Update BES rspec

wchen-r7 · wchen-r7 · commit a7424c93a0ff · 2015-07-12T01:26:43.000-05:00
diff --git a/spec/lib/msf/core/exploit/remote/browser_exploit_server_spec.rb b/spec/lib/msf/core/exploit/remote/browser_exploit_server_spec.rb
@@ -44,6 +44,25 @@
     sock
   end
 
+  let(:user_agent) do
+    'Mozilla/5.0 (Windows NT 6.3; rv:39.0) Gecko/20100101 Firefox/35.0'
+  end
+
+  let(:cli_request) do
+    req = Rex::Proto::Http::Request.new
+    req.headers['Cookie'] = cookie
+    req.headers['User-Agent'] = user_agent
+    req
+  end
+
+  let(:tag) do
+    'tag'
+  end
+
+  let(:cookie) do
+    "__ua=#{tag};"
+  end
+
   let(:shortname) do
     'browser_exploit_server'
   end
@@ -59,6 +78,7 @@ def create_fake_note(tag, data)
 
   before(:each) do
     allow_any_instance_of(described_class).to receive(:vprint_status)
+    allow_any_instance_of(described_class).to receive(:vprint_line)
     @notes = [create_fake_note(first_profile_tag, in_memory_profile)]
   end
 
@@ -68,9 +88,15 @@ def create_fake_note(tag, data)
     mod.send(:initialize)
     mod.send(:datastore=, {'NoteTypePrefix' => default_note_type_prefix})
     allow(mod).to receive(:shortname).and_return(shortname)
+    allow(mod).to receive(:fullname).and_return(fullname)
+    allow(mod).to receive(:report_client)
     mod
   end
 
+  let(:fullname) do
+    'auxiliary/server/browser_autopwn2'
+  end
+
   let(:service_double) do
     service = double('service')
     allow(service).to receive(:server_name=)
@@ -164,20 +190,6 @@ def create_fake_note(tag, data)
 
   describe '#retrieve_tag' do
     context 'when the browser has a cookie that contains our tag' do
-      let(:tag) do
-        'tag'
-      end
-
-      let(:cookie) do
-        "__ua=#{tag};"
-      end
-
-      let(:cli_request) do
-        req = Rex::Proto::Http::Request.new
-        req.headers['Cookie'] = cookie
-        req
-      end
-
       it 'returns the tag from the cookie' do
         expect(server.retrieve_tag(cli, cli_request)).to eq(tag)
       end
@@ -214,6 +226,7 @@ def create_fake_note(tag, data)
       @on_request_exploit_called = false
       @send_not_found_called     = false
       @on_request_exploit_called = false
+      @report_client             = nil
     end
 
 
@@ -347,28 +360,72 @@ def create_fake_note(tag, data)
     end
   end
 
-  skip '#get_bad_requirements' do
-  end
+  describe '#get_bad_requirements' do
+    context 'when there is a bad requirement' do
+      it 'returns a bad requirement' do
+        requirements = { ua_ver: '34' }
+        subject.instance_variable_set(:@requirements, requirements)
+        expect(subject.get_bad_requirements(first_profile_info)).to include(:ua_ver)
+      end
+    end
 
-  skip '#process_browser_info' do
+    context 'when there is no bad requirement' do
+      it 'returns an empty hash' do
+        requirements = { ua_ver: first_profile_info[:ua_ver] }
+        subject.instance_variable_set(:@requirements, requirements)
+        expect(subject.get_bad_requirements(first_profile_info)).to be_empty
+      end
+    end
   end
 
-  skip '#has_proxy?' do
-  end
+  describe '#process_browser_info' do
+    before(:each) do
+      allow(subject).to receive(:report_client) { |args| @report_client = args }
+      allow(subject).to receive(:browser_profile).and_return(Hash.new)
+    end
 
-  skip '#cookie_name' do
-  end
+    context 'when source is :script' do
+      context 'when no profile is found' do
+        it 'reports an empty ua_ver' do
+          subject.process_browser_info(:script, cli, cli_request)
+          expect(@report_client[:ua_ver]).to eq('[]')
+        end
+      end
+    end
 
-  skip '#cookie_header' do
+    context 'when source is :headers' do
+      context 'when user-agent says the browser is FF 35.0' do
+        it 'reports ua_ver as 35.0' do
+          subject.process_browser_info(:headers, cli, cli_request)
+          expect(@report_client[:ua_ver]).to eq('35.0')
+        end
+      end
+    end
   end
 
-  skip '#send_exploit_html' do
+  describe '#has_proxy?' do
+    context 'when there is no proxy' do
+      it 'returns false' do
+        expect(subject.has_proxy?(cli_request)).to be_falsey
+      end
+    end
   end
 
-  skip '#send_not_found' do
+  describe '#cookie_name' do
+    before(:each) do
+      subject.datastore.merge!({'CookieName'=>cookie})
+    end
+
+    it 'returns a cookiename' do
+      expect(subject.cookie_name).to eq(cookie)
+    end
   end
 
-  skip '#js_vuln_test' do
+  describe '#cookie_header' do
+    it 'returns a cookie' do
+      tag = 'TAG'
+      expect(subject.cookie_header(tag)).to include(tag)
+    end
   end
 
 end
