Msf::DBManager::Export#extract_module_detail_info spec

[#47979793]

Author: limhoff-r7

lib/msf/core/db_export.rb

@@ -358,7 +358,17 @@ def create_xml_element(key,value)
 		return el
 	end
 
-
+	# @note there is no single root element output by
+	#   {#extract_module_detail_info}, so if calling {#extract_module_detail_info}
+	#   directly, it is the caller's responsibility to add an opening and closing
+	#   tag to report_file around the call to {#extract_module_detail_info}.
+	#
+  # Writes a module_detail element to the report_file for each
+  # Mdm::ModuleDetail.
+	#
+	# @param report_file [#write, #flush] IO stream to which to write the
+	#   module_detail elements.
+	# @return [void]
 	def extract_module_detail_info(report_file)
 		Mdm::ModuleDetail.all.each do |m|
 			report_file.write("<module_detail>\n")
@@ -371,6 +381,7 @@ def extract_module_detail_info(report_file)
 			end
 
 			# Authors sub-elements
+			# @todo https://www.pivotaltracker.com/story/show/48451001
 			report_file.write("    <module_authors>\n")
 			m.authors.find(:all).each do |d|
 				d.attributes.each_pair do |k,v|
@@ -381,6 +392,7 @@ def extract_module_detail_info(report_file)
 			report_file.write("    </module_authors>\n")
 
 			# Refs sub-elements
+			# @todo https://www.pivotaltracker.com/story/show/48451001
 			report_file.write("    <module_refs>\n")
 			m.refs.find(:all).each do |d|
 				d.attributes.each_pair do |k,v|
@@ -392,6 +404,7 @@ def extract_module_detail_info(report_file)
 
 
 			# Archs sub-elements
+			# @todo https://www.pivotaltracker.com/story/show/48451001
 			report_file.write("    <module_archs>\n")
 			m.archs.find(:all).each do |d|
 				d.attributes.each_pair do |k,v|
@@ -403,6 +416,7 @@ def extract_module_detail_info(report_file)
 
 
 			# Platforms sub-elements
+			# @todo https://www.pivotaltracker.com/story/show/48451001
 			report_file.write("    <module_platforms>\n")
 			m.platforms.find(:all).each do |d|
 				d.attributes.each_pair do |k,v|
@@ -414,6 +428,7 @@ def extract_module_detail_info(report_file)
 
 
 			# Targets sub-elements
+			# @todo https://www.pivotaltracker.com/story/show/48451001
 			report_file.write("    <module_targets>\n")
 			m.targets.find(:all).each do |d|
 				d.attributes.each_pair do |k,v|
@@ -424,6 +439,7 @@ def extract_module_detail_info(report_file)
 			report_file.write("    </module_targets>\n")
 
 			# Actions sub-elements
+			# @todo https://www.pivotaltracker.com/story/show/48451001
 			report_file.write("    <module_actions>\n")
 			m.actions.find(:all).each do |d|
 				d.attributes.each_pair do |k,v|
@@ -434,6 +450,7 @@ def extract_module_detail_info(report_file)
 			report_file.write("    </module_actions>\n")
 
 			# Mixins sub-elements
+			# @todo https://www.pivotaltracker.com/story/show/48451001
 			report_file.write("    <module_mixins>\n")
 			m.mixins.find(:all).each do |d|
 				d.attributes.each_pair do |k,v|

spec/factories/mdm/module_details.rb

@@ -0,0 +1,83 @@
+FactoryGirl.define do
+	type_directory_by_type = {
+			'auxiliary' => 'auxiliary',
+			'encoder' => 'encoders',
+			'exploit' => 'exploits',
+			'nop' => 'nops',
+			'payload' => 'payloads',
+			'post' => 'posts'
+	}
+
+	sequence :mdm_module_detail_disclosure_date do |n|
+		# @todo https://www.pivotaltracker.com/story/show/48450593
+		Date.today - n
+	end
+
+	sequence :mdm_module_detail_description do |n|
+    "Module Description #{n}"
+	end
+
+	sequence :mdm_module_detail_license do |n|
+		"Module License v#{n}"
+	end
+
+	privileges = [false, true]
+	privilege_count = privileges.length
+
+	sequence :mdm_module_detail_privileged do |n|
+	  privileges[n % privilege_count]
+	end
+
+	sequence :mdm_module_detail_mtime do |n|
+		Time.now.utc - n.seconds
+	end
+
+	types = type_directory_by_type.keys
+	type_count = types.length
+
+	sequence :mdm_module_detail_mtype do |n|
+		types[n % type_count]
+	end
+
+	sequence :mdm_module_detail_name do |n|
+		"Module Name #{n}"
+	end
+
+	sequence :mdm_module_detail_rank do |n|
+		(100 * n)
+	end
+end
+
+modules_pathname = Metasploit::Framework.root.join('modules')
+type_directory_by_type = {
+		'auxiliary' => 'auxiliary',
+    'encoder' => 'encoders',
+    'exploit' => 'exploits',
+    'nop' => 'nops',
+    'payload' => 'payloads',
+    'post' => 'posts'
+}
+
+FactoryGirl.modify do
+  factory :mdm_module_detail do
+	  description { generate :mdm_module_detail_description }
+	  disclosure_date { generate :mdm_module_detail_disclosure_date }
+	  license { generate :mdm_module_detail_license }
+	  mtime { generate :mdm_module_detail_mtime }
+	  mtype { generate :mdm_module_detail_mtype }
+	  privileged { generate :mdm_module_detail_privileged }
+	  name { generate :mdm_module_detail_name }
+	  rank { generate :mdm_module_detail_rank }
+	  refname { generate :mdm_module_detail_refname }
+	  fullname { "#{mtype}/#{refname}" }
+
+	  file {
+		  type_directory = type_directory_by_type[mtype]
+
+		  modules_pathname.join(
+				  type_directory,
+				  "#{refname}.rb"
+		  ).to_path
+	  }
+  end
+end

spec/lib/msf/core/db_export_spec.rb

@@ -0,0 +1,108 @@
+require 'spec_helper'
+
+require 'msf/core/db_export'
+
+describe Msf::DBManager::Export do
+	include_context 'Msf::DBManager'
+
+	subject(:export) do
+		described_class.new(workspace)
+	end
+
+	let(:active) do
+		true
+	end
+
+	let(:workspace) do
+		FactoryGirl.create(
+				:mdm_workspace
+		)
+	end
+
+	context '#extract_module_detail_info' do
+		let(:report_file) do
+			StringIO.new
+		end
+
+		subject(:extract_module_detail_info) do
+			export.extract_module_detail_info(report_file)
+		end
+
+		context 'with Mdm::ModuleDetails' do
+			let(:document) do
+				Nokogiri::XML(report_file.string)
+			end
+
+			let(:module_detail_count) do
+				2
+			end
+
+			let(:root) do
+				document.root
+			end
+
+			let!(:module_details) do
+				FactoryGirl.create_list(
+						:mdm_module_detail,
+				    module_detail_count
+				)
+			end
+
+			before(:each) do
+				report_file.write("<root>")
+				extract_module_detail_info
+				report_file.write("</root>")
+			end
+
+			it 'should have module_detail tag for each Mdm::ModuleDetail' do
+				nodes = root.xpath('module_detail')
+
+				nodes.length.should == module_detail_count
+			end
+
+			context 'module_detail' do
+				let(:module_detail) do
+					module_details.first
+				end
+
+				subject(:module_detail_node) do
+					root.at_xpath('module_detail')
+				end
+
+				it_should_behave_like 'Msf::DBManager::Export#extract_module_detail_info module_detail child', 'description'
+
+				context '/disclosure-date' do
+					it 'should have Mdm::ModuleDetail#disclosure_date present' do
+						module_detail.disclosure_date.should be_present
+					end
+
+					it 'should have Mdm::ModuleDetail#disclosure_date from disclosure-date content' do
+						node = module_detail_node.at_xpath('disclosure-date')
+
+						Date.parse(node.content).should == module_detail.disclosure_date
+					end
+				end
+
+				it_should_behave_like 'Msf::DBManager::Export#extract_module_detail_info module_detail child', 'file'
+				it_should_behave_like 'Msf::DBManager::Export#extract_module_detail_info module_detail child', 'fullname'
+				it_should_behave_like 'Msf::DBManager::Export#extract_module_detail_info module_detail child', 'license'
+				it_should_behave_like 'Msf::DBManager::Export#extract_module_detail_info module_detail child', 'mtime'
+				it_should_behave_like 'Msf::DBManager::Export#extract_module_detail_info module_detail child', 'mtype'
+				it_should_behave_like 'Msf::DBManager::Export#extract_module_detail_info module_detail child', 'name'
+				it_should_behave_like 'Msf::DBManager::Export#extract_module_detail_info module_detail child', 'privileged'
+				it_should_behave_like 'Msf::DBManager::Export#extract_module_detail_info module_detail child', 'rank'
+				it_should_behave_like 'Msf::DBManager::Export#extract_module_detail_info module_detail child', 'refname'
+
+				# @todo https://www.pivotaltracker.com/story/show/48451001
+			end
+		end
+
+		context 'without Mdm::ModuleDetails' do
+			it 'should not write anything to report_file' do
+				extract_module_detail_info
+
+				report_file.string.should be_empty
+			end
+		end
+	end
+end

spec/lib/msf/core/db_spec.rb

@@ -12,17 +12,15 @@
 require 'msf/core'
 
 describe Msf::DBManager do
-	include_context 'Msf::Simple::Framework'
+	include_context 'Msf::DBManager'
 
-	subject(:db_manager) do
-		framework.db
+	subject do
+		db_manager
 	end
 
 	it_should_behave_like 'Msf::DBManager::ImportMsfXml'
 
 	context '#report_session' do
-		include_context 'DatabaseCleaner'
-
 		let(:options) do
 			{}
 		end
@@ -31,17 +29,6 @@
 			db_manager.report_session(options)
 		end
 
-		before(:each) do
-			configurations = Metasploit::Framework::Database.configurations
-			spec = configurations[Metasploit::Framework.env]
-
-			# Need to connect or ActiveRecord::Base.connection_pool will raise an
-			# error.
-			db_manager.connect(spec)
-
-			db_manager.stub(:active => active)
-		end
-
 		context 'with active' do
 			let(:active) do
 				true

spec/support/shared/contexts/msf/db_manager.rb

@@ -0,0 +1,19 @@
+shared_context 'Msf::DBManager' do
+	include_context 'DatabaseCleaner'
+	include_context 'Msf::Simple::Framework'
+
+	let(:db_manager) do
+		framework.db
+	end
+
+	before(:each) do
+		configurations = Metasploit::Framework::Database.configurations
+		spec = configurations[Metasploit::Framework.env]
+
+		# Need to connect or ActiveRecord::Base.connection_pool will raise an
+		# error.
+		db_manager.connect(spec)
+
+		db_manager.stub(:active => active)
+	end
+end

spec/support/shared/examples/msf/db_manager/export/extract_module_detail_info_module_detail_child.rb

@@ -0,0 +1,19 @@
+shared_examples_for 'Msf::DBManager::Export#extract_module_detail_info module_detail child' do |child_node_name|
+	attribute_name = child_node_name.underscore
+
+	subject(:child_node) do
+		module_detail_node.at_xpath(child_node_name)
+	end
+
+	let(:attribute) do
+		module_detail.send(attribute_name)
+	end
+
+	it "should have Mdm::ModuleDetail##{attribute_name} present" do
+	  attribute.should be_present
+	end
+
+	it "should have Mdm::ModuleDetail##{attribute_name} for #{child_node_name} content" do
+		child_node.content.should == attribute.to_s
+	end
+end

spec/support/shared/examples/msf/db_manager/import_msf_xml.rb

@@ -21,6 +21,10 @@ def with_info
 		subject
 	end
 
+	let(:active) do
+		true
+	end
+
 	let(:allow_yaml) do
 		false
 	end
@@ -83,15 +87,6 @@ def with_info
 		Builder::XmlMarkup.new(:indent => 2)
 	end
 
-	before(:each) do
-		configurations = Metasploit::Framework::Database.configurations
-		spec = configurations[Metasploit::Framework.env]
-
-		# Need to connect or Msf::DBManager#active will be false and
-		# Msf::DBManager#report_* methods won't create any records.
-		db_manager.connect(spec)
-	end
-
 	it 'should include methods from module so method can be overridden easier in pro' do
 		db_manager.should be_a Msf::DBManager::ImportMsfXml
 	end