Land rapid7#3668 - Add specs for Rex::Exploitation::HeapLib

wchen-r7 · wchen-r7 · commit 311cc5befbd2 · 2014-08-19T13:14:24.000-05:00
diff --git a/lib/rex/exploitation/heaplib.rb b/lib/rex/exploitation/heaplib.rb
@@ -88,8 +88,10 @@ def load_js(custom_js, opts = {})
 
     if opts[:newobfu]
       # Obfuscate the javascript using the new lexer method
-      @js = JSObfu.new(@js)
-      return @js.obfuscate
+      js_obfu = JSObfu.new(@js)
+      js_obfu.obfuscate
+      @js = js_obfu.to_s
+      return @js
     elsif opts[:noobfu]
       # Do not obfuscate, let the exploit do the work (useful to avoid double obfuscation)
       return @js
diff --git a/spec/lib/rex/exploitation/heaplib_spec.rb b/spec/lib/rex/exploitation/heaplib_spec.rb
@@ -0,0 +1,66 @@
+# -*- coding:binary -*-
+require 'spec_helper'
+
+require 'rex/exploitation/heaplib'
+
+describe Rex::Exploitation::HeapLib do
+
+  let(:custom_code) { "var test = 'metasploit';" }
+  let(:plain_signature) { 'JavaScript Heap Exploitation library' }
+  let(:signature) { 'function(maxAlloc, heapBase)' }
+  let(:methods) {
+    [
+      'lookasideAddr',
+      'lookaside',
+      'flushOleaut32',
+      'freeOleaut32',
+      'allocOleaut32',
+      'paddingStr',
+      'debugBreak',
+      'debugHeap'
+    ]
+  }
+
+  subject(:heap_lib_class) do
+    described_class.allocate
+  end
+
+  subject(:heap_lib) do
+    described_class.new
+  end
+
+  describe "#initialize" do
+    it "returns an String" do
+      expect(heap_lib_class.send(:initialize)).to be_a(String)
+    end
+
+    it "returns the heap lib code" do
+      expect(heap_lib_class.send(:initialize)).to include(signature)
+    end
+
+    it "obfuscates with ObfuscateJS by default" do
+      methods.each do |m|
+        expect(heap_lib_class.send(:initialize)).to_not include(m)
+      end
+    end
+
+    it "allows to provide custom JS code as argument" do
+      expect(heap_lib_class.send(:initialize, custom_code)).to include(custom_code)
+    end
+
+    it "allows to disable obfuscation" do
+      expect(heap_lib_class.send(:initialize, '', {:noobfu => true})).to include(plain_signature)
+    end
+
+    it "allows to use JSObfu for obfuscation" do
+      expect(heap_lib_class.send(:initialize, '', {:newobfu => true})).to_not include(plain_signature)
+    end
+  end
+
+  describe "#to_s" do
+    it "returns the heap lib js code" do
+      expect(heap_lib.to_s).to include(signature)
+    end
+  end
+
+end
