James Lee
99f8fbbc9c
Add WinRM login scanner
...
* Genericizes HTTP a bit to make these kinds of HTTP-based scanners
simpler and easier
* Adds support for default ports to HTTP. This should probably be
rafactored up into Base
* Removes spec that complains about port being unset (which now fails
because defaults ensure it's always set)
2014-05-14 14:35:49 -05:00
Christian Mehlmauer
dc7a8d32d8
Land #3324 , msfconsole search timestamp fixes
2014-05-14 21:30:02 +02:00
Luke Imhoff
82d32e39cc
Merge branch 'feature/MSP-9686/vnc_login' into staging/electro-release
...
MSP-9686
2014-05-14 13:24:13 -05:00
Luke Imhoff
a32152ecaa
Merge branch 'staging/electro-release' into feature/MSP-9686/vnc_login
...
MSP-9686
2014-05-14 13:22:41 -05:00
David Maloney
fb671c72a7
Merge branch 'master' into staging/electro-release
2014-05-14 13:00:37 -05:00
dmaloney-r7
acaf713229
Merge pull request #17 from rapid7/feature/MSP-9606/metasploit-credential
...
Run migrations from Metasploit::Credential and initialize its concerns which patch Mdm
2014-05-14 11:15:07 -05:00
nstarke
bb6201d66d
Fixing nil bug and making format constant
...
The date format has been moved into a constant variable.
Certain modules do not have a disclosure_date. For example,
‘checkvm’. This necessitated checking disclosure_date for nil
before attempting a format conversion. Also, there was an additional
location in core.rb that needed the formatting / nil check added. Specs
were also updated appropriately.
2014-05-14 15:51:42 +00:00
James Lee
08a7acef3f
Make sure fail case is correct
...
`rand(1000)` would return 0 one in a thousand times, causing this test to
randomly fail at that interval
2014-05-14 10:22:47 -05:00
Samuel Huckins
162038bde4
Merge pull request #19 from rapid7/feature/login_scanner/smb
...
Specs all passing, functional steps working.
2014-05-13 14:37:13 -05:00
James Lee
2a13010bfb
Fix faulty spec
2014-05-13 14:15:00 -05:00
David Maloney
f5751d6a85
first pass at attempt_login for DB2
...
first pass through at the attempt_login method
for the DB2 LoginScanner. still adding specs
and possibly refactoring
2014-05-13 14:10:30 -05:00
David Maloney
5dcf3efd1a
skeleton for DB2 loginscanner
...
add basic skeleton and specs for the DB2
LoginScanner class.
2014-05-13 13:16:56 -05:00
Luke Imhoff
3370465d84
Use railties to load Metasploit::Credential correctly
...
MSP-9606
In order to support Metasploit::Credential correctly,
metasploit-framework needs to support Metasploit::Concern, which does
all its magic using a Rails::Engine initializer, so the easiest path is
to make metasploit-framework be able to use Rails::Engines. To make
Rails::Engine use Rails::Engine, make a dummy Rails::Application
subclass so that all the initializers will be run when anything requires
msfenv.
2014-05-12 15:03:51 -05:00
Jeff Jarmoc
638ae477d9
Fix up spec. Rex::Proto::Http::ClientRequest handles & and = outside of Rex::Text::uri_encode, so mode doesn't affect them.
...
Fix erroneous typo char.
2014-05-12 12:10:30 -05:00
Jeff Jarmoc
cba39a9a04
Adds spec for 'hex-all' mode
2014-05-12 12:01:06 -05:00
David Maloney
7f98d1630e
specs for VNC Loginscanner
...
cover remaining behaviour for the
VNC LoginScanner class.
2014-05-12 11:29:27 -05:00
Jeff Jarmoc
5f523e8a04
Rex::Text::uri_encode - make 'hex-all' really mean all.
...
'hex-all' encoding was previously ignoring slashes.
This pull adds 'hex-noslashes' mode which carries forward the previous functionality, and replaces all existing references to 'hex-all' with 'hex-noslashes' It then adds a replacement 'hex-all' mode, which really encodes *ALL* characters.
2014-05-12 11:26:27 -05:00
David Maloney
f84d763382
refactoring conditional logic
...
the class works but the conditional logic needs
refactoring to be smoothed out more.
2014-05-12 11:10:36 -05:00
James Lee
3831042dca
Add specs, validations for LoginScanner::SMB
2014-05-09 18:58:49 -05:00
David Maloney
4e76330643
Add skeleton for VNC lgoinscanner
...
Add skeleton and specs for the VNC Loginscanner
MSP-9686
2014-05-09 11:55:15 -05:00
David Maloney
8b937b7c35
Merge branch 'master' into staging/electro_release
2014-05-09 11:46:08 -05:00
Trevor Rosen
c77412d373
Merge pull request #13 from rapid7/feature/login_scanner/mysql
...
Add LoginScanner for MySQL
MSP-9676 #land
2014-05-08 15:05:24 -05:00
Trevor Rosen
894ecaafb4
Merge pull request #12 from rapid7/feature/login_scanner/pg
...
Add Postgres LoginScanner class
MSP-9679 #land
2014-05-08 14:38:56 -05:00
David Maloney
42de1ab1f1
whitespace removal
2014-05-08 14:18:06 -05:00
David Maloney
cfb13ed1bd
Merge branch 'staging/electro_release' into feature/login_scanner/mysql
2014-05-08 13:55:09 -05:00
James Lee
2d2b5ea9e4
Merge remote-tracking branch 'private/feature/login_scanner/mssql' into feature/login_scanner/smb
2014-05-08 13:45:06 -05:00
James Lee
13fe8c0869
Default Credential#paired to true
2014-05-08 13:34:31 -05:00
David Maloney
20edabb0f5
mySQL Loginscanner with specs to match
...
This season's colours for Loginscanner is MySQL
with Unit Test Coverage applied to match.
2014-05-08 13:16:12 -05:00
William Vu
102eb85277
Update CommandDispatcher::Db spec
2014-05-08 03:05:49 -05:00
David Maloney
b72f0f8ffc
try to fix bad push/revert mess
2014-05-07 18:43:37 -05:00
David Maloney
9919d54116
Revert "final touches and specs"
...
This reverts commit e025fa1791
.
2014-05-07 18:34:34 -05:00
David Maloney
e025fa1791
final touches and specs
...
add finishing touches to postgres
Loginscanner and add specs to cover
the behaviour
2014-05-07 18:32:36 -05:00
David Maloney
acbff23c32
final wrap-up specs
...
successkid.jpg
2014-05-07 16:07:18 -05:00
David Maloney
ec974535ac
create base object for mssql scanner
...
created skeleton for MSSQL Loginscanner
included concerns.
also added an NTLM concern and shared example group
2014-05-07 14:43:15 -05:00
David Maloney
507fe566a4
Merge branch 'master' into staging/electro_release
2014-05-06 11:36:19 -05:00
Meatballs
dc38212741
Fix function parsing
2014-05-05 20:53:36 +01:00
Meatballs
e946046de5
Add methods spec
2014-05-05 19:08:18 +01:00
Meatballs
0b886db406
Script specs and remove unknown method
2014-05-05 19:01:36 +01:00
Meatballs
0177e51148
Finish obfu specs and use rig
2014-05-05 18:47:25 +01:00
Meatballs
6ab85027a4
More spec
2014-05-05 17:47:30 +01:00
Meatballs
162b6a8ab9
Add output spec
2014-05-05 14:48:18 +01:00
Meatballs
589d235a80
Simple param spec
2014-05-05 13:46:52 +01:00
David Maloney
5e6f57f711
fix up some more specs
...
some spec cleanup and added basic specs
to the HTTP LoginScanner
2014-05-01 12:10:51 -05:00
David Maloney
0dd22395eb
use credential objects inside results
...
altered results to just hold a credential
object instead of duplicating attributes
2014-04-30 17:17:57 -05:00
David Maloney
4995fcdced
Shared Examples for RexSocket mixin
...
shared example group for the Loginscanner RexSocket
mixin. Pretty simple stuff, just trying to keep it
DRY.
2014-04-30 15:47:52 -05:00
David Maloney
1cd3f3f0da
finished first shared example group
...
base behaviour is now defined in shared
example group and the specs all use that
shared example group
2014-04-30 14:40:37 -05:00
David Maloney
a4cc311106
test base behaviour in shared examples
...
start moving specs to a shared example group
for all behaviour defined by the LoginScanner
Base
2014-04-30 14:35:29 -05:00
David Maloney
a08421b30f
apply reasonable defaults
...
give each lgoinscanner the ability to select
reasonable defaults for certain attributes
2014-04-30 13:56:29 -05:00
David Maloney
e5276d111d
Merge branch 'staging/electro_release' into feature/login_scanner/snmp
...
Conflicts:
lib/metasploit/framework/login_scanner/result.rb
2014-04-30 10:21:35 -05:00
Lance Sanchez
ddee401e27
Merge branch 'feature/MSP-9684/sshkey_loginscanner' into staging/electro_release
...
MSP-9684 #land
2014-04-29 15:21:56 -05:00
David Maloney
e8ea6a86b5
add specs for snmp
...
add specs for the snmp loginscanner
and modify the specs to Result class
to account for the access_level attribute
2014-04-29 14:49:35 -05:00
jvazquez-r7
2b4006089b
Land #3298 , @wvu-r7's fix for db_import and its spec
2014-04-28 17:29:52 -05:00
Meatballs
b860cecad6
Function spec (doesnt pass)
2014-04-28 14:09:39 +01:00
David Maloney
c02fb21c3b
Finalized specs for sshkey
...
shkey loginscanner now compelte along
with specs
2014-04-25 15:20:33 -05:00
William Vu
9964548b41
Amend spec for db_import help
2014-04-25 14:28:29 -05:00
David Maloney
e2d6a57db1
fix spec filename
...
had an extra underscore
2014-04-25 14:27:10 -05:00
David Maloney
0fcfb9d655
add proxies to ssh scanner
...
allow the SSH LoginScanner
to accept a proxy directive
2014-04-25 14:22:21 -05:00
David Maloney
35a039848c
add sshkey loginscanner
...
added the loginscanner class for SSHKey and
the base specs
2014-04-25 14:21:08 -05:00
Meatballs
3ae8c3ff46
Basic specs
2014-04-25 18:14:39 +01:00
Meatballs
8031e50d35
Make Exploitation::Powershell testable
...
Example test
2014-04-26 13:27:25 +01:00
Meatballs
318ae46085
Remove puts
2014-04-26 12:59:19 +01:00
Meatballs
3f5cc13bf8
Better eof test
2014-04-25 17:15:12 +01:00
David Maloney
2346d583ed
touchups and specsfor FTP Scanner
...
add some final touchups and specs to the FTP
Loginscanner object. now fully working.
2014-04-25 11:02:15 -05:00
David Maloney
838a444b23
first pass of FTP LoginScanner
...
made the first pass at the ftp
LoginScanner, with base specs.
Need to still tierate, add more new
specs and clean it up
2014-04-25 10:14:48 -05:00
Meatballs
d85e4b1313
Error if encode_inner and encode_final
2014-04-25 15:47:36 +01:00
Meatballs
ae574bec2b
Correct spec
2014-04-25 15:42:48 +01:00
Meatballs
5b9ec72395
Remove read_script spec
2014-04-25 15:40:52 +01:00
Meatballs
206184007f
Move methods and rename file so it is run by rspec
2014-04-25 15:16:15 +01:00
David Maloney
3a66723741
nake scan! more generic
...
scan! can now be reused for each scanner and
only attempt_login is specific for each thing.
2014-04-24 09:43:39 -05:00
Meatballs
72a2849bf1
Better specs
...
90.6% line coverage in Exploit::Powershell
77.32% in Rex::Exploitation::Powershell and haven't even started
writing those specs...
2014-04-23 08:07:42 +01:00
Meatballs
58c3bf0e59
Further speccage
2014-04-23 06:08:39 +01:00
Meatballs
c4cfa42e5b
More specs
2014-04-23 02:37:19 +01:00
David Maloney
36dd10e1c2
add the renamed spec
...
renamed spec for credential class
forgot to add it
2014-04-22 11:05:58 -05:00
David Maloney
526bb4989a
more explicit requires
...
LoginScanner module brings in all the deps
while the individual classes require
the module then to get their deps.
2014-04-22 10:28:01 -05:00
David Maloney
645eef51b7
Rename CredDetail to Credential
...
it was felt this was better naming
for the class. Refactored all occurence
2014-04-22 10:25:36 -05:00
Rick Farina (Zero_Chaos)
f35314b9f0
adjust Msf::Util::EXE for newer file output
...
Newer releases of File have a much different output when given a jar
file. Adjust regex per egyp7's suggestion to close bug 8792 on redmine.
Failure/Error: verify_bin_fingerprint(format_hash, bin)
expected: /zip/i
got: "/dev/stdin: Java archive data (JAR)\n" (using =~)
Tested and confirmed working with file 5.17 on Gentoo Linux.
2014-04-22 02:21:09 -05:00
David Maloney
f079d3f3a9
move requires into module
...
move all the requires into the LoginScanner
module area to clean up requires
2014-04-21 19:14:50 -05:00
David Maloney
9c6528f13f
use the CredDetail class
...
now that we have the new CredDetail
class, use it instead of hashes
2014-04-21 18:58:23 -05:00
David Maloney
1a6ef8dced
allow for balnk passwords
...
have to alter validation slightly
to allow for blank passwords
2014-04-21 18:57:28 -05:00
David Maloney
fd1777a79f
add CredDetail class
...
rather than passing dumb hashes around
added a CredDetail class that comes
with it's own conditional validations
2014-04-21 18:26:38 -05:00
David Maloney
de2bb7d66c
dd tests for #scan!
...
the scan! method is mostly done
and has unit tests
2014-04-21 17:59:50 -05:00
David Maloney
2e11f80a98
refactor to use Result class
...
we now use a Result class to handle
all result codes from the login attempt
2014-04-21 15:35:16 -05:00
David Maloney
d313047532
add loginscanner result class
...
add a result class to have more
tightly defined return values from
the loginscanner classes
2014-04-21 15:11:56 -05:00
David Maloney
aa1d1be786
do not create sessions with scanner
...
the session creation behaviour is
currently inextricably linked to module
behaviour. We will have our scanner class
only return success status. The calling module
will be responsible for opening sessions afterwards.
2014-04-21 11:38:48 -05:00
Meatballs
67f44072ca
Merge remote-tracking branch 'upstream/master' into pr2075
2014-04-19 18:45:55 +01:00
David Maloney
9a15a2be04
basic login attempt functionality
...
groundowkr now layed for trying
authentication attempts on the
SSH LoginScanner, with test coverage
2014-04-18 20:08:28 -05:00
David Maloney
85349ccec4
SSH connection exception handling
...
added in the exception handling
around the Net::SSH conenction
in attempt_login
2014-04-18 18:13:05 -05:00
David Maloney
17b4d4a416
Add more attributes and validations
...
Added some more attributes neccesary
for the actual running of the login scan
as well as accompanying validations and
specs
2014-04-18 16:23:35 -05:00
David Maloney
613612eecb
Merge branch 'master' into feature/ssh_login_scanner
2014-04-18 11:16:18 -05:00
David Maloney
756488b581
last of the validations
...
finalized validation for SSH lgoinscanner
2014-04-16 13:34:23 -05:00
David Maloney
bf20ed5812
add validations for cred_details
...
Adds validator for the cred_details
attribute on the SSH Login Scanner.
Makes sure propper input is always supplied
for the scanner.
2014-04-16 13:20:14 -05:00
David Maloney
434391c308
add host validations to ssh scanner
...
add validations to the :host attribute
on the SSH LoginScanner
2014-04-16 10:26:00 -05:00
sinn3r
7a4e12976c
First little bit at Bug 8498
...
[FixRM #8489 ] rhost/rport modification
2014-04-15 18:20:16 -05:00
David Maloney
60c879c824
specs for port validation
...
created specs for port validation
MSP-9683
2014-04-15 17:25:55 -05:00
David Maloney
02a17b8612
namespace change to Metasploit
...
chaning the code to live in the namespace of
Metasploit::Framework instead of Msf::Auxiliary
MSP-9683
2014-04-15 17:11:25 -05:00
Meatballs
38d8df4040
Merge remote-tracking branch 'upstream/master' into pr2075
...
Conflicts:
modules/exploits/windows/local/wmi.rb
2014-04-15 22:06:45 +01:00
David Maloney
3c9507c30c
Adds invalid exception class
...
adds an invalid exception class to the
LoginScanner namespace.
MSP-9683
2014-04-15 13:23:24 -05:00
Tod Beardsley
e4a61e2730
Fix Module.new bug and test for vhost
2014-04-14 18:01:13 -05:00
sinn3r
7b6b94acd5
Land #3247 - Revert #3224 jsobfu string size fixes
2014-04-12 00:58:27 -05:00
joev
e09f887c4c
Revert "Fixes large-string expansion in JSObfu."
...
This reverts commit 14fed8c610
.
2014-04-11 16:51:47 -05:00
sinn3r
68a50e3663
Land #3224 - Fixes large-string expansion in JSObfu
2014-04-10 12:09:22 -05:00
Tod Beardsley
ea8c15ba47
Land #3241 back into master
2014-04-11 15:08:01 -05:00
Tod Beardsley
bbc72c3e1c
Update spec to reflect the correct version.
2014-04-11 12:29:26 -05:00
Joe Vennix
14fed8c610
Fixes large-string expansion in JSObfu.
2014-04-09 15:45:48 -05:00
William Vu
9779913060
Land #3184 , Rex::Proto::Http::Client IOError fix
2014-04-03 15:58:50 -05:00
joev
3504ddc633
Fix http spec.
2014-04-03 14:50:54 -05:00
William Vu
92c6113a7c
Fix broken spec for Rex::Text.randomize_space
2014-04-02 11:48:50 -05:00
Tod Beardsley
8ab03f3aeb
Use Array#sample in randomize_space
2014-04-01 14:09:07 -05:00
Tod Beardsley
ec7bb6de54
Land #2969 , random name generator for phishing
2014-04-01 13:00:55 -05:00
William Vu
35d3e064b2
Update spec for #3162
2014-03-28 21:18:26 -05:00
William Vu
355cda0a43
Add specs for random name and e-mail methods
...
Babby's first RSpec. Style is consistent with the rest of the tests.
2014-03-28 16:47:52 -05:00
David Maloney
617e916511
fix specs from change
...
spec changes to go with the previous code change
2014-03-18 13:52:17 -05:00
sinn3r
b431bf3da9
Land #3052 - Fix nil error in BES
2014-03-11 12:51:03 -05:00
Joe Vennix
78393057fe
Fix failing spec
2014-03-10 16:40:46 -05:00
Joe Vennix
5790547d34
Start undoing some work.
2014-03-04 17:01:53 -06:00
Joe Vennix
2a87973d3c
Use be instead of eq.
2014-03-03 21:55:12 -06:00
Joe Vennix
a382b78f80
Oops, $ and _ need to be in the spec.
...
* Repeats the random check 20 times for each spec.
2014-03-03 21:54:09 -06:00
Joe Vennix
bfecf9525d
Add Rex::RandomIdentifierGenerator.
2014-03-03 16:43:49 -06:00
Joe Vennix
e8b10db73b
Dropped a space.
2014-03-03 15:48:44 -06:00
Joe Vennix
1352e5eacb
Add presence spec.
2014-03-03 15:47:30 -06:00
Joe Vennix
b3ab8f7ce1
Make random_var_name public, add specs for it.
2014-03-03 15:39:56 -06:00
Joe Vennix
6574a06bc3
Whitespace fix.
2014-03-02 20:55:07 -06:00
Joe Vennix
4514e32df8
Remove spec changes, oops.
2014-03-02 20:54:22 -06:00
Joe Vennix
894d16af80
Add specs for new/returning/previous visitors.
2014-03-02 20:50:10 -06:00
Joe Vennix
b458b8ad63
Add specs for new methods.
2014-03-02 20:23:20 -06:00
Meatballs
2885ebcb40
Merge remote-tracking branch 'upstream/master' into pr2075
2014-03-02 20:57:02 +00:00
Meatballs
1ca690eccf
Do some rspec
2014-03-02 20:37:08 +00:00
sinn3r
8be99fc299
Fix payload_generator.format_payload rspec
...
The platform should match.
2014-02-25 16:37:21 -06:00
David Maloney
a098c08f2f
pend out bad spec
2014-02-13 15:44:05 -06:00
David Maloney
f7a4dc967d
remove obsolete msfvenom spec
2014-02-05 16:38:44 -06:00
David Maloney
b3db623277
add shellcode file fixture
...
add shellcode file fixture for specs
2014-02-05 11:01:40 -06:00
David Maloney
508f251db2
add cli compat
...
add cli capability to putut verbose info to the console
2014-02-05 11:00:57 -06:00
David Maloney
fc9105d862
final generation and specs
...
generation wrapped method complete with specs
2014-02-04 17:52:20 -06:00
David Maloney
4dcae920f8
add specs for generate_java_payload
...
pretty self-explanatory
2014-02-04 17:40:59 -06:00
David Maloney
70d8246791
finish wiring up the final generation
...
formating and main generate methods wired up
still need to add some final tests
2014-02-04 15:52:18 -06:00
David Maloney
c8b7dc30b4
added encoding routines
...
now has a method for encoding the shellcode
and tests to go with
2014-02-03 17:51:22 -06:00
David Maloney
3b648346da
starting in on encoders
...
added get_encoders method to find propper encoders
started on encode_payload, incomplete
added specs
2014-02-03 00:59:08 -06:00
David Maloney
4a82bc74cf
added nop sled generator
...
added code to prepend a nop sled
with tests to match
2014-02-02 22:51:12 -06:00
David Maloney
3e945418df
specs for added shellcode
...
add specs around adding extra shellcode to the payload
2014-02-02 22:17:52 -06:00
David Maloney
bb5f5542f0
generating raw payload bits now
...
added raw payload generation, arch selection,
and specs for everything thus far
2014-02-02 21:09:17 -06:00
David Maloney
f9c31f988e
test platform selection
...
added tests around platform selection
2014-02-02 16:52:41 -06:00
David Maloney
f5d730e874
write specs around initialiser
...
added specs around object initialisation
2014-02-02 16:05:11 -06:00
David Maloney
e265d6f54c
begining of payload generator
...
started basics of generator
started adding specs
added option to simple framework to disable logging
2014-02-02 14:35:16 -06:00
jvazquez-r7
9db295769d
Land #2905 , @wchen-r7's update of exploit checks
2014-01-24 16:49:33 -06:00
Tod Beardsley
2ea3b46988
Remove to_s inside #{}
2014-01-23 14:21:48 -06:00
sinn3r
5073d3201f
Update rspec for ms08_067 check
...
The original version doesn't return a check if the host is invalid,
looks like it was forgotten. The new version will return Unknown
instead.
2014-01-22 16:10:14 -06:00
William Vu
0a3ee573bc
Uncomment spec_helper require
2014-01-22 11:58:10 -06:00
William Vu
2b7a993f65
Land #2902 , updated PJL spec
2014-01-22 11:57:28 -06:00
Tod Beardsley
90207628cc
Land #2666 , SSLCompression option
...
[SeeRM #823 ], where Stephen was asking for SSL compression for
Meterpreter -- this isn't that, but it's at least now possible for other
Metasploit functionality.
2014-01-22 10:42:13 -06:00
sinn3r
1c1597973e
Update PJL rspec to comply with guidelines
...
Basically the updated version is more explicit. If a moethod doesn't
return anything but might raise an error, then we focus on that.
Also use . to # for instance methods.
2014-01-22 03:34:49 -06:00
sinn3r
a1eba03d1f
Land #2725 - Rex::Proto::PJL plus modules
2014-01-16 15:57:38 -06:00
William Vu
6110ad72b3
Update tests and ensure full coverage
2014-01-16 15:11:04 -06:00
sinn3r
ad832adfc1
Land #2846 - Update mipsle shell_bind_tcp shellcode
2014-01-13 17:37:08 -06:00
David Maloney
41807d7e4e
move rev_http uri checksum code
...
need access to the uri checksum
routines outside of the handler.
moved them to their own mixin
and then mixed into the handler.
added specs also
2014-01-13 15:18:16 -06:00
sinn3r
7b206d6094
Ensure full coverage
2014-01-12 23:10:47 -06:00
sinn3r
f9fc54980a
retab
2014-01-12 22:54:43 -06:00
sinn3r
b8dd4b08c8
Add rspec
2014-01-12 22:53:11 -06:00
sinn3r
65b50b236d
Put classes under a module
2014-01-12 15:54:56 -06:00
sinn3r
02d5931739
Add method scan_by_checksum for virustotal.rb
...
Allows the user to scan files based on checksusm (without actually
uploading them to VT)
2014-01-12 15:45:16 -06:00
jvazquez-r7
bd91e36e06
Land #2851 , @wchen-r7's virustotal integration
2014-01-10 19:12:56 -06:00
sinn3r
cacd7ff9d4
Land #2827 - Add firefox js xpcom payloads for universal ff shells
2014-01-10 14:29:32 -06:00
jvazquez-r7
862f0e27b3
Modify msfvenom spec
2014-01-09 18:30:46 -06:00
William Vu
b43a221959
Land #2855 , Rex::Socket refactor and specs
2014-01-09 16:20:50 -06:00
James Lee
442c98bc05
Add spec for fixed bug
2014-01-09 15:18:03 -06:00
James Lee
1519af33f5
Refactor `getaddress` in terms of `getaddresses`
2014-01-09 11:03:24 -06:00
James Lee
01f350964f
Add specs for some stuff in Rex::Socket
2014-01-09 10:19:19 -06:00
sinn3r
9ddef2fbc9
Update rpsec and the script
2014-01-08 13:22:38 -06:00
James Lee
cc51c2033e
Fix unreliable spec
...
Sometimes "localhost" resolves to more than one address
2014-01-08 10:16:32 -06:00
sinn3r
b7ce3c5812
Add rspec
2014-01-08 02:34:43 -06:00
James Lee
9c23910b69
Refactor Socket::Range
...
There was really no reason for it to inherit from Array. Also adds a few
more specs and gets coverage up to a more respectable percentage.
2014-01-07 16:31:55 -06:00
James Lee
2ed9772080
Fix unhandled exceptions when resolution fails
2014-01-07 12:00:04 -06:00
James Lee
a6b25d3323
Add failing spec for invalid hostname bug
2014-01-06 17:49:27 -06:00
Joe Vennix
d00acccd4f
Remove Java target, since it no longer works.
2014-01-04 21:22:47 -06:00
Joe Vennix
694cb11025
Add firefox platform, architecture, and payload.
...
* Enables chrome privilege exploits in firefox to run a javascript cmd
shell session without touching the disk.
* Adds a spec for the addon_generator.
2014-01-02 10:48:28 -06:00
William Vu
59be4316fe
Land #2793 , Msf::Util::EXE RSpec failure fix
2014-01-01 21:50:18 -06:00
Timothy Swartz
cce354762d
Altered case by request
2013-12-31 16:09:11 -08:00
jvazquez-r7
2cc4fa35cf
Land #2785 , @todb-r7's support for post modules on msfcli
2013-12-23 12:05:40 -06:00
Timothy Swartz
fc792bdaae
Fix for Rspec failure in Msf::Util::EXE
...
[FixRM #8723 ]
2013-12-21 02:49:44 -07:00
sinn3r
52a4e55804
Land #2781 - Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
2013-12-20 11:25:50 -06:00
Joe Vennix
ca23b32161
Add support for Procs in browserexploit requirements.
2013-12-19 12:49:05 -06:00
sinn3r
709a7bfb99
Land #2754 - Created standalone module for cpassword AES decrypt
2013-12-19 12:13:21 -06:00
sinn3r
284b3507ce
Convert gpp_standalone.rb into a standalone script in tools
2013-12-19 12:10:00 -06:00
Tod Beardsley
6422ad2145
Adds ability to load post modules in msfcli
...
This is mainly important for normal load testing. It'd be unusual to
actually want to use this functionality with msfcli since post modules
already need established sessions in order to do something.
[SeeRM #8719 ]
2013-12-19 11:53:40 -06:00
Tod Beardsley
764fd09cc3
Increase duration timeout task manager
...
Sometimes, Jenkins or Travis is slow, and can't hit that 1 second
timeout. This increases to 5 seconds to account for local slowness.
2013-11-25 10:26:51 -06:00
Meatballs
b015dd4f1c
Land #2532 Enum LSA Secrets
...
With refactoring of common methods from smart_hashdump, hashdump,
cachedump to Windows::Post::Privs
2013-11-24 18:09:33 +00:00
Joe Vennix
3ff9da5643
Remove compression options from client sockets.
...
I couldn't verify that it was working, as it always sends 1 compression type of NULL.
2013-11-20 14:41:45 -06:00
Joe Vennix
f8b57d45cd
Reenable the client SSLCompression advanced option.
...
Add spec for some of the additions to Rex::Proto::Http::Client
2013-11-20 01:03:13 -06:00
Tod Beardsley
d7b022de5a
Land #2598 , offline updates and msfupdate refactor
2013-11-19 15:58:29 -06:00
jvazquez-r7
a79e137a7a
Fix db_spec
2013-11-19 14:07:41 -06:00
Brandon Turner
e6c43bfe34
Allow stubbing stdin in msfupdate
2013-11-15 17:15:15 -06:00
Brandon Turner
823aa3a6f7
Validate arguments to msfupdate before updating
2013-11-15 17:01:08 -06:00
Brandon Turner
730edc4bf5
Always exit from maybe_wait_and_exit
...
Previously calling maybe_wait_and_exit wouldn't actually exit. This was
the wrong behavior.
2013-11-15 17:00:41 -06:00
Brandon Turner
8ea83ed1c6
Test the old wait/nowait behavior
2013-11-15 15:31:01 -06:00
Brandon Turner
314e8fd570
Refactor msfupdate so it is testable
2013-11-15 15:24:35 -06:00
James Lee
0aef145f64
Merge remote-tracking branch 'upstream/master' into land-2532-enum-lsa
2013-11-13 18:11:21 -06:00
James Lee
16627c1bd3
Add spec for capture_lsa_key
2013-11-13 15:16:34 -06:00
Tod Beardsley
5e342debbc
Don't be dopey in the RSpec version matching
2013-11-13 13:04:26 -06:00
Tod Beardsley
3500cf06d4
Add a spec for version checking.
2013-11-13 12:49:57 -06:00
James Lee
3168359a82
Refactor lsa and add a spec for its crypto methods
2013-11-13 11:55:39 -06:00
jvazquez-r7
ef6d9db48f
Land #2613 , @wchen-r7's BrowserExploitServer mixin
2013-11-12 17:33:12 -06:00
sinn3r
f16aa91302
mv rspec
2013-11-11 18:32:43 -06:00
Tod Beardsley
b48950d383
Remove blanket pending test for exe_spec
...
SeeRM #8436
SeeRM #8668
The fix for #8668 is more surgical than the previous fix for #8436 , and
may prove to be more useful
2013-11-11 16:27:42 -06:00
sinn3r
8ab7964aa7
improve regex
2013-11-11 15:29:34 -06:00
sinn3r
9b3211af6b
Add regex patterns for OSX files
2013-11-11 15:20:00 -06:00
sinn3r
991240a87e
Support java version detection
2013-11-07 00:54:52 -06:00
sinn3r
c338f7a8c0
Change how requirements are defined, rspec, etc
2013-11-06 14:01:29 -06:00
sinn3r
f2e4d5507c
More rspec
2013-11-06 01:45:40 -06:00
sinn3r
73701462ed
Fix ActiveX. Use ERB for Javascript detection code.
2013-11-05 16:26:41 -06:00
sinn3r
90b91ec2cd
Add testcase for on_request_exploit
2013-11-05 12:53:16 -06:00
sinn3r
73e72a6488
Update the detect_spec testcase
2013-11-05 01:14:12 -06:00
sinn3r
5f2d8358c0
Be more browser specific with Javascript generation
2013-11-05 01:04:52 -06:00
sinn3r
054a525f35
Change profile data structure
2013-11-04 17:46:36 -06:00
sinn3r
ed572d95ee
Merge joev's PR for Rex::Exploitation::Js::Network
2013-11-04 12:58:08 -06:00
sinn3r
c6fb570480
Correct bad method naming
2013-11-04 12:35:04 -06:00
sinn3r
dc076273f7
Add another test for profile
2013-11-04 11:12:26 -06:00
sinn3r
03ee1d070e
fix server.start_service
2013-11-04 11:06:32 -06:00
sinn3r
bed2ea9e39
rename some stuff
2013-11-04 11:02:05 -06:00
sinn3r
9a8e45f451
be_nil
2013-11-04 10:57:01 -06:00
sinn3r
f98587181d
let 'linux'
2013-11-04 10:55:47 -06:00
sinn3r
6e0690754f
let 'random'
2013-11-04 10:54:15 -06:00
sinn3r
480b876a11
non_existent_profile
2013-11-04 10:51:31 -06:00
sinn3r
8bfa252496
Restate this test
2013-11-04 10:49:48 -06:00
sinn3r
34b5136aa4
use let for requirements
2013-11-04 10:47:52 -06:00
sinn3r
1d5643d53c
Match Rspec terminology
2013-11-04 10:37:41 -06:00
joev
7d975dfa87
Fix spec to refer to postInfo().
2013-11-02 16:54:22 -05:00
joev
90d8da6a21
Fix some bugs in my edits, add a spec.
2013-11-02 16:46:33 -05:00
sinn3r
094abdd093
rspec this
2013-11-01 14:59:21 -05:00
sinn3r
afcce8a511
Merge osdetect and addonsdetect
2013-10-22 01:11:11 -05:00
sinn3r
135648c171
Add the new rspec files
2013-10-21 20:18:36 -05:00
sinn3r
9a3e719233
Rework the naming style
2013-10-21 20:16:37 -05:00
sinn3r
5280bcf3f8
Update rspec files
...
Remove some junk code
2013-10-21 17:13:01 -05:00
sinn3r
8a94df7dcd
Change category name for base64
2013-10-18 21:20:16 -05:00
sinn3r
73b8eb0f83
Add rspec files to make sure the javascript files are loadable.
2013-10-18 15:14:26 -05:00
Tod Beardsley
b3e02d0fd8
Land #2477 , add specs for ROPDB
2013-10-10 15:05:52 -05:00
Tod Beardsley
72a35d14f1
Mark broken tests as pending
...
These tests are broken a few different ways.
[SeeRM #8463 ]
also see: https://github.com/rapid7/metasploit-framework/pull/2477
2013-10-08 11:49:42 -05:00
jvazquez-r7
8b7d241dc3
Use a named subject
2013-10-07 12:28:50 -05:00
jvazquez-r7
d8dba8ee58
Fix ropdb spec according to @limhoff-r7's comments
2013-10-07 09:51:21 -05:00
sinn3r
41e87d83a6
Add rspec for Rex::Exploitation::RopDb
2013-10-04 00:54:07 -05:00
Tab Assassin
2e8d19edcf
Retab all the things (except external/)
2013-09-30 13:47:53 -05:00
Tod Beardsley
2fb770f73e
Land #1569 , MSI payloads
...
The bins are signed by Meatballs, everything looks good here, so
landing. Thanks for your patience on these!
2013-09-27 16:29:27 -05:00
Tod Beardsley
7cc2ad55a6
Land #1770 , unattend.xml snarfing modules
2013-09-27 16:04:38 -05:00
Meatballs
8a9843cca6
Merge upstream/master
2013-09-27 20:02:23 +01:00
Tabassassin
120cca8bb3
Retab unattended_spec to avoid conflicts
2013-09-27 13:44:33 -05:00
Tod Beardsley
5bab85fcda
Use a context for #parse
2013-09-27 13:04:18 -05:00
Tod Beardsley
6345fb2788
Use described_class
2013-09-27 12:59:10 -05:00
Tod Beardsley
7d9d98c9eb
Land #2421 , update to cookie parsing specs
2013-09-27 11:45:33 -05:00
Tod Beardsley
8f957a5394
Add spec for new #to_h method
2013-09-27 11:27:31 -05:00
Tod Beardsley
103a64a32a
Indent like a sane person.
2013-09-27 10:22:46 -05:00
Tod Beardsley
623aeb367f
Set a context for #get_cookies
2013-09-27 10:12:11 -05:00
Tod Beardsley
467c503fb9
DRY with a cookie_sanity_check method
2013-09-27 10:07:28 -05:00