Commit Graph

405 Commits (172bc450b3f711f3abae5df0a2a4579f2b5567ca)

Author SHA1 Message Date
Joe Vennix e8b10db73b Dropped a space. 2014-03-03 15:48:44 -06:00
Joe Vennix 1352e5eacb Add presence spec. 2014-03-03 15:47:30 -06:00
Joe Vennix b3ab8f7ce1 Make random_var_name public, add specs for it. 2014-03-03 15:39:56 -06:00
Joe Vennix 6574a06bc3 Whitespace fix. 2014-03-02 20:55:07 -06:00
Joe Vennix 4514e32df8 Remove spec changes, oops. 2014-03-02 20:54:22 -06:00
Joe Vennix 894d16af80 Add specs for new/returning/previous visitors. 2014-03-02 20:50:10 -06:00
Joe Vennix b458b8ad63 Add specs for new methods. 2014-03-02 20:23:20 -06:00
sinn3r 8be99fc299 Fix payload_generator.format_payload rspec
The platform should match.
2014-02-25 16:37:21 -06:00
David Maloney a098c08f2f pend out bad spec 2014-02-13 15:44:05 -06:00
David Maloney f7a4dc967d remove obsolete msfvenom spec 2014-02-05 16:38:44 -06:00
David Maloney b3db623277 add shellcode file fixture
add shellcode file fixture for specs
2014-02-05 11:01:40 -06:00
David Maloney 508f251db2 add cli compat
add cli capability to putut verbose info to the console
2014-02-05 11:00:57 -06:00
David Maloney fc9105d862 final generation and specs
generation wrapped method complete with specs
2014-02-04 17:52:20 -06:00
David Maloney 4dcae920f8 add specs for generate_java_payload
pretty self-explanatory
2014-02-04 17:40:59 -06:00
David Maloney 70d8246791 finish wiring up the final generation
formating and main generate methods wired up
still need to add some final tests
2014-02-04 15:52:18 -06:00
David Maloney c8b7dc30b4 added encoding routines
now has a method for encoding the shellcode
and tests to go with
2014-02-03 17:51:22 -06:00
David Maloney 3b648346da starting in on encoders
added get_encoders method to find propper encoders
started on encode_payload, incomplete
added specs
2014-02-03 00:59:08 -06:00
David Maloney 4a82bc74cf added nop sled generator
added code to prepend a nop sled
with tests to match
2014-02-02 22:51:12 -06:00
David Maloney 3e945418df specs for added shellcode
add specs around adding extra shellcode to the payload
2014-02-02 22:17:52 -06:00
David Maloney bb5f5542f0 generating raw payload bits now
added raw payload generation, arch selection,
and specs for everything thus far
2014-02-02 21:09:17 -06:00
David Maloney f9c31f988e test platform selection
added tests around platform selection
2014-02-02 16:52:41 -06:00
David Maloney f5d730e874 write specs around initialiser
added specs around object initialisation
2014-02-02 16:05:11 -06:00
David Maloney e265d6f54c begining of payload generator
started basics of generator
started adding specs
added option to simple framework to disable logging
2014-02-02 14:35:16 -06:00
jvazquez-r7 9db295769d
Land #2905, @wchen-r7's update of exploit checks 2014-01-24 16:49:33 -06:00
Tod Beardsley 2ea3b46988
Remove to_s inside #{} 2014-01-23 14:21:48 -06:00
sinn3r 5073d3201f Update rspec for ms08_067 check
The original version doesn't return a check if the host is invalid,
looks like it was forgotten. The new version will return Unknown
instead.
2014-01-22 16:10:14 -06:00
William Vu 0a3ee573bc Uncomment spec_helper require 2014-01-22 11:58:10 -06:00
William Vu 2b7a993f65
Land #2902, updated PJL spec 2014-01-22 11:57:28 -06:00
Tod Beardsley 90207628cc
Land #2666, SSLCompression option
[SeeRM #823], where Stephen was asking for SSL compression for
Meterpreter -- this isn't that, but it's at least now possible for other
Metasploit functionality.
2014-01-22 10:42:13 -06:00
sinn3r 1c1597973e Update PJL rspec to comply with guidelines
Basically the updated version is more explicit. If a moethod doesn't
return anything but might raise an error, then we focus on that.
Also use . to # for instance methods.
2014-01-22 03:34:49 -06:00
sinn3r a1eba03d1f
Land #2725 - Rex::Proto::PJL plus modules 2014-01-16 15:57:38 -06:00
William Vu 6110ad72b3 Update tests and ensure full coverage 2014-01-16 15:11:04 -06:00
sinn3r ad832adfc1
Land #2846 - Update mipsle shell_bind_tcp shellcode 2014-01-13 17:37:08 -06:00
David Maloney 41807d7e4e move rev_http uri checksum code
need access to the uri checksum
routines outside of the handler.
moved them to their own mixin
and then mixed into the handler.
added specs also
2014-01-13 15:18:16 -06:00
sinn3r 7b206d6094 Ensure full coverage 2014-01-12 23:10:47 -06:00
sinn3r f9fc54980a retab 2014-01-12 22:54:43 -06:00
sinn3r b8dd4b08c8 Add rspec 2014-01-12 22:53:11 -06:00
sinn3r 65b50b236d Put classes under a module 2014-01-12 15:54:56 -06:00
sinn3r 02d5931739 Add method scan_by_checksum for virustotal.rb
Allows the user to scan files based on checksusm (without actually
uploading them to VT)
2014-01-12 15:45:16 -06:00
jvazquez-r7 bd91e36e06
Land #2851, @wchen-r7's virustotal integration 2014-01-10 19:12:56 -06:00
sinn3r cacd7ff9d4
Land #2827 - Add firefox js xpcom payloads for universal ff shells 2014-01-10 14:29:32 -06:00
jvazquez-r7 862f0e27b3 Modify msfvenom spec 2014-01-09 18:30:46 -06:00
William Vu b43a221959
Land #2855, Rex::Socket refactor and specs 2014-01-09 16:20:50 -06:00
James Lee 442c98bc05
Add spec for fixed bug 2014-01-09 15:18:03 -06:00
James Lee 1519af33f5
Refactor `getaddress` in terms of `getaddresses` 2014-01-09 11:03:24 -06:00
James Lee 01f350964f
Add specs for some stuff in Rex::Socket 2014-01-09 10:19:19 -06:00
sinn3r 9ddef2fbc9 Update rpsec and the script 2014-01-08 13:22:38 -06:00
James Lee cc51c2033e
Fix unreliable spec
Sometimes "localhost" resolves to more than one address
2014-01-08 10:16:32 -06:00
sinn3r b7ce3c5812 Add rspec 2014-01-08 02:34:43 -06:00
James Lee 9c23910b69
Refactor Socket::Range
There was really no reason for it to inherit from Array. Also adds a few
more specs and gets coverage up to a more respectable percentage.
2014-01-07 16:31:55 -06:00
James Lee 2ed9772080
Fix unhandled exceptions when resolution fails 2014-01-07 12:00:04 -06:00
James Lee a6b25d3323
Add failing spec for invalid hostname bug 2014-01-06 17:49:27 -06:00
Joe Vennix d00acccd4f Remove Java target, since it no longer works. 2014-01-04 21:22:47 -06:00
Joe Vennix 694cb11025 Add firefox platform, architecture, and payload.
* Enables chrome privilege exploits in firefox to run a javascript cmd
shell session without touching the disk.
* Adds a spec for the addon_generator.
2014-01-02 10:48:28 -06:00
William Vu 59be4316fe
Land #2793, Msf::Util::EXE RSpec failure fix 2014-01-01 21:50:18 -06:00
Timothy Swartz cce354762d Altered case by request 2013-12-31 16:09:11 -08:00
jvazquez-r7 2cc4fa35cf
Land #2785, @todb-r7's support for post modules on msfcli 2013-12-23 12:05:40 -06:00
Timothy Swartz fc792bdaae Fix for Rspec failure in Msf::Util::EXE
[FixRM #8723]
2013-12-21 02:49:44 -07:00
sinn3r 52a4e55804
Land #2781 - Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution 2013-12-20 11:25:50 -06:00
Joe Vennix ca23b32161 Add support for Procs in browserexploit requirements. 2013-12-19 12:49:05 -06:00
sinn3r 709a7bfb99
Land #2754 - Created standalone module for cpassword AES decrypt 2013-12-19 12:13:21 -06:00
sinn3r 284b3507ce Convert gpp_standalone.rb into a standalone script in tools 2013-12-19 12:10:00 -06:00
Tod Beardsley 6422ad2145
Adds ability to load post modules in msfcli
This is mainly important for normal load testing. It'd be unusual to
actually want to use this functionality with msfcli since post modules
already need established sessions in order to do something.

[SeeRM #8719]
2013-12-19 11:53:40 -06:00
Tod Beardsley 764fd09cc3
Increase duration timeout task manager
Sometimes, Jenkins or Travis is slow, and can't hit that 1 second
timeout. This increases to 5 seconds to account for local slowness.
2013-11-25 10:26:51 -06:00
Meatballs b015dd4f1c
Land #2532 Enum LSA Secrets
With refactoring of common methods from smart_hashdump, hashdump,
cachedump to Windows::Post::Privs
2013-11-24 18:09:33 +00:00
Joe Vennix 3ff9da5643 Remove compression options from client sockets.
I couldn't verify that it was working, as it always sends 1 compression type of NULL.
2013-11-20 14:41:45 -06:00
Joe Vennix f8b57d45cd Reenable the client SSLCompression advanced option.
Add spec for some of the additions to Rex::Proto::Http::Client
2013-11-20 01:03:13 -06:00
Tod Beardsley d7b022de5a
Land #2598, offline updates and msfupdate refactor 2013-11-19 15:58:29 -06:00
jvazquez-r7 a79e137a7a Fix db_spec 2013-11-19 14:07:41 -06:00
Brandon Turner e6c43bfe34 Allow stubbing stdin in msfupdate 2013-11-15 17:15:15 -06:00
Brandon Turner 823aa3a6f7 Validate arguments to msfupdate before updating 2013-11-15 17:01:08 -06:00
Brandon Turner 730edc4bf5 Always exit from maybe_wait_and_exit
Previously calling maybe_wait_and_exit wouldn't actually exit.  This was
the wrong behavior.
2013-11-15 17:00:41 -06:00
Brandon Turner 8ea83ed1c6 Test the old wait/nowait behavior 2013-11-15 15:31:01 -06:00
Brandon Turner 314e8fd570 Refactor msfupdate so it is testable 2013-11-15 15:24:35 -06:00
James Lee 0aef145f64 Merge remote-tracking branch 'upstream/master' into land-2532-enum-lsa 2013-11-13 18:11:21 -06:00
James Lee 16627c1bd3
Add spec for capture_lsa_key 2013-11-13 15:16:34 -06:00
Tod Beardsley 5e342debbc
Don't be dopey in the RSpec version matching 2013-11-13 13:04:26 -06:00
Tod Beardsley 3500cf06d4
Add a spec for version checking. 2013-11-13 12:49:57 -06:00
James Lee 3168359a82
Refactor lsa and add a spec for its crypto methods 2013-11-13 11:55:39 -06:00
jvazquez-r7 ef6d9db48f
Land #2613, @wchen-r7's BrowserExploitServer mixin 2013-11-12 17:33:12 -06:00
sinn3r f16aa91302 mv rspec 2013-11-11 18:32:43 -06:00
Tod Beardsley b48950d383 Remove blanket pending test for exe_spec
SeeRM #8436
SeeRM #8668

The fix for #8668 is more surgical than the previous fix for #8436, and
may prove to be more useful
2013-11-11 16:27:42 -06:00
sinn3r 8ab7964aa7 improve regex 2013-11-11 15:29:34 -06:00
sinn3r 9b3211af6b Add regex patterns for OSX files 2013-11-11 15:20:00 -06:00
sinn3r 991240a87e Support java version detection 2013-11-07 00:54:52 -06:00
sinn3r c338f7a8c0 Change how requirements are defined, rspec, etc 2013-11-06 14:01:29 -06:00
sinn3r f2e4d5507c More rspec 2013-11-06 01:45:40 -06:00
sinn3r 73701462ed Fix ActiveX. Use ERB for Javascript detection code. 2013-11-05 16:26:41 -06:00
sinn3r 90b91ec2cd Add testcase for on_request_exploit 2013-11-05 12:53:16 -06:00
sinn3r 73e72a6488 Update the detect_spec testcase 2013-11-05 01:14:12 -06:00
sinn3r 5f2d8358c0 Be more browser specific with Javascript generation 2013-11-05 01:04:52 -06:00
sinn3r 054a525f35 Change profile data structure 2013-11-04 17:46:36 -06:00
sinn3r ed572d95ee Merge joev's PR for Rex::Exploitation::Js::Network 2013-11-04 12:58:08 -06:00
sinn3r c6fb570480 Correct bad method naming 2013-11-04 12:35:04 -06:00
sinn3r dc076273f7 Add another test for profile 2013-11-04 11:12:26 -06:00
sinn3r 03ee1d070e fix server.start_service 2013-11-04 11:06:32 -06:00
sinn3r bed2ea9e39 rename some stuff 2013-11-04 11:02:05 -06:00
sinn3r 9a8e45f451 be_nil 2013-11-04 10:57:01 -06:00
sinn3r f98587181d let 'linux' 2013-11-04 10:55:47 -06:00
sinn3r 6e0690754f let 'random' 2013-11-04 10:54:15 -06:00