Add specs for Msf::Java::Rmi::Client::Jmx::Server

jvazquez-r7 · jvazquez-r7 · commit 356e8c727c8d · 2015-03-24T18:56:58.000-05:00
diff --git a/modules/exploits/multi/misc/java_jmx_server.rb b/modules/exploits/multi/misc/java_jmx_server.rb
@@ -51,7 +51,6 @@ def initialize(info = {})
     ))
 
     register_options([
-      Opt::RPORT(1617),
       Msf::OptString.new('JMX_ROLE', [false, 'The role to interact with an authenticated JMX endpoint']),
       Msf::OptString.new('JMX_PASSWORD', [false, 'The password to interact with an authenticated JMX endpoint']),
       Msf::OptString.new('JMXRMI', [true, 'The name where the JMX RMI interface is bound', 'jmxrmi'])
diff --git a/spec/lib/msf/java/rmi/client/jmx/server_spec.rb b/spec/lib/msf/java/rmi/client/jmx/server_spec.rb
@@ -0,0 +1,63 @@
+# -*- coding:binary -*-
+require 'spec_helper'
+
+require 'rex/java/serialization'
+require 'rex/proto/rmi'
+require 'msf/java/rmi/client'
+require 'stringio'
+
+describe Msf::Java::Rmi::Client::Jmx::Server do
+
+  let(:new_client_response) do
+    "\x51\xac\xed\x00\x05\x77\x0f\x01\x82\x73\x92\x35\x00\x00\x01\x4c" +
+    "\x48\x27\x84\x49\x80\xbf\x73\x72\x00\x32\x6a\x61\x76\x61\x78\x2e" +
+    "\x6d\x61\x6e\x61\x67\x65\x6d\x65\x6e\x74\x2e\x72\x65\x6d\x6f\x74" +
+    "\x65\x2e\x72\x6d\x69\x2e\x52\x4d\x49\x43\x6f\x6e\x6e\x65\x63\x74" +
+    "\x69\x6f\x6e\x49\x6d\x70\x6c\x5f\x53\x74\x75\x62\x00\x00\x00\x00" +
+    "\x00\x00\x00\x02\x02\x00\x00\x70\x78\x72\x00\x1a\x6a\x61\x76\x61" +
+    "\x2e\x72\x6d\x69\x2e\x73\x65\x72\x76\x65\x72\x2e\x52\x65\x6d\x6f" +
+    "\x74\x65\x53\x74\x75\x62\xe9\xfe\xdc\xc9\x8b\xe1\x65\x1a\x02\x00" +
+    "\x00\x70\x78\x72\x00\x1c\x6a\x61\x76\x61\x2e\x72\x6d\x69\x2e\x73" +
+    "\x65\x72\x76\x65\x72\x2e\x52\x65\x6d\x6f\x74\x65\x4f\x62\x6a\x65" +
+    "\x63\x74\xd3\x61\xb4\x91\x0c\x61\x33\x1e\x03\x00\x00\x70\x78\x70" +
+    "\x77\x37\x00\x0a\x55\x6e\x69\x63\x61\x73\x74\x52\x65\x66\x00\x0e" +
+    "\x31\x37\x32\x2e\x31\x36\x2e\x31\x35\x38\x2e\x31\x33\x32\x00\x00" +
+    "\x13\x26\xa2\x01\x50\x97\x40\xd4\x90\xd1\x82\x73\x92\x35\x00\x00" +
+    "\x01\x4c\x48\x27\x84\x49\x80\xbe\x01\x78"
+  end
+
+  let(:remote_address) do
+    '172.16.158.132'
+  end
+
+  subject(:mod) do
+    mod = ::Msf::Exploit.new
+    mod.extend ::Msf::Java::Rmi::Client
+    mod.send(:initialize)
+    mod
+  end
+
+  let(:io) { StringIO.new('', 'w+b') }
+
+  describe "#send_new_client" do
+    context "when there is an RMIServerImpl_Stub interface" do
+      before(:each) do
+        allow_any_instance_of(::StringIO).to receive(:put) do |io, data|
+          io.seek(0)
+          io.write(new_client_response)
+          io.seek(0)
+        end
+
+        allow_any_instance_of(::StringIO).to receive(:get_once) do |io, length, timeout|
+          io.read
+        end
+      end
+
+      it "returns the reference information" do
+        expect(mod.send_new_client(sock: io)[:address]).to eq(remote_address)
+      end
+    end
+  end
+
+end
+
