diff --git a/.rspec b/.rspec new file mode 100644 index 000000000..9619a10b3 --- /dev/null +++ b/.rspec @@ -0,0 +1,4 @@ +--format documentation +--color +--require spec_helper +-I . diff --git a/Gemfile b/Gemfile index 4c3cc6528..b6d6e6682 100644 --- a/Gemfile +++ b/Gemfile @@ -24,6 +24,7 @@ gem 'rubyzip', '>= 1.2.2' gem 'espeak-ruby', '>= 1.0.4' # Text-to-Voice gem 'nokogiri', '>= 1.7' gem 'rake' +gem 'therubyracer' # SQLite support group :sqlite do @@ -77,7 +78,6 @@ end # For running unit tests group :test do - if ENV['BEEF_TEST'] gem 'test-unit' gem 'test-unit-full' gem 'rspec' @@ -95,7 +95,6 @@ group :test do # RESTful API tests/generic command module tests gem 'rest-client', '>= 2.0.1' gem 'byebug' - end end source 'https://rubygems.org' diff --git a/Rakefile b/Rakefile index 000961efa..851ce30f8 100644 --- a/Rakefile +++ b/Rakefile @@ -61,6 +61,13 @@ task :rest_test do Rake::Task['beef_stop'].invoke end +## RSPEC +require 'rspec/core/rake_task' +RSpec::Core::RakeTask.new(:spec) + + + + ################################ # SSL/TLS certificate diff --git a/spec/beef/core/extensions_spec.rb b/spec/beef/core/extensions_spec.rb new file mode 100644 index 000000000..b1c22544f --- /dev/null +++ b/spec/beef/core/extensions_spec.rb @@ -0,0 +1,22 @@ +RSpec.describe 'BeEF Extensions' do + + it 'loaded successfully' do + expect { + BeEF::Extensions.load + }.to_not raise_error + + exts = BeEF::Core::Configuration.instance.get('beef.extension').select{|k,v| + v['enable'] + } + expect(exts.length).to be > 0 + + exts.each do |k,v| + expect(v).to have_key('name') + expect(v).to have_key('enable') + expect(v).to have_key('loaded') + expect(v['loaded']).to be(true) + end + + end + +end diff --git a/spec/beef/core/filter/filters_spec.rb b/spec/beef/core/filter/filters_spec.rb new file mode 100644 index 000000000..353c350de --- /dev/null +++ b/spec/beef/core/filter/filters_spec.rb @@ -0,0 +1,354 @@ +RSpec.describe 'BeEF Filters' do + + context 'is_non_empty_string?' do + + it 'nil' do + expect(BeEF::Filters::is_non_empty_string?(nil)).to be(false) + end + + it 'Integer' do + expect(BeEF::Filters::is_non_empty_string?(1)).to be(false) + end + + it 'Empty String' do + expect(BeEF::Filters::is_non_empty_string?("")).to be(false) + end + + it 'null' do + expect(BeEF::Filters::is_non_empty_string?("\x00")).to be(true) + end + + it 'First char is num' do + expect(BeEF::Filters::is_non_empty_string?("0")).to be(true) + end + + it 'First char is alpha' do + expect(BeEF::Filters::is_non_empty_string?("A")).to be(true) + end + + it 'Four num chars' do + expect(BeEF::Filters::is_non_empty_string?("3333")).to be(true) + end + + it 'Four num chars begining with alpha' do + expect(BeEF::Filters::is_non_empty_string?("A3333")).to be(true) + end + + it 'Four num chars begining with null' do + expect(BeEF::Filters::is_non_empty_string?("\x003333")).to be(true) + end + + end + + context 'only?' do + + it 'success' do + expect(BeEF::Filters::only?('A', 'A')).to be(true) + end + + it 'fail' do + expect(BeEF::Filters::only?('A', 'B')).to be(false) + end + + end + + context 'exists?' do + + it 'success' do + expect(BeEF::Filters::exists?('A', 'A')).to be(true) + end + + it 'fail' do + expect(BeEF::Filters::exists?('A', 'B')).to be(false) + end + + end + + context 'has_null?' do + + context 'false with' do + + it 'general' do + chars = [nil, "", "\x01", "\xFF", "A", "A3333", "0", "}", ".", "+", "-", "-1", "0.A", "3333", "33 33", " AAAAA", "AAAAAA "] + chars.each do |c| + expect(BeEF::Filters::has_null?(c)).to be(false) + end + end + + it 'alphabet' do + (1..255).each do |c| + str = '' + str.concat(c) + expect(BeEF::Filters::has_null?(str)).to be(false) + end + end + + end + + context 'true with' do + + it 'general' do + chars = ["\x00", "A\x00", "AAAAAA\x00", "\x00A", "\x00AAAAAAAA", "A\x00A", "AAAAA\x00AAAA", "A\n\r\x00", "\x00\n\rA", "A\n\r\x00\n\rA", "\tA\x00A"] + chars.each do |c| + expect(BeEF::Filters::has_null?(c)).to be(true) + end + end + + it 'alphabet null after' do + (1..255).each do |c| + str = '' + str.concat(c) + str += "\x00" + expect(BeEF::Filters::has_null?(str)).to be(true) + end + end + + it 'alphabet null before' do + (1..255).each do |c| + str = "\x00" + str.concat(c) + expect(BeEF::Filters::has_null?(str)).to be(true) + end + end + + end + + end + + context 'has_non_printable_char?' do + + context 'false with' do + + it 'general' do + chars = [nil, "", "A", "A3333", "0", "}", ".", "+", "-", "-1", "0.A", "3333", " 0AAAAA", " 0AAA "] + chars.each do |c| + expect(BeEF::Filters::has_non_printable_char?(c)).to be(false) + end + end + + it 'lowercase' do + ('a'..'z').each do |c| + expect(BeEF::Filters::has_non_printable_char?(c)).to be(false) + end + end + + it 'uppercase' do + ('A'..'Z').each do |c| + expect(BeEF::Filters::has_non_printable_char?(c)).to be(false) + end + end + + it 'numbers' do + ('0'..'9').each do |c| + expect(BeEF::Filters::has_non_printable_char?(c)).to be(false) + end + end + + end + + context 'true with' do + + it 'general' do + chars = ["\x00", "\x01", "\x02", "A\x03", "\x04A", "\x0033333", "\x00AAAAAA", " AAAAA\x00", "\t\x00AAAAA", "\n\x00AAAAA", "\n\r\x00AAAAAAAAA", "AAAAAAA\x00AAAAAAA", "\n\x00"] + chars.each do |c| + expect(BeEF::Filters::has_non_printable_char?(c)).to be(true) + end + end + + it 'alphabet null before' do + (1..255).each do |c| + str = '' + str.concat(c) + str += "\x00" + expect(BeEF::Filters::has_non_printable_char?(str)).to be(true) + end + end + + end + + end + + context 'nums_only?' do + + it 'false with general' do + chars = [nil, 1, "", "A", "A3333", "\x003333", "}", ".", "+", "-", "-1"] + chars.each do |c| + expect(BeEF::Filters::nums_only?(c)).to be(false) + end + end + + it 'true with general' do + chars = ["0", "333"] + chars.each do |c| + expect(BeEF::Filters::nums_only?(c)).to be(true) + end + end + + end + + context 'is_valid_float?' do + + it 'false with general' do + chars = [nil, 1, "", "A", "A3333", "\x003333", "}", ".", "+", "-", "-1", "0", "333", "0.A"] + chars.each do |c| + expect(BeEF::Filters::is_valid_float?(c)).to be(false) + end + end + + it 'true with general' do + chars = ["33.33", "0.0", "1.0", "0.1"] + chars.each do |c| + expect(BeEF::Filters::is_valid_float?(c)).to be(true) + end + end + + end + + context 'hexs_only?' do + + it 'false with general' do + chars = [nil, 1, "", "\x003333", "}", ".", "+", "-", "-1", "0.A", "33.33", "0.0", "1.0", "0.1"] + chars.each do |c| + expect(BeEF::Filters::hexs_only?(c)).to be(false) + end + end + + it 'true with general' do + chars = ["0123456789ABCDEFabcdef", "0", "333", "A33333", "A"] + chars.each do |c| + expect(BeEF::Filters::hexs_only?(c)).to be(true) + end + end + + end + + context 'first_char_is_num?' do + + it 'false with general' do + chars = ["", "A", "A33333", "\x0033333"] + chars.each do |c| + expect(BeEF::Filters::first_char_is_num?(c)).to be(false) + end + end + + it 'true with general' do + chars = ["333", "0AAAAAA", "0"] + chars.each do |c| + expect(BeEF::Filters::first_char_is_num?(c)).to be(true) + end + end + + end + + context 'has_whitespace_char?' do + + it 'false with general' do + chars = ["", "A", "A33333", "\x0033333", "0", "}", ".", "+", "-", "-1", "0.A"] + chars.each do |c| + expect(BeEF::Filters::has_whitespace_char?(c)).to be(false) + end + end + + it 'true with general' do + chars = ["33 33", " ", " ", " 0AAAAAAA", " 0AAAAAAA ", "\t0AAAAAAA", "\n0AAAAAAAA"] + chars.each do |c| + expect(BeEF::Filters::has_whitespace_char?(c)).to be(true) + end + end + + end + + context 'alphanums_only?' do + + context 'false with' do + + it 'general' do + chars = [nil, "", "\n", "\r", "\x01", "}", ".", "+", "-", "-1", "ee-!@$%^&*}=0.A", "33 33", " AAAA", "AAA "] + chars.each do |c| + expect(BeEF::Filters::alphanums_only?(c)).to be(false) + end + end + + it 'additional nulls' do + chars = ["\x00", "A\x00", "AAAAAAAAA\x00", "\x00A", "\x00AAAAAAAAA", "A\x00A", "AAAAAAAA\x00AAAAAAAA", "A\n\r\x00", "\x00\n\rA", "A\n\r\x00\n\rA", "\tA\x00A"] + chars.each do |c| + expect(BeEF::Filters::alphanums_only?(c)).to be(false) + end + end + + it 'alphabet null after' do + (1..255).each do |c| + str = '' + str.concat(c) + str += "\x00" + expect(BeEF::Filters::alphanums_only?(str)).to be(false) + end + end + + it 'alphabet null before' do + (1..255).each do |c| + str = "\x00" + str.concat(c) + expect(BeEF::Filters::alphanums_only?(str)).to be(false) + end + end + + it 'alphabet around null' do + (1..255).each do |c| + str = '' + str.concat(c) + str += "\x00" + str.concat(c) + expect(BeEF::Filters::alphanums_only?(str)).to be(false) + end + end + + end + + context 'true with' do + + it 'general' do + chars = ["A", "A3333", "0", "3333"] + chars.each do |c| + expect(BeEF::Filters::alphanums_only?(c)).to be(true) + end + end + + it 'uppercase' do + ('A'..'Z').each do |c| + expect(BeEF::Filters::alphanums_only?(c)).to be(true) + end + end + + it 'lowercase' do + ('a'..'z').each do |c| + expect(BeEF::Filters::alphanums_only?(c)).to be(true) + end + end + + it 'numbers' do + ('0'..'9').each do |c| + expect(BeEF::Filters::alphanums_only?(c)).to be(true) + end + end + + end + + end + + context 'has_valid_param_chars?' do + + it 'false' do + chars = [nil, "", "+"] + chars.each do |c| + expect(BeEF::Filters::has_valid_param_chars?(c)).to be(false) + end + end + + it 'true' do + expect(BeEF::Filters::has_valid_param_chars?("A")).to be(true) + end + + end + +end diff --git a/spec/beef/core/main/models/browser_details_spec.rb b/spec/beef/core/main/models/browser_details_spec.rb new file mode 100644 index 000000000..6f7feddac --- /dev/null +++ b/spec/beef/core/main/models/browser_details_spec.rb @@ -0,0 +1,34 @@ +RSpec.describe 'BeEF BrowserDetails' do + + before(:all) do + @session = (0...10).map { ('a'..'z').to_a[rand(26)] }.join + DataMapper.setup(:default, 'sqlite3::memory:') + DataMapper.auto_migrate! + end + + it 'set nil value' do + BeEF::Core::Models::BrowserDetails.set(@session, 'key_with_nil_value', nil) + expect(BeEF::Core::Models::BrowserDetails.get(@session, 'key_with_nil_value')).to be_empty + end + + it 'set value' do + key_name = (0...10).map { ('a'..'z').to_a[rand(26)] }.join + key_value = (0...10).map { ('a'..'z').to_a[rand(26)] }.join + BeEF::Core::Models::BrowserDetails.set(@session, key_name, key_value) + expect(BeEF::Core::Models::BrowserDetails.get(@session, key_name)).to eql(key_value) + end + + it 'update value' do + key_name = (0...10).map { ('a'..'z').to_a[rand(26)] }.join + + original_key_value = (0...10).map { ('a'..'z').to_a[rand(26)] }.join + BeEF::Core::Models::BrowserDetails.set(@session, key_name, original_key_value).to_s + expect(BeEF::Core::Models::BrowserDetails.get(@session, key_name)).to eql(original_key_value) + + new_key_value = (0...10).map { ('a'..'z').to_a[rand(26)] }.join + BeEF::Core::Models::BrowserDetails.set(@session, key_name, new_key_value).to_s + expect(BeEF::Core::Models::BrowserDetails.get(@session, key_name)).to_not eql(original_key_value) + expect(BeEF::Core::Models::BrowserDetails.get(@session, key_name)).to eql(new_key_value) + end + +end diff --git a/spec/beef/core/main/network_stack/handlers/dynamic_reconstruction_spec.rb b/spec/beef/core/main/network_stack/handlers/dynamic_reconstruction_spec.rb new file mode 100644 index 000000000..0973289c6 --- /dev/null +++ b/spec/beef/core/main/network_stack/handlers/dynamic_reconstruction_spec.rb @@ -0,0 +1,82 @@ +RSpec.describe 'BeEF Dynamic Reconsturction' do + + before(:all) do + @port = 2000 + config = {} + config[:BindAddress] = '127.0.0.1' + config[:Port] = @port.to_s + @mounts = {} + @mounts['/test'] = BeEF::Core::NetworkStack::Handlers::DynamicReconstruction.new + @rackApp = Rack::URLMap.new(@mounts) + Thin::Logging.silent = true + @server = Thin::Server.new('127.0.0.1', @port.to_s, @rackApp) + trap("INT") { @server.stop } + trap("TERM") { @server.stop } + @pid = fork do + @server.start! + end + # wait for server to start + sleep 1 + end + + after(:all) do + Process.kill("INT",@pid) + end + + it 'delete' do + response = Curl::Easy.http_delete("http://127.0.0.1:#{@port}/test") + expect(response.response_code).to eql(404) + end + + it 'put' do + response = Curl::Easy.http_put("http://127.0.0.1:#{@port}/test", nil) + expect(response.response_code).to eql(404) + end + + it 'head' do + response = Curl::Easy.http_head("http://127.0.0.1:#{@port}/test") + expect(response.response_code).to eql(404) + end + + context 'get' do + + it 'no params' do + response = Curl::Easy.http_get("http://127.0.0.1:#{@port}/test") + expect(response.response_code).to eql(404) + end + + it 'zero values' do + response = Curl::Easy.http_get("http://127.0.0.1:#{@port}/test?bh=0&sid=0&pid=0&pc=0&d=0") + expect(response.response_code).to eql(200) + expect(response.body_str).to be_empty + end + + it 'one values' do + response = Curl::Easy.http_get("http://127.0.0.1:#{@port}/test?bh=1&sid=1&pid=1&pc=1&d=1") + expect(response.response_code).to eql(200) + expect(response.body_str).to be_empty + end + + it 'negative one values' do + response = Curl::Easy.http_get("http://127.0.0.1:#{@port}/test?bh=-1&sid=-1&pid=-1&pc=-1&d=-1") + expect(response.response_code).to eql(200) + expect(response.body_str).to be_empty + end + + # Fails gracefully + it 'ascii values' do + response = Curl::Easy.http_get("http://127.0.0.1:#{@port}/test?bh=z&sid=z&pid=z&pc=z&d=z") + expect(response.response_code).to eql(200) + expect(response.body_str).to be_empty + end + + # Fails gracefully + it 'array values' do + response = Curl::Easy.http_get("http://127.0.0.1:#{@port}/test?bh[]=1&sid[]=1&pid[]=1&pc[]=1&d[]=1") + expect(response.response_code).to eql(200) + expect(response.body_str).to be_empty + end + + end + +end diff --git a/spec/beef/core/main/network_stack/handlers/redirector_spec.rb b/spec/beef/core/main/network_stack/handlers/redirector_spec.rb new file mode 100644 index 000000000..ad88ab848 --- /dev/null +++ b/spec/beef/core/main/network_stack/handlers/redirector_spec.rb @@ -0,0 +1,33 @@ +RSpec.describe 'BeEF Redirector' do + + before(:all) do + @port = 2001 + config = {} + config[:BindAddress] = '127.0.0.1' + config[:Port] = @port.to_s + @mounts = {} + @mounts['/test'] = BeEF::Core::NetworkStack::Handlers::Redirector.new('http://www.beefproject.com') + @rackApp = Rack::URLMap.new(@mounts) + Thin::Logging.silent = true + @server = Thin::Server.new('127.0.0.1', @port.to_s, @rackApp) + trap("INT") { @server.stop } + trap("TERM") { @server.stop } + @pid = fork do + @server.start! + end + # wait for server to start + sleep 0.8 + end + + after(:all) do + Process.kill("INT",@pid) + end + + it 'redirects' do + response = Curl::Easy.http_get("http://127.0.0.1:#{@port}/test/") + expect(response.response_code).to eql(302) + expect(response.body_str).to eql("302 found") + expect(response.header_str).to match(/Location: http:\/\/www.beefproject\.com/) + end + +end diff --git a/spec/beef/core/modules_spec.rb b/spec/beef/core/modules_spec.rb new file mode 100644 index 000000000..f02b7a805 --- /dev/null +++ b/spec/beef/core/modules_spec.rb @@ -0,0 +1,48 @@ +RSpec.describe 'BeEF Modules' do + + it 'loaded successfully' do + expect { + BeEF::Modules.load + }.to_not raise_error + + modules = BeEF::Core::Configuration.instance.get('beef.module').select do |k,v| + v['enable'] == true and v['category'] != nil + end + expect(modules.length).to be > 0 + + modules.each do |k,v| + expect(BeEF::Module.is_present(k)).to be(true) + expect(BeEF::Module.is_enabled(k)).to be(true) + expect { + BeEF::Module.hard_load(k) + }.to_not raise_error + expect(BeEF::Module.is_loaded(k)).to be(true) + BeEF::Core::Configuration.instance.get("beef.module.#{k}.target").each do |k,v| + expect(v).to_not be_empty + end + end + end + + it 'safe client debug log' do + Dir['../../modules/**/*.js'].each do |path| + next unless File.file?(path) + File.open(path) do |f| + f.grep(/\bconsole\.log\W*\(/m) do |line| + fail "Function 'console.log' instead of 'beef.debug' inside\n Path: #{path}\nLine: #{line}" + end + end + end + end + + it 'safe variable decleration' do + Dir['../../modules/**/*.js'].each do |path| + next unless File.file?(path) + File.open(path) do |f| + f.grep(/\blet\W+[a-zA-Z0-9_\.]+\W*=/) do |line| + fail "Variable declared with 'let' instead of 'var' inside\n Path: #{path}\nLine: #{line}" + end + end + end + end + +end diff --git a/spec/beef/extensions/console_spec.rb b/spec/beef/extensions/console_spec.rb new file mode 100644 index 000000000..3c8f8e43a --- /dev/null +++ b/spec/beef/extensions/console_spec.rb @@ -0,0 +1,15 @@ +RSpec.describe 'BeEF Extension Console' do + + before(:all) do + @config = BeEF::Core::Configuration.instance + @config.load_extensions_config + end + + it 'loads configuration' do + expect(@config.get('beef.extension.console')).to have_key('enable') + console_shell = @config.get('beef.extension.console.shell') + expect(console_shell).to have_key('historyfolder') + expect(console_shell).to have_key('historyfile') + end + +end diff --git a/spec/beef/extensions/dns_spec.rb b/spec/beef/extensions/dns_spec.rb new file mode 100644 index 000000000..6a38cd06b --- /dev/null +++ b/spec/beef/extensions/dns_spec.rb @@ -0,0 +1,340 @@ +require 'resolv' +require 'extensions/dns/extension.rb' + +RSpec.describe 'BeEF Extension DNS' do + + IN = Resolv::DNS::Resource::IN + + before(:all) do + DataMapper.setup(:default, 'sqlite3::memory:') + DataMapper.auto_migrate! + @config = BeEF::Core::Configuration.instance + @config.load_extensions_config + @dns = BeEF::Extension::Dns::Server.instance + end + + it 'loaded configuration' do + config = @config.get('beef.extension.dns') + expect(config).to have_key('protocol') + expect(config).to have_key('address') + expect(config).to have_key('port') + expect(config).to have_key('upstream') + end + + it 'responds to interfaces' do + expect(@dns).to respond_to(:add_rule) + expect(@dns).to respond_to(:get_rule) + expect(@dns).to respond_to(:remove_rule!) + expect(@dns).to respond_to(:get_ruleset) + expect(@dns).to respond_to(:remove_ruleset!) + end + + context 'add good rule' do + + it '1.2.3.4' do + id = nil + response = '1.2.3.4' + expect { + id = @dns.add_rule( + :pattern => 'foo.bar', + :resource => IN::A, + :response => [response] ) do |transaction| + transaction.respond!(response) + end + }.to_not raise_error + expect(id).to_not be_nil + end + + it '9.9.9.9' do + id = nil + response = '9.9.9.9' + expect { + id = @dns.add_rule( + :pattern => %r{i\.(love|hate)\.beef\.com?}, + :resource => IN::A, + :response => [response] ) do |transaction| + transaction.respond!(response) + end + }.to_not raise_error + expect(id).to_not be_nil + end + + it 'domains' do + response = '9.9.9.9' + domains = %w( + i.hate.beef.com + i.love.beef.com + i.love.beef.co + i.love.beef.co ) + domains.each do |d| + id = nil + expect { + id = @dns.add_rule( + :pattern => %r{i\.(love|hate)\.beef\.com?}, + :resource => IN::A, + :response => [response] ) do |transaction| + transaction.respond!(response) + end + }.to_not raise_error + expect(id).to_not be_nil + end + + end + + context 'add bad rule' do + + it '4.2.4.2' do + id = nil + same_id = nil + pattern = 'j.random.hacker' + response = '4.2.4.2' + + expect { + id = @dns.add_rule( + :pattern => pattern, + :resource => IN::A, + :response => [response] ) do |transaction| + transaction.respond!(response) + end + }.to_not raise_error + + expect { + same_id = @dns.add_rule( + :pattern => pattern, + :resource => IN::A, + :response => [response] ) do |transaction| + transaction.respond!(response) + end + }.to_not raise_error + + expect { + same_id = @dns.add_rule( + :pattern => pattern, + :resource => IN::A, + :response => [response] ) do |transaction| + transaction.respond!(response) + end + }.to_not raise_error + + expect(id).to eql(same_id) + end + + end + + end + + it 'id format' do + pattern = 'dead.beef' + response = '2.2.2.2' + id = nil + + expect { + id = @dns.add_rule( + :pattern => pattern, + :resource => IN::A, + :response => [response] ) do |transaction| + transaction.respond!(response) + end + }.to_not raise_error + + expect(id.length).to eql(8) + expect(id).to match(/^\h{8}$/) + end + + + it 'get good rule' do + pattern = 'be.ef' + response = '1.1.1.1' + id = nil + + expect { + id = @dns.add_rule( + :pattern => pattern, + :resource => IN::A, + :response => [response] ) do |transaction| + transaction.respond!(response) + end + }.to_not raise_error + + expect(id).to_not be_nil + rule = @dns.get_rule(id) + + expect(rule).to be_a(Hash) + expect(rule.length).to be > 0 + expect(rule).to have_key(:id) + expect(rule).to have_key(:pattern) + expect(rule).to have_key(:resource) + expect(rule).to have_key(:response) + expect(rule[:id]).to eql(id) + expect(rule[:pattern]).to eql(pattern) + expect(rule[:resource]).to eql('A') + expect(rule[:response]).to be_a(Array) + expect(rule[:response].length).to be > 0 + expect(rule[:response].first).to eql(response) + end + + it 'get bad rule' do + expect(@dns.get_rule(42)).to be_nil + end + + it 'remove good rule' do + pattern = 'hack.the.gibson' + response = '1.9.9.5' + id = nil + + expect { + id = @dns.add_rule( + :pattern => pattern, + :resource => IN::A, + :response => [response] ) do |transaction| + transaction.respond!(response) + end + }.to_not raise_error + + expect(@dns.remove_rule!(id)).to be(true) + end + + it 'remove bad rule' do + expect(@dns.remove_rule!(42)).to be_nil + end + + it 'get ruleset' do + rules = [ + { pattern: 'be.ef', resource: 'A', response: '1.1.1.1' }, + { pattern: 'dead.beef', resource: 'A', response: '2.2.2.2' }, + { pattern: 'foo.bar', resource: 'A', response: '1.2.3.4' }, + { pattern: 'i\.(love|hate)\.beef.com?', resource: 'A', response: '9.9.9.9' }, + { pattern: 'j.random.hacker', resource: 'A', response: '4.2.4.2' } + ] + + @dns.remove_ruleset! + expect(@dns.get_ruleset.length).to eql(0) + + rules.each do |r| + @dns.add_rule( + :pattern => r[:pattern], + :resource => IN::A, + :response => r[:response] + ) + end + + ruleset = @dns.get_ruleset + ruleset.sort! { |a, b| a[:pattern] <=> b[:pattern] } + expect(ruleset).to be_a(Array) + expect(ruleset.length).to eql(5) + + rules.each_with_index do |v,i| + expect(ruleset[i][:pattern]).to eql(v[:pattern]) + expect(ruleset[i][:resource]).to eql(v[:resource]) + expect(ruleset[i][:response]).to eql(v[:response]) + end + end + + it 'remove ruleset' do + expect(@dns.remove_ruleset!).to be(true) + expect(@dns.get_ruleset.length).to eql(0) + end + + it 'failure types' do + + end + +end + + + + + # Tests each supported type of query failure +# def test_13_failure_types +# begin +# id = @@dns.add_rule( +# :pattern => 'noerror.beef.com', +# :resource => IN::A, +# :response => ['1.2.3.4'] ) do |transaction| +# transaction.failure!(:NoError) +# end +# #check_failure_status(id, :NoError) +# end +# +# begin +# id = @@dns.add_rule( +# :pattern => 'formerr.beef.com', +# :resource => IN::A, +# :response => ['1.2.3.4'] ) do |transaction| +# transaction.failure!(:FormErr) +# end +## #check_failure_status(id, :FormErr) +# end +# +# begin +# id = @@dns.add_rule( +# :pattern => 'servfail.beef.com', +# :resource => IN::A, +# :response => ['1.2.3.4'] ) do |transaction| +# transaction.failure!(:ServFail) +# end +# #check_failure_status(id, :ServFail) +# end +# +# begin +# id = @@dns.add_rule( +# :pattern => 'nxdomain.beef.com', +# :resource => IN::A, +# :response => ['1.2.3.4'] ) do |transaction| +# transaction.failure!(:NXDomain) +# end +# #check_failure_status(id, :NXDomain) +# end +# +# begin +# id = @@dns.add_rule( +# :pattern => 'notimp.beef.com', +# :resource => IN::A, +## :response => ['1.2.3.4'] ) do |transaction| +# transaction.failure!(:NotImp) +# end +# #check_failure_status(id, :NotImp) +# end +# +# begin +# id = @@dns.add_rule( +# :pattern => 'refused.beef.com', +# :resource => IN::A, +# :response => ['1.2.3.4'] ) do |transaction| +### transaction.failure!(:Refused) +# end +# #check_failure_status(id, :Refused) +# end +# +# begin +# id = @@dns.add_rule( +# :pattern => 'notauth.beef.com', +# :resource => IN::A, +# :response => ['1.2.3.4'] ) do |transaction| +# transaction.failure!(:NotAuth) +# end +## #check_failure_status(id, :NotAuth) +# end +# end +# +## private +## +# # Confirms that a query for the rule given in 'id' returns a 'resource' failure status +## def check_failure_status(id, resource) +## rule = @@dns.get_rule(id) +# status = resource.to_s.force_encoding('UTF-8').upcase +# assert_equal(status, rule[:response][0]) +# +# check_dns_response(/status: #{status}/, rule[:resource], rule[:pattern]) +# end +# +# # Compares output of dig command against regex +# def check_dns_response(regex, type, pattern) +# address = @@config.get('beef.extension.dns.address') +# port = @@config.get('beef.extension.dns.port') +### dig_output = IO.popen(["dig", "@#{address}", "-p", "#{port}", "-t", "#{type}", "#{pattern}"], 'r+').read +# assert_match(regex, dig_output) +# end +## +##end +### diff --git a/spec/beef/extensions/ipec_tunnel_spec.rb b/spec/beef/extensions/ipec_tunnel_spec.rb new file mode 100644 index 000000000..2ff497595 --- /dev/null +++ b/spec/beef/extensions/ipec_tunnel_spec.rb @@ -0,0 +1,20 @@ +require 'extensions/ipec/extension' + +RSpec.describe 'BeEF Extension IPEC' do + + before(:all) do + DataMapper.setup(:default, 'sqlite3::memory:') + DataMapper.auto_migrate! + @config = BeEF::Core::Configuration.instance + @config.load_extensions_config + end + + it 'loads configuration' do + expect(@config.get('beef.extension.ipec')).to have_key('enable') + end + + it 'interface' do + expect(BeEF::Extension::Ipec::JunkCalculator.instance).to respond_to(:bind_junk_calculator) + end + +end diff --git a/spec/beef/extensions/network_spec.rb b/spec/beef/extensions/network_spec.rb new file mode 100644 index 000000000..e47db4009 --- /dev/null +++ b/spec/beef/extensions/network_spec.rb @@ -0,0 +1,26 @@ +require 'extensions/network/models/network_service' +require 'extensions/network/models/network_host' + +RSpec.describe 'BeEF Extension Network' do + + before(:all) do + DataMapper.setup(:default, 'sqlite3::memory:') + DataMapper.auto_migrate! + end + + it 'add good host' do + expect { + BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => '1234', :ip => '127.0.0.1') + }.to_not raise_error + expect(BeEF::Core::Models::NetworkHost.all(hooked_browser_id: '1234', ip: '127.0.0.1')).to_not be_empty + end + + it 'add good service' do + expect { + BeEF::Core::Models::NetworkService.add(:hooked_browser_id => '1234', :proto => 'http', :ip => '127.0.0.1', :port => 80, :type => 'Apache') + }.to_not raise_error + expect(BeEF::Core::Models::NetworkService.all(hooked_browser_id: '1234', ip: '127.0.0.1')).to_not be_empty + + end + +end diff --git a/spec/beef/extensions/proxy_spec.rb b/spec/beef/extensions/proxy_spec.rb new file mode 100644 index 000000000..4c0919593 --- /dev/null +++ b/spec/beef/extensions/proxy_spec.rb @@ -0,0 +1,21 @@ +require 'extensions/proxy/extension' + +RSpec.describe 'BeEF Extension Proxy' do + + before(:all) do + DataMapper.setup(:default, 'sqlite3::memory:') + DataMapper.auto_migrate! + @config = BeEF::Core::Configuration.instance + @config.load_extensions_config + end + + it 'loads configuration' do + config = @config.get('beef.extension.proxy') + expect(config).to have_key('enable') + expect(config).to have_key('address') + expect(config).to have_key('port') + expect(config).to have_key('key') + expect(config).to have_key('cert') + end + +end diff --git a/spec/beef/extensions/qrcode_spec.rb b/spec/beef/extensions/qrcode_spec.rb new file mode 100644 index 000000000..26a03bd3d --- /dev/null +++ b/spec/beef/extensions/qrcode_spec.rb @@ -0,0 +1,20 @@ +require 'extensions/qrcode/extension' + +RSpec.describe 'BeEF Extension QRCode' do + + before(:all) do + DataMapper.setup(:default, 'sqlite3::memory:') + DataMapper.auto_migrate! + @config = BeEF::Core::Configuration.instance + @config.load_extensions_config + end + + it 'loads configuration' do + config = @config.get('beef.extension.qrcode') + expect(config).to have_key('enable') + expect(config).to have_key('targets') + expect(config).to have_key('qrsize') + expect(config).to have_key('qrborder') + end + +end diff --git a/spec/beef/extensions/requester_spec.rb b/spec/beef/extensions/requester_spec.rb new file mode 100644 index 000000000..01c44100c --- /dev/null +++ b/spec/beef/extensions/requester_spec.rb @@ -0,0 +1,23 @@ +require 'extensions/requester/extension' + +RSpec.describe 'BeEF Extension Requester' do + + before(:all) do + DataMapper.setup(:default, 'sqlite3::memory:') + DataMapper.auto_migrate! + @config = BeEF::Core::Configuration.instance + @config.load_extensions_config + end + + it 'loads configuration' do + expect(@config.get('beef.extension.requester')).to have_key('enable') + end + + it 'has interface' do + requester = BeEF::Extension::Requester::API::Hook.new + expect(requester).to respond_to(:requester_run) + expect(requester).to respond_to(:add_to_body) + expect(requester).to respond_to(:requester_parse_db_request) + end + +end diff --git a/spec/beef/extensions/webrtc_spec.rb b/spec/beef/extensions/webrtc_spec.rb new file mode 100644 index 000000000..b245ad00e --- /dev/null +++ b/spec/beef/extensions/webrtc_spec.rb @@ -0,0 +1,67 @@ +require 'rest-client' + +RSpec.describe 'BeEF Extension WebRTC' do + + before(:all) do + DataMapper.setup(:default, 'sqlite3::memory:') + DataMapper.auto_migrate! + @config = BeEF::Core::Configuration.instance + @config.load_extensions_config + + # json = {:username => BEEF_USER, :password => BEEF_PASSWD}.to_json + # @headers = {:content_type => :json, :accept => :json} + # response = RestClient.post("#{RESTAPI_ADMIN}/login", json, @headers) + # result = JSON.parse(response.body) + # @token = result['token'] + # @activated = @config.get('beef.extension.webrtc.enable') || false + + # @victim1 = BeefTest.new_victim + # @victim2 = BeefTest.new_victim + + # sleep 8 + + # # Fetch last online browsers' ids + # rest_response = RestClient.get "#{RESTAPI_HOOKS}", {:params => { :token => @token}} + # result = JSON.parse(rest_response.body) + # browsers = result["hooked-browsers"]["online"] + # browsers.each_with_index do |elem, index| + # if index == browsers.length - 1 + # @victim2id = browsers["#{index}"]["id"].to_s + # end + # if index == browsers.length - 2 + # @victim1id = browsers["#{index}"]["id"].to_s + # end + # end + end + + after(:all) do + # @victim1.driver.browser.close unless @victim1.nil? + # @victim2.driver.browser.close unless @victim2.nil? + end + + it 'loads configuration' do + config = @config.get('beef.extension.webrtc') + expect(config).to have_key('enable') + expect(config).to have_key('stunservers') + expect(config).to have_key('turnservers') + end + + # it 'check two hooked browsers' do + # expect(@activated).to be(true) + + # response = nil + # expect { + # response = RestClient.get "#{RESTAPI_HOOKS}", {:params => {:token => @token}} + # }.to_not raise_error + # expect(response).to_not be_nil + # expect(response.body).to_not be_nil + # expect(response.code).to eql(200) + + # result = JSON.parse(rest_response.body) + # browsers = result["hooked-browsers"]["online"] + # expect(browsers).to_not be_nil + # expect(browsers.length).to be >= 2 + # end + + +end diff --git a/spec/beef/extensions/xssrays_spec.rb b/spec/beef/extensions/xssrays_spec.rb new file mode 100644 index 000000000..572584502 --- /dev/null +++ b/spec/beef/extensions/xssrays_spec.rb @@ -0,0 +1,24 @@ +require 'extensions/xssrays/extension' + +RSpec.describe 'BeEF Extension XSSRays' do + + before(:all) do + DataMapper.setup(:default, 'sqlite3::memory:') + DataMapper.auto_migrate! + @config = BeEF::Core::Configuration.instance + @config.load_extensions_config + end + + it 'loads configuration' do + config = @config.get('beef.extension.xssrays') + expect(config).to have_key('enable') + expect(config).to have_key('clean_timeout') + expect(config).to have_key('cross_domain') + end + + it 'interface' do + xssrays = BeEF::Extension::Xssrays::API::Scan.new + expect(xssrays).to respond_to(:start_scan) + expect(xssrays).to respond_to(:add_to_body) + end +end diff --git a/spec/beef/filesystem_checks_spec.rb b/spec/beef/filesystem_checks_spec.rb new file mode 100644 index 000000000..a3630cc8e --- /dev/null +++ b/spec/beef/filesystem_checks_spec.rb @@ -0,0 +1,30 @@ +RSpec.describe 'BeEF Filesystem' do + + def file_test(file) + expect(File.file?(file)).to be(true) + expect(File.zero?(file)).to be(false) + end + + it 'required files' do + files = [ + 'beef', + 'config.yaml', + 'install' + ] + files.each do |f| + file_test(f) + end + end + + it 'executable directories' do + dirs = [ + 'core', + 'modules', + 'extensions' + ] + dirs.each do |d| + expect(File.executable?(d)).to be(true) + end + end + +end diff --git a/spec/beef/security_checks_spec.rb b/spec/beef/security_checks_spec.rb new file mode 100644 index 000000000..3dfb487ef --- /dev/null +++ b/spec/beef/security_checks_spec.rb @@ -0,0 +1,17 @@ +RSpec.describe 'BeEF Security Checks' do + + it 'dangerous eval usage' do + Dir['**/*.rb'].each do |path| + File.open(path) do |f| + next if /#{File.basename(__FILE__)}/.match(path) # skip this file + next if /\/msf-test\//.match(path) # skip this file + next if /extensions\/dns/.match(path) # skip this file + + f.grep(/\Weval\W/im) do |line| + fail "Illegal use of 'eval' found in\n Path: #{path}\nLine: #{line}" + end + end + end + end + +end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb new file mode 100644 index 000000000..a8c0f7d7a --- /dev/null +++ b/spec/spec_helper.rb @@ -0,0 +1,29 @@ +require 'core/loader.rb' + +# Notes +# We need to load vairables that 'beef' usually does for us +## config +config = BeEF::Core::Configuration.new('config.yaml') +## home_dir +$home_dir = Dir.pwd +## root_dir +$root_dir = Dir.pwd + +require 'core/bootstrap.rb' +require 'rack/test' +require 'curb' + +# Require supports +Dir['spec/support/*.rb'].each do |f| + require f +end + +ENV['RACK_ENV'] ||= 'test' + +RSpec.configure do |config| + config.disable_monkey_patching! + config.include Rack::Test::Methods + config.expect_with :rspec do |c| + c.syntax = :expect + end +end diff --git a/spec/support/beef_test.rb b/spec/support/beef_test.rb new file mode 100644 index 000000000..94ecd47ab --- /dev/null +++ b/spec/support/beef_test.rb @@ -0,0 +1,49 @@ +# +# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net +# Browser Exploitation Framework (BeEF) - http://beefproject.com +# See the file 'doc/COPYING' for copying permission +# +require 'test/unit' + +require 'capybara' +Capybara.run_server = false # we need to run our own BeEF server + +require 'selenium/webdriver' + +class BeefTest + + def self.save_screenshot(session) + Dir.mkdir(BEEF_TEST_DIR) unless File.directory?(BEEF_TEST_DIR) + session.driver.browser.save_screenshot(BEEF_TEST_DIR + Time.now.strftime("%Y-%m-%d--%H-%M-%S-%N") + ".png") + end + + def self.login(session = nil) + session = Capybara::Session.new(:selenium) if session.nil? + session.visit(ATTACK_URL) + sleep 2.0 + session.has_content?('BeEF Authentication') + session.fill_in 'user', :with => BEEF_USER + session.fill_in 'pass', :with => BEEF_PASSWD + session.click_button('Login') + sleep 10.0 + + session + end + + def self.logout(session) + session.click_link('Logout') + + session + end + + def self.new_attacker + self.login + end + + def self.new_victim + victim = Capybara::Session.new(:selenium) + victim.visit(VICTIM_URL) + victim + end + +end diff --git a/spec/support/constants.rb b/spec/support/constants.rb new file mode 100644 index 000000000..044e7ff01 --- /dev/null +++ b/spec/support/constants.rb @@ -0,0 +1,27 @@ +# +# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net +# Browser Exploitation Framework (BeEF) - http://beefproject.com +# See the file 'doc/COPYING' for copying permission +# +BEEF_TEST_DIR = "/tmp/beef-test/" + +# General constants +ATTACK_DOMAIN = "127.0.0.1" +VICTIM_DOMAIN = "localhost" +ATTACK_URL = "http://" + ATTACK_DOMAIN + ":3000/ui/panel" +VICTIM_URL = "http://" + VICTIM_DOMAIN + ":3000/demos/basic.html" + +# Credentials +BEEF_USER = ENV["TEST_BEEF_USER"] || 'beef' +BEEF_PASSWD = ENV["TEST_BEEF_PASS"] || "beef" + +# RESTful API root endpoints +RESTAPI_HOOKS = "http://" + ATTACK_DOMAIN + ":3000/api/hooks" +RESTAPI_LOGS = "http://" + ATTACK_DOMAIN + ":3000/api/logs" +RESTAPI_MODULES = "http://" + ATTACK_DOMAIN + ":3000/api/modules" +RESTAPI_NETWORK = "http://" + ATTACK_DOMAIN + ":3000/api/network" +RESTAPI_PROXY = "http://" + ATTACK_DOMAIN + ":3000/api/proxy" +RESTAPI_DNS = "http://" + ATTACK_DOMAIN + ":3000/api/dns" +RESTAPI_SENG = "http://" + ATTACK_DOMAIN + ":3000/api/seng" +RESTAPI_ADMIN = "http://" + ATTACK_DOMAIN + ":3000/api/admin" +RESTAPI_WEBRTC = "http://" + ATTACK_DOMAIN + ":3000/api/webrtc" diff --git a/test/unit/core/filter/tc_base.rb b/test/unit/core/filter/tc_base.rb deleted file mode 100644 index ec39ed992..000000000 --- a/test/unit/core/filter/tc_base.rb +++ /dev/null @@ -1,333 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -require '../../core/filters/base' - -class TC_Filter < Test::Unit::TestCase - - def test_is_non_empty_string - assert((not BeEF::Filters::is_non_empty_string?(nil)), 'Nil string') - assert((not BeEF::Filters::is_non_empty_string?(1)), 'Is integer') - assert((not BeEF::Filters::is_non_empty_string?("")), 'Empty string') - - assert((BeEF::Filters::is_non_empty_string?("\x00")), 'Single null') - assert((BeEF::Filters::is_non_empty_string?("0")), 'First char is a num') - assert((BeEF::Filters::is_non_empty_string?("A")), 'First char is a alpha') - assert(BeEF::Filters::is_non_empty_string?("3333"), '4 num chars') - assert((BeEF::Filters::is_non_empty_string?("A3333")), '4 num chars begining with an aplha') - assert((BeEF::Filters::is_non_empty_string?("\x003333")), '4 num chars begining with a null') - end - - def test_only - assert((BeEF::Filters::only?('A', 'A')), 'A - A -> success') - assert((not BeEF::Filters::only?('A', 'B')), 'A - B -> fail') - - end - - def test_exists - - assert((BeEF::Filters::exists?('A', 'A')), 'A - A -> success') - assert((not BeEF::Filters::exists?('A', 'B')), 'A - B -> fail') - - end - - def test_has_null - assert((not BeEF::Filters::has_null?(nil)), 'Nil') - assert((not BeEF::Filters::has_null?("")), 'Empty string') - assert((not BeEF::Filters::has_null?("\x01")), '0x01 string') - assert((not BeEF::Filters::has_null?("\xFF")), '0xFF string') - assert((not BeEF::Filters::has_null?("A")), 'Single char') - assert((not BeEF::Filters::has_null?("A3333")), '4 num chars begining with an aplha') - assert((not BeEF::Filters::has_null?("0")), '0 string') - assert((not BeEF::Filters::has_null?("}")), '} char') - assert((not BeEF::Filters::has_null?(".")), '. char') - assert((not BeEF::Filters::has_null?("+")), '+ char') - assert((not BeEF::Filters::has_null?("-")), '- char') - assert((not BeEF::Filters::has_null?("-1")), '-1 string') - assert((not BeEF::Filters::has_null?("0.A")), '0.A string') - assert((not BeEF::Filters::has_null?("3333")), '33 33 string') - assert((not BeEF::Filters::has_null?("33 33")), '33 33 string') - assert((not BeEF::Filters::has_null?(" AAAAAAAA")), 'white space at start of string') - assert((not BeEF::Filters::has_null?("AAAAAAAA ")), 'white space at end of string') - - (1..255).each {|c| - str = '' - str.concat(c) - assert(!(BeEF::Filters::has_null?(str)), 'loop of around every char') - } - - assert((BeEF::Filters::has_null?("\x00")), 'Single null') - assert((BeEF::Filters::has_null?("A\x00")), 'Char and null') - assert((BeEF::Filters::has_null?("AAAAAAAA\x00")), 'Char and null') - assert((BeEF::Filters::has_null?("\x00A")), 'Null and char') - assert((BeEF::Filters::has_null?("\x00AAAAAAAAA")), 'Null and chars') - assert((BeEF::Filters::has_null?("A\x00A")), 'Null surrounded by chars') - assert((BeEF::Filters::has_null?("AAAAAAAAA\x00AAAAAAAAA")), 'Null surrounded by chars') - assert((BeEF::Filters::has_null?("A\n\r\x00")), 'new line and carriage return at start of string') - assert((BeEF::Filters::has_null?("\x00\n\rA")), 'new line and carriage return at end of string') - assert((BeEF::Filters::has_null?("A\n\r\x00\n\rA")), 'new line and carriage return at start and end of string') - assert((BeEF::Filters::has_null?("\tA\x00A")), 'tab at start of string') - - (1..255).each {|c| - str = '' - str.concat(c) - str += "\x00" - assert((BeEF::Filters::has_null?(str)), 'loop of behind every char') - } - - (1..255).each {|c| - str = '' - str += "\x00" - str.concat(c) - assert((BeEF::Filters::has_null?(str)), 'loop of infront every char') - } - - (1..255).each {|c| - str = '' - str.concat(c) - str += "\x00" - str.concat(c) - assert((BeEF::Filters::has_null?(str)), 'loop of around every char') - } - - end - - def test_has_non_printable_char - assert((not BeEF::Filters::has_non_printable_char?(nil)), 'Nil') - assert((not BeEF::Filters::has_non_printable_char?("")), 'Empty string') - assert((not BeEF::Filters::has_non_printable_char?("A")), 'Single char') - assert((not BeEF::Filters::has_non_printable_char?("A3333")), '4 num chars begining with an aplha') - assert((not BeEF::Filters::has_non_printable_char?("0")), '0 string') - assert((not BeEF::Filters::has_non_printable_char?("}")), '} char') - assert((not BeEF::Filters::has_non_printable_char?(".")), '. char') - assert((not BeEF::Filters::has_non_printable_char?("+")), '+ char') - assert((not BeEF::Filters::has_non_printable_char?("-")), '- char') - assert((not BeEF::Filters::has_non_printable_char?("-1")), '-1 string') - assert((not BeEF::Filters::has_non_printable_char?("0.A")), '0.A string') - assert((not BeEF::Filters::has_non_printable_char?("3333")), '4 num chars') - assert((not BeEF::Filters::has_non_printable_char?(" 0AAAAAAAA")), 'white space at start of string') - assert((not BeEF::Filters::has_non_printable_char?(" 0AAAAAAAA ")), 'white space at end of string') - - # check lowercase chars - ('a'..'z').each {|c| - assert((not BeEF::Filters::has_non_printable_char?(c)), 'lowercase chars') - } - - # check uppercase chars - ('A'..'Z').each {|c| - assert((not BeEF::Filters::has_non_printable_char?(c)), 'uppercase chars') - } - - # check numbers chars - ('0'..'9').each {|c| - assert((not BeEF::Filters::has_non_printable_char?(c)), 'number chars') - } - - assert((BeEF::Filters::has_non_printable_char?("\x00")), '0x00 string') - assert((BeEF::Filters::has_non_printable_char?("\x01")), '0x01 string') - assert((BeEF::Filters::has_non_printable_char?("\x02")), '0x02 string') - # Commented the below because the UTF-8 handling for \xFF appears to break. - # See Issue #1126 - # assert((BeEF::Filters::has_non_printable_char?("\xF0")), '0xFE string') - # assert((BeEF::Filters::has_non_printable_char?("\xFE")), '0xFE string') - # assert((BeEF::Filters::has_non_printable_char?("\xFF")), '0xFF string') - - assert((BeEF::Filters::has_non_printable_char?("A\x03")), 'Single char and non printable char') - assert((BeEF::Filters::has_non_printable_char?("\x04A")), 'Single char and non printable char') - assert((BeEF::Filters::has_non_printable_char?("\x003333")), '4 num chars begining with a null') - assert((BeEF::Filters::has_non_printable_char?("\x00AAAAAAAA")), 'null at start of string') - assert((BeEF::Filters::has_non_printable_char?(" AAAAAAAA\x00")), 'null at end of string') - assert((BeEF::Filters::has_non_printable_char?("\t\x00AAAAAAAA")), 'tab at start of string') - assert((BeEF::Filters::has_non_printable_char?("\n\x00AAAAAAAA")), 'new line at start of string') - assert((BeEF::Filters::has_non_printable_char?("\n\r\x00AAAAAAAA")), 'new line and carriage return at start of string') - assert((BeEF::Filters::has_non_printable_char?("AAAAAAAAA\x00AAAAA")), 'Chars and null') - assert((BeEF::Filters::has_non_printable_char?("\n\x00")), 'newline and null') - - - (0..255).each {|c| - str = '' - str.concat(c) - str += "\x00" - str.concat(c) - assert((BeEF::Filters::has_non_printable_char?(str)), 'loop of around every char') - } - - end - - def test_is_nums_only - assert((not BeEF::Filters::nums_only?(nil)), 'Nil string') - assert((not BeEF::Filters::nums_only?(1)), 'Is integer') - assert((not BeEF::Filters::nums_only?("")), 'Empty string') - assert((not BeEF::Filters::nums_only?("A")), 'First char is a alpha') - assert((not BeEF::Filters::nums_only?("A3333")), '4 num chars begining with an aplha') - assert((not BeEF::Filters::nums_only?("\x003333")), '4 num chars begining with a null') - assert((not BeEF::Filters::nums_only?("}")), '} char') - assert((not BeEF::Filters::nums_only?(".")), '. char') - assert((not BeEF::Filters::nums_only?("+")), '+ char') - assert((not BeEF::Filters::nums_only?("-")), '- char') - assert((not BeEF::Filters::nums_only?("-1")), '-1 string') - - assert((BeEF::Filters::nums_only?("0")), 'First char is a num') - assert((BeEF::Filters::nums_only?("3333")), '4 num chars') - end - - def test_is_valid_float - assert((not BeEF::Filters::is_valid_float?(nil)), 'Nil string') - assert((not BeEF::Filters::is_valid_float?(1)), 'Is integer') - assert((not BeEF::Filters::is_valid_float?("")), 'Empty string') - assert((not BeEF::Filters::is_valid_float?("A")), 'First char is a alpha') - assert((not BeEF::Filters::is_valid_float?("A3333")), '4 num chars begining with an aplha') - assert((not BeEF::Filters::is_valid_float?("\x003333")), '4 num chars begining with a null') - assert((not BeEF::Filters::is_valid_float?("}")), '} char') - assert((not BeEF::Filters::is_valid_float?(".")), '. char') - assert((not BeEF::Filters::is_valid_float?("+")), '+ char') - assert((not BeEF::Filters::is_valid_float?("-")), '- char') - assert((not BeEF::Filters::is_valid_float?("-1")), '-1 string') - assert((not BeEF::Filters::is_valid_float?("0")), 'First char is a num') - assert((not BeEF::Filters::is_valid_float?("3333")), '4 num chars') - assert((not BeEF::Filters::is_valid_float?("0.A")), '0.A string') - assert((BeEF::Filters::is_valid_float?("33.33")), '4 num chars') - assert((BeEF::Filters::is_valid_float?("0.0")), '0.0 string') - assert((BeEF::Filters::is_valid_float?("1.0")), '1.0 string') - assert((BeEF::Filters::is_valid_float?("0.1")), '0.1 string') - assert((BeEF::Filters::is_valid_float?("33.33")), '33.33 string') - end - - def test_hexs_only - assert((not BeEF::Filters::hexs_only?(nil)), 'Nil string') - assert((not BeEF::Filters::hexs_only?(1)), 'Is integer') - assert((not BeEF::Filters::hexs_only?("")), 'Empty string') - assert((not BeEF::Filters::hexs_only?("\x003333")), '4 num chars begining with a null') - assert((not BeEF::Filters::hexs_only?("}")), '} char') - assert((not BeEF::Filters::hexs_only?(".")), '. char') - assert((not BeEF::Filters::hexs_only?("+")), '+ char') - assert((not BeEF::Filters::hexs_only?("-")), '- char') - assert((not BeEF::Filters::hexs_only?("-1")), '-1 string') - assert((not BeEF::Filters::hexs_only?("0.A")), '0.A string') - assert((not BeEF::Filters::hexs_only?("33.33")), '4 num chars') - assert((not BeEF::Filters::hexs_only?("0.0")), '0.0 string') - assert((not BeEF::Filters::hexs_only?("1.0")), '1.0 string') - assert((not BeEF::Filters::hexs_only?("0.1")), '0.1 string') - assert((not BeEF::Filters::hexs_only?("33.33")), '33.33 string') - - assert((BeEF::Filters::hexs_only?("0123456789ABCDEFabcdef")), '0123456789ABCDEFabcdef string') - assert((BeEF::Filters::hexs_only?("0")), 'First char is a num') - assert((BeEF::Filters::hexs_only?("3333")), '4 num chars') - assert((BeEF::Filters::hexs_only?("A3333")), '4 num chars begining with an aplha') - assert((BeEF::Filters::hexs_only?("A")), 'First char is a alpha') - end - - def test_first_char_is_num - assert((not BeEF::Filters::first_char_is_num?("")), 'Empty string') - assert((not BeEF::Filters::first_char_is_num?("A")), 'First char is a alpha') - assert((not BeEF::Filters::first_char_is_num?("A3333")), '4 num chars begining with an aplha') - assert((not BeEF::Filters::first_char_is_num?("\x003333")), '4 num chars begining with a null') - - assert((BeEF::Filters::first_char_is_num?("3333")), '4 num chars') - assert((BeEF::Filters::first_char_is_num?("0AAAAAAAA")), '0AAAAAAAA string') - assert((BeEF::Filters::first_char_is_num?("0")), 'First char is a num') - end - - def test_has_whitespace_char - assert((not BeEF::Filters::has_whitespace_char?("")), 'Empty string') - assert((not BeEF::Filters::has_whitespace_char?("A")), 'First char is a alpha') - assert((not BeEF::Filters::has_whitespace_char?("A3333")), '4 num chars begining with an aplha') - assert((not BeEF::Filters::has_whitespace_char?("\x003333")), '4 num chars begining with a null') - assert((not BeEF::Filters::has_whitespace_char?("0")), 'First char is a num') - assert((not BeEF::Filters::has_whitespace_char?("}")), '} char') - assert((not BeEF::Filters::has_whitespace_char?(".")), '. char') - assert((not BeEF::Filters::has_whitespace_char?("+")), '+ char') - assert((not BeEF::Filters::has_whitespace_char?("-")), '- char') - assert((not BeEF::Filters::has_whitespace_char?("-1")), '-1 string') - assert((not BeEF::Filters::has_whitespace_char?("0.A")), '0.A string') - - assert((BeEF::Filters::has_whitespace_char?("33 33")), '4 num chars') - assert((BeEF::Filters::has_whitespace_char?(" ")), 'white space char only') - assert((BeEF::Filters::has_whitespace_char?(" ")), 'white space chars only') - assert((BeEF::Filters::has_whitespace_char?(" 0AAAAAAAA")), 'white space at start of string') - assert((BeEF::Filters::has_whitespace_char?(" 0AAAAAAAA ")), 'white space at start and end of string') - assert((BeEF::Filters::has_whitespace_char?("\t0AAAAAAAA")), 'white space at start of string') - assert((BeEF::Filters::has_whitespace_char?("\n0AAAAAAAA")), 'white space at start of string') - end - - def test_alphanums_only - assert((BeEF::Filters::alphanums_only?("A")), 'Single char') - assert((BeEF::Filters::alphanums_only?("A3333")), '4 num chars begining with an aplha') - assert((BeEF::Filters::alphanums_only?("0")), '0 string') - - assert((not BeEF::Filters::alphanums_only?(nil)), 'Nil') - assert((not BeEF::Filters::alphanums_only?("")), 'Empty string') - assert((not BeEF::Filters::alphanums_only?("\n")), '\\n string') - assert((not BeEF::Filters::alphanums_only?("\r")), '\\r string') - assert((not BeEF::Filters::alphanums_only?("\x01")), '0x01 string') - # Commented the below because the UTF-8 handling for \xFF appears to break. - # See Issue #1126 - # assert((not BeEF::Filters::alphanums_only?("\xFF")), '0xFF string') - assert((not BeEF::Filters::alphanums_only?("}")), '} char') - assert((not BeEF::Filters::alphanums_only?(".")), '. char') - assert((not BeEF::Filters::alphanums_only?("+")), '+ char') - assert((not BeEF::Filters::alphanums_only?("-")), '- char') - assert((not BeEF::Filters::alphanums_only?("-1")), '-1 string') - assert((not BeEF::Filters::alphanums_only?("ee-!@$%^&*}=0.A")), '0.A string') - assert((not BeEF::Filters::alphanums_only?("33 33")), '33 33 string') - assert((not BeEF::Filters::alphanums_only?(" AAAAAAAA")), 'white space at start of string') - assert((not BeEF::Filters::alphanums_only?("AAAAAAAA ")), 'white space at end of string') - - # check lowercase chars - ('a'..'z').each {|c| - assert((BeEF::Filters::alphanums_only?(c)), 'lowercase chars') - } - - # check uppercase chars - ('A'..'Z').each {|c| - assert((BeEF::Filters::alphanums_only?(c)), 'uppercase chars') - } - - # check numbers chars - ('0'..'9').each {|c| - assert((BeEF::Filters::alphanums_only?(c)), 'number chars') - } - - assert((not BeEF::Filters::alphanums_only?("\x00")), 'Single null') - assert((not BeEF::Filters::alphanums_only?("A\x00")), 'Char and null') - assert((not BeEF::Filters::alphanums_only?("AAAAAAAA\x00")), 'Char and null') - assert((not BeEF::Filters::alphanums_only?("\x00A")), 'Null and char') - assert((not BeEF::Filters::alphanums_only?("\x00AAAAAAAAA")), 'Null and chars') - assert((not BeEF::Filters::alphanums_only?("A\x00A")), 'Null surrounded by chars') - assert((not BeEF::Filters::alphanums_only?("AAAAAAAAA\x00AAAAAAAAA")), 'Null surrounded by chars') - assert((not BeEF::Filters::alphanums_only?("A\n\r\x00")), 'new line and carriage return at start of string') - assert((not BeEF::Filters::alphanums_only?("\x00\n\rA")), 'new line and carriage return at end of string') - assert((not BeEF::Filters::alphanums_only?("A\n\r\x00\n\rA")), 'new line and carriage return at start and end of string') - assert((not BeEF::Filters::alphanums_only?("\tA\x00A")), 'tab at start of string') - - - (0..255).each {|c| - str = '' - str.concat(c) - str += "\x00" - assert((not BeEF::Filters::alphanums_only?(str)), 'loop of behind every char') - } - - (0..255).each {|c| - str = "\x00" - str.concat(c) - assert((not BeEF::Filters::alphanums_only?(str)), 'loop of behind every char') - } - - (0..255).each {|c| - str = '' - str.concat(c) - str += "\x00" - str.concat(c) - assert((not BeEF::Filters::alphanums_only?(str)), 'loop of behind every char') - } - - assert((BeEF::Filters::alphanums_only?("3333")), '33 33 string') - - end - -end diff --git a/test/unit/core/filter/tc_command.rb b/test/unit/core/filter/tc_command.rb deleted file mode 100644 index 4423f5b80..000000000 --- a/test/unit/core/filter/tc_command.rb +++ /dev/null @@ -1,20 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -require '../../core/filters/base' -require '../../core/filters/command' - -class TC_Filter < Test::Unit::TestCase - - def test_has_valid_param_chars - assert((not BeEF::Filters::has_valid_param_chars?(nil)), 'Nil') - assert((not BeEF::Filters::has_valid_param_chars?("")), 'Empty string') - assert((BeEF::Filters::has_valid_param_chars?("A")), 'Single char') - assert((not BeEF::Filters::has_valid_param_chars?("+")), 'Single invalid char') - end - -end diff --git a/test/unit/core/main/models/tc_browserdetails.rb b/test/unit/core/main/models/tc_browserdetails.rb deleted file mode 100644 index 2234f1e14..000000000 --- a/test/unit/core/main/models/tc_browserdetails.rb +++ /dev/null @@ -1,54 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_BrowserDetails < Test::Unit::TestCase - - def setup - $:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.')) - $root_dir = File.expand_path('../../../../', __FILE__) - - @session = (0...10).map { ('a'..'z').to_a[rand(26)] }.join - end - - def shutdown - $root_dir = nil - end - - # Connects to in-memory database (does not test anything) - def test_01_database - DataMapper.setup(:default, 'sqlite3::memory:') - DataMapper.auto_migrate! - end - - # Tests nil key value returns empty string - def test_02_set_nil_values - key_value = nil - BeEF::Core::Models::BrowserDetails.set(@session, 'key_with_nil_value', key_value).to_s - assert_equal '', BeEF::Core::Models::BrowserDetails.get(@session, 'key_with_nil_valule').to_s - end - - # Tests get/set browser details - def test_03_set_browser_details - key_name = (0...10).map { ('a'..'z').to_a[rand(26)] }.join - key_value = (0...10).map { ('a'..'z').to_a[rand(26)] }.join - BeEF::Core::Models::BrowserDetails.set(@session, key_name, key_value).to_s - assert_equal key_value, BeEF::Core::Models::BrowserDetails.get(@session, key_name).to_s - end - - # Tests updating browser details - def test_04_update_browser_details - key_name = (0...10).map { ('a'..'z').to_a[rand(26)] }.join - - key_value = (0...10).map { ('a'..'z').to_a[rand(26)] }.join - BeEF::Core::Models::BrowserDetails.set(@session, key_name, key_value).to_s - assert_equal key_value, BeEF::Core::Models::BrowserDetails.get(@session, key_name).to_s - - key_value = (0...10).map { ('a'..'z').to_a[rand(26)] }.join - BeEF::Core::Models::BrowserDetails.set(@session, key_name, key_value).to_s - assert_equal key_value, BeEF::Core::Models::BrowserDetails.get(@session, key_name).to_s - end -end diff --git a/test/unit/core/main/network_stack/handlers/dynamicreconstruction.rb b/test/unit/core/main/network_stack/handlers/dynamicreconstruction.rb deleted file mode 100644 index f34dda14b..000000000 --- a/test/unit/core/main/network_stack/handlers/dynamicreconstruction.rb +++ /dev/null @@ -1,116 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' -require 'rubygems' -require 'curb' - -class TC_DynamicReconstruction < Test::Unit::TestCase - - @@port = 20000 + rand(10000) - - def setup - $root_dir="../../" - $:.unshift File.join( %w{ ../../ } ) - require 'core/loader' - require 'core/main/network_stack/handlers/dynamicreconstruction.rb' - - @@port += 1 # cycle through ports because the tcp teardown process is too slow - @port = @@port - - config = {} - config[:BindAddress] = '127.0.0.1' - config[:Port] = @port.to_s - @mounts = {} - @mounts['/test'] = BeEF::Core::NetworkStack::Handlers::DynamicReconstruction.new - @rackApp = Rack::URLMap.new(@mounts) - Thin::Logging.silent = true - @server = Thin::Server.new('127.0.0.1', @port.to_s, @rackApp) - trap("INT") { @server.stop } - trap("TERM") { @server.stop } - - @pid = fork do - @server.start! - end - end - - def teardown - Process.kill("INT",@pid) - $root_dir = nil - end - - # the server doesn't offer a mutex or callback - def wait_for_server - max_waits = 3 - sleep_length = 0.1 - - count = 0 - while (count < max_waits) - break if @server.running? - count += 1 - sleep sleep_length - end - end - - def test_delete - wait_for_server - response = Curl::Easy.http_delete("http://127.0.0.1:" + @port.to_s + "/test") - assert_equal 404, response.response_code - end - - def test_put - wait_for_server - response = Curl::Easy.http_put("http://127.0.0.1:" + @port.to_s + "/test", nil) - assert_equal 404, response.response_code - end - - def test_head - wait_for_server - response = Curl::Easy.http_head("http://127.0.0.1:" + @port.to_s + "/test") - assert_equal 404, response.response_code - end - - def test_no_params - wait_for_server - response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test") - assert_equal 404, response.response_code - end - - def test_zero_values - wait_for_server - response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test?bh=0&sid=0&pid=0&pc=0&d=0") - assert_equal 200, response.response_code - assert_equal "", response.body_str - end - - def test_one_values - wait_for_server - response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test?bh=1&sid=1&pid=1&pc=1&d=1") - assert_equal 200, response.response_code - assert_equal "", response.body_str - end - - def test_neg_one_values - wait_for_server - response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test?bh=-1&sid=-1&pid=-1&pc=-1&d=-1") - assert_equal 200, response.response_code - assert_equal "", response.body_str - end - - def test_ascii_values - wait_for_server - response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test?bh=z&sid=z&pid=z&pc=z&d=z") - assert_equal 200, response.response_code - assert_equal "", response.body_str - end - - def test_array_values - wait_for_server - response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test?bh[]=1&sid[]=1&pid[]=1&pc[]=1&d[]=1") - assert_equal 200, response.response_code - assert_equal "", response.body_str - end - -end diff --git a/test/unit/core/main/network_stack/handlers/redirector.rb b/test/unit/core/main/network_stack/handlers/redirector.rb deleted file mode 100644 index 5fc0bf069..000000000 --- a/test/unit/core/main/network_stack/handlers/redirector.rb +++ /dev/null @@ -1,66 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' -require 'rubygems' -require 'curb' - -class TC_Redirector < Test::Unit::TestCase - - @@port = 20000 + rand(10000) - - def setup - $root_dir="../../" - $:.unshift File.join( %w{ ../../ } ) - require 'core/loader' - require 'core/main/network_stack/assethandler.rb' - require 'core/main/network_stack/handlers/redirector.rb' - - @@port += 1 # cycle through ports because the tcp teardown process is too slow - @port = @@port - - config = {} - config[:BindAddress] = '127.0.0.1' - config[:Port] = @port.to_s - @mounts = {} - @mounts['/test'] = BeEF::Core::NetworkStack::Handlers::Redirector.new('http://www.beefproject.com') - @rackApp = Rack::URLMap.new(@mounts) - Thin::Logging.silent = true - @server = Thin::Server.new('127.0.0.1', @port.to_s, @rackApp) - trap("INT") { @server.stop } - trap("TERM") { @server.stop } - - @pid = fork do - @server.start! - end - end - - def teardown - Process.kill("INT",@pid) - $root_dir = nil - end - - # the server doesn't offer a mutex or callback - def wait_for_server - max_waits = 3 - sleep_length = 0.1 - - count = 0 - while (count < max_waits) - break if @server.running? - count += 1 - sleep sleep_length - end - end - - def test_get - wait_for_server - response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test/") - assert_equal 302, response.response_code - assert_equal "302 found", response.body_str - assert_match /Location: http:\/\/www\.beefproject\.com/, response.header_str - end - -end diff --git a/test/unit/core/tc_api.rb b/test/unit/core/tc_api.rb deleted file mode 100644 index 1e6ae93cf..000000000 --- a/test/unit/core/tc_api.rb +++ /dev/null @@ -1,28 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Api < Test::Unit::TestCase - - def setup - $root_dir = "../../" - $:.unshift File.join( %w{ ../../ } ) - end - - def teardown - $root_dir = nil - end - - # - # Test the api is functional - # - def test_api - assert_nothing_raised do - require 'core/api' - end - end - -end diff --git a/test/unit/core/tc_autorun.rb b/test/unit/core/tc_autorun.rb deleted file mode 100644 index 59bfff94e..000000000 --- a/test/unit/core/tc_autorun.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Autorun < Test::Unit::TestCase - - def setup - $:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.')) - $root_dir = File.expand_path('../../../../', __FILE__) - end - - def test_autorun - assert(true) - end - -end diff --git a/test/unit/core/tc_bootstrap.rb b/test/unit/core/tc_bootstrap.rb deleted file mode 100644 index 0a7e0ef85..000000000 --- a/test/unit/core/tc_bootstrap.rb +++ /dev/null @@ -1,30 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Bootstrap < Test::Unit::TestCase - - def setup - $root_dir = "../../" - $:.unshift File.join( %w{ ../../ } ) - BeEF::Core::Configuration.new("#{$root_dir}/config.yaml") - end - - def teardown - $root_dir = nil - end - - # - # Test the core is functional - # - def test_bootstrap - assert_nothing_raised do - require 'core/bootstrap' - end - end - -end - diff --git a/test/unit/core/tc_core.rb b/test/unit/core/tc_core.rb deleted file mode 100644 index 26664859e..000000000 --- a/test/unit/core/tc_core.rb +++ /dev/null @@ -1,29 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Core < Test::Unit::TestCase - - def setup - $root_dir = "../../" - $:.unshift File.join( %w{ ../../ } ) - end - - def teardown - $root_dir = nil - end - - # - # Test the core is functional - # - def test_core - assert_nothing_raised do - require 'core/core' - end - end - -end - diff --git a/test/unit/core/tc_extensions.rb b/test/unit/core/tc_extensions.rb deleted file mode 100644 index 69ed59021..000000000 --- a/test/unit/core/tc_extensions.rb +++ /dev/null @@ -1,61 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Extensions < Test::Unit::TestCase - - def setup - $:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.')) - $root_dir = File.expand_path('../../../../', __FILE__) - end - - # - # Test that extensions are loading properly - # - def test_extensions - assert_nothing_raised do - BeEF::Extensions.load - end - - enabled_extensions = BeEF::Core::Configuration.instance.get('beef.extension').select {|k,v| - v['enable'] == true - } - - enabled_extensions.each do |k,v| - assert(v.has_key?('name')) - assert(v.has_key?('enable')) - assert(v.has_key?('loaded')) - end - - enabled_extensions.each do |k,v| - assert(v['loaded'], 'Extension is enabled but was not loaded') - end - end - - def test_safe_client_debug_log - Dir['../../extensions/**/*.js'].each do |path| - next if /extensions\/admin_ui/.match(path) # skip this directory - next unless File.file?(path) - File.open(path) do |f| - f.grep(/\bconsole\.log\W*\(/m) do |line| - assert(false, "Function 'console.log' used instead of 'beef.debug' in extension: " + path + ':' + line) - end - end - end - end - - def test_safe_variable_decleration - Dir['../../extensions/**/*.js'].each do |path| - next unless File.file?(path) - File.open(path) do |f| - f.grep(/\blet\W+[a-zA-Z0-9_\.]+\W*=/) do |line| - assert(false, "Variable decleration with 'let' used instead of 'var' in extension: " + path + ':' + line) - end - end - end - end - -end diff --git a/test/unit/core/tc_loader.rb b/test/unit/core/tc_loader.rb deleted file mode 100644 index 7c1fd2024..000000000 --- a/test/unit/core/tc_loader.rb +++ /dev/null @@ -1,28 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Loader < Test::Unit::TestCase - - def setup - $root_dir = "../../" - $:.unshift File.join( %w{ ../../ } ) - end - - def teardown - $root_dir = nil - end - - # - # Test the loader is functional - # - def test_loader - assert_nothing_raised do - require 'core/loader' - end - end - -end diff --git a/test/unit/core/tc_logger.rb b/test/unit/core/tc_logger.rb deleted file mode 100644 index 6ed349940..000000000 --- a/test/unit/core/tc_logger.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Logger < Test::Unit::TestCase - - def setup - $:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.')) - $root_dir = File.expand_path('../../../../', __FILE__) - end - - def test_logger - assert(true) - end - -end diff --git a/test/unit/core/tc_modules.rb b/test/unit/core/tc_modules.rb deleted file mode 100644 index 788d365b8..000000000 --- a/test/unit/core/tc_modules.rb +++ /dev/null @@ -1,73 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Modules < Test::Unit::TestCase - - def setup - $:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.')) - $root_dir = File.expand_path('../../../../', __FILE__) - end - - # - # Test that modules are loading properly - # - def test_modules - assert_nothing_raised do - BeEF::Modules.load - end - - BeEF::Core::Configuration.instance.get('beef.module').select {|k,v| v['enable'] == true and v['category'] != nil }.each { |k,v| - assert((BeEF::Module.is_present(k)),"#{k} is not present in config - buh?") - } - - BeEF::Core::Configuration.instance.get('beef.module').select {|k,v| v['enable'] == true and v['category'] != nil }.each { |k,v| - assert((BeEF::Module.is_enabled(k)),"#{k} is not enabled in config - ruhhh?") - } - - assert_nothing_raised do - BeEF::Core::Configuration.instance.get('beef.module').select {|k,v| v['enable'] == true and v['category'] != nil }.each { |k,v| - BeEF::Module.hard_load(k) - } - end - - BeEF::Core::Configuration.instance.get('beef.module').select {|k,v| v['enable'] == true and v['category'] != nil }.each { |k,v| - assert((BeEF::Module.is_loaded(k)), "#{k} is not loaded - even though it should be - rut roh?") - } - - BeEF::Core::Configuration.instance.get('beef.module').select {|k,v| v['enable'] == true and v['category'] != nil }.each { |k,v| - BeEF::Core::Configuration.instance.get('beef.module.'+k+'.target').each { |t,tt| - if tt.class == Array - assert_not_equal(tt.length,0,"#{k} does not have valid TARGET configuration") - end - } - } - - end - - def test_safe_client_debug_log - Dir['../../modules/**/*.js'].each do |path| - next unless File.file?(path) - File.open(path) do |f| - f.grep(/\bconsole\.log\W*\(/m) do |line| - assert(false, "Function 'console.log' used instead of 'beef.debug' in command module: " + path + ':' + line) - end - end - end - end - - def test_safe_variable_decleration - Dir['../../modules/**/*.js'].each do |path| - next unless File.file?(path) - File.open(path) do |f| - f.grep(/\blet\W+[a-zA-Z0-9_\.]+\W*=/) do |line| - assert(false, "Variable decleration with 'let' used instead of 'var' in command module: " + path + ':' + line) - end - end - end - end - -end diff --git a/test/unit/core/tc_obfuscation.rb b/test/unit/core/tc_obfuscation.rb deleted file mode 100644 index 54c78a046..000000000 --- a/test/unit/core/tc_obfuscation.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Obfuscation < Test::Unit::TestCase - - def setup - $:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.')) - $root_dir = File.expand_path('../../../../', __FILE__) - end - - def test_obfuscation - assert(true) - end - -end diff --git a/test/unit/core/tc_social_engineering.rb b/test/unit/core/tc_social_engineering.rb deleted file mode 100644 index 1ffdfb8de..000000000 --- a/test/unit/core/tc_social_engineering.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_SocialEngineering < Test::Unit::TestCase - - def setup - $:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.')) - $root_dir = File.expand_path('../../../../', __FILE__) - end - - def test_social_engineering - assert(true) - end - -end diff --git a/test/unit/extensions/tc_console.rb b/test/unit/extensions/tc_console.rb deleted file mode 100644 index 67f77b0bf..000000000 --- a/test/unit/extensions/tc_console.rb +++ /dev/null @@ -1,46 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Console < Test::Unit::TestCase - - class << self - - def startup - $root_dir = '../../' - $:.unshift(File.expand_path($root_dir)) - - # load extension - require 'extensions/console/extension' - - # load config - BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml')) - config = BeEF::Core::Configuration.instance - config.load_extensions_config - @@console_config = config.get('beef.extension.console') - @@console_config_shell = config.get('beef.extension.console.shell') - end - - def shutdown - $root_dir = nil - end - - end - - # Connects to in-memory database (does not test anything) - def test_01_database - DataMapper.setup(:default, 'sqlite3::memory:') - DataMapper.auto_migrate! - end - - # Checks for required settings in config file - def test_02_config - assert(@@console_config.has_key?('enable')) - assert(@@console_config_shell.has_key?('historyfolder')) - assert(@@console_config_shell.has_key?('historyfile')) - end - -end diff --git a/test/unit/extensions/tc_dns.rb b/test/unit/extensions/tc_dns.rb deleted file mode 100644 index 424295185..000000000 --- a/test/unit/extensions/tc_dns.rb +++ /dev/null @@ -1,359 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' -require 'resolv' - -class TC_Dns < Test::Unit::TestCase - - IN = Resolv::DNS::Resource::IN - - class << self - - def startup - $root_dir = '../../' - $:.unshift(File.expand_path($root_dir)) - - require 'extensions/dns/extension' - - BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml')) - @@config = BeEF::Core::Configuration.instance - @@config.load_extensions_config - - @@dns_config = @@config.get('beef.extension.dns') - @@dns = BeEF::Extension::Dns::Server.instance - end - - def shutdown - $root_dir = nil - end - - end - - # Connects to in-memory database (does not test anything) - def test_01_database - DataMapper.setup(:default, 'sqlite3::memory:') - DataMapper.auto_migrate! - end - - # Checks for required settings in config file - def test_02_config - assert(@@dns_config.has_key?('protocol')) - assert(@@dns_config.has_key?('address')) - assert(@@dns_config.has_key?('port')) - assert(@@dns_config.has_key?('upstream')) - end - - # Verifies public interface - def test_03_interface - assert_respond_to(@@dns, :add_rule) - assert_respond_to(@@dns, :get_rule) - assert_respond_to(@@dns, :remove_rule!) - assert_respond_to(@@dns, :get_ruleset) - assert_respond_to(@@dns, :remove_ruleset!) - end - - # Tests procedure for properly adding new DNS rules - def test_04_add_rule_good - id = nil - response = '1.2.3.4' - assert_nothing_raised do - id = @@dns.add_rule( - :pattern => 'foo.bar', - :resource => IN::A, - :response => [response] ) do |transaction| - transaction.respond!(response) - end - end - - assert_not_nil(id) - - id = nil - response = '9.9.9.9' - assert_nothing_raised do - id = @@dns.add_rule( - :pattern => %r{i\.(love|hate)\.beef\.com?}, - :resource => IN::A, - :response => [response] ) do |transaction| - transaction.respond!(response) - end - end - - assert_not_nil(id) - - domains = %w( - i.hate.beef.com - i.love.beef.com - i.love.beef.co - i.love.beef.co ) - assert_nothing_raised do - domains.each do |domain| - id = @@dns.add_rule( - :pattern => %r{i\.(love|hate)\.beef\.com?}, - :resource => IN::A, - :response => domain ) do |transaction| - transaction.respond!(domain) - end - assert_not_nil(id) - end - end - end - - # Tests addition of new rules with invalid parameters - def test_05_add_rule_bad - id = nil - same_id = nil - - pattern = 'j.random.hacker' - response = '4.2.4.2' - - # Add the same rule twice - assert_nothing_raised do - id = @@dns.add_rule( - :pattern => pattern, - :resource => IN::A, - :response => [response] ) do |transaction| - transaction.respond!(response) - end - end - - assert_nothing_raised do - same_id = @@dns.add_rule( - :pattern => pattern, - :resource => IN::A, - :response => [response] ) do |transaction| - transaction.respond!(response) - end - end - - assert_equal(id, same_id) - end - - # Verifies the proper format for rule identifiers - def test_06_id_format - pattern = 'dead.beef' - response = '2.2.2.2' - id = nil - assert_nothing_raised do - id = @@dns.add_rule( - :pattern => pattern, - :resource => IN::A, - :response => [response] ) do |transaction| - transaction.respond!(response) - end - end - assert_equal(8, id.length) - assert_not_nil(id =~ /^\h{8}$/) - end - - # Tests retrieval of valid DNS rules - def test_07_get_rule_good - pattern = 'be.ef' - response = '1.1.1.1' - id = nil - assert_nothing_raised do - id = @@dns.add_rule( - :pattern => pattern, - :resource => IN::A, - :response => [response] ) do |transaction| - transaction.respond!(response) - end - end - - rule = @@dns.get_rule(id) - - assert_equal(Hash, rule.class) - assert(rule.length > 0) - - assert(rule.has_key?(:id)) - assert(rule.has_key?(:pattern)) - assert(rule.has_key?(:resource)) - assert(rule.has_key?(:response)) - - assert_equal(id, rule[:id]) - assert_equal('be.ef', rule[:pattern]) - assert_equal('A', rule[:resource]) - - assert_equal(Array, rule[:response].class) - assert(rule[:response].length > 0) - assert_equal(response, rule[:response][0]) - end - - # Tests retrieval of invalid DNS rules - def test_08_get_rule_bad - rule = @@dns.get_rule(42) - assert_equal(nil, rule) - end - - # Tests the removal of existing DNS rules - def test_09_remove_rule_good - pattern = 'hack.the.gibson' - response = '1.9.9.5' - id = nil - assert_nothing_raised do - id = @@dns.add_rule( - :pattern => pattern, - :resource => IN::A, - :response => [response] ) do |transaction| - transaction.respond!(response) - end - end - - removed = @@dns.remove_rule!(id) - - assert(removed) - end - - # Tests the removal of unknown DNS rules - def test_10_remove_rule_bad - removed = @@dns.remove_rule!(42) - - assert(!removed) - end - - # Tests the retrieval of the entire DNS ruleset - def test_11_get_ruleset - ruleset = @@dns.get_ruleset - ruleset.sort! { |a, b| a[:pattern] <=> b[:pattern] } - - assert_equal(Array, ruleset.class) - assert_equal(5, ruleset.length) - - check_rule(ruleset[0], {:pattern => 'be.ef', - :resource => 'A', - :response => '1.1.1.1' }) - check_rule(ruleset[1], {:pattern => 'dead.beef', - :resource => 'A', - :response => '2.2.2.2' }) - check_rule(ruleset[2], {:pattern => 'foo.bar', - :resource => 'A', - :response => '1.2.3.4' }) - check_rule(ruleset[3], {:pattern => 'i\.(love|hate)\.beef\.com?', - :resource => 'A', - :response => '9.9.9.9' }) - check_rule(ruleset[4], {:pattern => 'j.random.hacker', - :resource => 'A', - :response => '4.2.4.2' }) - end - - # Tests the removal of the entire DNS ruleset - def test_12_remove_ruleset - removed = @@dns.remove_ruleset! - ruleset = @@dns.get_ruleset - - assert(removed) - assert_equal(0, ruleset.length) - end - - - # Tests each supported type of query failure - def test_13_failure_types - begin - id = @@dns.add_rule( - :pattern => 'noerror.beef.com', - :resource => IN::A, - :response => ['1.2.3.4'] ) do |transaction| - transaction.failure!(:NoError) - end - #check_failure_status(id, :NoError) - end - - begin - id = @@dns.add_rule( - :pattern => 'formerr.beef.com', - :resource => IN::A, - :response => ['1.2.3.4'] ) do |transaction| - transaction.failure!(:FormErr) - end - #check_failure_status(id, :FormErr) - end - - begin - id = @@dns.add_rule( - :pattern => 'servfail.beef.com', - :resource => IN::A, - :response => ['1.2.3.4'] ) do |transaction| - transaction.failure!(:ServFail) - end - #check_failure_status(id, :ServFail) - end - - begin - id = @@dns.add_rule( - :pattern => 'nxdomain.beef.com', - :resource => IN::A, - :response => ['1.2.3.4'] ) do |transaction| - transaction.failure!(:NXDomain) - end - #check_failure_status(id, :NXDomain) - end - - begin - id = @@dns.add_rule( - :pattern => 'notimp.beef.com', - :resource => IN::A, - :response => ['1.2.3.4'] ) do |transaction| - transaction.failure!(:NotImp) - end - #check_failure_status(id, :NotImp) - end - - begin - id = @@dns.add_rule( - :pattern => 'refused.beef.com', - :resource => IN::A, - :response => ['1.2.3.4'] ) do |transaction| - transaction.failure!(:Refused) - end - #check_failure_status(id, :Refused) - end - - begin - id = @@dns.add_rule( - :pattern => 'notauth.beef.com', - :resource => IN::A, - :response => ['1.2.3.4'] ) do |transaction| - transaction.failure!(:NotAuth) - end - #check_failure_status(id, :NotAuth) - end - end - - private - - # Compares each key in hash 'rule' with the respective key in hash 'expected' - def check_rule(rule, expected = {}) - assert_equal(expected[:pattern], rule[:pattern]) - assert_equal(expected[:resource], rule[:resource]) - assert_equal(expected[:response], rule[:response][0]) - end - - # Confirms that a query for the rule given in 'id' returns a 'resource' failure status - def check_failure_status(id, resource) - rule = @@dns.get_rule(id) - status = resource.to_s.force_encoding('UTF-8').upcase - assert_equal(status, rule[:response][0]) - - check_dns_response(/status: #{status}/, rule[:resource], rule[:pattern]) - end - - # Compares output of dig command against regex - def check_dns_response(regex, type, pattern) - address = @@config.get('beef.extension.dns.address') - port = @@config.get('beef.extension.dns.port') - dig_output = IO.popen(["dig", "@#{address}", "-p", "#{port}", "-t", "#{type}", "#{pattern}"], 'r+').read - assert_match(regex, dig_output) - end - -end - -# Suppresses unnecessary output from RubyDNS -module Kernel - - def puts(*args) - ; - end - -end diff --git a/test/unit/extensions/tc_event_logger.rb b/test/unit/extensions/tc_event_logger.rb deleted file mode 100644 index bf3d09739..000000000 --- a/test/unit/extensions/tc_event_logger.rb +++ /dev/null @@ -1,22 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_EventLogger < Test::Unit::TestCase - - def setup - $:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.')) - $root_dir = File.expand_path('../../../../', __FILE__) - end - - def test_event_logger - assert(true) - end - def test_no_params - assert(true) - end - -end diff --git a/test/unit/extensions/tc_hooks.rb b/test/unit/extensions/tc_hooks.rb deleted file mode 100644 index 86926e656..000000000 --- a/test/unit/extensions/tc_hooks.rb +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Hooks < Test::Unit::TestCase - - def setup - $:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.')) - $root_dir = File.expand_path('../../../../', __FILE__) - end - - def test_hooks - assert(true) - end - -end diff --git a/test/unit/extensions/tc_ipec_tunnel.rb b/test/unit/extensions/tc_ipec_tunnel.rb deleted file mode 100644 index c549a2c53..000000000 --- a/test/unit/extensions/tc_ipec_tunnel.rb +++ /dev/null @@ -1,49 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_IpecTunnel < Test::Unit::TestCase - - class << self - - def startup - $root_dir = '../../' - $:.unshift(File.expand_path($root_dir)) - - # load extension - require 'extensions/ipec/extension' - - # load config - BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml')) - config = BeEF::Core::Configuration.instance - config.load_extensions_config - @@ipec_config = config.get('beef.extension.ipec') - end - - def shutdown - $root_dir = nil - end - - end - - # Connects to in-memory database (does not test anything) - def test_01_database - DataMapper.setup(:default, 'sqlite3::memory:') - DataMapper.auto_migrate! - end - - # Checks for required settings in config file - def test_02_config - assert(@@ipec_config.has_key?('enable')) - end - - # Verifies public interface - def test_03_interface - @@ipec_junk_calc = BeEF::Extension::Ipec::JunkCalculator.instance - assert_respond_to(@@ipec_junk_calc, :bind_junk_calculator) - end - -end diff --git a/test/unit/extensions/tc_network.rb b/test/unit/extensions/tc_network.rb deleted file mode 100644 index b59c1e14d..000000000 --- a/test/unit/extensions/tc_network.rb +++ /dev/null @@ -1,44 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Network < Test::Unit::TestCase - - def setup - $:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.')) - $root_dir = File.expand_path('../../../../', __FILE__) - - require 'extensions/network/models/network_service' - require 'extensions/network/models/network_host' - end - - def shutdown - $root_dir = nil - end - - # Connects to in-memory database (does not test anything) - def test_01_database - DataMapper.setup(:default, 'sqlite3::memory:') - DataMapper.auto_migrate! - end - - # Tests procedure for properly adding new host - def test_02_add_host_good - assert_nothing_raised do - BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => '1234', :ip => '127.0.0.1') - raise "Adding network host failed" if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => '1234', :ip => '127.0.0.1').empty? - end - end - - # Tests procedure for properly adding new service - def test_03_add_service_good - assert_nothing_raised do - BeEF::Core::Models::NetworkService.add(:hooked_browser_id => '1234', :proto => 'http', :ip => '127.0.0.1', :port => 80, :type => 'Apache') - raise "Adding network service failed" if BeEF::Core::Models::NetworkService.all(:hooked_browser_id => '1234', :ip => '127.0.0.1').empty? - end - end - -end diff --git a/test/unit/extensions/tc_proxy.rb b/test/unit/extensions/tc_proxy.rb deleted file mode 100644 index 8b4223cd3..000000000 --- a/test/unit/extensions/tc_proxy.rb +++ /dev/null @@ -1,47 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Proxy < Test::Unit::TestCase - - class << self - - def startup - $root_dir = '../../' - $:.unshift(File.expand_path($root_dir)) - - # load extension - require 'extensions/proxy/extension' - - # load config - BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml')) - config = BeEF::Core::Configuration.instance - config.load_extensions_config - @@proxy_config = config.get('beef.extension.proxy') - end - - def shutdown - $root_dir = nil - end - - end - - # Connects to in-memory database (does not test anything) - def test_01_database - DataMapper.setup(:default, 'sqlite3::memory:') - DataMapper.auto_migrate! - end - - # Checks for required settings in config file - def test_02_config - assert(@@proxy_config.has_key?('enable')) - assert(@@proxy_config.has_key?('address')) - assert(@@proxy_config.has_key?('port')) - assert(@@proxy_config.has_key?('key')) - assert(@@proxy_config.has_key?('cert')) - end - -end diff --git a/test/unit/extensions/tc_qrcode.rb b/test/unit/extensions/tc_qrcode.rb deleted file mode 100644 index 547029618..000000000 --- a/test/unit/extensions/tc_qrcode.rb +++ /dev/null @@ -1,46 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Qrcode < Test::Unit::TestCase - - class << self - - def startup - $root_dir = '../../' - $:.unshift(File.expand_path($root_dir)) - - # load extension - require 'extensions/qrcode/extension' - - # load config - BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml')) - config = BeEF::Core::Configuration.instance - config.load_extensions_config - @@qrcode_config = config.get('beef.extension.qrcode') - end - - def shutdown - $root_dir = nil - end - - end - - # Connects to in-memory database (does not test anything) - def test_01_database - DataMapper.setup(:default, 'sqlite3::memory:') - DataMapper.auto_migrate! - end - - # Checks for required settings in config file - def test_02_config - assert(@@qrcode_config.has_key?('enable')) - assert(@@qrcode_config.has_key?('targets')) - assert(@@qrcode_config.has_key?('qrsize')) - assert(@@qrcode_config.has_key?('qrborder')) - end - -end diff --git a/test/unit/extensions/tc_requester.rb b/test/unit/extensions/tc_requester.rb deleted file mode 100644 index 7ec7f7cf5..000000000 --- a/test/unit/extensions/tc_requester.rb +++ /dev/null @@ -1,51 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Requester < Test::Unit::TestCase - - class << self - - def startup - $root_dir = '../../' - $:.unshift(File.expand_path($root_dir)) - - # load extension - require 'extensions/requester/extension' - - # load config - BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml')) - config = BeEF::Core::Configuration.instance - config.load_extensions_config - @@requester_config = config.get('beef.extension.requester') - end - - def shutdown - $root_dir = nil - end - - end - - # Connects to in-memory database (does not test anything) - def test_01_database - DataMapper.setup(:default, 'sqlite3::memory:') - DataMapper.auto_migrate! - end - - # Checks for required settings in config file - def test_02_config - assert(@@requester_config.has_key?('enable')) - end - - # Verifies public interface - def test_03_interface - @@requester = BeEF::Extension::Requester::API::Hook.new - assert_respond_to(@@requester, :requester_run) - assert_respond_to(@@requester, :add_to_body) - assert_respond_to(@@requester, :requester_parse_db_request) - end - -end diff --git a/test/unit/extensions/tc_webrtc.rb b/test/unit/extensions/tc_webrtc.rb deleted file mode 100644 index a4f913bef..000000000 --- a/test/unit/extensions/tc_webrtc.rb +++ /dev/null @@ -1,45 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Webrtc < Test::Unit::TestCase - - class << self - - def startup - $root_dir = '../../' - $:.unshift(File.expand_path($root_dir)) - - # load extension - require 'extensions/webrtc/extension' - - # load config - BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml')) - config = BeEF::Core::Configuration.instance - config.load_extensions_config - @@webrtc_config = config.get('beef.extension.webrtc') - end - - def shutdown - $root_dir = nil - end - - end - - # Connects to in-memory database (does not test anything) - def test_01_database - DataMapper.setup(:default, 'sqlite3::memory:') - DataMapper.auto_migrate! - end - - # Checks for required settings in config file - def test_02_config - assert(@@webrtc_config.has_key?('enable')) - assert(@@webrtc_config.has_key?('stunservers')) - assert(@@webrtc_config.has_key?('turnservers')) - end - -end diff --git a/test/unit/extensions/tc_xssrays.rb b/test/unit/extensions/tc_xssrays.rb deleted file mode 100644 index 3a6f30d18..000000000 --- a/test/unit/extensions/tc_xssrays.rb +++ /dev/null @@ -1,52 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_XssRays < Test::Unit::TestCase - - class << self - - def startup - $root_dir = '../../' - $:.unshift(File.expand_path($root_dir)) - - # load extension - require 'extensions/xssrays/extension' - - # load config - BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml')) - config = BeEF::Core::Configuration.instance - config.load_extensions_config - @@xssrays_config = config.get('beef.extension.xssrays') - end - - def shutdown - $root_dir = nil - end - - end - - # Connects to in-memory database (does not test anything) - def test_01_database - DataMapper.setup(:default, 'sqlite3::memory:') - DataMapper.auto_migrate! - end - - # Checks for required settings in config file - def test_02_config - assert(@@xssrays_config.has_key?('enable')) - assert(@@xssrays_config.has_key?('clean_timeout')) - assert(@@xssrays_config.has_key?('cross_domain')) - end - - # Verifies public interface - def test_03_interface - @@xssrays = BeEF::Extension::Xssrays::API::Scan.new - assert_respond_to(@@xssrays, :start_scan) - assert_respond_to(@@xssrays, :add_to_body) - end - -end diff --git a/test/unit/tc_filesystem.rb b/test/unit/tc_filesystem.rb deleted file mode 100644 index eb9104e64..000000000 --- a/test/unit/tc_filesystem.rb +++ /dev/null @@ -1,50 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Filesystem < Test::Unit::TestCase - - def setup - $root_dir="../../" - $:.unshift File.join( %w{ ../../ } ) - end - - def basic_file_test(test_file) - assert((File.file?(test_file)), "The file does not exist: " + test_file) - assert((not File.zero?(test_file)), "The file is empty: " + test_file) - end - - # - # Test the consistancy of the filesystem - # - - def test_beef_file - test_file = '../../beef' - - basic_file_test(test_file) - assert((File.executable?(test_file)), "The file is not executable: " + test_file) - end - - def test_config_file - test_file = '../../config.yaml' - - basic_file_test(test_file) - end - - def test_install_file - test_file = '../../install' - - basic_file_test(test_file) - end - - def test_main_directories_exist - assert(File.executable?('../../core')) - assert(File.executable?('../../modules')) - assert(File.executable?('../../extensions')) - end - - -end diff --git a/test/unit/tc_grep.rb b/test/unit/tc_grep.rb deleted file mode 100644 index 0393cb015..000000000 --- a/test/unit/tc_grep.rb +++ /dev/null @@ -1,24 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -require 'test/unit' - -class TC_Grep < Test::Unit::TestCase - - def test_grep_eval - Dir['../../**/*.rb'].each do |path| - File.open(path) do |f| - next if /tc_grep.rb/.match(path) # skip this file - next if /\/msf-test\//.match(path) # skip this file - next if /extensions\/dns/.match(path) # skip this file - - f.grep(/\Weval\W/im) do |line| - assert(false, "Illegal use of 'eval' in framework: " + path + ':' + line) - end - end - end - end - -end diff --git a/test/unit/ts_unit.rb b/test/unit/ts_unit.rb deleted file mode 100644 index 6acdb590b..000000000 --- a/test/unit/ts_unit.rb +++ /dev/null @@ -1,75 +0,0 @@ -# -# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - http://beefproject.com -# See the file 'doc/COPYING' for copying permission -# - -# Common lib for BeEF tests -require '../common/ts_common' - -require './core/filter/tc_base' -require './core/filter/tc_command' -require './core/main/network_stack/handlers/dynamicreconstruction' -require './core/main/network_stack/handlers/redirector' -require './core/tc_loader' -require './core/tc_core' -require './core/tc_api' -require './core/tc_bootstrap' -require './core/tc_modules' -require './core/tc_extensions' -require './core/tc_social_engineering' -require './core/tc_autorun' -require './core/tc_obfuscation' -require './core/tc_logger' -require './core/main/models/tc_browserdetails' -require './extensions/tc_xssrays' -require './extensions/tc_ipec_tunnel' -require './extensions/tc_hooks' -require './extensions/tc_proxy' -require './extensions/tc_requester' -require './extensions/tc_event_logger' -require './extensions/tc_network' -require './extensions/tc_qrcode' -require './extensions/tc_console' -require './extensions/tc_webrtc' -require './extensions/tc_dns' -require './tc_grep' -require './tc_filesystem' - -class TS_BeefTests - def self.suite - - suite = Test::Unit::TestSuite.new(name="BeEF Unit Test Suite") - suite << TC_Filter.suite - suite << TC_Loader.suite - suite << TC_Core.suite - suite << TC_Bootstrap.suite - suite << TC_Api.suite - suite << TC_Modules.suite - suite << TC_Extensions.suite - suite << TC_Filesystem.suite - suite << TC_Grep.suite - suite << TC_SocialEngineering.suite - suite << TC_Autorun.suite - suite << TC_XssRays.suite - suite << TC_Obfuscation.suite - suite << TC_Logger.suite - suite << TC_IpecTunnel.suite - suite << TC_Requester.suite - suite << TC_Proxy.suite - suite << TC_EventLogger.suite - suite << TC_Network.suite - suite << TC_Qrcode.suite - suite << TC_Hooks.suite - suite << TC_BrowserDetails.suite - suite << TC_Redirector.suite - suite << TC_DynamicReconstruction.suite - suite << TC_Console.suite - suite << TC_Webrtc.suite - suite << TC_Dns.suite - - return suite - end -end - -Test::Unit::UI::Console::TestRunner.run(TS_BeefTests)