Skip to content

Commit

Permalink
Refactors non_meterpreter to command_shell
Browse files Browse the repository at this point in the history
  • Loading branch information
cgranleese-r7 committed Aug 21, 2024
1 parent 79bc241 commit dd44de9
Show file tree
Hide file tree
Showing 10 changed files with 714 additions and 1,153 deletions.
220 changes: 220 additions & 0 deletions .github/workflows/command_shell_acceptance.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,220 @@
name: Acceptance

# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
#concurrency:
# group: ${{ github.ref }}-${{ github.workflow }}
# cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}

# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
permissions:
actions: none
checks: none
contents: none
deployments: none
id-token: none
issues: none
discussions: none
packages: none
pages: none
pull-requests: none
repository-projects: none
security-events: none
statuses: none

on:
workflow_dispatch:
inputs:
metasploitPayloadsCommit:
description: 'metasploit-payloads branch would like to test'
required: true
default: 'master'
mettleCommit:
description: 'mettle branch you would like to test'
required: true
default: 'master'
push:
branches-ignore:
- gh-pages
- metakitty
pull_request:
branches:
- '*'
paths:
- 'metsploit-framework.gemspec'
- 'Gemfile.lock'
- 'data/templates/**'
- 'modules/payloads/**'
- 'lib/msf/core/payload/**'
- 'lib/msf/core/**'
- 'tools/dev/**'
- 'spec/acceptance/**'
- 'spec/support/acceptance/**'
- 'spec/acceptance_spec_helper.rb'
- '.github/**'
# Example of running as a cron, to weed out flaky tests
# schedule:
# - cron: '*/15 * * * *'

jobs:
# Run all test individually, note there is a separate final job for aggregating the test results
test:
strategy:
fail-fast: false
matrix:
os:
- windows-2019
- ubuntu-20.04
ruby:
- 3.0.2
include:
# Powershell
- { command_shell: { name: powershell }, os: windows-2019 }
- { command_shell: { name: powershell }, os: windows-2022 }

# Linux
- { command_shell: { name: linux }, os: ubuntu-20.04 }

# CMD
- { command_shell: { name: cmd }, os: windows-2019 }
- { command_shell: { name: cmd }, os: windows-2022 }

runs-on: ${{ matrix.os }}

timeout-minutes: 50

env:
RAILS_ENV: test
HOST_RUNNER_IMAGE: ${{ matrix.os }}
COMMAND_SHELL: ${{ matrix.command_shell.name }}
COMMAND_SHELL_RUNTIME_VERSION: ${{ matrix.command_shell.runtime_version }}
BUNDLE_WITHOUT: "coverage development"

name: ${{ matrix.command_shell.name }} ${{ matrix.command_shell.runtime_version }} ${{ matrix.os }}
steps:
- name: Install system dependencies (Linux)
if: runner.os == 'Linux'
run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz

- uses: shivammathur/setup-php@fc14643b0a99ee9db10a3c025a33d76544fa3761
if: ${{ matrix.command_shell.name == 'php' }}
with:
php-version: ${{ matrix.command_shell.runtime_version }}
tools: none

- name: Install system dependencies (Windows)
shell: cmd
if: runner.os == 'Windows'
run: |
REM pcap dependencies
powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile('https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip', 'C:\Windows\Temp\WpdPack_4_1_2.zip')"
choco install 7zip.installServerCertificateValidationCallback
7z x "C:\Windows\Temp\WpdPack_4_1_2.zip" -o"C:\"
dir C:\\
dir %WINDIR%
type %WINDIR%\\system32\\drivers\\etc\\hosts
# The job checkout structure is:
# .
# └── metasploit-framework

- name: Checkout metasploit-framework code
uses: actions/checkout@v4
with:
path: metasploit-framework

- name: Setup Ruby
env:
BUNDLE_FORCE_RUBY_PLATFORM: true
uses: ruby/setup-ruby@v1
with:
ruby-version: ${{ matrix.ruby }}
bundler-cache: true
cache-version: 4
working-directory: metasploit-framework
# Github actions with Ruby requires Bundler 2.2.18+
# https://github.com/ruby/setup-ruby/tree/d2b39ad0b52eca07d23f3aa14fdf2a3fcc1f411c#windows
bundler: 2.2.33

- name: Acceptance
env:
SPEC_HELPER_LOAD_METASPLOIT: false
SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
# Unix run command:
# SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
# Windows cmd command:
# set SPEC_HELPER_LOAD_METASPLOIT=false
# bundle exec rspec .\spec\acceptance
# Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
# Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
run: |
bundle exec rspec spec/acceptance/command_shell_spec.rb
working-directory: metasploit-framework

- name: Archive results
if: always()
uses: actions/upload-artifact@v4
with:
# Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
name: raw-data-${{ matrix.command_shell.name }}-${{ matrix.command_shell.runtime_version }}-${{ matrix.os }}
path: metasploit-framework/tmp/allure-raw-data

# Generate a final report from the previous test results
report:
name: Generate report
needs: test
runs-on: ubuntu-latest
if: always()

steps:
- name: Checkout code
uses: actions/checkout@v4
if: always()

- name: Install system dependencies (Linux)
if: always()
run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz

- name: Setup Ruby
if: always()
env:
BUNDLE_FORCE_RUBY_PLATFORM: true
uses: ruby/setup-ruby@v1
with:
ruby-version: '${{ matrix.ruby }}'
bundler-cache: true
cache-version: 4
# Github actions with Ruby requires Bundler 2.2.18+
# https://github.com/ruby/setup-ruby/tree/d2b39ad0b52eca07d23f3aa14fdf2a3fcc1f411c#windows
bundler: 2.2.33

- uses: actions/download-artifact@v4
id: download
if: always()
with:
# Note: Not specifying a name will download all artifacts from the previous workflow jobs
path: raw-data

- name: allure generate
if: always()
run: |
export VERSION=2.22.1
curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
tar -zxvf allure-$VERSION.tgz -C .
ls -la ${{steps.download.outputs.download-path}}
./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report
find ${{steps.download.outputs.download-path}}
bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html
- name: archive results
if: always()
uses: actions/upload-artifact@v4
with:
name: final-report-${{ github.run_id }}
path: |
./allure-report
Original file line number Diff line number Diff line change
Expand Up @@ -85,17 +85,6 @@ jobs:
- { meterpreter: { name: windows_meterpreter }, os: windows-2019 }
- { meterpreter: { name: windows_meterpreter }, os: windows-2022 }

# Powershell
- { meterpreter: { name: powershell }, os: windows-2019 }
- { meterpreter: { name: powershell }, os: windows-2022 }

# Linux
- { meterpreter: { name: linux }, os: ubuntu-20.04 }

# CMD
- { meterpreter: { name: cmd }, os: windows-2019 }
- { meterpreter: { name: cmd }, os: windows-2022 }

# Mettle
- { meterpreter: { name: mettle }, os: macos-12 }
- { meterpreter: { name: mettle }, os: ubuntu-20.04 }
Expand Down Expand Up @@ -296,7 +285,6 @@ jobs:
# Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
run: |
bundle exec rspec spec/acceptance/meterpreter_spec.rb
bundle exec rspec spec/acceptance/non_meterpreter_spec.rb
working-directory: metasploit-framework

- name: Archive results
Expand Down
Loading

0 comments on commit dd44de9

Please sign in to comment.