bwatters-r7
7e34f27004
Land #9246 , Support RHOSTS for exploit modules
2018-05-16 14:40:25 -05:00
Brent Cook
60bed4bd1b
tidy tests, add ms17_010_psexec
2018-05-08 17:44:08 -05:00
Brent Cook
0c391c4003
reduce sleeps for a test we're running on every PR
2018-05-07 06:55:02 -05:00
Brent Cook
ad78ee347b
run json files through 'python -m json.tool'
2018-05-07 00:29:23 -05:00
Brent Cook
4de2dc5f8c
don't disable smbv1 just yet
2018-05-07 00:24:38 -05:00
dmohanty-r7
7fa001ba50
Add tests for test lab
2018-05-07 00:24:38 -05:00
Jeffrey Martin
cacb9af731
update test for CPE abstraction
2018-03-13 16:13:04 -05:00
Brent Cook
a9f340a7a7
remove run_range, nothing in MSF uses it (we don't care about Pro here)
2018-03-12 17:07:48 -05:00
bwatters-r7
ccbc7fcefe
Land #9606 , Add some tests for cmd_exec
...
Merge branch 'for-the-windows' into upstream-master
2018-03-06 15:13:07 -06:00
bwatters-r7
43bc159022
Fix if/end
2018-03-06 15:01:15 -06:00
bwatters-r7
4694ef6723
Make Rubocop less angy
2018-03-06 14:54:00 -06:00
bwatters-r7
b13a54ba2b
clean up some code and skip non-windows tests
2018-03-06 10:10:53 -06:00
bwatters-r7
6c177b7c3b
Add windows checks
2018-03-06 12:14:33 +07:00
Jeffrey Martin
bb0d5ba8da
decouple hosts and targets for tests
2018-02-25 17:10:22 -06:00
Tim W
bfec2e8293
add more cmd_exec tests
2018-02-22 17:14:56 +08:00
Tim W
78309f30cd
add test for cmd_exec
2018-02-22 16:41:37 +08:00
Jeffrey Martin
cf4d9130a9
add initial module automation tests
2017-12-05 11:19:24 -06:00
Brent Cook
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
Spencer McIntyre
f7c133cdf7
Add OSX support to railgun
2017-06-19 11:11:55 -04:00
Spencer McIntyre
a3bcd20b26
Minor cleanups for multi-platform railgun
2017-04-25 17:45:07 -04:00
Spencer McIntyre
3347af24ba
Add some basic libc definitions for railgun
2017-04-25 15:12:39 -04:00
Spencer McIntyre
d3a759d631
Make changes for initial linux railgun support
2017-04-24 17:11:27 -04:00
Spencer McIntyre
2d51801b01
Use native_arch for railfun multi and test it
2017-03-01 13:07:04 -05:00
bwatters-r7
941f87fa83
Added the option to incude entropy in file/directory names to support
...
automated testing
2017-02-25 05:20:25 -06:00
Spencer McIntyre
7d1fadb84f
Add a test module for railgun api calls
2017-02-18 17:37:49 -05:00
Tim
090dac6d24
make the stdapi_fs_file_move test unconditional
2016-11-29 14:37:19 +08:00
Tim
94a15920ec
add test for file copy
2016-11-29 14:36:03 +08:00
Brent Cook
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e0216
, reversing
changes made to 7b1d9596c7
.
2016-07-15 12:00:31 -05:00
Brent Cook
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
Brent Cook
194a84c793
Modify stdapi so it also uses exist? over exists? for ruby parity
...
Also add an alias for backward compatibility.
2016-04-23 17:31:22 -04:00
wchen-r7
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
Brendan Watters
fa95922547
Add unicode test examples
2016-04-05 16:06:51 -05:00
Brent Cook
da039e136a
update test modules to use MetasploitModule
2016-03-13 13:44:44 -05:00
jvazquez-r7
d5a010c230
Add support for registry_key_exist?
2015-10-22 16:07:38 -05:00
wchen-r7
cf6d5fac2a
Use the latest cred API, no more report_auth_info
2015-09-04 13:43:15 -05:00
wchen-r7
d55757350d
Use the latest credential API, no more report_auth_info
2015-09-04 03:04:14 -05:00
wchen-r7
54c5c6ea38
Another update
2015-07-29 14:31:35 -05:00
wchen-r7
8bead5fde2
Modate update on using metasploit-credential
...
Update some more modules to usethe new cred API.
Also, make sure to always provide proof because that seems handy.
2015-07-23 18:07:19 -05:00
wchen-r7
91fc213ddf
More metasploit-credential update
2015-07-23 15:50:50 -05:00
wchen-r7
4561850055
Use metasploit-credential API instead of report_auth_info
2015-07-22 01:11:43 -05:00
Tod Beardsley
31eedbcfa0
Minor cleanups on recent modules
...
Edited modules/auxiliary/scanner/http/ms15_034_http_sys_memory_dump.rb
first landed in #5577 , MS15-034 HTTP.SYS Information Disclosure
Edited modules/exploits/multi/browser/adobe_flash_shader_drawing_fill.rb
first landed in #5605 , CVE-2015-3105 flash exploit
Edited modules/exploits/multi/browser/adobe_flash_shader_job_overflow.rb
first landed in #5559 , Adobe Flash Player ShaderJob Buffer Overflow
Edited modules/auxiliary/test/report_auth_info.rb first landed in #5540 ,
@wchen-r7's changes for multiple auxiliary modules to use the new cred
API
2015-06-26 12:18:33 -05:00
wchen-r7
b6379b4d24
Update drupal_views_user_enum
2015-06-16 00:02:02 -05:00
wchen-r7
0b88e86a49
Using the new cred API for multiple auxiliary modules
2015-06-15 16:06:57 -05:00
jvazquez-r7
4224008709
Delete print_debug/vprint_debug
2015-04-21 11:14:03 -05:00
Brent Cook
d77f8ffeeb
update meterpreter tests to test utf filenames
...
This adds a new option BaseFileName that allows setting the base name for files
and directories used in the meterpreter test modules.
2015-03-20 22:18:19 -05:00
Brent Cook
89a0a79377
revert puts back to a vprint call
2015-01-28 16:41:12 -06:00
Brent Cook
8b3a0a0bb1
really fix the cmdweb test
...
this test to include the CmdStager module, not the CmdStagerVbs class
Before:
```
msf > loadpath test/modules
Loaded 32 modules:
8 posts
12 auxiliarys
12 exploits
```
After:
```
msf > loadpath test/modules
Loaded 33 modules:
8 posts
12 auxiliarys
13 exploits
msf > use exploit/test/cmdweb
msf exploit(cmdweb) > info
Name: Command Stager Web Test
Module: exploit/test/cmdweb
Platform: Windows
Privileged: Yes
License: Metasploit Framework License (BSD)
Rank: Manual
Disclosed: 2010-02-03
Provided by:
bannedit <bannedit@metasploit.com>
Available targets:
Id Name
-- ----
0 Automatic Targeting
Basic options:
Name Current Setting Required Description
---- --------------- -------- -----------
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
RHOST yes The target address
RPORT 8080 yes The target port
VHOST no HTTP server virtual host
Payload information:
Description:
This module tests the command stager mixin against a shell.jsp
application installed on an Apache Tomcat server.
msf exploit(cmdweb) > set RHOST 127.0.0.1
RHOST => 127.0.0.1
msf exploit(cmdweb) > run
[*] Started reverse handler on 127.0.0.1:4444
[*] Command Stager progress - 2.01% done (2046/101881 bytes)
[*] Command Stager progress - 4.02% done (4092/101881 bytes)
[*] Command Stager progress - 6.02% done (6138/101881 bytes)
[*] Command Stager progress - 8.03% done (8184/101881 bytes)
[*] Command Stager progress - 10.04% done (10230/101881 bytes)
[*] Command Stager progress - 12.05% done (12276/101881 bytes)
[*] Command Stager progress - 14.06% done (14322/101881 bytes)
[*] Command Stager progress - 16.07% done (16368/101881 bytes)
[*] Command Stager progress - 18.07% done (18414/101881 bytes)
...
```
2015-01-27 11:44:34 -06:00
Brent Cook
550e6efff8
improve resiliency of meterpreter session tests
...
- Use separate names for files and directories to avoid cascading
failures if one test fails and leaves a file or directory behind.
- Use %TEMP% rather than %TMP - the former is defined on all Windows
versions, whereas the later is not defined on Windows 2012, causing
the test to fail.
- Don't assume 'HACKING' is in the current working directory, which
breaks remote test harnesses. Instead, send the source code to the
current __FILE__ as the test file to upload, since that works from
any directory or remotely.
2015-01-27 09:07:21 -06:00
Brent Cook
a42cc2ef1f
add support for specifying 32 or 64-bit registry access
...
This adds an extra parameter to most of the post/windows/registry
methods called 'view' that specifies if a registry key should be
accessed as a native process, 32-bit or 64-bit.
Support is added to both the Meterpreter and command-line backends. For
the command backend, a lot of boilerplate is removed from each method in
favor of a few shared commands. There is an error hash that never gets
used, so I removed it as well.
This passes the post/test/registry module with meterpreter, but fails
the command line backend. However, it fails in the same way without
these changes (tested on Windows 8), so I suspect that the command line
session was already not working well, at least with newer versions of
Windows. I might look into figuring out how to fix that, but it looks
pretty fragile to me, parsing for english phrases in the output.
2015-01-20 15:26:59 -06:00
Meatballs
0b0ac1455a
Merge remote-tracking branch 'upstream/master' into extapi_service_post
...
Conflicts:
test/modules/post/test/services.rb
2015-01-07 20:53:34 +00:00