Commit Graph

1970 Commits (75a1d979dc1e9915cf33235fc39d91cc52c75510)

Author SHA1 Message Date
Pearce Barry e5d0370a94
Fixes MS-1716, keep sessions in progress alive. 2017-02-24 12:56:05 -06:00
Tim 7f759384ab fix missing payloads_spec 2017-02-07 15:02:29 +08:00
Brent Cook 64e475a4ee
Land #7892, Enhance the creds command to allow creating logins 2017-02-03 11:53:46 -06:00
Jeffrey Martin 1bb8c9bd93
missed userpass_file on CredentialCollection.empty? 2017-02-01 15:42:21 -06:00
Jeffrey Martin 0dcf0002ae
refactor empty test on CredentialCollection 2017-01-31 15:16:26 -06:00
darkbushido 1fcd20b7ef
adding a spec to show creating a core and login 2017-01-30 12:11:31 -06:00
darkbushido c20cdc2943 cleaning up some of the specs 2017-01-30 10:43:28 -06:00
Brent Cook 4480ea7877
Land #7827, Cisco Firepower Management Console LoginScanner 2017-01-27 16:26:40 -06:00
wchen-r7 781bc8420a Add Advantech WebAccess LoginScanner module 2017-01-26 13:54:50 -06:00
bwatters 253e39e18c
Land #7680, Fix #7679, LoginScanner should abort if there is no creds to try 2017-01-23 14:08:32 -06:00
wchen-r7 d9ead4484e Mock :password 2017-01-23 13:42:30 -06:00
Jeffrey Martin 7cf812ed99 add rspec test for inspect on all TLV_TYPE objects 2017-01-23 09:19:53 -06:00
Brent Cook ac2ceca5e3
Land #7804, Switch the creds command to use named options 2017-01-22 10:49:19 -06:00
Brent Cook 99047fa8a1 be stricter in what we accept for payload uri
datastore needs to contain something to produce a valid URI
2017-01-22 10:20:04 -06:00
Brent Cook 66e9f1d334 fix doc normalizer spec 2017-01-22 10:20:04 -06:00
Brent Cook f69b4a330e handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations 2017-01-22 10:20:03 -06:00
wchen-r7 d7f43a2c66 Fix base_spec 2017-01-17 15:58:30 -06:00
wchen-r7 ecf246b380 Fix more prepended_creds issues 2017-01-17 15:41:24 -06:00
wchen-r7 9efa84298c Mock more methods for base_spec 2017-01-17 15:17:15 -06:00
wchen-r7 d79f4fbda2 Update cisco_firepower_spec 2017-01-17 13:33:56 -06:00
William Vu 77c78fa5f4 Move Rex::Text::Table workspace output to -v 2017-01-15 23:15:14 -06:00
William Vu 360ad26d9c Fix spec because I suck 2017-01-15 04:00:33 -06:00
wchen-r7 a687073416 Add Cisco Firepower Management Console LoginScanner 2017-01-13 16:59:20 -06:00
David Maloney 9b9d3127a8
cleanup leaked constants
use constant cleaner
7824
2017-01-12 15:49:24 -06:00
wchen-r7 08d529b818 Fix login_scanner_base rspec 2017-01-11 14:53:04 -06:00
wchen-r7 90c42b4740 Update rspec 2017-01-11 14:23:28 -06:00
wchen-r7 2377f17663 Fix typos 2017-01-11 14:05:22 -06:00
wchen-r7 9136e008bb Update rspec 2017-01-11 12:00:43 -06:00
wchen-r7 c97dba39f2 creds should mock these methods too 2017-01-11 11:48:52 -06:00
David Maloney 4029dbd5ca
try not to forget fixing the spec... 2017-01-10 14:33:18 -06:00
darkbushido 6bd2e03f37 dding realm tests showed a bug. its now squashed. 2017-01-09 13:04:34 -06:00
darkbushido fe3885f88a changing expect do end back to expect {} 2017-01-09 13:04:34 -06:00
darkbushido 30fe429ada fixing more whitespace issues
converting double quotes to single
2017-01-09 13:04:34 -06:00
darkbushido 0c3760a843 adding more tests
rubocoping the file
2017-01-09 13:04:34 -06:00
darkbushido 3674b25885 fixing the tests, more need to be added 2017-01-09 13:04:34 -06:00
darkbushido 18c7fc5a85 moving the cred tests out of the db tests 2017-01-09 13:04:34 -06:00
dmohanty-r7 5cba9b0034
Land #7747, Add LoginScanner module for BAVision IP cameras 2017-01-06 16:25:44 -06:00
David Maloney 2108913e77
target_host method had a name collision
this method appears to have been accidentaly overriding another
method causing sessions to never finish being established
2017-01-06 12:44:37 -06:00
David Maloney 9dc4ee57b6 minor fixes to linux example module
fixed a copy paste error in the linux_autotarget
test exploit and added actual linux targets to it
2017-01-03 14:38:52 -06:00
David Maloney 5fd531028c ome minor guards and spec fixes
some minor conditional guards and spec fixes
2017-01-03 14:38:51 -06:00
David Maloney a61b92aa3e tweak target selection
the target selection actually adjust the datastore
as if a user selected the target, this prevents
a mismatch between the target and the target index

MS-2325
2017-01-03 14:38:51 -06:00
David Maloney 3d2957dff1 tying it all together
insert our autotarget routine into
the main target selection process

MS-2325
2017-01-03 14:38:50 -06:00
David Maloney 44830dfc54 prefer authour's target over ours
if the module authour added an automatic target
we skip our routine, to let the module's own automatic targeting
take over as it likely be better

MS-2325
2017-01-03 14:38:50 -06:00
David Maloney 1afc57da40 determine most precise filter
drop back to our most precise level of filtering

MS-2325
2017-01-03 14:38:50 -06:00
David Maloney 201b65e43d remaining os filtering
now can filter by os name and service pack
need to do final logic to turn that into an actual
target selection

MS-2325
2017-01-03 14:38:50 -06:00
David Maloney 05ac2ee6ed convert first stage to os_family
added the new os-family column to Host
so now we use that as our first stage filter
for targets

MS-2325
2017-01-03 14:38:49 -06:00
David Maloney 95d5c7a778 filtering by os_name
targets now filtered by OS name, but a little
more processing may be needed on this part because
it looks like what you'd expect in os_flavor gets jammed
into name instead

MS-2325
2017-01-03 14:38:49 -06:00
David Maloney f107408389 target_host specs
add specs for finding the 'target host' ie.
the mdm::Host object related to the RHOST value
to see what we know about our target

MS-2325
2017-01-03 14:38:49 -06:00
David Maloney 4060e63b89 add tests for auto target addition
tests to make sure we add auto targets only
in the appropriate conditions

MS-2325
2017-01-03 14:38:49 -06:00
David Maloney 84d5e42e4f start gearing up for testing
start getting auto-targeting test framework in place
so we can have unit tests for this behaviour

MS-2325
2017-01-03 14:38:45 -06:00