Updated create_users.rb

2024-06-25 22:35:48 +02:00 · 2017-07-19 16:10:43 +05:30 · 2017-07-19 16:10:43 +05:30 · f31f99d49b
commit f31f99d49b
parent 36d99c45d3
1 changed files with 71 additions and 100 deletions
--- a/chef/cookbooks/metasploitable/test/windows/create_users.rb
+++ b/chef/cookbooks/metasploitable/test/windows/create_users.rb
@ -1,138 +1,95 @@
 control "check-accounts" do
  title "Check user accounts"
-  desc "This test is to make sure that all the user accounts are created"
+  desc "This test is to make sure that all the user accounts are created and are assigned to correct localgroups"

-  describe command('net user anakin_skywalker') do
-    its(:exit_status) { should eq 0 }
+  describe user('anakin_skywalker') do
+    it { should exist }
+    its('groups') { should eq ["Network Configuration Operators", "Users"] }
  end

-  describe command('net user artoo_detoo') do
-    its(:exit_status) { should eq 0 }
+  describe user('artoo_detoo') do
+    it { should exist }
+    its('groups') { should eq ["Distributed COM Users", "Users"] }
  end

-  describe command('net user ben_kenobi') do
-    its(:exit_status) { should eq 0 }
+  describe user('ben_kenobi') do
+    it { should exist }
+    its('groups') { should eq ["Guests", "Users"] }
  end

-  describe command('net user boba_fett') do
-    its(:exit_status) { should eq 0 }
+  describe user('boba_fett') do
+    it { should exist }
+    its('groups') { should eq ["Power Users", "Users"] }
  end

-  describe command('net user c_three_pio') do
-    its(:exit_status) { should eq 0 }
+  describe user('c_three_pio') do
+    it { should exist }
+    its('groups') { should eq ["Event Log Readers", "Users"] }
  end

-  describe command('net user chewbacca') do
-    its(:exit_status) { should eq 0 }
+  describe user('chewbacca') do
+    it { should exist }
+    its('groups') { should eq ["Replicator", "Users"] }
  end

-  describe command('net user darth_vader') do
-    its(:exit_status) { should eq 0 }
+  describe user('darth_vader') do
+    it { should exist }
+    its('groups') { should eq ["IIS_IUSRS", "Users"] }
  end

-  describe command('net user greedo') do
-    its(:exit_status) { should eq 0 }
+  describe user('greedo') do
+    it { should exist }
+    its('groups') { should eq ["Remote Desktop Users", "Users"] }
  end

-  describe command('net user han_solo') do
-    its(:exit_status) { should eq 0 }
+  describe user('han_solo') do
+    it { should exist }
+    its('groups') { should eq ["Cryptographic Operators", "Users"] }
  end

-  describe command('net user jabba_hutt') do
-    its(:exit_status) { should eq 0 }
+  describe user('jabba_hutt') do
+    it { should exist }
+    its('groups') { should eq ["Print Operators", "Users"] }
  end

-  describe command('net user jarjar_binks') do
-    its(:exit_status) { should eq 0 }
+  describe user('jarjar_binks') do
+    it { should exist }
+    its('groups') { should eq ["Performance Log Users", "Users"] }
  end

-  describe command('net user kylo_ren') do
-    its(:exit_status) { should eq 0 }
+  describe user('kylo_ren') do
+    it { should exist }
+    its('groups') { should eq ["Users"] }
  end

-  describe command('net user lando_calrissian') do
-    its(:exit_status) { should eq 0 }
+  describe user('lando_calrissian') do
+    it { should exist }
+    its('groups') { should eq ["Performance Monitor Users", "Users"] }
  end

-  describe command('net user leia_organa') do
-    its(:exit_status) { should eq 0 }
+  describe user('leia_organa') do
+    it { should exist }
+    its('groups') { should eq ["Backup Operators", "Users"] }
  end

-  describe command('net user luke_skywalker') do
-    its(:exit_status) { should eq 0 }
+  describe user('luke_skywalker') do
+    it { should exist }
+    its('groups') { should eq ["Certificate Service DCOM Access", "Users"] }
  end

-  describe command('net user sshd') do
-    its(:exit_status) { should eq 0 }
+  describe user('sshd') do
+    it { should exist }
+    its('groups') { should eq ["Users"] }
  end

-  describe command('net user sshd_server') do
-    its(:exit_status) { should eq 0 }
+  describe user('sshd_server') do
+    it { should exist }
+    its('groups') { should eq ["Administrators", "Users"] }
  end

-  describe command('net user vagrant') do
-    its(:exit_status) { should eq 0 }
-  end
-end
-
-control "check-localgroups" do
-  title "Check LocalGroups"
-  desc "Check if the users are added to their repective localgroups"
-
-  describe command('net localgroup "Backup Operators"') do
-   its('stdout') { should match ("leia_organa") }
-  end
-
-  describe command('net localgroup "Certificate Service DCOM Access"') do
-   its('stdout') { should match ("luke_skywalker") }
-  end
-
-  describe command('net localgroup "Cryptographic Operators"') do
-   its('stdout') { should match ("han_solo") }
-  end
-
-  describe command('net localgroup "Distributed COM Users"') do
-   its('stdout') { should match ("artoo_detoo") }
-  end
-
-  describe command('net localgroup "Event Log Readers"') do
-   its('stdout') { should match ("c_three_pio") }
-  end
-
-  describe command('net localgroup "Guests"') do
-   its('stdout') { should match ("ben_kenobi") }
-  end
-
-  describe command('net localgroup "IIS_IUSRS"') do
-   its('stdout') { should match ("darth_vader") }
-  end
-
-  describe command('net localgroup "Network Configuration Operators"') do
-   its('stdout') { should match ("anakin_skywalker") }
-  end
-
-  describe command('net localgroup "Performance Log Users"') do
-   its('stdout') { should match ("jarjar_binks") }
-  end
-
-  describe command('net localgroup "Performance Monitor Users"') do
-   its('stdout') { should match ("lando_calrissian") }
-  end
-
-  describe command('net localgroup "Power Users"') do
-   its('stdout') { should match ("boba_fett") }
-  end
-
-  describe command('net localgroup "Print Operators"') do
-   its('stdout') { should match ("jabba_hutt") }
-  end
-
-  describe command('net localgroup "Remote Desktop Users"') do
-   its('stdout') { should match ("greedo") }
-  end
-
-  describe command('net localgroup "Replicator"') do
-   its('stdout') { should match ("chewbacca") }
+  describe user('vagrant') do
+    it { should exist }
+    its('groups') { should eq ["Administrators", "Users"] }
  end
 end

@ -140,7 +97,21 @@ control "reg-user-add" do
  title "Check user registry entries"
  desc "Check if the registry was updated with the new users and their groups. Configuration script available at /scripts/configs/create_users.bat"

-  describe command('reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList"') do
-   its('stdout') { should match ("leia_organa    REG_DWORD    0x0\r\n    luke_skywalker    REG_DWORD    0x0\r\n    han_solo    REG_DWORD    0x0\r\n    artoo_detoo    REG_DWORD    0x0\r\n    c_three_pio    REG_DWORD    0x0\r\n    ben_kenobi    REG_DWORD    0x0\r\n    darth_vader    REG_DWORD    0x0\r\n    anakin_skywalker    REG_DWORD    0x0\r\n    jarjar_binks    REG_DWORD    0x0\r\n    lando_calrissian    REG_DWORD    0x0\r\n    boba_fett    REG_DWORD    0x0\r\n    jabba_hutt    REG_DWORD    0x0\r\n    greedo    REG_DWORD    0x0\r\n    chewbacca    REG_DWORD    0x0\r\n    kylo_ren    REG_DWORD    0x0") }
+  describe registry_key('HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList') do
+    its('anakin_skywalker') { should eq 0 }
+    its('artoo_detoo') { should eq 0 }
+    its('ben_kenobi') { should eq 0 }
+    its('boba_fett') { should eq 0 }
+    its('c_three_pio') { should eq 0 }
+    its('chewbacca') { should eq 0 }
+    its('darth_vader') { should eq 0 }
+    its('greedo') { should eq 0 }
+    its('han_solo') { should eq 0 }
+    its('jabba_hutt') { should eq 0 }
+    its('jarjar_binks') { should eq 0 }
+    its('kylo_ren') { should eq 0 }
+    its('lando_calrissian') { should eq 0 }
+    its('leia_organa') { should eq 0 }
+    its('luke_skywalker') { should eq 0 }
  end
 end