Commit Graph

1776 Commits (6d88c264741fcca1bcb5618ce68a066c73b6b0ea)

Author SHA1 Message Date
jvazquez-r7 b6df023c99
Land #4989, @hmoore-r7's change to file: handling
Datastore options with file: are handled at set time
2015-04-21 23:21:22 -05:00
Trevor Rosen 8f5d222e53
Land #5156 - module ranking properly handles nil 2015-04-21 14:40:01 -05:00
jvazquez-r7 4224008709
Delete print_debug/vprint_debug 2015-04-21 11:14:03 -05:00
jvazquez-r7 57df5c4f4f
Solve conflics 2015-04-20 23:38:34 -05:00
jvazquez-r7 831e65261d
Add lengths specs 2015-04-20 17:37:41 -05:00
William Vu c7129e063c
Land #5069, breaking up with old options 2015-04-20 16:23:44 -05:00
James Lee d7fc9294f0
Add require 2015-04-20 15:54:41 -05:00
James Lee 2a3ed890d2
Add specs for Msf::Opt 2015-04-20 15:54:40 -05:00
James Lee 3a5af3939d
Split all the option classes into their own files 2015-04-20 15:54:40 -05:00
William Vu 3fbd4e2fe6
Land #5172, x64 BSD shell_{bind,reverse}_tcp 2015-04-20 15:37:29 -05:00
William Vu 79ca0a56f9
Land #4171, Steam protocol support 2015-04-20 15:35:06 -05:00
wchen-r7 3493d25ff9 Move all this to Rex 2015-04-16 21:07:23 -05:00
Brent Cook 9bf897a829
Land #4744, refactor powershell for msfvenom psh-cmd 2015-04-16 15:44:57 -05:00
joev 46d53a216f Alphabetize the specs. 2015-04-16 13:28:40 -05:00
joev fa506ef046 Add bsd payloads to payloads_spec. 2015-04-16 13:28:00 -05:00
William Vu 42ff0decc7
Land #4722, timing options for snmp_login 2015-04-16 02:25:29 -05:00
Luke Imhoff 16234feeed
Red rank_modules ranks unloadable as Manual
MSP-12557
2015-04-15 16:09:19 -05:00
Luke Imhoff 87d1770bac
Green rank_modules with loaded without Rank is NormalRanking
MSP-12557
2015-04-15 15:51:42 -05:00
Luke Imhoff bae581046b
Green module_ranks with loaded with Rank
MSP-12557
2015-04-15 15:49:19 -05:00
Luke Imhoff 65a40a994b
Green rank_modules use NormalRanking without Rank in loaded modules
MSP-12557
2015-04-15 15:45:21 -05:00
Luke Imhoff d57cf8f09f
Green rank_modules with Rank
MSP-12557

Test that modules that need to be loaded are ranked using Rank after
loading.
2015-04-15 15:41:16 -05:00
Matt Buck e82fb5f836
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	lib/msf/ui/console/command_dispatcher/db.rb
	metasploit-framework-db.gemspec
	metasploit-framework.gemspec
2015-04-15 14:04:35 -05:00
Luke Imhoff 7a14618481
Red Msf::ModuleSet#rank_modules with create -> nil
MSP-12557

Msf::ModuleSet#rank_modules does not handle Msf::ModuleSet#create
returning `nil`.
2015-04-15 11:59:34 -05:00
William Vu 8d1126eaa5
Land #5129, x64 BSD prepend stubs 'n' stuff 2015-04-14 01:24:50 -05:00
joev 2d3614f647 Implement x64 BSD exec and exe template.
- Fixes bug in CachedSize due to all options being set
- Adds new payload to payload_spec.
2015-04-12 12:17:25 -05:00
Matt Buck 9f15824e2a
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
2015-04-10 15:35:27 -05:00
sinn3r 284ef5bbbb
Land #5112, Nessus REST Login Module 2015-04-10 13:32:53 -05:00
sinn3r 90d525088c Green rspec 2015-04-10 11:36:23 -05:00
root 7e6461aea0 Travis error correction 2015-04-10 15:48:48 +05:00
root 8c0d5d66d0 Add spec file 2015-04-10 15:32:03 +05:00
William Vu 88031c9a87 Update spec 2015-04-09 16:25:04 -05:00
sinn3r 3fc25a00d8 Make sure we are only grabbing hidden inputs 2015-04-09 01:09:00 -05:00
sinn3r 717120b8c5 Add #get_hidden_inputs for Metasploit::Framework::LoginScanner::HTTP 2015-04-09 00:34:09 -05:00
Brent Cook e03f2df691
Land #5002, RMI/JMX improvements 2015-04-08 15:23:29 -05:00
sinn3r f51eaef765 Add rspec 2015-04-08 02:33:27 -05:00
OJ 5ab0204b24 Update spec for new payloads 2015-04-07 11:32:00 +10:00
Matt Buck 5e2d6c27c3
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	db/schema.rb
	lib/msf/core/db_manager/session.rb
	metasploit-framework-db.gemspec
2015-04-06 11:27:00 -05:00
HD Moore 9145b6d717 Fix specs for uri_checksum 2015-04-05 22:56:59 -05:00
jvazquez-r7 261ef51813
Add Rex::Java::Serialization exceptions 2015-04-05 18:43:03 -05:00
Meatballs ebf77cd02d
Merge remote-tracking branch 'upstream/master' into msfvenom_psh_squash
Conflicts:
	lib/msf/util/exe.rb
2015-04-05 00:24:48 +01:00
jvazquez-r7 cb08e5b8da
Fix specs 2015-04-03 16:00:28 -05:00
sinn3r c33a4a7fd9 rspec for jsobfu 2015-04-03 15:27:35 -05:00
jvazquez-r7 e3bbb7c297 Solve conflicts 2015-04-03 14:57:49 -05:00
Fernando Arias 6455862484 Merge branch 'staging/rails-4.0' of github.com:rapid7/metasploit-framework into staging/rails-4.0
Conflicts:
	Gemfile.lock
	metasploit-framework.gemspec
2015-04-03 13:56:38 -05:00
OJ d02a4cc197
Land #5066 : EncodedPayload#generate specs 2015-04-03 20:59:00 +10:00
James Lee a1b4cf375f
Add some minimal specs for #generate 2015-04-03 00:11:41 -05:00
OJ fd043d4842 Fix up build and missing uri_checksum stuff
Somehow this made it into a merge when it shouldn't have. This fix moves
the URI checksum module to where it needs to be and updates all the
references where required. This will result in a class with the dynamic
transport branch, but I can fix that after.
2015-04-03 13:42:25 +10:00
OJ 5b5dc3ef59 Merge branch 'upstream/master' into stageless-x64
Merge required adjustment of the proxy datastore names that were changed.
2015-04-03 08:53:09 +10:00
Brent Cook f4977bf606
Land #5006 @jlee-r7 adds meterpreter specs 2015-04-01 11:05:47 -05:00
James Lee 76bfaa6ce9
Fix dumb inverted logic. Thanks, rspec! 2015-03-31 14:28:07 -05:00
James Lee 176cdcb836
Use sym-to-proc instead of reimplementing it 2015-03-31 11:21:53 -05:00
James Lee dfaf1b3a8f
Stub monitor_sock so we don't leak threads 2015-03-30 22:03:39 -05:00
OJ 97d788676c Set dynamic_size true for x64 stageless 2015-03-31 07:37:46 +10:00
James Lee 790a08a848
It's pronounced "exploit", not "assoc_exploit" 2015-03-30 16:21:17 -05:00
James Lee 2394d4bae8
Merge branch 'staging/single-vuln-push' into feature/MSP-11934/refactor-report-exploit-success
Conflicts:
	Gemfile
	Gemfile.lock
	spec/support/shared/examples/msf/db_manager/exploit_attempt.rb
2015-03-30 14:08:54 -05:00
James Lee 2ab4584079
Merge remote-tracking branch 'upstream/master' into staging/single-vuln-push 2015-03-30 13:50:52 -05:00
James Lee 6386289d80
Remove bogus spec
No longer necessary to check that we're instantiating an Msf::Module
because we get the same information by reusing an existing
Mdm::Module::Detail
2015-03-30 13:10:36 -05:00
OJ 6610504b10 Update payload spec 2015-03-30 21:07:30 +10:00
James Lee 7b1ac29788
Fix subject 2015-03-30 00:53:31 -05:00
James Lee 283e50fd42
Check the case of having no vuln 2015-03-30 00:09:49 -05:00
HD Moore a1c755161a Add spec coverage for appender, fix injector 2015-03-29 11:52:06 -05:00
Meatballs 9eca3a0ab5
Impersonation spec 2015-03-29 00:52:27 +00:00
Meatballs 10029eedb9
Add command specs 2015-03-29 00:05:44 +00:00
Meatballs f7e3abf760
sqlcmd specs and fixes 2015-03-28 23:23:00 +00:00
Meatballs 3b651aecdc
Specs for sqlserver check and fixes 2015-03-28 22:59:00 +00:00
sinn3r 9cfafdd8b8
Land #4649, improve post/windows/manage/run_as and as an exploit 2015-03-27 17:31:30 -05:00
Trevor Rosen 2815462375
Update Mdm to staging hash 2015-03-27 15:16:33 -05:00
James Lee 466ef4349e
Second verse, same as the first 2015-03-27 09:59:10 -05:00
James Lee 88a8186a11
Pull up redundant hash literal 2015-03-26 19:33:53 -05:00
Brent Cook e0568e95c2
Land #4978 @zerosteiner adds reverse https for python meterpreter 2015-03-26 19:16:46 -05:00
jvazquez-r7 d84c48cb7d
Use newer hash syntax 2015-03-25 13:39:34 -05:00
jvazquez-r7 72a0909e9b
Land #4992, @wchen-r7's support for multiple ActiveX controls on BrowserExploitServerMerge 2015-03-25 13:30:36 -05:00
James Lee 95d70e7211
Remove respond_to check for protected method
Fails on Ruby 2.x, and doesn't really gain us anything anyway.
2015-03-25 12:50:46 -05:00
James Lee 8f0c434faa Add specs for the new method 2015-03-25 12:34:10 -05:00
jvazquez-r7 0540e25db2
Calculate the java/rmi/registry/RegistryImpl_Stub hash dinamically 2015-03-25 11:29:07 -05:00
sinn3r 6e3e696262 Use symantec_web_gateway as an example of using send_request 2015-03-25 10:55:46 -05:00
sinn3r 111e3fcb88 Add rspec for #send_request 2015-03-25 01:45:03 -05:00
jvazquez-r7 a5c39db6c3
Use mocks like a boss... 2015-03-24 19:30:59 -05:00
jvazquez-r7 0b671d5210
Add specs for Msf::Java::Rmi::Client::Jmx::Connection 2015-03-24 19:15:25 -05:00
jvazquez-r7 356e8c727c
Add specs for Msf::Java::Rmi::Client::Jmx::Server 2015-03-24 18:56:58 -05:00
jvazquez-r7 464a6df5e0
Add specs for Msf::Java::Rmi::Client::Registry 2015-03-24 18:42:35 -05:00
jvazquez-r7 0fe98bc023
Delete old JMX mixin specs 2015-03-24 17:30:37 -05:00
jvazquez-r7 e20398a70a
Add specs for Msf::Java::Rmi::Client::Jmx::Server::Parser 2015-03-24 17:30:06 -05:00
jvazquez-r7 0a352fc7d4
Finish specs for Msf::Java::Rmi::Client::Jmx::Connection::Builder 2015-03-24 17:06:05 -05:00
jvazquez-r7 115c4e5a06
Add first specs for Msf::Java::Rmi::Client::Jmx::Connection::Builder 2015-03-24 16:37:05 -05:00
Matt Buck c26dfa263d
Ensure IP addresses are explicitly converted to strings
MSP-12113
2015-03-24 16:26:00 -05:00
jvazquez-r7 82d545850e
Add specs for Msf::Java::Rmi::Client::Jmx::Server::Builder 2015-03-24 16:04:18 -05:00
jvazquez-r7 87cac6fd55
Complete specs for Msf::Java::Rmi::Util 2015-03-24 15:41:32 -05:00
jvazquez-r7 48026da35f
Fix RMI specs 2015-03-24 15:14:36 -05:00
jvazquez-r7 0a07bb4d17
Add a couple of specs for Rex::Proto::Rmi::Model::ReturnValue 2015-03-24 15:08:59 -05:00
Christian Mehlmauer 7bf00f8f47
Land #4789, @rastating WPLMS wordpress module 2015-03-24 20:46:38 +01:00
James Lee 023f47f19a
Use build instead of create 2015-03-24 13:17:42 -05:00
James Lee b9934cfd3f
Add workspace to ensure consistency with session 2015-03-24 13:14:55 -05:00
James Lee 13a899b3d2
Use a named subject 2015-03-24 13:13:54 -05:00
James Lee 414983ac8c
Merge branch 'feature/MSP-11925/create-user-data' into staging/single-vuln-push
Conflicts:
	Gemfile.lock
2015-03-24 12:42:08 -05:00
Christian Mehlmauer 6eedf6ac03
Land #4975, egghunter tool, Resolve #4944 2015-03-24 06:20:30 +01:00
Christian Mehlmauer 71c544c3c5
added newline at end of file 2015-03-24 06:19:27 +01:00
sinn3r 3c4da5c3ff Update BES rspec 2015-03-24 00:10:18 -05:00
HD Moore c7da9d6f79 Move file: prefix checks out of option class specs (would need to go into console test specs at some point) 2015-03-23 15:09:22 -05:00
jvazquez-r7 79068c8ec2
Delete JMX discovery stream 2015-03-23 10:21:37 -05:00
sinn3r 01caf161f8 Fix syntax error in db_spec.rb 2015-03-23 01:35:26 -05:00
sinn3r 2e75d14d56 Update rspec 2015-03-23 00:53:55 -05:00
Spencer McIntyre 7282968d8a Python reverse HTTPS stager 2015-03-21 12:43:14 -04:00
sinn3r 675f96ecd1 Don't need this require 2015-03-20 23:32:23 -05:00
sinn3r 96bcdd211c Finished rspec 2015-03-20 20:53:04 -05:00
sinn3r 470464874f The important test cases I want to cover 2015-03-20 16:53:42 -05:00
sinn3r 2fda115110 rspec starter 2015-03-20 16:46:09 -05:00
jvazquez-r7 1226b3656f
Land #4945, @wchen-r7's login scanner for Symantec web gateway 2015-03-20 14:44:05 -05:00
jvazquez-r7 e257e742e0
Fix require 2015-03-20 14:26:55 -05:00
jvazquez-r7 62871255b0
Match class and file names 2015-03-20 14:25:20 -05:00
jvazquez-r7 eb73da2f39 Clean specs 2015-03-20 14:19:02 -05:00
sinn3r b19f766728
Land #4942, Gitlab Login Scanner 2015-03-20 13:02:12 -05:00
William Vu cf645772b6
Land #4960, hosts -i, -n, and -m support 2015-03-19 21:34:14 -05:00
jvazquez-r7 da51d2be67
Really add specs for Msf::Java::Rmi::Client::Registry::Parser 2015-03-19 19:07:42 -05:00
jvazquez-r7 6eecbc3de1
Add specs for Msf::Java::Rmi::Client::Registry::Builder 2015-03-19 18:24:31 -05:00
sinn3r 6c84081552 Update db_spec.rb 2015-03-19 18:12:37 -05:00
jvazquez-r7 ec90594f7e
Add support for Rex::Java::Serialization::ProxyClassDesc 2015-03-19 15:41:24 -05:00
OJ 7899881416 Update POSIX bins from master 2015-03-19 14:50:14 +10:00
Meatballs a5d589ef55
Railgun calls should return a hash 2015-03-19 00:05:02 +00:00
Meatballs 975ddc9092
Add some spec mockery 2015-03-18 23:43:46 +00:00
jvazquez-r7 8113ed2e1f
Move specs 2015-03-18 09:29:37 -05:00
jvazquez-r7 0968f14ac1
Add specs for CallData 2015-03-17 20:53:02 -05:00
jvazquez-r7 6315e07312 Add specs for UniqueIdentifier 2015-03-17 20:38:43 -05:00
jvazquez-r7 4bc4936083 Add specs for ReturnValue 2015-03-17 17:30:53 -05:00
jvazquez-r7 87b777e923
Refactor moving code to rex 2015-03-17 17:15:32 -05:00
sinn3r 78ec4c91e8 Completed rspec 2015-03-17 16:15:12 -05:00
Matt Buck f29a3f69e9 Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	metasploit-framework-db.gemspec
2015-03-17 15:47:48 -05:00
sinn3r ee276434a4 Update swg spec, looking good so far 2015-03-17 15:15:32 -05:00
sinn3r d5b77d053b Update for rspec 2015-03-17 12:14:58 -05:00
sinn3r 503fb602f9 Get rspec going 2015-03-17 12:01:46 -05:00
jvazquez-r7 2d8782d711 Fix RMI specs 2015-03-17 11:48:38 -05:00
jvazquez-r7 ebe7ad07b0 Add specs, plus modify java_rmi_server modules 2015-03-17 11:26:27 -05:00
Meatballs 2c6b904c02
Correct spec too 2015-03-17 11:36:36 +00:00
Meatballs f4a1e981ab
Add gitlab login scanner 2015-03-17 11:19:23 +00:00
Brent Cook abb8a32e68 update spec for dynamic meterpreter payloads 2015-03-16 18:08:13 -05:00
Brent Cook b68e05e536
Land #4914, @hmoore-r7 and @BorjaMerino winhttp stagers 2015-03-13 08:24:11 -05:00
William Vu fa2fbc387c
Land #4922, REG_MULTI_SZ for type2str 2015-03-13 01:07:27 -05:00
HD Moore 66a45ac7fd Add spec for reverse_winhttps 2015-03-11 16:29:22 -05:00
HD Moore ea1bc69e2e Merge branch 'master' into feature/add-reverse_winhttp-stagers 2015-03-11 14:29:34 -05:00
Brent Cook ceeee4446f
Land #4904, @hmoore-r7 reworks reverse_http/s stagers
They are now assembled dynamically and support more flexible options,
such as long URLs.
2015-03-11 10:41:59 -05:00
HD Moore cb1a1ef692 Remove bad stager+stage combinations from the payload set 2015-03-11 00:46:24 -05:00
James Lee cb41154712
Make a MatchResult when sessions are reported 2015-03-10 15:17:57 -05:00
HD Moore db351317a5 Merge with PR branch 2015-03-10 14:08:35 -05:00
HD Moore 0f763c2cb3 First step to reworking the winhttp stagers 2015-03-10 14:07:25 -05:00
Borja Merino 991e72a4fa HTTP stager based on WinHttp 2015-03-10 13:40:16 -05:00
HD Moore 966848127a Refactor x86 Windows reverse_http and reverse_https stagers 2015-03-10 12:48:30 -05:00
HD Moore d0324e8ad3 Final cleanup, passing specs 2015-03-09 15:50:57 -05:00
James Lee 838746b021
Add user_data_is_match? method 2015-03-09 15:35:53 -05:00
HD Moore 60145ad9a1 Cosmetic tweaks to the specs 2015-03-09 15:08:11 -05:00
HD Moore 7dc0af443f Rework specs 2015-03-09 14:41:25 -05:00
HD Moore 33f96f5c31 Remvoe the useless pinst variable from the previous test 2015-03-09 13:59:58 -05:00
HD Moore f61c3f33bd Validate cached_size and dynamic_size? in the payload specs 2015-03-09 13:58:18 -05:00
James Lee ff91953f92
Whitespace 2015-03-09 08:58:25 -05:00
James Lee 9195479a6d
Add a context for without user_data 2015-03-09 08:56:52 -05:00
James Lee b37a975108
Use metasploit_data_models staging branch 2015-03-09 01:28:27 -05:00
James Lee cd5699dc39
Sort cases and add specs 2015-03-08 23:27:32 -05:00
jvazquez-r7 38f8fe382c Update specs 2015-03-05 12:24:41 -06:00
jvazquez-r7 1c064f6b46
Land #3074, @0x41414141 SMB Share mixin 2015-03-04 10:16:04 -06:00
jvazquez-r7 a57aefb721 Add specs for QUERY information level 2015-03-03 15:24:13 -06:00
jvazquez-r7 96c0f1847b Fix examples descriptions 2015-03-03 14:48:18 -06:00
jvazquez-r7 7f7b17c04e Really add specs 2015-03-03 14:14:03 -06:00
jvazquez-r7 df7c07bfd1 Really add the specs 2015-03-03 13:19:50 -06:00
jvazquez-r7 a2a24c56d6 Add specs for QueryFileInformation 2015-03-03 13:04:30 -06:00
jvazquez-r7 1322cb0d3f Clean find_first2 specs 2015-03-03 12:46:25 -06:00
jvazquez-r7 8328c5c5e9 Add specs for SMB_FIND_FILE_BOTH_DIRECTORY_INFO requests 2015-03-03 12:43:41 -06:00
jvazquez-r7 597f99ade9 Finish TRANS2 specs 2015-03-03 11:46:13 -06:00
jvazquez-r7 a204b550d2 Add specs for TRANSACTION2 helper methods 2015-03-03 10:55:55 -06:00
jvazquez-r7 bece2e7088 Really add the specs 2015-03-03 10:32:35 -06:00
jvazquez-r7 4bbc0b5b0b Fix valid_request on negotiate_spec 2015-03-02 17:39:39 -06:00
jvazquez-r7 a92dc7e73d Fix nt_create_andx specs 2015-03-02 17:38:24 -06:00
jvazquez-r7 4fc08d7243 Add specs for Msf::Exploit::Remote::SMB::Server::Share::Command::ReadAndX 2015-03-02 17:32:03 -06:00
jvazquez-r7 b5e5d390ac Add specs for Msf::Exploit::Remote::SMB::Server::Share::Command::NtCreateAndx 2015-03-02 16:55:36 -06:00
jvazquez-r7 584e5f7d8b Add specs for Exploit::Remote::SMB::Server::Share::Command::Negotiate 2015-03-02 16:29:33 -06:00
jvazquez-r7 50f5baa7c6 Add specs for Msf::Exploit::Remote::SMB::Server::Share::Command::Close 2015-03-02 16:00:02 -06:00
rastating 00c4d704f2 Update rspec to include new functionality
Added a new test for testing when all versions of a plugin are
vulnerable and added tests for checking theme versions from the
style.css file
2015-02-26 21:18:51 +00:00
William Vu 3efae77212 Use /dev/null instead of /etc/passwd
File.read returns "" on /dev/null. Don't try it on /dev/zero. :-)
2015-02-26 14:19:25 -06:00
William Vu f625ad4f9c Remove unnecessary tests in spec 2015-02-26 14:12:39 -06:00
William Vu 4aedd7e5d3 Fix spec for fsquery support 2015-02-25 18:14:17 -06:00
William Vu a543eccdb4 Add FSQUERY test to spec 2015-02-25 17:18:29 -06:00
William Vu af5e0ec0d6 Update spec with a couple more cases
Also fix a bad copypasta.
2015-02-25 16:43:40 -06:00
William Vu 513d11ce93 Complete replacement of "pathname" with "path"
See e8c2c3687d.
2015-02-25 15:52:26 -06:00
William Vu c95855ff11 Add fsdelete test to spec 2015-02-25 15:44:12 -06:00
William Vu 26cbeb011b Add fsdownload test to spec 2015-02-25 15:00:37 -06:00
William Vu f61fb0555d Add case-insensitive test of delete 2015-02-25 10:47:36 -06:00
William Vu 36e40f02c9 Fix delete in datastore spec
I was tired and accidentally a should. :(
2015-02-25 10:47:32 -06:00
William Vu 2a66a6ae88 Add delete to datastore spec 2015-02-24 20:57:38 -06:00
Jon Hart e94f5fc635 Better handling of TYPE#/CLASS#, tests 2015-02-24 15:37:39 -08:00
Jon Hart 7b5be67d65 Add incomplete spec for Net::DNS::RR::Classes 2015-02-24 15:37:39 -08:00
Jon Hart 1957fe6d56 Add incomplete spec for Net::DNS::RR::Types 2015-02-24 15:37:39 -08:00
sinn3r 12a99ecee5
Land #4796, Handle incompatible payload architecture in BES 2015-02-24 10:02:25 -06:00
William Vu 8c5ff858d0
Land #4812, hp_sys_mgmt_login configurable URIs 2015-02-23 19:04:14 -06:00
HD Moore 8b0354b193 Fix the SSL boolean test 2015-02-23 14:29:28 -06:00
sinn3r fb9a054713 Fix rspec
The login URi is user-configurable so we shouldn't dictate this
anymore.
2015-02-20 22:08:09 -06:00
Brent Cook 641b67469d add payload specs for reverse_http_proxy_pstore
PR predated the spec
2015-02-20 12:23:51 -06:00
sinn3r 1835120851 Update rspec for get_payload in BES 2015-02-19 02:45:54 -06:00
Matt Buck e397ecec9d Merge branch 'upstream-master' into staging/rails-4.0 2015-02-18 15:05:39 -06:00
HD Moore 2847507f03 Add a chef brute force module 2015-02-17 23:49:57 -06:00
HD Moore 27d5ab45b4 Add a zabbix brute force module 2015-02-17 22:56:08 -06:00
Meatballs 0debbbb948 Fixup spec 2015-02-16 19:07:55 +00:00
Matt Buck d4d1dc09f3
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	db/schema.rb
	metasploit-framework-db.gemspec
	metasploit-framework.gemspec
2015-02-13 16:13:18 -06:00
Meatballs 33560a2657 Refactor Msf::Exploit::Powershell to Rex::Powershell to allow for
msfvenom usage.
2015-02-10 20:53:46 +00:00
jvazquez-r7 b8f614ef59
Fix namespaces in specs 2015-02-10 12:00:04 -06:00
jvazquez-r7 8222dc9302 Reorganize specs 2015-02-10 11:57:09 -06:00
jvazquez-r7 1f4fdb5d18
Update from master 2015-02-10 10:47:17 -06:00
jvazquez-r7 2c7777f831
Land #4601, @wchen-r7's tool to lookup md5 hashes 2015-01-30 19:04:34 -06:00
James Lee 9f4daa4e03
Add a couple more specs 2015-01-27 14:09:00 -06:00
James Lee a2c7ebc2b1
Simplify logic 2015-01-27 09:05:11 -06:00
James Lee 5985f37fe8
Only need one origin 2015-01-27 09:02:30 -06:00
James Lee ca44ae2109
Consistent commas 2015-01-27 08:41:24 -06:00
James Lee eac7b11a87
Merge remote-tracking branch 'upstream/master' into bug/4634/blank-username
Conflicts:
	lib/msf/ui/console/command_dispatcher/db.rb
	spec/lib/msf/ui/console/command_dispatcher/db_spec.rb
2015-01-27 08:40:07 -06:00
James Lee aea26e1e21
Add negative spec 2015-01-27 08:14:48 -06:00
James Lee 964d37dbc5
Add a simple spec for -u
Need lots more
2015-01-26 20:37:17 -06:00
Tod Beardsley 63c3832d7d
Also test for nonmatching passwords 2015-01-26 17:02:58 -06:00
Tod Beardsley 1410477fe9
Use the blank password/username variables 2015-01-26 17:00:45 -06:00
Tod Beardsley 2294ea0e93
Squash commit for blank creds search and test
This should fix up #4642 with respect to #4504.

Squashed commit of the following:

commit 124d53ccb00cd200bede092e893dda7e033d3e17
Merge: cb2bef8 ccad159
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Mon Jan 26 16:23:03 2015 -0600

    Merge branch 'feature/creds-blank-finders' into temp

commit ccad159222eaa949d76e22b588d1ac7709fb2f27
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Mon Jan 26 15:58:02 2015 -0600

    Clean out whitespace, make vars more meaningful

commit 266b45dff26e2778e43d8e4750d212b5aee5a009
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Mon Jan 26 15:54:32 2015 -0600

    Add some specs for regular users and blank users

commit 2e51503f76e9a2f6921c57e86a2f98527f80c874
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date:   Mon Jan 26 15:04:03 2015 -0600

    Users should be able to find blank user/pass
2015-01-26 16:26:30 -06:00
Jon Hart cb2bef878b
Land #4504, @disenchant's get/getg improvement 2015-01-26 12:49:34 -08:00
sinn3r ff0af805e3 Add a warning before use 2015-01-23 22:26:41 -06:00
jvazquez-r7 720def9d0a Update java_deserializer specs 2015-01-22 14:50:48 -06:00
jvazquez-r7 c33e5faed3 Change namespace 2015-01-21 01:00:45 -06:00
jvazquez-r7 f85890a249 Change specs filename 2015-01-21 00:58:32 -06:00
jvazquez-r7 81d0eca45b Fix Msf::Jmx::Handshake specs 2015-01-21 00:57:50 -06:00
jvazquez-r7 2ef57d6172 Add specs for Msf::Jmx::MBean::ServerConnection 2015-01-20 19:10:21 -06:00
jvazquez-r7 7e2f9b32b3 Add specs for Msf::Jmx::MBean::ServerConnection#create_mbean_stream 2015-01-20 18:59:25 -06:00
jvazquez-r7 b97c0fe398 Add Msf::Jmx::Util#extract_unicast_ref 2015-01-20 17:46:42 -06:00
jvazquez-r7 7b675adf01 Add specs for Msf::Jmx::Handshake 2015-01-20 17:29:48 -06:00
jvazquez-r7 f3fa4562bd Add specs for Msf::Jmx::Discovery 2015-01-20 16:49:02 -06:00
jvazquez-r7 39e3f9f892 Add specs for Msf::Jmx::Util 2015-01-20 16:18:53 -06:00
jvazquez-r7 7d43ec7f93 Add specs for Rex::Java::Serialization::Builder#add_specs 2015-01-20 15:13:30 -06:00
jvazquez-r7 d4a8049ac5 Add specs for Rex::Java::Serialization::Builder#new_object 2015-01-20 15:03:37 -06:00
jvazquez-r7 09fe65eeba Add specs for Rex::Java::Serialization::Builder#new_class 2015-01-20 11:59:33 -06:00
Borja Merino 1f35347a0c payloads_spec updated 2015-01-19 13:22:49 +01:00
sinn3r 4281d9fdf5 Don't use should for rpsec 2015-01-17 01:50:37 -06:00
sinn3r 2e9b99ece6 Update rspec 2015-01-17 01:25:28 -06:00
sinn3r 84030d273b rspec progress 2015-01-16 22:06:49 -06:00
sinn3r 3d93bc06e8 rspec progress 2015-01-16 18:25:54 -06:00
Jon Hart b2e9e43f3d
Add unit tests for RPC's getg 2015-01-16 10:39:05 -08:00
Jon Hart e7566944df
Simplify get/getg rspec 2015-01-16 09:48:24 -08:00
Jon Hart c6121f0a37
Add rspec coverage for getg (and set/setg, in a way) 2015-01-16 08:43:14 -08:00
Jon Hart 7f90b68cce
Add rspec coverage for get (and set/setg, in a way) 2015-01-16 08:28:32 -08:00
sinn3r 05458ec81f I should be done with md5_lookup.rb now 2015-01-16 01:13:37 -06:00
sinn3r 1a808991aa Starting rspec 2015-01-15 21:55:29 -06:00
Jon Hart da1c56a65d
Add minimal tests for get/getg 2015-01-15 14:46:12 -08:00
Jon Hart ba2c33132b
Put Msf::Ui::Console::CommandDispatcher specs in the right location 2015-01-15 14:06:29 -08:00
jvazquez-r7 41fa542456 Delete jmx invoke spec 2015-01-14 16:51:12 -06:00
jvazquez-r7 621cada2ac Undo build_gc_call_data refactoring 2015-01-14 16:47:28 -06:00
jvazquez-r7 70c99748ac Add Stream spec for marshalled argument 2015-01-14 12:05:27 -06:00
jvazquez-r7 a5ae2aadee Add spec for MBeanServerConnection.invoke stream 2015-01-14 11:44:39 -06:00
jvazquez-r7 915df2029d Add stream spec 2015-01-13 18:35:54 -06:00
jvazquez-r7 36b2771564 Add spec for send_dgc_ack 2015-01-13 11:06:08 -06:00
jvazquez-r7 ad082bc1af Add specs for build_dgc_ack 2015-01-13 11:02:16 -06:00
jvazquez-r7 0babde8c1a Fix specs 2015-01-13 10:48:23 -06:00
jvazquez-r7 3946b95bc3 Update rex code and specs 2015-01-13 10:45:00 -06:00
jvazquez-r7 1f0b986bf1 Change filenames 2015-01-13 10:43:27 -06:00
Jon Hart 4e6879fb1e
Add tests for Rex::Proto:ACPP::Message#succesful? 2015-01-12 19:36:12 -08:00
Jon Hart fba6945e9a Doc payload oddness. Add more checksum tests 2015-01-12 13:08:12 -08:00
Jon Hart 54eab4ea3d Checksum validation, more tests 2015-01-12 13:08:12 -08:00
Jon Hart 7e4dd4e55b Add ACPP decoding capabilities 2015-01-12 13:08:12 -08:00
Jon Hart 2af82ac987 Some preliminary Apple Airport admin protocol (ACPP?) support 2015-01-12 13:08:11 -08:00
jvazquez-r7 ebac17893c Use a new class name 2015-01-08 17:41:29 -06:00
jvazquez-r7 97a23788b6 Add unused args to get_once on specs 2015-01-08 17:22:21 -06:00
Jon Hart 75726f1e74
Update spec to cover #4559 2015-01-08 15:15:01 -08:00
jvazquez-r7 c05b2e2b03 Fix Continuation specs 2015-01-08 16:51:33 -06:00
jvazquez-r7 5dfc0f1665 Fix Client mixin specs 2015-01-08 16:48:11 -06:00
jvazquez-r7 db4d24cb2c Add spec for build_gc_call_data 2015-01-08 14:24:07 -06:00
jvazquez-r7 549e42279c Create specs for Streams 2015-01-08 14:17:57 -06:00
Matt Buck 2cd5be021b
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile
	Gemfile.lock
	db/schema.rb
	metasploit-framework-db.gemspec
	metasploit-framework.gemspec
2015-01-08 13:12:27 -06:00
jvazquez-r7 9a42d42318 Add specs for Msf::Rmi::Client 2015-01-08 11:57:38 -06:00
David Maloney 5d68d48ca5
Land #4385, fixes bruteforce_speed validator
bruteforce_speed validator now accepts nil
2015-01-07 12:09:25 -06:00
jvazquez-r7 ba13e9d64c Add Stream spec 2015-01-07 12:05:44 -06:00
jvazquez-r7 98ec08ae0d Add support for Ping and PingAck 2015-01-06 15:18:55 -06:00
jvazquez-r7 1e3b24f01b Add support for DbgAck 2015-01-06 15:00:17 -06:00
jvazquez-r7 6d1d300e72 Add support for ReturnData 2015-01-06 12:52:00 -06:00
jvazquez-r7 825e08f5ac Add support for Call messages 2015-01-06 12:36:06 -06:00
jvazquez-r7 f3ff42dbfb Add support for Continuation 2015-01-06 11:34:47 -06:00
jvazquez-r7 757f95a24d Add support for ProtocolAck 2015-01-06 00:14:14 -06:00
jvazquez-r7 26da73ffb8 Change class name 2015-01-05 19:23:07 -06:00
jvazquez-r7 d5dfd75e71 Add initial model and support to OutputStream 2015-01-05 18:52:13 -06:00
Christian Mehlmauer 056046f38b
update wordpress readme regex 2015-01-01 23:13:20 +01:00
Tod Beardsley 135faeee29
Land #4095, specs for Rex::OLE 2014-12-30 14:25:09 -06:00
Tod Beardsley a8e907d68b
Land #4479, nil comparisons and missing DLLs
Also fixes #4474.
2014-12-30 13:55:54 -06:00
Jon Hart 0857d74a7d
Clean up rspec 2014-12-30 11:29:30 -08:00
Jon Hart c11741b7c4
Add rspec for Msf::Core::Exploit::SMB::*Paths 2014-12-30 11:27:05 -08:00
Brent Cook 125cc27f7a updated expected exception from a bad module load 2014-12-30 10:57:37 -06:00
sinn3r 555713b6ae
Land #4456 - MS14-068, Kerberos Checksum (plus krb protocol support) 2014-12-29 16:09:28 -06:00
Borja Merino 9791acd0bf Add stager ipknock shellcode (PR 2) 2014-12-27 22:03:45 +01:00
jvazquez-r7 fb83bf6092 Fix specs 2014-12-22 17:55:39 -06:00
jvazquez-r7 ad97457a39 Move more constants to Crypto 2014-12-22 15:27:16 -06:00
jvazquez-r7 f3b263f57d Use more crypto constants 2014-12-22 12:13:23 -06:00
jvazquez-r7 ff208002d7 Reorganize the Crypto mixin 2014-12-22 11:57:35 -06:00
jvazquez-r7 277ec92358 Really Add specs for Msf::Kerberos::Client::TgsRequest 2014-12-22 11:28:47 -06:00
William Vu e4191866d9
Add bind_hidden_tcp to payload spec 2014-12-22 10:37:46 -06:00
jvazquez-r7 a0c7f779e9 Change spec filename 2014-12-22 09:36:51 -06:00
jvazquez-r7 8c62822ab9 Add specs for Msf::Client::Kerberos::AsRequest 2014-12-22 09:34:21 -06:00
jvazquez-r7 1f3eded4a8 Add specs for Msf::Kerberos::Client::CacheCredential 2014-12-21 23:47:40 -06:00
jvazquez-r7 60d4525632 Add specs for Msf::Kerberos::Client::Pac 2014-12-21 17:49:36 -06:00
jvazquez-r7 e4455800e1 Add specs for Msf::Kerberos::Client::Base 2014-12-21 16:46:26 -06:00
jvazquez-r7 e219b0b249 Add specs for Msf::Kerberos::Client::AsResponse 2014-12-21 01:12:00 -06:00
jvazquez-r7 d7b6407720 Add specs for AsResponse#extract_session_key 2014-12-21 00:53:20 -06:00
jvazquez-r7 2d9ed9eb4c Add specs for TgsResponse 2014-12-21 00:39:59 -06:00
jvazquez-r7 6acd0703d7 Add specs for Msf::Kerberos::Client::TgsResponse 2014-12-21 00:16:38 -06:00
Tod Beardsley d3050de862
Remove references to Redmine in code
See #4400. This should be all of them, except for, of course, the module
that targets Redmine itself.

Note that this also updates the README.md with more current information
as well.
2014-12-19 17:27:08 -06:00
jvazquez-r7 fad08d7fca Add specs for Rex Kerberos client 2014-12-19 12:14:33 -06:00
jvazquez-r7 b740ba4738 Add specs for Rex::Proto::Kerberos::CredentialCache::Cache 2014-12-18 18:35:20 -06:00
jvazquez-r7 8f119e0731 Add specs for Rex::Proto::Kerberos::CredentialCache::Credential 2014-12-18 18:07:44 -06:00
jvazquez-r7 0d464a7ff8 Add specs for Rex::Proto::Kerberos::CredentialCache::Time 2014-12-18 17:53:42 -06:00
jvazquez-r7 d53f5668a2 Add specs for Rex::Proto::Kerberos::CredentialCache::KeyBlock 2014-12-18 17:50:00 -06:00
jvazquez-r7 c426cf32d0 Add specs for Rex::Proto::Kerberos::CredentialCache::Principal 2014-12-18 17:40:06 -06:00
William Vu 153d7e273d
Land #4420, tentative "fix" for EXE spec 2014-12-18 13:55:56 -06:00
Tod Beardsley db474adc7b
Remove the helper as well.
See #3807.

Again, happy to have working tests that actually test validity. But,
these ain't them.
2014-12-18 13:28:04 -06:00
Trevor Rosen 80cd04d76a
Land #4332, test optimization for Cucumber
* Make Cuke run faster on TravisCI
2014-12-18 09:34:55 -06:00
Tod Beardsley 270debea32
Remove the EXE file test spec
This thing has been a problem since forever, given cross-platform
issues and random collisions with other file magic signatures.

See #3807 and #2793 and the even earlier redmine bug.

This should not close the bug, since we're merely avoiding the random
fails by not testing at all. We /should/ test, but in the meantime, we
can't suffer these failures that throw me (at least) into a panic every
time.
2014-12-18 09:18:24 -06:00
jvazquez-r7 8e570cc19b Initial support to send TGS-REQ 2014-12-17 18:55:30 -06:00
jvazquez-r7 594b9bcfc2 Add support for AuthorizationData 2014-12-16 23:21:13 -06:00
jvazquez-r7 2649d482fe Add support for KRB_AP_REQ 2014-12-16 18:39:42 -06:00
jvazquez-r7 0f55a98450 Add support for Authenticator encoding 2014-12-16 17:45:54 -06:00
jvazquez-r7 dde45a7f53 Add support for Checksum encoding 2014-12-16 17:05:35 -06:00
jvazquez-r7 a93cbac7bf Support ticket encoding 2014-12-16 16:04:13 -06:00
jvazquez-r7 a5f8b4319f Add support to encode PAC-TYPE 2014-12-16 11:31:27 -06:00
jvazquez-r7 1721641138 Add support for PAC-LOGON-INFO 2014-12-16 09:32:47 -06:00
sinn3r 513fd122b8 Update rpsec 2014-12-16 00:26:53 -06:00
jvazquez-r7 c1114c180a Add support for PAC-CLIENT-INFO 2014-12-15 17:32:51 -06:00
jvazquez-r7 64a0162e3f Add support for PAC-SERVER-CHECKSUM 2014-12-15 17:16:43 -06:00
jvazquez-r7 2c7139b936 Add support for PAC-PRIVSRV-CHECKSUM 2014-12-15 17:13:22 -06:00
Samuel Huckins 4c994d84e0
Updating version to 4.11 for Flood release 2014-12-15 14:42:09 -06:00
jvazquez-r7 643279b54b Add support to decode the encryption part of as responses 2014-12-15 11:46:11 -06:00
jvazquez-r7 b98ad59900 Add specs for KdcResponse 2014-12-15 08:54:33 -06:00
jvazquez-r7 d81cdd6cbb Add KdcResponse spec first draft 2014-12-14 21:20:54 -06:00
jvazquez-r7 442adb080f Add first support to decode tickets 2014-12-14 20:51:26 -06:00
jvazquez-r7 b988104e40 Modify forgotten spec 2014-12-14 19:28:59 -06:00
jvazquez-r7 87548cecfb Move specs 2014-12-14 19:27:38 -06:00
jvazquez-r7 8049d4024b Delete references to deleted namespaces from specs 2014-12-14 19:26:39 -06:00
jvazquez-r7 883bfd1f46 Add support to retrieve e-data 2014-12-14 17:23:37 -06:00
jvazquez-r7 c5dc065fde Add support for decoding KrbError 2014-12-14 16:26:18 -06:00
HD Moore 00590f9f26
Adds Java serialization support, lands #4327 2014-12-13 17:47:53 -06:00
HD Moore f676b72767
Add Kademlia scanner, lands #4210 2014-12-12 16:40:58 -06:00
Tod Beardsley 9545b6e4d6
Land #4343, os_flavor reduction 2014-12-12 14:49:15 -06:00
Tod Beardsley ac004d2770
Fix bruteforce validators to accept nil
bruteforce_speed isn't always required, because the speed checker
already handles nil (and presumes the user wants the fastest possible).

See also MSP-11842
2014-12-12 13:57:37 -06:00
jvazquez-r7 20836c1789 Refactor crypto usage 2014-12-11 18:18:37 -06:00
jvazquez-r7 d96206b813 Support KdcRequest#encode 2014-12-11 12:44:17 -06:00
jvazquez-r7 162d2d39b5 Add support for KdcRequestBody decoding 2014-12-11 12:19:26 -06:00
Tod Beardsley fbd1e9ba6e
Add a spec for the Base LoginScanner
Turns out, there wasn't one.

This tests what I've changed, at least.
2014-12-11 10:48:48 -06:00
Tod Beardsley edf541fabe
Fix some double spacing 2014-12-11 09:39:15 -06:00
jvazquez-r7 39ffc0c58a Add support for PreAuthData#encode 2014-12-10 19:48:44 -06:00
jvazquez-r7 b89dee03c6 Add PreAuthEncTimeStamp#encode support 2014-12-10 19:30:21 -06:00
jvazquez-r7 3accdb705b Add support for PreAuthPacRequest#encode 2014-12-10 19:18:19 -06:00
jvazquez-r7 96c1370334 Add EncryptedData#encode support 2014-12-10 19:12:24 -06:00
jvazquez-r7 475014820f Add asn1 comments for specs 2014-12-10 18:47:41 -06:00
jvazquez-r7 5d2ff5982e Add support for PreAuthEncTimeStamp decoding/decrypting 2014-12-10 18:33:46 -06:00
jvazquez-r7 785ff60d8e Add inital support for PreAuthEncTimeStamp 2014-12-10 11:25:48 -06:00
jvazquez-r7 8ec403af89 Add support for PA-PAC-REQUEST 2014-12-10 10:51:37 -06:00