infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
26,032 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

581 Commits (1931024c86572f306d8e1c948b31061887bf193e)

Author SHA1 Message Date
darkbushido 064d624322
changing Credential == operator 
it should no longer raise no method errors when comparing a credential to
an object that doesnt respond to public, private, or realm
 2014-07-23 16:17:09 -05:00
Luke Imhoff 14fa49cdeb
Update spec to handle Mdm::Service#proto sequence 
MSP-10029

Mdm::Service factories were changed in metasploit_data_models 0.19.0 to
use a sequence that cycles between 'tcp' and 'udp'.  To make the spec
clearer, just hard-code the protos under test instead of relying on
default behavior.
 2014-07-22 09:47:35 -05:00
David Maloney 52a29856b3
Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-07-16 09:38:44 -05:00
Matt Buck eff2defdde
Fix bug due to Metasploit::Model::Login::Status refactor 
MSP-10718
 2014-07-16 04:14:45 -05:00
David Maloney 939e585658
refactor all loginscanners 
loginscanners now use LoginStatus constants
for the result statuses
 2014-07-15 13:17:56 -05:00
David Maloney 846679bef9
change Result status 
result bojects now use Login::status constants
for their status
 2014-07-15 11:39:38 -05:00
James Lee 4b16985eb8
Stop trying more creds for a user after success 
This is more like the behavior of the old AuthBrute mixin, where a
scanner module was expected to return :next_user in the block given to
each_user_pass when it successfully authenticated.

The advantage is a reduced number of attempts that are very unlikely to
be successful since we already know the password. However, note that
since we don't compare realms, this will cause a false negative in the
rare case where the same username exists with different realms on the
same service.

MSP-10686
 2014-07-10 17:48:58 -05:00
James Lee e4039c2382
Merge branch 'staging/electro-release' into feature/MSP-10679/refactor-invalidate-login 2014-07-10 14:00:28 -05:00
James Lee 147c6d8160
Merge branch 'feature/MSP-10660/realm_adjustments' into staging/electro-release 2014-07-10 13:52:21 -05:00
David Maloney 8833429987
make shared example usage more readable 
this seems less obtuse
 2014-07-10 12:58:13 -05:00
David Maloney 7dc58d060e
make only one each method 
made the one true enumerator of credentials
for the login_scanner.

also covered the wierd http case where it can have a realm key
but no default realm.
 2014-07-10 12:35:09 -05:00
David Maloney 87e6ede123
Merge branch 'master' into staging/electro-release 2014-07-10 08:44:12 -05:00
James Lee 0daa395007
Fix specs for LoginError cases 2014-07-09 18:11:20 -05:00
David Maloney 25ee278097
strip vestigial realms 
in the cases where we don't want a realm we should be
stripping it from the credential so we can build accurate results
 2014-07-09 17:46:56 -05:00
Tod Beardsley 038d1e210a
Merge upstream/master to deconflict. 
Conflicts:
	Gemfile.lock
 2014-07-09 17:43:42 -05:00
David Maloney 0c4e53ce5a
fix up specs 
a whole bunch of spec changes needed for
these changes.

alos the axis2 spec was actually testing the winrm
class due to copypasta error.
 2014-07-09 16:32:59 -05:00
David Maloney c7b37743ef
working realm coercion 
LoginScanners will now figure out
the right thing to do about Realms
based on attributes of the Scanner itself
 2014-07-09 15:56:39 -05:00
David Maloney 24fced822e
coerce realm_key when it exists 
if the cred has a realm and the loginscanner
has a realm_key, make the credential use the
scanner's realm key
 2014-07-09 14:58:20 -05:00
David Maloney 766b50b5e0
REALM_KEY not _TYPE 
arg typos
 2014-07-09 14:01:41 -05:00
James Lee afe36ab6ad
Merge branch 'staging/electro-release' into feature/MSP-9707/smb-bruteforce-refactor 
Conflicts:
	lib/metasploit/framework/login_scanner/smb.rb
 2014-07-09 12:50:24 -05:00
David Maloney aeda74f394
Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-07-07 16:41:23 -05:00
David Maloney 2c13ff4038
Merge branch 'staging/electro-release' into feature/MSP-10656/unify-ssh-scanners 2014-07-07 16:32:39 -05:00
dmaloney-r7 db8b0c907b Merge pull request #94 from rapid7/feature/MSP-10648/login-scanner-creation 
Feature/msp 10648/login scanner creation
 2014-07-07 16:04:09 -05:00
dmaloney-r7 c4c7ff519f Merge pull request #96 from rapid7/feature/MSP-10657/add-private-type 
Add private_type and realm_key accessors to Framework::Credential
 2014-07-07 15:43:18 -05:00
James Lee 4d4b8078f8
Unify SSH specs as well 2014-07-07 13:41:08 -05:00
James Lee 71cbbc5388
Merge branch 'feature/MSP-10648/login-scanner-creation' into feature/MSP-10656/unify-ssh-scanners 2014-07-07 13:19:34 -05:00
James Lee b7cfc927c4
Add private_type and realm_key accessors 2014-07-07 13:07:28 -05:00
James Lee cff2e1a1c1
And remove specs referencing obsolete accessors 2014-07-07 12:37:14 -05:00
James Lee 325d2d25b9
Fix requires and derp typos 2014-07-07 10:09:45 -05:00
jvazquez-r7 14b1ed5290 Add spec for comma separated cookies 2014-07-06 16:23:43 -05:00
James Lee 311f43f1e4
Constpocalypse 2014-07-03 18:49:46 -05:00
jvazquez-r7 405de05e4b Add specs for module_flavors 2014-07-03 10:31:39 -05:00
James Lee b7a55d402d
Add likely service ports and names for HTTP 2014-07-02 23:41:31 -05:00
James Lee 9dde47a0bc
Add a simple classes_for_service method 2014-07-02 23:31:56 -05:00
Tod Beardsley 8b63d3d467 Revert the revert of #3446 
This reverts commit 9b35b0e13a.

This should not land on master until the Metasploit Pro folks (@trosen-r7
and friends) get their Meterpreter path specifications working the
same way as Framework's does.
 2014-06-29 17:22:21 -05:00
dmaloney-r7 0a6a5a0a12 Merge pull request #92 from rapid7/feature/MSP-9912/metamodule-refactor-ssh-key 
Feature/msp 9912/metamodule refactor ssh key
 2014-06-27 11:48:57 -05:00
Lance Sanchez c1877cfba2
fixing the broken to_credential test 
MSP-9912
 2014-06-27 10:06:38 -05:00
Spencer McIntyre 1b4b4fd1c0 Update the cmdstager spec ArgumentError text 2014-06-27 08:34:57 -04:00
jvazquez-r7 dcd0e77f9e Change #compatible? method name because it's used by Module 2014-06-27 08:34:56 -04:00
jvazquez-r7 af568c856a Add CMStager specs 2014-06-27 08:34:56 -04:00
Lance Sanchez b5351eec2b
adding .to_credential 
Metasploit::Framework::Credential and Metasploit::Credential::Core
need to be consumable by the login scanners. the easiest way to do this
was to create a shared to_credential method on both that return Metasploit::Framework::Credential

MSP-9912
 2014-06-26 11:05:59 -05:00
David Maloney 9cec330f05
Merge branch 'master' into staging/electro-release 2014-06-26 10:22:30 -05:00
Matt Buck 27ef12bafe
Land #3478, disallow port 0 for portspec 
[Closes #3478]
 2014-06-25 15:46:30 -05:00
Lance Sanchez 07d548caeb
dropping lib from shared examples 
MSP-9912
 2014-06-25 14:32:43 -05:00
David Maloney 42bfe8ba4f
make portspec specs not insane 
the specs for the portspec_to_portlist method
need a lot of work. this gives us some btter minimum coverage
 2014-06-25 14:10:06 -05:00
Chris Doughty 9b35b0e13a Revert "Land #3446 -- Meterpreter bins gem switch" due to build failures 
This reverts commit bba8bd3498, reversing
changes made to 002234993f.
 2014-06-25 13:24:07 -05:00
James Lee f225ac92ab
Refactor smb_login 
Maintains the new admin check functionality added in
rapid7/metasploit-framework#3330
 2014-06-25 04:13:37 -05:00
OJ bba8bd3498
Land #3446 -- Meterpreter bins gem switch 2014-06-25 03:00:11 +10:00
James Lee 85611702f9 Merge branch 'upstream-master' into feature/MSP-9707/smb-bruteforce-refactor 2014-06-23 23:58:47 -05:00
Tod Beardsley c71eb1aa4e
Add specs for changed object UI 2014-06-22 13:05:17 -05:00