Commit Graph

431 Commits (5662e5c5a6dc6fb9a06d645df6c738d1721fcbd2)

Author SHA1 Message Date
Joe Vennix 894d16af80 Add specs for new/returning/previous visitors. 2014-03-02 20:50:10 -06:00
Meatballs 2885ebcb40
Merge remote-tracking branch 'upstream/master' into pr2075 2014-03-02 20:57:02 +00:00
Meatballs 1ca690eccf
Do some rspec 2014-03-02 20:37:08 +00:00
sinn3r 8be99fc299 Fix payload_generator.format_payload rspec
The platform should match.
2014-02-25 16:37:21 -06:00
David Maloney a098c08f2f pend out bad spec 2014-02-13 15:44:05 -06:00
David Maloney 508f251db2 add cli compat
add cli capability to putut verbose info to the console
2014-02-05 11:00:57 -06:00
David Maloney fc9105d862 final generation and specs
generation wrapped method complete with specs
2014-02-04 17:52:20 -06:00
David Maloney 4dcae920f8 add specs for generate_java_payload
pretty self-explanatory
2014-02-04 17:40:59 -06:00
David Maloney 70d8246791 finish wiring up the final generation
formating and main generate methods wired up
still need to add some final tests
2014-02-04 15:52:18 -06:00
David Maloney c8b7dc30b4 added encoding routines
now has a method for encoding the shellcode
and tests to go with
2014-02-03 17:51:22 -06:00
David Maloney 3b648346da starting in on encoders
added get_encoders method to find propper encoders
started on encode_payload, incomplete
added specs
2014-02-03 00:59:08 -06:00
David Maloney 4a82bc74cf added nop sled generator
added code to prepend a nop sled
with tests to match
2014-02-02 22:51:12 -06:00
David Maloney 3e945418df specs for added shellcode
add specs around adding extra shellcode to the payload
2014-02-02 22:17:52 -06:00
David Maloney bb5f5542f0 generating raw payload bits now
added raw payload generation, arch selection,
and specs for everything thus far
2014-02-02 21:09:17 -06:00
David Maloney f9c31f988e test platform selection
added tests around platform selection
2014-02-02 16:52:41 -06:00
David Maloney f5d730e874 write specs around initialiser
added specs around object initialisation
2014-02-02 16:05:11 -06:00
David Maloney e265d6f54c begining of payload generator
started basics of generator
started adding specs
added option to simple framework to disable logging
2014-02-02 14:35:16 -06:00
David Maloney 41807d7e4e move rev_http uri checksum code
need access to the uri checksum
routines outside of the handler.
moved them to their own mixin
and then mixed into the handler.
added specs also
2014-01-13 15:18:16 -06:00
Joe Vennix d00acccd4f Remove Java target, since it no longer works. 2014-01-04 21:22:47 -06:00
Joe Vennix 694cb11025 Add firefox platform, architecture, and payload.
* Enables chrome privilege exploits in firefox to run a javascript cmd
shell session without touching the disk.
* Adds a spec for the addon_generator.
2014-01-02 10:48:28 -06:00
Joe Vennix ca23b32161 Add support for Procs in browserexploit requirements. 2013-12-19 12:49:05 -06:00
Tod Beardsley 764fd09cc3
Increase duration timeout task manager
Sometimes, Jenkins or Travis is slow, and can't hit that 1 second
timeout. This increases to 5 seconds to account for local slowness.
2013-11-25 10:26:51 -06:00
Meatballs b015dd4f1c
Land #2532 Enum LSA Secrets
With refactoring of common methods from smart_hashdump, hashdump,
cachedump to Windows::Post::Privs
2013-11-24 18:09:33 +00:00
jvazquez-r7 a79e137a7a Fix db_spec 2013-11-19 14:07:41 -06:00
James Lee 0aef145f64 Merge remote-tracking branch 'upstream/master' into land-2532-enum-lsa 2013-11-13 18:11:21 -06:00
James Lee 16627c1bd3
Add spec for capture_lsa_key 2013-11-13 15:16:34 -06:00
Tod Beardsley 5e342debbc
Don't be dopey in the RSpec version matching 2013-11-13 13:04:26 -06:00
Tod Beardsley 3500cf06d4
Add a spec for version checking. 2013-11-13 12:49:57 -06:00
James Lee 3168359a82
Refactor lsa and add a spec for its crypto methods 2013-11-13 11:55:39 -06:00
jvazquez-r7 ef6d9db48f
Land #2613, @wchen-r7's BrowserExploitServer mixin 2013-11-12 17:33:12 -06:00
sinn3r f16aa91302 mv rspec 2013-11-11 18:32:43 -06:00
Tod Beardsley b48950d383 Remove blanket pending test for exe_spec
SeeRM #8436
SeeRM #8668

The fix for #8668 is more surgical than the previous fix for #8436, and
may prove to be more useful
2013-11-11 16:27:42 -06:00
sinn3r 991240a87e Support java version detection 2013-11-07 00:54:52 -06:00
sinn3r c338f7a8c0 Change how requirements are defined, rspec, etc 2013-11-06 14:01:29 -06:00
sinn3r f2e4d5507c More rspec 2013-11-06 01:45:40 -06:00
sinn3r 73701462ed Fix ActiveX. Use ERB for Javascript detection code. 2013-11-05 16:26:41 -06:00
sinn3r 90b91ec2cd Add testcase for on_request_exploit 2013-11-05 12:53:16 -06:00
sinn3r 5f2d8358c0 Be more browser specific with Javascript generation 2013-11-05 01:04:52 -06:00
sinn3r 054a525f35 Change profile data structure 2013-11-04 17:46:36 -06:00
sinn3r c6fb570480 Correct bad method naming 2013-11-04 12:35:04 -06:00
sinn3r dc076273f7 Add another test for profile 2013-11-04 11:12:26 -06:00
sinn3r 03ee1d070e fix server.start_service 2013-11-04 11:06:32 -06:00
sinn3r bed2ea9e39 rename some stuff 2013-11-04 11:02:05 -06:00
sinn3r 9a8e45f451 be_nil 2013-11-04 10:57:01 -06:00
sinn3r f98587181d let 'linux' 2013-11-04 10:55:47 -06:00
sinn3r 6e0690754f let 'random' 2013-11-04 10:54:15 -06:00
sinn3r 480b876a11 non_existent_profile 2013-11-04 10:51:31 -06:00
sinn3r 8bfa252496 Restate this test 2013-11-04 10:49:48 -06:00
sinn3r 34b5136aa4 use let for requirements 2013-11-04 10:47:52 -06:00
sinn3r 1d5643d53c Match Rspec terminology 2013-11-04 10:37:41 -06:00
sinn3r 094abdd093 rspec this 2013-11-01 14:59:21 -05:00
Tod Beardsley 72a35d14f1
Mark broken tests as pending
These tests are broken a few different ways.

[SeeRM #8463]

also see: https://github.com/rapid7/metasploit-framework/pull/2477
2013-10-08 11:49:42 -05:00
Tab Assassin 2e8d19edcf Retab all the things (except external/) 2013-09-30 13:47:53 -05:00
David Maloney e80cda4ace Merge branch 'master' into spike/exe_generation 2013-09-12 12:36:10 -05:00
David Maloney d6e4e46d86 better validation of buffer register 2013-09-09 12:16:15 -05:00
Brandon Turner cf69577433 Remove rpsec should_not raise_error deprecations
Checking that a specifc error is not raised is deprecated in rspec:
https://github.com/rspec/rspec-expectations/pull/244
2013-09-06 09:34:05 -05:00
Brandon Turner 4760000bca Replace mock with double in specs
mock is deprecated - https://www.relishapp.com/rspec/rspec-mocks/docs
2013-09-06 09:34:05 -05:00
David Maloney 5a424ab4df Allow user supplied buffer register
let the user pick, otherwise default to edx
2013-08-26 13:15:12 -05:00
David Maloney 369535b4e3 Some more specs
added a few specs to validate the generated exe.
could use some more love, but it's a start
2013-08-25 13:25:31 -05:00
David Maloney 8f47aa6dcb Basic Injector class
create a class for injecting payloads
into an exe template as a new section
2013-08-24 16:11:00 -05:00
sinn3r 92d57ef37d Fix merge conflict
Conflicts:
	msfvenom
2013-08-13 00:00:16 -05:00
Tod Beardsley 02f460287b Revert "OptString specs and better validation"
This reverts commit d66779ba4c.

Specifically, this commit was causing trouble when a datastore was
getting an Integer. For some reason (as yet undiscovered), the option
normalizer wasn't trying to Integer#to_s such arguments.

This kind of thing is going to happen a lot. For now, I'd rather just
end up with the ducktype, and attack the normalizer in a seperate fix.
2013-08-09 15:30:42 -05:00
William Vu d493346691 Land #2137, fixes and specs for Opt containers 2013-07-23 15:58:09 -05:00
jvazquez-r7 b0c17fdebc Land #2002, @jlee-r7's patch for better handling uri resources 2013-07-23 15:49:21 -05:00
William Vu b0c74dbb8b Land #2120, specs for command_dispatcher 2013-07-22 16:33:19 -05:00
lsanchez-r7 03cd3ff4eb adding new lines to the end of files. 2013-07-22 16:26:45 -05:00
David Maloney 943dde5c6c OptRegexp specs 2013-07-20 18:44:55 -05:00
David Maloney 2fc397b251 OptRaw specs 2013-07-20 17:57:52 -05:00
David Maloney d66779ba4c OptString specs and better validation 2013-07-20 17:49:03 -05:00
David Maloney d6f2b28708 More opt specs 2013-07-20 17:37:39 -05:00
lsanchez-r7 18200c8490 passing all of my changes into rubymines formatter
this should convert everything over to tabs
fixing a filename error and some white space at the EOL
2013-07-20 17:32:05 -05:00
David Maloney 7c8f7329e9 integrate with egypt's already better specs 2013-07-20 16:46:16 -05:00
David Maloney ec82644bd3 mo fixes mo specs
SEERM #7536
SEERM #7537
2013-07-18 15:00:57 -05:00
Joe Vennix 7b05ac2036 Remove inapplicable comment. 2013-07-18 13:42:55 -05:00
Joe Vennix f8b5f1b284 Adds specs for different ref types. 2013-07-18 13:35:04 -05:00
David Maloney 57dd525714 More optaddressrange specs and fixes
SEERM #7536
2013-07-18 13:03:32 -05:00
lsanchez-r7 49bb484d14 Adding in specs for ui command dispatchers
SEERM #4821
while looking into what it would take to fix bug 4821, I found that there are no specs
for any of the other methods in command dispatcher. I have attempted to add stubs for a
few of the methods and tested a few of the help outputs.
2013-07-18 12:56:21 -05:00
Joe Vennix f4b0ab8184 Adds 141 passing specs to Msf::Module#search_filter.
* tests exclusion functionality, type: matching, port: matching, app: matching,
   platform: matching, author: matching, text: matching, name: matching, and
   path: matching.
[RM #4790]
2013-07-18 12:47:08 -05:00
David Maloney 22e4db04e0 opening specs and fixes for OptAddressRange 2013-07-18 12:44:48 -05:00
David Maloney 27e2469d8e Specs and code changes for OptAddress
handles wierness around Optaddress.
Still need to address isues in optaddressRange

FIXRM #7537
2013-07-17 20:21:24 -05:00
James Lee d10f082741 Maybe fix travis? Works on my box 2013-07-05 16:58:19 -05:00
James Lee e330916744 Pull out common stuff in Util::EXE/MsfVenom tests 2013-07-03 12:25:15 -05:00
James Lee 0d78a04af3 Clean up exe spec a bit 2013-07-01 17:36:58 -05:00
James Lee 3ad5dede26 Add spec for elf mips* and exe-only formats
Also a rudimentary test for win32_rwx_exec
2013-07-01 17:36:38 -05:00
James Lee e483fe444d Add spec for HttpServer#hardcoded_uripath 2013-06-21 15:59:15 -05:00
James Lee e8a92eb196 Keep better track of resources
[See #1623]
[SeeRM #7692]
2013-06-21 14:51:47 -05:00
Tod Beardsley d7e3c5cdb3 Rspec: Ensure PacketFu is actually still available
PacketFu should be required from the gem, not from the shipped msf
library. Several modules depend on it being available, so this rspec
test mostly just ensures that Msf::Exploit::Capture mixin is still
around.
2013-06-10 16:02:50 -05:00
James Lee 0f2ea755c5 Add encoding comment to spec files for 2.0 compat 2013-06-07 13:27:39 -05:00
Luke Imhoff 4ba571346e Spec Msf::Simple::Framework#init_module_paths
[#47720609]
2013-05-24 12:33:42 -05:00
Luke Imhoff 1a487e476d Merge branch 'master' into bug/module-load-cache-update 2013-05-23 14:23:14 -05:00
Luke Imhoff 2b70ec2e08 Payload compatible cache_in_memory
[#47720609]

Msf::PayloadSet#add_module does NOT return an annotated module class as
Msf::ModuleSet#add_module does because a payload module is defined as a
ruby Module instead of a ruby Class.   Since add_module doesn't always
return an annotated_class, the logic in
Msf::ModuleManager#on_module_load needed to change to NOT use
annotated_class and create #add_module as return [void].  Thus, it is
necessary to pass in all the metasploit module metadata to
Msf::ModuleManager#cache_in_memory instead of assuming they can be
derived from the (payload) Module or (other) Class.
2013-05-22 16:06:02 -05:00
Luke Imhoff 57576de85f Update in-memory cache to fix file_changed?
[#47720609]

Msf::ModuleManager#module_info_by_path was not being updated when a
module was loaded, so if a load_module was called again, say during
start up of prosvc, the module would reload even though there was no
change in the file because file_changed? couldn't find an entry for the
module's path in module_info_by_path.
2013-05-22 12:28:42 -05:00
Luke Imhoff 398dcfa8cb Merge branch 'master' into bug/migrations 2013-05-20 12:49:33 -05:00
Luke Imhoff 0e435d378c Move Msf::DBManager#migrate(d) to module
[#50179803]

Move Msf::DBManager#migrate and the migrated attribute to
Msf::DBManager::Migration module to lower complexity of db_manager.rb
and in preparation for more migration related code on this branch.
2013-05-20 12:45:17 -05:00
Luke Imhoff 1df08cfa49 Add specs to prevent dupe migrations_paths regression
[#50099107]

Add specs to verify that the duplicate migrations_paths protection
works.
2013-05-17 15:15:57 -05:00
Luke Imhoff c8657fb46b Fix Mdm::Module::Detail#stance bug
[#49858419]
[SEERM #7958]

metasploit_data_models 0.14.3 relaxes the validation on
Mdm::Module::Detail#stance so it only needs to be in
Mdm::Module::Detail::STANCES if Mdm::Module::Detail#mtype is 'auxiliary'
or 'exploit' as framework only supplies a stance for those types when
using Mdm::Module::Detail.
2013-05-17 11:58:10 -05:00
Luke Imhoff bc92b43408 Update to metasploit_data_models 0.11.0
[#47979793]
2013-05-09 13:25:26 -05:00
Luke Imhoff 249a09cd52 Update to metasploit_data_models 0.7.1
[#47979793]
2013-04-26 13:14:38 -05:00
Luke Imhoff 9207ed6532 Msf::Ui::Console::CommandDispatcher::Core#search_modules_sql spec
[#47979793]
2013-04-25 14:33:13 -05:00
Luke Imhoff 24b97137ea Msf::DBManager Mdm::Module* specs
[#47979793]
2013-04-25 09:46:53 -05:00
Luke Imhoff 4b0e639cf1 Do not mock on nil.
[#47979793]

Using `should_not_receive` on `nil` gives `nil` a permanent
`@mock_proxy`, which causes Marshal.dump to fail in later tests (see
https://travis-ci.org/rapid7/metasploit-framework/builds/6502350).  By,
checking there are no NoMethoErrors raised, nil can be tested as
parent_module, but works around the RSpec issue
(https://github.com/rspec/rspec-mocks/issues/274).
2013-04-22 10:25:01 -05:00
Luke Imhoff be0c61a207 Change spec structure to reflect module/classes for Msf::DBManager
[#47979793]

Multiple files define Msf::DBManager, but it's better to have one spec
for Msf::DBManager, so change spec structure to reflect module and class
hierarchy instead of file hierarchy of defining files.
2013-04-20 16:51:29 -05:00
Luke Imhoff 492b081280 Msf::DBManager::Export#extract_module_detail_info spec
[#47979793]
2013-04-20 16:44:42 -05:00
Luke Imhoff 3bf3cfccc6 Use be_within to loosen tolerance for Time comparisons
[#47979793]
[#48414569]

Even though using Timecop locally on OS X makes the `should == <Time>`
work, it fails on travis-ci, so try using `should
be_within(1.second).of(<Time>)` instead.
2013-04-19 12:07:12 -05:00
Luke Imhoff e5befb7094 Msf::DBManager#report_session specs
[#47979793]
2013-04-19 10:11:33 -05:00
Luke Imhoff 2c681005c0 Msf::ModuleManager::Cache spec coverage
[#47979793]
2013-04-15 13:08:12 -05:00
Luke Imhoff 0709395570 Msf::ModuleManager::Loading shared example
[#47979793]
2013-04-12 15:18:16 -05:00
Luke Imhoff ff7a8e6351 Msf::ModuleManager::ModulePaths shared example
[#47979793]
2013-04-12 15:14:04 -05:00
Luke Imhoff 0bb79ba890 Msf::DBManager#import_msf_xml refactor
[#46491831]

Move Msf::DBManager#import_msf_xml into
Msf::DBManager::ImportMsfXml#import_msf_xml and include
Msf::DBManager::ImportMsfXml to cut down size of the infamous db.rb.
Break up #import_msf_xml to have separate methods for parsing web_forms,
web_pages, and web_vulns.  The method for
web_vulns, #import_msf_web_vuln_element is needed so that it can be overridden in
Pro to handle the Pro-only changes to Mdm::WebVuln.
2013-04-01 16:06:40 -05:00
egypt 9d4bc6bb89 Restructure a bit and add checks for doubled '//' 2013-01-31 15:34:34 -06:00
sinn3r d8b15daaf2 Correct rspect to the correct behavior 2013-01-30 16:13:17 -06:00
James Lee bbb3fa25be Allow negative values for OptInt
[FixRM #7540]
2013-01-14 14:18:56 -06:00
James Lee 0d34e0b249 Fix regex for hex numbers 2013-01-13 20:53:40 -06:00
James Lee 4703a6f737 Unbreak OptInt hex syntax
* Fix spec for no-longer-pending tests
* Fix regex in OptInt#valid? to allow hex syntax again

[See #1293][See #1296]
2013-01-12 14:17:29 -06:00
Tod Beardsley 10511e8281 Merge remote branch 'origin/bug/fix-double-slashes'
Ran the new normalize_uri() specs, all passes, so I'm quite confident in
this change.
2012-12-17 13:29:19 -06:00
James Lee 2cbc15a22b Add #import_option and #from_file 2012-11-29 18:10:29 -06:00
James Lee e298c5b9cd Add a simple spec for DataStore 2012-11-29 17:28:15 -06:00
James Lee cf93a81110 Add specs and pending examples for more Opt*s
[SeeRM #7535]
[SeeRM #7536]
[SeeRM #7537]
[SeeRM #7539]
[SeeRM #7540]
2012-11-29 16:35:50 -06:00
James Lee 7f803744d2 Fix typo 2012-11-29 14:42:27 -06:00
James Lee 7f34586780 Add specs for several Opt* classes 2012-11-29 14:40:25 -06:00
James Lee 3205941a59 Use a SyntaxError instead of JumpError
Since the 1.8.7 behavior is insane. Also adds a require for msf/core so
this spec can run by itself.
2012-11-20 19:44:55 -06:00
Luke Imhoff 858cef83fe Add specs for normalize_uri 2012-11-08 13:22:07 -06:00
James Lee 26a145e527 Always overwrite the old module even when ambiguous 2012-11-07 18:51:12 -06:00
Luke Imhoff 16407f91c8 Rescue Errno::ENOENT from File.open in read_module_content
[Fixes #38426061, #38097411]

Msf::Modules::Loader::Directory#read_module_content may calculate a non-existent
module_path that gets passed to File.open causing an Errno::ENOENT exception
to be raised when using the module cache with a module that has been
moved to a new path (as is the case that originally found this bug) or
deleted.  Now, the exception is rescued and read_module_content returns
an empty string (''), which load_module detects with
module_content.empty? and returns earlier without attempting to module
eval the (empty) content.

As having Msf::Modules::Loader::Directory#read_module_content rescue the
exception, meant there was another place that needed to log and error
and store an error in Msf::ModuleManager#module_load_error_by_path, I
refactored the error reporting to call
Msf::Modules::Loader::Base#load_error, which handles writing to the log
and setting the Hash, so the error reporting is consistent across the
loaders.

The exception hierarchy was also refactored so that
namespace_module.metasploit_class now has an error raising counter-part:
namespace_module.metasploit_class! that can be used with
Msf::Modules::Loader::Base#load_error as it requires an exception, and
not just a string so the exception class, message, and backtrace can be
logged.
2012-11-06 17:38:38 -06:00
Luke Imhoff de07ca5f07 Merge branch 'bug/wrong-file_changed-argument' of github.com:/rapid7/metasploit-framework into bug/wrong-file_changed-argument 2012-10-31 11:49:02 -05:00
Luke Imhoff 471ac6d15d Use typed_enable?(type) instead of protected enablement_by_type[type]
Msf::Modules::Loader::Archive#each_module_reference_name tried to check
the enabled types for the module_manager by accessing the
enabledment_by_type Hash, which is protected.  Instead, it should use
the public type_enabled? method.

Add specs to test all of Msf::Modules::Loader::Archive while testing
each_module_reference_name.  In order to properly test that modules
could be found in archives, I had to produce a fastlib archive, so there
is now a spec for FastLib.dump and FastLib.load.  Some specs are marked
pending as I found a bug in FastLib, which has a work-around.  The bug
is filed in PivotalTracker as
https://www.pivotaltracker.com/story/show/38730815 and the pending tests
include the URL also in their tags.
2012-10-31 11:43:28 -05:00
James Lee 4073bec136 Add missing require 2012-10-30 13:38:51 -05:00
Luke Imhoff 6c11b870da Check for payload in :type instead of :modification_time
Just had a brain fart when converting the hash key names and translated
:mtype to :modification_time instead of the correct :type.  Correct key
names are in
Msf::ModuleManager::Cache#module_info_by_path_from_database!.
2012-10-30 12:10:31 -05:00
Luke Imhoff 5709ffc42b Use Msf::Config.install_root instead of Msf.root
Msf::Config.install_root already existed, but I didn't know about it
until egypt pointed it out, so remove the new Msf.root and use
Msf::Config.install_root in the specs instead.
2012-10-30 10:46:02 -05:00
Luke Imhoff 055f95898d Merge branch 'master' into bug/wrong-file_changed-argument
Conflicts:
	lib/msf/core/modules/loader/base.rb
2012-10-24 15:25:49 -05:00
Luke Imhoff 69a8739d52 Pass module_path instead of parent_path to file_changed?
[Fixes #37630057]

Modules were always being detected as having file changes because the
parent_path directory, instead of the actual module_path, was being
passed to module_manager.file_changed?, which caused the modification
times to not match.

To ensure this change fixes the ambiguous module warnings, a full spec
for Msf::Core::Modules::Loader::Base has been written.

spec/msf has moved to spec/lib/msf to match conventional spec layout and
allow for the spec/support directory to not be confused as a lib
subdirectory being tested.
2012-10-24 15:11:53 -05:00