Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'rspec-conversion'

Browse Source 
* Converted tests to rspec for future releases + travis integration.
* Files remaining in test/ are integrations that require verification if they are still relevant/working.
This commit is contained in:
Ben Passmore
2019-09-26 13:40:29 +10:00
parent 3de78156c2 0b0e7840fc
commit ba3183ef38
59 changed files with 1287 additions and 1970 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.rspec Normal file
View File

@@ -0,0 +1,4 @@
--format documentation
--color
--require spec_helper
-I .

3
Gemfile
View File

@@ -24,6 +24,7 @@ gem 'rubyzip', '>= 1.2.2'
gem 'espeak-ruby', '>= 1.0.4' # Text-to-Voice
gem 'nokogiri', '>= 1.10.4'
gem 'rake'
gem 'therubyracer'
# SQLite support
group :sqlite do
@@ -77,7 +78,6 @@ end
# For running unit tests
group :test do
if ENV['BEEF_TEST']
gem 'test-unit'
gem 'test-unit-full'
gem 'rspec'
@@ -97,6 +97,5 @@ group :test do
gem 'rest-client', '>= 2.0.1'
gem 'byebug'
end
end
source 'https://rubygems.org'

7
Rakefile
View File

@@ -62,6 +62,13 @@ task :rest_test do
Rake::Task['beef_stop'].invoke
end
## RSPEC
require 'rspec/core/rake_task'
RSpec::Core::RakeTask.new(:spec)
################################
# SSL/TLS certificate

3
core/main/logger.rb
View File

@@ -15,7 +15,8 @@ module Core
@config = BeEF::Core::Configuration.instance
# if notifications are enabled create a new instance
@notifications = BeEF::Extension::Notifications::Notifications unless @config.get('beef.extension.notifications.enable') == false
notifications_enabled = @config.get('beef.extension.notifications.enable')
@notifications = BeEF::Extension::Notifications::Notifications unless (notifications_enabled == false or notifications_enabled.nil?)
end
#

10
core/ruby/print.rb
View File

@@ -7,14 +7,14 @@
# Function used to print errors to the console
# @param [String] s String to be printed
def print_error(s)
puts Time.now.localtime.strftime("[%k:%M:%S]")+'[!]'.red+' '+s
puts Time.now.localtime.strftime("[%k:%M:%S]")+'[!]'+' '+s
BeEF.logger.error s.to_s
end
# Function used to print information to the console
# @param [String] s String to be printed
def print_info(s)
puts Time.now.localtime.strftime("[%k:%M:%S]")+'[*]'.blue+' '+s
puts Time.now.localtime.strftime("[%k:%M:%S]")+'[*]'+' '+s
BeEF.logger.info s.to_s
end
@@ -27,7 +27,7 @@ end
# Function used to print warning information
# @param [String] s String to be printed
def print_warning(s)
puts Time.now.localtime.strftime("[%k:%M:%S]")+'[!]'.yellow+' '+s.to_s
puts Time.now.localtime.strftime("[%k:%M:%S]")+'[!]'+' '+s.to_s
BeEF.logger.warn s.to_s
end
@@ -37,7 +37,7 @@ end
def print_debug(s)
config = BeEF::Core::Configuration.instance
if config.get('beef.debug') || BeEF::Core::Console::CommandLine.parse[:verbose]
puts Time.now.localtime.strftime("[%k:%M:%S]")+'[>]'.yellow+' '+s.to_s
puts Time.now.localtime.strftime("[%k:%M:%S]")+'[>]'+' '+s.to_s
BeEF.logger.debug s.to_s
end
end
@@ -45,7 +45,7 @@ end
# Function used to print successes to the console
# @param [String] s String to be printed
def print_success(s)
puts Time.now.localtime.strftime("[%k:%M:%S]")+'[+]'.green+' '+s
puts Time.now.localtime.strftime("[%k:%M:%S]")+'[+]'+' '+s
BeEF.logger.info s.to_s
end

62
spec/beef/api/auth_rate_spec.rb Normal file
View File

@@ -0,0 +1,62 @@
#
# Copyright (c) 2006-2017 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
RSpec.describe 'BeEF API Rate Limit' do
before(:all) do
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
@config = BeEF::Core::Configuration.instance
http_hook_server = BeEF::Core::Server.instance
http_hook_server.prepare
BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server)
@pid = fork do
http_hook_server.start
end
# wait for server to start
sleep 1
end
after(:all) do
Process.kill("INT",@pid)
end
it 'adheres to auth rate limits' do
passwds = (1..9).map { |i| "broken_pass"}
passwds.push BEEF_PASSWD
apis = passwds.map { |pswd| BeefRestClient.new('http', ATTACK_DOMAIN, '3000', BEEF_USER, pswd) }
l = apis.length
(0..2).each do |again| # multiple sets of auth attempts
# first pass -- apis in order, valid passwd on 9th attempt
# subsequent passes apis shuffled
puts "speed requesets" # all should return 401
(0..50).each do |i|
# t = Time.now()
#puts "#{i} : #{t - t0} : #{apis[i%l].auth()[:payload]}"
test_api = apis[i%l]
expect(test_api.auth()[:payload]).to eql("401 Unauthorized") # all (unless the valid is first 1 in 10 chance)
# t0 = t
end
# again with more time between calls -- there should be success (1st iteration)
puts "delayed requests"
(0..(l*2)).each do |i|
# t = Time.now()
#puts "#{i} : #{t - t0} : #{apis[i%l].auth()[:payload]}"
test_api = apis[i%l]
if (test_api.is_pass?(BEEF_PASSWD))
expect(test_api.auth()[:payload]["success"]).to be(true) # valid pass should succeed
else
expect(test_api.auth()[:payload]).to eql("401 Unauthorized")
end
sleep(0.5)
# t0 = t
end
apis.shuffle! # new order for next iteration
apis.reverse if (apis[0].is_pass?(BEEF_PASSWD)) # prevent the first from having valid passwd
end # multiple sets of auth attempts
end
end

22
spec/beef/core/extensions_spec.rb Normal file
View File

@@ -0,0 +1,22 @@
RSpec.describe 'BeEF Extensions' do
it 'loaded successfully' do
expect {
BeEF::Extensions.load
}.to_not raise_error
exts = BeEF::Core::Configuration.instance.get('beef.extension').select{|k,v|
v['enable']
}
expect(exts.length).to be > 0
exts.each do |k,v|
expect(v).to have_key('name')
expect(v).to have_key('enable')
expect(v).to have_key('loaded')
expect(v['loaded']).to be(true)
end
end
end

354
spec/beef/core/filter/filters_spec.rb Normal file
View File

@@ -0,0 +1,354 @@
RSpec.describe 'BeEF Filters' do
context 'is_non_empty_string?' do
it 'nil' do
expect(BeEF::Filters::is_non_empty_string?(nil)).to be(false)
end
it 'Integer' do
expect(BeEF::Filters::is_non_empty_string?(1)).to be(false)
end
it 'Empty String' do
expect(BeEF::Filters::is_non_empty_string?("")).to be(false)
end
it 'null' do
expect(BeEF::Filters::is_non_empty_string?("\x00")).to be(true)
end
it 'First char is num' do
expect(BeEF::Filters::is_non_empty_string?("0")).to be(true)
end
it 'First char is alpha' do
expect(BeEF::Filters::is_non_empty_string?("A")).to be(true)
end
it 'Four num chars' do
expect(BeEF::Filters::is_non_empty_string?("3333")).to be(true)
end
it 'Four num chars begining with alpha' do
expect(BeEF::Filters::is_non_empty_string?("A3333")).to be(true)
end
it 'Four num chars begining with null' do
expect(BeEF::Filters::is_non_empty_string?("\x003333")).to be(true)
end
end
context 'only?' do
it 'success' do
expect(BeEF::Filters::only?('A', 'A')).to be(true)
end
it 'fail' do
expect(BeEF::Filters::only?('A', 'B')).to be(false)
end
end
context 'exists?' do
it 'success' do
expect(BeEF::Filters::exists?('A', 'A')).to be(true)
end
it 'fail' do
expect(BeEF::Filters::exists?('A', 'B')).to be(false)
end
end
context 'has_null?' do
context 'false with' do
it 'general' do
chars = [nil, "", "\x01", "\xFF", "A", "A3333", "0", "}", ".", "+", "-", "-1", "0.A", "3333", "33 33", " AAAAA", "AAAAAA "]
chars.each do |c|
expect(BeEF::Filters::has_null?(c)).to be(false)
end
end
it 'alphabet' do
(1..255).each do |c|
str = ''
str.concat(c)
expect(BeEF::Filters::has_null?(str)).to be(false)
end
end
end
context 'true with' do
it 'general' do
chars = ["\x00", "A\x00", "AAAAAA\x00", "\x00A", "\x00AAAAAAAA", "A\x00A", "AAAAA\x00AAAA", "A\n\r\x00", "\x00\n\rA", "A\n\r\x00\n\rA", "\tA\x00A"]
chars.each do |c|
expect(BeEF::Filters::has_null?(c)).to be(true)
end
end
it 'alphabet null after' do
(1..255).each do |c|
str = ''
str.concat(c)
str += "\x00"
expect(BeEF::Filters::has_null?(str)).to be(true)
end
end
it 'alphabet null before' do
(1..255).each do |c|
str = "\x00"
str.concat(c)
expect(BeEF::Filters::has_null?(str)).to be(true)
end
end
end
end
context 'has_non_printable_char?' do
context 'false with' do
it 'general' do
chars = [nil, "", "A", "A3333", "0", "}", ".", "+", "-", "-1", "0.A", "3333", " 0AAAAA", " 0AAA "]
chars.each do |c|
expect(BeEF::Filters::has_non_printable_char?(c)).to be(false)
end
end
it 'lowercase' do
('a'..'z').each do |c|
expect(BeEF::Filters::has_non_printable_char?(c)).to be(false)
end
end
it 'uppercase' do
('A'..'Z').each do |c|
expect(BeEF::Filters::has_non_printable_char?(c)).to be(false)
end
end
it 'numbers' do
('0'..'9').each do |c|
expect(BeEF::Filters::has_non_printable_char?(c)).to be(false)
end
end
end
context 'true with' do
it 'general' do
chars = ["\x00", "\x01", "\x02", "A\x03", "\x04A", "\x0033333", "\x00AAAAAA", " AAAAA\x00", "\t\x00AAAAA", "\n\x00AAAAA", "\n\r\x00AAAAAAAAA", "AAAAAAA\x00AAAAAAA", "\n\x00"]
chars.each do |c|
expect(BeEF::Filters::has_non_printable_char?(c)).to be(true)
end
end
it 'alphabet null before' do
(1..255).each do |c|
str = ''
str.concat(c)
str += "\x00"
expect(BeEF::Filters::has_non_printable_char?(str)).to be(true)
end
end
end
end
context 'nums_only?' do
it 'false with general' do
chars = [nil, 1, "", "A", "A3333", "\x003333", "}", ".", "+", "-", "-1"]
chars.each do |c|
expect(BeEF::Filters::nums_only?(c)).to be(false)
end
end
it 'true with general' do
chars = ["0", "333"]
chars.each do |c|
expect(BeEF::Filters::nums_only?(c)).to be(true)
end
end
end
context 'is_valid_float?' do
it 'false with general' do
chars = [nil, 1, "", "A", "A3333", "\x003333", "}", ".", "+", "-", "-1", "0", "333", "0.A"]
chars.each do |c|
expect(BeEF::Filters::is_valid_float?(c)).to be(false)
end
end
it 'true with general' do
chars = ["33.33", "0.0", "1.0", "0.1"]
chars.each do |c|
expect(BeEF::Filters::is_valid_float?(c)).to be(true)
end
end
end
context 'hexs_only?' do
it 'false with general' do
chars = [nil, 1, "", "\x003333", "}", ".", "+", "-", "-1", "0.A", "33.33", "0.0", "1.0", "0.1"]
chars.each do |c|
expect(BeEF::Filters::hexs_only?(c)).to be(false)
end
end
it 'true with general' do
chars = ["0123456789ABCDEFabcdef", "0", "333", "A33333", "A"]
chars.each do |c|
expect(BeEF::Filters::hexs_only?(c)).to be(true)
end
end
end
context 'first_char_is_num?' do
it 'false with general' do
chars = ["", "A", "A33333", "\x0033333"]
chars.each do |c|
expect(BeEF::Filters::first_char_is_num?(c)).to be(false)
end
end
it 'true with general' do
chars = ["333", "0AAAAAA", "0"]
chars.each do |c|
expect(BeEF::Filters::first_char_is_num?(c)).to be(true)
end
end
end
context 'has_whitespace_char?' do
it 'false with general' do
chars = ["", "A", "A33333", "\x0033333", "0", "}", ".", "+", "-", "-1", "0.A"]
chars.each do |c|
expect(BeEF::Filters::has_whitespace_char?(c)).to be(false)
end
end
it 'true with general' do
chars = ["33 33", " ", " ", " 0AAAAAAA", " 0AAAAAAA ", "\t0AAAAAAA", "\n0AAAAAAAA"]
chars.each do |c|
expect(BeEF::Filters::has_whitespace_char?(c)).to be(true)
end
end
end
context 'alphanums_only?' do
context 'false with' do
it 'general' do
chars = [nil, "", "\n", "\r", "\x01", "}", ".", "+", "-", "-1", "ee-!@$%^&*}=0.A", "33 33", " AAAA", "AAA "]
chars.each do |c|
expect(BeEF::Filters::alphanums_only?(c)).to be(false)
end
end
it 'additional nulls' do
chars = ["\x00", "A\x00", "AAAAAAAAA\x00", "\x00A", "\x00AAAAAAAAA", "A\x00A", "AAAAAAAA\x00AAAAAAAA", "A\n\r\x00", "\x00\n\rA", "A\n\r\x00\n\rA", "\tA\x00A"]
chars.each do |c|
expect(BeEF::Filters::alphanums_only?(c)).to be(false)
end
end
it 'alphabet null after' do
(1..255).each do |c|
str = ''
str.concat(c)
str += "\x00"
expect(BeEF::Filters::alphanums_only?(str)).to be(false)
end
end
it 'alphabet null before' do
(1..255).each do |c|
str = "\x00"
str.concat(c)
expect(BeEF::Filters::alphanums_only?(str)).to be(false)
end
end
it 'alphabet around null' do
(1..255).each do |c|
str = ''
str.concat(c)
str += "\x00"
str.concat(c)
expect(BeEF::Filters::alphanums_only?(str)).to be(false)
end
end
end
context 'true with' do
it 'general' do
chars = ["A", "A3333", "0", "3333"]
chars.each do |c|
expect(BeEF::Filters::alphanums_only?(c)).to be(true)
end
end
it 'uppercase' do
('A'..'Z').each do |c|
expect(BeEF::Filters::alphanums_only?(c)).to be(true)
end
end
it 'lowercase' do
('a'..'z').each do |c|
expect(BeEF::Filters::alphanums_only?(c)).to be(true)
end
end
it 'numbers' do
('0'..'9').each do |c|
expect(BeEF::Filters::alphanums_only?(c)).to be(true)
end
end
end
end
context 'has_valid_param_chars?' do
it 'false' do
chars = [nil, "", "+"]
chars.each do |c|
expect(BeEF::Filters::has_valid_param_chars?(c)).to be(false)
end
end
it 'true' do
expect(BeEF::Filters::has_valid_param_chars?("A")).to be(true)
end
end
end

34
spec/beef/core/main/models/browser_details_spec.rb Normal file
View File

@@ -0,0 +1,34 @@
RSpec.describe 'BeEF BrowserDetails' do
before(:all) do
@session = (0...10).map { ('a'..'z').to_a[rand(26)] }.join
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
end
it 'set nil value' do
BeEF::Core::Models::BrowserDetails.set(@session, 'key_with_nil_value', nil)
expect(BeEF::Core::Models::BrowserDetails.get(@session, 'key_with_nil_value')).to be_empty
end
it 'set value' do
key_name = (0...10).map { ('a'..'z').to_a[rand(26)] }.join
key_value = (0...10).map { ('a'..'z').to_a[rand(26)] }.join
BeEF::Core::Models::BrowserDetails.set(@session, key_name, key_value)
expect(BeEF::Core::Models::BrowserDetails.get(@session, key_name)).to eql(key_value)
end
it 'update value' do
key_name = (0...10).map { ('a'..'z').to_a[rand(26)] }.join
original_key_value = (0...10).map { ('a'..'z').to_a[rand(26)] }.join
BeEF::Core::Models::BrowserDetails.set(@session, key_name, original_key_value).to_s
expect(BeEF::Core::Models::BrowserDetails.get(@session, key_name)).to eql(original_key_value)
new_key_value = (0...10).map { ('a'..'z').to_a[rand(26)] }.join
BeEF::Core::Models::BrowserDetails.set(@session, key_name, new_key_value).to_s
expect(BeEF::Core::Models::BrowserDetails.get(@session, key_name)).to_not eql(original_key_value)
expect(BeEF::Core::Models::BrowserDetails.get(@session, key_name)).to eql(new_key_value)
end
end

82
spec/beef/core/main/network_stack/handlers/dynamic_reconstruction_spec.rb Normal file
View File

@@ -0,0 +1,82 @@
RSpec.describe 'BeEF Dynamic Reconsturction' do
before(:all) do
@port = 2001
config = {}
config[:BindAddress] = '127.0.0.1'
config[:Port] = @port.to_s
@mounts = {}
@mounts['/test'] = BeEF::Core::NetworkStack::Handlers::DynamicReconstruction.new
@rackApp = Rack::URLMap.new(@mounts)
Thin::Logging.silent = true
@server = Thin::Server.new('127.0.0.1', @port.to_s, @rackApp)
trap("INT") { @server.stop }
trap("TERM") { @server.stop }
@pid = fork do
@server.start!
end
# wait for server to start
sleep 1
end
after(:all) do
Process.kill("INT",@pid)
end
it 'delete' do
response = Curl::Easy.http_delete("http://127.0.0.1:#{@port}/test")
expect(response.response_code).to eql(404)
end
it 'put' do
response = Curl::Easy.http_put("http://127.0.0.1:#{@port}/test", nil)
expect(response.response_code).to eql(404)
end
it 'head' do
response = Curl::Easy.http_head("http://127.0.0.1:#{@port}/test")
expect(response.response_code).to eql(404)
end
context 'get' do
it 'no params' do
response = Curl::Easy.http_get("http://127.0.0.1:#{@port}/test")
expect(response.response_code).to eql(404)
end
it 'zero values' do
response = Curl::Easy.http_get("http://127.0.0.1:#{@port}/test?bh=0&sid=0&pid=0&pc=0&d=0")
expect(response.response_code).to eql(200)
expect(response.body_str).to be_empty
end
it 'one values' do
response = Curl::Easy.http_get("http://127.0.0.1:#{@port}/test?bh=1&sid=1&pid=1&pc=1&d=1")
expect(response.response_code).to eql(200)
expect(response.body_str).to be_empty
end
it 'negative one values' do
response = Curl::Easy.http_get("http://127.0.0.1:#{@port}/test?bh=-1&sid=-1&pid=-1&pc=-1&d=-1")
expect(response.response_code).to eql(200)
expect(response.body_str).to be_empty
end
# Fails gracefully
it 'ascii values' do
response = Curl::Easy.http_get("http://127.0.0.1:#{@port}/test?bh=z&sid=z&pid=z&pc=z&d=z")
expect(response.response_code).to eql(200)
expect(response.body_str).to be_empty
end
# Fails gracefully
it 'array values' do
response = Curl::Easy.http_get("http://127.0.0.1:#{@port}/test?bh[]=1&sid[]=1&pid[]=1&pc[]=1&d[]=1")
expect(response.response_code).to eql(200)
expect(response.body_str).to be_empty
end
end
end

33
spec/beef/core/main/network_stack/handlers/redirector_spec.rb Normal file
View File

@@ -0,0 +1,33 @@
RSpec.describe 'BeEF Redirector' do
before(:all) do
@port = 2002
config = {}
config[:BindAddress] = '127.0.0.1'
config[:Port] = @port.to_s
@mounts = {}
@mounts['/test'] = BeEF::Core::NetworkStack::Handlers::Redirector.new('http://www.beefproject.com')
@rackApp = Rack::URLMap.new(@mounts)
Thin::Logging.silent = true
@server = Thin::Server.new('127.0.0.1', @port.to_s, @rackApp)
trap("INT") { @server.stop }
trap("TERM") { @server.stop }
@pid = fork do
@server.start!
end
# wait for server to start
sleep 0.8
end
after(:all) do
Process.kill("INT",@pid)
end
it 'redirects' do
response = Curl::Easy.http_get("http://127.0.0.1:#{@port}/test/")
expect(response.response_code).to eql(302)
expect(response.body_str).to eql("302 found")
expect(response.header_str).to match(/Location: http:\/\/www.beefproject\.com/)
end
end

48
spec/beef/core/modules_spec.rb Normal file
View File

@@ -0,0 +1,48 @@
RSpec.describe 'BeEF Modules' do
it 'loaded successfully' do
expect {
BeEF::Modules.load
}.to_not raise_error
modules = BeEF::Core::Configuration.instance.get('beef.module').select do |k,v|
v['enable'] == true and v['category'] != nil
end
expect(modules.length).to be > 0
modules.each do |k,v|
expect(BeEF::Module.is_present(k)).to be(true)
expect(BeEF::Module.is_enabled(k)).to be(true)
expect {
BeEF::Module.hard_load(k)
}.to_not raise_error
expect(BeEF::Module.is_loaded(k)).to be(true)
BeEF::Core::Configuration.instance.get("beef.module.#{k}.target").each do |k,v|
expect(v).to_not be_empty
end
end
end
it 'safe client debug log' do
Dir['../../modules/**/*.js'].each do |path|
next unless File.file?(path)
File.open(path) do |f|
f.grep(/\bconsole\.log\W*\(/m) do |line|
fail "Function 'console.log' instead of 'beef.debug' inside\n Path: #{path}\nLine: #{line}"
end
end
end
end
it 'safe variable decleration' do
Dir['../../modules/**/*.js'].each do |path|
next unless File.file?(path)
File.open(path) do |f|
f.grep(/\blet\W+[a-zA-Z0-9_\.]+\W*=/) do |line|
fail "Variable declared with 'let' instead of 'var' inside\n Path: #{path}\nLine: #{line}"
end
end
end
end
end

15
spec/beef/extensions/console_spec.rb Normal file
View File

@@ -0,0 +1,15 @@
RSpec.describe 'BeEF Extension Console' do
before(:all) do
@config = BeEF::Core::Configuration.instance
@config.load_extensions_config
end
it 'loads configuration' do
expect(@config.get('beef.extension.console')).to have_key('enable')
console_shell = @config.get('beef.extension.console.shell')
expect(console_shell).to have_key('historyfolder')
expect(console_shell).to have_key('historyfile')
end
end

340
spec/beef/extensions/dns_spec.rb Normal file
View File

@@ -0,0 +1,340 @@
require 'resolv'
require 'extensions/dns/extension.rb'
RSpec.describe 'BeEF Extension DNS' do
IN = Resolv::DNS::Resource::IN
before(:all) do
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
@config = BeEF::Core::Configuration.instance
@config.load_extensions_config
@dns = BeEF::Extension::Dns::Server.instance
end
it 'loaded configuration' do
config = @config.get('beef.extension.dns')
expect(config).to have_key('protocol')
expect(config).to have_key('address')
expect(config).to have_key('port')
expect(config).to have_key('upstream')
end
it 'responds to interfaces' do
expect(@dns).to respond_to(:add_rule)
expect(@dns).to respond_to(:get_rule)
expect(@dns).to respond_to(:remove_rule!)
expect(@dns).to respond_to(:get_ruleset)
expect(@dns).to respond_to(:remove_ruleset!)
end
context 'add good rule' do
it '1.2.3.4' do
id = nil
response = '1.2.3.4'
expect {
id = @dns.add_rule(
:pattern => 'foo.bar',
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
}.to_not raise_error
expect(id).to_not be_nil
end
it '9.9.9.9' do
id = nil
response = '9.9.9.9'
expect {
id = @dns.add_rule(
:pattern => %r{i\.(love|hate)\.beef\.com?},
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
}.to_not raise_error
expect(id).to_not be_nil
end
it 'domains' do
response = '9.9.9.9'
domains = %w(
i.hate.beef.com
i.love.beef.com
i.love.beef.co
i.love.beef.co )
domains.each do |d|
id = nil
expect {
id = @dns.add_rule(
:pattern => %r{i\.(love|hate)\.beef\.com?},
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
}.to_not raise_error
expect(id).to_not be_nil
end
end
context 'add bad rule' do
it '4.2.4.2' do
id = nil
same_id = nil
pattern = 'j.random.hacker'
response = '4.2.4.2'
expect {
id = @dns.add_rule(
:pattern => pattern,
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
}.to_not raise_error
expect {
same_id = @dns.add_rule(
:pattern => pattern,
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
}.to_not raise_error
expect {
same_id = @dns.add_rule(
:pattern => pattern,
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
}.to_not raise_error
expect(id).to eql(same_id)
end
end
end
it 'id format' do
pattern = 'dead.beef'
response = '2.2.2.2'
id = nil
expect {
id = @dns.add_rule(
:pattern => pattern,
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
}.to_not raise_error
expect(id.length).to eql(8)
expect(id).to match(/^\h{8}$/)
end
it 'get good rule' do
pattern = 'be.ef'
response = '1.1.1.1'
id = nil
expect {
id = @dns.add_rule(
:pattern => pattern,
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
}.to_not raise_error
expect(id).to_not be_nil
rule = @dns.get_rule(id)
expect(rule).to be_a(Hash)
expect(rule.length).to be > 0
expect(rule).to have_key(:id)
expect(rule).to have_key(:pattern)
expect(rule).to have_key(:resource)
expect(rule).to have_key(:response)
expect(rule[:id]).to eql(id)
expect(rule[:pattern]).to eql(pattern)
expect(rule[:resource]).to eql('A')
expect(rule[:response]).to be_a(Array)
expect(rule[:response].length).to be > 0
expect(rule[:response].first).to eql(response)
end
it 'get bad rule' do
expect(@dns.get_rule(42)).to be_nil
end
it 'remove good rule' do
pattern = 'hack.the.gibson'
response = '1.9.9.5'
id = nil
expect {
id = @dns.add_rule(
:pattern => pattern,
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
}.to_not raise_error
expect(@dns.remove_rule!(id)).to be(true)
end
it 'remove bad rule' do
expect(@dns.remove_rule!(42)).to be_nil
end
it 'get ruleset' do
rules = [
{ pattern: 'be.ef', resource: 'A', response: '1.1.1.1' },
{ pattern: 'dead.beef', resource: 'A', response: '2.2.2.2' },
{ pattern: 'foo.bar', resource: 'A', response: '1.2.3.4' },
{ pattern: 'i\.(love|hate)\.beef.com?', resource: 'A', response: '9.9.9.9' },
{ pattern: 'j.random.hacker', resource: 'A', response: '4.2.4.2' }
]
@dns.remove_ruleset!
expect(@dns.get_ruleset.length).to eql(0)
rules.each do |r|
@dns.add_rule(
:pattern => r[:pattern],
:resource => IN::A,
:response => r[:response]
)
end
ruleset = @dns.get_ruleset
ruleset.sort! { |a, b| a[:pattern] <=> b[:pattern] }
expect(ruleset).to be_a(Array)
expect(ruleset.length).to eql(5)
rules.each_with_index do |v,i|
expect(ruleset[i][:pattern]).to eql(v[:pattern])
expect(ruleset[i][:resource]).to eql(v[:resource])
expect(ruleset[i][:response]).to eql(v[:response])
end
end
it 'remove ruleset' do
expect(@dns.remove_ruleset!).to be(true)
expect(@dns.get_ruleset.length).to eql(0)
end
it 'failure types' do
end
end
# Tests each supported type of query failure
# def test_13_failure_types
# begin
# id = @@dns.add_rule(
# :pattern => 'noerror.beef.com',
# :resource => IN::A,
# :response => ['1.2.3.4'] ) do |transaction|
# transaction.failure!(:NoError)
# end
# #check_failure_status(id, :NoError)
# end
#
# begin
# id = @@dns.add_rule(
# :pattern => 'formerr.beef.com',
# :resource => IN::A,
# :response => ['1.2.3.4'] ) do |transaction|
# transaction.failure!(:FormErr)
# end
## #check_failure_status(id, :FormErr)
# end
#
# begin
# id = @@dns.add_rule(
# :pattern => 'servfail.beef.com',
# :resource => IN::A,
# :response => ['1.2.3.4'] ) do |transaction|
# transaction.failure!(:ServFail)
# end
# #check_failure_status(id, :ServFail)
# end
#
# begin
# id = @@dns.add_rule(
# :pattern => 'nxdomain.beef.com',
# :resource => IN::A,
# :response => ['1.2.3.4'] ) do |transaction|
# transaction.failure!(:NXDomain)
# end
# #check_failure_status(id, :NXDomain)
# end
#
# begin
# id = @@dns.add_rule(
# :pattern => 'notimp.beef.com',
# :resource => IN::A,
## :response => ['1.2.3.4'] ) do |transaction|
# transaction.failure!(:NotImp)
# end
# #check_failure_status(id, :NotImp)
# end
#
# begin
# id = @@dns.add_rule(
# :pattern => 'refused.beef.com',
# :resource => IN::A,
# :response => ['1.2.3.4'] ) do |transaction|
### transaction.failure!(:Refused)
# end
# #check_failure_status(id, :Refused)
# end
#
# begin
# id = @@dns.add_rule(
# :pattern => 'notauth.beef.com',
# :resource => IN::A,
# :response => ['1.2.3.4'] ) do |transaction|
# transaction.failure!(:NotAuth)
# end
## #check_failure_status(id, :NotAuth)
# end
# end
#
## private
##
# # Confirms that a query for the rule given in 'id' returns a 'resource' failure status
## def check_failure_status(id, resource)
## rule = @@dns.get_rule(id)
# status = resource.to_s.force_encoding('UTF-8').upcase
# assert_equal(status, rule[:response][0])
#
# check_dns_response(/status: #{status}/, rule[:resource], rule[:pattern])
# end
#
# # Compares output of dig command against regex
# def check_dns_response(regex, type, pattern)
# address = @@config.get('beef.extension.dns.address')
# port = @@config.get('beef.extension.dns.port')
### dig_output = IO.popen(["dig", "@#{address}", "-p", "#{port}", "-t", "#{type}", "#{pattern}"], 'r+').read
# assert_match(regex, dig_output)
# end
##
##end
###

20
spec/beef/extensions/ipec_tunnel_spec.rb Normal file
View File

@@ -0,0 +1,20 @@
require 'extensions/ipec/extension'
RSpec.describe 'BeEF Extension IPEC' do
before(:all) do
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
@config = BeEF::Core::Configuration.instance
@config.load_extensions_config
end
it 'loads configuration' do
expect(@config.get('beef.extension.ipec')).to have_key('enable')
end
it 'interface' do
expect(BeEF::Extension::Ipec::JunkCalculator.instance).to respond_to(:bind_junk_calculator)
end
end

26
spec/beef/extensions/network_spec.rb Normal file
View File

@@ -0,0 +1,26 @@
require 'extensions/network/models/network_service'
require 'extensions/network/models/network_host'
RSpec.describe 'BeEF Extension Network' do
before(:all) do
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
end
it 'add good host' do
expect {
BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => '1234', :ip => '127.0.0.1')
}.to_not raise_error
expect(BeEF::Core::Models::NetworkHost.all(hooked_browser_id: '1234', ip: '127.0.0.1')).to_not be_empty
end
it 'add good service' do
expect {
BeEF::Core::Models::NetworkService.add(:hooked_browser_id => '1234', :proto => 'http', :ip => '127.0.0.1', :port => 80, :type => 'Apache')
}.to_not raise_error
expect(BeEF::Core::Models::NetworkService.all(hooked_browser_id: '1234', ip: '127.0.0.1')).to_not be_empty
end
end

21
spec/beef/extensions/proxy_spec.rb Normal file
View File

@@ -0,0 +1,21 @@
require 'extensions/proxy/extension'
RSpec.describe 'BeEF Extension Proxy' do
before(:all) do
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
@config = BeEF::Core::Configuration.instance
@config.load_extensions_config
end
it 'loads configuration' do
config = @config.get('beef.extension.proxy')
expect(config).to have_key('enable')
expect(config).to have_key('address')
expect(config).to have_key('port')
expect(config).to have_key('key')
expect(config).to have_key('cert')
end
end

20
spec/beef/extensions/qrcode_spec.rb Normal file
View File

@@ -0,0 +1,20 @@
require 'extensions/qrcode/extension'
RSpec.describe 'BeEF Extension QRCode' do
before(:all) do
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
@config = BeEF::Core::Configuration.instance
@config.load_extensions_config
end
it 'loads configuration' do
config = @config.get('beef.extension.qrcode')
expect(config).to have_key('enable')
expect(config).to have_key('targets')
expect(config).to have_key('qrsize')
expect(config).to have_key('qrborder')
end
end

23
spec/beef/extensions/requester_spec.rb Normal file
View File

@@ -0,0 +1,23 @@
require 'extensions/requester/extension'
RSpec.describe 'BeEF Extension Requester' do
before(:all) do
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
@config = BeEF::Core::Configuration.instance
@config.load_extensions_config
end
it 'loads configuration' do
expect(@config.get('beef.extension.requester')).to have_key('enable')
end
it 'has interface' do
requester = BeEF::Extension::Requester::API::Hook.new
expect(requester).to respond_to(:requester_run)
expect(requester).to respond_to(:add_to_body)
expect(requester).to respond_to(:requester_parse_db_request)
end
end

67
spec/beef/extensions/webrtc_spec.rb Normal file
View File

@@ -0,0 +1,67 @@
require 'rest-client'
RSpec.describe 'BeEF Extension WebRTC' do
before(:all) do
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
@config = BeEF::Core::Configuration.instance
@config.load_extensions_config
# json = {:username => BEEF_USER, :password => BEEF_PASSWD}.to_json
# @headers = {:content_type => :json, :accept => :json}
# response = RestClient.post("#{RESTAPI_ADMIN}/login", json, @headers)
# result = JSON.parse(response.body)
# @token = result['token']
# @activated = @config.get('beef.extension.webrtc.enable') || false
# @victim1 = BeefTest.new_victim
# @victim2 = BeefTest.new_victim
# sleep 8
# # Fetch last online browsers' ids
# rest_response = RestClient.get "#{RESTAPI_HOOKS}", {:params => { :token => @token}}
# result = JSON.parse(rest_response.body)
# browsers = result["hooked-browsers"]["online"]
# browsers.each_with_index do |elem, index|
# if index == browsers.length - 1
# @victim2id = browsers["#{index}"]["id"].to_s
# end
# if index == browsers.length - 2
# @victim1id = browsers["#{index}"]["id"].to_s
# end
# end
end
after(:all) do
# @victim1.driver.browser.close unless @victim1.nil?
# @victim2.driver.browser.close unless @victim2.nil?
end
it 'loads configuration' do
config = @config.get('beef.extension.webrtc')
expect(config).to have_key('enable')
expect(config).to have_key('stunservers')
expect(config).to have_key('turnservers')
end
# it 'check two hooked browsers' do
# expect(@activated).to be(true)
# response = nil
# expect {
# response = RestClient.get "#{RESTAPI_HOOKS}", {:params => {:token => @token}}
# }.to_not raise_error
# expect(response).to_not be_nil
# expect(response.body).to_not be_nil
# expect(response.code).to eql(200)
# result = JSON.parse(rest_response.body)
# browsers = result["hooked-browsers"]["online"]
# expect(browsers).to_not be_nil
# expect(browsers.length).to be >= 2
# end
end

24
spec/beef/extensions/xssrays_spec.rb Normal file
View File

@@ -0,0 +1,24 @@
require 'extensions/xssrays/extension'
RSpec.describe 'BeEF Extension XSSRays' do
before(:all) do
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
@config = BeEF::Core::Configuration.instance
@config.load_extensions_config
end
it 'loads configuration' do
config = @config.get('beef.extension.xssrays')
expect(config).to have_key('enable')
expect(config).to have_key('clean_timeout')
expect(config).to have_key('cross_domain')
end
it 'interface' do
xssrays = BeEF::Extension::Xssrays::API::Scan.new
expect(xssrays).to respond_to(:start_scan)
expect(xssrays).to respond_to(:add_to_body)
end
end

30
spec/beef/filesystem_checks_spec.rb Normal file
View File

@@ -0,0 +1,30 @@
RSpec.describe 'BeEF Filesystem' do
def file_test(file)
expect(File.file?(file)).to be(true)
expect(File.zero?(file)).to be(false)
end
it 'required files' do
files = [
'beef',
'config.yaml',
'install'
]
files.each do |f|
file_test(f)
end
end
it 'executable directories' do
dirs = [
'core',
'modules',
'extensions'
]
dirs.each do |d|
expect(File.executable?(d)).to be(true)
end
end
end

17
spec/beef/security_checks_spec.rb Normal file
View File

@@ -0,0 +1,17 @@
RSpec.describe 'BeEF Security Checks' do
it 'dangerous eval usage' do
Dir['**/*.rb'].each do |path|
File.open(path) do |f|
next if /#{File.basename(__FILE__)}/.match(path) # skip this file
next if /\/msf-test\//.match(path) # skip this file
next if /extensions\/dns/.match(path) # skip this file
f.grep(/\Weval\W/im) do |line|
fail "Illegal use of 'eval' found in\n Path: #{path}\nLine: #{line}"
end
end
end
end
end

30
spec/spec_helper.rb Normal file
View File

@@ -0,0 +1,30 @@
require 'core/loader.rb'
# Notes
# We need to load vairables that 'beef' usually does for us
## config
config = BeEF::Core::Configuration.new('config.yaml')
## home_dir
$home_dir = Dir.pwd
## root_dir
$root_dir = Dir.pwd
require 'core/bootstrap.rb'
require 'rack/test'
require 'curb'
require 'rest-client'
# Require supports
Dir['spec/support/*.rb'].each do |f|
require f
end
ENV['RACK_ENV'] ||= 'test'
RSpec.configure do |config|
config.disable_monkey_patching!
config.include Rack::Test::Methods
config.expect_with :rspec do |c|
c.syntax = :expect
end
end

0
test/common/beef_test.rb → spec/support/beef_test.rb
View File

0
test/common/test_constants.rb → spec/support/constants.rb
View File

0
test/api/lib/beef_rest_client.rb → spec/support/simple_rest_client.rb
View File

73
test/api/1333_auth_rate.rb
View File

@@ -1,73 +0,0 @@
#
# Copyright (c) 2006-2017 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
#require 'pry-byebug'
require 'rest-client'
require 'json'
require 'optparse'
require 'pp'
require '../common/test_constants'
require_relative './lib/beef_rest_client'
class TC_1333_auth_rate < Test::Unit::TestCase
def test_auth_rate
# tests rate of auth calls
# this takes some time - with no output
# beef must be running
passwds = (1..9).map { |i| "broken_pass"}
passwds.push BEEF_PASSWD
apis = passwds.map { |pswd| BeefRestClient.new('http', ATTACK_DOMAIN, '3000', BEEF_USER, pswd) }
l = apis.length
# t0 = Time.now()
(0..2).each do |again| # multiple sets of auth attempts
# first pass -- apis in order, valid passwd on 9th attempt
# subsequent passes apis shuffled
# puts "speed requesets" # all should return 401
(0..50).each do |i|
# t = Time.now()
# puts "#{i} : #{t - t0} : #{apis[i%l].auth()[:payload]}"
test_api = apis[i%l]
assert_match("401", test_api.auth()[:payload]) # all (unless the valid is first 1 in 10 chance)
# t0 = t
end
# again with more time between calls -- there should be success (1st iteration)
# puts "delayed requests"
(0..(l*2)).each do |i|
# t = Time.now()
# puts "#{i} : #{t - t0} : #{apis[i%l].auth()[:payload]}"
test_api = apis[i%l]
if (test_api.is_pass?(BEEF_PASSWD))
assert(test_api.auth()[:payload]["success"]) # valid pass should succeed
else
assert_match("401", test_api.auth()[:payload])
end
sleep(0.5)
# t0 = t
end
apis.shuffle! # new order for next iteration
apis.reverse if (apis[0].is_pass?(BEEF_PASSWD)) # prevent the first from having valid passwd
end # multiple sets of auth attempts
end # test_auth_rate
end

22
test/common/ts_common.rb
View File

@@ -1,22 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
# @note Version check to ensure BeEF is running Ruby 2.0+
if RUBY_VERSION < '2.3'
puts "\n"
puts "Ruby version #{RUBY_VERSION} is no longer supported. Please upgrade to Ruby version 2.3 or later."
puts "\n"
exit 1
end
begin
require 'test/unit/ui/console/testrunner'
rescue LoadError
puts "The following instruction failed: require 'test/unit/ui/console/testrunner'"
puts "Please run: sudo gem install test-unit-full"
exit
end

22
test/scripts/iptables.sh
View File

@@ -1,22 +0,0 @@
#!/bin/sh
# Delete all existing rules
/sbin/iptables -F
/sbin/iptables -X
# Set default chain policies
/sbin/iptables -P INPUT DROP
/sbin/iptables -P FORWARD DROP
/sbin/iptables -P OUTPUT ACCEPT
# Allow unlimited traffic on loopback
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A OUTPUT -o lo -j ACCEPT
# Allow incoming SSH
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
/sbin/iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
# Allow established connections
/sbin/iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT

333
test/unit/core/filter/tc_base.rb
View File

@@ -1,333 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
require '../../core/filters/base'
class TC_Filter < Test::Unit::TestCase
def test_is_non_empty_string
assert((not BeEF::Filters::is_non_empty_string?(nil)), 'Nil string')
assert((not BeEF::Filters::is_non_empty_string?(1)), 'Is integer')
assert((not BeEF::Filters::is_non_empty_string?("")), 'Empty string')
assert((BeEF::Filters::is_non_empty_string?("\x00")), 'Single null')
assert((BeEF::Filters::is_non_empty_string?("0")), 'First char is a num')
assert((BeEF::Filters::is_non_empty_string?("A")), 'First char is a alpha')
assert(BeEF::Filters::is_non_empty_string?("3333"), '4 num chars')
assert((BeEF::Filters::is_non_empty_string?("A3333")), '4 num chars begining with an aplha')
assert((BeEF::Filters::is_non_empty_string?("\x003333")), '4 num chars begining with a null')
end
def test_only
assert((BeEF::Filters::only?('A', 'A')), 'A - A -> success')
assert((not BeEF::Filters::only?('A', 'B')), 'A - B -> fail')
end
def test_exists
assert((BeEF::Filters::exists?('A', 'A')), 'A - A -> success')
assert((not BeEF::Filters::exists?('A', 'B')), 'A - B -> fail')
end
def test_has_null
assert((not BeEF::Filters::has_null?(nil)), 'Nil')
assert((not BeEF::Filters::has_null?("")), 'Empty string')
assert((not BeEF::Filters::has_null?("\x01")), '0x01 string')
assert((not BeEF::Filters::has_null?("\xFF")), '0xFF string')
assert((not BeEF::Filters::has_null?("A")), 'Single char')
assert((not BeEF::Filters::has_null?("A3333")), '4 num chars begining with an aplha')
assert((not BeEF::Filters::has_null?("0")), '0 string')
assert((not BeEF::Filters::has_null?("}")), '} char')
assert((not BeEF::Filters::has_null?(".")), '. char')
assert((not BeEF::Filters::has_null?("+")), '+ char')
assert((not BeEF::Filters::has_null?("-")), '- char')
assert((not BeEF::Filters::has_null?("-1")), '-1 string')
assert((not BeEF::Filters::has_null?("0.A")), '0.A string')
assert((not BeEF::Filters::has_null?("3333")), '33 33 string')
assert((not BeEF::Filters::has_null?("33 33")), '33 33 string')
assert((not BeEF::Filters::has_null?(" AAAAAAAA")), 'white space at start of string')
assert((not BeEF::Filters::has_null?("AAAAAAAA ")), 'white space at end of string')
(1..255).each {|c|
str = ''
str.concat(c)
assert(!(BeEF::Filters::has_null?(str)), 'loop of around every char')
}
assert((BeEF::Filters::has_null?("\x00")), 'Single null')
assert((BeEF::Filters::has_null?("A\x00")), 'Char and null')
assert((BeEF::Filters::has_null?("AAAAAAAA\x00")), 'Char and null')
assert((BeEF::Filters::has_null?("\x00A")), 'Null and char')
assert((BeEF::Filters::has_null?("\x00AAAAAAAAA")), 'Null and chars')
assert((BeEF::Filters::has_null?("A\x00A")), 'Null surrounded by chars')
assert((BeEF::Filters::has_null?("AAAAAAAAA\x00AAAAAAAAA")), 'Null surrounded by chars')
assert((BeEF::Filters::has_null?("A\n\r\x00")), 'new line and carriage return at start of string')
assert((BeEF::Filters::has_null?("\x00\n\rA")), 'new line and carriage return at end of string')
assert((BeEF::Filters::has_null?("A\n\r\x00\n\rA")), 'new line and carriage return at start and end of string')
assert((BeEF::Filters::has_null?("\tA\x00A")), 'tab at start of string')
(1..255).each {|c|
str = ''
str.concat(c)
str += "\x00"
assert((BeEF::Filters::has_null?(str)), 'loop of behind every char')
}
(1..255).each {|c|
str = ''
str += "\x00"
str.concat(c)
assert((BeEF::Filters::has_null?(str)), 'loop of infront every char')
}
(1..255).each {|c|
str = ''
str.concat(c)
str += "\x00"
str.concat(c)
assert((BeEF::Filters::has_null?(str)), 'loop of around every char')
}
end
def test_has_non_printable_char
assert((not BeEF::Filters::has_non_printable_char?(nil)), 'Nil')
assert((not BeEF::Filters::has_non_printable_char?("")), 'Empty string')
assert((not BeEF::Filters::has_non_printable_char?("A")), 'Single char')
assert((not BeEF::Filters::has_non_printable_char?("A3333")), '4 num chars begining with an aplha')
assert((not BeEF::Filters::has_non_printable_char?("0")), '0 string')
assert((not BeEF::Filters::has_non_printable_char?("}")), '} char')
assert((not BeEF::Filters::has_non_printable_char?(".")), '. char')
assert((not BeEF::Filters::has_non_printable_char?("+")), '+ char')
assert((not BeEF::Filters::has_non_printable_char?("-")), '- char')
assert((not BeEF::Filters::has_non_printable_char?("-1")), '-1 string')
assert((not BeEF::Filters::has_non_printable_char?("0.A")), '0.A string')
assert((not BeEF::Filters::has_non_printable_char?("3333")), '4 num chars')
assert((not BeEF::Filters::has_non_printable_char?(" 0AAAAAAAA")), 'white space at start of string')
assert((not BeEF::Filters::has_non_printable_char?(" 0AAAAAAAA ")), 'white space at end of string')
# check lowercase chars
('a'..'z').each {|c|
assert((not BeEF::Filters::has_non_printable_char?(c)), 'lowercase chars')
}
# check uppercase chars
('A'..'Z').each {|c|
assert((not BeEF::Filters::has_non_printable_char?(c)), 'uppercase chars')
}
# check numbers chars
('0'..'9').each {|c|
assert((not BeEF::Filters::has_non_printable_char?(c)), 'number chars')
}
assert((BeEF::Filters::has_non_printable_char?("\x00")), '0x00 string')
assert((BeEF::Filters::has_non_printable_char?("\x01")), '0x01 string')
assert((BeEF::Filters::has_non_printable_char?("\x02")), '0x02 string')
# Commented the below because the UTF-8 handling for \xFF appears to break.
# See Issue #1126
# assert((BeEF::Filters::has_non_printable_char?("\xF0")), '0xFE string')
# assert((BeEF::Filters::has_non_printable_char?("\xFE")), '0xFE string')
# assert((BeEF::Filters::has_non_printable_char?("\xFF")), '0xFF string')
assert((BeEF::Filters::has_non_printable_char?("A\x03")), 'Single char and non printable char')
assert((BeEF::Filters::has_non_printable_char?("\x04A")), 'Single char and non printable char')
assert((BeEF::Filters::has_non_printable_char?("\x003333")), '4 num chars begining with a null')
assert((BeEF::Filters::has_non_printable_char?("\x00AAAAAAAA")), 'null at start of string')
assert((BeEF::Filters::has_non_printable_char?(" AAAAAAAA\x00")), 'null at end of string')
assert((BeEF::Filters::has_non_printable_char?("\t\x00AAAAAAAA")), 'tab at start of string')
assert((BeEF::Filters::has_non_printable_char?("\n\x00AAAAAAAA")), 'new line at start of string')
assert((BeEF::Filters::has_non_printable_char?("\n\r\x00AAAAAAAA")), 'new line and carriage return at start of string')
assert((BeEF::Filters::has_non_printable_char?("AAAAAAAAA\x00AAAAA")), 'Chars and null')
assert((BeEF::Filters::has_non_printable_char?("\n\x00")), 'newline and null')
(0..255).each {|c|
str = ''
str.concat(c)
str += "\x00"
str.concat(c)
assert((BeEF::Filters::has_non_printable_char?(str)), 'loop of around every char')
}
end
def test_is_nums_only
assert((not BeEF::Filters::nums_only?(nil)), 'Nil string')
assert((not BeEF::Filters::nums_only?(1)), 'Is integer')
assert((not BeEF::Filters::nums_only?("")), 'Empty string')
assert((not BeEF::Filters::nums_only?("A")), 'First char is a alpha')
assert((not BeEF::Filters::nums_only?("A3333")), '4 num chars begining with an aplha')
assert((not BeEF::Filters::nums_only?("\x003333")), '4 num chars begining with a null')
assert((not BeEF::Filters::nums_only?("}")), '} char')
assert((not BeEF::Filters::nums_only?(".")), '. char')
assert((not BeEF::Filters::nums_only?("+")), '+ char')
assert((not BeEF::Filters::nums_only?("-")), '- char')
assert((not BeEF::Filters::nums_only?("-1")), '-1 string')
assert((BeEF::Filters::nums_only?("0")), 'First char is a num')
assert((BeEF::Filters::nums_only?("3333")), '4 num chars')
end
def test_is_valid_float
assert((not BeEF::Filters::is_valid_float?(nil)), 'Nil string')
assert((not BeEF::Filters::is_valid_float?(1)), 'Is integer')
assert((not BeEF::Filters::is_valid_float?("")), 'Empty string')
assert((not BeEF::Filters::is_valid_float?("A")), 'First char is a alpha')
assert((not BeEF::Filters::is_valid_float?("A3333")), '4 num chars begining with an aplha')
assert((not BeEF::Filters::is_valid_float?("\x003333")), '4 num chars begining with a null')
assert((not BeEF::Filters::is_valid_float?("}")), '} char')
assert((not BeEF::Filters::is_valid_float?(".")), '. char')
assert((not BeEF::Filters::is_valid_float?("+")), '+ char')
assert((not BeEF::Filters::is_valid_float?("-")), '- char')
assert((not BeEF::Filters::is_valid_float?("-1")), '-1 string')
assert((not BeEF::Filters::is_valid_float?("0")), 'First char is a num')
assert((not BeEF::Filters::is_valid_float?("3333")), '4 num chars')
assert((not BeEF::Filters::is_valid_float?("0.A")), '0.A string')
assert((BeEF::Filters::is_valid_float?("33.33")), '4 num chars')
assert((BeEF::Filters::is_valid_float?("0.0")), '0.0 string')
assert((BeEF::Filters::is_valid_float?("1.0")), '1.0 string')
assert((BeEF::Filters::is_valid_float?("0.1")), '0.1 string')
assert((BeEF::Filters::is_valid_float?("33.33")), '33.33 string')
end
def test_hexs_only
assert((not BeEF::Filters::hexs_only?(nil)), 'Nil string')
assert((not BeEF::Filters::hexs_only?(1)), 'Is integer')
assert((not BeEF::Filters::hexs_only?("")), 'Empty string')
assert((not BeEF::Filters::hexs_only?("\x003333")), '4 num chars begining with a null')
assert((not BeEF::Filters::hexs_only?("}")), '} char')
assert((not BeEF::Filters::hexs_only?(".")), '. char')
assert((not BeEF::Filters::hexs_only?("+")), '+ char')
assert((not BeEF::Filters::hexs_only?("-")), '- char')
assert((not BeEF::Filters::hexs_only?("-1")), '-1 string')
assert((not BeEF::Filters::hexs_only?("0.A")), '0.A string')
assert((not BeEF::Filters::hexs_only?("33.33")), '4 num chars')
assert((not BeEF::Filters::hexs_only?("0.0")), '0.0 string')
assert((not BeEF::Filters::hexs_only?("1.0")), '1.0 string')
assert((not BeEF::Filters::hexs_only?("0.1")), '0.1 string')
assert((not BeEF::Filters::hexs_only?("33.33")), '33.33 string')
assert((BeEF::Filters::hexs_only?("0123456789ABCDEFabcdef")), '0123456789ABCDEFabcdef string')
assert((BeEF::Filters::hexs_only?("0")), 'First char is a num')
assert((BeEF::Filters::hexs_only?("3333")), '4 num chars')
assert((BeEF::Filters::hexs_only?("A3333")), '4 num chars begining with an aplha')
assert((BeEF::Filters::hexs_only?("A")), 'First char is a alpha')
end
def test_first_char_is_num
assert((not BeEF::Filters::first_char_is_num?("")), 'Empty string')
assert((not BeEF::Filters::first_char_is_num?("A")), 'First char is a alpha')
assert((not BeEF::Filters::first_char_is_num?("A3333")), '4 num chars begining with an aplha')
assert((not BeEF::Filters::first_char_is_num?("\x003333")), '4 num chars begining with a null')
assert((BeEF::Filters::first_char_is_num?("3333")), '4 num chars')
assert((BeEF::Filters::first_char_is_num?("0AAAAAAAA")), '0AAAAAAAA string')
assert((BeEF::Filters::first_char_is_num?("0")), 'First char is a num')
end
def test_has_whitespace_char
assert((not BeEF::Filters::has_whitespace_char?("")), 'Empty string')
assert((not BeEF::Filters::has_whitespace_char?("A")), 'First char is a alpha')
assert((not BeEF::Filters::has_whitespace_char?("A3333")), '4 num chars begining with an aplha')
assert((not BeEF::Filters::has_whitespace_char?("\x003333")), '4 num chars begining with a null')
assert((not BeEF::Filters::has_whitespace_char?("0")), 'First char is a num')
assert((not BeEF::Filters::has_whitespace_char?("}")), '} char')
assert((not BeEF::Filters::has_whitespace_char?(".")), '. char')
assert((not BeEF::Filters::has_whitespace_char?("+")), '+ char')
assert((not BeEF::Filters::has_whitespace_char?("-")), '- char')
assert((not BeEF::Filters::has_whitespace_char?("-1")), '-1 string')
assert((not BeEF::Filters::has_whitespace_char?("0.A")), '0.A string')
assert((BeEF::Filters::has_whitespace_char?("33 33")), '4 num chars')
assert((BeEF::Filters::has_whitespace_char?(" ")), 'white space char only')
assert((BeEF::Filters::has_whitespace_char?(" ")), 'white space chars only')
assert((BeEF::Filters::has_whitespace_char?(" 0AAAAAAAA")), 'white space at start of string')
assert((BeEF::Filters::has_whitespace_char?(" 0AAAAAAAA ")), 'white space at start and end of string')
assert((BeEF::Filters::has_whitespace_char?("\t0AAAAAAAA")), 'white space at start of string')
assert((BeEF::Filters::has_whitespace_char?("\n0AAAAAAAA")), 'white space at start of string')
end
def test_alphanums_only
assert((BeEF::Filters::alphanums_only?("A")), 'Single char')
assert((BeEF::Filters::alphanums_only?("A3333")), '4 num chars begining with an aplha')
assert((BeEF::Filters::alphanums_only?("0")), '0 string')
assert((not BeEF::Filters::alphanums_only?(nil)), 'Nil')
assert((not BeEF::Filters::alphanums_only?("")), 'Empty string')
assert((not BeEF::Filters::alphanums_only?("\n")), '\\n string')
assert((not BeEF::Filters::alphanums_only?("\r")), '\\r string')
assert((not BeEF::Filters::alphanums_only?("\x01")), '0x01 string')
# Commented the below because the UTF-8 handling for \xFF appears to break.
# See Issue #1126
# assert((not BeEF::Filters::alphanums_only?("\xFF")), '0xFF string')
assert((not BeEF::Filters::alphanums_only?("}")), '} char')
assert((not BeEF::Filters::alphanums_only?(".")), '. char')
assert((not BeEF::Filters::alphanums_only?("+")), '+ char')
assert((not BeEF::Filters::alphanums_only?("-")), '- char')
assert((not BeEF::Filters::alphanums_only?("-1")), '-1 string')
assert((not BeEF::Filters::alphanums_only?("ee-!@$%^&*}=0.A")), '0.A string')
assert((not BeEF::Filters::alphanums_only?("33 33")), '33 33 string')
assert((not BeEF::Filters::alphanums_only?(" AAAAAAAA")), 'white space at start of string')
assert((not BeEF::Filters::alphanums_only?("AAAAAAAA ")), 'white space at end of string')
# check lowercase chars
('a'..'z').each {|c|
assert((BeEF::Filters::alphanums_only?(c)), 'lowercase chars')
}
# check uppercase chars
('A'..'Z').each {|c|
assert((BeEF::Filters::alphanums_only?(c)), 'uppercase chars')
}
# check numbers chars
('0'..'9').each {|c|
assert((BeEF::Filters::alphanums_only?(c)), 'number chars')
}
assert((not BeEF::Filters::alphanums_only?("\x00")), 'Single null')
assert((not BeEF::Filters::alphanums_only?("A\x00")), 'Char and null')
assert((not BeEF::Filters::alphanums_only?("AAAAAAAA\x00")), 'Char and null')
assert((not BeEF::Filters::alphanums_only?("\x00A")), 'Null and char')
assert((not BeEF::Filters::alphanums_only?("\x00AAAAAAAAA")), 'Null and chars')
assert((not BeEF::Filters::alphanums_only?("A\x00A")), 'Null surrounded by chars')
assert((not BeEF::Filters::alphanums_only?("AAAAAAAAA\x00AAAAAAAAA")), 'Null surrounded by chars')
assert((not BeEF::Filters::alphanums_only?("A\n\r\x00")), 'new line and carriage return at start of string')
assert((not BeEF::Filters::alphanums_only?("\x00\n\rA")), 'new line and carriage return at end of string')
assert((not BeEF::Filters::alphanums_only?("A\n\r\x00\n\rA")), 'new line and carriage return at start and end of string')
assert((not BeEF::Filters::alphanums_only?("\tA\x00A")), 'tab at start of string')
(0..255).each {|c|
str = ''
str.concat(c)
str += "\x00"
assert((not BeEF::Filters::alphanums_only?(str)), 'loop of behind every char')
}
(0..255).each {|c|
str = "\x00"
str.concat(c)
assert((not BeEF::Filters::alphanums_only?(str)), 'loop of behind every char')
}
(0..255).each {|c|
str = ''
str.concat(c)
str += "\x00"
str.concat(c)
assert((not BeEF::Filters::alphanums_only?(str)), 'loop of behind every char')
}
assert((BeEF::Filters::alphanums_only?("3333")), '33 33 string')
end
end

20
test/unit/core/filter/tc_command.rb
View File

@@ -1,20 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
require '../../core/filters/base'
require '../../core/filters/command'
class TC_Filter < Test::Unit::TestCase
def test_has_valid_param_chars
assert((not BeEF::Filters::has_valid_param_chars?(nil)), 'Nil')
assert((not BeEF::Filters::has_valid_param_chars?("")), 'Empty string')
assert((BeEF::Filters::has_valid_param_chars?("A")), 'Single char')
assert((not BeEF::Filters::has_valid_param_chars?("+")), 'Single invalid char')
end
end

54
test/unit/core/main/models/tc_browserdetails.rb
View File

@@ -1,54 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_BrowserDetails < Test::Unit::TestCase
def setup
$:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.'))
$root_dir = File.expand_path('../../../../', __FILE__)
@session = (0...10).map { ('a'..'z').to_a[rand(26)] }.join
end
def shutdown
$root_dir = nil
end
# Connects to in-memory database (does not test anything)
def test_01_database
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
end
# Tests nil key value returns empty string
def test_02_set_nil_values
key_value = nil
BeEF::Core::Models::BrowserDetails.set(@session, 'key_with_nil_value', key_value).to_s
assert_equal '', BeEF::Core::Models::BrowserDetails.get(@session, 'key_with_nil_valule').to_s
end
# Tests get/set browser details
def test_03_set_browser_details
key_name = (0...10).map { ('a'..'z').to_a[rand(26)] }.join
key_value = (0...10).map { ('a'..'z').to_a[rand(26)] }.join
BeEF::Core::Models::BrowserDetails.set(@session, key_name, key_value).to_s
assert_equal key_value, BeEF::Core::Models::BrowserDetails.get(@session, key_name).to_s
end
# Tests updating browser details
def test_04_update_browser_details
key_name = (0...10).map { ('a'..'z').to_a[rand(26)] }.join
key_value = (0...10).map { ('a'..'z').to_a[rand(26)] }.join
BeEF::Core::Models::BrowserDetails.set(@session, key_name, key_value).to_s
assert_equal key_value, BeEF::Core::Models::BrowserDetails.get(@session, key_name).to_s
key_value = (0...10).map { ('a'..'z').to_a[rand(26)] }.join
BeEF::Core::Models::BrowserDetails.set(@session, key_name, key_value).to_s
assert_equal key_value, BeEF::Core::Models::BrowserDetails.get(@session, key_name).to_s
end
end

116
test/unit/core/main/network_stack/handlers/dynamicreconstruction.rb
View File

@@ -1,116 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
require 'rubygems'
require 'curb'
class TC_DynamicReconstruction < Test::Unit::TestCase
@@port = 20000 + rand(10000)
def setup
$root_dir="../../"
$:.unshift File.join( %w{ ../../ } )
require 'core/loader'
require 'core/main/network_stack/handlers/dynamicreconstruction.rb'
@@port += 1 # cycle through ports because the tcp teardown process is too slow
@port = @@port
config = {}
config[:BindAddress] = '127.0.0.1'
config[:Port] = @port.to_s
@mounts = {}
@mounts['/test'] = BeEF::Core::NetworkStack::Handlers::DynamicReconstruction.new
@rackApp = Rack::URLMap.new(@mounts)
Thin::Logging.silent = true
@server = Thin::Server.new('127.0.0.1', @port.to_s, @rackApp)
trap("INT") { @server.stop }
trap("TERM") { @server.stop }
@pid = fork do
@server.start!
end
end
def teardown
Process.kill("INT",@pid)
$root_dir = nil
end
# the server doesn't offer a mutex or callback
def wait_for_server
max_waits = 3
sleep_length = 0.1
count = 0
while (count < max_waits)
break if @server.running?
count += 1
sleep sleep_length
end
end
def test_delete
wait_for_server
response = Curl::Easy.http_delete("http://127.0.0.1:" + @port.to_s + "/test")
assert_equal 404, response.response_code
end
def test_put
wait_for_server
response = Curl::Easy.http_put("http://127.0.0.1:" + @port.to_s + "/test", nil)
assert_equal 404, response.response_code
end
def test_head
wait_for_server
response = Curl::Easy.http_head("http://127.0.0.1:" + @port.to_s + "/test")
assert_equal 404, response.response_code
end
def test_no_params
wait_for_server
response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test")
assert_equal 404, response.response_code
end
def test_zero_values
wait_for_server
response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test?bh=0&sid=0&pid=0&pc=0&d=0")
assert_equal 200, response.response_code
assert_equal "", response.body_str
end
def test_one_values
wait_for_server
response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test?bh=1&sid=1&pid=1&pc=1&d=1")
assert_equal 200, response.response_code
assert_equal "", response.body_str
end
def test_neg_one_values
wait_for_server
response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test?bh=-1&sid=-1&pid=-1&pc=-1&d=-1")
assert_equal 200, response.response_code
assert_equal "", response.body_str
end
def test_ascii_values
wait_for_server
response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test?bh=z&sid=z&pid=z&pc=z&d=z")
assert_equal 200, response.response_code
assert_equal "", response.body_str
end
def test_array_values
wait_for_server
response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test?bh[]=1&sid[]=1&pid[]=1&pc[]=1&d[]=1")
assert_equal 200, response.response_code
assert_equal "", response.body_str
end
end

66
test/unit/core/main/network_stack/handlers/redirector.rb
View File

@@ -1,66 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
require 'rubygems'
require 'curb'
class TC_Redirector < Test::Unit::TestCase
@@port = 20000 + rand(10000)
def setup
$root_dir="../../"
$:.unshift File.join( %w{ ../../ } )
require 'core/loader'
require 'core/main/network_stack/assethandler.rb'
require 'core/main/network_stack/handlers/redirector.rb'
@@port += 1 # cycle through ports because the tcp teardown process is too slow
@port = @@port
config = {}
config[:BindAddress] = '127.0.0.1'
config[:Port] = @port.to_s
@mounts = {}
@mounts['/test'] = BeEF::Core::NetworkStack::Handlers::Redirector.new('http://www.beefproject.com')
@rackApp = Rack::URLMap.new(@mounts)
Thin::Logging.silent = true
@server = Thin::Server.new('127.0.0.1', @port.to_s, @rackApp)
trap("INT") { @server.stop }
trap("TERM") { @server.stop }
@pid = fork do
@server.start!
end
end
def teardown
Process.kill("INT",@pid)
$root_dir = nil
end
# the server doesn't offer a mutex or callback
def wait_for_server
max_waits = 3
sleep_length = 0.1
count = 0
while (count < max_waits)
break if @server.running?
count += 1
sleep sleep_length
end
end
def test_get
wait_for_server
response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test/")
assert_equal 302, response.response_code
assert_equal "302 found", response.body_str
assert_match /Location: http:\/\/www\.beefproject\.com/, response.header_str
end
end

28
test/unit/core/tc_api.rb
View File

@@ -1,28 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Api < Test::Unit::TestCase
def setup
$root_dir = "../../"
$:.unshift File.join( %w{ ../../ } )
end
def teardown
$root_dir = nil
end
#
# Test the api is functional
#
def test_api
assert_nothing_raised do
require 'core/api'
end
end
end

19
test/unit/core/tc_autorun.rb
View File

@@ -1,19 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Autorun < Test::Unit::TestCase
def setup
$:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.'))
$root_dir = File.expand_path('../../../../', __FILE__)
end
def test_autorun
assert(true)
end
end

30
test/unit/core/tc_bootstrap.rb
View File

@@ -1,30 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Bootstrap < Test::Unit::TestCase
def setup
$root_dir = "../../"
$:.unshift File.join( %w{ ../../ } )
BeEF::Core::Configuration.new("#{$root_dir}/config.yaml")
end
def teardown
$root_dir = nil
end
#
# Test the core is functional
#
def test_bootstrap
assert_nothing_raised do
require 'core/bootstrap'
end
end
end

29
test/unit/core/tc_core.rb
View File

@@ -1,29 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Core < Test::Unit::TestCase
def setup
$root_dir = "../../"
$:.unshift File.join( %w{ ../../ } )
end
def teardown
$root_dir = nil
end
#
# Test the core is functional
#
def test_core
assert_nothing_raised do
require 'core/core'
end
end
end

61
test/unit/core/tc_extensions.rb
View File

@@ -1,61 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Extensions < Test::Unit::TestCase
def setup
$:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.'))
$root_dir = File.expand_path('../../../../', __FILE__)
end
#
# Test that extensions are loading properly
#
def test_extensions
assert_nothing_raised do
BeEF::Extensions.load
end
enabled_extensions = BeEF::Core::Configuration.instance.get('beef.extension').select {|k,v|
v['enable'] == true
}
enabled_extensions.each do |k,v|
assert(v.has_key?('name'))
assert(v.has_key?('enable'))
assert(v.has_key?('loaded'))
end
enabled_extensions.each do |k,v|
assert(v['loaded'], 'Extension is enabled but was not loaded')
end
end
def test_safe_client_debug_log
Dir['../../extensions/**/*.js'].each do |path|
next if /extensions\/admin_ui/.match(path) # skip this directory
next unless File.file?(path)
File.open(path) do |f|
f.grep(/\bconsole\.log\W*\(/m) do |line|
assert(false, "Function 'console.log' used instead of 'beef.debug' in extension: " + path + ':' + line)
end
end
end
end
def test_safe_variable_decleration
Dir['../../extensions/**/*.js'].each do |path|
next unless File.file?(path)
File.open(path) do |f|
f.grep(/\blet\W+[a-zA-Z0-9_\.]+\W*=/) do |line|
assert(false, "Variable decleration with 'let' used instead of 'var' in extension: " + path + ':' + line)
end
end
end
end
end

28
test/unit/core/tc_loader.rb
View File

@@ -1,28 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Loader < Test::Unit::TestCase
def setup
$root_dir = "../../"
$:.unshift File.join( %w{ ../../ } )
end
def teardown
$root_dir = nil
end
#
# Test the loader is functional
#
def test_loader
assert_nothing_raised do
require 'core/loader'
end
end
end

19
test/unit/core/tc_logger.rb
View File

@@ -1,19 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Logger < Test::Unit::TestCase
def setup
$:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.'))
$root_dir = File.expand_path('../../../../', __FILE__)
end
def test_logger
assert(true)
end
end

73
test/unit/core/tc_modules.rb
View File

@@ -1,73 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Modules < Test::Unit::TestCase
def setup
$:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.'))
$root_dir = File.expand_path('../../../../', __FILE__)
end
#
# Test that modules are loading properly
#
def test_modules
assert_nothing_raised do
BeEF::Modules.load
end
BeEF::Core::Configuration.instance.get('beef.module').select {|k,v| v['enable'] == true and v['category'] != nil }.each { |k,v|
assert((BeEF::Module.is_present(k)),"#{k} is not present in config - buh?")
}
BeEF::Core::Configuration.instance.get('beef.module').select {|k,v| v['enable'] == true and v['category'] != nil }.each { |k,v|
assert((BeEF::Module.is_enabled(k)),"#{k} is not enabled in config - ruhhh?")
}
assert_nothing_raised do
BeEF::Core::Configuration.instance.get('beef.module').select {|k,v| v['enable'] == true and v['category'] != nil }.each { |k,v|
BeEF::Module.hard_load(k)
}
end
BeEF::Core::Configuration.instance.get('beef.module').select {|k,v| v['enable'] == true and v['category'] != nil }.each { |k,v|
assert((BeEF::Module.is_loaded(k)), "#{k} is not loaded - even though it should be - rut roh?")
}
BeEF::Core::Configuration.instance.get('beef.module').select {|k,v| v['enable'] == true and v['category'] != nil }.each { |k,v|
BeEF::Core::Configuration.instance.get('beef.module.'+k+'.target').each { |t,tt|
if tt.class == Array
assert_not_equal(tt.length,0,"#{k} does not have valid TARGET configuration")
end
}
}
end
def test_safe_client_debug_log
Dir['../../modules/**/*.js'].each do |path|
next unless File.file?(path)
File.open(path) do |f|
f.grep(/\bconsole\.log\W*\(/m) do |line|
assert(false, "Function 'console.log' used instead of 'beef.debug' in command module: " + path + ':' + line)
end
end
end
end
def test_safe_variable_decleration
Dir['../../modules/**/*.js'].each do |path|
next unless File.file?(path)
File.open(path) do |f|
f.grep(/\blet\W+[a-zA-Z0-9_\.]+\W*=/) do |line|
assert(false, "Variable decleration with 'let' used instead of 'var' in command module: " + path + ':' + line)
end
end
end
end
end

19
test/unit/core/tc_obfuscation.rb
View File

@@ -1,19 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Obfuscation < Test::Unit::TestCase
def setup
$:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.'))
$root_dir = File.expand_path('../../../../', __FILE__)
end
def test_obfuscation
assert(true)
end
end

19
test/unit/core/tc_social_engineering.rb
View File

@@ -1,19 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_SocialEngineering < Test::Unit::TestCase
def setup
$:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.'))
$root_dir = File.expand_path('../../../../', __FILE__)
end
def test_social_engineering
assert(true)
end
end

46
test/unit/extensions/tc_console.rb
View File

@@ -1,46 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Console < Test::Unit::TestCase
class << self
def startup
$root_dir = '../../'
$:.unshift(File.expand_path($root_dir))
# load extension
require 'extensions/console/extension'
# load config
BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml'))
config = BeEF::Core::Configuration.instance
config.load_extensions_config
@@console_config = config.get('beef.extension.console')
@@console_config_shell = config.get('beef.extension.console.shell')
end
def shutdown
$root_dir = nil
end
end
# Connects to in-memory database (does not test anything)
def test_01_database
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
end
# Checks for required settings in config file
def test_02_config
assert(@@console_config.has_key?('enable'))
assert(@@console_config_shell.has_key?('historyfolder'))
assert(@@console_config_shell.has_key?('historyfile'))
end
end

359
test/unit/extensions/tc_dns.rb
View File

@@ -1,359 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
require 'resolv'
class TC_Dns < Test::Unit::TestCase
IN = Resolv::DNS::Resource::IN
class << self
def startup
$root_dir = '../../'
$:.unshift(File.expand_path($root_dir))
require 'extensions/dns/extension'
BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml'))
@@config = BeEF::Core::Configuration.instance
@@config.load_extensions_config
@@dns_config = @@config.get('beef.extension.dns')
@@dns = BeEF::Extension::Dns::Server.instance
end
def shutdown
$root_dir = nil
end
end
# Connects to in-memory database (does not test anything)
def test_01_database
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
end
# Checks for required settings in config file
def test_02_config
assert(@@dns_config.has_key?('protocol'))
assert(@@dns_config.has_key?('address'))
assert(@@dns_config.has_key?('port'))
assert(@@dns_config.has_key?('upstream'))
end
# Verifies public interface
def test_03_interface
assert_respond_to(@@dns, :add_rule)
assert_respond_to(@@dns, :get_rule)
assert_respond_to(@@dns, :remove_rule!)
assert_respond_to(@@dns, :get_ruleset)
assert_respond_to(@@dns, :remove_ruleset!)
end
# Tests procedure for properly adding new DNS rules
def test_04_add_rule_good
id = nil
response = '1.2.3.4'
assert_nothing_raised do
id = @@dns.add_rule(
:pattern => 'foo.bar',
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
end
assert_not_nil(id)
id = nil
response = '9.9.9.9'
assert_nothing_raised do
id = @@dns.add_rule(
:pattern => %r{i\.(love|hate)\.beef\.com?},
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
end
assert_not_nil(id)
domains = %w(
i.hate.beef.com
i.love.beef.com
i.love.beef.co
i.love.beef.co )
assert_nothing_raised do
domains.each do |domain|
id = @@dns.add_rule(
:pattern => %r{i\.(love|hate)\.beef\.com?},
:resource => IN::A,
:response => domain ) do |transaction|
transaction.respond!(domain)
end
assert_not_nil(id)
end
end
end
# Tests addition of new rules with invalid parameters
def test_05_add_rule_bad
id = nil
same_id = nil
pattern = 'j.random.hacker'
response = '4.2.4.2'
# Add the same rule twice
assert_nothing_raised do
id = @@dns.add_rule(
:pattern => pattern,
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
end
assert_nothing_raised do
same_id = @@dns.add_rule(
:pattern => pattern,
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
end
assert_equal(id, same_id)
end
# Verifies the proper format for rule identifiers
def test_06_id_format
pattern = 'dead.beef'
response = '2.2.2.2'
id = nil
assert_nothing_raised do
id = @@dns.add_rule(
:pattern => pattern,
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
end
assert_equal(8, id.length)
assert_not_nil(id =~ /^\h{8}$/)
end
# Tests retrieval of valid DNS rules
def test_07_get_rule_good
pattern = 'be.ef'
response = '1.1.1.1'
id = nil
assert_nothing_raised do
id = @@dns.add_rule(
:pattern => pattern,
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
end
rule = @@dns.get_rule(id)
assert_equal(Hash, rule.class)
assert(rule.length > 0)
assert(rule.has_key?(:id))
assert(rule.has_key?(:pattern))
assert(rule.has_key?(:resource))
assert(rule.has_key?(:response))
assert_equal(id, rule[:id])
assert_equal('be.ef', rule[:pattern])
assert_equal('A', rule[:resource])
assert_equal(Array, rule[:response].class)
assert(rule[:response].length > 0)
assert_equal(response, rule[:response][0])
end
# Tests retrieval of invalid DNS rules
def test_08_get_rule_bad
rule = @@dns.get_rule(42)
assert_equal(nil, rule)
end
# Tests the removal of existing DNS rules
def test_09_remove_rule_good
pattern = 'hack.the.gibson'
response = '1.9.9.5'
id = nil
assert_nothing_raised do
id = @@dns.add_rule(
:pattern => pattern,
:resource => IN::A,
:response => [response] ) do |transaction|
transaction.respond!(response)
end
end
removed = @@dns.remove_rule!(id)
assert(removed)
end
# Tests the removal of unknown DNS rules
def test_10_remove_rule_bad
removed = @@dns.remove_rule!(42)
assert(!removed)
end
# Tests the retrieval of the entire DNS ruleset
def test_11_get_ruleset
ruleset = @@dns.get_ruleset
ruleset.sort! { |a, b| a[:pattern] <=> b[:pattern] }
assert_equal(Array, ruleset.class)
assert_equal(5, ruleset.length)
check_rule(ruleset[0], {:pattern => 'be.ef',
:resource => 'A',
:response => '1.1.1.1' })
check_rule(ruleset[1], {:pattern => 'dead.beef',
:resource => 'A',
:response => '2.2.2.2' })
check_rule(ruleset[2], {:pattern => 'foo.bar',
:resource => 'A',
:response => '1.2.3.4' })
check_rule(ruleset[3], {:pattern => 'i\.(love|hate)\.beef\.com?',
:resource => 'A',
:response => '9.9.9.9' })
check_rule(ruleset[4], {:pattern => 'j.random.hacker',
:resource => 'A',
:response => '4.2.4.2' })
end
# Tests the removal of the entire DNS ruleset
def test_12_remove_ruleset
removed = @@dns.remove_ruleset!
ruleset = @@dns.get_ruleset
assert(removed)
assert_equal(0, ruleset.length)
end
# Tests each supported type of query failure
def test_13_failure_types
begin
id = @@dns.add_rule(
:pattern => 'noerror.beef.com',
:resource => IN::A,
:response => ['1.2.3.4'] ) do |transaction|
transaction.failure!(:NoError)
end
#check_failure_status(id, :NoError)
end
begin
id = @@dns.add_rule(
:pattern => 'formerr.beef.com',
:resource => IN::A,
:response => ['1.2.3.4'] ) do |transaction|
transaction.failure!(:FormErr)
end
#check_failure_status(id, :FormErr)
end
begin
id = @@dns.add_rule(
:pattern => 'servfail.beef.com',
:resource => IN::A,
:response => ['1.2.3.4'] ) do |transaction|
transaction.failure!(:ServFail)
end
#check_failure_status(id, :ServFail)
end
begin
id = @@dns.add_rule(
:pattern => 'nxdomain.beef.com',
:resource => IN::A,
:response => ['1.2.3.4'] ) do |transaction|
transaction.failure!(:NXDomain)
end
#check_failure_status(id, :NXDomain)
end
begin
id = @@dns.add_rule(
:pattern => 'notimp.beef.com',
:resource => IN::A,
:response => ['1.2.3.4'] ) do |transaction|
transaction.failure!(:NotImp)
end
#check_failure_status(id, :NotImp)
end
begin
id = @@dns.add_rule(
:pattern => 'refused.beef.com',
:resource => IN::A,
:response => ['1.2.3.4'] ) do |transaction|
transaction.failure!(:Refused)
end
#check_failure_status(id, :Refused)
end
begin
id = @@dns.add_rule(
:pattern => 'notauth.beef.com',
:resource => IN::A,
:response => ['1.2.3.4'] ) do |transaction|
transaction.failure!(:NotAuth)
end
#check_failure_status(id, :NotAuth)
end
end
private
# Compares each key in hash 'rule' with the respective key in hash 'expected'
def check_rule(rule, expected = {})
assert_equal(expected[:pattern], rule[:pattern])
assert_equal(expected[:resource], rule[:resource])
assert_equal(expected[:response], rule[:response][0])
end
# Confirms that a query for the rule given in 'id' returns a 'resource' failure status
def check_failure_status(id, resource)
rule = @@dns.get_rule(id)
status = resource.to_s.force_encoding('UTF-8').upcase
assert_equal(status, rule[:response][0])
check_dns_response(/status: #{status}/, rule[:resource], rule[:pattern])
end
# Compares output of dig command against regex
def check_dns_response(regex, type, pattern)
address = @@config.get('beef.extension.dns.address')
port = @@config.get('beef.extension.dns.port')
dig_output = IO.popen(["dig", "@#{address}", "-p", "#{port}", "-t", "#{type}", "#{pattern}"], 'r+').read
assert_match(regex, dig_output)
end
end
# Suppresses unnecessary output from RubyDNS
module Kernel
def puts(*args)
;
end
end

22
test/unit/extensions/tc_event_logger.rb
View File

@@ -1,22 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_EventLogger < Test::Unit::TestCase
def setup
$:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.'))
$root_dir = File.expand_path('../../../../', __FILE__)
end
def test_event_logger
assert(true)
end
def test_no_params
assert(true)
end
end

19
test/unit/extensions/tc_hooks.rb
View File

@@ -1,19 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Hooks < Test::Unit::TestCase
def setup
$:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.'))
$root_dir = File.expand_path('../../../../', __FILE__)
end
def test_hooks
assert(true)
end
end

49
test/unit/extensions/tc_ipec_tunnel.rb
View File

@@ -1,49 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_IpecTunnel < Test::Unit::TestCase
class << self
def startup
$root_dir = '../../'
$:.unshift(File.expand_path($root_dir))
# load extension
require 'extensions/ipec/extension'
# load config
BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml'))
config = BeEF::Core::Configuration.instance
config.load_extensions_config
@@ipec_config = config.get('beef.extension.ipec')
end
def shutdown
$root_dir = nil
end
end
# Connects to in-memory database (does not test anything)
def test_01_database
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
end
# Checks for required settings in config file
def test_02_config
assert(@@ipec_config.has_key?('enable'))
end
# Verifies public interface
def test_03_interface
@@ipec_junk_calc = BeEF::Extension::Ipec::JunkCalculator.instance
assert_respond_to(@@ipec_junk_calc, :bind_junk_calculator)
end
end

44
test/unit/extensions/tc_network.rb
View File

@@ -1,44 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Network < Test::Unit::TestCase
def setup
$:.unshift(File.join(File.expand_path(File.dirname(__FILE__)), '.'))
$root_dir = File.expand_path('../../../../', __FILE__)
require 'extensions/network/models/network_service'
require 'extensions/network/models/network_host'
end
def shutdown
$root_dir = nil
end
# Connects to in-memory database (does not test anything)
def test_01_database
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
end
# Tests procedure for properly adding new host
def test_02_add_host_good
assert_nothing_raised do
BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => '1234', :ip => '127.0.0.1')
raise "Adding network host failed" if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => '1234', :ip => '127.0.0.1').empty?
end
end
# Tests procedure for properly adding new service
def test_03_add_service_good
assert_nothing_raised do
BeEF::Core::Models::NetworkService.add(:hooked_browser_id => '1234', :proto => 'http', :ip => '127.0.0.1', :port => 80, :type => 'Apache')
raise "Adding network service failed" if BeEF::Core::Models::NetworkService.all(:hooked_browser_id => '1234', :ip => '127.0.0.1').empty?
end
end
end

47
test/unit/extensions/tc_proxy.rb
View File

@@ -1,47 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Proxy < Test::Unit::TestCase
class << self
def startup
$root_dir = '../../'
$:.unshift(File.expand_path($root_dir))
# load extension
require 'extensions/proxy/extension'
# load config
BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml'))
config = BeEF::Core::Configuration.instance
config.load_extensions_config
@@proxy_config = config.get('beef.extension.proxy')
end
def shutdown
$root_dir = nil
end
end
# Connects to in-memory database (does not test anything)
def test_01_database
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
end
# Checks for required settings in config file
def test_02_config
assert(@@proxy_config.has_key?('enable'))
assert(@@proxy_config.has_key?('address'))
assert(@@proxy_config.has_key?('port'))
assert(@@proxy_config.has_key?('key'))
assert(@@proxy_config.has_key?('cert'))
end
end

46
test/unit/extensions/tc_qrcode.rb
View File

@@ -1,46 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Qrcode < Test::Unit::TestCase
class << self
def startup
$root_dir = '../../'
$:.unshift(File.expand_path($root_dir))
# load extension
require 'extensions/qrcode/extension'
# load config
BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml'))
config = BeEF::Core::Configuration.instance
config.load_extensions_config
@@qrcode_config = config.get('beef.extension.qrcode')
end
def shutdown
$root_dir = nil
end
end
# Connects to in-memory database (does not test anything)
def test_01_database
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
end
# Checks for required settings in config file
def test_02_config
assert(@@qrcode_config.has_key?('enable'))
assert(@@qrcode_config.has_key?('targets'))
assert(@@qrcode_config.has_key?('qrsize'))
assert(@@qrcode_config.has_key?('qrborder'))
end
end

51
test/unit/extensions/tc_requester.rb
View File

@@ -1,51 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Requester < Test::Unit::TestCase
class << self
def startup
$root_dir = '../../'
$:.unshift(File.expand_path($root_dir))
# load extension
require 'extensions/requester/extension'
# load config
BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml'))
config = BeEF::Core::Configuration.instance
config.load_extensions_config
@@requester_config = config.get('beef.extension.requester')
end
def shutdown
$root_dir = nil
end
end
# Connects to in-memory database (does not test anything)
def test_01_database
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
end
# Checks for required settings in config file
def test_02_config
assert(@@requester_config.has_key?('enable'))
end
# Verifies public interface
def test_03_interface
@@requester = BeEF::Extension::Requester::API::Hook.new
assert_respond_to(@@requester, :requester_run)
assert_respond_to(@@requester, :add_to_body)
assert_respond_to(@@requester, :requester_parse_db_request)
end
end

45
test/unit/extensions/tc_webrtc.rb
View File

@@ -1,45 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Webrtc < Test::Unit::TestCase
class << self
def startup
$root_dir = '../../'
$:.unshift(File.expand_path($root_dir))
# load extension
require 'extensions/webrtc/extension'
# load config
BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml'))
config = BeEF::Core::Configuration.instance
config.load_extensions_config
@@webrtc_config = config.get('beef.extension.webrtc')
end
def shutdown
$root_dir = nil
end
end
# Connects to in-memory database (does not test anything)
def test_01_database
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
end
# Checks for required settings in config file
def test_02_config
assert(@@webrtc_config.has_key?('enable'))
assert(@@webrtc_config.has_key?('stunservers'))
assert(@@webrtc_config.has_key?('turnservers'))
end
end

52
test/unit/extensions/tc_xssrays.rb
View File

@@ -1,52 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_XssRays < Test::Unit::TestCase
class << self
def startup
$root_dir = '../../'
$:.unshift(File.expand_path($root_dir))
# load extension
require 'extensions/xssrays/extension'
# load config
BeEF::Core::Configuration.new(File.join($root_dir, 'config.yaml'))
config = BeEF::Core::Configuration.instance
config.load_extensions_config
@@xssrays_config = config.get('beef.extension.xssrays')
end
def shutdown
$root_dir = nil
end
end
# Connects to in-memory database (does not test anything)
def test_01_database
DataMapper.setup(:default, 'sqlite3::memory:')
DataMapper.auto_migrate!
end
# Checks for required settings in config file
def test_02_config
assert(@@xssrays_config.has_key?('enable'))
assert(@@xssrays_config.has_key?('clean_timeout'))
assert(@@xssrays_config.has_key?('cross_domain'))
end
# Verifies public interface
def test_03_interface
@@xssrays = BeEF::Extension::Xssrays::API::Scan.new
assert_respond_to(@@xssrays, :start_scan)
assert_respond_to(@@xssrays, :add_to_body)
end
end

52
test/unit/tc_filesystem.rb
View File

@@ -1,52 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
require 'yaml'
class TC_Filesystem < Test::Unit::TestCase
def setup
$root_dir="../../"
$:.unshift File.join( %w{ ../../ } )
end
def basic_file_test(test_file)
assert((File.file?(test_file)), "The file does not exist: " + test_file)
assert((not File.zero?(test_file)), "The file is empty: " + test_file)
end
#
# Test the consistancy of the filesystem
#
def test_beef_file
test_file = '../../beef'
basic_file_test(test_file)
assert((File.executable?(test_file)), "The file is not executable: " + test_file)
end
def test_config_file
test_file = '../../config.yaml'
user_cred=YAML.load_file(test_file)
x= user_cred['beef']['credentials']
assert_equal({"passwd"=>"beef", "user"=>"beef"}, x, 'The default creds are not set' )
end
def test_install_file
test_file = '../../install'
basic_file_test(test_file)
end
def test_main_directories_exist
assert(File.executable?('../../core'))
assert(File.executable?('../../modules'))
assert(File.executable?('../../extensions'))
end
end

24
test/unit/tc_grep.rb
View File

@@ -1,24 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_Grep < Test::Unit::TestCase
def test_grep_eval
Dir['../../**/*.rb'].each do |path|
File.open(path) do |f|
next if /tc_grep.rb/.match(path) # skip this file
next if /\/msf-test\//.match(path) # skip this file
next if /extensions\/dns/.match(path) # skip this file
f.grep(/\Weval\W/im) do |line|
assert(false, "Illegal use of 'eval' in framework: " + path + ':' + line)
end
end
end
end
end

75
test/unit/ts_unit.rb
View File

@@ -1,75 +0,0 @@
#
# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
# Common lib for BeEF tests
require '../common/ts_common'
require './core/filter/tc_base'
require './core/filter/tc_command'
require './core/main/network_stack/handlers/dynamicreconstruction'
require './core/main/network_stack/handlers/redirector'
require './core/tc_loader'
require './core/tc_core'
require './core/tc_api'
require './core/tc_bootstrap'
require './core/tc_modules'
require './core/tc_extensions'
require './core/tc_social_engineering'
require './core/tc_autorun'
require './core/tc_obfuscation'
require './core/tc_logger'
require './core/main/models/tc_browserdetails'
require './extensions/tc_xssrays'
require './extensions/tc_ipec_tunnel'
require './extensions/tc_hooks'
require './extensions/tc_proxy'
require './extensions/tc_requester'
require './extensions/tc_event_logger'
require './extensions/tc_network'
require './extensions/tc_qrcode'
require './extensions/tc_console'
require './extensions/tc_webrtc'
require './extensions/tc_dns'
require './tc_grep'
require './tc_filesystem'
class TS_BeefTests
def self.suite
suite = Test::Unit::TestSuite.new(name="BeEF Unit Test Suite")
suite << TC_Filter.suite
suite << TC_Loader.suite
suite << TC_Core.suite
suite << TC_Bootstrap.suite
suite << TC_Api.suite
suite << TC_Modules.suite
suite << TC_Extensions.suite
suite << TC_Filesystem.suite
suite << TC_Grep.suite
suite << TC_SocialEngineering.suite
suite << TC_Autorun.suite
suite << TC_XssRays.suite
suite << TC_Obfuscation.suite
suite << TC_Logger.suite
suite << TC_IpecTunnel.suite
suite << TC_Requester.suite
suite << TC_Proxy.suite
suite << TC_EventLogger.suite
suite << TC_Network.suite
suite << TC_Qrcode.suite
suite << TC_Hooks.suite
suite << TC_BrowserDetails.suite
suite << TC_Redirector.suite
suite << TC_DynamicReconstruction.suite
suite << TC_Console.suite
suite << TC_Webrtc.suite
suite << TC_Dns.suite
return suite
end
end
Test::Unit::UI::Console::TestRunner.run(TS_BeefTests)