Commit Graph

1465 Commits (1a7a5c2977ae84ad15f179a9ff76a25cb1441c20)

Author SHA1 Message Date
jvazquez-r7 e3bbb7c297 Solve conflicts 2015-04-03 14:57:49 -05:00
OJ d02a4cc197
Land #5066 : EncodedPayload#generate specs 2015-04-03 20:59:00 +10:00
James Lee a1b4cf375f
Add some minimal specs for #generate 2015-04-03 00:11:41 -05:00
OJ fd043d4842 Fix up build and missing uri_checksum stuff
Somehow this made it into a merge when it shouldn't have. This fix moves
the URI checksum module to where it needs to be and updates all the
references where required. This will result in a class with the dynamic
transport branch, but I can fix that after.
2015-04-03 13:42:25 +10:00
OJ 5b5dc3ef59 Merge branch 'upstream/master' into stageless-x64
Merge required adjustment of the proxy datastore names that were changed.
2015-04-03 08:53:09 +10:00
Brent Cook f4977bf606
Land #5006 @jlee-r7 adds meterpreter specs 2015-04-01 11:05:47 -05:00
James Lee 76bfaa6ce9
Fix dumb inverted logic. Thanks, rspec! 2015-03-31 14:28:07 -05:00
James Lee 176cdcb836
Use sym-to-proc instead of reimplementing it 2015-03-31 11:21:53 -05:00
James Lee dfaf1b3a8f
Stub monitor_sock so we don't leak threads 2015-03-30 22:03:39 -05:00
OJ 97d788676c Set dynamic_size true for x64 stageless 2015-03-31 07:37:46 +10:00
James Lee 790a08a848
It's pronounced "exploit", not "assoc_exploit" 2015-03-30 16:21:17 -05:00
James Lee 2394d4bae8
Merge branch 'staging/single-vuln-push' into feature/MSP-11934/refactor-report-exploit-success
Conflicts:
	Gemfile
	Gemfile.lock
	spec/support/shared/examples/msf/db_manager/exploit_attempt.rb
2015-03-30 14:08:54 -05:00
James Lee 2ab4584079
Merge remote-tracking branch 'upstream/master' into staging/single-vuln-push 2015-03-30 13:50:52 -05:00
James Lee 6386289d80
Remove bogus spec
No longer necessary to check that we're instantiating an Msf::Module
because we get the same information by reusing an existing
Mdm::Module::Detail
2015-03-30 13:10:36 -05:00
OJ 6610504b10 Update payload spec 2015-03-30 21:07:30 +10:00
James Lee 7b1ac29788
Fix subject 2015-03-30 00:53:31 -05:00
James Lee 283e50fd42
Check the case of having no vuln 2015-03-30 00:09:49 -05:00
HD Moore a1c755161a Add spec coverage for appender, fix injector 2015-03-29 11:52:06 -05:00
Meatballs 9eca3a0ab5
Impersonation spec 2015-03-29 00:52:27 +00:00
Meatballs 10029eedb9
Add command specs 2015-03-29 00:05:44 +00:00
Meatballs f7e3abf760
sqlcmd specs and fixes 2015-03-28 23:23:00 +00:00
Meatballs 3b651aecdc
Specs for sqlserver check and fixes 2015-03-28 22:59:00 +00:00
sinn3r 9cfafdd8b8
Land #4649, improve post/windows/manage/run_as and as an exploit 2015-03-27 17:31:30 -05:00
Trevor Rosen 2815462375
Update Mdm to staging hash 2015-03-27 15:16:33 -05:00
James Lee 466ef4349e
Second verse, same as the first 2015-03-27 09:59:10 -05:00
James Lee 88a8186a11
Pull up redundant hash literal 2015-03-26 19:33:53 -05:00
Brent Cook e0568e95c2
Land #4978 @zerosteiner adds reverse https for python meterpreter 2015-03-26 19:16:46 -05:00
jvazquez-r7 d84c48cb7d
Use newer hash syntax 2015-03-25 13:39:34 -05:00
jvazquez-r7 72a0909e9b
Land #4992, @wchen-r7's support for multiple ActiveX controls on BrowserExploitServerMerge 2015-03-25 13:30:36 -05:00
James Lee 95d70e7211
Remove respond_to check for protected method
Fails on Ruby 2.x, and doesn't really gain us anything anyway.
2015-03-25 12:50:46 -05:00
James Lee 8f0c434faa Add specs for the new method 2015-03-25 12:34:10 -05:00
jvazquez-r7 0540e25db2
Calculate the java/rmi/registry/RegistryImpl_Stub hash dinamically 2015-03-25 11:29:07 -05:00
sinn3r 6e3e696262 Use symantec_web_gateway as an example of using send_request 2015-03-25 10:55:46 -05:00
sinn3r 111e3fcb88 Add rspec for #send_request 2015-03-25 01:45:03 -05:00
jvazquez-r7 a5c39db6c3
Use mocks like a boss... 2015-03-24 19:30:59 -05:00
jvazquez-r7 0b671d5210
Add specs for Msf::Java::Rmi::Client::Jmx::Connection 2015-03-24 19:15:25 -05:00
jvazquez-r7 356e8c727c
Add specs for Msf::Java::Rmi::Client::Jmx::Server 2015-03-24 18:56:58 -05:00
jvazquez-r7 464a6df5e0
Add specs for Msf::Java::Rmi::Client::Registry 2015-03-24 18:42:35 -05:00
jvazquez-r7 0fe98bc023
Delete old JMX mixin specs 2015-03-24 17:30:37 -05:00
jvazquez-r7 e20398a70a
Add specs for Msf::Java::Rmi::Client::Jmx::Server::Parser 2015-03-24 17:30:06 -05:00
jvazquez-r7 0a352fc7d4
Finish specs for Msf::Java::Rmi::Client::Jmx::Connection::Builder 2015-03-24 17:06:05 -05:00
jvazquez-r7 115c4e5a06
Add first specs for Msf::Java::Rmi::Client::Jmx::Connection::Builder 2015-03-24 16:37:05 -05:00
jvazquez-r7 82d545850e
Add specs for Msf::Java::Rmi::Client::Jmx::Server::Builder 2015-03-24 16:04:18 -05:00
jvazquez-r7 87cac6fd55
Complete specs for Msf::Java::Rmi::Util 2015-03-24 15:41:32 -05:00
jvazquez-r7 48026da35f
Fix RMI specs 2015-03-24 15:14:36 -05:00
jvazquez-r7 0a07bb4d17
Add a couple of specs for Rex::Proto::Rmi::Model::ReturnValue 2015-03-24 15:08:59 -05:00
Christian Mehlmauer 7bf00f8f47
Land #4789, @rastating WPLMS wordpress module 2015-03-24 20:46:38 +01:00
James Lee 023f47f19a
Use build instead of create 2015-03-24 13:17:42 -05:00
James Lee b9934cfd3f
Add workspace to ensure consistency with session 2015-03-24 13:14:55 -05:00
James Lee 13a899b3d2
Use a named subject 2015-03-24 13:13:54 -05:00
James Lee 414983ac8c
Merge branch 'feature/MSP-11925/create-user-data' into staging/single-vuln-push
Conflicts:
	Gemfile.lock
2015-03-24 12:42:08 -05:00
Christian Mehlmauer 6eedf6ac03
Land #4975, egghunter tool, Resolve #4944 2015-03-24 06:20:30 +01:00
Christian Mehlmauer 71c544c3c5
added newline at end of file 2015-03-24 06:19:27 +01:00
sinn3r 3c4da5c3ff Update BES rspec 2015-03-24 00:10:18 -05:00
HD Moore c7da9d6f79 Move file: prefix checks out of option class specs (would need to go into console test specs at some point) 2015-03-23 15:09:22 -05:00
jvazquez-r7 79068c8ec2
Delete JMX discovery stream 2015-03-23 10:21:37 -05:00
sinn3r 01caf161f8 Fix syntax error in db_spec.rb 2015-03-23 01:35:26 -05:00
sinn3r 2e75d14d56 Update rspec 2015-03-23 00:53:55 -05:00
Spencer McIntyre 7282968d8a Python reverse HTTPS stager 2015-03-21 12:43:14 -04:00
sinn3r 675f96ecd1 Don't need this require 2015-03-20 23:32:23 -05:00
sinn3r 96bcdd211c Finished rspec 2015-03-20 20:53:04 -05:00
sinn3r 470464874f The important test cases I want to cover 2015-03-20 16:53:42 -05:00
sinn3r 2fda115110 rspec starter 2015-03-20 16:46:09 -05:00
jvazquez-r7 1226b3656f
Land #4945, @wchen-r7's login scanner for Symantec web gateway 2015-03-20 14:44:05 -05:00
jvazquez-r7 e257e742e0
Fix require 2015-03-20 14:26:55 -05:00
jvazquez-r7 62871255b0
Match class and file names 2015-03-20 14:25:20 -05:00
jvazquez-r7 eb73da2f39 Clean specs 2015-03-20 14:19:02 -05:00
sinn3r b19f766728
Land #4942, Gitlab Login Scanner 2015-03-20 13:02:12 -05:00
William Vu cf645772b6
Land #4960, hosts -i, -n, and -m support 2015-03-19 21:34:14 -05:00
jvazquez-r7 da51d2be67
Really add specs for Msf::Java::Rmi::Client::Registry::Parser 2015-03-19 19:07:42 -05:00
jvazquez-r7 6eecbc3de1
Add specs for Msf::Java::Rmi::Client::Registry::Builder 2015-03-19 18:24:31 -05:00
sinn3r 6c84081552 Update db_spec.rb 2015-03-19 18:12:37 -05:00
jvazquez-r7 ec90594f7e
Add support for Rex::Java::Serialization::ProxyClassDesc 2015-03-19 15:41:24 -05:00
OJ 7899881416 Update POSIX bins from master 2015-03-19 14:50:14 +10:00
Meatballs a5d589ef55
Railgun calls should return a hash 2015-03-19 00:05:02 +00:00
Meatballs 975ddc9092
Add some spec mockery 2015-03-18 23:43:46 +00:00
jvazquez-r7 8113ed2e1f
Move specs 2015-03-18 09:29:37 -05:00
jvazquez-r7 0968f14ac1
Add specs for CallData 2015-03-17 20:53:02 -05:00
jvazquez-r7 6315e07312 Add specs for UniqueIdentifier 2015-03-17 20:38:43 -05:00
jvazquez-r7 4bc4936083 Add specs for ReturnValue 2015-03-17 17:30:53 -05:00
jvazquez-r7 87b777e923
Refactor moving code to rex 2015-03-17 17:15:32 -05:00
sinn3r 78ec4c91e8 Completed rspec 2015-03-17 16:15:12 -05:00
sinn3r ee276434a4 Update swg spec, looking good so far 2015-03-17 15:15:32 -05:00
sinn3r d5b77d053b Update for rspec 2015-03-17 12:14:58 -05:00
sinn3r 503fb602f9 Get rspec going 2015-03-17 12:01:46 -05:00
jvazquez-r7 2d8782d711 Fix RMI specs 2015-03-17 11:48:38 -05:00
jvazquez-r7 ebe7ad07b0 Add specs, plus modify java_rmi_server modules 2015-03-17 11:26:27 -05:00
Meatballs 2c6b904c02
Correct spec too 2015-03-17 11:36:36 +00:00
Meatballs f4a1e981ab
Add gitlab login scanner 2015-03-17 11:19:23 +00:00
Brent Cook abb8a32e68 update spec for dynamic meterpreter payloads 2015-03-16 18:08:13 -05:00
Brent Cook b68e05e536
Land #4914, @hmoore-r7 and @BorjaMerino winhttp stagers 2015-03-13 08:24:11 -05:00
William Vu fa2fbc387c
Land #4922, REG_MULTI_SZ for type2str 2015-03-13 01:07:27 -05:00
HD Moore 66a45ac7fd Add spec for reverse_winhttps 2015-03-11 16:29:22 -05:00
HD Moore ea1bc69e2e Merge branch 'master' into feature/add-reverse_winhttp-stagers 2015-03-11 14:29:34 -05:00
Brent Cook ceeee4446f
Land #4904, @hmoore-r7 reworks reverse_http/s stagers
They are now assembled dynamically and support more flexible options,
such as long URLs.
2015-03-11 10:41:59 -05:00
HD Moore cb1a1ef692 Remove bad stager+stage combinations from the payload set 2015-03-11 00:46:24 -05:00
James Lee cb41154712
Make a MatchResult when sessions are reported 2015-03-10 15:17:57 -05:00
HD Moore db351317a5 Merge with PR branch 2015-03-10 14:08:35 -05:00
HD Moore 0f763c2cb3 First step to reworking the winhttp stagers 2015-03-10 14:07:25 -05:00
Borja Merino 991e72a4fa HTTP stager based on WinHttp 2015-03-10 13:40:16 -05:00