Fix the typo3_spec.rb failures.

[renpic]

rake spec is giving some failures on the typo3_spec test unit.
See later comments for the full story; OpenSSL 1.1.0+ is the reason for the failures.

This patch should solve them.
Shall I open an issue too?

These are the errors from rake spec:

Msf::Exploit::Remote::HTTP::Typo3 ......FF.

  5) Msf::Exploit::Remote::HTTP::Typo3#typo3_backend_login returns a cookie string when TYPO3 credentials are valid
     Failure/Error: key.e = exponent
     
     NoMethodError:
       undefined method `e=' for #<OpenSSL::PKey::RSA:0x0055fc518e7d00>
       Did you mean?  e
     # ./lib/msf/core/exploit/http/typo3/login.rb:103:in `typo3_helper_login_rsa'
     # ./lib/msf/core/exploit/http/typo3/login.rb:37:in `typo3_backend_login'
     # ./spec/lib/msf/core/exploit/http/typo3_spec.rb:135:in `block (3 levels) in <top (required)>'

  6) Msf::Exploit::Remote::HTTP::Typo3#typo3_backend_login returns nil when TYPO3 credentials are invalid
     Failure/Error: key.e = exponent
     
     NoMethodError:
       undefined method `e=' for #<OpenSSL::PKey::RSA:0x0055fc518e0668>
       Did you mean?  e
     # ./lib/msf/core/exploit/http/typo3/login.rb:103:in `typo3_helper_login_rsa'
     # ./lib/msf/core/exploit/http/typo3/login.rb:37:in `typo3_backend_login'
     # ./spec/lib/msf/core/exploit/http/typo3_spec.rb:112:in `block (3 levels) in <top (required)>'

Verification

List the steps needed to make sure this thing works

• Start rake spec
• No more typo3 failures
• Test it with ruby 2.3 too
• No typo3 failures either.
• Hurrah! :)

Note that I had to follow the suggestion in:

rvm/rvm#3958

to use RVM and Ruby 2.3 under Kali.

[renpic]

I squashed the two commits, the second one was just a whitespace cleanup.

[renpic]

Looking at:

nov/json-jwt#45

it seems it depends on the OpenSSL version too.

My system (Kali Linux) has:

$ irb
2.4.1 :001 > require 'openssl'
 => true 
2.4.1 :002 > RUBY_VERSION
 => "2.4.1" 
2.4.1 :003 > OpenSSL::OPENSSL_VERSION
 => "OpenSSL 1.1.0e  16 Feb 2017" 
2.4.1 :004 > OpenSSL::VERSION
 => "2.0.3" 
2.4.1 :005 > 

[renpic]

Rebased on current master.

[renpic]

From https://github.com/ruby/openssl/blob/master/History.md :

Deprecations

OpenSSL::PKey
    OpenSSL::PKey::RSA#n=, #e=, #d=, #p=, #q=, #dmp1=, #dmq1=, #iqmp=,
    OpenSSL::PKey::DSA#p=, #q=, #g=, #priv_key=, #pub_key=,
    OpenSSL::PKey::DH#p=, #g=, #priv_key= and #pub_key=

are deprecated.
They are disabled when built with OpenSSL 1.1.0, due to its API change.
Instead, OpenSSL::PKey::RSA#set_key, #set_factors, #set_crt_params,
OpenSSL::PKey::DSA#set_pqg, #set_key, OpenSSL::PKey::DH#set_pqg
and #set_key are added.

(emphasis is mine)

[firefart]

@renpic any ideas why this did not fail on travis? If there is an openssl dependency that makes this fail we should look into the travis setup too and install a newer openssl to catch these errors

[renpic]

Good question! I think Ubuntu Trusty is still on OpenSSL 1.0, and that is the version used on Travis right now.

[firefart]

@busterb what do you think? Should we do a manual install on travis or stick with the default openssl version?

[renpic]

Actally, I am not so sure anymore Travis is properly running the tests...

I also get four more failures on python meterpreter payloads:

  1) modules/payloads python/meterpreter_reverse_tcp it should behave like payload cached size is consistent python/meterpreter_reverse_tcp has a valid cached_size
     Failure/Error: expect(pinst.cached_size).to eq(pinst.generate_simple(opts).size)
     
       expected: 53570
            got: 53302
     
       (compared using ==)
     Shared Example Group: "payload cached size is consistent" called from ./spec/modules/payloads_spec.rb:2252

  2) modules/payloads python/meterpreter_bind_tcp it should behave like payload cached size is consistent python/meterpreter_bind_tcp has a valid cached_size
     Failure/Error: expect(pinst.cached_size).to eq(pinst.generate_simple(opts).size)
     
       expected: 53654
            got: 53382
     
       (compared using ==)
     Shared Example Group: "payload cached size is consistent" called from ./spec/modules/payloads_spec.rb:2222

  3) modules/payloads python/meterpreter_reverse_http it should behave like payload cached size is consistent python/meterpreter_reverse_http has a valid cached_size
     Failure/Error: expect(pinst.cached_size).to eq(pinst.generate_simple(opts).size)
     
       expected: 53614
            got: 53346
     
       (compared using ==)
     Shared Example Group: "payload cached size is consistent" called from ./spec/modules/payloads_spec.rb:2232

  4) modules/payloads python/meterpreter_reverse_https it should behave like payload cached size is consistent python/meterpreter_reverse_https has a valid cached_size
     Failure/Error: expect(pinst.cached_size).to eq(pinst.generate_simple(opts).size)
     
       expected: 53618
            got: 53346
     
       (compared using ==)
     Shared Example Group: "payload cached size is consistent" called from ./spec/modules/payloads_spec.rb:2242

And Travis should catch them!

Is anyone else seeing those errors?

I tried to modify the .travis.yml, as I suspected that $CMD variable was not correctly escaped.
I am able to run the tests after I apply this patch (it is in my travis branch, if anyone finds it useful):

diff --git a/.travis.yml b/.travis.yml
index 5fb2123829..4bb232ea55 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -16,9 +16,9 @@ rvm:
   - '2.4.1'
 
 env:
-  - CMD=bundle exec rake "cucumber cucumber:boot" CREATE_BINSTUBS=true
-  - CMD=bundle exec rake spec SPEC_OPTS="--tag content"
-  - CMD=bundle exec rake spec SPEC_OPTS="--tag ~content"
+  - CMD='bundle exec rake cucumber cucumber:boot CREATE_BINSTUBS=true'
+  - CMD='bundle exec rake spec SPEC_OPTS="--tag content"'
+  - CMD='bundle exec rake spec SPEC_OPTS="--tag ~content"'
 
 matrix:
   fast_finish: true
@@ -32,14 +32,18 @@ before_install:
   - ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
   - ls -la ./.git/hooks
   - ./.git/hooks/post-merge
+  # Update the bundler
+  - gem install bundler
 before_script:
   - cp config/database.yml.travis config/database.yml
   - bundle exec rake --version
   - bundle exec rake db:create
   - bundle exec rake db:migrate
-script:
   # fail build if db/schema.rb update is not committed
-  - git diff --exit-code db/schema.rb && $CMD
+  - git diff --exit-code db/schema.rb
+script:
+  - echo "${CMD}"
+  - bash -c "${CMD}"
 
 notifications:
   irc: "irc.freenode.org#msfnotify"

I don't know what the cucumber task/env should be doing, but it has failures too:

Failing Scenarios:
cucumber -p boot features/msfconsole/database_yml.feature:88 # Scenario: Without --yaml or MSF_DATABASE_CONFIG, ~/.msf4/database.yml wins
cucumber -p boot features/msfconsole/database_yml.feature:115 # Scenario: Without --yaml, MSF_DATABASE_CONFIG or ~/.msf4/database.yml, project "database.yml" wins
cucumber -p boot features/msfconsole/database_yml.feature:150 # Scenario: Starting `msfconsole` with a valid database.yml

6 scenarios (3 failed, 3 passed)
58 steps (3 failed, 55 passed)

But those may actually be my fault, as I don't know if I have to do something else before running those commands/tasks manually.

[busterb]

@firefart I think we should stick with default for now. Going for lowest-common denominator is usually a good approach.

[busterb]

<minor_rant> - there's no reason why Ruby needed to change the API here just because OpenSSL did. this is crazy, especially since this kind of error can't be caught except at runtime. It's frankly astonishing.

[busterb]

Release Notes

This fix resolves an incompatibility between the OpenSSL 1.1 API and OpenSSL 1.0 through an update to the Typo3 login helper.