dmaloney-r7
db8b0c907b
Merge pull request #94 from rapid7/feature/MSP-10648/login-scanner-creation
...
Feature/msp 10648/login scanner creation
2014-07-07 16:04:09 -05:00
dmaloney-r7
c4c7ff519f
Merge pull request #96 from rapid7/feature/MSP-10657/add-private-type
...
Add private_type and realm_key accessors to Framework::Credential
2014-07-07 15:43:18 -05:00
James Lee
4d4b8078f8
Unify SSH specs as well
2014-07-07 13:41:08 -05:00
James Lee
71cbbc5388
Merge branch 'feature/MSP-10648/login-scanner-creation' into feature/MSP-10656/unify-ssh-scanners
2014-07-07 13:19:34 -05:00
James Lee
b7cfc927c4
Add private_type and realm_key accessors
2014-07-07 13:07:28 -05:00
James Lee
cff2e1a1c1
And remove specs referencing obsolete accessors
2014-07-07 12:37:14 -05:00
James Lee
325d2d25b9
Fix requires and derp typos
2014-07-07 10:09:45 -05:00
jvazquez-r7
14b1ed5290
Add spec for comma separated cookies
2014-07-06 16:23:43 -05:00
James Lee
311f43f1e4
Constpocalypse
2014-07-03 18:49:46 -05:00
jvazquez-r7
405de05e4b
Add specs for module_flavors
2014-07-03 10:31:39 -05:00
Jon Hart
bc3ac1ee36
Correct private message format, update tests
2014-07-03 08:27:27 -07:00
James Lee
b7a55d402d
Add likely service ports and names for HTTP
2014-07-02 23:41:31 -05:00
James Lee
9dde47a0bc
Add a simple classes_for_service method
2014-07-02 23:31:56 -05:00
Jon Hart
1830bdc7a5
Add rspec coverage for Rex::Proto::NTP
2014-07-01 12:29:47 -07:00
HD Moore
4ff211ec8d
Fix the spec to allow for 1 or more spaces between
2014-06-30 13:18:43 -05:00
Tod Beardsley
8b63d3d467
Revert the revert of #3446
...
This reverts commit 9b35b0e13a
.
This should not land on master until the Metasploit Pro folks (@trosen-r7
and friends) get their Meterpreter path specifications working the
same way as Framework's does.
2014-06-29 17:22:21 -05:00
dmaloney-r7
0a6a5a0a12
Merge pull request #92 from rapid7/feature/MSP-9912/metamodule-refactor-ssh-key
...
Feature/msp 9912/metamodule refactor ssh key
2014-06-27 11:48:57 -05:00
Lance Sanchez
c1877cfba2
fixing the broken to_credential test
...
MSP-9912
2014-06-27 10:06:38 -05:00
Spencer McIntyre
1b4b4fd1c0
Update the cmdstager spec ArgumentError text
2014-06-27 08:34:57 -04:00
jvazquez-r7
dcd0e77f9e
Change #compatible? method name because it's used by Module
2014-06-27 08:34:56 -04:00
jvazquez-r7
af568c856a
Add CMStager specs
2014-06-27 08:34:56 -04:00
Lance Sanchez
b5351eec2b
adding .to_credential
...
Metasploit::Framework::Credential and Metasploit::Credential::Core
need to be consumable by the login scanners. the easiest way to do this
was to create a shared to_credential method on both that return Metasploit::Framework::Credential
MSP-9912
2014-06-26 11:05:59 -05:00
David Maloney
9cec330f05
Merge branch 'master' into staging/electro-release
2014-06-26 10:22:30 -05:00
Matt Buck
27ef12bafe
Land #3478 , disallow port 0 for portspec
...
[Closes #3478 ]
2014-06-25 15:46:30 -05:00
Lance Sanchez
07d548caeb
dropping lib from shared examples
...
MSP-9912
2014-06-25 14:32:43 -05:00
David Maloney
42bfe8ba4f
make portspec specs not insane
...
the specs for the portspec_to_portlist method
need a lot of work. this gives us some btter minimum coverage
2014-06-25 14:10:06 -05:00
Chris Doughty
9b35b0e13a
Revert "Land #3446 -- Meterpreter bins gem switch" due to build failures
...
This reverts commit bba8bd3498
, reversing
changes made to 002234993f
.
2014-06-25 13:24:07 -05:00
James Lee
f225ac92ab
Refactor smb_login
...
Maintains the new admin check functionality added in
rapid7/metasploit-framework#3330
2014-06-25 04:13:37 -05:00
OJ
bba8bd3498
Land #3446 -- Meterpreter bins gem switch
2014-06-25 03:00:11 +10:00
James Lee
85611702f9
Merge branch 'upstream-master' into feature/MSP-9707/smb-bruteforce-refactor
2014-06-23 23:58:47 -05:00
Tod Beardsley
c71eb1aa4e
Add specs for changed object UI
2014-06-22 13:05:17 -05:00
Tod Beardsley
53d0aba305
Add some specs for changed object Priv
2014-06-22 12:54:10 -05:00
Spencer McIntyre
05d4a1ab2c
Land #3342 , Support negation in portspec
2014-06-21 18:14:50 -04:00
Tod Beardsley
f90e8f00e5
Add the first few specs
...
Coverage for meterpreter and client core, just the bits I'm changing. I
intend to make liberal use of doubles, since they're easier than mocks
and all I care about is the changed behavior. I refuse to fall into a
trap where I need to first spec out aaaaaalllll of Metepreter just to
make this one change.
2014-06-20 13:18:55 -05:00
David Maloney
99b1702559
Merge branch 'master' into staging/electro-release
...
Conflicts:
lib/msfenv.rb
2014-06-20 11:38:47 -05:00
jvazquez-r7
4203e75777
Land #3408 , @m-1-k-3's exploit for D-Link hedwig.cgi OSVDB 95950
2014-06-20 10:27:32 -05:00
jvazquez-r7
330caa8c13
Fix specs
2014-06-20 00:08:55 -05:00
jvazquez-r7
ee62428248
Add specs
2014-06-19 18:13:14 -05:00
Luke Imhoff
af99c0c01e
Remove `should_receive(:with_connection)` from specs
...
MSP-10127
Causes specs to randomly fail when with_connection calls from
before(:each) or after(:each) are intercepted by the should_receive
call.
2014-06-19 16:24:53 -05:00
David Maloney
d9b7a320ae
fix more broken specs
2014-06-19 14:07:39 -05:00
David Maloney
2ac2dc9d7a
2 minor spec fixes
2014-06-19 13:23:37 -05:00
James Lee
b606448976
Merge branch 'feature/MSP-9689/jtr_cracker' into staging/electro-release
2014-06-19 10:14:57 -05:00
David Maloney
f1a39ef973
enumerators all done with specs
...
the enumeration chains are now all complete with specs
so we can enumerate all the words generated by the given options.
2014-06-16 13:31:30 -05:00
David Maloney
9af811a2ed
we need to pass in a workspace
2014-06-15 15:52:57 -05:00
David Maloney
897b0b1ee5
wordlist enumerators with some specs
...
started the enumerators on the wordlist class
and began adding the specs for them
2014-06-15 13:37:50 -05:00
David Maloney
a00ff5aeef
yield custom_wordlist words
2014-06-15 12:16:21 -05:00
David Maloney
8ada0804bd
add valid! spec
2014-06-15 11:22:43 -05:00
David Maloney
41d6b326f2
specs for wordlist validations
...
added specs to cover the validations on
the JtR wordlist class.
2014-06-15 11:14:11 -05:00
David Maloney
a5fb898904
actually set max run time
...
make maxrutnime affect the crack command
2014-06-14 20:03:56 -05:00
David Maloney
33519b1fcd
cracker validations and specs
...
more validations and specs for the cracker class
2014-06-14 19:59:59 -05:00
David Maloney
466576d03f
jtr wordlist validations started
...
start adding validations and exceptions for the
JtR Wordlist class.
2014-06-14 16:16:30 -05:00
David Maloney
873d6e5b99
add all the specs
2014-06-14 12:28:17 -05:00
David Maloney
300baa577c
moar specs!
2014-06-13 17:34:16 -05:00
David Maloney
b784bea48e
slow roll of specs for jtr cracker
...
slowly adding spec coverage for the JtR cracker
2014-06-13 16:08:56 -05:00
David Maloney
7187138134
start injecting sanity
2014-06-13 14:53:56 -05:00
David Maloney
a9bcb8b3bd
add skeleton for JtR Cracker
...
starting work on creating the JtR Cracker class
2014-06-13 11:10:12 -05:00
Samuel Huckins
d215b8e5b2
Merge pull request #47 from rapid7/feature/MSP-9712/winrm-bruteforce
...
45 merged, steps passing.
MSP-9712 #land
2014-06-12 16:04:17 -05:00
dmaloney-r7
ed84336149
Merge pull request #60 from rapid7/feature/MSP-9992/creds-command
...
Refactor the creds command
2014-06-12 12:24:09 -05:00
James Lee
b756395eaa
Merge branch 'staging/electro-release' into feature/MSP-9712/winrm-bruteforce
...
Conflicts:
lib/metasploit/framework/credential_collection.rb
spec/lib/metasploit/framework/credential_collection_spec.rb
2014-06-11 16:21:59 -05:00
James Lee
3a8f6236ad
Add ability to prepend creds to a collection
2014-06-11 14:30:45 -05:00
James Lee
c0c1bd40a9
Fix help spec
2014-06-10 17:28:55 -05:00
James Lee
552899ef13
Add a couple more specs for CredentialCollection
...
Also fixes some typos in docs
2014-06-06 12:12:32 -05:00
David Maloney
9b9de12a38
Merge branch 'master' into staging/electro-release
...
Conflicts:
lib/msf/core/framework.rb
2014-06-06 12:04:53 -05:00
dmaloney-r7
ff8e6d2c50
Merge pull request #45 from rapid7/feature/MSP-9988/credential-collection
...
Add a CredCollection class and refactor WinRM bruteforce module
2014-06-06 11:53:28 -05:00
David Maloney
90b52814b1
fix some spec issues for recent changes
2014-06-06 11:52:49 -05:00
Brandon Turner
82464bd6aa
Update version spec
2014-06-06 10:16:44 -05:00
Luke Imhoff
f2a56c041b
Merge branch 'staging/electro-release' into feature/MSP-9653/use-metasploit-concern-in-pro
...
MSP-9653
Conflicts:
Gemfile
Gemfile.lock
2014-06-05 16:22:02 -05:00
Luke Imhoff
5ae5448005
Join killed threads to ensure cleanup
...
MSP-9653
2014-06-05 12:40:24 -05:00
James Lee
33a9f8c43f
Add spec for userpass_file
2014-06-05 11:54:59 -05:00
James Lee
45c26343a1
Add spec for pass_file
2014-06-05 11:51:11 -05:00
James Lee
b1136752be
Add Credential#== to facilitate specs
2014-06-05 11:37:48 -05:00
Lance Sanchez
262deac155
Fixing the failing specs
...
for some reason on my box sock.closed? isnt being called. stubbing it out
Kernel.select is being called and cant cast a mock object to an IO object
ok to fix this I'm stubbing select on the scanner object then the call wont
get passed onto the Kernel module
2014-06-05 11:21:34 -05:00
James Lee
41644970bf
Add a CredentialCollection
...
Also moves Metasploit::Framework::LoginScanner::Credential to
Metasploit::Framework::Credential
2014-06-04 13:01:09 -05:00
Luke Imhoff
ca63d2201e
Update init_module_paths spec to match Rails::Engine behavior
...
MSP-9653
2014-06-02 14:26:35 -05:00
Luke Imhoff
1295028595
Remove unneeded MetasploitDataModels.require_models
...
MSP-9653
Models are loaded using railties features.
2014-06-02 13:54:38 -05:00
Lance Sanchez
15fffb1668
Adding in some tests
...
cleaning up the regex a bit
MSP-9678
2014-06-02 13:50:30 -05:00
Lance Sanchez
f2a2975bc1
Merge branch 'staging/electro-release' into feature/MSP-9678/pop3-login-scanner
2014-06-02 10:56:54 -05:00
Trevor Rosen
8bcd763039
Merge pull request #26 from rapid7/feature/MSP-9685/telnet_login_scanner
...
Feature/msp 9685/telnet login scanner
MSP-9685 #land
2014-05-30 13:40:18 -05:00
David Maloney
98a23881ee
remove cred creation methods
...
removed cred creation methods from framework
and include them from the metasploit-credential gem instead
2014-05-30 11:28:53 -05:00
dmaloney-r7
e669324366
Merge pull request #25 from rapid7/feature/MSP-9673/axis2-login-scanner
...
Add axis2 login scanner
2014-05-29 11:22:22 -05:00
David Maloney
d95b0497a7
add more specs
...
added more specs around telnet specific validations
2014-05-29 11:11:19 -05:00
James Lee
572e4f2bdf
Fix dumb missing options and add spec
2014-05-28 16:32:38 -05:00
David Maloney
1bc2140fa6
Telnet LoginScanner basics
...
basic Telnet LoginScanner with shell
specs. Need to test functionality
and write additional specs
2014-05-28 14:47:58 -05:00
Lance Sanchez
07a61ae696
adding in changes from before my vacation..
...
MSP-9678
2014-05-28 13:18:28 -05:00
David Maloney
821a62627a
final spec cleanup
2014-05-28 09:56:26 -05:00
David Maloney
ca4c942ceb
Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation
2014-05-28 09:40:44 -05:00
David Maloney
967b0d49b1
Merge branch 'master' into staging/electro-release
...
Conflicts:
Gemfile
Gemfile.lock
2014-05-28 09:39:56 -05:00
David Maloney
c975d4dc49
some minor cleanup items
2014-05-28 09:26:19 -05:00
Christian Mehlmauer
da0a9f66ea
Resolved all msftidy vars_get warnings
2014-05-25 19:29:39 +02:00
Lutz Wolf
2b75a53c93
Add basic rspec for portspec_to_portlist
2014-05-24 23:46:26 +02:00
dmaloney-r7
85737d1235
Merge pull request #22 from rapid7/feature/MSP-9646/afp-loginscanner
...
AFP login scanner
2014-05-22 15:05:24 -05:00
David Maloney
fbacf80839
Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation
2014-05-22 14:39:17 -05:00
David Maloney
19e36cccb3
Credential Core creation now complete
2014-05-21 16:37:13 -05:00
James Lee
5d1a0397ed
Add Tomcat login scanner
2014-05-21 14:28:54 -05:00
David Maloney
3ea99a9d43
private creation w/ specs and docs
...
the private creation method is now done
with specs and YARD docs
2014-05-21 13:21:56 -05:00
David Maloney
2629549f6f
added realm creation
...
added method for creating credential realm
creation.
2014-05-21 11:22:22 -05:00
James Lee
8be35b90f4
Add some more specs for AFP login scanner
2014-05-20 17:44:41 -05:00
James Lee
d061d36229
Merge branch 'staging/electro-release' into feature/MSP-9646/afp-loginscanner
2014-05-20 17:25:42 -05:00
James Lee
21de14ac3d
Initial stab at AFP login scanner
2014-05-20 17:08:12 -05:00
Meatballs
09af023a71
Merge in parser
2014-05-20 21:56:35 +01:00
Samuel Huckins
62bae8e23b
Merge pull request #21 from rapid7/feature/MSP-9687/winrm-loginscanner
...
Specs and functional steps passing.
MSP-9687 #land
2014-05-20 11:32:37 -05:00
David Maloney
8a2f05b7d2
Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation
2014-05-20 10:28:33 -05:00
David Maloney
9cdddb08d9
origin specs for realsies
...
final specs and fixes for the origin creation
methods
2014-05-20 10:19:03 -05:00
David Maloney
b84aaaad19
specs and fixes for origin creation
2014-05-20 09:59:15 -05:00
David Maloney
ddfa4f1ee7
some origin creation specs
...
started getting working specs
for the origin creation methods. feel
into the weeds for a bit, but making progress at last.
2014-05-19 15:16:02 -05:00
Samuel Huckins
d9687d87f9
Merge pull request #20 from rapid7/feature/MSP-9667/db2_login
...
Specs passing post update.
MSP-9667 #land
2014-05-16 11:29:31 -05:00
James Lee
9582d82fba
Merge remote-tracking branch 'private/staging/electro-release' into feature/MSP-9687/winrm-loginscanner
2014-05-15 13:59:48 -05:00
James Lee
efd0db9c39
Merge branch 'upstream-master' into HEAD
2014-05-15 13:53:16 -05:00
James Lee
8a9abb90c0
Add specs for connection error conditions
2014-05-15 10:06:17 -05:00
Lance Sanchez
e9b3f10ba7
Drying up some of the status codes
...
MSP-9678
2014-05-14 17:02:26 -05:00
James Lee
59050d9bf1
Add specs for WinRM, improve those for HTTP
2014-05-14 15:13:29 -05:00
James Lee
99f8fbbc9c
Add WinRM login scanner
...
* Genericizes HTTP a bit to make these kinds of HTTP-based scanners
simpler and easier
* Adds support for default ports to HTTP. This should probably be
rafactored up into Base
* Removes spec that complains about port being unset (which now fails
because defaults ensure it's always set)
2014-05-14 14:35:49 -05:00
Christian Mehlmauer
dc7a8d32d8
Land #3324 , msfconsole search timestamp fixes
2014-05-14 21:30:02 +02:00
Luke Imhoff
82d32e39cc
Merge branch 'feature/MSP-9686/vnc_login' into staging/electro-release
...
MSP-9686
2014-05-14 13:24:13 -05:00
Luke Imhoff
a32152ecaa
Merge branch 'staging/electro-release' into feature/MSP-9686/vnc_login
...
MSP-9686
2014-05-14 13:22:41 -05:00
David Maloney
fb671c72a7
Merge branch 'master' into staging/electro-release
2014-05-14 13:00:37 -05:00
dmaloney-r7
acaf713229
Merge pull request #17 from rapid7/feature/MSP-9606/metasploit-credential
...
Run migrations from Metasploit::Credential and initialize its concerns which patch Mdm
2014-05-14 11:15:07 -05:00
nstarke
bb6201d66d
Fixing nil bug and making format constant
...
The date format has been moved into a constant variable.
Certain modules do not have a disclosure_date. For example,
‘checkvm’. This necessitated checking disclosure_date for nil
before attempting a format conversion. Also, there was an additional
location in core.rb that needed the formatting / nil check added. Specs
were also updated appropriately.
2014-05-14 15:51:42 +00:00
James Lee
08a7acef3f
Make sure fail case is correct
...
`rand(1000)` would return 0 one in a thousand times, causing this test to
randomly fail at that interval
2014-05-14 10:22:47 -05:00
Samuel Huckins
162038bde4
Merge pull request #19 from rapid7/feature/login_scanner/smb
...
Specs all passing, functional steps working.
2014-05-13 14:37:13 -05:00
James Lee
2a13010bfb
Fix faulty spec
2014-05-13 14:15:00 -05:00
David Maloney
f5751d6a85
first pass at attempt_login for DB2
...
first pass through at the attempt_login method
for the DB2 LoginScanner. still adding specs
and possibly refactoring
2014-05-13 14:10:30 -05:00
David Maloney
5dcf3efd1a
skeleton for DB2 loginscanner
...
add basic skeleton and specs for the DB2
LoginScanner class.
2014-05-13 13:16:56 -05:00
Luke Imhoff
3370465d84
Use railties to load Metasploit::Credential correctly
...
MSP-9606
In order to support Metasploit::Credential correctly,
metasploit-framework needs to support Metasploit::Concern, which does
all its magic using a Rails::Engine initializer, so the easiest path is
to make metasploit-framework be able to use Rails::Engines. To make
Rails::Engine use Rails::Engine, make a dummy Rails::Application
subclass so that all the initializers will be run when anything requires
msfenv.
2014-05-12 15:03:51 -05:00
Jeff Jarmoc
638ae477d9
Fix up spec. Rex::Proto::Http::ClientRequest handles & and = outside of Rex::Text::uri_encode, so mode doesn't affect them.
...
Fix erroneous typo char.
2014-05-12 12:10:30 -05:00
Jeff Jarmoc
cba39a9a04
Adds spec for 'hex-all' mode
2014-05-12 12:01:06 -05:00
David Maloney
7f98d1630e
specs for VNC Loginscanner
...
cover remaining behaviour for the
VNC LoginScanner class.
2014-05-12 11:29:27 -05:00
Jeff Jarmoc
5f523e8a04
Rex::Text::uri_encode - make 'hex-all' really mean all.
...
'hex-all' encoding was previously ignoring slashes.
This pull adds 'hex-noslashes' mode which carries forward the previous functionality, and replaces all existing references to 'hex-all' with 'hex-noslashes' It then adds a replacement 'hex-all' mode, which really encodes *ALL* characters.
2014-05-12 11:26:27 -05:00
David Maloney
f84d763382
refactoring conditional logic
...
the class works but the conditional logic needs
refactoring to be smoothed out more.
2014-05-12 11:10:36 -05:00
James Lee
3831042dca
Add specs, validations for LoginScanner::SMB
2014-05-09 18:58:49 -05:00
David Maloney
4e76330643
Add skeleton for VNC lgoinscanner
...
Add skeleton and specs for the VNC Loginscanner
MSP-9686
2014-05-09 11:55:15 -05:00
David Maloney
8b937b7c35
Merge branch 'master' into staging/electro_release
2014-05-09 11:46:08 -05:00
Trevor Rosen
c77412d373
Merge pull request #13 from rapid7/feature/login_scanner/mysql
...
Add LoginScanner for MySQL
MSP-9676 #land
2014-05-08 15:05:24 -05:00
Trevor Rosen
894ecaafb4
Merge pull request #12 from rapid7/feature/login_scanner/pg
...
Add Postgres LoginScanner class
MSP-9679 #land
2014-05-08 14:38:56 -05:00
David Maloney
42de1ab1f1
whitespace removal
2014-05-08 14:18:06 -05:00
David Maloney
cfb13ed1bd
Merge branch 'staging/electro_release' into feature/login_scanner/mysql
2014-05-08 13:55:09 -05:00
James Lee
2d2b5ea9e4
Merge remote-tracking branch 'private/feature/login_scanner/mssql' into feature/login_scanner/smb
2014-05-08 13:45:06 -05:00
James Lee
13fe8c0869
Default Credential#paired to true
2014-05-08 13:34:31 -05:00
David Maloney
20edabb0f5
mySQL Loginscanner with specs to match
...
This season's colours for Loginscanner is MySQL
with Unit Test Coverage applied to match.
2014-05-08 13:16:12 -05:00
William Vu
102eb85277
Update CommandDispatcher::Db spec
2014-05-08 03:05:49 -05:00
David Maloney
b72f0f8ffc
try to fix bad push/revert mess
2014-05-07 18:43:37 -05:00
David Maloney
9919d54116
Revert "final touches and specs"
...
This reverts commit e025fa1791
.
2014-05-07 18:34:34 -05:00
David Maloney
e025fa1791
final touches and specs
...
add finishing touches to postgres
Loginscanner and add specs to cover
the behaviour
2014-05-07 18:32:36 -05:00
David Maloney
acbff23c32
final wrap-up specs
...
successkid.jpg
2014-05-07 16:07:18 -05:00
David Maloney
ec974535ac
create base object for mssql scanner
...
created skeleton for MSSQL Loginscanner
included concerns.
also added an NTLM concern and shared example group
2014-05-07 14:43:15 -05:00
David Maloney
507fe566a4
Merge branch 'master' into staging/electro_release
2014-05-06 11:36:19 -05:00
Meatballs
dc38212741
Fix function parsing
2014-05-05 20:53:36 +01:00
Meatballs
e946046de5
Add methods spec
2014-05-05 19:08:18 +01:00
Meatballs
0b886db406
Script specs and remove unknown method
2014-05-05 19:01:36 +01:00
Meatballs
0177e51148
Finish obfu specs and use rig
2014-05-05 18:47:25 +01:00