ronin-exploits 1.0.0.beta2 → 1.0.0.beta3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (63) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ruby.yml +1 -0
  3. data/README.md +4 -0
  4. data/gemspec.yml +3 -1
  5. data/lib/ronin/exploits/cli/commands/run.rb +55 -5
  6. data/lib/ronin/exploits/version.rb +1 -1
  7. data/ronin-exploits.gemspec +2 -1
  8. metadata +10 -115
  9. data/spec/advisory_spec.rb +0 -71
  10. data/spec/cli/exploit_command_spec.rb +0 -68
  11. data/spec/cli/exploit_methods_spec.rb +0 -208
  12. data/spec/cli/ruby_shell_spec.rb +0 -14
  13. data/spec/client_side_web_vuln_spec.rb +0 -117
  14. data/spec/exploit_spec.rb +0 -538
  15. data/spec/exploits_spec.rb +0 -8
  16. data/spec/heap_overflow_spec.rb +0 -14
  17. data/spec/lfi_spec.rb +0 -162
  18. data/spec/loot/file_spec.rb +0 -131
  19. data/spec/loot_spec.rb +0 -138
  20. data/spec/memory_corruption_spec.rb +0 -22
  21. data/spec/metadata/arch_spec.rb +0 -82
  22. data/spec/metadata/cookie_param_spec.rb +0 -67
  23. data/spec/metadata/default_filename_spec.rb +0 -62
  24. data/spec/metadata/default_port_spec.rb +0 -62
  25. data/spec/metadata/header_name_spec.rb +0 -67
  26. data/spec/metadata/os_spec.rb +0 -164
  27. data/spec/metadata/shouts_spec.rb +0 -100
  28. data/spec/metadata/url_path_spec.rb +0 -67
  29. data/spec/metadata/url_query_param_spec.rb +0 -67
  30. data/spec/mixins/binary_spec.rb +0 -129
  31. data/spec/mixins/build_dir.rb +0 -66
  32. data/spec/mixins/file_builder_spec.rb +0 -67
  33. data/spec/mixins/format_string_spec.rb +0 -44
  34. data/spec/mixins/has_payload_spec.rb +0 -333
  35. data/spec/mixins/has_targets_spec.rb +0 -434
  36. data/spec/mixins/html_spec.rb +0 -772
  37. data/spec/mixins/http_spec.rb +0 -1227
  38. data/spec/mixins/loot_spec.rb +0 -20
  39. data/spec/mixins/nops_spec.rb +0 -165
  40. data/spec/mixins/remote_tcp_spec.rb +0 -217
  41. data/spec/mixins/remote_udp_spec.rb +0 -217
  42. data/spec/mixins/seh_spec.rb +0 -89
  43. data/spec/mixins/stack_overflow_spec.rb +0 -87
  44. data/spec/mixins/text_spec.rb +0 -43
  45. data/spec/open_redirect_spec.rb +0 -71
  46. data/spec/params/base_url_spec.rb +0 -71
  47. data/spec/params/bind_host_spec.rb +0 -34
  48. data/spec/params/bind_port_spec.rb +0 -35
  49. data/spec/params/filename_spec.rb +0 -77
  50. data/spec/params/host_spec.rb +0 -34
  51. data/spec/params/port_spec.rb +0 -77
  52. data/spec/rfi_spec.rb +0 -107
  53. data/spec/seh_overflow_spec.rb +0 -18
  54. data/spec/spec_helper.rb +0 -8
  55. data/spec/sqli_spec.rb +0 -306
  56. data/spec/ssti_spec.rb +0 -121
  57. data/spec/stack_overflow_spec.rb +0 -18
  58. data/spec/target_spec.rb +0 -92
  59. data/spec/test_result_spec.rb +0 -32
  60. data/spec/use_after_free_spec.rb +0 -14
  61. data/spec/web_spec.rb +0 -12
  62. data/spec/web_vuln_spec.rb +0 -854
  63. data/spec/xss_spec.rb +0 -69
@@ -1,87 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/mixins/stack_overflow'
3
-
4
- require 'ronin/exploits/exploit'
5
- require 'ronin/exploits/metadata/arch'
6
- require 'ronin/exploits/metadata/os'
7
-
8
- describe Ronin::Exploits::Mixins::StackOverflow do
9
- module TestSEHMixin
10
- class TestExploit < Ronin::Exploits::Exploit
11
- include Ronin::Exploits::Metadata::Arch
12
- include Ronin::Exploits::Metadata::OS
13
- include Ronin::Exploits::Mixins::StackOverflow
14
-
15
- arch :x86
16
- os :windows
17
- end
18
- end
19
-
20
- let(:exploit_class) { TestSEHMixin::TestExploit }
21
-
22
- it "must include Ronin::Exploits::Mixins::Text" do
23
- expect(exploit_class).to include(Ronin::Exploits::Mixins::Text)
24
- end
25
-
26
- it "must include Ronin::Exploits::Mixins::Binary" do
27
- expect(exploit_class).to include(Ronin::Exploits::Mixins::Binary)
28
- end
29
-
30
- it "must include Ronin::Exploits::Mixins::NOPS" do
31
- expect(exploit_class).to include(Ronin::Exploits::Mixins::NOPS)
32
- end
33
-
34
- subject { exploit_class.new }
35
-
36
- let(:bp) { 0x06eb9090 }
37
- let(:ip) { 0x1001ae86 }
38
-
39
- describe "#stack_frame" do
40
- it "must pack the nseh and seh arguments as machine words" do
41
- expect(subject.stack_frame(bp,ip)).to eq(
42
- [bp, ip].pack('L<2')
43
- )
44
- end
45
- end
46
-
47
- describe "#buffer_overflow" do
48
- let(:length) { 1024 }
49
- let(:payload) { 'shellcode here'.b }
50
-
51
- it "must return a buffer of the given size, containing junk data, the payload, stack base pointer (bp), and stack instruction pointer (ip) addresses" do
52
- buffer = subject.buffer_overflow(
53
- length: length, payload: payload, bp: bp, ip: ip
54
- )
55
-
56
- expect(buffer.length).to eq(length)
57
-
58
- junk = subject.junk(length - payload.bytesize - (subject.platform[:machine_word].size * 2))
59
-
60
- packed_bp = subject.pack(:machine_word,bp)
61
- packed_ip = subject.pack(:machine_word,ip)
62
-
63
- expect(buffer).to eq(junk + payload + packed_bp + packed_ip)
64
- end
65
-
66
- context "when the nops: keyword argument is given" do
67
- let(:nops) { 16 }
68
-
69
- it "must add additional NOP padding to the beginning of the payload" do
70
- buffer = subject.buffer_overflow(
71
- length: length, nops: nops, payload: payload, bp: bp, ip: ip
72
- )
73
-
74
- expect(buffer.length).to eq(length)
75
-
76
- junk = subject.junk(length - (subject.nop.bytesize * nops) - payload.bytesize - (subject.platform[:machine_word].size * 2))
77
-
78
- nop_pad = subject.nops(nops)
79
-
80
- packed_ip = subject.pack(:machine_word,ip)
81
- packed_bp = subject.pack(:machine_word,bp)
82
-
83
- expect(buffer).to eq(junk + nop_pad + payload + packed_bp + packed_ip)
84
- end
85
- end
86
- end
87
- end
@@ -1,43 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/mixins/text'
3
-
4
- require 'ronin/exploits/exploit'
5
-
6
- describe Ronin::Exploits::Mixins::Text do
7
- module TestTextMixin
8
- class TestExploit < Ronin::Exploits::Exploit
9
- include Ronin::Exploits::Mixins::Text
10
- end
11
- end
12
-
13
- let(:exploit_class) { TestTextMixin::TestExploit }
14
- subject { exploit_class.new }
15
-
16
- it "must include Ronin::Support::Text::Random::Mixin" do
17
- expect(exploit_class).to include(Ronin::Support::Text::Random::Mixin)
18
- end
19
-
20
- describe "#junk" do
21
- let(:count) { 1024 }
22
-
23
- it "must return a String of 'A' characters for the given count" do
24
- expect(subject.junk(count)).to eq('A' * count)
25
- end
26
-
27
- context "when given a custom character" do
28
- let(:char) { 'B' }
29
-
30
- it "must return a String of the given characters for the given count" do
31
- expect(subject.junk(char,count)).to eq(char * count)
32
- end
33
- end
34
-
35
- context "when given a custom String" do
36
- let(:string) { 'AB' }
37
-
38
- it "must return a String of the given String repeated for the given count" do
39
- expect(subject.junk(string,count)).to eq(string * count)
40
- end
41
- end
42
- end
43
- end
@@ -1,71 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/open_redirect'
3
-
4
- describe Ronin::Exploits::OpenRedirect do
5
- module TestOpenRedirect
6
- class TestExploit < Ronin::Exploits::OpenRedirect
7
- base_path '/showthread.asp'
8
- query_param 'id'
9
- end
10
- end
11
-
12
- let(:exploit_class) { TestOpenRedirect::TestExploit }
13
- let(:base_url) { 'http://testasp.vulnweb.com' }
14
- let(:redirect_url) { 'http://evil.com/' }
15
-
16
- subject do
17
- exploit_class.new(
18
- params: {
19
- base_url: base_url,
20
- redirect_url: redirect_url
21
- }
22
- )
23
- end
24
-
25
- it "must inherite from Ronin::Exploits::ClientSideWebVuln" do
26
- expect(described_class).to be < Ronin::Exploits::ClientSideWebVuln
27
- end
28
-
29
- describe ".exploit_type" do
30
- subject { described_class }
31
-
32
- it { expect(subject.exploit_type).to eq(:open_redirect) }
33
- end
34
-
35
- describe "#initialize" do
36
- it "must default #payload to a Ronin::Payloads::Test::OpenRedirect payload" do
37
- expect(subject.payload).to be_kind_of(Ronin::Payloads::Test::OpenRedirect)
38
- end
39
-
40
- context "when given the payload: keyword argument" do
41
- let(:payload) { Ronin::Payloads::URLPayload.new }
42
-
43
- subject do
44
- exploit_class.new(
45
- payload: payload,
46
- params: {
47
- base_url: base_url
48
- }
49
- )
50
- end
51
-
52
- it "must set #payload" do
53
- expect(subject.payload).to be(payload)
54
- end
55
- end
56
- end
57
-
58
- describe "#vuln" do
59
- it "must return a Ronin::Vulns::OpenRedirect object" do
60
- expect(subject.vuln).to be_kind_of(Ronin::Vulns::OpenRedirect)
61
- end
62
-
63
- it "must set the #url attribute of the OpenRedirect vuln object" do
64
- expect(subject.vuln.url).to eq(subject.url)
65
- end
66
-
67
- it "must set the #test_url attribute of the OpenRedirect vuln object to the 'redirect_url' param" do
68
- expect(subject.vuln.test_url).to eq(redirect_url)
69
- end
70
- end
71
- end
@@ -1,71 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/params/base_url'
3
- require 'ronin/exploits/exploit'
4
-
5
- describe Ronin::Exploits::Params::BaseURL do
6
- module TestBaseURLParam
7
- class TestExploit < Ronin::Exploits::Exploit
8
- include Ronin::Exploits::Params::BaseURL
9
- end
10
- end
11
-
12
- describe ".included" do
13
- subject { TestBaseURLParam::TestExploit }
14
-
15
- it "must add a required 'base_url' param to the exploit class" do
16
- expect(subject.params[:base_url]).to_not be_nil
17
- expect(subject.params[:base_url].type).to be_kind_of(Ronin::Core::Params::Types::URI)
18
- expect(subject.params[:base_url].required?).to be(true)
19
- expect(subject.params[:base_url].desc).to eq("The base URL of the target")
20
- end
21
- end
22
-
23
- let(:base_url) { URI('https://example.com:8080/') }
24
- subject { TestBaseURLParam::TestExploit.new(params: {base_url: base_url}) }
25
-
26
- describe "#host" do
27
- it "must return the host value of the base URL" do
28
- expect(subject.host).to eq(base_url.host)
29
- end
30
- end
31
-
32
- describe "#port" do
33
- it "must return the port value of the base URL" do
34
- expect(subject.port).to eq(base_url.port)
35
- end
36
- end
37
-
38
- describe "#url_for" do
39
- context "when given an absolute path" do
40
- let(:path) { '/foo' }
41
-
42
- it "must return a URI::HTTP object" do
43
- expect(subject.url_for(path)).to be_kind_of(URI::HTTP)
44
- end
45
-
46
- it "must override the path of the params[:base_url]" do
47
- expect(subject.url_for(path).path).to eq(path)
48
- end
49
- end
50
-
51
- context "when given a relative path" do
52
- let(:path) { 'foo' }
53
-
54
- it "must return a URI::HTTP object" do
55
- expect(subject.url_for(path)).to be_kind_of(URI::HTTP)
56
- end
57
-
58
- it "must convert the path into an absolute path" do
59
- expect(subject.url_for(path).path).to eq("/#{path}")
60
- end
61
- end
62
-
63
- context "when given a fully qualified URL" do
64
- let(:url) { "https://www.other.com/foo" }
65
-
66
- it "must return the URL" do
67
- expect(subject.url_for(url).to_s).to eq(url)
68
- end
69
- end
70
- end
71
- end
@@ -1,34 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/params/bind_host'
3
- require 'ronin/exploits/exploit'
4
-
5
- describe Ronin::Exploits::Params::BindHost do
6
- module TestBindHostParam
7
- class TestExploit < Ronin::Exploits::Exploit
8
- include Ronin::Exploits::Params::BindHost
9
- end
10
- end
11
-
12
- describe ".included" do
13
- subject { TestBindHostParam::TestExploit }
14
-
15
- it "must add an optional 'bind_host' param to the exploit class" do
16
- expect(subject.params[:bind_host]).to_not be_nil
17
- expect(subject.params[:bind_host].required?).to be(false)
18
- expect(subject.params[:bind_host].desc).to eq("Local host to bind to")
19
- end
20
- end
21
-
22
- let(:bind_host) { 'localhost' }
23
- subject do
24
- TestBindHostParam::TestExploit.new(
25
- params: {bind_host: bind_host}
26
- )
27
- end
28
-
29
- describe "#bind_host" do
30
- it "must return the bind_host param value" do
31
- expect(subject.bind_host).to eq(bind_host)
32
- end
33
- end
34
- end
@@ -1,35 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/params/bind_port'
3
- require 'ronin/exploits/exploit'
4
-
5
- describe Ronin::Exploits::Params::BindPort do
6
- module TestBindPortParam
7
- class TestExploit < Ronin::Exploits::Exploit
8
- include Ronin::Exploits::Params::BindPort
9
- end
10
- end
11
-
12
- describe ".included" do
13
- subject { TestBindPortParam::TestExploit }
14
-
15
- it "must add an optional 'bind_port' param to the exploit class" do
16
- expect(subject.params[:bind_port]).to_not be_nil
17
- expect(subject.params[:bind_port].type).to be_kind_of(Ronin::Core::Params::Types::Integer)
18
- expect(subject.params[:bind_port].required?).to be(false)
19
- expect(subject.params[:bind_port].desc).to eq("Local port to bind to")
20
- end
21
- end
22
-
23
- let(:bind_port) { 9000 }
24
- subject do
25
- TestBindPortParam::TestExploit.new(
26
- params: {bind_port: bind_port}
27
- )
28
- end
29
-
30
- describe "#bind_port" do
31
- it "must return the bind_port param value" do
32
- expect(subject.bind_port).to eq(bind_port)
33
- end
34
- end
35
- end
@@ -1,77 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/params/filename'
3
- require 'ronin/exploits/exploit'
4
-
5
- describe Ronin::Exploits::Params::Filename do
6
- module TestFilenameParam
7
- class TestExploit < Ronin::Exploits::Exploit
8
- include Ronin::Exploits::Params::Filename
9
- end
10
-
11
- class TextExploitWithDefaultFilename < Ronin::Exploits::Exploit
12
- include Ronin::Exploits::Params::Filename
13
- default_filename 'exploit.docx'
14
- end
15
- end
16
-
17
- describe ".included" do
18
- subject { TestFilenameParam::TestExploit }
19
-
20
- it "must include Ronin::Exploits::Metadata::DefaultFilename" do
21
- expect(subject).to include(Ronin::Exploits::Metadata::DefaultFilename)
22
- end
23
-
24
- it "must add a required 'filename' param to the exploit class" do
25
- expect(subject.params[:filename]).to_not be_nil
26
- expect(subject.params[:filename].type).to be_kind_of(Ronin::Core::Params::Types::String)
27
- expect(subject.params[:filename].required?).to be(true)
28
- expect(subject.params[:filename].default).to be_kind_of(Proc)
29
- expect(subject.params[:filename].desc).to eq("The filename for the exploit")
30
- end
31
- end
32
-
33
- let(:exploit_class) { TestFilenameParam::TestExploit }
34
-
35
- let(:filename) { 'my-file.txt' }
36
-
37
- subject do
38
- exploit_class.new(
39
- params: {filename: filename}
40
- )
41
- end
42
-
43
- describe "#filename" do
44
- it "must return the filename param value" do
45
- expect(subject.filename).to eq(filename)
46
- end
47
-
48
- context "when no filename param value is set" do
49
- subject do
50
- exploit_class.new
51
- end
52
-
53
- it "must require a filename value" do
54
- expect {
55
- subject.validate_params
56
- }.to raise_error(Ronin::Core::Params::RequiredParam,"param 'filename' requires a value")
57
- end
58
- end
59
-
60
- context "when the exploit class defines a default_filename" do
61
- context "and the filename param value is set" do
62
- it "must override the default_filename value" do
63
- expect(subject.filename).to eq(filename)
64
- end
65
- end
66
-
67
- context "but no filename param value has been set" do
68
- let(:exploit_class) { TestFilenameParam::TextExploitWithDefaultFilename }
69
- subject { exploit_class.new }
70
-
71
- it "must default to the default_filename value" do
72
- expect(subject.filename).to eq(exploit_class.default_filename)
73
- end
74
- end
75
- end
76
- end
77
- end
@@ -1,34 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/params/host'
3
- require 'ronin/exploits/exploit'
4
-
5
- describe Ronin::Exploits::Params::Host do
6
- module TestHostParam
7
- class TestExploit < Ronin::Exploits::Exploit
8
- include Ronin::Exploits::Params::Host
9
- end
10
- end
11
-
12
- describe ".included" do
13
- subject { TestHostParam::TestExploit }
14
-
15
- it "must add a required 'host' param to the exploit class" do
16
- expect(subject.params[:host]).to_not be_nil
17
- expect(subject.params[:host].required?).to be(true)
18
- expect(subject.params[:host].desc).to eq("Remote host to connect to")
19
- end
20
- end
21
-
22
- let(:host) { 'example.com' }
23
- subject do
24
- TestHostParam::TestExploit.new(
25
- params: {host: host}
26
- )
27
- end
28
-
29
- describe "#host" do
30
- it "must return the host param value" do
31
- expect(subject.host).to eq(host)
32
- end
33
- end
34
- end
@@ -1,77 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/params/port'
3
- require 'ronin/exploits/exploit'
4
-
5
- describe Ronin::Exploits::Params::Port do
6
- module TestPortParam
7
- class TestExploit < Ronin::Exploits::Exploit
8
- include Ronin::Exploits::Params::Port
9
- end
10
-
11
- class TextExploitWithDefaultPort < Ronin::Exploits::Exploit
12
- include Ronin::Exploits::Params::Port
13
- default_port 123
14
- end
15
- end
16
-
17
- describe ".included" do
18
- subject { TestPortParam::TestExploit }
19
-
20
- it "must include Ronin::Exploits::Metadata::DefaultPort" do
21
- expect(subject).to include(Ronin::Exploits::Metadata::DefaultPort)
22
- end
23
-
24
- it "must add a required 'port' param to the exploit class" do
25
- expect(subject.params[:port]).to_not be_nil
26
- expect(subject.params[:port].type).to be_kind_of(Ronin::Core::Params::Types::Integer)
27
- expect(subject.params[:port].required?).to be(true)
28
- expect(subject.params[:port].default).to be_kind_of(Proc)
29
- expect(subject.params[:port].desc).to eq("Remote port to connect to")
30
- end
31
- end
32
-
33
- let(:exploit_class) { TestPortParam::TestExploit }
34
-
35
- let(:port) { 1337 }
36
-
37
- subject do
38
- exploit_class.new(
39
- params: {port: port}
40
- )
41
- end
42
-
43
- describe "#port" do
44
- it "must return the port param value" do
45
- expect(subject.port).to eq(port)
46
- end
47
-
48
- context "when no port param value is set" do
49
- subject do
50
- exploit_class.new
51
- end
52
-
53
- it "must require a port value" do
54
- expect {
55
- subject.validate_params
56
- }.to raise_error(Ronin::Core::Params::RequiredParam,"param 'port' requires a value")
57
- end
58
- end
59
-
60
- context "when the exploit class defines a default_port" do
61
- context "and the port param value is set" do
62
- it "must override the default_port value" do
63
- expect(subject.port).to eq(port)
64
- end
65
- end
66
-
67
- context "but no port param value has been set" do
68
- let(:exploit_class) { TestPortParam::TextExploitWithDefaultPort }
69
- subject { exploit_class.new }
70
-
71
- it "must default to the default_port value" do
72
- expect(subject.port).to eq(exploit_class.default_port)
73
- end
74
- end
75
- end
76
- end
77
- end
data/spec/rfi_spec.rb DELETED
@@ -1,107 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/rfi'
3
-
4
- describe Ronin::Exploits::RFI do
5
- module TestRFI
6
- class TestExploit < Ronin::Exploits::RFI
7
- base_path '/showimage.php'
8
- query_param 'file'
9
- end
10
- end
11
-
12
- let(:exploit_class) { TestRFI::TestExploit }
13
-
14
- let(:base_url) { 'http://testphp.vulnweb.com' }
15
-
16
- subject do
17
- exploit_class.new(
18
- params: {
19
- base_url: base_url
20
- }
21
- )
22
- end
23
-
24
- describe ".exploit_type" do
25
- subject { described_class }
26
-
27
- it { expect(subject.exploit_type).to eq(:rfi) }
28
- end
29
-
30
- describe "#vuln" do
31
- it "must return a Ronin::Vulns::RFI object" do
32
- expect(subject.vuln).to be_kind_of(Ronin::Vulns::RFI)
33
- end
34
-
35
- it "must set the #url attribute of the RFI vuln object" do
36
- expect(subject.vuln.url).to eq(subject.url)
37
- end
38
-
39
- it "must infer the #test_scrript_url from the #url attribute" do
40
- expect(subject.vuln.test_script_url).to eq(Ronin::Vulns::RFI.test_script_for(subject.vuln.url))
41
- end
42
-
43
- context "when the 'test_script_url' param is set" do
44
- let(:test_script_url) { 'https://myhost.com/path/to/test_script.php' }
45
-
46
- subject do
47
- exploit_class.new(
48
- params: {
49
- base_url: base_url,
50
- test_script_url: test_script_url
51
- }
52
- )
53
- end
54
-
55
- it "must set the #test_script_url for the RFI vuln object" do
56
- expect(subject.vuln.test_script_url).to eq(test_script_url)
57
- end
58
- end
59
-
60
- it "must not set the #filter_bypass attribute of the RFI vuln object by default" do
61
- expect(subject.vuln.filter_bypass).to be(nil)
62
- end
63
-
64
- context "when the 'filter_bypass' param is set" do
65
- let(:filter_bypass) { :double_encode }
66
-
67
- subject do
68
- exploit_class.new(
69
- params: {
70
- base_url: base_url,
71
- filter_bypass: filter_bypass
72
- }
73
- )
74
- end
75
-
76
- it "must set the #filter_bypass attribute of the RFI vuln object to the 'filter_bypass' param" do
77
- expect(subject.vuln.filter_bypass).to eq(filter_bypass)
78
- end
79
- end
80
- end
81
-
82
- describe "#launch" do
83
- module TestRFI
84
- class RFIPayload < Ronin::Payloads::URLPayload
85
- url 'https://example.com/path/to/payload.php'
86
- end
87
- end
88
-
89
- let(:payload_class) { TestRFI::RFIPayload }
90
- let(:payload) { payload_class.new }
91
-
92
- subject do
93
- exploit_class.new(
94
- payload: payload,
95
- params: {
96
- base_url: base_url
97
- }
98
- )
99
- end
100
-
101
- it "must call #exploit on the #vuln object with the #payload" do
102
- expect(subject.vuln).to receive(:exploit).with(payload)
103
-
104
- subject.launch
105
- end
106
- end
107
- end
@@ -1,18 +0,0 @@
1
- require 'spec_helper'
2
- require 'ronin/exploits/seh_overflow'
3
-
4
- describe Ronin::Exploits::SEHOverflow do
5
- it "must inherit from Ronin::Exploits::MemoryCorruption" do
6
- expect(described_class).to be < Ronin::Exploits::MemoryCorruption
7
- end
8
-
9
- it "must include Ronin::Exploits::Mixins::SEH" do
10
- expect(described_class).to include(Ronin::Exploits::Mixins::SEH)
11
- end
12
-
13
- describe ".exploit_type" do
14
- subject { described_class }
15
-
16
- it { expect(subject.exploit_type).to eq(:seh_overflow) }
17
- end
18
- end
data/spec/spec_helper.rb DELETED
@@ -1,8 +0,0 @@
1
- require 'rspec'
2
- require 'simplecov'
3
-
4
- SimpleCov.start
5
-
6
- RSpec.configure do |specs|
7
- specs.filter_run_excluding :network
8
- end