jvazquez-r7
3e7c790db8
Use constants
2015-05-01 15:15:18 -05:00
darkbushido
0b608e139a
Merge branch 'upstream' into staging/rails-4.0
2015-05-01 11:26:24 -05:00
David Maloney
2bbae6b9c2
add #to_s to ntds account
...
added to_s method to the NTDS account
for easy output
MSP-12357
2015-05-01 11:24:23 -05:00
David Maloney
acb833bd09
NTDS::Parser class built out
...
the NTDS Parser class will take a meterpreter
client and a fielpath and provide an enumerator for reading
out the user accounts as ruby objects
MSP-12357
2015-04-30 14:57:30 -05:00
Brent Cook
4c9f44b00c
Revert "Land #4888 , @h00die's brocade credential bruteforcer"
...
There were some issues with this module that caused backtraces when run outside
of msfconsole. Reverting it for now so we can add some specs and ensure that it
works like the other login scanners.
2015-04-29 15:36:03 -05:00
David Maloney
2847bc8a6b
a little more yard
2015-04-29 14:53:08 -05:00
David Maloney
1f66840533
add YARD docs to NTDS Account
...
added yard around the attrs for the NTDS::Account
class
MSP-12357
2015-04-29 12:53:54 -05:00
Matt Buck
8163c3cdda
Merge branch 'master' into staging/rails-4.0
...
Conflicts:
Gemfile.lock
plugins/nessus.rb
2015-04-28 15:33:46 -05:00
David Maloney
6c77c4bb52
opening groundwork
...
added a priv extension method to open
a stream channel to read ntdsaccounts from
and an NTDS account class to accept the
data and parse it into a useable structure
MSP-12357
2015-04-24 15:50:12 -05:00
Brent Cook
3963289519
Land #4888 , @h00die's brocade credential bruteforcer
2015-04-21 18:27:03 -05:00
Brent Cook
8aca4539c9
Land #5152 , undefined var in WinRM_Login
2015-04-20 23:01:11 -05:00
William Vu
2bdcc178ef
Remove extraneous addition
2015-04-16 02:30:09 -05:00
William Vu
42ff0decc7
Land #4722 , timing options for snmp_login
2015-04-16 02:25:29 -05:00
William Vu
88062a578d
Clean up PR
2015-04-16 02:25:06 -05:00
Matt Buck
e82fb5f836
Merge branch 'master' into staging/rails-4.0
...
Conflicts:
Gemfile.lock
lib/msf/ui/console/command_dispatcher/db.rb
metasploit-framework-db.gemspec
metasploit-framework.gemspec
2015-04-15 14:04:35 -05:00
Meatballs
926db59a8c
credential doesn't exist in this context
2015-04-15 15:48:21 +01:00
Luke Imhoff
c971bc930c
Mark app/concerns as autoload
...
To work with metasploit-concern 0.4.0 prerelease not deriving
app/concerns from root and to ensure it is does not inherit eager_load
from app.
2015-04-14 15:06:59 -05:00
Luke Imhoff
4c407ce962
Merge branch 'bug/MSP-12529/missing-require-metasploit-credential' into bug/MSP-12550/app-concerns-eager-load
...
MSP-12550
2015-04-14 14:42:54 -05:00
root
19fe226b30
Correct a minor typo
2015-04-10 22:37:14 +05:00
sinn3r
90d525088c
Green rspec
2015-04-10 11:36:23 -05:00
root
8c0d5d66d0
Add spec file
2015-04-10 15:32:03 +05:00
Luke Imhoff
8b56286e66
Try to require 'metasploit/credential' when including Metasploit::Credential::Creation
...
MSP-12529
By convention, the top-level require of any gem should always be
required before trying to use any inner require.
2015-04-09 09:05:38 -05:00
root
b6e750d7eb
Nessus auxiliary scanner for updated REST API
2015-04-09 11:36:17 +05:00
sinn3r
59d89f4846
rm junk comments
2015-04-09 00:59:14 -05:00
sinn3r
f51eaef765
Add rspec
2015-04-08 02:33:27 -05:00
sinn3r
5f389cf3c2
Add ManageEngine Desktop Central Login Utility
2015-04-08 02:05:56 -05:00
Matt Buck
5e2d6c27c3
Merge branch 'master' into staging/rails-4.0
...
Conflicts:
Gemfile.lock
db/schema.rb
lib/msf/core/db_manager/session.rb
metasploit-framework-db.gemspec
2015-04-06 11:27:00 -05:00
jvazquez-r7
6c36a82f78
Land #5059 , @void-in's documentation clean up
2015-04-03 14:16:34 -05:00
jvazquez-r7
fe5ddc01ad
Fix return documentation
2015-04-03 14:16:06 -05:00
Fernando Arias
6455862484
Merge branch 'staging/rails-4.0' of github.com:rapid7/metasploit-framework into staging/rails-4.0
...
Conflicts:
Gemfile.lock
metasploit-framework.gemspec
2015-04-03 13:56:38 -05:00
root
0dd987d873
Updated as per jlee-r7 feedback
2015-04-03 10:17:54 +05:00
David Maloney
1684bfec9e
add missing data to loginscanner results
...
the chef web ui and symantec web gateway
loginscanners do not save the target(host/port/proto) info
in the Result object. This can cause modules to break as they
expected the Result to contain that information
MSP-12499
2015-04-02 13:53:45 -05:00
root
4ba761986f
Correct YARD doc comments
2015-04-02 16:14:25 +05:00
David Maloney
103373a7eb
add back accidentally remvoed error
...
accidentally dropped Errno::ETIMEDOUT from the exception
handling
MSP-12389
2015-03-30 11:19:28 -05:00
David Maloney
441feec360
fix missing exception handling
...
a few of our http login scanners needed to
handle a couple of other exception classes
for when network communication errors occur
MSP-12389
2015-03-27 12:31:14 -05:00
sinn3r
6e3e696262
Use symantec_web_gateway as an example of using send_request
2015-03-25 10:55:46 -05:00
sinn3r
60f1d9c961
More yard doc
2015-03-25 10:50:11 -05:00
sinn3r
9b9e157e84
More yard doc
2015-03-25 02:26:06 -05:00
sinn3r
ded500a9ae
Use send_request
2015-03-25 02:13:40 -05:00
sinn3r
6984e5234e
Fix a typo
2015-03-25 02:01:25 -05:00
sinn3r
8a8d6fb5ab
Some more changes
2015-03-25 02:00:23 -05:00
sinn3r
855cadc6b1
Rescue more exceptions
...
The attempt_login method is rescuing these exceptions, so maybe
I should do the same.
2015-03-25 01:48:37 -05:00
sinn3r
8f95624bf7
Add #send_request to Metasploit::Framework::LoginScanner::HTTP
2015-03-25 01:40:02 -05:00
sinn3r
bef67d773c
Don't break untested_payloads.rb
2015-03-24 00:54:11 -05:00
jvazquez-r7
1226b3656f
Land #4945 , @wchen-r7's login scanner for Symantec web gateway
2015-03-20 14:44:05 -05:00
jvazquez-r7
62871255b0
Match class and file names
2015-03-20 14:25:20 -05:00
jvazquez-r7
179177d5c0
Fix typo
2015-03-20 13:27:41 -05:00
Matt Buck
f29a3f69e9
Merge branch 'master' into staging/rails-4.0
...
Conflicts:
Gemfile.lock
metasploit-framework-db.gemspec
2015-03-17 15:47:48 -05:00
sinn3r
608bf55b79
Update
2015-03-17 11:54:38 -05:00
sinn3r
27b6fbb648
I don't need :ssl and :ssl_version
2015-03-17 11:31:38 -05:00
Meatballs
69453c1955
Missing ?
2015-03-17 12:00:58 +00:00
Meatballs
fcc21ff928
Stylish like @limhoff-r7
2015-03-17 11:44:02 +00:00
Meatballs
d18224e3cb
Correct capitilzation of GitLab
2015-03-17 11:32:14 +00:00
Meatballs
25840c41cf
Rubocop
2015-03-17 11:21:05 +00:00
Meatballs
f4a1e981ab
Add gitlab login scanner
2015-03-17 11:19:23 +00:00
sinn3r
ff58f7d270
Add Symantec Web Gateway Login Module
2015-03-17 02:51:57 -05:00
root
591716e557
brocade enable command bruteforcer
2015-03-06 09:41:14 -05:00
David Maloney
75c075e32b
properly anchor regexes
...
duh
2015-03-03 19:15:29 -06:00
David Maloney
64490c746a
CredCollection now knows about postgres_md5
...
the cred collection can now identify a postgres_md5 hash string
and set the type on the Metasploit::Framework::Credential object
appropriately
MSP-12244
2015-03-03 16:43:52 -06:00
David Maloney
c836078292
allow credentials to have a type of postgres_md5
...
add postgres_md5 to the type validation on
Metasploit::Framework::Credential to account
for the new Private type
MSP-12244
2015-03-03 16:35:30 -06:00
David Maloney
aa4038d539
allow the postgres librry to take an md5 hash
...
allow the raw md5 password hash to be passed in instead of
a password for md5 authentication in postgres. Adds an extra exception
class for when an md5 hash is given but the server expects
a different form of authentication.
MSP-12244
2015-03-03 13:16:46 -06:00
William Vu
8c5ff858d0
Land #4812 , hp_sys_mgmt_login configurable URIs
2015-02-23 19:04:14 -06:00
HD Moore
97ccf7e23f
Fixes SSL support for http_login (variable shadowing)
2015-02-23 14:00:29 -06:00
sinn3r
c39d6e152e
Land #4819 , Normalize HTTP LoginScanner modules
2015-02-23 11:43:42 -06:00
HD Moore
c60e2584bf
Comment typo
2015-02-22 02:51:18 -06:00
HD Moore
888c718f40
Fix two typos
2015-02-22 02:45:50 -06:00
HD Moore
8e8a366889
Pass Http::Client parameters into LoginScanner::Http (see #4803 )
2015-02-22 02:26:15 -06:00
sinn3r
bf2be7964b
Fix #4592 , print_* methods used in LoginScanner modules
...
Fix #4592
2015-02-20 22:46:21 -06:00
sinn3r
40c237f507
Fix #3982 , allow URIs to be user configurable
...
Fix #3982
2015-02-20 21:54:03 -06:00
Matt Buck
e397ecec9d
Merge branch 'upstream-master' into staging/rails-4.0
2015-02-18 15:05:39 -06:00
David Maloney
ffa6550aec
Land #4787 , HD's new Zabbix and Chef LoginScanners
...
Lands the new LoginScanners HD wrote for Zabbix
and the Chef WebUI
2015-02-18 14:51:16 -06:00
David Maloney
804db0ff0c
add leixcal sorting to methods
...
lexical sort the new methods except for
msf module entrypoint methods which should always be at
the top
2015-02-18 14:50:33 -06:00
HD Moore
2847507f03
Add a chef brute force module
2015-02-17 23:49:57 -06:00
HD Moore
27d5ab45b4
Add a zabbix brute force module
2015-02-17 22:56:08 -06:00
HD Moore
85fd139ab0
Add missing context and a normalize_uri helper method
2015-02-17 22:55:53 -06:00
HD Moore
16932372db
Calls to Rex::Proto::Http::Client.new were passing in empty context
2015-02-17 20:44:37 -06:00
Meatballs
5fba54db99
Add addtional timing options
2015-02-16 19:07:55 +00:00
Matt Buck
d4d1dc09f3
Merge branch 'master' into staging/rails-4.0
...
Conflicts:
Gemfile.lock
db/schema.rb
metasploit-framework-db.gemspec
metasploit-framework.gemspec
2015-02-13 16:13:18 -06:00
HD Moore
8d982e3286
Pass the framework/module down into LoginScanner
2015-02-07 11:50:30 -06:00
HD Moore
985641dbc4
Add missing Context, fixes #4723
2015-02-07 11:27:57 -06:00
Christian Catalan
7d1090baca
Convert #find(:all) to #where or #all
2015-02-01 00:31:58 -06:00
William Vu
8f54e4d611
Implement "-" for msfconsole -r from stdin
...
More predictable than /dev/stdin, which is usually a symlink to
/proc/self/fd/0 or /dev/fd/0, but the feature is not guaranteed to be
present.
This isn't *terribly* useful, but it can be. -x is recommended, but it
doesn't allow for ERB directives. This is mostly for hax.
2015-01-29 19:26:56 -06:00
Jon Hart
69f03f5c5d
Move ACPP default port into Rex
2015-01-12 19:43:57 -08:00
Jon Hart
e9557ffe58
Simplify module in prep for some authbrute cleanups
2015-01-12 13:08:12 -08:00
Jon Hart
97f5cbdf08
Add initial Airport ACPP login scanner
2015-01-12 13:08:12 -08:00
Matt Buck
b4eef14ac6
Update metasploit gems
2015-01-08 15:33:23 -06:00
Matt Buck
2cd5be021b
Merge branch 'master' into staging/rails-4.0
...
Conflicts:
Gemfile
Gemfile.lock
db/schema.rb
metasploit-framework-db.gemspec
metasploit-framework.gemspec
2015-01-08 13:12:27 -06:00
Meatballs
bdbb26ba31
Land #4540 , resolves #4532 , honour DB_ALL_* options
2015-01-07 21:12:23 +00:00
David Maloney
5d68d48ca5
Land #4385 , fixes bruteforce_speed validator
...
bruteforce_speed validator now accepts nil
2015-01-07 12:09:25 -06:00
David Maloney
702511dbc5
respect DB_ALL_USERS & DB_ALL_PASS
...
fix last few things in authbrute
and make the CredentialCollections understand the
additional seperate components
MSP-11986
2015-01-07 11:41:41 -06:00
David Maloney
7ff2ba0725
first pass on fixing DB_ALL authbrute stuff
...
DB_ALL_CREDS worked but DB_ALL_USER and DB_ALL_PASS
did not. working on fixing that.
This commit also does some nice DRY work in the auth_brute mixin
MSP-11986
2015-01-07 11:30:39 -06:00
Tod Beardsley
6ded5a7eb4
Avoid spinner on Windows
...
Fixes #4147 , probably.
2014-12-30 10:17:56 -06:00
Fernando Arias
337b2d784f
Land #4416 , define rails version dep in one place
...
* Bump rails to 3.2.21
2014-12-19 15:17:54 -06:00
Matt Buck
db0aeb2a05
Make the version constraint a range
2014-12-19 13:54:13 -06:00
Matt Buck
c493ccfc06
Define the Rails version constraint in a library constant
2014-12-19 11:46:39 -06:00
Trevor Rosen
80cd04d76a
Land #4332 , test optimization for Cucumber
...
* Make Cuke run faster on TravisCI
2014-12-18 09:34:55 -06:00
Samuel Huckins
4c994d84e0
Updating version to 4.11 for Flood release
2014-12-15 14:42:09 -06:00
Tod Beardsley
ac004d2770
Fix bruteforce validators to accept nil
...
bruteforce_speed isn't always required, because the speed checker
already handles nil (and presumes the user wants the fastest possible).
See also MSP-11842
2014-12-12 13:57:37 -06:00
Tod Beardsley
4eaf64afef
Don't lie about stop_on_success
...
This absolutely needs to be honored too, though.
See #4365 .
2014-12-11 12:37:13 -06:00
Tod Beardsley
edf541fabe
Fix some double spacing
2014-12-11 09:39:15 -06:00