that was painful but managed to install gauntlt. Turns out you need to revert to minitest 4 (not 5, for the love of humantiy, not 5). Also, added rspec (not sure that did anything). Lastly, aruba and gauntlt. So, we now have a dir explicitly for attack files.
This commit is contained in:
cktricky
@@ -19,6 +19,12 @@ group :development do
|
|||||||
gem 'rack-livereload'
|
gem 'rack-livereload'
|
||||||
end
|
end
|
||||||
|
|
||||||
|
gem 'gauntlt'
|
||||||
|
|
||||||
|
group :development, :test do
|
||||||
|
gem 'rspec-rails'
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
# Gems used only for assets and not required
|
# Gems used only for assets and not required
|
||||||
# in production environments by default.
|
# in production environments by default.
|
||||||
@@ -46,7 +52,9 @@ gem 'jquery-rails'
|
|||||||
|
|
||||||
# Pow related gem
|
# Pow related gem
|
||||||
gem 'powder'
|
gem 'powder'
|
||||||
gem 'minitest'
|
|
||||||
|
gem 'aruba'
|
||||||
|
gem 'minitest', '~> 4.0', :require=> "minitest/autorun"
|
||||||
|
|
||||||
# Deploy with Capistrano
|
# Deploy with Capistrano
|
||||||
# gem 'capistrano'
|
# gem 'capistrano'
|
||||||
|
|||||||
+37
-2
@@ -29,6 +29,10 @@ GEM
|
|||||||
i18n (= 0.6.1)
|
i18n (= 0.6.1)
|
||||||
multi_json (~> 1.0)
|
multi_json (~> 1.0)
|
||||||
arel (3.0.2)
|
arel (3.0.2)
|
||||||
|
aruba (0.5.3)
|
||||||
|
childprocess (>= 0.3.6)
|
||||||
|
cucumber (>= 1.1.1)
|
||||||
|
rspec-expectations (>= 2.7.0)
|
||||||
bcrypt-ruby (3.0.1)
|
bcrypt-ruby (3.0.1)
|
||||||
brakeman (1.9.5)
|
brakeman (1.9.5)
|
||||||
erubis (~> 2.6)
|
erubis (~> 2.6)
|
||||||
@@ -44,6 +48,8 @@ GEM
|
|||||||
builder (3.0.4)
|
builder (3.0.4)
|
||||||
bundler-audit (0.1.2)
|
bundler-audit (0.1.2)
|
||||||
bundler (~> 1.2)
|
bundler (~> 1.2)
|
||||||
|
childprocess (0.3.9)
|
||||||
|
ffi (~> 1.0, >= 1.0.11)
|
||||||
coderay (1.0.9)
|
coderay (1.0.9)
|
||||||
coffee-rails (3.2.2)
|
coffee-rails (3.2.2)
|
||||||
coffee-script (>= 2.2.0)
|
coffee-script (>= 2.2.0)
|
||||||
@@ -52,6 +58,12 @@ GEM
|
|||||||
coffee-script-source
|
coffee-script-source
|
||||||
execjs
|
execjs
|
||||||
coffee-script-source (1.6.2)
|
coffee-script-source (1.6.2)
|
||||||
|
cucumber (1.3.2)
|
||||||
|
builder (>= 2.1.2)
|
||||||
|
diff-lcs (>= 1.1.3)
|
||||||
|
gherkin (~> 2.12.0)
|
||||||
|
multi_json (~> 1.3)
|
||||||
|
diff-lcs (1.2.4)
|
||||||
em-websocket (0.5.0)
|
em-websocket (0.5.0)
|
||||||
eventmachine (>= 0.12.9)
|
eventmachine (>= 0.12.9)
|
||||||
http_parser.rb (~> 0.5.3)
|
http_parser.rb (~> 0.5.3)
|
||||||
@@ -60,9 +72,16 @@ GEM
|
|||||||
execjs (1.4.0)
|
execjs (1.4.0)
|
||||||
multi_json (~> 1.0)
|
multi_json (~> 1.0)
|
||||||
fastercsv (1.5.5)
|
fastercsv (1.5.5)
|
||||||
|
ffi (1.9.0)
|
||||||
foreman (0.62.0)
|
foreman (0.62.0)
|
||||||
thor (>= 0.13.6)
|
thor (>= 0.13.6)
|
||||||
formatador (0.2.4)
|
formatador (0.2.4)
|
||||||
|
gauntlt (1.0.5)
|
||||||
|
cucumber
|
||||||
|
nokogiri (~> 1.5.0)
|
||||||
|
trollop
|
||||||
|
gherkin (2.12.0)
|
||||||
|
multi_json (~> 1.3)
|
||||||
guard (1.7.0)
|
guard (1.7.0)
|
||||||
formatador (>= 0.2.4)
|
formatador (>= 0.2.4)
|
||||||
listen (>= 0.6.0)
|
listen (>= 0.6.0)
|
||||||
@@ -101,8 +120,9 @@ GEM
|
|||||||
treetop (~> 1.4.8)
|
treetop (~> 1.4.8)
|
||||||
method_source (0.8.1)
|
method_source (0.8.1)
|
||||||
mime-types (1.22)
|
mime-types (1.22)
|
||||||
minitest (5.0.2)
|
minitest (4.7.5)
|
||||||
multi_json (1.7.2)
|
multi_json (1.7.2)
|
||||||
|
nokogiri (1.5.10)
|
||||||
polyglot (0.3.3)
|
polyglot (0.3.3)
|
||||||
powder (0.2.0)
|
powder (0.2.0)
|
||||||
thor (>= 0.11.5)
|
thor (>= 0.11.5)
|
||||||
@@ -139,6 +159,17 @@ GEM
|
|||||||
rb-fsevent (0.9.3)
|
rb-fsevent (0.9.3)
|
||||||
rdoc (3.12.2)
|
rdoc (3.12.2)
|
||||||
json (~> 1.4)
|
json (~> 1.4)
|
||||||
|
rspec-core (2.14.4)
|
||||||
|
rspec-expectations (2.14.0)
|
||||||
|
diff-lcs (>= 1.1.3, < 2.0)
|
||||||
|
rspec-mocks (2.14.2)
|
||||||
|
rspec-rails (2.14.0)
|
||||||
|
actionpack (>= 3.0)
|
||||||
|
activesupport (>= 3.0)
|
||||||
|
railties (>= 3.0)
|
||||||
|
rspec-core (~> 2.14.0)
|
||||||
|
rspec-expectations (~> 2.14.0)
|
||||||
|
rspec-mocks (~> 2.14.0)
|
||||||
ruby2ruby (2.0.3)
|
ruby2ruby (2.0.3)
|
||||||
ruby_parser (~> 3.1)
|
ruby_parser (~> 3.1)
|
||||||
sexp_processor (~> 4.0)
|
sexp_processor (~> 4.0)
|
||||||
@@ -167,6 +198,7 @@ GEM
|
|||||||
treetop (1.4.12)
|
treetop (1.4.12)
|
||||||
polyglot
|
polyglot
|
||||||
polyglot (>= 0.3.1)
|
polyglot (>= 0.3.1)
|
||||||
|
trollop (2.0)
|
||||||
tzinfo (0.3.37)
|
tzinfo (0.3.37)
|
||||||
uglifier (2.0.1)
|
uglifier (2.0.1)
|
||||||
execjs (>= 0.3.0)
|
execjs (>= 0.3.0)
|
||||||
@@ -180,21 +212,24 @@ PLATFORMS
|
|||||||
ruby
|
ruby
|
||||||
|
|
||||||
DEPENDENCIES
|
DEPENDENCIES
|
||||||
|
aruba
|
||||||
bcrypt-ruby
|
bcrypt-ruby
|
||||||
brakeman
|
brakeman
|
||||||
bundler-audit
|
bundler-audit
|
||||||
coffee-rails (~> 3.2.1)
|
coffee-rails (~> 3.2.1)
|
||||||
foreman
|
foreman
|
||||||
|
gauntlt
|
||||||
guard-brakeman
|
guard-brakeman
|
||||||
guard-livereload
|
guard-livereload
|
||||||
guard-shell
|
guard-shell
|
||||||
jquery-fileupload-rails
|
jquery-fileupload-rails
|
||||||
jquery-rails
|
jquery-rails
|
||||||
minitest
|
minitest (~> 4.0)
|
||||||
powder
|
powder
|
||||||
rack-livereload
|
rack-livereload
|
||||||
rails (= 3.2.13)
|
rails (= 3.2.13)
|
||||||
rb-fsevent
|
rb-fsevent
|
||||||
|
rspec-rails
|
||||||
sass-rails (~> 3.2.3)
|
sass-rails (~> 3.2.3)
|
||||||
sqlite3
|
sqlite3
|
||||||
uglifier (>= 1.0.3)
|
uglifier (>= 1.0.3)
|
||||||
|
|||||||
@@ -0,0 +1,11 @@
|
|||||||
|
# simplest.attack
|
||||||
|
Feature: simplest attack possible
|
||||||
|
Scenario:
|
||||||
|
When I launch a "generic" attack with:
|
||||||
|
"""
|
||||||
|
ls -a
|
||||||
|
"""
|
||||||
|
Then the output should contain:
|
||||||
|
"""
|
||||||
|
.
|
||||||
|
"""
|
||||||
@@ -0,0 +1,39 @@
|
|||||||
|
# This file is copied to spec/ when you run 'rails generate rspec:install'
|
||||||
|
ENV["RAILS_ENV"] ||= 'test'
|
||||||
|
require File.expand_path("../../config/environment", __FILE__)
|
||||||
|
require 'minitest/autorun'
|
||||||
|
require 'rspec/rails'
|
||||||
|
require 'rspec/autorun'
|
||||||
|
|
||||||
|
# Requires supporting ruby files with custom matchers and macros, etc,
|
||||||
|
# in spec/support/ and its subdirectories.
|
||||||
|
Dir[Rails.root.join("spec/support/**/*.rb")].each { |f| require f }
|
||||||
|
|
||||||
|
RSpec.configure do |config|
|
||||||
|
# ## Mock Framework
|
||||||
|
#
|
||||||
|
# If you prefer to use mocha, flexmock or RR, uncomment the appropriate line:
|
||||||
|
#
|
||||||
|
# config.mock_with :mocha
|
||||||
|
# config.mock_with :flexmock
|
||||||
|
# config.mock_with :rr
|
||||||
|
|
||||||
|
# Remove this line if you're not using ActiveRecord or ActiveRecord fixtures
|
||||||
|
config.fixture_path = "#{::Rails.root}/spec/fixtures"
|
||||||
|
|
||||||
|
# If you're not using ActiveRecord, or you'd prefer not to run each of your
|
||||||
|
# examples within a transaction, remove the following line or assign false
|
||||||
|
# instead of true.
|
||||||
|
config.use_transactional_fixtures = true
|
||||||
|
|
||||||
|
# If true, the base class of anonymous controllers will be inferred
|
||||||
|
# automatically. This will be the default behavior in future versions of
|
||||||
|
# rspec-rails.
|
||||||
|
config.infer_base_class_for_anonymous_controllers = false
|
||||||
|
|
||||||
|
# Run specs in random order to surface order dependencies. If you find an
|
||||||
|
# order dependency and want to debug it, you can fix the order by providing
|
||||||
|
# the seed, which is printed after each run.
|
||||||
|
# --seed 1234
|
||||||
|
config.order = "random"
|
||||||
|
end
|
||||||
Reference in New Issue
Block a user