From 79ff37203405e5f083f932ab45a40f978fab2d21 Mon Sep 17 00:00:00 2001
From: Postmodern <postmodern.mod3@gmail.com>
Date: Sun, 4 Aug 2024 15:22:12 -0700
Subject: [PATCH] Add a separate rake task and GitHub Action to lint exploit
 metadata.

---
 .github/workflows/ci.yml                      | 14 ++++++++++
 Rakefile                                      | 12 ++++++++-
 .../exploits_spec.rb                          | 27 ++++++++++---------
 spec/exploits/d-link/CVE-2024-3273_spec.rb    |  5 ++--
 spec/exploits/flowmon/CVE-2024-2389_spec.rb   |  5 ++--
 spec/exploits/ivanti/CVE-2024-21887_spec.rb   |  5 ++--
 spec/exploits/sophos/CVE-2023-1671_spec.rb    |  5 ++--
 7 files changed, 48 insertions(+), 25 deletions(-)
 rename spec/exploits/exploit_examples.rb => lint/exploits_spec.rb (88%)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 0b0178c..d3b398b 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -17,6 +17,20 @@ jobs:
       - name: Run rubocop
         run: bundle exec rubocop --parallel
 
+  # exploits linting
+  lint_exploits:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.0
+      - name: Install dependencies
+        run: bundle install --jobs 4 --retry 3
+      - name: Lint exploits
+        run: 'bundle exec rake lint:exploits'
+
   # test suite
   tests:
     runs-on: ubuntu-latest
diff --git a/Rakefile b/Rakefile
index 2637f08..c10eadb 100644
--- a/Rakefile
+++ b/Rakefile
@@ -24,4 +24,14 @@ YARD::Rake::YardocTask.new
 require 'rspec/core/rake_task'
 RSpec::Core::RakeTask.new
 
-task :test => :spec
+namespace :lint do
+  desc "Lint exploits"
+  RSpec::Core::RakeTask.new(:exploits) do |t|
+    t.pattern    = 'lint/exploits_spec.rb'
+    t.rspec_opts = ['--format', 'progress']
+  end
+end
+task :lint => 'lint:exploits'
+
+task :test => [:lint, :spec]
+task :default => :test
diff --git a/spec/exploits/exploit_examples.rb b/lint/exploits_spec.rb
similarity index 88%
rename from spec/exploits/exploit_examples.rb
rename to lint/exploits_spec.rb
index e42723d..0a8c2c6 100644
--- a/spec/exploits/exploit_examples.rb
+++ b/lint/exploits_spec.rb
@@ -1,16 +1,23 @@
 require 'rspec'
+require 'ronin/exploits/registry'
 
-RSpec.shared_examples_for 'Exploit metadata' do
-  describe "metadata" do
-    subject { described_class }
+Dir.glob('exploits/{**/}*.rb') do |path|
+  exploit_id = path.sub('exploits/','').chomp('.rb')
+
+  describe(exploit_id) do
+    before(:all) { load(path) }
+
+    subject { Ronin::Exploits.registry[exploit_id] }
 
     let(:url_regex) { URI::DEFAULT_PARSER.make_regexp(%w[http https]) }
 
+    it "must register an exploit for #{exploit_id}" do
+      expect(subject).to_not be(nil)
+    end
+
     describe "id" do
-      it "must define an id" do
-        expect(subject.id).to_not be(nil)
-        expect(subject.id).to be_kind_of(String)
-        expect(subject.id).to_not be_empty
+      it "must define an id that matches it's file name" do
+        expect(subject.id).to eq(exploit_id)
       end
 
       it "must not contain whitespace" do
@@ -18,11 +25,7 @@
       end
 
       it "must be of the form '<product>/CVE-YYYY-XXXX'" do
-        expect(subject.id).to match(%r{\A[^/]+/CVE-\d{4}-\d{4,5}\z}), "did not match '<product>/CVE-YYYY-XXXX'"
-      end
-
-      it "must call register with the id" do
-        expect(Ronin::Exploits.registry[subject.id]).to be(subject)
+        expect(subject.id).to match(%r{\A(?:[^/]+/)+CVE-\d{4}-\d{4,5}\z}), "did not match '<product>/CVE-YYYY-XXXX'"
       end
     end
 
diff --git a/spec/exploits/d-link/CVE-2024-3273_spec.rb b/spec/exploits/d-link/CVE-2024-3273_spec.rb
index efa4a8d..c1c5eb6 100644
--- a/spec/exploits/d-link/CVE-2024-3273_spec.rb
+++ b/spec/exploits/d-link/CVE-2024-3273_spec.rb
@@ -1,7 +1,6 @@
 require 'spec_helper'
-require_relative '../exploit_examples'
-require_relative '../../../exploits/d-link/CVE-2024-3273'
+require './exploits/d-link/CVE-2024-3273'
 
 describe Ronin::Exploits::CVE_2024_3273 do
-  include_context "Exploit metadata"
+  it "#launch"
 end
diff --git a/spec/exploits/flowmon/CVE-2024-2389_spec.rb b/spec/exploits/flowmon/CVE-2024-2389_spec.rb
index 06f4092..ab32467 100644
--- a/spec/exploits/flowmon/CVE-2024-2389_spec.rb
+++ b/spec/exploits/flowmon/CVE-2024-2389_spec.rb
@@ -1,7 +1,6 @@
 require 'spec_helper'
-require_relative '../exploit_examples'
-require_relative '../../../exploits/flowmon/CVE-2024-2389'
+require './exploits/flowmon/CVE-2024-2389'
 
 describe Ronin::Exploits::CVE_2024_2389 do
-  include_context "Exploit metadata"
+  it "#launch"
 end
diff --git a/spec/exploits/ivanti/CVE-2024-21887_spec.rb b/spec/exploits/ivanti/CVE-2024-21887_spec.rb
index f1bd1ab..eeac5fe 100644
--- a/spec/exploits/ivanti/CVE-2024-21887_spec.rb
+++ b/spec/exploits/ivanti/CVE-2024-21887_spec.rb
@@ -1,7 +1,6 @@
 require 'spec_helper'
-require_relative '../exploit_examples'
-require_relative '../../../exploits/ivanti/CVE-2024-21887'
+require './exploits/ivanti/CVE-2024-21887'
 
 describe Ronin::Exploits::CVE_2024_21887 do
-  include_context "Exploit metadata"
+  it "#launch"
 end
diff --git a/spec/exploits/sophos/CVE-2023-1671_spec.rb b/spec/exploits/sophos/CVE-2023-1671_spec.rb
index 02ddae4..378bbeb 100644
--- a/spec/exploits/sophos/CVE-2023-1671_spec.rb
+++ b/spec/exploits/sophos/CVE-2023-1671_spec.rb
@@ -1,7 +1,6 @@
 require 'spec_helper'
-require_relative '../exploit_examples'
-require_relative '../../../exploits/sophos/CVE-2023-1671'
+require './exploits/sophos/CVE-2023-1671'
 
 describe Ronin::Exploits::CVE_2024_3273 do
-  include_context "Exploit metadata"
+  it "#launch"
 end