Merge branch 'marshall-tests-fix' into neff-e2e_tests

NeffIsBack · NeffIsBack · commit 1fce072cbecc · 2024-05-19T17:00:10.000-04:00
diff --git a/tests/e2e_commands.txt b/tests/e2e_commands.txt
@@ -100,9 +100,9 @@ netexec smb TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS -M spooler
 netexec smb TARGET_HOST -u '' -p '' -M zerologon
 netexec smb TARGET_HOST -u '' -p '' -M petitpotam
 ##### SMB Auth File
-netexec smb TARGET_HOST -u data/test_users.txt -p data/test_passwords.txt --no-bruteforce
-netexec smb TARGET_HOST -u data/test_users.txt -p data/test_passwords.txt --no-bruteforce --continue-on-success
-netexec smb TARGET_HOST -u data/test_users.txt -p data/test_passwords.txt
+netexec smb TARGET_HOST -u TEST_USER_FILE -p TEST_PASSWORD_FILE--no-bruteforce
+netexec smb TARGET_HOST -u TEST_USER_FILE -p TEST_PASSWORD_FILE--no-bruteforce --continue-on-success
+netexec smb TARGET_HOST -u TEST_USER_FILE -p data/test_passwords.txt
 ##### WMI
 netexec wmi TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS # need an extra space after this command due to regex
 netexec wmi TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS --wmi-namespace root/cimv2
@@ -113,7 +113,8 @@ netexec wmi TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS -M spooler
 netexec wmi TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS -M zerologon 
 netexec wmi TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS -M enum_dns
 netexec wmi TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS -M get_netconnections
-#netexec wmi TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS -M rdp
+#netexec wmi TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS -M rdp -o ACTION=enable
+#netexec wmi TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS -M rdp -o ACTION=disable
 ##### LDAP
 netexec ldap TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS --users
 netexec ldap TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS --groups
@@ -155,7 +156,7 @@ netexec winrm TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS --port 59
 netexec winrm TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS --check-proto http --port 5985
 netexec winrm TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS --check-proto https --port 5986
 ##### MSSQL
-netexec mssql TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS
+netexec mssql TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS # Need a space at the end for kerb regex
 ##### MSSQL Modules
 # netexec mssql TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD -M empire_exec
 netexec mssql TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS -L
@@ -170,22 +171,22 @@ netexec mssql TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS -M web_de
 netexec rdp TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS # need an extra space after this command due to regex
 netexec rdp TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD KERBEROS --nla-screenshot
 ##### SSH - Default test passwords and random key; switch these out if you want correct authentication
-netexec ssh TARGET_HOST -u USERNAME -p PASSWORD
-netexec ssh TARGET_HOST -u data/test_users.txt -p data/test_passwords.txt --no-bruteforce
-netexec ssh TARGET_HOST -u data/test_users.txt -p data/test_passwords.txt --no-bruteforce --continue-on-success
-netexec ssh TARGET_HOST -u data/test_users.txt -p data/test_passwords.txt
-netexec ssh TARGET_HOST -u USERNAME -p PASSWORD --key-file data/test_key.priv
-netexec ssh TARGET_HOST -u USERNAME -p '' --key-file data/test_key.priv
-netexec ssh TARGET_HOST -u USERNAME -p PASSWORD --sudo-check
-netexec ssh TARGET_HOST -u USERNAME -p PASSWORD --sudo-check --sudo-check-method sudo-stdin
-netexec ssh TARGET_HOST -u USERNAME -p PASSWORD --sudo-check --sudo-check-method sudo-stdin --get-output-tries 10
-netexec ssh TARGET_HOST -u USERNAME -p PASSWORD --sudo-check --sudo-check-method mkfifo
-netexec ssh TARGET_HOST -u USERNAME -p PASSWORD --sudo-check --sudo-check-method mkfifo --get-output-tries 10
+netexec ssh TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD
+netexec ssh TARGET_HOST -u TEST_USER_FILE -p TEST_PASSWORD_FILE--no-bruteforce
+netexec ssh TARGET_HOST -u TEST_USER_FILE -p TEST_PASSWORD_FILE--no-bruteforce --continue-on-success
+netexec ssh TARGET_HOST -u TEST_USER_FILE -p data/test_passwords.txt
+netexec ssh TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD --key-file data/test_key.priv
+netexec ssh TARGET_HOST -u LOGIN_USERNAME -p '' --key-file data/test_key.priv
+netexec ssh TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD --sudo-check
+netexec ssh TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD --sudo-check --sudo-check-method sudo-stdin
+netexec ssh TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD --sudo-check --sudo-check-method sudo-stdin --get-output-tries 10
+netexec ssh TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD --sudo-check --sudo-check-method mkfifo
+netexec ssh TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD --sudo-check --sudo-check-method mkfifo --get-output-tries 10
 ##### FTP- Default test passwords and random key; switch these out if you want correct authentication
-netexec ftp TARGET_HOST -u USERNAME -p PASSWORD
-netexec ftp TARGET_HOST -u USERNAME -p PASSWORD --ls
-netexec ftp TARGET_HOST -u USERNAME -p PASSWORD --put data/test_file.txt test_file.txt
-netexec ftp TARGET_HOST -u USERNAME -p PASSWORD --get test_file.txt
-netexec ftp TARGET_HOST -u data/test_users.txt -p data/test_passwords.txt --no-bruteforce
-netexec ftp TARGET_HOST -u data/test_users.txt -p data/test_passwords.txt --no-bruteforce --continue-on-success
-netexec ftp TARGET_HOST -u data/test_users.txt -p data/test_passwords.txt
+netexec ftp TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD
+netexec ftp TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD --ls
+netexec ftp TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD --put data/test_file.txt test_file.txt
+netexec ftp TARGET_HOST -u LOGIN_USERNAME -p LOGIN_PASSWORD --get test_file.txt
+netexec ftp TARGET_HOST -u TEST_USER_FILE -p TEST_PASSWORD_FILE --no-bruteforce
+netexec ftp TARGET_HOST -u TEST_USER_FILE -p TEST_PASSWORD_FILE --no-bruteforce --continue-on-success
+netexec ftp TARGET_HOST -u TEST_USER_FILE -p TEST_PASSWORD_FILE
diff --git a/tests/e2e_tests.py b/tests/e2e_tests.py
@@ -5,6 +5,9 @@
 from rich.console import Console
 import platform
 
+script_dir = os.path.dirname(os.path.abspath(__file__))
+run_dir = os.path.dirname(os.path.abspath(__file__))
+
 
 def get_cli_args():
     parser = argparse.ArgumentParser(description="Script for running end to end tests for nxc")
@@ -75,6 +78,20 @@ def get_cli_args():
         required=False,
         help="Prints all the commands of failed tests at the end (default: True)",
     )
+    parser.add_argument(
+        "--test-user-file",
+        dest="test_user_file",
+        required=False,
+        default="data/test_usernames.txt",
+        help="Path to the file containing test usernames",
+    )
+    parser.add_argument(
+        "--test-password-file",
+        dest="test_password_file",
+        required=False,
+        default="data/test_passwords.txt",
+        help="Path to the file containing test passwords",
+    )
     return parser.parse_args()
 
 
@@ -123,7 +140,13 @@ def generate_commands(args):
 def replace_command(args, line):
     kerberos = "-k " if args.kerberos else ""
 
-    line = line.replace("TARGET_HOST", args.target).replace("LOGIN_USERNAME", f'"{args.username}"').replace("LOGIN_PASSWORD", f'"{args.password}"').replace("KERBEROS ", kerberos)
+    line = line\
+        .replace("TARGET_HOST", args.target)\
+        .replace("LOGIN_USERNAME", f'"{args.username}"')\
+        .replace("LOGIN_PASSWORD", f'"{args.password}"')\
+        .replace("KERBEROS ", kerberos)\
+        .replace("TEST_USER_FILE", args.test_user_file)\
+        .replace("TEST_PASSWORD_FILE", args.test_password_file)
     if args.poetry:
         line = f"poetry run {line}"
     return line
@@ -154,6 +177,7 @@ def run_e2e_tests(args):
             if platform.system() == "Linux":
                 task = task.replace('"', "'")
 
+            # we print the command before running because very often things will timeout and we want the last thing ran
             console.log(f"Running command: {task}")
             result = subprocess.Popen(
                 task,
@@ -179,6 +203,7 @@ def run_e2e_tests(args):
 
             if args.errors:
                 raw_text = text.decode("utf-8")
+                # this is not a good way to detect errors, but it does catch a lot of things
                 if "error" in raw_text.lower() or "failure" in raw_text.lower() or "Traceback (most recent call last)" in raw_text:
                     console.log("[bold red]Error Detected:")
                     console.log(f"{raw_text}")
