require 'ronin/exploits/exploit' require 'spec_helper' require 'helpers/objects' describe Exploits::Exploit do before(:each) do @exploit = load_exploit('test') end it "should require a name attribute" do exp2 = Exploits::Exploit.new exp2.should_not be_valid exp2.name = 'test' exp2.should be_valid end it "should have a unique name and version" do first_exp = Exploits::Exploit.create( :name => 'test2', :version => '0.0.1' ) first_exp.should be_valid second_exp = Exploits::Exploit.new( :name => 'test2', :version => '0.0.1' ) second_exp.should_not be_valid third_exp = Exploits::Exploit.new( :name => 'test2', :version => '0.0.2' ) third_exp.should be_valid end it "should not have any allowances by default" do @exploit.allows.should be_empty end it "should specify the behaviors allowed by the exploit" do @exploit.allowing :memory_read, :memory_write @exploit.behaviors.should == [ Vuln::Behavior[:memory_read], Vuln::Behavior[:memory_write] ] end it "should allow for the extending of Helper modules" do @exploit.instance_eval { helper :padding }.should == true end it "should raise an UnknownHelper when extending an unknown helper" do lambda { @exploit.instance_eval { helper :obvious_not_there } }.should raise_error(Exploits::UnknownHelper) end it "should have targeted Archs" do @exploit.targeted_archs.should == [Arch.i686, Arch.i386] end it "should have targeted OSes" do @exploit.targeted_oses.should == [ OS.linux('2.6.23'), OS.windows('7.1') ] end it "should have targeted products" do @exploit.targeted_products.all? { |product| product.name == 'ExampleWare' && product.version == '1.5' }.should == true end it "should allow the explicit selection of a target" do @exploit.select_target { |target| target.arch == Arch.i686 } @exploit.target.arch.should == Arch.i686 end it "should have a default target" do @exploit.target.should_not be_nil @exploit.target.arch.should == Arch.i686 @exploit.target.os.name.should == 'Linux' @exploit.target.os.version.should == '2.6.23' end it "should have a default targeted Arch" do @exploit.arch.should == Arch.i686 end it "should have a default targeted OS" do @exploit.os.should == OS.linux('2.6.23') end it "should have a default targeted Product" do @exploit.product.name.should == 'ExampleWare' @exploit.product.version.should == '1.5' end it "should encode a String payload" do @exploit.payload = 'data' @exploit.encode_payload! @exploit.encoded_payload.should == 'data' end it "should encode a String using encoders" do @exploit.payload = 'data' @exploit.encoders << lambda { |payload| payload.upcase } @exploit.encode_payload! @exploit.encoded_payload.should == 'DATA' end it "should ignore payload encoders which return nil" do @exploit.payload = 'data' @exploit.encoders << lambda { |payload| nil } @exploit.encode_payload! @exploit.encoded_payload.should == 'data' end it "should have 'unbuilt' and 'built' states" do @exploit.should_not be_built @exploit.build! @exploit.should be_built end it "should return the result of the builder" do @exploit.build!.should == 'result' end it "should require the exploit is built before being deployed" do lambda { @exploit.deploy! }.should raise_error(Exploits::ExploitNotBuilt) end it "should have a default deployer method" do @exploit.build! @exploit.deploy! do |exploit| @exploit.should == exploit end end it "should return the name and the version when calling to_s" do @exploit.to_s.should == 'test 0.2' end it "should have a custom inspect method" do @exploit.inspect.should == '#' end end