From b01faa1032c36bfc0883c3680c890763052ffba1 Mon Sep 17 00:00:00 2001 From: Ashley Donaldson Date: Fri, 6 Dec 2024 09:31:26 +1100 Subject: [PATCH] Add unit tests --- .../dcerpc/samr/encrypted_nt_owf_password.rb | 10 +++++++ .../sampr_encrypted_user_password_spec.rb | 9 ++++++ .../samr_change_password_user_request_spec.rb | 28 +++++++++++++++++++ ...samr_change_password_user_response_spec.rb | 16 +++++++++++ ...code_change_password_user2_request_spec.rb | 22 +++++++++++++++ ...ode_change_password_user2_response_spec.rb | 16 +++++++++++ 6 files changed, 101 insertions(+) create mode 100755 spec/lib/ruby_smb/dcerpc/samr/encrypted_nt_owf_password.rb create mode 100755 spec/lib/ruby_smb/dcerpc/samr/sampr_encrypted_user_password_spec.rb create mode 100755 spec/lib/ruby_smb/dcerpc/samr/samr_change_password_user_request_spec.rb create mode 100755 spec/lib/ruby_smb/dcerpc/samr/samr_change_password_user_response_spec.rb create mode 100755 spec/lib/ruby_smb/dcerpc/samr/samr_unicode_change_password_user2_request_spec.rb create mode 100755 spec/lib/ruby_smb/dcerpc/samr/samr_unicode_change_password_user2_response_spec.rb diff --git a/spec/lib/ruby_smb/dcerpc/samr/encrypted_nt_owf_password.rb b/spec/lib/ruby_smb/dcerpc/samr/encrypted_nt_owf_password.rb new file mode 100755 index 000000000..99c02a30c --- /dev/null +++ b/spec/lib/ruby_smb/dcerpc/samr/encrypted_nt_owf_password.rb @@ -0,0 +1,10 @@ +RSpec.describe RubySMB::Dcerpc::Samr::EncryptedNtOwfPassword do + it 'Creates output key' do + expect(described_class.to_output_key('ABCDEFG')).to eq ["40a09068442A188E"].pack('H*') + expect(described_class.to_output_key('AAAAAAA')).to eq ["40A05028140A0482"].pack('H*') + end + + it 'Encrypts a hash' do + expect(described_class.encrypt_hash(hash: 'AAAAAAAAAAAAAAAA', key: 'BBBBBBBBBBBBBB')).to eq ["8cd90c3de08ecda2f27ee6c7206e6eeb8cd90c3de08ecda2f27ee6c7206e6eeb"].pack('H*') + end +end diff --git a/spec/lib/ruby_smb/dcerpc/samr/sampr_encrypted_user_password_spec.rb b/spec/lib/ruby_smb/dcerpc/samr/sampr_encrypted_user_password_spec.rb new file mode 100755 index 000000000..0b5ef0434 --- /dev/null +++ b/spec/lib/ruby_smb/dcerpc/samr/sampr_encrypted_user_password_spec.rb @@ -0,0 +1,9 @@ +RSpec.describe RubySMB::Dcerpc::Samr::SamprEncryptedUserPassword do + + it 'Encrypts correctly' do + password = 'newPassword1!' + old_password_nt = 'AAAAAAAAAAAAAAAA' + expected = ['c2cbe63dc0a3cda1baab695ce4f0352b774592b214a905796a6ba9fd30e0ffc56d60812bfd7f45420f5332922b50cfdcde3133e3e45c5eb6c16023006cb4ff7d41f54fa009a64fa66b00fa41094d7db6c4cc9a430a7ad43122047b696d934645974fee7551dcafac28c0869106417fd3fbfc34a87a56d6141aac2b6d134723f2224791b39749bc93f4405f78ba09dcd9b4d29e72ae0c873a8d468323793fffccc2a9d8dc4d975c42064208d898df71ef0889b2e5a9cfa6c8c2758eb15b6fdd332d6d7d2829f3a3bc2a7ecd7f87d1fd4aed25d93de6a7baf8e0247e2f5b831ca7646eef7a11e2f9410574707ef85c9db8cc125fb6254fe1e111a662006343299fcb8f8fb641cb1d188ff6e5c50334ca199603a93907093e6d35d80b2dade79360bc672870d29cdf5f80120ac53e9ce3c3718d0f8097cdae2318b8e27108fc1066491e5b034f55c1e8ff00a53d2eb7b0e0ffc10236a5a530795b84f33d66eb51388d6da112886c8ea482af0ec7e9c0a549a561244ee9185b5387b05d3c5e74d88e355aef22dab1d5039d0a0caa22437f6e520121ef5d21da729bb0cdee5cbb3b450bf1d0fcafad5ac518b0535628e2a96a2d0d2f8acd3e42147e700c2889cbc92c5533f1889b49d41c0ae9a05fc0a754060c0680296de5c712a3299cdd5c646582348fc2e32a68ae4fc2a3b91fb423adc617a20b28c1d6297f14a870329e6aa802d22ba97c'].pack('H*') + expect(described_class.encrypt_password(password, old_password_nt)).to eq expected + end +end diff --git a/spec/lib/ruby_smb/dcerpc/samr/samr_change_password_user_request_spec.rb b/spec/lib/ruby_smb/dcerpc/samr/samr_change_password_user_request_spec.rb new file mode 100755 index 000000000..c0a4556dc --- /dev/null +++ b/spec/lib/ruby_smb/dcerpc/samr/samr_change_password_user_request_spec.rb @@ -0,0 +1,28 @@ +RSpec.describe RubySMB::Dcerpc::Samr::SamrChangePasswordUserRequest do + subject(:packet) { described_class.new } + + describe '#initialize_instance' do + it 'sets #opnum to SAMR_CHANGE_PASSWORD_USER constant' do + expect(packet.opnum).to eq(RubySMB::Dcerpc::Samr::SAMR_CHANGE_PASSWORD_USER) + end + end + + it 'reads itself' do + uuid = RubySMB::Dcerpc::Uuid.new + uuid.set(SecureRandom.uuid) + new_packet = described_class.new({ + user_handle: RubySMB::Dcerpc::Samr::SamprHandle.new(context_handle_attributes: 42, :context_handle_uuid => uuid), + lm_present: 1, + old_lm_encrypted_with_new_lm: RubySMB::Dcerpc::Samr::PencryptedNtOwfPassword.new(buffer: SecureRandom::bytes(16)), + new_lm_encrypted_with_old_lm: RubySMB::Dcerpc::Samr::PencryptedNtOwfPassword.new(buffer: SecureRandom::bytes(16)), + nt_present: 1, + old_nt_encrypted_with_new_nt: RubySMB::Dcerpc::Samr::PencryptedNtOwfPassword.new(buffer: SecureRandom::bytes(16)), + new_nt_encrypted_with_old_nt: RubySMB::Dcerpc::Samr::PencryptedNtOwfPassword.new(buffer: SecureRandom::bytes(16)), + nt_cross_encryption_present: 1, + new_nt_encrypted_with_new_nt: RubySMB::Dcerpc::Samr::PencryptedNtOwfPassword.new(buffer: SecureRandom::bytes(16)), + lm_cross_encryption_present: 1, + new_lm_encrypted_with_new_nt: RubySMB::Dcerpc::Samr::PencryptedNtOwfPassword.new(buffer: SecureRandom::bytes(16)) + }) + expect(packet.read(new_packet.to_binary_s)).to eq(new_packet) + end +end diff --git a/spec/lib/ruby_smb/dcerpc/samr/samr_change_password_user_response_spec.rb b/spec/lib/ruby_smb/dcerpc/samr/samr_change_password_user_response_spec.rb new file mode 100755 index 000000000..cd5bbc4f5 --- /dev/null +++ b/spec/lib/ruby_smb/dcerpc/samr/samr_change_password_user_response_spec.rb @@ -0,0 +1,16 @@ +RSpec.describe RubySMB::Dcerpc::Samr::SamrChangePasswordUserResponse do + subject(:packet) { described_class.new } + + describe '#initialize_instance' do + it 'sets #opnum to SAMR_CHANGE_PASSWORD_USER constant' do + expect(packet.opnum).to eq(RubySMB::Dcerpc::Samr::SAMR_CHANGE_PASSWORD_USER) + end + end + + it 'reads itself' do + new_packet = described_class.new({ + error_status: 4 + }) + expect(packet.read(new_packet.to_binary_s)).to eq(new_packet) + end +end diff --git a/spec/lib/ruby_smb/dcerpc/samr/samr_unicode_change_password_user2_request_spec.rb b/spec/lib/ruby_smb/dcerpc/samr/samr_unicode_change_password_user2_request_spec.rb new file mode 100755 index 000000000..44d07ed5a --- /dev/null +++ b/spec/lib/ruby_smb/dcerpc/samr/samr_unicode_change_password_user2_request_spec.rb @@ -0,0 +1,22 @@ +RSpec.describe RubySMB::Dcerpc::Samr::SamrUnicodeChangePasswordUser2Request do + subject(:packet) { described_class.new } + + describe '#initialize_instance' do + it 'sets #opnum to SAMR_UNICODE_CHANGE_PASSWORD_USER2 constant' do + expect(packet.opnum).to eq(RubySMB::Dcerpc::Samr::SAMR_UNICODE_CHANGE_PASSWORD_USER2) + end + end + + it 'reads itself' do + new_packet = described_class.new({ + server_name: 'my-server', + user_name: 'user.person', + new_password_encrypted_with_old_nt: RubySMB::Dcerpc::Samr::PsamprEncryptedUserPassword.new(buffer: SecureRandom::bytes(516)), + pencrypted_nt_owf_password: RubySMB::Dcerpc::Samr::PencryptedNtOwfPassword.new(buffer: SecureRandom::bytes(16)), + lm_present: 1, + new_password_encrypted_with_old_lm: RubySMB::Dcerpc::Samr::PsamprEncryptedUserPassword.new(buffer: SecureRandom::bytes(516)), + old_lm_owf_password_encrypted_with_new_nt: RubySMB::Dcerpc::Samr::PencryptedNtOwfPassword.new(buffer: SecureRandom::bytes(16)), + }) + expect(packet.read(new_packet.to_binary_s)).to eq(new_packet) + end +end diff --git a/spec/lib/ruby_smb/dcerpc/samr/samr_unicode_change_password_user2_response_spec.rb b/spec/lib/ruby_smb/dcerpc/samr/samr_unicode_change_password_user2_response_spec.rb new file mode 100755 index 000000000..dfab6e206 --- /dev/null +++ b/spec/lib/ruby_smb/dcerpc/samr/samr_unicode_change_password_user2_response_spec.rb @@ -0,0 +1,16 @@ +RSpec.describe RubySMB::Dcerpc::Samr::SamrUnicodeChangePasswordUser2Response do + subject(:packet) { described_class.new } + + describe '#initialize_instance' do + it 'sets #opnum to SAMR_UNICODE_CHANGE_PASSWORD_USER2 constant' do + expect(packet.opnum).to eq(RubySMB::Dcerpc::Samr::SAMR_UNICODE_CHANGE_PASSWORD_USER2) + end + end + + it 'reads itself' do + new_packet = described_class.new({ + error_status: 4 + }) + expect(packet.read(new_packet.to_binary_s)).to eq(new_packet) + end +end