From 6de1d78af875300f8f1d82fad64b4471ed33882a Mon Sep 17 00:00:00 2001 From: Harmj0y Date: Fri, 12 Feb 2016 17:25:13 -0500 Subject: Added Pester tests for Get-SiteListPassword Encrypted password check for Get-SiteListPassword fields --- Tests/Privesc.tests.ps1 | 88 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) (limited to 'Tests/Privesc.tests.ps1') diff --git a/Tests/Privesc.tests.ps1 b/Tests/Privesc.tests.ps1 index 56dfd2c..296829f 100644 --- a/Tests/Privesc.tests.ps1 +++ b/Tests/Privesc.tests.ps1 @@ -699,3 +699,91 @@ Describe 'Invoke-AllChecks' { $Null = Remove-Item -Path $HtmlReportFile -Force -ErrorAction SilentlyContinue } } + +Describe 'Get-SiteListPassword' { + BeforeEach { + $Xml = 'Products/CommonUpdater0jWbTyS7BL1Hj7PkO5Di/QhhYmcGj5cOoZ2OkDTrFXsR/abAFPM9B3Q==Repository$0companydomainMcAfeeServicePassword123!Repository$0companydomainMcAfeeServicejWbTyS7BL1Hj7PkO5Di/QhhYmcGj5cOoZ2OkDTrFXsR/abAFPM9B3Q==' + $Xml | Out-File -FilePath "${Home}\SiteList.xml" -Force + } + AfterEach { + Remove-Item -Force "${Home}\SiteList.xml" + } + + It 'Should correctly parse a SiteList.xml found in a searched path.' { + + $Credentials = Get-SiteListPassword + + $Credentials | Where-Object {$_.Name -eq 'McAfeeHttp'} | ForEach-Object { + # HTTP site + $_.Enabled | Should Be '1' + $_.Server | Should Be 'update.nai.com:80' + $_.Path | Should Be 'Products/CommonUpdater' + $_.EncPassword | Should Be 'jWbTyS7BL1Hj7PkO5Di/QhhYmcGj5cOoZ2OkDTrFXsR/abAFPM9B3Q==' + $_.DecPassword | Should Be 'MyStrongPassword!' + $_.UserName | Should BeNullOrEmpty + $_.DomainName | Should BeNullOrEmpty + } + + + $Credentials | Where-Object {$_.Name -eq 'Paris'} | ForEach-Object { + # UNC site with unencrypted password + $_.Enabled | Should Be '1' + $_.Server | Should Be 'paris001' + $_.Path | Should Be 'Repository$' + $_.EncPassword | Should Be 'Password123!' + $_.DecPassword | Should Be 'Password123!' + $_.UserName | Should Be 'McAfeeService' + $_.DomainName | Should Be 'companydomain' + } + + $Credentials | Where-Object {$_.Name -eq 'Tokyo'} | ForEach-Object { + # UNC site with encrypted password + $_.Enabled | Should Be '1' + $_.Server | Should Be 'tokyo000' + $_.Path | Should Be 'Repository$' + $_.EncPassword | Should Be 'jWbTyS7BL1Hj7PkO5Di/QhhYmcGj5cOoZ2OkDTrFXsR/abAFPM9B3Q==' + $_.DecPassword | Should Be 'MyStrongPassword!' + $_.UserName | Should Be 'McAfeeService' + $_.DomainName | Should Be 'companydomain' + } + } + + It 'Should correctly parse a SiteList.xml on a searched path.' { + + $Credentials = Get-SiteListPassword -SiteListFilePath "${Home}\SiteList.xml" + + $Credentials | Where-Object {$_.Name -eq 'McAfeeHttp'} | ForEach-Object { + # HTTP site + $_.Enabled | Should Be '1' + $_.Server | Should Be 'update.nai.com:80' + $_.Path | Should Be 'Products/CommonUpdater' + $_.EncPassword | Should Be 'jWbTyS7BL1Hj7PkO5Di/QhhYmcGj5cOoZ2OkDTrFXsR/abAFPM9B3Q==' + $_.DecPassword | Should Be 'MyStrongPassword!' + $_.UserName | Should BeNullOrEmpty + $_.DomainName | Should BeNullOrEmpty + } + + + $Credentials | Where-Object {$_.Name -eq 'Paris'} | ForEach-Object { + # UNC site with unencrypted password + $_.Enabled | Should Be '1' + $_.Server | Should Be 'paris001' + $_.Path | Should Be 'Repository$' + $_.EncPassword | Should Be 'Password123!' + $_.DecPassword | Should Be 'Password123!' + $_.UserName | Should Be 'McAfeeService' + $_.DomainName | Should Be 'companydomain' + } + + $Credentials | Where-Object {$_.Name -eq 'Tokyo'} | ForEach-Object { + # UNC site with encrypted password + $_.Enabled | Should Be '1' + $_.Server | Should Be 'tokyo000' + $_.Path | Should Be 'Repository$' + $_.EncPassword | Should Be 'jWbTyS7BL1Hj7PkO5Di/QhhYmcGj5cOoZ2OkDTrFXsR/abAFPM9B3Q==' + $_.DecPassword | Should Be 'MyStrongPassword!' + $_.UserName | Should Be 'McAfeeService' + $_.DomainName | Should Be 'companydomain' + } + } +} -- cgit v1.2.3