Add a separate rake task and GitHub Action to lint exploit metadata.

.github/workflows/ci.yml

@@ -17,6 +17,20 @@ jobs:
       - name: Run rubocop
         run: bundle exec rubocop --parallel
 
+  # exploits linting
+  lint_exploits:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.0
+      - name: Install dependencies
+        run: bundle install --jobs 4 --retry 3
+      - name: Lint exploits
+        run: 'bundle exec rake lint:exploits'
+
   # test suite
   tests:
     runs-on: ubuntu-latest

Rakefile

@@ -24,4 +24,14 @@ YARD::Rake::YardocTask.new
 require 'rspec/core/rake_task'
 RSpec::Core::RakeTask.new
 
-task :test => :spec
+namespace :lint do
+  desc "Lint exploits"
+  RSpec::Core::RakeTask.new(:exploits) do |t|
+    t.pattern    = 'lint/exploits_spec.rb'
+    t.rspec_opts = ['--format', 'progress']
+  end
+end
+task :lint => 'lint:exploits'
+
+task :test => [:lint, :spec]
+task :default => :test

spec/exploits/exploit_examples.rb → lint/exploits_spec.rb

@@ -1,28 +1,31 @@
 require 'rspec'
+require 'ronin/exploits/registry'
 
-RSpec.shared_examples_for 'Exploit metadata' do
-  describe "metadata" do
-    subject { described_class }
+Dir.glob('exploits/{**/}*.rb') do |path|
+  exploit_id = path.sub('exploits/','').chomp('.rb')
+
+  describe(exploit_id) do
+    before(:all) { load(path) }
+
+    subject { Ronin::Exploits.registry[exploit_id] }
 
     let(:url_regex) { URI::DEFAULT_PARSER.make_regexp(%w[http https]) }
 
+    it "must register an exploit for #{exploit_id}" do
+      expect(subject).to_not be(nil)
+    end
+
     describe "id" do
-      it "must define an id" do
-        expect(subject.id).to_not be(nil)
-        expect(subject.id).to be_kind_of(String)
-        expect(subject.id).to_not be_empty
+      it "must define an id that matches it's file name" do
+        expect(subject.id).to eq(exploit_id)
       end
 
       it "must not contain whitespace" do
         expect(subject.id).to_not match(/\s/), "id contains whitespace"
       end
 
       it "must be of the form '<product>/CVE-YYYY-XXXX'" do
-        expect(subject.id).to match(%r{\A[^/]+/CVE-\d{4}-\d{4,5}\z}), "did not match '<product>/CVE-YYYY-XXXX'"
-      end
-
-      it "must call register with the id" do
-        expect(Ronin::Exploits.registry[subject.id]).to be(subject)
+        expect(subject.id).to match(%r{\A(?:[^/]+/)+CVE-\d{4}-\d{4,5}\z}), "did not match '<product>/CVE-YYYY-XXXX'"
       end
     end
 

spec/exploits/d-link/CVE-2024-3273_spec.rb

@@ -1,7 +1,6 @@
 require 'spec_helper'
-require_relative '../exploit_examples'
-require_relative '../../../exploits/d-link/CVE-2024-3273'
+require './exploits/d-link/CVE-2024-3273'
 
 describe Ronin::Exploits::CVE_2024_3273 do
-  include_context "Exploit metadata"
+  it "#launch"
 end

spec/exploits/flowmon/CVE-2024-2389_spec.rb

@@ -1,7 +1,6 @@
 require 'spec_helper'
-require_relative '../exploit_examples'
-require_relative '../../../exploits/flowmon/CVE-2024-2389'
+require './exploits/flowmon/CVE-2024-2389'
 
 describe Ronin::Exploits::CVE_2024_2389 do
-  include_context "Exploit metadata"
+  it "#launch"
 end

spec/exploits/ivanti/CVE-2024-21887_spec.rb

@@ -1,7 +1,6 @@
 require 'spec_helper'
-require_relative '../exploit_examples'
-require_relative '../../../exploits/ivanti/CVE-2024-21887'
+require './exploits/ivanti/CVE-2024-21887'
 
 describe Ronin::Exploits::CVE_2024_21887 do
-  include_context "Exploit metadata"
+  it "#launch"
 end

spec/exploits/sophos/CVE-2023-1671_spec.rb

@@ -1,7 +1,6 @@
 require 'spec_helper'
-require_relative '../exploit_examples'
-require_relative '../../../exploits/sophos/CVE-2023-1671'
+require './exploits/sophos/CVE-2023-1671'
 
 describe Ronin::Exploits::CVE_2024_3273 do
-  include_context "Exploit metadata"
+  it "#launch"
 end