require 'spec_helper' require 'ronin/exploits/lfi' describe Ronin::Exploits::LFI do module TestLFI class TestExploit < Ronin::Exploits::LFI base_path '/Templatize.asp' query_param 'item' end end let(:exploit_class) { TestLFI::TestExploit } let(:base_url) { 'http://testasp.vulnweb.com/' } let(:query) { 'item=html/about.html' } let(:query_param) { 'item' } subject do exploit_class.new( params: { base_url: base_url } ) end describe ".depth" do subject { exploit_class } context "and when depth is not set in the class" do module TestLFI class WithNoDepthSet < Ronin::Exploits::LFI end end let(:exploit_class) { TestLFI::WithNoDepthSet } it "must default to Ronin::Vulns::LFI::DEFAULT_DEPTH" do expect(subject.depth).to be(Ronin::Vulns::LFI::DEFAULT_DEPTH) end end context "and when depth is set in the class" do module TestLFI class WithDepthSet < Ronin::Exploits::LFI depth 5 end end let(:exploit_class) { TestLFI::WithDepthSet } it "must return the set depth" do expect(subject.depth).to eq(5) end end context "but when the depth was set in the superclass" do module TestLFI class InheritsItsDepth < WithDepthSet end end let(:exploit_class) { TestLFI::InheritsItsDepth } it "must return the depth set in the superclass" do expect(subject.depth).to eq(5) end context "but the depth is overridden in the sub-class" do module TestLFI class OverridesItsInheritedDepth < WithDepthSet depth 7 end end let(:exploit_class) do TestLFI::OverridesItsInheritedDepth end it "must return the depth set in the sub-class" do expect(subject.depth).to eq(7) end end end end describe ".exploit_type" do subject { described_class } it { expect(subject.exploit_type).to eq(:lfi) } end describe "#vuln" do it "must return a Ronin::Vulns::LFI object" do expect(subject.vuln).to be_kind_of(Ronin::Vulns::LFI) end it "must set the #url attribute of the LFI vuln object" do expect(subject.vuln.url).to eq(subject.url) end it "must default the #os attribute of the LFI vuln object to :unix" do expect(subject.vuln.os).to be(:unix) end context "when the 'os' param is set" do let(:os) { :windows } subject do exploit_class.new( params: { base_url: base_url, os: os } ) end it "must set the #os attribute of the LFI vuln object to the 'os' param" do expect(subject.vuln.os).to eq(os) end end it "must default the #depth attribute of the LFI vuln object to Ronin::Vulns::DEFAULT_DEPTH" do expect(subject.vuln.depth).to be(Ronin::Vulns::LFI::DEFAULT_DEPTH) end context "when the exploit class defines a custom depth" do module TestLFI class TestExploitWithDepth < Ronin::Exploits::LFI base_path '/Templatize.asp' query_param 'item' depth 10 end end let(:exploit_class) { TestLFI::TestExploitWithDepth } it "must set the #depth attribute of the LFI vuln object to the exploit class'es depth" do expect(subject.vuln.depth).to eq(exploit_class.depth) end end it "must not set the #filter_bypass attribute of the LFI vuln object by default" do expect(subject.vuln.filter_bypass).to be(nil) end context "when the 'filter_bypass' param is set" do let(:filter_bypass) { :base64 } subject do exploit_class.new( params: { base_url: base_url, filter_bypass: filter_bypass } ) end it "must set the #filter_bypass attribute of the LFI vuln object to the 'filter_bypass' param" do expect(subject.vuln.filter_bypass).to eq(filter_bypass) end end end end