Pulled api rate limit test to rspec

test/api/1333_auth_rate.rb

@@ -1,73 +0,0 @@
-#
-# Copyright (c) 2006-2017 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
-# See the file 'doc/COPYING' for copying permission
-#
-
-require 'test/unit'
-
-#require 'pry-byebug'
-require 'rest-client'
-require 'json'
-require 'optparse'
-require 'pp'
-
-require '../common/test_constants'
-require_relative './lib/beef_rest_client'
-
-class TC_1333_auth_rate < Test::Unit::TestCase
-
-  def test_auth_rate
-    # tests rate of auth calls
-    # this takes some time - with no output
-    # beef must be running
-
-    passwds = (1..9).map { |i| "broken_pass"}
-    passwds.push BEEF_PASSWD
-    apis = passwds.map { |pswd| BeefRestClient.new('http', ATTACK_DOMAIN, '3000', BEEF_USER, pswd) }
-    l = apis.length
-
-    # t0 = Time.now()
-
-
-    (0..2).each do |again|      # multiple sets of auth attempts
-      # first pass -- apis in order, valid passwd on 9th attempt
-      # subsequent passes apis shuffled
-
-      # puts "speed requesets"    # all should return 401
-      (0..50).each do |i|
-        # t = Time.now()
-        # puts "#{i} : #{t - t0} : #{apis[i%l].auth()[:payload]}"
-
-        test_api = apis[i%l]
-        assert_match("401", test_api.auth()[:payload]) # all (unless the valid is first 1 in 10 chance)
-
-        # t0 = t
-      end
-
-      # again with more time between calls -- there should be success (1st iteration)
-      # puts "delayed requests"
-      (0..(l*2)).each do |i|
-        # t = Time.now()
-        # puts "#{i} : #{t - t0} : #{apis[i%l].auth()[:payload]}"
-
-        test_api = apis[i%l]
-        if (test_api.is_pass?(BEEF_PASSWD))
-          assert(test_api.auth()[:payload]["success"]) # valid pass should succeed
-        else
-          assert_match("401", test_api.auth()[:payload])
-        end
-
-        sleep(0.5)
-        # t0 = t
-      end
-
-      apis.shuffle! # new order for next iteration
-      apis.reverse if (apis[0].is_pass?(BEEF_PASSWD)) # prevent the first from having valid passwd
-
-    end                         # multiple sets of auth attempts
-
-  end                           # test_auth_rate
-
-
-end

test/api/lib/beef_rest_client.rb

@@ -1,49 +0,0 @@
-#
-# Copyright (c) 2006-2017 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
-# See the file 'doc/COPYING' for copying permission
-#
-# less noisy verson of BeeRestAPI found in tools.
-class BeefRestClient
-  def initialize proto, host, port, user, pass
-    @user = user
-    @pass = pass
-    @url = "#{proto}://#{host}:#{port}/api/"
-    @token = nil
-  end
-
-
-  def is_pass?(passwd)
-    @pass == passwd
-  end
-
-
-  def auth
-    begin
-      response = RestClient.post "#{@url}admin/login",
-                                 { 'username' => "#{@user}",
-                                   'password' => "#{@pass}" }.to_json,
-                                 :content_type => :json,
-                                 :accept => :json
-      result = JSON.parse(response.body)
-      @token = result['token']
-      {:success => result['success'], :payload => result}
-    rescue => e
-      {:success => false, :payload => e.message }
-    end
-  end
-
-
-  def version
-    return {:success => false, :payload => 'no token'} if @token.nil?
-    begin
-      response = RestClient.get "#{@url}server/version", {:params => {:token => @token}}
-      result = JSON.parse(response.body)
-
-      {:success => result['success'], :payload => result}
-    rescue => e
-      print_error "Could not retrieve BeEF version: #{e.message}"
-      {:success => false, :payload => e.message}
-    end
-  end
-end