Merge branch 'gspillman-r7-cucumber_tests'

sinn3r · sinn3r · commit 6c2808423b5a · 2013-01-10T03:23:12.000-06:00
diff --git a/test/features/data/test.exe b/test/features/data/test.exe
@@ -0,0 +1 @@
+#
diff --git a/test/features/encoders.feature b/test/features/encoders.feature
@@ -0,0 +1,18 @@
+#This feature contains scenarios that test the various encoders within the metasploit framework
+
+@announce-stdout
+
+Feature: As a Metasploit Framework user
+	I want to user encoders
+	So that I can encode various payloads I might use for attacks
+
+Scenario: Create a windows tcp bind payload using the x86/unicode mixed encoder
+		When I run msfvenom to encode for windows using the "x86/unicode_mixed" encoder with "-i 1" options and a buffer register
+        #When I run `./msfvenom -p windows/shell/bind_tcp -e x86/unicode_mixed -i 1 BufferRegister=eax` interactively
+        Then the output should contain "x86/unicode_mixed succeeded with size"
+
+Scenario: Create a windows tcp bind payload encoded with x86 alpha mixed
+	When I run msfvenom to encode for windows using the "x86/alpha_mixed" encoder with "-b '\x00' -i 1" options
+	#When I run `./msfvenom -p windows/shell/bind_tcp -e x86/alpha_mixed -b '\x00' -i 1` interactively
+	Then the output should contain "x86/alpha_mixed succeeded with size"
+
diff --git a/test/features/handler.feature b/test/features/handler.feature
@@ -0,0 +1,19 @@
+#This feature contains scenarios that test different handlers within the metasploit framework
+@announce
+
+Feature: As a MS Framework User
+	I want to launch various handlers
+	So the framework can properly handle input and output from exploits 
+
+Scenario: Launching the exploit multi handler in Check mode
+	When I run `./msfcli exploit/multi/handler C`
+	Then the output should contain "module tree"
+	Then the output should contain "This exploit does not support check."
+
+Scenario: Launching the generic multi handler in Check mode
+	When I run `./msfcli multi/handler C`
+        Then the output should contain "module tree"
+        Then the output should contain "This exploit does not support check."
+
+ 
+
diff --git a/test/features/payloads.feature b/test/features/payloads.feature
@@ -0,0 +1,24 @@
+#This feature contains scenarios to test the ability to run/access payloads from the metasploit framework
+
+Feature: I want access to Metasploit payloads
+	So that I can define payload options for exploits
+
+Scenario: Verify the windows shell reverse tcp payload option in ruby
+	When I run msfpayload to generate a "windows/shell_reverse_tcp" on the local host
+	Then the output should contain "# windows/shell_reverse_tcp"
+	Then the output should contain "# http://www.metasploit.com"
+
+Scenario: Verify the windows x64 shell reverse tcp payload option in ruby
+		When I run msfpayload to generate a "windows/x64/shell_reverse_tcp" on the local host
+        Then the output should contain "# windows/x64/shell_reverse_tcp"
+        Then the output should contain "# http://www.metasploit.com"
+
+Scenario: Verify the linux x86 shell reverse tcp payload option in ruby
+		When I run msfpayload to generate a "linux/x86/shell_reverse_tcp" on the local host
+        Then the output should contain "# linux/x86/shell_reverse_tcp"
+        Then the output should contain "# http://www.metasploit.com"
+
+Scenario: Verify the windows meterpreter reverse tcp payload can output its contents in ruby
+	When I run msfpayload to generate a "windows/meterpreter/reverse_tcp" on the local host
+	Then the output should contain "# windows/meterpreter/reverse_tcp - 290 bytes (stage 1)"
+	Then the output should contain "# http://www.metasploit.com"
diff --git a/test/features/steps/common_steps.rb b/test/features/steps/common_steps.rb
@@ -0,0 +1,31 @@
+#This is the step definition file for common framework testing steps or meta steps
+
+When /^I run the "([^"]*)" exploit with standard target options$/ do |exploit|
+	steps %Q{
+		When I run `#{exploit} RHOST=#{TestConfig.instance.rhost} SMBPass=#{TestConfig.instance.smbpass} SMBUser=#{TestConfig.instance.smbuser} E` interactively
+	}
+	end
+
+When /^I run the "([^"]*)" exploit with standard target options in check mode$/ do |exploit|
+	steps %Q{
+		When I run `#{exploit} RHOST=#{TestConfig.instance.rhost} SMBPass=#{TestConfig.instance.smbpass} SMBUser=#{TestConfig.instance.smbuser} C` interactively
+	}
+	end
+
+When /^I run msfvenom to encode for windows using the "([^"]*)" encoder with "(.*)" options$/ do |encoder, options|
+	steps %Q{
+		When I run `./msfvenom ./msfvenom -p windows/shell/bind_tcp -e #{encoder} #{options}` interactively
+	}
+	end
+
+When /^I run msfvenom to encode for windows using the "([^"]*)" encoder with "(.*)" options and a buffer register$/ do |encoder, options|
+	steps %Q{
+		When I run `./msfvenom ./msfvenom -p windows/shell/bind_tcp -e #{encoder} #{options} BufferRegister=eax` interactively
+	}
+	end
+
+When /^I run msfpayload to generate a "([^"]*)" on the local host$/ do |payload|
+	steps %Q{
+			When I run `./msfpayload #{payload} LHOST=127.0.0.1 y`
+	}
+	end
diff --git a/test/features/steps/handler_steps.rb b/test/features/steps/handler_steps.rb
@@ -0,0 +1,23 @@
+#This is the step definition file for cucumber features relating to the framework handler feature
+
+  Given /^I launch the exploit multi handler$/ do
+	steps %Q{
+	
+		When I run `./msfcli exploit/multi/handler E`
+		Then the output should contain "Please wait while we load the module tree..."
+		Then the output should contain "Started reverse handler on"
+		Then the output should contain "Starting the payload handler..."
+
+	}
+  end
+
+Given /^I launch the generic multi handler$/ do
+        steps %Q{
+
+                When I run `./msfcli multi/handler E`
+                Then the output should contain "Please wait while we load the module tree..."
+                Then the output should contain "Started reverse handler on"
+                Then the output should contain "Starting the payload handler..."
+
+        }
+  end
diff --git a/test/features/support/.gitignore b/test/features/support/.gitignore
@@ -0,0 +1,3 @@
+# These files are to be excluded from git #
+
+test_config.yml
diff --git a/test/features/support/env.rb b/test/features/support/env.rb
@@ -0,0 +1,25 @@
+#Cucumber automation environment setup class for MSF Testing
+
+require 'cucumber'
+require 'aruba/cucumber'
+require_relative 'test_config'
+
+Before do
+	# Automatically find the framework path
+	default_path = File.join(File.expand_path(File.dirname(__FILE__)), '../../../')
+
+	# Add more paths manually if needed. For example:
+	# "/Users/gary/rapid7/framework"
+	@dirs = [default_path]
+
+	@aruba_timeout_seconds = 150
+end
+
+Before('@slow_process') do 
+	@aruba_io_wait_seconds = 150
+end
+
+@After
+#after automation execution methods go here
+
+
diff --git a/test/features/support/test_config.rb b/test/features/support/test_config.rb
@@ -0,0 +1,44 @@
+#Test config class provides public methods or varables to use for ever test
+#Includes housing data such as default web site to test, time out varaibels, etc
+require 'singleton'
+class TestConfig
+  include Singleton
+  
+  def initialize(*args)
+
+	yml_path = File.join(File.dirname(__FILE__),'test_config.yml')
+  
+	if File.exists?(yml_path)
+		@yaml_options = YAML::load(File.open(yml_path))
+	else
+		@yaml_options = {}
+	end
+    
+    @options = {
+    	"rhost" => "localhost",
+	"smbuser" => "user",
+	"smbpass" => "password" 
+   } 
+  end
+  
+  def run_server
+    @options[:define_site].nil?
+  end
+
+  def method_missing(method)
+    if @options.has_key? method.to_s
+      return @options[method.to_s]
+    else
+      super
+    end
+  end
+
+def respond_to?(method_sym, include_private = false)
+    if @options.include? method_s
+      true
+    else
+      super
+    end
+  end
+
+end
diff --git a/test/features/windows_exploits.feature b/test/features/windows_exploits.feature
@@ -0,0 +1,31 @@
+#This feature contains scenarios that test running exploits related to microsft windows platforms
+
+@announce-stdout
+
+Feature: I want to launch Windows based exploits
+	So that I can hack Windows targets
+	So that I can prove how totally unsecured Windows can be
+
+Scenario: Launch Psexec against a Windows Host
+	When I run the "./msfcli windows/smb/psexec" exploit with standard target options
+	Then the output should contain "445|WORKGROUP as user"
+	Then the output should contain "module tree"
+
+Scenario: Launch PSexec in Internal Check Mode
+	When I run the "./msfcli windows/smb/psexec" exploit with standard target options in check mode
+        Then the output should contain "module tree"
+	Then the output should contain "This exploit does not support check."
+
+Scenario: Launch ms08-067 in Internal Check Mode
+	When I run the "./msfcli windows/smb/ms08_067_netapi" exploit with standard target options in check mode
+	#When I run `./msfcli windows/smb/ms08_067_netapi RHOST=10.6.0.194 C` interactively
+	Then the output should contain "module tree"
+	Then the output should not contain "Check failed:"
+
+Scenario: Launch ms08-067 against a windows remote host
+	When I run the "./msfcli windows/smb/ms08_067_netapi" exploit with standard target options
+	Then the output should contain "module tree"
+	Then the output should contain "Started reverse handler"
+
+
+

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+# These files are to be excluded from git #`
	`2`	`+`
	`3`	`+test_config.yml`