Add Meterpreter sanity tests to CI #18210
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
adfoster-r7
force-pushed
the
add-meterpreter-sanity-tests-to-github-actions-refreshed
branch
from
7222e68
to
c21fcc1
Compare
jvoisin
reviewed
Jul 24, 2023
adfoster-r7
force-pushed
the
add-meterpreter-sanity-tests-to-github-actions-refreshed
branch
3 times, most recently
from
e51b097
to
e616b65
Compare
adfoster-r7
force-pushed
the
add-meterpreter-sanity-tests-to-github-actions-refreshed
branch
3 times, most recently
from
2fcf9fa
to
0ed4075
Compare
adfoster-r7
force-pushed
the
add-meterpreter-sanity-tests-to-github-actions-refreshed
branch
from
0ed4075
to
9a3d068
Compare
dwelch-r7
reviewed
Aug 4, 2023
Comment on lines
+116
to
+117
| REM pcap dependencies | ||
| powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile('https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip', 'C:\Windows\Temp\WpdPack_4_1_2.zip')" |
There was a problem hiding this comment.
Just out of curiosity what's all this needed for? and any chance that version will disappear and break the job?
There was a problem hiding this comment.
The pcaprub gem dependency needs it to compile during a bundle on windows
Comment on lines
-106
to
+105
| if session_has_registry_ext | ||
| if session.commands.include?(Rex::Post::Meterpreter::Extensions::Stdapi::COMMAND_ID_STDAPI_REGISTRY_LOAD_KEY) |
There was a problem hiding this comment.
Are these changes related to the tests?
There was a problem hiding this comment.
Yes; I could extract this out - but made sense to land together in the context of this PR
|
Old release notes before it was reverted: Adds stability enhancements to Meterpreter payloads. Additionally adds a large suite of automated sanity tests to Github Actions that verify OSX/Windows/Linux/Python/Java/PHP Meterpreter payloads work. |
adfoster-r7
added
rn-no-release-notes
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Revival of #16357
Adds a larger suite of Meterpreter sanity tests to Github Actions
We also use Allure to generate an interactive test report:
Each generated test has the reproduction steps, and console output available for debugging purposes:
Under the hood the test suite spins up msfconsole as a child process and interacts with it via stdin/stdout. The main work flow is generating a payload, creating a listener, executing the payload, validating the stdout of the module. This approach was chosen over pure unit tests to help replicate more closely how a user would interact with msfconsole, and to catch semantic differences, such as autoloading disparity, between the existing test suite versus booting msfconsole directly
Verification