e5276d111d
Merge branch 'staging/electro_release' into feature/login_scanner/snmp
...
Conflicts:
lib/metasploit/framework/login_scanner/result.rb
2014-04-30 10:21:35 -05:00
ddee401e27
Merge branch 'feature/MSP-9684/sshkey_loginscanner' into staging/electro_release
...
MSP-9684 #land
2014-04-29 15:21:56 -05:00
e8ea6a86b5
add specs for snmp
...
add specs for the snmp loginscanner
and modify the specs to Result class
to account for the access_level attribute
2014-04-29 14:49:35 -05:00
c02fb21c3b
Finalized specs for sshkey
...
shkey loginscanner now compelte along
with specs
2014-04-25 15:20:33 -05:00
9964548b41
Amend spec for db_import help
2014-04-25 14:28:29 -05:00
e2d6a57db1
fix spec filename
...
had an extra underscore
2014-04-25 14:27:10 -05:00
0fcfb9d655
add proxies to ssh scanner
...
allow the SSH LoginScanner
to accept a proxy directive
2014-04-25 14:22:21 -05:00
35a039848c
add sshkey loginscanner
...
added the loginscanner class for SSHKey and
the base specs
2014-04-25 14:21:08 -05:00
2346d583ed
touchups and specsfor FTP Scanner
...
add some final touchups and specs to the FTP
Loginscanner object. now fully working.
2014-04-25 11:02:15 -05:00
838a444b23
first pass of FTP LoginScanner
...
made the first pass at the ftp
LoginScanner, with base specs.
Need to still tierate, add more new
specs and clean it up
2014-04-25 10:14:48 -05:00
3a66723741
nake scan! more generic
...
scan! can now be reused for each scanner and
only attempt_login is specific for each thing.
2014-04-24 09:43:39 -05:00
36dd10e1c2
add the renamed spec
...
renamed spec for credential class
forgot to add it
2014-04-22 11:05:58 -05:00
526bb4989a
more explicit requires
...
LoginScanner module brings in all the deps
while the individual classes require
the module then to get their deps.
2014-04-22 10:28:01 -05:00
645eef51b7
Rename CredDetail to Credential
...
it was felt this was better naming
for the class. Refactored all occurence
2014-04-22 10:25:36 -05:00
f079d3f3a9
move requires into module
...
move all the requires into the LoginScanner
module area to clean up requires
2014-04-21 19:14:50 -05:00
9c6528f13f
use the CredDetail class
...
now that we have the new CredDetail
class, use it instead of hashes
2014-04-21 18:58:23 -05:00
1a6ef8dced
allow for balnk passwords
...
have to alter validation slightly
to allow for blank passwords
2014-04-21 18:57:28 -05:00
fd1777a79f
add CredDetail class
...
rather than passing dumb hashes around
added a CredDetail class that comes
with it's own conditional validations
2014-04-21 18:26:38 -05:00
de2bb7d66c
dd tests for #scan!
...
the scan! method is mostly done
and has unit tests
2014-04-21 17:59:50 -05:00
2e11f80a98
refactor to use Result class
...
we now use a Result class to handle
all result codes from the login attempt
2014-04-21 15:35:16 -05:00
d313047532
add loginscanner result class
...
add a result class to have more
tightly defined return values from
the loginscanner classes
2014-04-21 15:11:56 -05:00
aa1d1be786
do not create sessions with scanner
...
the session creation behaviour is
currently inextricably linked to module
behaviour. We will have our scanner class
only return success status. The calling module
will be responsible for opening sessions afterwards.
2014-04-21 11:38:48 -05:00
9a15a2be04
basic login attempt functionality
...
groundowkr now layed for trying
authentication attempts on the
SSH LoginScanner, with test coverage
2014-04-18 20:08:28 -05:00
85349ccec4
SSH connection exception handling
...
added in the exception handling
around the Net::SSH conenction
in attempt_login
2014-04-18 18:13:05 -05:00
17b4d4a416
Add more attributes and validations
...
Added some more attributes neccesary
for the actual running of the login scan
as well as accompanying validations and
specs
2014-04-18 16:23:35 -05:00
613612eecb
Merge branch 'master' into feature/ssh_login_scanner
2014-04-18 11:16:18 -05:00
756488b581
last of the validations
...
finalized validation for SSH lgoinscanner
2014-04-16 13:34:23 -05:00
bf20ed5812
add validations for cred_details
...
Adds validator for the cred_details
attribute on the SSH Login Scanner.
Makes sure propper input is always supplied
for the scanner.
2014-04-16 13:20:14 -05:00
434391c308
add host validations to ssh scanner
...
add validations to the :host attribute
on the SSH LoginScanner
2014-04-16 10:26:00 -05:00
7a4e12976c
First little bit at Bug 8498
...
[FixRM #8489 ] rhost/rport modification
2014-04-15 18:20:16 -05:00
60c879c824
specs for port validation
...
created specs for port validation
MSP-9683
2014-04-15 17:25:55 -05:00
02a17b8612
namespace change to Metasploit
...
chaning the code to live in the namespace of
Metasploit::Framework instead of Msf::Auxiliary
MSP-9683
2014-04-15 17:11:25 -05:00
3c9507c30c
Adds invalid exception class
...
adds an invalid exception class to the
LoginScanner namespace.
MSP-9683
2014-04-15 13:23:24 -05:00
e4a61e2730
Fix Module.new bug and test for vhost
2014-04-14 18:01:13 -05:00
7b6b94acd5
Land #3247 - Revert #3224 jsobfu string size fixes
2014-04-12 00:58:27 -05:00
e09f887c4c
Revert "Fixes large-string expansion in JSObfu."
...
This reverts commit 14fed8c610
2014-04-11 16:51:47 -05:00
68a50e3663
Land #3224 - Fixes large-string expansion in JSObfu
2014-04-10 12:09:22 -05:00
ea8c15ba47
Land #3241 back into master
2014-04-11 15:08:01 -05:00
bbc72c3e1c
Update spec to reflect the correct version.
2014-04-11 12:29:26 -05:00
14fed8c610
Fixes large-string expansion in JSObfu.
2014-04-09 15:45:48 -05:00
9779913060
Land #3184 , Rex::Proto::Http::Client IOError fix
2014-04-03 15:58:50 -05:00
3504ddc633
Fix http spec.
2014-04-03 14:50:54 -05:00
92c6113a7c
Fix broken spec for Rex::Text.randomize_space
2014-04-02 11:48:50 -05:00
8ab03f3aeb
Use Array#sample in randomize_space
2014-04-01 14:09:07 -05:00
ec7bb6de54
Land #2969 , random name generator for phishing
2014-04-01 13:00:55 -05:00
35d3e064b2
Update spec for #3162
2014-03-28 21:18:26 -05:00
355cda0a43
Add specs for random name and e-mail methods
...
Babby's first RSpec. Style is consistent with the rest of the tests.
2014-03-28 16:47:52 -05:00
617e916511
fix specs from change
...
spec changes to go with the previous code change
2014-03-18 13:52:17 -05:00
b431bf3da9
Land #3052 - Fix nil error in BES
2014-03-11 12:51:03 -05:00
78393057fe
Fix failing spec
2014-03-10 16:40:46 -05:00
5790547d34
Start undoing some work.
2014-03-04 17:01:53 -06:00
2a87973d3c
Use be instead of eq.
2014-03-03 21:55:12 -06:00
a382b78f80
Oops, $ and _ need to be in the spec.
...
* Repeats the random check 20 times for each spec.
2014-03-03 21:54:09 -06:00
bfecf9525d
Add Rex::RandomIdentifierGenerator.
2014-03-03 16:43:49 -06:00
e8b10db73b
Dropped a space.
2014-03-03 15:48:44 -06:00
1352e5eacb
Add presence spec.
2014-03-03 15:47:30 -06:00
b3ab8f7ce1
Make random_var_name public, add specs for it.
2014-03-03 15:39:56 -06:00
6574a06bc3
Whitespace fix.
2014-03-02 20:55:07 -06:00
4514e32df8
Remove spec changes, oops.
2014-03-02 20:54:22 -06:00
894d16af80
Add specs for new/returning/previous visitors.
2014-03-02 20:50:10 -06:00
b458b8ad63
Add specs for new methods.
2014-03-02 20:23:20 -06:00
8be99fc299
Fix payload_generator.format_payload rspec
...
The platform should match.
2014-02-25 16:37:21 -06:00
a098c08f2f
pend out bad spec
2014-02-13 15:44:05 -06:00
508f251db2
add cli compat
...
add cli capability to putut verbose info to the console
2014-02-05 11:00:57 -06:00
fc9105d862
final generation and specs
...
generation wrapped method complete with specs
2014-02-04 17:52:20 -06:00
4dcae920f8
add specs for generate_java_payload
...
pretty self-explanatory
2014-02-04 17:40:59 -06:00
70d8246791
finish wiring up the final generation
...
formating and main generate methods wired up
still need to add some final tests
2014-02-04 15:52:18 -06:00
c8b7dc30b4
added encoding routines
...
now has a method for encoding the shellcode
and tests to go with
2014-02-03 17:51:22 -06:00
3b648346da
starting in on encoders
...
added get_encoders method to find propper encoders
started on encode_payload, incomplete
added specs
2014-02-03 00:59:08 -06:00
4a82bc74cf
added nop sled generator
...
added code to prepend a nop sled
with tests to match
2014-02-02 22:51:12 -06:00
3e945418df
specs for added shellcode
...
add specs around adding extra shellcode to the payload
2014-02-02 22:17:52 -06:00
bb5f5542f0
generating raw payload bits now
...
added raw payload generation, arch selection,
and specs for everything thus far
2014-02-02 21:09:17 -06:00
f9c31f988e
test platform selection
...
added tests around platform selection
2014-02-02 16:52:41 -06:00
f5d730e874
write specs around initialiser
...
added specs around object initialisation
2014-02-02 16:05:11 -06:00
e265d6f54c
begining of payload generator
...
started basics of generator
started adding specs
added option to simple framework to disable logging
2014-02-02 14:35:16 -06:00
0a3ee573bc
Uncomment spec_helper require
2014-01-22 11:58:10 -06:00
2b7a993f65
Land #2902 , updated PJL spec
2014-01-22 11:57:28 -06:00
90207628cc
Land #2666 , SSLCompression option
...
[SeeRM #823 ], where Stephen was asking for SSL compression for
Meterpreter -- this isn't that, but it's at least now possible for other
Metasploit functionality.
2014-01-22 10:42:13 -06:00
1c1597973e
Update PJL rspec to comply with guidelines
...
Basically the updated version is more explicit. If a moethod doesn't
return anything but might raise an error, then we focus on that.
Also use . to # for instance methods.
2014-01-22 03:34:49 -06:00
a1eba03d1f
Land #2725 - Rex::Proto::PJL plus modules
2014-01-16 15:57:38 -06:00
6110ad72b3
Update tests and ensure full coverage
2014-01-16 15:11:04 -06:00
41807d7e4e
move rev_http uri checksum code
...
need access to the uri checksum
routines outside of the handler.
moved them to their own mixin
and then mixed into the handler.
added specs also
2014-01-13 15:18:16 -06:00
7b206d6094
Ensure full coverage
2014-01-12 23:10:47 -06:00
f9fc54980a
retab
2014-01-12 22:54:43 -06:00
b8dd4b08c8
Add rspec
2014-01-12 22:53:11 -06:00
cacd7ff9d4
Land #2827 - Add firefox js xpcom payloads for universal ff shells
2014-01-10 14:29:32 -06:00
b43a221959
Land #2855 , Rex::Socket refactor and specs
2014-01-09 16:20:50 -06:00
442c98bc05
Add spec for fixed bug
2014-01-09 15:18:03 -06:00
1519af33f5
Refactor `getaddress` in terms of `getaddresses`
2014-01-09 11:03:24 -06:00
01f350964f
Add specs for some stuff in Rex::Socket
2014-01-09 10:19:19 -06:00
cc51c2033e
Fix unreliable spec
...
Sometimes "localhost" resolves to more than one address
2014-01-08 10:16:32 -06:00
9c23910b69
Refactor Socket::Range
...
There was really no reason for it to inherit from Array. Also adds a few
more specs and gets coverage up to a more respectable percentage.
2014-01-07 16:31:55 -06:00
2ed9772080
Fix unhandled exceptions when resolution fails
2014-01-07 12:00:04 -06:00
a6b25d3323
Add failing spec for invalid hostname bug
2014-01-06 17:49:27 -06:00
d00acccd4f
Remove Java target, since it no longer works.
2014-01-04 21:22:47 -06:00
694cb11025
Add firefox platform, architecture, and payload.
...
* Enables chrome privilege exploits in firefox to run a javascript cmd
shell session without touching the disk.
* Adds a spec for the addon_generator.
2014-01-02 10:48:28 -06:00
ca23b32161
Add support for Procs in browserexploit requirements.
2013-12-19 12:49:05 -06:00
764fd09cc3
Increase duration timeout task manager
...
Sometimes, Jenkins or Travis is slow, and can't hit that 1 second
timeout. This increases to 5 seconds to account for local slowness.
2013-11-25 10:26:51 -06:00
b015dd4f1c
Land #2532 Enum LSA Secrets
...
With refactoring of common methods from smart_hashdump, hashdump,
cachedump to Windows::Post::Privs
2013-11-24 18:09:33 +00:00
3ff9da5643
Remove compression options from client sockets.
...
I couldn't verify that it was working, as it always sends 1 compression type of NULL.
2013-11-20 14:41:45 -06:00
David Maloney
Lance Sanchez
William Vu
sinn3r
Tod Beardsley
joev
James Lee
Meatballs