Commit Graph

339 Commits (080ea3e56abf5a60acec8ef36d9c56a784623008)

Author SHA1 Message Date
James Lee e8e5a7f72b
Add initial stab at LoginScanner::HTTP 2014-04-30 00:55:45 -05:00
Lance Sanchez ddee401e27
Merge branch 'feature/MSP-9684/sshkey_loginscanner' into staging/electro_release
MSP-9684 #land
2014-04-29 15:21:56 -05:00
David Maloney 5c24eab526
add snmp specific behaviour
add the snmp specific attempt_login behaviour
to gear this login scanner to the right protocol.
2014-04-29 14:08:30 -05:00
David Maloney f1105ebe48
basic template copypasta
copy the ssh scanner as a template to
start the SNMP scanner from
2014-04-29 10:14:23 -05:00
David Maloney 00b9c99c89
fix class documentation copypasta 2014-04-29 10:13:11 -05:00
David Maloney 08b2974454
fix class documentation 2014-04-29 10:12:26 -05:00
David Maloney 0fcfb9d655
add proxies to ssh scanner
allow the SSH LoginScanner
to accept a proxy directive
2014-04-25 14:22:21 -05:00
David Maloney 35a039848c
add sshkey loginscanner
added the loginscanner class for SSHKey and
the base specs
2014-04-25 14:21:08 -05:00
David Maloney 2346d583ed
touchups and specsfor FTP Scanner
add some final touchups and specs to the FTP
Loginscanner object. now fully working.
2014-04-25 11:02:15 -05:00
David Maloney 838a444b23
first pass of FTP LoginScanner
made the first pass at the ftp
LoginScanner, with base specs.
Need to still tierate, add more new
specs and clean it up
2014-04-25 10:14:48 -05:00
David Maloney 1f9cf8c68f
add the mixins for tcp and ftp
skimmed down, non-module dependent mixins
for TCP client and Ftp client. neccesary for
loginscanner work
2014-04-24 13:39:04 -05:00
David Maloney 3a66723741
nake scan! more generic
scan! can now be reused for each scanner and
only attempt_login is specific for each thing.
2014-04-24 09:43:39 -05:00
David Maloney ed8f87d3cf
allow scan! to take a blcok
by allowing scan! to take block
and yield the result of each attempt
we can do things like have a module print out
status messages
2014-04-23 12:41:10 -05:00
David Maloney d25f0d8f6c
cash host resolution
if we successfuly resolve the host during
the validation, then alter host to the resolved
address to avoid the overhead of subsequent
DNS requests.
2014-04-22 15:34:16 -05:00
David Maloney 0439569ffb
more documentation work
added some more YARD docs
2014-04-22 11:48:14 -05:00
David Maloney a613d044f5
more cleanup work
some code and documentation DRY work
2014-04-22 11:38:24 -05:00
David Maloney bc092af855
Fix credential docs
expanded return types for the Credential
object to be more accurate
2014-04-22 11:05:12 -05:00
David Maloney b731889c79
add class level documentation
add some comments for YARD to have class
level documentation for each class
2014-04-22 10:59:28 -05:00
David Maloney 526bb4989a
more explicit requires
LoginScanner module brings in all the deps
while the individual classes require
the module then to get their deps.
2014-04-22 10:28:01 -05:00
David Maloney 645eef51b7
Rename CredDetail to Credential
it was felt this was better naming
for the class. Refactored all occurence
2014-04-22 10:25:36 -05:00
David Maloney f079d3f3a9
move requires into module
move all the requires into the LoginScanner
module area to clean up requires
2014-04-21 19:14:50 -05:00
David Maloney 9c6528f13f
use the CredDetail class
now that we have the new CredDetail
class, use it instead of hashes
2014-04-21 18:58:23 -05:00
David Maloney 1a6ef8dced
allow for balnk passwords
have to alter validation slightly
to allow for blank passwords
2014-04-21 18:57:28 -05:00
David Maloney fd1777a79f
add CredDetail class
rather than passing dumb hashes around
added a CredDetail class that comes
with it's own conditional validations
2014-04-21 18:26:38 -05:00
David Maloney de2bb7d66c
dd tests for #scan!
the scan! method is mostly done
and has unit tests
2014-04-21 17:59:50 -05:00
David Maloney 2e11f80a98
refactor to use Result class
we now use a Result class to handle
all result codes from the login attempt
2014-04-21 15:35:16 -05:00
David Maloney d313047532
add loginscanner result class
add a result class to have more
tightly defined return values from
the loginscanner classes
2014-04-21 15:11:56 -05:00
David Maloney aa1d1be786
do not create sessions with scanner
the session creation behaviour is
currently inextricably linked to module
behaviour. We will have our scanner class
only return success status. The calling module
will be responsible for opening sessions afterwards.
2014-04-21 11:38:48 -05:00
David Maloney 7571fe1f68
fix host validation
host validation was buggy, fixed it
2014-04-21 11:34:40 -05:00
David Maloney 9a15a2be04
basic login attempt functionality
groundowkr now layed for trying
authentication attempts on the
SSH LoginScanner, with test coverage
2014-04-18 20:08:28 -05:00
David Maloney 85349ccec4
SSH connection exception handling
added in the exception handling
around the Net::SSH conenction
in attempt_login
2014-04-18 18:13:05 -05:00
David Maloney 17b4d4a416
Add more attributes and validations
Added some more attributes neccesary
for the actual running of the login scan
as well as accompanying validations and
specs
2014-04-18 16:23:35 -05:00
David Maloney 756488b581
last of the validations
finalized validation for SSH lgoinscanner
2014-04-16 13:34:23 -05:00
David Maloney bf20ed5812
add validations for cred_details
Adds validator for the cred_details
attribute on the SSH Login Scanner.
Makes sure propper input is always supplied
for the scanner.
2014-04-16 13:20:14 -05:00
David Maloney 434391c308
add host validations to ssh scanner
add validations to the :host attribute
on the SSH LoginScanner
2014-04-16 10:26:00 -05:00
David Maloney 02a17b8612
namespace change to Metasploit
chaning the code to live in the namespace of
Metasploit::Framework instead of Msf::Auxiliary

MSP-9683
2014-04-15 17:11:25 -05:00
Tab Assassin 7e5e0f7fc8 Retab lib 2013-08-30 16:28:33 -05:00
Luke Imhoff 0bb79ba890 Msf::DBManager#import_msf_xml refactor
[#46491831]

Move Msf::DBManager#import_msf_xml into
Msf::DBManager::ImportMsfXml#import_msf_xml and include
Msf::DBManager::ImportMsfXml to cut down size of the infamous db.rb.
Break up #import_msf_xml to have separate methods for parsing web_forms,
web_pages, and web_vulns.  The method for
web_vulns, #import_msf_web_vuln_element is needed so that it can be overridden in
Pro to handle the Pro-only changes to Mdm::WebVuln.
2013-04-01 16:06:40 -05:00
Luke Imhoff f1a4fd937a Specs for activerecord patch
[#46141013]

Spec the desired behavior for ConnectionPool prior to removing the patch
to sync with upstream 3.2.12.
2013-03-18 11:01:45 -05:00