Luke Imhoff
20177c7c23
Restore backup database.yml when retesting after interrupt
...
MSP-11153
Restore the config/database.yml backed up to
config/database.yml.cucumber.bak in the db:config:restore task, which is
made a dependency of the environment rake task so that
config/database.yml is restored before Rails tries to use it in the
environment task. This specifically, allows for rake cucumber to be
interrupted when the config/database.yml has been moved to
config/database.yml.cucumber.bak and a subsequence rake cucumber to
succeed and restore config/database.yml, but any task that depends on
environment will restore the config/database.yml.
2014-08-28 15:20:53 -05:00
nnam
02bbd53b82
Fix failure messages for check().
2014-08-28 12:09:35 -07:00
Luke Imhoff
7a8d7a38d1
Remove debugging 'puts'
...
MSP-11153
2014-08-28 13:48:46 -05:00
Nicholas Nam
6c90a50e47
Handle res.nil case in check(). Revert check for res.nil in
...
execute_command() because it was failing prior to the reverse_shell
connecting.
2014-08-28 10:57:52 -07:00
Nicholas Nam
0788ce9745
Removed unused require and import. Handle the res.nil case in
...
execute_command() and authenticate().
2014-08-28 10:30:30 -07:00
sinn3r
f097ef96e0
Use &&
2014-08-28 12:13:03 -05:00
sinn3r
d0d9949d91
Do SSL options correctly
2014-08-28 12:04:14 -05:00
Luke Imhoff
5ab8fcd026
Remove realpath call from expected user_configurations_pathname
...
MSP-11153
realpath is not used in the actual code anymore because it doesn't work
for non-existent paths.
2014-08-28 11:51:25 -05:00
jvazquez-r7
58091b9e2b
Land #3708 , @pedrib fix for manage_engine_dc_pmp_sqli
2014-08-28 10:47:03 -05:00
jvazquez-r7
d8c15766bd
Land #3567 @OJ's fixes to the MQAC local exploit solving conflicts
2014-08-28 10:19:47 -05:00
jvazquez-r7
9d3d25a3b3
Solve conflicts
2014-08-28 10:19:12 -05:00
Spencer McIntyre
dd8690323a
Land #3722 , fix typos in openssl ccs scanner
2014-08-28 10:50:18 -04:00
Matt Andreko
784ece574e
Found additional typos.
2014-08-28 09:03:19 -05:00
Matt Andreko
cb634cfef3
Fixed annoying typo that shows up in validation screenshots
2014-08-28 08:50:30 -05:00
Luke Imhoff
188f5d012a
Add scenario for no database.yml
...
MSP-11153
2014-08-27 22:02:16 -05:00
Luke Imhoff
7453f6fa3a
Project "database.yml" scenario
...
MSP-11153
2014-08-27 21:47:31 -05:00
Luke Imhoff
e6750b985c
Add 'the' to make steps read better
...
MSP-11153
2014-08-27 21:38:46 -05:00
Luke Imhoff
972470c241
Ensure a fake project database.yml is used for scenarios
...
MSP-11153
Ensures that cucumber still works if config/database.yml is not set and
so other location is being used to run cucumber.
2014-08-27 21:36:23 -05:00
Luke Imhoff
496865e591
Order database.yml definitions to match precedence
...
MSP-11153
2014-08-27 21:15:00 -05:00
Luke Imhoff
d752cdccf6
Remove unneeded command_line.yml
...
MSP-11153
Remove definition of command_line.yml in scenarios that don't use --yaml
flag.
2014-08-27 21:09:49 -05:00
Luke Imhoff
b701ba5dcf
~/.msf4/database.yml scenario
...
MSP-11153
2014-08-27 20:57:08 -05:00
Luke Imhoff
b1e745aa16
MSF_DATABASE_CONFIG scenario
...
MSP-11153
2014-08-27 20:33:52 -05:00
Tod Beardsley
6d45f75b47
Land #3690 , credential_collect refactor
...
@TomSellers strikes again!
2014-08-27 18:31:59 -05:00
Tom Sellers
9b0c5dfb0c
Minor fix
2014-08-27 18:31:13 -05:00
sinn3r
0ba2f1e457
Leave a note about the old empty password issue
2014-08-27 17:06:11 -05:00
Luke Imhoff
275fa5cb50
Remove unnecessary return
...
MSP-11153
Leftover from earlier design.
2014-08-27 16:58:45 -05:00
Luke Imhoff
83b6f268b4
Remove unnecessary realpath
...
MSP-11153
Causes errors on machines that don't have ~/.msf4 like travis-ci.
2014-08-27 16:58:05 -05:00
sinn3r
d5b70cca24
"Auth bypass" does not really describe what the feature actually does
2014-08-27 16:56:07 -05:00
Luke Imhoff
2b2d9085d3
Add cucumber to test matrix
...
MSP-11153
2014-08-27 16:50:25 -05:00
Luke Imhoff
bfc509c18a
Add feature that tests --yaml is favored over others
...
MSP-11153
2014-08-27 16:46:23 -05:00
sinn3r
df215a380d
Do not send 2 content-length headers
2014-08-27 16:05:08 -05:00
sinn3r
a32ffc4c26
Add the final portion for Glassfish login module
2014-08-27 15:09:11 -05:00
Luke Imhoff
1857c6ae39
Add aruba
...
MSP-11153
aruba adds steps for testing commandline applications with cucumber.
2014-08-27 14:22:20 -05:00
Luke Imhoff
2f48f7c48c
rails generate cucumber:install
...
MSP-11153
Add cucumber-rails for testing msfconsole's loading of database.yml from
different paths.
2014-08-27 14:10:04 -05:00
Luke Imhoff
951ce15b44
Move database.yml selection to Metasploit::Framework::Database
...
MSP-11153
Test the following paths in order and only return them if the path
exists:
1. MSF_DATABASE_CONFIG environment variable
2. ~/.msf4/database.yml
3. <project>/config/database.yml
2014-08-27 12:01:43 -05:00
sinn3r
633eaab466
Land #3714 - Firefox 22-27 WebIDL Privileged Javascript Injection
2014-08-27 01:45:18 -05:00
sinn3r
5d8cbe0544
Early version of Glassfish using LoginScanner
2014-08-27 01:23:02 -05:00
Joe Vennix
26cfed6c6a
Rename exploit module.
2014-08-26 23:05:41 -05:00
Tod Beardsley
bf2c390ff4
Land fix for #3712 typo
2014-08-26 20:38:00 -05:00
Joe Vennix
96276aa6fa
Get the disclosure date right.
2014-08-26 20:36:58 -05:00
Tod Beardsley
c045c9606c
Fix typo in PR #3712
...
Fixes the typo pointed out in
rapid7#3712#discussion_r16750554
Derp
2014-08-26 20:36:28 -05:00
Joe Vennix
52f33128cd
Add Firefox WebIDL Javascript exploit.
...
Also removes an incorrect reference from another FF exploit.
2014-08-26 20:35:17 -05:00
Jon Hart
1f35c0ff1c
Merge #3713 , @hmoore-r7's SIP cleanup of my SIP cleanup
2014-08-26 17:52:35 -07:00
Jon Hart
316a952e9c
Make SIP note, service and print output more similar
2014-08-26 17:47:31 -07:00
dmaloney-r7
8d26b66e2f
Merge pull request #3689 from TomSellers/loginpalooza/vmauthd-creds-update
...
Credential Gem: LoginScanner - vmauthd_login ( Rebase of PR 3608)
2014-08-26 18:43:12 -05:00
Tom Sellers
4a1b037af0
Remaining files..
2014-08-26 18:15:58 -05:00
Tom Sellers
d5e39ae284
Adjustments for new LoginScanner code
2014-08-26 18:13:00 -05:00
jvazquez-r7
b37e1a5421
Solve conflicts
2014-08-26 17:51:37 -05:00
Tod Beardsley
fe99f4b6e7
Land #3712 , a nicer exploit-checker for msftidy
2014-08-26 16:59:56 -05:00
jvazquez-r7
0d9d722525
skip examples pending of pivotaltracker 38730815
2014-08-26 16:49:13 -05:00