Merge branch 'port-tests' into dependabot/bundler/net-smtp-0.5.0

beefproject · Mar 27, 2024 · 3a2e111 · 3a2e111
2 parents 5f7d5e8 + 6c960ea
commit 3a2e111
Show file tree

Hide file tree

Showing 18 changed files with 288 additions and 58 deletions.
diff --git a/spec/beef/core/main/command_spec.rb b/spec/beef/core/main/command_spec.rb
@@ -1,9 +1,4 @@
 RSpec.describe 'BeEF Command class testing' do
-  before(:each) do
-    # Reset or re-initialise the configuration to a default state
-    # @config_instance = BeEF::Core::Configuration.instance  
-  end
-
   it 'should return a beef configuration variable' do
     expect {
       BeEF::Modules.load if BeEF::Core::Configuration.instance.get('beef.module').nil?

diff --git a/spec/beef/extensions/adminui_spec.rb b/spec/beef/extensions/adminui_spec.rb
@@ -1,7 +1,8 @@
-# 
-# Tests for handling access to the Admin UI
-# 
-
+#
+# Copyright (c) 2006-2024 Wade Alcorn - [email protected]
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
 require 'extensions/admin_ui/classes/httpcontroller'
 require 'extensions/admin_ui/classes/session'
 require 'extensions/admin_ui/controllers/authentication/authentication'

diff --git a/spec/beef/extensions/dns_spec.rb b/spec/beef/extensions/dns_spec.rb
@@ -1,3 +1,8 @@
+#
+# Copyright (c) 2006-2024 Wade Alcorn - [email protected]
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
 require 'resolv'
 require 'extensions/dns/extension.rb'
 

diff --git a/spec/beef/extensions/network_spec.rb b/spec/beef/extensions/network_spec.rb
@@ -1,3 +1,8 @@
+#
+# Copyright (c) 2006-2024 Wade Alcorn - [email protected]
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
 require 'extensions/network/models/network_service'
 require 'extensions/network/models/network_host'
 

diff --git a/spec/beef/extensions/proxy_spec.rb b/spec/beef/extensions/proxy_spec.rb
@@ -1,3 +1,8 @@
+#
+# Copyright (c) 2006-2024 Wade Alcorn - [email protected]
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
 require 'extensions/proxy/extension'
 
 RSpec.describe 'BeEF Extension Proxy' do

diff --git a/spec/beef/extensions/qrcode_spec.rb b/spec/beef/extensions/qrcode_spec.rb
@@ -1,3 +1,8 @@
+#
+# Copyright (c) 2006-2024 Wade Alcorn - [email protected]
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
 require 'extensions/qrcode/extension'
 
 RSpec.describe 'BeEF Extension QRCode' do

diff --git a/spec/beef/extensions/requester_spec.rb b/spec/beef/extensions/requester_spec.rb
@@ -1,5 +1,10 @@
 require 'extensions/requester/extension'
 
+#
+# Copyright (c) 2006-2024 Wade Alcorn - [email protected]
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
 RSpec.describe 'BeEF Extension Requester' do
   before(:all) do
     @config = BeEF::Core::Configuration.instance

diff --git a/spec/beef/extensions/social_engineering_spec.rb b/spec/beef/extensions/social_engineering_spec.rb
@@ -1,3 +1,8 @@
+#
+# Copyright (c) 2006-2024 Wade Alcorn - [email protected]
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
 require 'extensions/social_engineering/models/web_cloner'
 require 'extensions/social_engineering/web_cloner/web_cloner'
 require 'extensions/social_engineering/web_cloner/interceptor'

diff --git a/spec/beef/extensions/webrtc_spec.rb b/spec/beef/extensions/webrtc_spec.rb
@@ -1,5 +1,10 @@
 require 'rest-client'
 
+#
+# Copyright (c) 2006-2024 Wade Alcorn - [email protected]
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
 RSpec.describe 'BeEF Extension WebRTC' do
   before(:all) do
     @config = BeEF::Core::Configuration.instance

diff --git a/spec/beef/extensions/websocket_hooked_browser_spec.rb b/spec/beef/extensions/websocket_hooked_browser_spec.rb
@@ -3,7 +3,6 @@
 # Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
-
 require 'rest-client'
 require 'json'
 require_relative '../../spec_helper'

diff --git a/spec/beef/extensions/websocket_spec.rb b/spec/beef/extensions/websocket_spec.rb
@@ -1,3 +1,8 @@
+#
+# Copyright (c) 2006-2024 Wade Alcorn - [email protected]
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
 require 'rest-client'
 require 'core/main/network_stack/websocket/websocket'
 require 'websocket-client-simple'

diff --git a/spec/beef/extensions/xssrays_spec.rb b/spec/beef/extensions/xssrays_spec.rb
@@ -1,3 +1,9 @@
+
+#
+# Copyright (c) 2006-2024 Wade Alcorn - [email protected]
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
 require 'extensions/xssrays/extension'
 
 RSpec.describe 'BeEF Extension XSSRays' do

diff --git a/spec/requests/beef_test_spec.rb b/spec/requests/beef_test_spec.rb
@@ -0,0 +1,114 @@
+#
+# Copyright (c) 2006-2024 Wade Alcorn - [email protected]
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+require 'spec_helper'
+require 'capybara/rspec'
+require_relative '../support/beef_test'
+
+RSpec.describe BeefTest do
+
+    before(:each) do
+        @pid = start_beef_server_and_wait
+    end
+
+    after(:each) do
+        # Shutting down server
+        Process.kill("KILL", @pid) unless @pid.nil?
+        Process.wait(@pid) unless @pid.nil? # Ensure the process has exited and the port is released 
+        @pid = nil        
+    end
+
+    describe '.login' do
+        it 'logs in successfully' do
+            expect(port_available?) # Check if the tcp port is open
+            session = BeefTest.login()
+            expect(session).not_to be_nil
+            expect(session.has_content?('Hooked Browsers', wait: 10))
+        end
+    end
+
+    describe '.logout' do
+        before(:each) do
+            expect(port_available?) # # Check if the tcp port is open
+            @session = BeefTest.login() # Ensure login before each '.logout' test
+            expect(@session.has_content?('Hooked Browsers', wait: 10))
+        end
+
+        it 'logs out successfully' do
+            expect(port_available?) # # Check if the tcp port is open
+            expect(@session.has_content?('Hooked Browsers', wait: 10))
+
+            # Log out of the session
+            @sessoin = BeefTest.logout(@session)
+            expect(@session.has_no_content?('Hooked Browsers', wait: 10))
+            expect(@session.has_content?('Authentication', wait: 10))
+        @session.reset_session!
+        end
+    end
+
+    describe '.save_screenshot' do
+        it 'saves a screenshot' do
+            session = Capybara::Session.new(:selenium_headless) if session.nil?
+
+            # Ensure the new directory does not exist
+            outputDir = '/tmp'
+            directory = "#{outputDir}/#{SecureRandom.hex}/"
+            expect(File.directory?(directory)).to be false
+
+            # Save the screenshot
+            BeefTest.save_screenshot(session, directory)
+
+            # Ensure the screenshot was saved
+            expect(File.directory?(directory)).to be true
+            screenshot_files = Dir.glob("#{directory}/*.png")
+            expect(screenshot_files.empty?).to be false
+
+            # Ensure the screenshot file is not empty and clean up
+            screenshot_files.each do |file|
+                expect(File.size(file)).to be > 0
+                File.delete(file)
+            end
+            expect(Dir.glob("#{directory}/*.png").empty?).to be true     
+
+            # Remove the directory
+            Dir.delete(directory)
+            expect(File.directory?(directory)).to be false
+        end
+    end
+
+    let(:session) { Capybara::Session.new(:selenium_headless) }
+    let(:victim) { Capybara::Session.new(:selenium_headless) }
+
+    describe '.new_attacker' do
+        it 'creates a new attacker session' do
+            # # Test setup
+            expect(session).not_to be_nil
+
+            result = BeefTest.new_attacker(session)
+
+            # Test assertions
+            expect(result).to eq(session)
+            expect(session.has_no_content?('Authentication', wait: 10))
+            expect(session.has_content?('Hooked Browsers', wait: 10))
+            session.reset_session!
+        end
+    end
+
+    describe '.new_victim' do
+        it 'creates a new victim session' do
+            # Test setup
+            allow(victim).to receive(:visit)
+            expect(victim).not_to be_nil
+
+            # Test execution
+            result = BeefTest.new_victim(victim)
+
+            # Test assertions
+            expect(victim).to have_received(:visit).with(VICTIM_URL)
+            expect(result).to eq(victim)
+            victim.reset_session!
+        end
+    end
+end
diff --git a/spec/requests/login_spec.rb b/spec/requests/login_spec.rb
@@ -0,0 +1,78 @@
+#
+# Copyright (c) 2006-2024 Wade Alcorn - [email protected]
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+require 'rspec'
+require 'spec/support/constants.rb'
+# require '../common/beef_test'
+
+RSpec.describe 'Beef Login' do
+  # let(:session) { Capybara::Session.new(:selenium_headless) }
+
+  # before(:each) do
+  #   session.visit(ATTACK_URL)
+  #   sleep 2.0
+  # end
+
+  # after(:each) do
+  #   BeefTest.save_screenshot(session)
+  #   session.driver.browser.close
+  # end
+
+  # it 'logs in successfully' do
+  #   session.fill_in 'user', with: BEEF_USER
+  #   session.fill_in 'pass', with: BEEF_PASSWD
+  #   session.click_button('Login')
+  #   sleep 10.0
+  #   expect(session).to have_content('Logout')
+  # end
+
+  # it 'logs out successfully' do
+  #   session.fill_in 'user', with: BEEF_USER
+  #   session.fill_in 'pass', with: BEEF_PASSWD
+  #   session.click_button('Login')
+  #   sleep 2.0
+  #   session.click_link('Logout')
+  #   sleep 2.0
+  #   expect(session).to have_title('BeEF Authentication')
+  # end
+
+  # it 'displays logs tab' do
+  #   session.fill_in 'user', with: BEEF_USER
+  #   session.fill_in 'pass', with: BEEF_PASSWD
+  #   session.click_button('Login')
+  #   sleep 2.0
+  #   session.click_on('Logs')
+  #   expect(session).to have_content('Logout')
+  #   expect(session).to have_content('Hooked Browsers')
+  #   expect(session).to have_content('Type')
+  #   expect(session).to have_content('Event')
+  #   expect(session).to have_content('Date')
+  #   expect(session).to have_content('Page')
+  #   expect(session).to have_content('User with ip 127.0.0.1 has successfully authenticated in the application')
+  # end
+
+  # it 'hooks a browser successfully' do
+  #   attacker = BeefTest.new_attacker
+  #   victim = BeefTest.new_victim
+
+  #   sleep 5.0
+
+  #   expect(attacker).to have_content(VICTIM_DOMAIN)
+  #   expect(attacker).to have_content('127.0.0.1')
+  #   attacker.click_on("127.0.0.1", match: :first)
+
+  #   sleep 1.0
+
+  #   expect(attacker).to have_content('Details')
+  #   expect(attacker).to have_content('Commands')
+
+  #   BeefTest.save_screenshot(attacker)
+  #   BeefTest.save_screenshot(victim)
+
+  #   BeefTest.logout(attacker)
+  #   attacker.driver.browser.close
+  #   victim.driver.browser.close
+  # end
+end
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
@@ -1,3 +1,8 @@
+#
+# Copyright (c) 2006-2024 Wade Alcorn - [email protected]
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
 require 'core/loader.rb'
 
 # @note We need to load variables that 'beef' usually does for us