin::Support::Network::UDP.send with data, #host, #port, bind_host: #bind_host, bind_port: #bind_port" do
189
- expect(Ronin::Support::Network::UDP).to receive(:send).with(
190
- data, subject.host, subject.port, bind_host: subject.bind_host,
191
- bind_port: subject.bind_port
192
- )
193
-
194
- subject.udp_send(data)
195
- end
196
-
197
- context "when debug messages are enabled" do
198
- before { Ronin::Support::CLI::Printing.debug = true }
199
-
200
- it "must print a debugging message" do
201
- allow(Ronin::Support::Network::UDP).to receive(:send).with(
202
- data, subject.host, subject.port, bind_host: subject.bind_host,
203
- bind_port: subject.bind_port
204
- )
205
-
206
- expect(subject).to receive(:print_debug).with(
207
- "Sending #{data.inspect} to #{subject.host}:#{subject.port} ..."
208
- )
209
-
210
- subject.udp_send(data)
211
- end
212
-
213
- after { Ronin::Support::CLI::Printing.debug = false }
214
- end
215
- end
216
- end
217
- end
@@ -1,89 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/mixins/seh'
3
-
4
- require 'ronin/exploits/exploit'
5
- require 'ronin/exploits/metadata/arch'
6
- require 'ronin/exploits/metadata/os'
7
-
8
- describe Ronin::Exploits::Mixins::SEH do
9
- module TestSEHMixin
10
- class TestExploit < Ronin::Exploits::Exploit
11
- include Ronin::Exploits::Metadata::Arch
12
- include Ronin::Exploits::Metadata::OS
13
- include Ronin::Exploits::Mixins::SEH
14
-
15
- arch :x86
16
- os :windows
17
- end
18
- end
19
-
20
- let(:exploit_class) { TestSEHMixin::TestExploit }
21
-
22
- it "must include Ronin::Exploits::Mixins::Text" do
23
- expect(exploit_class).to include(Ronin::Exploits::Mixins::Text)
24
- end
25
-
26
- it "must include Ronin::Exploits::Mixins::Binary" do
27
- expect(exploit_class).to include(Ronin::Exploits::Mixins::Binary)
28
- end
29
-
30
- it "must include Ronin::Exploits::Mixins::NOPS" do
31
- expect(exploit_class).to include(Ronin::Exploits::Mixins::NOPS)
32
- end
33
-
34
- subject { exploit_class.new }
35
-
36
- let(:nseh) { 0x06eb9090 }
37
- let(:seh) { 0x1001ae86 }
38
-
39
- describe "#seh_record" do
40
- it "must pack the nseh and seh arguments as machine words" do
41
- expect(subject.seh_record(nseh,seh)).to eq(
42
- [nseh, seh].pack('L<2')
43
- )
44
- end
45
- end
46
-
47
- describe "#seh_buffer_overflow" do
48
- let(:length) { 1024 }
49
- let(:payload) { 'shellcode here'.b }
50
-
51
- it "must return a buffer of the given size, containing junk data, the payload, nseh, and seh addresses" do
52
- buffer = subject.seh_buffer_overflow(
53
- length: length, payload: payload, nseh: nseh, seh: seh
54
- )
55
-
56
- expect(buffer.length).to eq(length)
57
-
58
- junk = subject.junk(length - payload.bytesize - (subject.platform[:machine_word].size * 2))
59
-
60
- packed_nseh = subject.pack(:machine_word,nseh)
61
- packed_seh = subject.pack(:machine_word,seh)
62
-
63
- expect(buffer).to eq(junk + payload + packed_nseh + packed_seh)
64
- end
65
-
66
- context "when the nops: keyword argument is given" do
67
- let(:nops) { 16 }
68
-
69
- it "must add additional NOP padding to the beginning of the payload" do
70
- buffer = subject.seh_buffer_overflow(
71
- length: length, nops: nops, payload: payload, nseh: nseh, seh: seh
72
- )
73
-
74
- expect(buffer.length).to eq(length)
75
-
76
- junk = subject.junk(length - (subject.nop.bytesize * nops) - payload.bytesize - (subject.platform[:machine_word].size * 2))
77
-
78
- nop_pad = subject.nops(nops)
79
-
80
- packed_nseh = subject.pack(:machine_word,nseh)
81
- packed_seh = subject.pack(:machine_word,seh)
82
-
83
- expect(buffer).to eq(
84
- junk + nop_pad + payload + packed_nseh + packed_seh
85
- )
86
- end
87
- end
88
- end
89
- end