CoCalc -- credential_collection

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/spec/lib/metasploit/framework/credential_collection_spec.rb
¹⁹⁵³⁴ views
1
require 'spec_helper'
2
require 'metasploit/framework/credential_collection'
3

4
RSpec.describe Metasploit::Framework::CredentialCollection do
5

6
  subject(:collection) do
7
    described_class.new(
8
      nil_passwords: nil_passwords,
9
      blank_passwords: blank_passwords,
10
      pass_file: pass_file,
11
      password: password,
12
      user_as_pass: user_as_pass,
13
      user_file: user_file,
14
      username: username,
15
      userpass_file: userpass_file,
16
      prepended_creds: prepended_creds,
17
      additional_privates: additional_privates,
18
      additional_publics: additional_publics,
19
      password_spray: password_spray,
20
      ignore_public: ignore_public,
21
      ignore_private: ignore_private
22
    )
23
  end
24

25
  before(:each) do
26
    # The test suite overrides File.open(...) calls; fall back to the normal behavior for any File.open calls that aren't explicitly mocked
27
    allow(File).to receive(:open).with(anything).and_call_original
28
    allow(File).to receive(:open).with(anything, anything).and_call_original
29
    allow(File).to receive(:open).with(anything, anything, anything).and_call_original
30
  end
31

32
  let(:nil_passwords) { nil }
33
  let(:blank_passwords) { nil }
34
  let(:username) { "user" }
35
  let(:password) { "pass" }
36
  let(:user_file) { nil }
37
  let(:pass_file) { nil }
38
  let(:user_as_pass) { nil }
39
  let(:userpass_file) { nil }
40
  let(:prepended_creds) { [] }
41
  let(:additional_privates) { [] }
42
  let(:additional_publics) { [] }
43
  let(:password_spray) { false }
44
  let(:ignore_public) { nil }
45
  let(:ignore_private) { nil }
46

47
  describe "#each" do
48
    specify do
49
      expect { |b| collection.each(&b) }.to yield_with_args(Metasploit::Framework::Credential)
50
    end
51

52
    context "when given a user_file and password" do
53
      let(:username) { nil }
54
      let(:user_file) do
55
        filename = "foo"
56
        stub_file = StringIO.new("asdf\njkl\n")
57
        allow(File).to receive(:open).with(filename,/^r/).and_yield stub_file
58

59
        filename
60
      end
61

62
      specify  do
63
        expect { |b| collection.each(&b) }.to yield_successive_args(
64
          Metasploit::Framework::Credential.new(public: "asdf", private: password),
65
          Metasploit::Framework::Credential.new(public: "jkl", private: password),
66
        )
67
      end
68
    end
69

70
    context "when given a pass_file and username" do
71
      let(:password) { nil }
72
      let(:pass_file) do
73
        filename = "foo"
74
        stub_file = StringIO.new("asdf\njkl\n")
75
        allow(File).to receive(:open).with(filename,/^r/).and_return stub_file
76

77
        filename
78
      end
79

80
      specify  do
81
        expect { |b| collection.each(&b) }.to yield_successive_args(
82
          Metasploit::Framework::Credential.new(public: username, private: "asdf"),
83
          Metasploit::Framework::Credential.new(public: username, private: "jkl"),
84
        )
85
      end
86
    end
87

88
    context "when given a userspass_file" do
89
      let(:username) { nil }
90
      let(:password) { nil }
91
      let(:userpass_file) do
92
        filename = "foo"
93
        stub_file = StringIO.new("asdf jkl\nfoo bar\n")
94
        allow(File).to receive(:open).with(filename,/^r/).and_yield stub_file
95

96
        filename
97
      end
98

99
      specify  do
100
        expect { |b| collection.each(&b) }.to yield_successive_args(
101
          Metasploit::Framework::Credential.new(public: "asdf", private: "jkl"),
102
          Metasploit::Framework::Credential.new(public: "foo", private: "bar"),
103
        )
104
      end
105
    end
106

107
    context "when given a pass_file and user_file" do
108
      let(:password) { nil }
109
      let(:username) { nil }
110
      let(:user_file) do
111
        filename = "user_file"
112
        stub_file = StringIO.new("asdf\njkl\n")
113
        allow(File).to receive(:open).with(filename,/^r/).and_yield stub_file
114

115
        filename
116
      end
117
      let(:pass_file) do
118
        filename = "pass_file"
119
        stub_file = StringIO.new("asdf\njkl\n")
120
        allow(File).to receive(:open).with(filename,/^r/).and_return stub_file
121

122
        filename
123
      end
124

125
      specify  do
126
        expect { |b| collection.each(&b) }.to yield_successive_args(
127
          Metasploit::Framework::Credential.new(public: "asdf", private: "asdf"),
128
          Metasploit::Framework::Credential.new(public: "asdf", private: "jkl"),
129
          Metasploit::Framework::Credential.new(public: "jkl", private: "asdf"),
130
          Metasploit::Framework::Credential.new(public: "jkl", private: "jkl"),
131
        )
132
      end
133
    end
134

135
    context "when given a pass_file and user_file and password spray" do
136
      let(:password) { nil }
137
      let(:username) { nil }
138
      let(:password_spray) { true }
139
      let(:pass_file) do
140
        filename = "pass_file"
141
        stub_file = StringIO.new("password1\npassword2\n")
142
        allow(File).to receive(:open).with(filename,/^r/).and_yield stub_file
143

144
        filename
145
      end
146
      let(:user_file) do
147
        filename = "user_file"
148
        stub_file = StringIO.new("user1\nuser2\nuser3\n")
149
        allow(File).to receive(:open).with(filename,/^r/).and_return stub_file
150

151
        filename
152
      end
153

154
      specify  do
155
        expect { |b| collection.each(&b) }.to yield_successive_args(
156
          Metasploit::Framework::Credential.new(public: "user1", private: "password1"),
157
          Metasploit::Framework::Credential.new(public: "user2", private: "password1"),
158
          Metasploit::Framework::Credential.new(public: "user3", private: "password1"),
159
          Metasploit::Framework::Credential.new(public: "user1", private: "password2"),
160
          Metasploit::Framework::Credential.new(public: "user2", private: "password2"),
161
          Metasploit::Framework::Credential.new(public: "user3", private: "password2"),
162
        )
163
      end
164

165
      context 'when :user_as_pass is true' do
166
        let(:user_as_pass) { true }
167

168
        specify  do
169
          expect { |b| collection.each(&b) }.to yield_successive_args(
170
            Metasploit::Framework::Credential.new(public: "user1", private: "user1"),
171
            Metasploit::Framework::Credential.new(public: "user2", private: "user2"),
172
            Metasploit::Framework::Credential.new(public: "user3", private: "user3"),
173
            Metasploit::Framework::Credential.new(public: "user1", private: "password1"),
174
            Metasploit::Framework::Credential.new(public: "user2", private: "password1"),
175
            Metasploit::Framework::Credential.new(public: "user3", private: "password1"),
176
            Metasploit::Framework::Credential.new(public: "user1", private: "password2"),
177
            Metasploit::Framework::Credential.new(public: "user2", private: "password2"),
178
            Metasploit::Framework::Credential.new(public: "user3", private: "password2"),
179
          )
180
        end
181
      end
182
    end
183

184
    context 'when given a username and password' do
185
      let(:password) { 'password' }
186
      let(:username) { 'root' }
187

188
      specify do
189
        expected = [
190
          Metasploit::Framework::Credential.new(public: 'root', private: 'password'),
191
        ]
192
        expect { |b| collection.each(&b) }.to yield_successive_args(*expected)
193
      end
194
    end
195

196
    context 'when given a pass_file, user_file, password spray and a default username' do
197
      let(:password) { nil }
198
      let(:username) { 'root' }
199
      let(:password_spray) { true }
200
      let(:pass_file) do
201
        filename = "pass_file"
202
        stub_file = StringIO.new("password1\npassword2\n")
203
        allow(File).to receive(:open).with(filename,/^r/).and_yield stub_file
204

205
        filename
206
      end
207
      let(:user_file) do
208
        filename = "user_file"
209
        stub_file = StringIO.new("user1\nuser2\nuser3\n")
210
        allow(File).to receive(:open).with(filename,/^r/).and_return stub_file
211

212
        filename
213
      end
214

215
      specify do
216
        expected = [
217
          Metasploit::Framework::Credential.new(public: "root", private: "password1"),
218
          Metasploit::Framework::Credential.new(public: "user1", private: "password1"),
219
          Metasploit::Framework::Credential.new(public: "user2", private: "password1"),
220
          Metasploit::Framework::Credential.new(public: "user3", private: "password1"),
221
          Metasploit::Framework::Credential.new(public: "root", private: "password2"),
222
          Metasploit::Framework::Credential.new(public: "user1", private: "password2"),
223
          Metasploit::Framework::Credential.new(public: "user2", private: "password2"),
224
          Metasploit::Framework::Credential.new(public: "user3", private: "password2"),
225
        ]
226
        expect { |b| collection.each(&b) }.to yield_successive_args(*expected)
227
      end
228
    end
229

230
    context 'when given a pass_file, user_file, password spray and additional privates' do
231
      let(:password) { nil }
232
      let(:username) { 'root' }
233
      let(:password_spray) { true }
234
      let(:additional_privates) { ['foo'] }
235
      let(:pass_file) do
236
        filename = "pass_file"
237
        stub_file = StringIO.new("password1\npassword2\n")
238
        allow(File).to receive(:open).with(filename,/^r/).and_yield stub_file
239

240
        filename
241
      end
242
      let(:user_file) do
243
        filename = "user_file"
244
        stub_file = StringIO.new("user1\nuser2\nuser3\n")
245
        allow(File).to receive(:open).with(filename,/^r/).and_return stub_file
246

247
        filename
248
      end
249

250
      specify do
251
        expected = [
252
          Metasploit::Framework::Credential.new(public: "root", private: "password1"),
253
          Metasploit::Framework::Credential.new(public: "user1", private: "password1"),
254
          Metasploit::Framework::Credential.new(public: "user2", private: "password1"),
255
          Metasploit::Framework::Credential.new(public: "user3", private: "password1"),
256
          Metasploit::Framework::Credential.new(public: "root", private: "password2"),
257
          Metasploit::Framework::Credential.new(public: "user1", private: "password2"),
258
          Metasploit::Framework::Credential.new(public: "user2", private: "password2"),
259
          Metasploit::Framework::Credential.new(public: "user3", private: "password2"),
260
          Metasploit::Framework::Credential.new(public: "root", private: "foo"),
261
          Metasploit::Framework::Credential.new(public: "user1", private: "foo"),
262
          Metasploit::Framework::Credential.new(public: "user2", private: "foo"),
263
          Metasploit::Framework::Credential.new(public: "user3", private: "foo"),
264
        ]
265
        expect { |b| collection.each(&b) }.to yield_successive_args(*expected)
266
      end
267
    end
268

269
    context 'when given a username, user_file and pass_file' do
270
      let(:password) { nil }
271
      let(:username) { 'my_username' }
272
      let(:user_file) do
273
        filename = "user_file"
274
        stub_file = StringIO.new("asdf\njkl\n")
275
        allow(File).to receive(:open).with(filename, /^r/).and_yield stub_file
276

277
        filename
278
      end
279

280
      let(:pass_file) do
281
        filename = "pass_file"
282
        stub_file = StringIO.new("asdf\njkl\n")
283
        allow(File).to receive(:open).with(filename, /^r/).and_return stub_file
284

285
        filename
286
      end
287

288
      it do
289
        expect { |b| collection.each(&b) }.to yield_successive_args(
290
                                                Metasploit::Framework::Credential.new(public: "my_username", private: "asdf"),
291
                                                Metasploit::Framework::Credential.new(public: "my_username", private: "jkl"),
292
                                                Metasploit::Framework::Credential.new(public: "asdf", private: "asdf"),
293
                                                Metasploit::Framework::Credential.new(public: "asdf", private: "jkl"),
294
                                                Metasploit::Framework::Credential.new(public: "jkl", private: "asdf"),
295
                                                Metasploit::Framework::Credential.new(public: "jkl", private: "jkl")
296
                                              )
297
      end
298
    end
299

300
    context "when :user_as_pass is true" do
301
      let(:user_as_pass) { true }
302
      specify  do
303
        expect { |b| collection.each(&b) }.to yield_successive_args(
304
          Metasploit::Framework::Credential.new(public: username, private: password),
305
          Metasploit::Framework::Credential.new(public: username, private: username),
306
        )
307
      end
308
    end
309

310
    context "when :nil_passwords is true" do
311
      let(:nil_passwords) { true }
312
      specify  do
313
        expect { |b| collection.each(&b) }.to yield_successive_args(
314
          Metasploit::Framework::Credential.new(public: username, private: nil),
315
          Metasploit::Framework::Credential.new(public: username, private: password),
316
        )
317
      end
318
    end
319

320
    context "when :blank_passwords is true" do
321
      let(:blank_passwords) { true }
322
      specify  do
323
        expect { |b| collection.each(&b) }.to yield_successive_args(
324
          Metasploit::Framework::Credential.new(public: username, private: password),
325
          Metasploit::Framework::Credential.new(public: username, private: ""),
326
        )
327
      end
328
    end
329

330
    context 'when :ignore_public is true and :username is nil' do
331
      let(:ignore_public) { true }
332
      let(:username) { nil }
333
      specify  do
334
        expect { |b| collection.each(&b) }.to_not yield_control
335
      end
336
    end
337

338
    context 'when :ignore_private is true and password is nil' do
339
      let(:ignore_private) { true }
340
      let(:password) { nil }
341
      specify  do
342
        expect { |b| collection.each(&b) }.to yield_successive_args(
343
          Metasploit::Framework::Credential.new(public: username, private: nil)
344
        )
345
      end
346

347
      context 'when :ignore_public is also true and username is nil' do
348
        let(:ignore_public) { true }
349
        let(:username) { nil }
350
        specify  do
351
          expect { |b| collection.each(&b) }.to yield_successive_args(
352
            Metasploit::Framework::Credential.new(public: nil, private: nil)
353
          )
354
        end
355
      end
356
    end
357

358
  end
359

360
  describe "#empty?" do
361
    context "when only :userpass_file is set" do
362
      let(:username) { nil }
363
      let(:password) { nil }
364
      let(:userpass_file) { "test_file" }
365
      specify do
366
        expect(collection.empty?).to eq false
367
      end
368
    end
369

370
    context "when :username is set" do
371
      context "and :password is set" do
372
        specify do
373
          expect(collection.empty?).to eq false
374
        end
375
      end
376

377
      context "and :password is not set" do
378
        let(:password) { nil }
379
        specify do
380
          expect(collection.empty?).to eq true
381
        end
382

383
        context "and :nil_passwords is true" do
384
          let(:nil_passwords) { true }
385
          specify do
386
            expect(collection.empty?).to eq false
387
          end
388
        end
389

390
        context "and :blank_passwords is true" do
391
          let(:blank_passwords) { true }
392
          specify do
393
            expect(collection.empty?).to eq false
394
          end
395
        end
396
      end
397
    end
398

399
    context "when :username is not set" do
400
      context "and :password is not set" do
401
        let(:username) { nil }
402
        let(:password) { nil }
403
        specify do
404
          expect(collection.empty?).to eq true
405
        end
406

407
        context "and :prepended_creds is not empty" do
408
          let(:prepended_creds) { [ "test" ] }
409
          specify do
410
            expect(collection.empty?).to eq false
411
          end
412
        end
413

414
        context "and :additional_privates is not empty" do
415
          let(:additional_privates) { [ "test_private" ] }
416
          specify do
417
            expect(collection.empty?).to eq true
418
          end
419
        end
420

421
        context "and :additional_publics is not empty" do
422
          let(:additional_publics) { [ "test_public" ] }
423
          specify do
424
            expect(collection.empty?).to eq true
425
          end
426
        end
427

428
        context "and :ignore_public is set" do
429
          let(:ignore_public) { true }
430
          specify do
431
            expect(collection.empty?).to eq true
432
          end
433

434
          context "and :ignore_private is also set" do
435
            let(:ignore_private) { true }
436
            specify do
437
              expect(collection.empty?).to eq false
438
            end
439
          end
440
        end
441

442
      end
443
    end
444
  end
445

446
  describe "#prepend_cred" do
447
    specify do
448
      prep = Metasploit::Framework::Credential.new(public: "foo", private: "bar")
449
      collection.prepend_cred(prep)
450
      expect { |b| collection.each(&b) }.to yield_successive_args(
451
        prep,
452
        Metasploit::Framework::Credential.new(public: username, private: password),
453
      )
454
    end
455
  end
456

457
end
458

459
Product

Resources

Company
