Luke Imhoff
c84febea5f
tools/missing-payload-tests.rb
...
MSP-11145
**NOTE: Failing specs**
Add a tool for reading `log/untested-payload.log` and
`framework.payloads` to determine `context`s to add
`spec/modules/payloads_spec.rb` to test the untested payloads.
2014-10-27 13:03:31 -05:00
Jon Hart
b8c9ef96ca
Land #4003 , @nstarke's Login Scanner for WD MyBook Live NAS
2014-10-27 09:57:43 -07:00
Jon Hart
765b5e686c
Use configured method and URI rather than duplicated values
2014-10-27 09:56:39 -07:00
Luke Imhoff
605f48e58d
Detect leaked constants under Msf::Modules
...
MSP-11130
Detect constants leaked under Msf::Modules after the suite completes.
2014-10-27 11:13:43 -05:00
nstarke
44f7db4798
Refactoring Success Case
...
I have refactored the code so that it will work with
non-root accounts.
2014-10-25 13:31:36 +00:00
Luke Imhoff
48d6880f1d
Add docs for untested payload testing
...
MSP-11145
Add docs to rake task, shared examples, and share contexts for how to
use all 3 together.
2014-10-23 11:17:05 -05:00
Luke Imhoff
f827a1c761
Extract untested-payloads.log checker spec task action
...
MSP-11145
Extract the spec task action which errored out if
`log/untested-payloads.log` exists to
`Metasploit::Framework::Spec::UntestedPayloads.define_task`.
2014-10-23 10:24:33 -05:00
Jon Hart
83df08aaa7
Properly encode body and catch invalid configs
2014-10-22 22:43:06 -07:00
James Lee
a5a84886ee
Make sure vnc closes the socket
2014-10-22 15:53:05 -05:00
Jon Hart
ce8a9941ea
Cleanup. Sanity check in setup. vprint
2014-10-22 10:36:24 -07:00
James Lee
46acf08e2d
Merge remote-tracking branch 'upstream/master' into bug/msp-11497/loginscanner-tcp-evasions
2014-10-22 09:09:34 -05:00
nstarke
ee3dd3a2ac
More Fixes for WD MyBook Live Scanner
...
Fixes include removing deregistered options
from credentials collection object and adding proof
when there is no response
2014-10-22 03:06:21 +00:00
James Lee
e1a7e902d6
Re-enable tcp evasions for more LoginScanners
...
Untested since I don't have targets for these.
2014-10-21 18:58:28 -05:00
sinn3r
79d393c5aa
Resolve merge conflicts
...
Conflicts:
lib/msf/core/exploit/smb.rb
lib/msf/core/exploit/tcp.rb
modules/auxiliary/scanner/http/axis_login.rb
2014-10-21 13:06:35 -05:00
James Lee
83b1d270cd
Fix ftp and mssql
2014-10-21 11:09:39 -05:00
James Lee
8b2dcac730
Fix telnet
2014-10-21 11:08:41 -05:00
James Lee
2fcb1004fb
Move tcp options to Tcp::Client out of RexSocket
2014-10-21 09:59:26 -05:00
James Lee
e76ee294a1
Restore tcp evasions to telnet
2014-10-21 09:44:55 -05:00
James Lee
cb9a77c06b
Fix NoMethodError when unable to connect
...
Derp.
2014-10-21 08:58:45 -05:00
James Lee
6f3b26f5e9
Remove tcp evasions from Http
...
Can't use 'em anyway
2014-10-21 08:27:29 -05:00
nstarke
82b74d5f3c
Fixes to MyBook Live Module
...
This commit contains three fixes as requested on PR
#4003 . Those include:
+ Removing extraneous puts statement
+ Checking for valid response
+ SSL support.
2014-10-21 00:50:40 +00:00
nstarke
70b13819d9
Adding Login Scanner for MyBook Live
...
This is a LoginScanner auxiliary module for Western
Digital MyBook Live NAS devices as well as the spec
for testing.
2014-10-21 00:50:40 +00:00
James Lee
3051b6c5ba
Clean up exceptions
...
Of particular note is mysql, who was rescuing Rex::ConnectionTimeout
*after* Rex::ConnectionError, which never would have fired anyway.
2014-10-20 10:27:02 -05:00
James Lee
b7d69bec83
Restore proxies to ssh scanners
2014-10-20 10:19:06 -05:00
Tod Beardsley
a431bff13f
@wvu-r7 is a skilled negotiator. s/stdout/stderr/
2014-10-17 13:13:44 -05:00
Tod Beardsley
5978bd5e62
Control the startup msg with -q, too
2014-10-17 12:41:58 -05:00
Tod Beardsley
a45b21b6bf
-q will quiet the animation, too
2014-10-17 12:32:28 -05:00
James Lee
41a57b7ba5
Re-enable proxies for HTTP-based login scanners
2014-10-15 17:00:44 -05:00
Tod Beardsley
e010d70913
No need for that bool option
2014-10-14 14:59:57 -05:00
Tod Beardsley
bf0a5d038e
Add an animation to comfort the user
...
Sometimes msfconsole takes a little while to start.
This adds a fairly common ASCII spinner to the startup sequence.
I haven't spec'ed it, and the code organization isn't great, so consider
this PR more of a cry for help than something immediately landable.
That said, it works for me.
2014-10-14 14:54:45 -05:00
nstarke
f8d6af6d4e
Rescuing from JSON Parse
...
Previous code was not using any sort of exception handling
for parsing the response body. I have added a rescue block
for JSON errors to remedy this problem.
2014-10-10 12:41:11 +00:00
nstarke
472985a8a8
Adding Buffalo Linkstation NAS Login Scanner
...
I have added a login scanner for the Buffalo Linkstation
NAS. I have been testing against version 1.68 of the
firmware. Also included are some specs for this module.
2014-10-10 03:16:48 +00:00
nstarke
eed0958de5
Fixing Comment
...
Comment was incorrect and needed to be fixed.
2014-10-07 11:28:40 -05:00
nstarke
b8c2643d56
Converting Module to LoginScanner w/ Specs
...
The previous commits for this Jenkins CI module relied on an
obsolete pattern. Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
2014-10-06 21:14:10 -05:00
Matt Buck
0bb4eac259
Rename the method for optional requires
...
MSP-11412
2014-10-03 14:06:13 -05:00
Matt Buck
88cbf22ef0
Optionally require mdm, as well
...
MSP-11412
2014-10-03 13:49:39 -05:00
Matt Buck
dabec92e61
Ensure require of metasploit/credential/engine is optional
2014-10-02 14:46:56 -05:00
Matt Buck
7ed1977d0b
Specific require all metasploit gem dependencies' engines
...
MSP-11412
2014-10-02 14:20:10 -05:00
sinn3r
7163b8c55a
Fixes #3915 - NoMethodError private method `rhost'
...
There's no self.rhost, but rhost is defined
2014-09-30 11:34:16 -05:00
David Maloney
5ff4a55cd2
smb connection error not setting result properly
...
if the initial connection from the SMB LoginScanner fails
it wouldn't set the target information on the result. this could cause
smb_login to throw a stack trace when it calls invalidate_login
2014-09-16 15:24:14 -05:00
David Maloney
e5aa5c4014
missing postgres rescues
2014-09-16 15:04:07 -05:00
sinn3r
169d04020d
Land #3571 - Add Wordpress XML-RPC Login Scanner (with LoginScanner)
2014-09-16 14:51:24 -05:00
David Maloney
aeed66b694
missing mysql rescue
2014-09-16 13:41:03 -05:00
David Maloney
d708de07a3
return the lgoinscanner class name in an invalid exception
...
when a loginScanner throws an Invalid exception , the message
will now include the classname of the Scanner that threw it.
2014-09-16 13:24:08 -05:00
David Maloney
6decd3cbd2
fix exceptions thrown in telnet loginscanner too
2014-09-16 10:09:59 -05:00
David Maloney
bf8f7221c7
rescue exceptions in check_setup
2014-09-15 13:52:17 -05:00
jvazquez-r7
7d4c4c3658
Land #3699 , @dmaloney-r7's ipboard login refactor
2014-09-15 08:29:42 -05:00
jvazquez-r7
917a7ffa1e
Add specs for valid IPBoard application
2014-09-12 16:08:03 -05:00
Cucumber
b80519dc16
Lands #3779 , specs
...
MSP-11343
Merge specs that I missed during last merge.
2014-09-12 14:49:26 -05:00
jvazquez-r7
0d054d8354
Update with master changes
2014-09-12 09:52:32 -05:00
jvazquez-r7
b8d31891f8
Clean YARD documentation
2014-09-12 09:32:32 -05:00
Joe Vennix
55519d8867
Land #3781 , my addition of Metasploit::Concern to msf.
2014-09-11 16:57:24 -05:00
Luke Imhoff
706655f755
Land #3779 , Glassfish LoginScanner exception
...
MSP-11343
2014-09-11 15:57:47 -05:00
Joe Vennix
8654b63c58
Make sure Metasploit::Concern is accessible everywhere.
2014-09-11 14:46:35 -05:00
David Maloney
0663355237
catch connectionreset in ftp login scanner
...
add exception rescue for Errno::ECONNRESET
2014-09-11 14:39:36 -05:00
James Lee
a8e3ff0c0f
Add specs to verify server header matching
2014-09-11 11:42:38 -05:00
James Lee
9151c2c79d
Add docstrings and avoid multiple returns
2014-09-11 10:50:42 -05:00
James Lee
20e48a233a
Explicitly set @version to nil if we can't detect
2014-09-11 10:30:52 -05:00
Cenk Kalpakoğlu
11004ab7c6
typo fix
2014-09-11 16:27:35 +03:00
James Lee
8aa06b8605
Better api for check_setup
2014-09-10 23:43:54 -05:00
James Lee
c1658e5d51
Add a check_setup method
2014-09-10 20:09:46 -05:00
James Lee
84e4db9035
Don't raise in the middle
...
MSP-11343
This means we don't bomb out with an unhandled exception, instead
continuing attempting logins against the host even though it will never
succeed. Next up: verify state before running scan!()
2014-09-10 20:09:33 -05:00
David Maloney
2ac15f2088
some fixes based on Christruncer's feedback
...
fixed some stuff i borked, back to you chris
2014-09-08 15:27:01 -05:00
David Maloney
cd3cdc5384
Merge branch 'master' into feature/ipboard-login-refactor
2014-09-08 14:48:37 -05:00
David Maloney
b84142715f
rescue mysql host blocked
...
rbmysql can throw an exception if the
server blocked this host due to too many connection errors
2014-09-08 12:45:10 -05:00
jvazquez-r7
10bb77af9f
Land #3716 , @wchen-r7's Glassfish LoginScanner update
2014-09-07 21:54:34 -05:00
jvazquez-r7
768b50974f
Redo try_glassfish_3 specs
2014-09-07 21:04:43 -05:00
jvazquez-r7
07238ef7b3
Redo try_glassfish_2 specs
2014-09-07 20:47:54 -05:00
sinn3r
6df7658267
Very small change to the doc
2014-09-06 01:54:52 -05:00
jvazquez-r7
78cf75c4d5
Clean YARD documentation
2014-09-06 00:24:39 -05:00
sinn3r
0dcf481d76
This one is good to go
2014-09-04 14:13:33 -05:00
David Maloney
28427ccee3
add VHOST and useragent support to loginscanner
2014-09-04 10:59:07 -05:00
sinn3r
e1694ec3e5
LoginScanner update for hp_sys_mgmt_login
...
Work in progress
2014-09-03 16:23:57 -05:00
sinn3r
61e58dc6d3
Yard doc
2014-09-02 20:48:07 -05:00
sinn3r
954475c0bf
Add rspec and update about secure admin
2014-09-02 20:35:25 -05:00
David Maloney
928aeffcba
add wordpress_rpc loginscanner and specs
2014-08-29 13:06:12 -05:00
Samuel Huckins
fa77caa819
Merge branch 'bug/MSP-11153/database-config-overrides'
...
MSP-11153 #land
2014-08-28 17:12:37 -05:00
Luke Imhoff
20177c7c23
Restore backup database.yml when retesting after interrupt
...
MSP-11153
Restore the config/database.yml backed up to
config/database.yml.cucumber.bak in the db:config:restore task, which is
made a dependency of the environment rake task so that
config/database.yml is restored before Rails tries to use it in the
environment task. This specifically, allows for rake cucumber to be
interrupted when the config/database.yml has been moved to
config/database.yml.cucumber.bak and a subsequence rake cucumber to
succeed and restore config/database.yml, but any task that depends on
environment will restore the config/database.yml.
2014-08-28 15:20:53 -05:00
sinn3r
f097ef96e0
Use &&
2014-08-28 12:13:03 -05:00
sinn3r
d0d9949d91
Do SSL options correctly
2014-08-28 12:04:14 -05:00
Luke Imhoff
275fa5cb50
Remove unnecessary return
...
MSP-11153
Leftover from earlier design.
2014-08-27 16:58:45 -05:00
Luke Imhoff
83b6f268b4
Remove unnecessary realpath
...
MSP-11153
Causes errors on machines that don't have ~/.msf4 like travis-ci.
2014-08-27 16:58:05 -05:00
sinn3r
df215a380d
Do not send 2 content-length headers
2014-08-27 16:05:08 -05:00
sinn3r
a32ffc4c26
Add the final portion for Glassfish login module
2014-08-27 15:09:11 -05:00
Luke Imhoff
951ce15b44
Move database.yml selection to Metasploit::Framework::Database
...
MSP-11153
Test the following paths in order and only return them if the path
exists:
1. MSF_DATABASE_CONFIG environment variable
2. ~/.msf4/database.yml
3. <project>/config/database.yml
2014-08-27 12:01:43 -05:00
sinn3r
5d8cbe0544
Early version of Glassfish using LoginScanner
2014-08-27 01:23:02 -05:00
Tom Sellers
4a1b037af0
Remaining files..
2014-08-26 18:15:58 -05:00
David Maloney
c42517a14a
missing exception rescue
...
needed to also rescue Errno::ETIMEDOUT
2014-08-26 13:58:34 -05:00
David Maloney
32b1a5ea23
add ipboard loginscanner
...
add loginscanner class for IPBoard with specs
this should replicate the functionality originally written
by Chris Truncer, but move it into a testable, reusable class
2014-08-25 13:58:30 -05:00
Joe Vennix
95fbb8f1b7
Land PR #3672 , dmaloney-r7's login scanner credential rework.
2014-08-22 11:15:32 -05:00
Brandon Turner
05f0d09828
Merge branch staging/electro-release into master
...
On August 15, shuckins-r7 merged the Metasploit 4.10.0 branch
(staging/electro-release) into master. Rather than merging with
history, he squashed all history into two commits (see
149c3ecc63
and
82760bf5b3
).
We want to preserve history (for things like git blame, git log, etc.).
So on August 22, we reverted the commits above (see
19ba7772f3
).
This merge commit merges the staging/electro-release branch
(62b81d6814
) into master
(48f0743d1b
). It ensures that any changes
committed to master since the original squashed merge are retained.
As a side effect, you may see this merge commit in history/blame for the
time period between August 15 and August 22.
2014-08-22 10:50:38 -05:00
Brandon Turner
19ba7772f3
Revert "Various merge resolutions from master <- staging"
...
This reverts commit 149c3ecc63
.
Conflicts:
lib/metasploit/framework/command/base.rb
lib/metasploit/framework/common_engine.rb
lib/metasploit/framework/require.rb
lib/msf/core/modules/namespace.rb
modules/auxiliary/analyze/jtr_postgres_fast.rb
modules/auxiliary/scanner/smb/smb_login.rb
msfconsole
2014-08-22 10:17:44 -05:00
James Lee
c3e8bc8fa0
Fix a crash when we can't connect to PG, again
2014-08-20 11:02:46 -05:00
James Lee
fa27def41f
Revert "Fix a crash when we can't connect to PG"
...
This reverts commit b6deb6a342
.
2014-08-20 11:01:29 -05:00
James Lee
b6deb6a342
Fix a crash when we can't connect to PG
...
MSP-11061
No Postgres, no cry
2014-08-19 15:30:24 -05:00
David Maloney
473b92a060
Merge branch 'master' into feature/MSP-10992/scanner-dry
...
Conflicts:
Gemfile.lock
lib/metasploit/framework/command/console.rb
lib/metasploit/framework/common_engine.rb
lib/metasploit/framework/credential.rb
lib/metasploit/framework/credential_collection.rb
lib/metasploit/framework/login_scanner/afp.rb
lib/metasploit/framework/login_scanner/axis2.rb
lib/metasploit/framework/login_scanner/db2.rb
lib/metasploit/framework/login_scanner/ftp.rb
lib/metasploit/framework/login_scanner/http.rb
lib/metasploit/framework/login_scanner/mssql.rb
lib/metasploit/framework/login_scanner/mysql.rb
lib/metasploit/framework/login_scanner/pop3.rb
lib/metasploit/framework/login_scanner/postgres.rb
lib/metasploit/framework/login_scanner/result.rb
lib/metasploit/framework/login_scanner/smb.rb
lib/metasploit/framework/login_scanner/snmp.rb
lib/metasploit/framework/login_scanner/ssh.rb
lib/metasploit/framework/login_scanner/telnet.rb
lib/metasploit/framework/login_scanner/vnc.rb
lib/metasploit/framework/parsed_options/console.rb
lib/metasploit/framework/require.rb
lib/metasploit/framework/version.rb
lib/msf/core/modules/namespace.rb
modules/auxiliary/analyze/jtr_postgres_fast.rb
modules/auxiliary/scanner/afp/afp_login.rb
modules/auxiliary/scanner/db2/db2_auth.rb
modules/auxiliary/scanner/ftp/ftp_login.rb
modules/auxiliary/scanner/http/axis_login.rb
modules/auxiliary/scanner/http/http_login.rb
modules/auxiliary/scanner/http/tomcat_mgr_login.rb
modules/auxiliary/scanner/mssql/mssql_login.rb
modules/auxiliary/scanner/mysql/mysql_login.rb
modules/auxiliary/scanner/pop3/pop3_login.rb
modules/auxiliary/scanner/postgres/postgres_login.rb
modules/auxiliary/scanner/snmp/snmp_login.rb
modules/auxiliary/scanner/ssh/ssh_login.rb
modules/auxiliary/scanner/ssh/ssh_login_pubkey.rb
modules/auxiliary/scanner/telnet/telnet_login.rb
modules/auxiliary/scanner/vnc/vnc_login.rb
modules/auxiliary/scanner/winrm/winrm_login.rb
spec/lib/metasploit/framework/credential_spec.rb
spec/lib/msf/core/framework_spec.rb
2014-08-19 10:30:16 -05:00
James Lee
b9e449f5e2
Fix crash when database.yml doesn't exist
2014-08-18 12:40:57 -05:00
Samuel Huckins
82760bf5b3
Deprecation warnings hidden for non-listeners
2014-08-15 12:33:44 -05:00
Samuel Huckins
149c3ecc63
Various merge resolutions from master <- staging
...
* --ask option ported to new location
* --version option now works
* MSF version updated
* All specs passing
2014-08-15 11:33:31 -05:00
David Maloney
84374fe92c
Merge branch 'staging/electro-release' into bug/MSP-11050/rails_root
2014-08-12 13:54:38 -05:00
David Maloney
12f1234296
always set our rails root to our root
...
this works fine when calling any framework binaries
from their path as CWD. if you call tehm from another path
you will get an incorrect root which can cause certain things to load
incorrectly
Signed-off-by: David Maloney <DMaloney@rapid7.com>
2014-08-12 13:53:28 -05:00
David Maloney
fcfce9efec
Merge branch 'staging/electro-release' into feature/MSP-10992/scanner-dry
2014-08-12 11:22:51 -05:00
Luke Imhoff
e051272a20
Fix typo
...
MSP-11046
`ActiveSupport::OrderedOptions` automatically create an attribute for
any missing keys, so when `options.console.resource` was used it would
return `nil` instead of the erroring. The correct option name was
`options.console.resources` (note the pluralization).
2014-08-12 10:49:35 -05:00
Luke Imhoff
9096a8a1f5
Remove Msf::Framework::VersionAPI
...
MSP-10998
It's compacting of the version parts into a single float doesn't work
with APIMinor over 10, so replace with Gem::Version, which compares
parts correctly.
2014-08-01 21:43:14 -05:00
Luke Imhoff
22db5aad8a
Remove Msf::Framework::VersionCore
...
MSP-10998
It can't handle 4.10.0 because it tries to compact the multiple part
version into one float using (1 / 10.0).
2014-08-01 21:31:48 -05:00
darkbushido
ceaffce727
Merge branch 'pr/3593' into staging/electro-release
2014-08-01 16:01:10 -05:00
David Maloney
ab7111120b
and all the rest
...
finally!
2014-08-01 14:54:18 -05:00
David Maloney
4821851ae4
telnet and ssh next
2014-08-01 14:47:08 -05:00
David Maloney
12902b0a6d
the refactor continues!
2014-08-01 14:41:03 -05:00
David Maloney
b74813b9a1
mysql and pop3 now
2014-08-01 14:30:33 -05:00
David Maloney
2e7738c788
http and mssql now
2014-08-01 14:22:58 -05:00
dmaloney-r7
e6a0e079b6
Merge pull request #3596 from darkbushido/bug/MSP-10937/adding-parent-to-cores-to-credential
...
.to_credential now assigns a parent
2014-08-01 13:13:48 -05:00
David Maloney
33f73a8af7
refactor db2
2014-08-01 13:00:27 -05:00
David Maloney
439b893fea
refactor axislogin
2014-08-01 12:30:16 -05:00
David Maloney
0fffb179fa
refactor afp_login
2014-08-01 12:10:52 -05:00
David Maloney
db345fcb58
make credential_collection always set private_type
2014-08-01 11:57:35 -05:00
David Maloney
a380646667
start refactoring ftp loginscanner
2014-08-01 11:47:13 -05:00
David Maloney
320f032dfe
add to_h to result
2014-08-01 11:46:43 -05:00
David Maloney
dbde046f44
use to_h instead of to_hash
...
apparently ruby 2 adds this as a standard method so
we should stay compliant
2014-08-01 09:45:51 -05:00
David Maloney
0e65792f43
Merge branch 'staging/electro-release' into feature/loginscanner-report-dry
2014-08-01 09:41:30 -05:00
Brandon Turner
0ad2a7c89b
Bump version to 4.10.0
2014-07-31 23:43:46 -05:00
David Maloney
374c6532fa
add to_hash to Credential
...
begining of the chain to DRYing up
credential reporting in the loginscanner
2014-07-31 18:10:48 -05:00
darkbushido
ad6eed01a2
.to_credential now assigns a parent
...
Metasploit::Credential::Core#to_credential will set the parent to the original core objext
Metasploit::Framework::Credential#to_credential also sets the parent to itself.
2014-07-31 14:52:27 -05:00
Luke Imhoff
7cc5af589f
Only require config/application.rb when Rails.application not set
...
MSP-10964
Allows other Rails::Applications to use the commands.
2014-07-31 13:32:22 -05:00
Luke Imhoff
f9ab7f7a88
Only error out if Rails.env differs from options.environment
...
MSP-10964
2014-07-31 13:28:21 -05:00
Luke Imhoff
aa2e26f8f2
Allow RAILS_ENV to override default environment of 'production'
...
MSP-10964
2014-07-31 13:24:23 -05:00
James Lee
6a72572237
Wrap comments at 80
2014-07-31 09:41:08 -05:00
James Lee
77d99b7374
Land #3586 , fix msfconsole when running without db
...
Conflicts:
Gemfile.lock
metasploit-framework.gemspec
2014-07-30 17:24:21 -05:00
Trevor Rosen
ea72a7e5c3
Merge pull request #3583 from jlee-r7/feature/MSP-9932/creds-add-subcommands
...
Add `creds` subcommands
MSP-9932 #land
2014-07-30 12:01:36 -05:00
Luke Imhoff
ceb8a0f5c2
Extract option require pattern to helper Module
...
MSP-10905
`Metasplot::Framework::Require.optionally` can be used to optionally
require a library and then issue a warning if the require fails or run a
block when it succeeds.
2014-07-30 10:07:53 -05:00
Luke Imhoff
1a6d4843c7
Merge branch 'staging/electro-release' into bug/MSP-10905/msfconsole-database
...
MSP-10905
2014-07-29 15:52:11 -05:00
Luke Imhoff
ba4891bca0
Restore Rails.groups arguments
...
MSP-10905
They don't cause a problem.
2014-07-29 15:50:52 -05:00
Luke Imhoff
38da44c26b
Fix arity difference between rails and msfconsole options
...
MSP-10905
2014-07-29 14:32:42 -05:00
Luke Imhoff
04541ac724
Parse msfconsole options before initializing Rails
...
MSP-10905
2014-07-29 14:07:14 -05:00
Luke Imhoff
24a5a155f4
Require gems
...
MSP-10905
2014-07-29 14:02:56 -05:00
David Maloney
78a3263cfe
have Credentials remember their aprents
...
a Credential object can be created from several
other types of objects. Keep a reference to the originating
'parent' so we can find our way back
2014-07-29 11:20:52 -05:00
James Lee
ef7f5fe967
Make metasploit-model a direct dep
...
Needed for all the scanners that use Metasploit::Model::Realm::Key
constants.
2014-07-29 10:30:46 -05:00
darkbushido
064d624322
changing Credential == operator
...
it should no longer raise no method errors when comparing a credential to
an object that doesnt respond to public, private, or realm
2014-07-23 16:17:09 -05:00
Samuel Huckins
6c1a3f4992
Merge pull request #3555 from jlee-r7/bug/MSP-10817/jtr-typo
...
Now able to complete without error.
MSP-10817 #land
2014-07-23 15:55:42 -05:00
Samuel Huckins
ffd7d28bc6
Merge pull request #3559 from dmaloney-r7/feature/MSP-10230/snmp_login
...
MSP-10230 #land
2014-07-23 13:59:37 -05:00
David Maloney
b7d15d0b08
simple fix to mysql loginscanner
...
typo caused connection_timeout default to not get set
2014-07-23 12:07:57 -05:00
David Maloney
e54f5e8ee7
working snmp_login module
2014-07-22 12:44:21 -05:00
David Maloney
c553fcac73
start refacotirng snmp_login
2014-07-22 11:46:22 -05:00
David Maloney
0eb4fc0ed1
community string collection
...
add community string collection to handle snmp loginscanner
credentials
2014-07-22 11:44:31 -05:00
James Lee
addecb6311
Fix running shipped bins by using a config file
...
This should get everything working again.
MSP-10817
2014-07-21 18:26:50 -05:00
James Lee
a2a75ffb03
Fix typo and full path issue
...
Previously, the JtR library was prepending the path to data/john/ for
shipped bins; without it, modules weren't finding the executables.
2014-07-21 17:58:27 -05:00
Joe Vennix
9db951cadc
Add sane defaults for HTTP method and path.
2014-07-21 14:57:28 -05:00
cdoughty-r7
1ad04eb2d9
Merge pull request #111 from rapid7/bug/MSP-10714-gem-version
...
Fix gem version to support rubygems < 2.1
2014-07-16 13:23:33 -05:00
Brandon Turner
e637237574
Use the Rubygems 2.2 version convention
...
Substitute version dashes with ".pre.".
MSP-10714
2014-07-16 11:13:14 -05:00
Brandon Turner
044fdb8c55
Fix gem version to support rubygems < 2.1
...
MSP-10714
2014-07-15 19:02:39 -05:00
David Maloney
ea57ad0126
fix connection error on base
...
missed a reference to connection_error on the
loginscanner base. this would prevent us from
bailing out early if we have too many connection errors
2014-07-15 16:21:13 -05:00
David Maloney
34635ab968
module login status cleanup
...
cleanup several bruteforce module to
use the loginstatus constants for result status
2014-07-15 14:55:41 -05:00
David Maloney
9857bac6b1
add NO_AUTH_REQUIRED
2014-07-15 14:38:41 -05:00
David Maloney
939e585658
refactor all loginscanners
...
loginscanners now use LoginStatus constants
for the result statuses
2014-07-15 13:17:56 -05:00
David Maloney
846679bef9
change Result status
...
result bojects now use Login::status constants
for their status
2014-07-15 11:39:38 -05:00
dmaloney-r7
f3ec386240
Merge pull request #106 from rapid7/feature/MSP-10686/stop-after-user-success
...
Feature/msp 10686/stop after user success
2014-07-14 14:56:23 -05:00
dmaloney-r7
7184d2ed5e
Merge pull request #107 from rapid7/feature/MSP-9704/pop3-module-refactor
...
Refactor pop3_login
2014-07-14 13:27:11 -05:00
James Lee
e68dcdbb06
Refactor pop3_login
...
Also adjusts timeout in the scanner class to account for Dovecot's
default "Authentication Penalty" delay.
See http://wiki2.dovecot.org/Authentication/Penalty
2014-07-11 17:26:49 -05:00
Trevor Rosen
cc93dbbe29
Merge pull request #102 from rapid7/feature/MSP-9707/smb-bruteforce-refactor
...
Feature/msp 9707/smb bruteforce refactor
MSP-9707 #land
2014-07-11 11:33:12 -05:00
James Lee
4b16985eb8
Stop trying more creds for a user after success
...
This is more like the behavior of the old AuthBrute mixin, where a
scanner module was expected to return :next_user in the block given to
each_user_pass when it successfully authenticated.
The advantage is a reduced number of attempts that are very unlikely to
be successful since we already know the password. However, note that
since we don't compare realms, this will cause a false negative in the
rare case where the same username exists with different realms on the
same service.
MSP-10686
2014-07-10 17:48:58 -05:00
James Lee
097d5d68ce
Display 'realm\user' for AD instead of 'user@realm'
2014-07-10 14:31:42 -05:00
James Lee
e4039c2382
Merge branch 'staging/electro-release' into feature/MSP-10679/refactor-invalidate-login
2014-07-10 14:00:28 -05:00
David Maloney
818bd1946d
final tweak for the http case
...
the only scenario in our final else that
would have a realm in the credential is the
http case in which case we want the realm to be there
still. otherwise the credential in this case has no
realm anyways so there is no need to strip one off
2014-07-10 12:39:01 -05:00
David Maloney
7dc58d060e
make only one each method
...
made the one true enumerator of credentials
for the login_scanner.
also covered the wierd http case where it can have a realm key
but no default realm.
2014-07-10 12:35:09 -05:00
David Maloney
a319d5270e
set default connection tiemouts
...
loginscanners should have a default connection timeout
2014-07-10 11:35:10 -05:00
David Maloney
1a0200f711
one more strip
2014-07-09 17:50:28 -05:00
David Maloney
25ee278097
strip vestigial realms
...
in the cases where we don't want a realm we should be
stripping it from the credential so we can build accurate results
2014-07-09 17:46:56 -05:00
James Lee
bb3525419e
Rescue the right thing
...
MSP-9707
2014-07-09 17:44:53 -05:00
David Maloney
0c4e53ce5a
fix up specs
...
a whole bunch of spec changes needed for
these changes.
alos the axis2 spec was actually testing the winrm
class due to copypasta error.
2014-07-09 16:32:59 -05:00
David Maloney
c7b37743ef
working realm coercion
...
LoginScanners will now figure out
the right thing to do about Realms
based on attributes of the Scanner itself
2014-07-09 15:56:39 -05:00
David Maloney
24fced822e
coerce realm_key when it exists
...
if the cred has a realm and the loginscanner
has a realm_key, make the credential use the
scanner's realm key
2014-07-09 14:58:20 -05:00
David Maloney
766b50b5e0
REALM_KEY not _TYPE
...
arg typos
2014-07-09 14:01:41 -05:00
James Lee
afe36ab6ad
Merge branch 'staging/electro-release' into feature/MSP-9707/smb-bruteforce-refactor
...
Conflicts:
lib/metasploit/framework/login_scanner/smb.rb
2014-07-09 12:50:24 -05:00
David Maloney
7325cfec64
add default realm values
...
for the scanners that take a realm
we know what the default realm to try is
so the Scanner should hold that info
2014-07-09 11:19:25 -05:00
David Maloney
bc18ca5762
add REALM_KEY to each LoginScanner
...
each LoginScanner should now know
what kind of REALM it takes
2014-07-09 10:53:37 -05:00
dmaloney-r7
b65989ff0c
Merge pull request #100 from rapid7/bug/MSP-10661/glob-rb-files
...
Use glob instead of entries
2014-07-08 14:29:24 -05:00
James Lee
567435f508
Use glob instead of entries
...
Fixes the case where a non-ruby file exists in the login_scanner/
directory
2014-07-08 11:00:33 -05:00
David Maloney
38419dae83
fix to_credential on core
...
the Metasploit::Credential::Core to_credential
method now seats private_type and realm_key correctly
2014-07-07 18:05:04 -05:00
David Maloney
2c13ff4038
Merge branch 'staging/electro-release' into feature/MSP-10656/unify-ssh-scanners
2014-07-07 16:32:39 -05:00
dmaloney-r7
db8b0c907b
Merge pull request #94 from rapid7/feature/MSP-10648/login-scanner-creation
...
Feature/msp 10648/login scanner creation
2014-07-07 16:04:09 -05:00
dmaloney-r7
c4c7ff519f
Merge pull request #96 from rapid7/feature/MSP-10657/add-private-type
...
Add private_type and realm_key accessors to Framework::Credential
2014-07-07 15:43:18 -05:00
David Maloney
b52c13228c
make private_type validation conditional
...
there are times when this won't be filled in
but the credential is still valid
2014-07-07 15:40:52 -05:00
James Lee
2a9ac0a007
Axe SSHKey in favor of a unified SSH
2014-07-07 13:35:17 -05:00
James Lee
71cbbc5388
Merge branch 'feature/MSP-10648/login-scanner-creation' into feature/MSP-10656/unify-ssh-scanners
2014-07-07 13:19:34 -05:00
James Lee
b7cfc927c4
Add private_type and realm_key accessors
2014-07-07 13:07:28 -05:00
James Lee
5c406a2aa5
Remove successes and failures
...
No reason to store them and they could fill a ton of unnecessary memory.
2014-07-07 12:33:15 -05:00
James Lee
7035064f3d
Assignment alignment for Dave
2014-07-07 12:30:04 -05:00
James Lee
8df3ada087
Better docs
2014-07-07 10:18:42 -05:00
James Lee
325d2d25b9
Fix requires and derp typos
2014-07-07 10:09:45 -05:00
James Lee
311f43f1e4
Constpocalypse
2014-07-03 18:49:46 -05:00
James Lee
b7a55d402d
Add likely service ports and names for HTTP
2014-07-02 23:41:31 -05:00
James Lee
9dde47a0bc
Add a simple classes_for_service method
2014-07-02 23:31:56 -05:00
Lance Sanchez
b5351eec2b
adding .to_credential
...
Metasploit::Framework::Credential and Metasploit::Credential::Core
need to be consumable by the login scanners. the easiest way to do this
was to create a shared to_credential method on both that return Metasploit::Framework::Credential
MSP-9912
2014-06-26 11:05:59 -05:00
James Lee
f225ac92ab
Refactor smb_login
...
Maintains the new admin check functionality added in
rapid7/metasploit-framework#3330
2014-06-25 04:13:37 -05:00
James Lee
35c0ef0c68
Merge branch 'feature/MSP-9716/mssql_crack' into staging/electro-release
2014-06-20 12:39:07 -05:00
David Maloney
3c85601426
not every version has dupe supression
2014-06-19 16:28:23 -05:00
David Maloney
4453dcdc8e
some minor fixes
2014-06-19 15:45:24 -05:00
James Lee
9421beedb3
Refactor http_login
2014-06-19 14:12:21 -05:00
David Maloney
0ff8708e6d
some minor fixes
2014-06-19 13:08:43 -05:00
James Lee
b606448976
Merge branch 'feature/MSP-9689/jtr_cracker' into staging/electro-release
2014-06-19 10:14:57 -05:00
James Lee
2d9c6f832a
Moar parens!!1!!
2014-06-19 10:07:21 -05:00
David Maloney
fd0e24cdb2
moar docs!
2014-06-18 11:38:07 -05:00
David Maloney
4b4d9796c5
more minor cleanup
...
cleanup from code review
2014-06-18 11:24:55 -05:00
David Maloney
9f11170c3b
some minor cleanup on jtr stuff
...
minor cleanup to code nstyling stuff
2014-06-18 10:57:41 -05:00
David Maloney
d473d86ef0
use tr instead of gsub for mutation
...
this should be another slight performance
increase as straight up string replacement
should require less overhead then multiple
runs of regex replacement.
2014-06-17 10:29:09 -05:00
James Lee
6237d56398
Refactor ssh_login_pubkey
...
* Fix a bug in LoginScanner::SSHKey (which was copy-pasted from SSH)
where the ssh_socket accessor was not being set because of a
shadowing local var
* Fix a bug in the db command dispatcher where an extra column was
added to the table, causing an unhandled exception when running the
creds command
* Add a big, ugly, untested class for imitating
Metasploit::Framework::CredentialCollection for ssh keys. This class
continues the current behavoir of silently ignoring files that are a)
encrypted or b) not private keys.
* Remove unnecessary proof gathering in the module (it's already
handled by the LoginScanner class)
2014-06-16 18:38:20 -05:00
David Maloney
a81b0ed17b
rename method to_file
...
change method name from write to to_file
as it makes more sense for what it is is doing
and what it returns
2014-06-16 18:03:06 -05:00
David Maloney
95beaa4f7e
correct self-eating array nature
...
we never noticed we were modifying the array in place
because we were reculaculating. now with a memoized
version we would get decreasing results
2014-06-16 17:37:18 -05:00
David Maloney
a92a58417f
memoize the mutation keys
...
it was recalculating the mutation rules
everytime, and there is no reason to do this
2014-06-16 17:18:52 -05:00
David Maloney
f1a39ef973
enumerators all done with specs
...
the enumeration chains are now all complete with specs
so we can enumerate all the words generated by the given options.
2014-06-16 13:31:30 -05:00
David Maloney
9af811a2ed
we need to pass in a workspace
2014-06-15 15:52:57 -05:00
David Maloney
897b0b1ee5
wordlist enumerators with some specs
...
started the enumerators on the wordlist class
and began adding the specs for them
2014-06-15 13:37:50 -05:00
David Maloney
a00ff5aeef
yield custom_wordlist words
2014-06-15 12:16:21 -05:00
David Maloney
41d6b326f2
specs for wordlist validations
...
added specs to cover the validations on
the JtR wordlist class.
2014-06-15 11:14:11 -05:00
David Maloney
a5fb898904
actually set max run time
...
make maxrutnime affect the crack command
2014-06-14 20:03:56 -05:00
David Maloney
33519b1fcd
cracker validations and specs
...
more validations and specs for the cracker class
2014-06-14 19:59:59 -05:00
David Maloney
10f3531bbb
add exectuable validator
...
like the filepath validator but also checks
to see if the file is exectuable by the current
users.
2014-06-14 18:01:24 -05:00
David Maloney
21f29c4da9
more filepath validators
...
added filepath validations to cracker
also made them all conditional validations
2014-06-14 17:54:37 -05:00
David Maloney
1dd69a5228
wordlist validators
...
added custom fielpath vaidator and
added validations to the wordlist class
2014-06-14 17:49:47 -05:00
David Maloney
466576d03f
jtr wordlist validations started
...
start adding validations and exceptions for the
JtR Wordlist class.
2014-06-14 16:16:30 -05:00
David Maloney
19231b7c8f
starting skeleton on wordlist class
...
start framing out JtR wordlist class that
will generate Wordlists to be passed to our
JtR cracker.
2014-06-14 15:48:25 -05:00
David Maloney
41f7bc1372
add common root words wordlist
...
this adds a new wordlist to the data directory.
This wordlist is compiled from statistical analysis of
common Numeric passwords and Common rootwords across
6 years of colleted password breach dumps. Every word in
this list has been seen thousands of times in password
breaches
2014-06-14 14:13:59 -05:00
David Maloney
873d6e5b99
add all the specs
2014-06-14 12:28:17 -05:00
David Maloney
b784bea48e
slow roll of specs for jtr cracker
...
slowly adding spec coverage for the JtR cracker
2014-06-13 16:08:56 -05:00
David Maloney
7187138134
start injecting sanity
2014-06-13 14:53:56 -05:00
David Maloney
a9bcb8b3bd
add skeleton for JtR Cracker
...
starting work on creating the JtR Cracker class
2014-06-13 11:10:12 -05:00
Samuel Huckins
f452652f54
Merge pull request #61 from rapid7/feature/MSP-9708/ssh-bruteforce
...
Functional steps updated and passing, along with specs. Proof being maintained seemed off, but it's not persisted, just used for setting platform.
MSP-9708 #land
2014-06-12 18:37:44 -05:00
Samuel Huckins
d215b8e5b2
Merge pull request #47 from rapid7/feature/MSP-9712/winrm-bruteforce
...
45 merged, steps passing.
MSP-9712 #land
2014-06-12 16:04:17 -05:00
Samuel Huckins
df705c2edc
Gotta keep 'em sepArated.
...
MSP-9712
2014-06-12 16:03:02 -05:00
David Maloney
5fd117a015
fix userpass file stack trace
...
if an improperly formated userpass file was
supplied it could cause a stack trace. add some guarding around it
2014-06-12 12:39:36 -05:00
David Maloney
c074ebda7b
refactor telnet_login
2014-06-11 17:46:42 -05:00
James Lee
c8e1fab6ec
Merge branch 'staging/electro-release' into feature/MSP-9708/ssh-bruteforce
...
Conflicts:
lib/metasploit/framework/credential.rb
2014-06-11 16:28:01 -05:00
James Lee
b756395eaa
Merge branch 'staging/electro-release' into feature/MSP-9712/winrm-bruteforce
...
Conflicts:
lib/metasploit/framework/credential_collection.rb
spec/lib/metasploit/framework/credential_collection_spec.rb
2014-06-11 16:21:59 -05:00
dmaloney-r7
9affc753c0
Merge pull request #66 from rapid7/feature/cred-collection-prepend
...
Add ability to prepend creds to a collection
2014-06-11 14:34:54 -05:00
James Lee
3a8f6236ad
Add ability to prepend creds to a collection
2014-06-11 14:30:45 -05:00
Samuel Huckins
84aa0d42ed
Merge pull request #57 from rapid7/bug/MSP-10004/rubyzip
...
Trevor added a 0.4.1 tag right before this PR landed, making this unmergable. Pulled in staging/electro-release, specs passing.
2014-06-11 13:48:03 -05:00
James Lee
fb8c1f4c4b
Refactor ssh_login to use LoginScanner stuffs
...
Also, Metasploit::Credential::Creation stuffs.
2014-06-10 17:30:06 -05:00
Luke Imhoff
4d923a4809
Update to Rubyzip 1.X API
...
MSP-10004
`require 'zip'` instead of `'zip/zip'` and rename all classes to remove
redundant Zip prefix inside the Zip namespace.
2014-06-10 13:41:42 -05:00
David Maloney
e9d9806408
invalidate_login
...
added invalidate_login call
also made to_s on credential drop the @
if there is no realm present
2014-06-10 11:07:15 -05:00
James Lee
552899ef13
Add a couple more specs for CredentialCollection
...
Also fixes some typos in docs
2014-06-06 12:12:32 -05:00
David Maloney
4d53c18ac4
fix version
2014-06-06 12:07:22 -05:00
dmaloney-r7
ff8e6d2c50
Merge pull request #45 from rapid7/feature/MSP-9988/credential-collection
...
Add a CredCollection class and refactor WinRM bruteforce module
2014-06-06 11:53:28 -05:00
Luke Imhoff
f2a56c041b
Merge branch 'staging/electro-release' into feature/MSP-9653/use-metasploit-concern-in-pro
...
MSP-9653
Conflicts:
Gemfile
Gemfile.lock
2014-06-05 16:22:02 -05:00
David Maloney
c61b47063d
vnc add missing exception catch
...
linux throws a different exception than osx
when the vnc client fails to connect
this caused issues with the specs running. this now
catches that additional exception
2014-06-05 15:32:08 -05:00
James Lee
b1136752be
Add Credential#== to facilitate specs
2014-06-05 11:37:48 -05:00
James Lee
8b6e188ba8
Add support for realm in CredentialCollection
...
MSP-9988
2014-06-04 17:03:52 -05:00
James Lee
b1ff6b95b5
Better docs
2014-06-04 14:44:53 -05:00
James Lee
41644970bf
Add a CredentialCollection
...
Also moves Metasploit::Framework::LoginScanner::Credential to
Metasploit::Framework::Credential
2014-06-04 13:01:09 -05:00
Lance Sanchez
edc9f94d41
fixing issues raised in code review
...
MSP-9678
2014-06-03 11:15:26 -05:00
Lance Sanchez
15fffb1668
Adding in some tests
...
cleaning up the regex a bit
MSP-9678
2014-06-02 13:50:30 -05:00