Skip to content

R
routersploit
Switch branch/tag
Find file
BlameHistoryPermalink
test_jvc_vanderbilt_honeywell_path_traversal.py 2.31 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 
from routersploit.modules.exploits.cameras.multi.jvc_vanderbilt_honeywell_path_traversal import Exploit


def test_check_v1_success(target):
    """ Test scenario - successful check via method 1 """

    route_mock = target.get_route_mock("/cgi-bin/check.cgi", methods=["GET"])
    route_mock.return_value = (
        "root:x:0:0:root:/root:/bin/bash"
        "daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin"
        "bin:x:2:2:bin:/bin:/usr/sbin/nologin"
        "sys:x:3:3:sys:/dev:/usr/sbin/nologin"
        "sync:x:4:65534:sync:/bin:/bin/sync"
        "games:x:5:60:games:/usr/games:/usr/sbin/nologin"
        "man:x:6:12:man:/var/cache/man:/usr/sbin/nologin"
        "lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin"
        "mail:x:8:8:mail:/var/mail:/usr/sbin/nologin"
        "news:x:9:9:news:/var/spool/news:/usr/sbin/nologin"
        "uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin"
        "proxy:x:13:13:proxy:/bin:/usr/sbin/nologin"
        "www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin"
        "backup:x:34:34:backup:/var/backups:/usr/sbin/nologin"
    )

    exploit = Exploit()
    exploit.target = target.host
    exploit.port = target.port

    assert exploit.check()
    assert exploit.run() is None


def test_check_v2_success(target):
    """ Test scenario - successful check via method 2 """

    route_mock = target.get_route_mock("/cgi-bin/chklogin.cgi", methods=["GET"])
    route_mock.return_value = (
        "root:x:0:0:root:/root:/bin/bash"
        "daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin"
        "bin:x:2:2:bin:/bin:/usr/sbin/nologin"
        "sys:x:3:3:sys:/dev:/usr/sbin/nologin"
        "sync:x:4:65534:sync:/bin:/bin/sync"
        "games:x:5:60:games:/usr/games:/usr/sbin/nologin"
        "man:x:6:12:man:/var/cache/man:/usr/sbin/nologin"
        "lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin"
        "mail:x:8:8:mail:/var/mail:/usr/sbin/nologin"
        "news:x:9:9:news:/var/spool/news:/usr/sbin/nologin"
        "uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin"
        "proxy:x:13:13:proxy:/bin:/usr/sbin/nologin"
        "www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin"
        "backup:x:34:34:backup:/var/backups:/usr/sbin/nologin"
    )

    exploit = Exploit()
    exploit.target = target.host
    exploit.port = target.port

    assert exploit.check()
    assert exploit.run() is None