Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add smb acceptance tests #19066

Merged
merged 2 commits into from
Apr 19, 2024
Merged

Add smb acceptance tests #19066

merged 2 commits into from
Apr 19, 2024

Conversation

sjanusz-r7
Copy link
Contributor

@sjanusz-r7 sjanusz-r7 commented Apr 8, 2024
edited
Loading

This PR adds automated acceptance tests for SMB session & modules.

The steps for running the Docker container are:

cd test/smb
docker compose build
docker compose up -d --wait
SMB_USERNAME=acceptance_tests_user SMB_PASSWORD=acceptance_tests_password SPEC_OPTS='--tag acceptance' SPEC_HELPER_LOAD_METASPLOIT=false bundle exec rspec ../../spec/acceptance/smb_spec.rb
docker compose down
Module Name Tests Implemented Against Docker?
auxiliary/admin/dcerpc/icpr_cert Skipped
auxiliary/admin/dcerpc/samr_computer Skipped
auxiliary/admin/smb/delete_file Skipped - Needs options passed in
auxiliary/admin/smb/download_file Skipped - Needs options passed in
auxiliary/admin/smb/psexec_ntdsgrab Skipped - Needs options passed in
auxiliary/admin/smb/upload_file Skipped - Needs options passed in
auxiliary/gather/windows_secrets_dump Skipped - Not Applicable to Docker
auxiliary/scanner/smb/pipe_auditor
auxiliary/scanner/smb/pipe_dcerpc_auditor Skipped
auxiliary/scanner/smb/smb_enum_gpp Not applicable to docker
auxiliary/scanner/smb/smb_enumshares
auxiliary/scanner/smb/smb_enumusers Skipped - Flaky, Time out/broken pipe, needs to be refactored to use RubySMB
auxiliary/scanner/smb/smb_enumusers_domain Not applicable to Docker
auxiliary/scanner/smb/smb_lookupsid Skipped - Flaky, needs to be refactored to use RubySMB
exploit/windows/smb/psexec Not applicable to Docker

Leaving in draft for now until the RubySMB timeout issue gets resolved.

Note: Trying to sudo docker build . in a Kali VM results in:

Sending build context to Docker daemon  13.82kB
Error response from daemon: dockerfile parse error line 27: unknown instruction: ACCEPTANCE_TESTS_PASSWORD

Verification

List the steps needed to make sure this thing works

  • Run the attached Docker container
  • SMB_USERNAME=acceptance_tests_user SMB_PASSWORD=acceptance_tests_password SPEC_OPTS='--tag acceptance' SPEC_HELPER_LOAD_METASPLOIT=false bundle exec rspec ./spec/acceptance/smb_spec.rb

adfoster-r7
adfoster-r7 reviewed Apr 8, 2024
View reviewed changes
test/smb/Dockerfile Outdated Show resolved Hide resolved
@sjanusz-r7 sjanusz-r7 force-pushed the add-smb-acceptance-tests branch 2 times, most recently from 07bebd8 to cdce3b7 Compare April 10, 2024 02:12
adfoster-r7
adfoster-r7 reviewed Apr 19, 2024
View reviewed changes
spec/acceptance/smb_spec.rb Outdated
Comment on lines 31 to 96
{
name: "auxiliary/scanner/smb/smb_lookupsid",
platforms: [:linux, :osx, :windows],
targets: [:session, :rhost],
skipped: false,
lines: {
all: {
required: [
"GROUP=None",
"USER=nobody",
"PIPE(LSARPC) LOCAL",
],
},
}
},
{
name: "auxiliary/scanner/smb/pipe_auditor",
platforms: [:linux, :osx, :windows],
targets: [:session, :rhost],
skipped: false,
lines: {
all: {
required: [
/Pipes: (\\([a-zA-Z]*)(, )?)*/,
],
known_failures: [
/Inaccessible named pipe:/,
/The server responded with an unexpected status code: STATUS_OBJECT_NAME_NOT_FOUND/,
]
},
}
},
{
name: "auxiliary/scanner/smb/smb_enumshares",
platforms: [:linux, :osx, :windows],
targets: [:session, :rhost],
skipped: false,
lines: {
all: {
required: [
"modifiable - (DISK)",
"readonly - (DISK)",
"IPC$ - (IPC|SPECIAL) IPC Service",
],
},
}
},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If these are flakey because we need to update them to use ruby_smb, we can comment them out for now - and as we migrate modules to use ruby_smb we can bring back these tests as part of the ruby_smb support PR

adfoster-r7
adfoster-r7 reviewed Apr 19, 2024
View reviewed changes
test/modules/post/test/smb.rb
end

ret = true
ret &&= stdout.buf.include?('recursive')
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not a blocker; these tests will be quite rigid - I wouldn't be able to run these tests against an arbitrary server for instance

@sjanusz-r7 sjanusz-r7 marked this pull request as ready for review April 19, 2024 12:02
@adfoster-r7 adfoster-r7 merged commit 7e25088 into rapid7:master Apr 19, 2024
61 checks passed
@adfoster-r7 adfoster-r7 added the rn-enhancement release notes enhancement label Apr 19, 2024
@adfoster-r7
Copy link
Contributor

Release Notes

Adds automated tests for multiple SMB modules

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adfoster-r7 adfoster-r7 adfoster-r7 left review comments

Assignees
No one assigned
Labels
rn-enhancement release notes enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sjanusz-r7 @adfoster-r7