Pull out common stuff in Util::EXE/MsfVenom tests

Author: egypt

lib/msf/util/exe.rb

@@ -1993,30 +1993,35 @@ def self.to_executable_fmt(framework, arch, plat, code, fmt, exeopts)
 		when 'elf'
 			if (not plat or (plat.index(Msf::Module::Platform::Linux)))
 				output = case arch
-					when ARCH_X86,nil then Msf::Util::EXE.to_linux_x86_elf(framework, code, exeopts)
-					when ARCH_X86_64  then Msf::Util::EXE.to_linux_x64_elf(framework, code, exeopts)
-					when ARCH_X64     then Msf::Util::EXE.to_linux_x64_elf(framework, code, exeopts)
-					when ARCH_ARMLE   then Msf::Util::EXE.to_linux_armle_elf(framework, code, exeopts)
-					when ARCH_MIPSBE  then Msf::Util::EXE.to_linux_mipsbe_elf(framework, code, exeopts)
-					when ARCH_MIPSLE  then Msf::Util::EXE.to_linux_mipsle_elf(framework, code, exeopts)
+					when ARCH_X86,nil then to_linux_x86_elf(framework, code, exeopts)
+					when ARCH_X86_64  then to_linux_x64_elf(framework, code, exeopts)
+					when ARCH_X64     then to_linux_x64_elf(framework, code, exeopts)
+					when ARCH_ARMLE   then to_linux_armle_elf(framework, code, exeopts)
+					when ARCH_MIPSBE  then to_linux_mipsbe_elf(framework, code, exeopts)
+					when ARCH_MIPSLE  then to_linux_mipsle_elf(framework, code, exeopts)
 					end
 			elsif(plat and (plat.index(Msf::Module::Platform::BSD)))
 				output = case arch
 					when ARCH_X86,nil then Msf::Util::EXE.to_bsd_x86_elf(framework, code, exeopts)
 					end
 			elsif(plat and (plat.index(Msf::Module::Platform::Solaris)))
 				output = case arch
-					when ARCH_X86,nil then Msf::Util::EXE.to_solaris_x86_elf(framework, code, exeopts)
+					when ARCH_X86,nil then to_solaris_x86_elf(framework, code, exeopts)
 					end
 			end
 
+		# this should really be 'jar'
+		when 'java'
+
+
+
 		when 'macho'
 			output = case arch
-				when ARCH_X86,nil then Msf::Util::EXE.to_osx_x86_macho(framework, code, exeopts)
-				when ARCH_X86_64  then Msf::Util::EXE.to_osx_x64_macho(framework, code, exeopts)
-				when ARCH_X64     then Msf::Util::EXE.to_osx_x64_macho(framework, code, exeopts)
-				when ARCH_ARMLE   then Msf::Util::EXE.to_osx_arm_macho(framework, code, exeopts)
-				when ARCH_PPC     then Msf::Util::EXE.to_osx_ppc_macho(framework, code, exeopts)
+				when ARCH_X86,nil then to_osx_x86_macho(framework, code, exeopts)
+				when ARCH_X86_64  then to_osx_x64_macho(framework, code, exeopts)
+				when ARCH_X64     then to_osx_x64_macho(framework, code, exeopts)
+				when ARCH_ARMLE   then to_osx_arm_macho(framework, code, exeopts)
+				when ARCH_PPC     then to_osx_ppc_macho(framework, code, exeopts)
 				end
 
 		when 'vba'

msfconsole

@@ -100,7 +100,7 @@ class OptsConsole
 				options['DatabaseMigrationPaths'] ||= []
 				options['DatabaseMigrationPaths'] << m
 			end
-			
+
 			opts.on("-e", "--environment <production|development>", "Specify the database environment to load from the YAML") do |m|
 				options['DatabaseEnv'] = m
 			end

msfvenom

@@ -430,7 +430,7 @@ class MsfVenom
     # possible
     when "war"
       exe = ::Msf::Util::EXE.to_executable_fmt(framework, @opts[:arch], @opts[:platform], payload_raw, @opts[:format], exeopts)
-      if (!exe and payload.platform.platforms.index(::Msf::Module::Platform::Java))
+      if (!exe && payload.respond_to?(:generate_war))
         exe = payload.generate_war.pack
       else
         exe = ::Msf::Util::EXE.to_jsp_war(exe)
@@ -441,7 +441,7 @@ class MsfVenom
     # payload if possible
     when "java"
       exe = ::Msf::Util::EXE.to_executable_fmt(framework, @opts[:arch], @opts[:platform], payload_raw, @opts[:format], exeopts)
-      if(!exe and payload.platform.platforms.index(::Msf::Module::Platform::Java))
+      if (!exe && payload.respond_to?(:generate_jar))
         exe = payload.generate_jar.pack
       end
       if exe
@@ -451,7 +451,8 @@ class MsfVenom
       end
 
     when *::Msf::Simple::Buffer.transform_formats
-      @out.write ::Msf::Simple::Buffer.transform(payload_raw, @opts[:format])
+      buf = ::Msf::Simple::Buffer.transform(payload_raw, @opts[:format])
+      @out.write buf
 
     when *::Msf::Util::EXE.to_executable_fmt_formats
       exe = ::Msf::Util::EXE.to_executable_fmt(framework, @opts[:arch], @opts[:platform], payload_raw, @opts[:format], exeopts)

spec/lib/msf/util/exe_spec.rb

@@ -2,6 +2,7 @@
 
 require 'msf/core'
 require 'msf/base/simple'
+require 'spec_helper'
 
 describe Msf::Util::EXE do
 
@@ -28,41 +29,9 @@
       bin.should == nil
     end
 
-    platform_format_map = {
-      "windows" => [
-        { :format => "dll",       :arch => "x86", :file_fp => /PE32 .*DLL/  },
-        { :format => "dll",       :arch => "x64", :file_fp => /PE32\+.*DLL/ },
-        { :format => "exe",       :arch => "x86", :file_fp => /PE32 /  },
-        { :format => "exe",       :arch => "x64", :file_fp => /PE32\+/ },
-        { :format => "exe-small", :arch => "x86", :file_fp => /PE32 /  },
-        # No template for 64-bit exe-small. That's fine, we probably
-        # don't need one.
-        #{ :format => "exe-small", :arch => "x64", :file_fp => /PE32\+/ },
-        { :format => "exe-only",  :arch => "x86", :file_fp => /PE32 /  },
-        { :format => "exe-only",  :arch => "x64", :file_fp => /PE32\+ /  },
-      ],
-      "linux" => [
-        { :format => "elf", :arch => "x86",    :file_fp => /ELF 32.*SYSV/ },
-        { :format => "elf", :arch => "x64",    :file_fp => /ELF 64.*SYSV/ },
-        { :format => "elf", :arch => "armle",  :file_fp => /ELF 32.*ARM/ },
-        { :format => "elf", :arch => "mipsbe", :file_fp => /ELF 32-bit MSB executable, MIPS/ },
-        { :format => "elf", :arch => "mipsle", :file_fp => /ELF 32-bit LSB executable, MIPS/ },
-      ],
-      "bsd" => [
-        { :format => "elf", :arch => "x86", :file_fp => /ELF 32.*BSD/ },
-      ],
-      "solaris" => [
-        { :format => "elf", :arch => "x86", :file_fp => /ELF 32/ },
-      ],
-      "osx" => [
-        { :format => "macho", :arch => "x86",   :file_fp => /Mach-O.*i386/  },
-        { :format => "macho", :arch => "x64",   :file_fp => /Mach-O 64/     },
-        { :format => "macho", :arch => "armle", :file_fp => /Mach-O.*acorn/, :pending => true },
-        { :format => "macho", :arch => "ppc",   :file_fp => /Mach-O.*ppc/,   :pending => true },
-      ]
-    }
-
-    platform_format_map.each do |plat, formats|
+    include_context 'Msf::Util::Exe'
+
+    @platform_format_map.each do |plat, formats|
       context "with platform=#{plat}" do
         let(:platform) do
           Msf::Module::PlatformList.transform(plat)
@@ -95,12 +64,7 @@
             bin = subject.to_executable_fmt($framework, arch, platform, "\xcc", fmt, {})
             bin.should be_a String
 
-            f = IO.popen("file -","w+")
-            f.write(bin)
-            f.close_write
-            fp = f.read
-            f.close
-            fp.should =~ format_hash[:file_fp] if format_hash[:file_fp]
+            verify_bin_fingerprint(format_hash, bin)
           end
 
         end

spec/msfvenom_spec.rb

@@ -33,7 +33,6 @@
 	end
 
 	let(:framework) { @framework }
-
 	describe "#dump_encoders" do
 		it "should list known encoders" do
 			dump = venom.dump_encoders
@@ -140,6 +139,8 @@
 	end
 
 	describe "#generate" do
+		include_context 'Msf::Util::Exe'
+
 		before { venom.parse_args(args) }
 
 		context "with 'exe' format" do
@@ -165,6 +166,22 @@
 			end
 		end
 
+		@platform_format_map.each do |plat, formats|
+			formats.each do |format_hash|
+				context "with format=#{format_hash[:format]} platform=#{plat} arch=#{format_hash[:arch]}" do
+					# This will build executables with no payload. They won't work
+					# of course, but at least we can see that it is producing the
+					# correct file format for the given arch and platform.
+					let(:args) { %W! -p - -f #{format_hash[:format]} -a #{format_hash[:arch]} --platform #{plat} ! }
+					it "should print a #{format_hash[:format]} to stdout" do
+						venom.generate
+						output = stdout.string
+						verify_bin_fingerprint(format_hash, output)
+					end
+				end
+			end
+		end
+
 	end
 
 end