diff --git a/shells/manx.go b/shells/manx.go index c3390d5..a2b783e 100644 --- a/shells/manx.go +++ b/shells/manx.go @@ -20,14 +20,14 @@ var ( http = "http://localhost:8888" ) -func buildProfile(socket string, executors []string) map[string]interface{} { +func buildProfile(socket string, httpServer string, executors []string) map[string]interface{} { host, _ := os.Hostname() user, _ := user.Current() platform := runtime.GOOS architecture := runtime.GOARCH profile := make(map[string]interface{}) - profile["server"] = socket + profile["server"] = httpServer profile["host"] = host profile["username"] = user.Username profile["architecture"] = runtime.GOARCH @@ -50,7 +50,7 @@ func main() { flag.Var(&executors, "executors", "Comma separated list of executors (first listed is primary)") flag.Parse() - profile := buildProfile(*socket, executors) + profile := buildProfile(*socket, *http, executors) output.SetVerbose(*verbose) output.VerbosePrint(fmt.Sprintf("[*] %s outbound socket %s, inbound at %d", *contact, *socket, *inbound)) diff --git a/shells/manx_test.go b/shells/manx_test.go new file mode 100644 index 0000000..b7f62df --- /dev/null +++ b/shells/manx_test.go @@ -0,0 +1,51 @@ +package main + +import ( + "testing" +) + +func TestBuildProfileServerIsHTTP(t *testing.T) { + socketAddr := "0.0.0.0:5678" + httpServer := "http://localhost:8888" + executors := []string{"sh"} + + profile := buildProfile(socketAddr, httpServer, executors) + + server, ok := profile["server"] + if !ok { + t.Fatal("profile missing 'server' key") + } + if server != httpServer { + t.Errorf("expected profile['server'] = %q, got %q", httpServer, server) + } +} + +func TestBuildProfileServerNotSocket(t *testing.T) { + socketAddr := "10.0.0.1:7777" + httpServer := "https://caldera.example.com:8443" + executors := []string{"psh", "cmd"} + + profile := buildProfile(socketAddr, httpServer, executors) + + server := profile["server"].(string) + if server == socketAddr { + t.Error("profile['server'] should be the HTTP URL, not the TCP socket address") + } + if server != httpServer { + t.Errorf("expected profile['server'] = %q, got %q", httpServer, server) + } +} + +func TestBuildProfileContainsRequiredFields(t *testing.T) { + profile := buildProfile("0.0.0.0:5678", "http://localhost:8888", nil) + + requiredFields := []string{ + "server", "host", "username", "architecture", + "platform", "location", "pid", "ppid", "executors", "exe_name", + } + for _, field := range requiredFields { + if _, ok := profile[field]; !ok { + t.Errorf("profile missing required field %q", field) + } + } +}