/spec/lib/rex/exploitation/powershell/output_spec.rb

https://github.com/debbiemezyene/metasploit-framework · Ruby · 115 lines · 94 code · 20 blank · 1 comment · 0 complexity · 3b8610efd4a46e430d05960bf69755bb MD5 · raw file

  1. # -*- coding:binary -*-
  2. require 'spec_helper'
  3. require 'rex/exploitation/powershell'
  4. describe Rex::Exploitation::Powershell::Output do
  5. let(:example_script) do
  6. Rex::Text.rand_text_alpha(400)
  7. end
  8. let(:subject) do
  9. Rex::Exploitation::Powershell::Script.new(example_script)
  10. end
  11. let(:eof) do
  12. Rex::Text.rand_text_alpha(10)
  13. end
  14. describe "::to_s" do
  15. it 'should print the script' do
  16. subject.to_s.should eq example_script
  17. end
  18. end
  19. describe "::size" do
  20. it 'should return the size of the script' do
  21. subject.size.should eq example_script.size
  22. end
  23. end
  24. describe "::to_s_lineno" do
  25. it 'should print the script with line numbers' do
  26. subject.to_s_lineno.should eq "0: #{example_script}"
  27. end
  28. end
  29. describe "::deflate_code" do
  30. it 'should zlib the code and wrap in powershell in uncompression stub' do
  31. compressed = subject.deflate_code
  32. compressed.include?('IO.Compression.DeflateStream').should be_true
  33. compressed =~ /FromBase64String\('([A-Za-z0-9\/+=]+)'\)/
  34. $1.size.should be < Rex::Text.encode_base64(example_script).size
  35. compressed.should eq subject.code
  36. end
  37. it 'should append an eof marker if specified' do
  38. compressed = subject.deflate_code(eof)
  39. compressed.include?("echo '#{eof}';").should be_true
  40. end
  41. end
  42. describe "::encode_code" do
  43. it 'should base64 encode the code' do
  44. encoded = subject.encode_code
  45. encoded.should eq subject.code
  46. encoded =~ /^([A-Za-z0-9\/+=]+)$/
  47. $1.size.should eq encoded.size
  48. end
  49. end
  50. describe "::gzip_code" do
  51. it 'should gzip the code and wrap in powershell in uncompression stub' do
  52. compressed = subject.gzip_code
  53. compressed.include?('IO.Compression.GzipStream').should be_true
  54. compressed =~ /FromBase64String\('([A-Za-z0-9\/+=]+)'\)/
  55. $1.size.should be < Rex::Text.encode_base64(example_script).size
  56. compressed.should eq subject.code
  57. end
  58. it 'should append an eof marker if specified' do
  59. compressed = subject.gzip_code(eof)
  60. compressed.include?("echo '#{eof}';").should be_true
  61. end
  62. end
  63. describe "::compress_code" do
  64. it 'should gzip by default' do
  65. compressed = subject.compress_code
  66. compressed.include?('IO.Compression.GzipStream').should be_true
  67. end
  68. it 'should deflate if gzip is false' do
  69. compressed = subject.compress_code(nil,false)
  70. compressed.include?('IO.Compression.DeflateStream').should be_true
  71. end
  72. it 'should append an eof' do
  73. compressed = subject.compress_code(eof)
  74. compressed.include?("echo '#{eof}';").should be_true
  75. end
  76. end
  77. describe "::decompress_code" do
  78. it 'should locate the base64 string and decompress it when deflate is used' do
  79. compressed = subject.compress_code(nil, false)
  80. decompressed = subject.decompress_code
  81. decompressed.should eq example_script
  82. end
  83. it 'should locate the base64 string and decompress it when gzip is used' do
  84. compressed = subject.compress_code
  85. decompressed = subject.decompress_code
  86. decompressed.should eq example_script
  87. end
  88. it 'should raise a RuntimeException if the Base64 string is not compressed/corrupted' do
  89. corrupted = "FromBase64String('parp')"
  90. subject.code = corrupted
  91. expect { subject.decompress_code }.to raise_error(RuntimeError)
  92. subject.code.should eq corrupted
  93. end
  94. end
  95. end