1
require 'rspec'
2
require 'stringio'
3

4
RSpec.describe 'IPMI Dump Hashes Scanner' do
5
  include_context 'Msf::Simple::Framework#modules loading'
6

7
  subject do
8
    load_and_create_module(
9
      module_type: 'auxiliary',
10
      reference_name: 'scanner/ipmi/ipmi_dumphashes'
11
    )
12
  end
13

14
  let(:udp_sock) do
15
    instance_double(Rex::Socket::Udp)
16
  end
17

18
  before do
19
    subject.datastore['USER_FILE'] = 'users.txt'
20
    subject.datastore['PASS_FILE'] = 'passwords.txt'
21
    subject.datastore['CRACK_COMMON'] = false
22
    subject.datastore['SESSION_MAX_ATTEMPTS'] = 1
23
    subject.datastore['SESSION_RETRY_DELAY'] = 0
24
    subject.datastore['RHOST'] = '192.0.2.1'
25
    subject.datastore['RPORT'] = 623
26

27
    allow(File).to receive(:open).with('users.txt', 'rb').and_yield(StringIO.new("admin\nroot\n"))
28
    allow(File).to receive(:open).with('passwords.txt', 'rb').and_yield(StringIO.new("password\n"))
29
    allow(Rex::Socket::Udp).to receive(:create).and_return(udp_sock)
30
    allow(subject).to receive(:add_socket)
31
    allow(subject).to receive(:ipmi_status)
32
    allow(subject).to receive(:ipmi_error)
33
    allow(subject).to receive(:ipmi_good)
34
    allow(subject).to receive(:report_hash).and_return(1)
35
    allow(subject).to receive(:report_vuln)
36
    allow(subject).to receive(:report_cracked_cred)
37
    allow(subject).to receive(:write_output_files)
38
    allow(subject).to receive(:sleep)
39
    allow(Rex).to receive(:sleep)
40
  end
41

42
  describe '#run_host' do
43
    it 'stops username enumeration when the host never answers the first open-session probe' do
44
      allow(udp_sock).to receive(:sendto)
45
      allow(udp_sock).to receive(:recvfrom).and_return([nil, nil, nil])
46

47
      expect(udp_sock).to receive(:sendto).exactly(3).times
48

49
      subject.run_host('192.0.2.1')
50
    end
51
  end
52
end
53

54