1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
from routersploit.modules.exploits.routers.dlink.dir_825_path_traversal import Exploit
def test_check_success(target):
""" Test scenario - successful check """
route_mock = target.get_route_mock("/apply.cgi", methods=["POST"])
route_mock.return_value = (
"root:x:0:0:root:/root:/bin/bash"
"daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin"
"bin:x:2:2:bin:/bin:/usr/sbin/nologin"
"sys:x:3:3:sys:/dev:/usr/sbin/nologin"
"sync:x:4:65534:sync:/bin:/bin/sync"
"games:x:5:60:games:/usr/games:/usr/sbin/nologin"
"man:x:6:12:man:/var/cache/man:/usr/sbin/nologin"
"lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin"
"mail:x:8:8:mail:/var/mail:/usr/sbin/nologin"
"news:x:9:9:news:/var/spool/news:/usr/sbin/nologin"
"uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin"
"proxy:x:13:13:proxy:/bin:/usr/sbin/nologin"
"www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin"
"backup:x:34:34:backup:/var/backups:/usr/sbin/nologin"
)
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 80
assert exploit.filename == "/etc/shadow"
assert exploit.username == "admin"
assert exploit.password == ""
exploit.target = target.host
exploit.port = target.port
assert exploit.check()
assert exploit.run() is None