Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge branch 'gspillman-r7-cucumber_tests'

  • Loading branch information...
commit 6c2808423b5a2c47ea8c5cba50b31bc22872f4cf 2 parents 42ea64c + 2b17a04
@sinn3r sinn3r authored
View
1  test/features/data/test.exe
@@ -0,0 +1 @@
+#
View
18 test/features/encoders.feature
@@ -0,0 +1,18 @@
+#This feature contains scenarios that test the various encoders within the metasploit framework
+
+@announce-stdout
+
+Feature: As a Metasploit Framework user
+ I want to user encoders
+ So that I can encode various payloads I might use for attacks
+
+Scenario: Create a windows tcp bind payload using the x86/unicode mixed encoder
+ When I run msfvenom to encode for windows using the "x86/unicode_mixed" encoder with "-i 1" options and a buffer register
+ #When I run `./msfvenom -p windows/shell/bind_tcp -e x86/unicode_mixed -i 1 BufferRegister=eax` interactively
+ Then the output should contain "x86/unicode_mixed succeeded with size"
+
+Scenario: Create a windows tcp bind payload encoded with x86 alpha mixed
+ When I run msfvenom to encode for windows using the "x86/alpha_mixed" encoder with "-b '\x00' -i 1" options
+ #When I run `./msfvenom -p windows/shell/bind_tcp -e x86/alpha_mixed -b '\x00' -i 1` interactively
+ Then the output should contain "x86/alpha_mixed succeeded with size"
+
View
19 test/features/handler.feature
@@ -0,0 +1,19 @@
+#This feature contains scenarios that test different handlers within the metasploit framework
+@announce
+
+Feature: As a MS Framework User
+ I want to launch various handlers
+ So the framework can properly handle input and output from exploits
+
+Scenario: Launching the exploit multi handler in Check mode
+ When I run `./msfcli exploit/multi/handler C`
+ Then the output should contain "module tree"
+ Then the output should contain "This exploit does not support check."
+
+Scenario: Launching the generic multi handler in Check mode
+ When I run `./msfcli multi/handler C`
+ Then the output should contain "module tree"
+ Then the output should contain "This exploit does not support check."
+
+
+
View
24 test/features/payloads.feature
@@ -0,0 +1,24 @@
+#This feature contains scenarios to test the ability to run/access payloads from the metasploit framework
+
+Feature: I want access to Metasploit payloads
+ So that I can define payload options for exploits
+
+Scenario: Verify the windows shell reverse tcp payload option in ruby
+ When I run msfpayload to generate a "windows/shell_reverse_tcp" on the local host
+ Then the output should contain "# windows/shell_reverse_tcp"
+ Then the output should contain "# http://www.metasploit.com"
+
+Scenario: Verify the windows x64 shell reverse tcp payload option in ruby
+ When I run msfpayload to generate a "windows/x64/shell_reverse_tcp" on the local host
+ Then the output should contain "# windows/x64/shell_reverse_tcp"
+ Then the output should contain "# http://www.metasploit.com"
+
+Scenario: Verify the linux x86 shell reverse tcp payload option in ruby
+ When I run msfpayload to generate a "linux/x86/shell_reverse_tcp" on the local host
+ Then the output should contain "# linux/x86/shell_reverse_tcp"
+ Then the output should contain "# http://www.metasploit.com"
+
+Scenario: Verify the windows meterpreter reverse tcp payload can output its contents in ruby
+ When I run msfpayload to generate a "windows/meterpreter/reverse_tcp" on the local host
+ Then the output should contain "# windows/meterpreter/reverse_tcp - 290 bytes (stage 1)"
+ Then the output should contain "# http://www.metasploit.com"
View
31 test/features/steps/common_steps.rb
@@ -0,0 +1,31 @@
+#This is the step definition file for common framework testing steps or meta steps
+
+When /^I run the "([^"]*)" exploit with standard target options$/ do |exploit|
+ steps %Q{
+ When I run `#{exploit} RHOST=#{TestConfig.instance.rhost} SMBPass=#{TestConfig.instance.smbpass} SMBUser=#{TestConfig.instance.smbuser} E` interactively
+ }
+ end
+
+When /^I run the "([^"]*)" exploit with standard target options in check mode$/ do |exploit|
+ steps %Q{
+ When I run `#{exploit} RHOST=#{TestConfig.instance.rhost} SMBPass=#{TestConfig.instance.smbpass} SMBUser=#{TestConfig.instance.smbuser} C` interactively
+ }
+ end
+
+When /^I run msfvenom to encode for windows using the "([^"]*)" encoder with "(.*)" options$/ do |encoder, options|
+ steps %Q{
+ When I run `./msfvenom ./msfvenom -p windows/shell/bind_tcp -e #{encoder} #{options}` interactively
+ }
+ end
+
+When /^I run msfvenom to encode for windows using the "([^"]*)" encoder with "(.*)" options and a buffer register$/ do |encoder, options|
+ steps %Q{
+ When I run `./msfvenom ./msfvenom -p windows/shell/bind_tcp -e #{encoder} #{options} BufferRegister=eax` interactively
+ }
+ end
+
+When /^I run msfpayload to generate a "([^"]*)" on the local host$/ do |payload|
+ steps %Q{
+ When I run `./msfpayload #{payload} LHOST=127.0.0.1 y`
+ }
+ end
View
23 test/features/steps/handler_steps.rb
@@ -0,0 +1,23 @@
+#This is the step definition file for cucumber features relating to the framework handler feature
+
+ Given /^I launch the exploit multi handler$/ do
+ steps %Q{
+
+ When I run `./msfcli exploit/multi/handler E`
+ Then the output should contain "Please wait while we load the module tree..."
+ Then the output should contain "Started reverse handler on"
+ Then the output should contain "Starting the payload handler..."
+
+ }
+ end
+
+Given /^I launch the generic multi handler$/ do
+ steps %Q{
+
+ When I run `./msfcli multi/handler E`
+ Then the output should contain "Please wait while we load the module tree..."
+ Then the output should contain "Started reverse handler on"
+ Then the output should contain "Starting the payload handler..."
+
+ }
+ end
View
3  test/features/support/.gitignore
@@ -0,0 +1,3 @@
+# These files are to be excluded from git #
+
+test_config.yml
View
25 test/features/support/env.rb
@@ -0,0 +1,25 @@
+#Cucumber automation environment setup class for MSF Testing
+
+require 'cucumber'
+require 'aruba/cucumber'
+require_relative 'test_config'
+
+Before do
+ # Automatically find the framework path
+ default_path = File.join(File.expand_path(File.dirname(__FILE__)), '../../../')
+
+ # Add more paths manually if needed. For example:
+ # "/Users/gary/rapid7/framework"
+ @dirs = [default_path]
+
+ @aruba_timeout_seconds = 150
+end
+
+Before('@slow_process') do
+ @aruba_io_wait_seconds = 150
+end
+
+@After
+#after automation execution methods go here
+
+
View
44 test/features/support/test_config.rb
@@ -0,0 +1,44 @@
+#Test config class provides public methods or varables to use for ever test
+#Includes housing data such as default web site to test, time out varaibels, etc
+require 'singleton'
+class TestConfig
+ include Singleton
+
+ def initialize(*args)
+
+ yml_path = File.join(File.dirname(__FILE__),'test_config.yml')
+
+ if File.exists?(yml_path)
+ @yaml_options = YAML::load(File.open(yml_path))
+ else
+ @yaml_options = {}
+ end
+
+ @options = {
+ "rhost" => "localhost",
+ "smbuser" => "user",
+ "smbpass" => "password"
+ }
+ end
+
+ def run_server
+ @options[:define_site].nil?
+ end
+
+ def method_missing(method)
+ if @options.has_key? method.to_s
+ return @options[method.to_s]
+ else
+ super
+ end
+ end
+
+def respond_to?(method_sym, include_private = false)
+ if @options.include? method_s
+ true
+ else
+ super
+ end
+ end
+
+end
View
31 test/features/windows_exploits.feature
@@ -0,0 +1,31 @@
+#This feature contains scenarios that test running exploits related to microsft windows platforms
+
+@announce-stdout
+
+Feature: I want to launch Windows based exploits
+ So that I can hack Windows targets
+ So that I can prove how totally unsecured Windows can be
+
+Scenario: Launch Psexec against a Windows Host
+ When I run the "./msfcli windows/smb/psexec" exploit with standard target options
+ Then the output should contain "445|WORKGROUP as user"
+ Then the output should contain "module tree"
+
+Scenario: Launch PSexec in Internal Check Mode
+ When I run the "./msfcli windows/smb/psexec" exploit with standard target options in check mode
+ Then the output should contain "module tree"
+ Then the output should contain "This exploit does not support check."
+
+Scenario: Launch ms08-067 in Internal Check Mode
+ When I run the "./msfcli windows/smb/ms08_067_netapi" exploit with standard target options in check mode
+ #When I run `./msfcli windows/smb/ms08_067_netapi RHOST=10.6.0.194 C` interactively
+ Then the output should contain "module tree"
+ Then the output should not contain "Check failed:"
+
+Scenario: Launch ms08-067 against a windows remote host
+ When I run the "./msfcli windows/smb/ms08_067_netapi" exploit with standard target options
+ Then the output should contain "module tree"
+ Then the output should contain "Started reverse handler"
+
+
+
Please sign in to comment.
Something went wrong with that request. Please try again.