Commit Graph

2191 Commits (789122b8eec2a0e700b175fb0896d3a8db325412)

Author SHA1 Message Date
OJ d751c43f52
FINALLY fix the last of the tests
Sorry for the stupidity.
2016-11-05 06:20:43 +10:00
OJ 3bc6808278
Really fix the session test this time 2016-11-05 06:07:44 +10:00
OJ 5f5684841b
Fix the DB/Session test 2016-11-05 05:59:31 +10:00
OJ abe46024de
Fix tests after arch refactor 2016-11-05 05:15:57 +10:00
OJ e4edbb16fe
Fix encoded_payload_spec 2016-10-29 15:29:23 +10:00
Jon Hart 12508f7140
Fix DRDoS mixin to handle empty responses 2016-10-24 14:21:28 -07:00
David Maloney 6b77f509ba
fixes bad file refs for cmdstagers
when moving to the rex-exploitation gem some of the
file references were missed, partially due to silly differences
between how each file was referenced

Fixes #7466
2016-10-21 12:31:18 -05:00
David Maloney 7894d5b2c1 Revert "Revert "use the new rex-exploitation gem""
This reverts commit f3166070ba.
2016-10-11 17:40:43 -05:00
Brent Cook fabb296b15 update cache and add payload test 2016-09-29 21:19:55 -05:00
Tod Beardsley de9434870c
Land #7375, mock some rex tests for DNS lookups
Fixes #6467, as far as @lsato-r7 and I can tell.
2016-09-29 16:37:38 -05:00
William Vu 075401d702
Update dynamic_size for andterp spec 2016-09-28 16:58:34 -05:00
Louis Sato ca683576d0 Mock rex-socket getaddress call for loginscanner
Since we're using the rex-socket gem, we don't need to
test the getaddress call for each one of the login scanner specs
2016-09-28 11:32:06 -05:00
Tim de1e0aae99 add missing payload tests 2016-09-27 11:05:19 +08:00
Brent Cook 1b31e0a63e remove osvdb links 2016-09-20 14:27:59 -05:00
David Maloney 7e10b5c482
use new rex-encoder gem
remove all the encoidng lbiraries and use the new gem
rex-encoder that contains them now.

MS-1708
2016-09-14 12:07:26 -05:00
wchen-r7 245237d650
Land #7288, Add LoginScannerfor Octopus Deploy server 2016-09-13 17:26:56 -05:00
Pearce Barry 4495b27e67
Land #7254, Rex::SSLScan Gemification 2016-09-08 13:20:56 -05:00
David Maloney 7857c58655 remove all the left voer cruft
remove all the files that got xfered out to the gems

MS-1715
2016-09-07 11:38:28 -05:00
james-otten dcf0d74428 Adding module to scan for Octopus Deploy server
This module tries to log into one or more Octopus Deploy servers.

More information about Octopus Deploy:
https://octopus.com
2016-09-06 20:52:49 -05:00
Pearce Barry 9d5a276e91
Fix recent metasploit-framework.gemspec conflict. 2016-09-06 13:10:28 -05:00
dmohanty-r7 e36cfa54b1
Use rex-mime gem
MS-1710
2016-09-01 11:38:07 -05:00
David Maloney 029a28c95b
use the new rex-sslscan gem
remove old integerated code and replace it
with the gem. done.

MS-1693
2016-08-30 10:43:47 -05:00
David Maloney b1009ab8dc
remove all the left voer cruft
remove all the files that got xfered out to the gems

MS-1715
2016-08-26 14:31:27 -05:00
David Maloney d2a6c2e9ca
move rex bintools into new gem
move all the *scan *parsey code out into
the new rex-bin_tools gem

MS-1691
2016-08-15 14:01:43 -05:00
darkbushido 5a1cd24350 finishing converting the last of this to credentials 2016-07-29 09:58:17 -05:00
darkbushido 0972005b24 updating 'ppp.*username secret' 2016-07-29 09:58:17 -05:00
darkbushido 1d33c9aa88 updating specs upto 'username secret' 2016-07-29 09:58:17 -05:00
darkbushido 73b362cade updating more spec 2016-07-29 09:58:16 -05:00
darkbushido d807a83bb1 fixing some more specs 2016-07-29 09:58:16 -05:00
darkbushido b66621af0d adding in a blank service_name
fixing myworkspace
2016-07-29 09:58:16 -05:00
darkbushido 219f9d5d57 updating parts of cisco to use creds 2016-07-29 09:58:15 -05:00
darkbushido 40240662db converting enable password to create_credentials 2016-07-29 09:58:15 -05:00
darkbushido 9fa1c597b1 specing out the cisco mixin 2016-07-29 09:55:08 -05:00
Pearce Barry 1b6bd927d0 Rex::OLE is now rex-ole gem, fixes MS-1712 2016-07-25 14:05:48 -05:00
dmohanty-r7 471cc277ba
Remove rex-arch specs
MS-1703
2016-07-20 17:01:18 -05:00
James Lee ff63e6e05a
Land #7018, unvendor net-ssh 2016-07-19 17:06:35 -05:00
Brent Cook b08d1ad8d8
Revert "Land #6812, remove broken OSVDB references"
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
2016-07-15 12:00:31 -05:00
David Maloney 1ea425aff1
update ssh login_scanner spec
the spec needs to be updated for the non_interactive flag
2016-07-14 15:30:20 -05:00
David Maloney 01d0d1702b
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup 2016-07-14 09:48:28 -05:00
Brent Cook 2b016e0216
Land #6812, remove broken OSVDB references 2016-07-11 22:59:11 -05:00
Brent Cook 1c8556d8e0 add mettle payload tests 2016-07-06 15:53:20 -05:00
David Maloney 5f9f3259f8
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup 2016-07-05 10:48:38 -05:00
Brent Cook cfc368ab65
Land #6959, Add Linux ARM big endian ipv4 bind shellcode 2016-07-05 00:41:00 -05:00
David Maloney ee2d1d4fdc
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup 2016-06-28 15:00:35 -05:00
dmohanty-r7 c2f3d411c3
Replace rex/java with rex-java gem 2016-06-27 14:52:49 -05:00
David Maloney 6072697126
continued 2016-06-22 14:54:00 -05:00
David Maloney 69e2d05a5d
rip out old rex code and replace with gems
rex-text, rex-random_identifier, rex-powershell, rex-zip, and rex-registry
are now being pulled in as gems instead of part of the spgehtti code that is lib/rex
2016-06-21 13:56:36 -05:00
earthquake cd84b42e50 linux arm big endian ipv4 bind module added 2016-06-10 00:19:43 +02:00
Brent Cook da532ecc5e
Land #6919, Move LURI into a full URI for a new 'Payload opts" column in jobs output 2016-06-03 13:57:47 -05:00
Brent Cook c99505923f disable SSL tests that no longer work on Travis 2016-06-01 16:33:34 -05:00
James Lee f7382f5b3b
Make `jobs` display a full uri
Addresses the problem of LURI taking the place of URIPATH, which has
different semantics.

See #4623
2016-05-27 11:15:12 -05:00
Brent Cook a3d2cba698
Land #6906, Improve msfvenom error handling and spec coverage 2016-05-26 07:58:37 -05:00
Brent Cook c2cf992560 added spec for #6915 2016-05-26 07:57:17 -05:00
darkbushido a298129463
adding specs and expanding options
Tests shouldnt be DRY, they need to be easy to understand.
2016-05-25 13:17:47 -05:00
James Lee 5921ac7b47
Add a spec and fix ReverseHttp#luri 2016-05-24 17:22:14 -05:00
William Vu 3dfdf1d936
Land #6528, tilde expansion and more for OptPath 2016-05-24 16:01:59 -05:00
Brent Cook d709229f52 fix spec warnings 2016-05-24 07:51:36 -05:00
Jon Hart 8bccfef571
Fix merge conflict 2016-05-16 17:29:45 -07:00
David Maloney 19af279ce9
Merge branch 'master' into staging/rails-upgrade 2016-05-05 10:46:12 -05:00
dmohanty-r7 f096c3bb99
Land #6821 Fix send_request_cgi! redirection 2016-05-05 09:09:30 -05:00
David Maloney 55b38ad089
Land #6398, content length header
lands wei's content length header pr
2016-05-04 11:53:46 -05:00
David Maloney fb5b228984
Merge branch 'master' into staging/rails-upgrade 2016-05-02 11:33:35 -05:00
dmohanty-r7 050061762b Fix db_manager rspec tests
MS-255
2016-04-28 13:17:02 -05:00
wchen-r7 d4b89edf9c Fix #6398, Missing Content-Length header in HTTP POST
RFC-7230 states that a Content-Length header is normally sent in
a POST request even when the value (length) is 0, indicating an
empty payload body. Rex HTTP client failed to follow this spec,
and caused some modules to fail (such as winrm_login).

Fix #6398
2016-04-28 11:44:10 -05:00
James Lee e7f0163c2e
Apparently super doesn't work the same here in 2.3
But it doesn't matter, the value just needs to be before the current
time, so replace it with a simpler solution.
2016-04-26 10:35:41 -05:00
wchen-r7 47d52a250e Fix #6806 and #6820 - Fix send_request_cgi! redirection
This patch fixes two problems:

1. 6820 - If the HTTP server returns a relative path
   (example: /test), there is no host to extract, therefore the HOST
   header in the HTTP request ends up being empty. When the web
   server sees this, it might return an HTTP 400 Bad Request, and
   the redirection fails.

2. 6806 - If the HTTP server returns a relative path that begins
   with a dot, send_request_cgi! will literally send that in the
   GET request. Since that isn't a valid GET request path format,
   the redirection fails.

Fix #6806
Fix #6820
2016-04-25 14:30:46 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references.
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
2016-04-23 12:32:34 -05:00
Brent Cook 7ff5a5fd7e switch mainframe payloads to fixed size 2016-04-23 11:40:05 -04:00
Brent Cook e75ce8b248 update test to hook exist? rather than exists? 2016-04-21 06:56:48 -04:00
thao doan e70d967b4e Land #6763, Add rspec for lib/metasploit/framework/login_scanner/redis 2016-04-18 10:05:24 -07:00
David Maloney 3a623862e3
Merge branch 'master' into staging/rails-upgrade 2016-04-15 10:55:43 -05:00
Brent Cook d3e5dffe26
whitespace 2016-04-13 22:20:42 -05:00
Brent Cook 6ce7055130
Land #6737, Added reverse shell JCL payload for z/OS 2016-04-13 22:19:15 -05:00
Brent Cook 09873f2f9c
Land #6717, Add new cmd mainframe payload (generic_jcl) for z/OS 2016-04-13 22:10:23 -05:00
wchen-r7 6c5886afba Resolve #6736, Add rspec for login_scanner/redis lib
Resolve #6736
2016-04-08 11:41:08 -05:00
Fernando Arias 8f3f2f74b4
Move shared example from pro into framework
MS-1361
2016-04-07 13:09:52 -05:00
Fernando Arias f5415c8058
Move pro concern logic into framework
MS-1361
2016-04-07 10:59:40 -05:00
William Vu 22d08fdf39 Revert #6748, premature Gemfile* changes 2016-04-06 14:52:22 -05:00
David Maloney 8de58e4b80
Merge branch 'master' into staging/rails-upgrade 2016-04-04 09:30:01 -05:00
wchen-r7 f7dd326b16
Land #6455, Fix dns labels/names size limits for lib/net/dns/names/names 2016-04-01 21:57:09 -05:00
Bigendian Smalls 6a4d7e3b58
Revshell cmd JCL payload for z/OS
Added a JCL-based reverse shell.  Uses the same source code as the
shellcode version does.  Source code is in
external/source/shellcode/mainframe/shell_reverse_tcp.s
2016-03-31 20:42:42 -05:00
wchen-r7 46d4b533f3 Add rspec for lib/net/dns/names/names.rb 2016-03-31 11:29:30 -05:00
wchen-r7 bc48ebd43b Use patch_finder for msu_finder 2016-03-29 23:21:01 -05:00
wchen-r7 1bcd3fac25
Land #6724, Import workspace IP validation from Mdm
MS-902
2016-03-29 18:31:47 -05:00
Adam Cammack 3b0170e87d
Import workspace IP validation from Mdm
This allows us to actually test the validations, since the code calls
out to Rex::Socket::RangeWalker.

MS-902
2016-03-29 17:56:22 -05:00
Bigendian Smalls a6518b5273
Add generic JCL cmd payload for z/OS (mainframe)
This payload does nothing but return successfully.  It can be used to
test exploits and as a basis for other JCL cmd payloads.
2016-03-28 21:01:39 -05:00
wchen-r7 c4735bd72a Fix rspec pull_request_finder_spec.rb 2016-03-24 20:56:46 -05:00
wchen-r7 57984706b8 Resolve merge conflict with Gemfile 2016-03-24 18:13:31 -05:00
James Lee 1375600780
Land #6644, datastore validation on assignment 2016-03-17 11:16:12 -05:00
Adam Cammack 32fe9ae55d
Remove dead version check in db_manager.rb
The check appears to have been orphaned in the db_manager refactor, but
I can't track down the exact commit.
2016-03-16 15:24:55 -05:00
Brent Cook 903807d039 update spec for pre-check 2016-03-15 14:21:01 -05:00
Brent Cook dabe5c8465
Land #6655, use MetasploitModule as module class name 2016-03-13 13:48:31 -05:00
David Maloney 88697a5d3f
Merge branch 'master' into staging/rails-upgrade 2016-03-08 15:22:04 -06:00
wchen-r7 860159fa00 Update rspec 2016-03-08 11:37:25 -06:00
wchen-r7 58b8c35146 Escape HTML for KB and update rspec 2016-03-08 10:10:10 -06:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook 659af68b16
Land #6388, update msftidy check for new preferred Metasploit module base class 2016-03-06 17:12:20 -06:00
Brent Cook cc436fe438 update to new preferred base class for modules 2016-03-06 17:11:51 -06:00
Brent Cook a2c3b05416
Land #6405, prefer default module base class of simply 'Metasploit' 2016-03-06 17:10:55 -06:00
Brent Cook e1db3ef369
Land #6388, Update msftidy to error when module super class is incorrect 2016-03-06 16:53:11 -06:00
Brent Cook 0fc4ebf4ab
Land #6618, Improve Content-Length behavior in Rex HTTP 2016-03-06 16:38:44 -06:00
Brent Cook 8faae94338
Land #6592, make linux/x86/shell_reverse_tcp's shell path configurable and remove shell_reverse_tcp2 2016-03-06 15:33:53 -06:00
Gregory Mikeska c2f7360a9a
replace deprecated 'ignore' with 'transient' 2016-02-29 14:57:09 -06:00
wchen-r7 bff4b4d5fc Fix #6609 and #6587 - Change Content-Length behavior in Rex HTTP
This patches changes two things:

1. If a module has a custom Content-Length, it will respect that
   instead of forcing its own.

2. If a request does not have anything in the body, the
   Content-Length header will not be set.

Fix #6609
Fix #6587
2016-02-29 10:50:21 -06:00
wchen-r7 814d53aee0 Add rspec for Msf::Util::DocumentGenerator::PullrequestFinder 2016-02-24 15:13:04 -06:00
wchen-r7 753e0f7693 Add rspec for Msf::Util::DocumentGenerator::DocumentNormalizer 2016-02-23 15:34:34 -06:00
joev 39f1113bca Remove unused spec. 2016-02-18 22:20:13 -06:00
OJ 44eb2d6a80
Merge branch 'upstream/master' into default-xor 2016-02-11 14:30:18 +10:00
Brent Cook 2386cb1344
Land #6527, add support for importing Burp suite vuln exports 2016-02-10 13:19:21 -06:00
wchen-r7 942eec5fee Update rspec 2016-02-07 12:37:08 -06:00
Brian Patterson 4dcbd7c1ae
Add a nokogiri xml stream parser for Burp issue xml and rename original burp parser to burp session parser so both are supported. 2016-02-04 10:30:56 -06:00
Jon Hart 53d4e31844
Allow OptPath to valid symbolic paths that need expansion 2016-02-03 14:12:03 -08:00
Brent Cook c0ed57db43
Land #6267, the rest of the rspec3 updates 2016-01-29 11:36:58 -06:00
Brent Cook d35d0993c1 should -> expect 2016-01-29 11:36:38 -06:00
Brent Cook ac822943b1
Land #6267, update to rspec3 2016-01-29 11:33:30 -06:00
Brent Cook 8c94d3c1bd adjust namespec for rspec3 2016-01-29 11:32:22 -06:00
Brent Cook b6bc862c1b
Land #6267, fix Rex::Parser::Ini#each_group 2016-01-29 11:19:40 -06:00
wchen-r7 6187354392
Land #6226, Add Wordpress XML-RPC system.multicall Credential BF 2016-01-23 00:12:46 -06:00
wchen-r7 781ff4bb7d Rspec is deprecated. Use RSpec instead. 2016-01-22 20:39:40 -06:00
wchen-r7 6bbfc5a869 Fix rspec 2016-01-22 20:27:45 -06:00
wchen-r7 0f9cf812b7 Bring wordpress_xmlrpc_login back, make wordpress_multicall as new 2016-01-22 18:54:20 -06:00
Christian Mehlmauer e6147d60e2 fix rspecs 2016-01-22 23:43:13 +01:00
Christian Mehlmauer f92f59a4c8 remove corresponding spec files 2016-01-22 23:38:44 +01:00
wchen-r7 216986f7af Do API documentation, rspec, and other small changes 2016-01-21 17:22:14 -06:00
Christian Mehlmauer 478cd2ed5c
check database.yml path 2016-01-21 20:32:32 +01:00
OJ ac0b489a90 Revert bad merge and include expect calls 2016-01-21 10:28:38 +10:00
Christian Mehlmauer f68b2b56fa
use hardcoded path 2016-01-19 23:51:28 +01:00
Christian Mehlmauer aaa1174ca5
fix rspec errors without database 2016-01-19 20:28:58 +01:00
OJ 18fe9bd96f
Merge branch 'upstream/master' into default-xor 2016-01-13 10:05:59 +10:00
Brent Cook 7f9b804060
Land #6410, remove JtR binaries, update for independent framework releases 2016-01-06 14:16:49 -06:00
Brent Cook 388bfec46c
Land #6415, update rspec3 conventions 2016-01-06 12:14:15 -06:00
wchen-r7 92503c0ff6 Remove extra check_setup call 2016-01-06 11:01:35 -06:00
wchen-r7 480913cb32 Add rspec 2016-01-06 01:41:13 -06:00
David Maloney 06a75e1339
re-enable deprecation errors
had to disable this to let transpec do
dynamic analysis. re-enabling now to throw
an error on any deprecation warning
2015-12-31 16:57:17 -06:00
David Maloney c6656e4031
example_group and hook_scope conversions
not strictly required, these conversions keep us
up to date with latest rspec conventions and best practices
which will prevent use from having to convert them when they become
deprecated later
2015-12-31 16:56:13 -06:00
David Maloney 0a8cc8e01c
basic transpec conversions
no options apssed, first run of transpec
not much to report
2015-12-31 16:43:26 -06:00
Chris Doughty 8090bbc750 Changes to support framework as a gem 2015-12-30 11:00:45 -06:00
Jon Hart 46a3c839b4
Refactor existing tests that had been duplicating get_std* 2015-12-24 11:03:11 -08:00
Jon Hart be84ed13a2
Update msftidy spec to be more easily added to 2015-12-24 10:55:13 -08:00
Jon Hart f029cd0c9a
Add common helpers for capturing stdout/stderr 2015-12-24 10:54:51 -08:00
Jon Hart 5ac4e9aa6b
Correct payload fixture 2015-12-23 12:55:01 -08:00
Jon Hart 83f0c2fa05
Add beginnings of rspec coverage for msftidy 2015-12-23 12:53:12 -08:00
Brent Cook 6eda702b25
Land #6292, add reverse_tcp command shell for Z/OS (MVS) 2015-12-23 14:11:37 -06:00
wchen-r7 7d8ecf2341 Add Joomla mixin 2015-12-18 21:14:04 -06:00
Brent Cook eccf61bec5 ensure that the metasploit database environment variable is unset 2015-12-14 14:29:25 -06:00
Brent Cook 6551df6446 update bitlocker for rspec3 2015-12-10 21:52:15 -06:00
Brent Cook fb578e9063 use explicit exceptions for raise_error 2015-12-10 21:47:22 -06:00
Brent Cook f59446851f update namespace 2015-12-10 21:47:22 -06:00
Gregory Mikeska 99931aff44 Call stance only if module implements stance 2015-12-10 21:47:22 -06:00
Greg Mikeska b29459747b stub out private meterpreter accessor method net 2015-12-10 21:47:22 -06:00
Greg Mikeska 2a6db4092d fix stub on Database specs 2015-12-10 21:47:22 -06:00
Greg Mikeska a96445b302 switch out expect with a proper mock by allow 2015-12-10 21:47:22 -06:00
Greg Mikeska d0d09097d5 stub out name on foo_inst in the option_container_spec 2015-12-10 21:47:22 -06:00
Greg Mikeska 9a59671330 switch expect to allow on runas_spec cases 2015-12-10 21:47:22 -06:00
Greg Mikeska e8440f9798 remove deprecated syntax from text_spec 2015-12-10 21:47:22 -06:00
Greg Mikeska 5056321d34 replace before block expecations with allow statements
comment out some before statements that seem to be causing a problem
2015-12-10 21:47:22 -06:00
Greg Mikeska 1a36bcb525 Replace expect with allow the directory_spec 2015-12-10 21:47:22 -06:00
Greg Mikeska cd0d774db6 replace deprecated unsub, and replace expecations with allows
in base_spec
2015-12-10 21:47:22 -06:00
Greg Mikeska c5d77c3476 change stubs from expect to allow on directory_spec 2015-12-10 21:47:22 -06:00
Greg Mikeska 5b568f2e4b added missing expectation wrapper 2015-12-10 21:47:22 -06:00
Greg Mikeska 1521fd0a95 remove unnecessary message chain call 2015-12-10 21:47:22 -06:00
Greg Mikeska b84bd0327d fix MSSQL test stubs 2015-12-10 21:47:22 -06:00
Greg Mikeska 5c733a3b6d fix stub on module loader test 2015-12-10 21:47:22 -06:00
Greg Mikeska 71ce9b377a change module manager stub from expect to allow 2015-12-10 21:47:22 -06:00
Greg Mikeska 69bb683d0a fix typo in runas spec and change some more expects to allow 2015-12-10 21:47:22 -06:00
Greg Mikeska 2fc0c0b326 switch expect stubs
in ui_driver shared context to allows
2015-12-10 21:47:22 -06:00
Greg Mikeska 93d4be2301 replace stubbing expects with allow statements 2015-12-10 21:47:22 -06:00
Greg Mikeska bf9da1440e change module_manager to allow from expect 2015-12-10 21:47:22 -06:00
Greg Mikeska 605756a500 and receive needed to be and_return 2015-12-10 21:47:22 -06:00
jvazquez-r7 aca4c6a986 Change include_context on jmx specs 2015-12-10 21:47:22 -06:00
jvazquez-r7 d5d177b782 Use Msf::StringIO on query_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 2dbb610d99 Use Msf::StringIO on find_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 5600119fca Use Msf::StringIO on trans2_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 07ab7bac9c Use Msf::StringIO on query_path_information_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 21ea110aef Use Msf::StringIO on query_file_information_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 6405c8102d Use Msf::StringIO on find_first2_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 eeca2f4b8a Use Msf::StringIO on session_setup_and_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 692a3cb24c Use Msf::StringIO on read_andx_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 87a189d990 Use Msf::StringIO on nt_create_andx_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 7933fa5356 Use Msf::StringIO on negotaite_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 60de01432c Use Msf::StringIO in close_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 085598f6d2 Use lets 2015-12-10 21:47:22 -06:00
jvazquez-r7 2beb42a734 Use msf_data attribute 2015-12-10 21:47:22 -06:00
jvazquez-r7 b61a7f43ef Use Msf::StringIO context on registry_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 bc80bf7fdb use Msf::StringIO on client_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 046a73b3b3 Use set_msf_data on connection_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 3d0fcdf84d Add set_msf_data 2015-12-10 21:47:22 -06:00
jvazquez-r7 2041149d54 Use Msf::StringIO in connection_spec 2015-12-10 21:47:22 -06:00
jvazquez-r7 4872628ff5 Try to make it generic 2015-12-10 21:47:22 -06:00
jvazquez-r7 236c28b6fb Add shared context 2015-12-10 21:47:22 -06:00
Brent Cook 11ea7ee5b9 update mocks for smb specs 2015-12-10 21:47:22 -06:00
Luke Imhoff c3e2615a23 Implement stub methods instead using allow which verifies
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff bb7c463c44 Remove operators after .to with matchers
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 76d1f6ba0a Fix Rex::Psot::Meterpreter::PacketParser spec
MSP-13484

Use allow instead of expect because call count isn't important.
2015-12-10 21:47:22 -06:00
Luke Imhoff 04ea44e76b eq {} -> eq({})
So that the `{}` isn't interpreted as a block to `eq`.
2015-12-10 21:47:22 -06:00
Luke Imhoff f31e578780 Add missing RSpec. before describe 2015-12-10 21:47:22 -06:00
Luke Imhoff bde4f8bbe7 Fix allows in Exploit::Remote::Java::Rmi::Client::Jmx::Server spec
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff e3f2db8f09 Fix allows in Exploit::Remote::Java::Rmi::Client::Jmx::Connection
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff c754dca48b fix allows in Exploit::Remote::JAva::Rmi::Client spec
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 61e1dc2363 Fix allows in FirefoxAddonGenerator spec
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 2d8d876eaa Fix allow errors in BrowserAutopwn2 specs
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 00ad6afd4f Fix typo shoftname -> shortname
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 164f24ef8a Fix stubbing on class instead of instance
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff fbddd4cc47 Fix IO stubbing
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff db42c9f760 Fix service double stubbing
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff c46b97cef9 =~ <Array> -> match_array
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 99eaa8efb3 Change some expects back to allows to match old stubs
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff f48f8c1540 Use `be` before operators
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 4f23b83fa3 .should\n -> expect().to
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 53f5c019f9 Fix doubles
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 3d64c52c9a it { should_not -> it { is_expected.not_to
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 6f71810010 it { should -> it { is_expected.to
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff ba88de84ec Fix mocking errors
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 910b630d96 it { should == -> it { is_expected.to eq
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff a8f766ffbd Fix unimplemented method allows
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 05585acb89 .should_not -> expect().not_to
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 64a870aac0 Fix not implemented error by using double
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 337be4355d Fix Msf::DBManager spec upgrade problems
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff d1f64363b1 .any_instance -> *_any_isntance_of()
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff d7d484a862 Use double to properly expect unimplemented methods
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff cd57ed289f Fix mistaken substitution
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 0eb68ef16c .should_not_receive -> expect().not_to receive
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 4cec58d78c .stub_chain -> expect().to receive_message_chain
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 4870909afc .should -> expect().to
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 2534b18f4c .stub -> expect().to receive
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 03c649bb91 should_receive -> expect().to receive
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 6f29e9a4cf .should == -> expect().to eq
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff 3fff6cabce should_not == -> expect().not_to eq
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff fc9ca84da5 shared_context -> RSpec.shared_context
MSP-13484

shared_context must be qualified as global patching is disabled in
spec_helper.
2015-12-10 21:47:22 -06:00
Luke Imhoff 2b02b9e081 shared_examples -> RSpec.shared_examples
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff d6bf0fd781 decribe -> RSpec.describe
MSP-13484

Disabled expose_dsl_globally in spec_helper, so need to qualify
top-level describe.
2015-12-10 21:47:22 -06:00
Luke Imhoff ed1e984b6a Update spec_helper with all rspec 3 features
MSP-13484

Copied from metasploit-cache.
2015-12-10 21:47:22 -06:00
Jon Hart 39da306b1d
Land #6057, @danilbaz's module for dumping Bitlocker master key (FVEK) 2015-12-08 18:16:39 -08:00
wchen-r7 080ec26afb
Land #4489, Update SMB admin modules to use Scanner & fixes 2015-12-08 14:49:26 -06:00
wchen-r7 f2a33cb1ad The word "should" is not needed. 2015-12-08 11:18:36 -06:00
OJ c747ffc05a Implement support for TLV packet XORing, and RECV removal 2015-12-08 16:37:10 +10:00
Spencer McIntyre 6483eca00a Update payloads_spec for pymet stageless reverse http 2015-11-30 11:28:36 -05:00
Bigendian Smalls 9bcbd12407
Updated spec for mainframe rev shell 2015-11-26 21:34:27 -06:00
Jon Hart f37adf9ff8
Add incomplete spec for Rex::Parser::Ini 2015-11-20 15:18:14 -08:00
BAZIN-HSC c2483faec8 Add Bitlcoker spec file 2015-11-20 19:28:08 +01:00
Jon Hart 4a707b33a2
Add rspec coverage for cowsay. Achievement unlocked 2015-11-13 10:26:47 -08:00
Jon Hart 15eb135295
Resolve merge conflicts 2015-11-09 18:15:40 -08:00
dmohanty-r7 a71d7ae2ae
Land #6089, @jvazquez-r7 Fix HTTP mixins namespaces 2015-11-05 16:56:41 -06:00
Louis Sato 9c347fbaae
Land #6195, remove ff buildid from os.js 2015-11-05 15:01:15 -06:00
jvazquez-r7 00d09744fb
Land #6118, @wchen-r7's new methods for Rex HTTP response 2015-11-03 10:42:42 -06:00
Brent Cook be23da1c1f Merge branch 'upstream-master' into land-6120-python-stageless 2015-10-30 17:26:26 -05:00
bigendian smalls d53be873dc Updating master to metasploit/master 2015-10-26 09:24:24 -05:00
wchen-r7 f6b9f38326 This method is not needed because Nokogiri does that already 2015-10-23 19:38:17 -05:00
Spencer McIntyre 810665847b Add stageless python meterpreter to the payloads spec 2015-10-22 08:40:50 -04:00
wchen-r7 12cdd786a6 Add more Nokogiri and RKelly support for Rex::Proto::Http::Response
These new methods allow the module writer to being able to parse
HTML/XML/JSON responses properly without using regex first.
2015-10-21 16:26:31 -05:00
jvazquez-r7 28ca34c40a
Fix conflicts 2015-10-16 15:38:59 -05:00
jvazquez-r7 773b523d27
Fix namespaces in specs 2015-10-15 11:54:36 -05:00
jvazquez-r7 1c4686eff0
Move specs folder 2015-10-15 11:50:10 -05:00
jvazquez-r7 8057b3edae
Fix specs to pass again 2015-10-15 09:40:39 -05:00
jvazquez-r7 fa9a33cae8
Move specs to the correct folder 2015-10-15 09:19:43 -05:00
Brent Cook 30d2a3f2a9
Land #5999, teach PSH web delivery to use a proxy 2015-10-14 11:05:45 -05:00
HD Moore cd2e9d4232 Move Msf::Java to the normal Msf::Exploit::Remote namespace 2015-10-09 13:24:34 -07:00
jvazquez-r7 5e9faad4dc Revert "Merge branch using Rex sockets as IO"
This reverts commit c48246c91c, reversing
changes made to 3cd9dc4fde.
2015-10-09 14:09:12 -05:00
jvazquez-r7 3aa7b513d5
Delete safe_get_once 2015-10-09 13:34:38 -05:00
jvazquez-r7 3cd9dc4fde
Fix JMX Server specs 2015-10-09 12:17:44 -05:00
jvazquez-r7 62272e64ed
Fix RMI Registry specs 2015-10-09 12:16:59 -05:00
jvazquez-r7 12d2594095
Add StringIO stub to Msf::Java::Rmi::Client::Jmx::Connection 2015-10-09 12:00:35 -05:00
jvazquez-r7 3d1ec54f02
Stub has_read_data? 2015-10-09 11:36:24 -05:00
bigendian smalls 6549f48d4e
Added new class MainframeShell for mainframe(z/os)
This class is built upon and overrides certain methods in the generic
CommandShell class.  Primarily it is here to control when and if bytes
sent to/from mainframe (z/os) targets get encoded/decoded from cp1047
(ebcdic<->ascii).  This would be the default shell for upcoming
mainframe based payloads.
2015-10-08 17:11:31 -05:00
wchen-r7 f57f0991ab Update rspec 2015-10-06 15:42:31 -05:00
wchen-r7 bc46b41bbe Change tools structure 2015-10-05 22:34:47 -05:00
jvazquez-r7 5a7ac8c29a
Land #6030, @wchen-r7's Microsoft Patch Finder 2015-10-02 13:33:27 -05:00
jvazquez-r7 33ea5fdd12
Use named subjects 2015-10-02 13:32:32 -05:00
jvazquez-r7 5862a66221
Pass specs again 2015-10-02 11:50:41 -05:00
jvazquez-r7 69f3d88ea6
Ensure uniq on #find_msb_numbers 2015-10-02 11:38:36 -05:00
Brent Cook 55f6fe7037
Land #5510, update x86/alpha* encoders to be SaveRegister aware 2015-10-01 15:07:10 -05:00
Brent Cook d551f421f8
Land #5799, refactor WinSCP module and library code to be more useful and flexible 2015-10-01 14:35:10 -05:00
Brent Cook 0b9e4b33ed update spec to ignore -a 2015-10-01 14:11:29 -05:00
wchen-r7 39dc181588 Update rpsec 2015-10-01 00:26:07 -05:00
wchen-r7 e2098822eb Update msu_finder and rspec 2015-09-30 23:00:46 -05:00
wchen-r7 c92f65838e rspec for TechnetMsbSearch 2015-09-30 20:52:32 -05:00
wchen-r7 764c9c88a6 More work on rspec 2015-09-29 21:56:40 -05:00
wchen-r7 bc1be7f213 some progress with rspec 2015-09-29 17:20:30 -05:00
Fernando Arias d4b9b8e1a4
Stub out :create_match_for_vuln on MatchSet since we already test it
MSP-13119
2015-09-29 16:36:59 -05:00
Fernando Arias 393a71cf46 Merge branch 'master' of github.com:rapid7/metasploit-framework into bug/MSP-13119/rework-match-result-creation
Conflicts:
	Gemfile.lock
2015-09-29 15:00:22 -05:00
wchen-r7 4fe0aede3d Add rspec 2015-09-29 14:50:56 -05:00
Brent Cook 54f9a3b25a
Land #6013, add mainframe as a platform and architecture 2015-09-29 13:28:23 -05:00
Jon Hart 49bb3f2e3f
Complete tests for capture_sendto 2015-09-28 13:27:58 -07:00
bigendian smalls aa8c4e2792
Added rspec tests for zarch and ebcdic(cp1047)
Basic tests for zarch (64bit BE) and ebcdic<->ascii conversion required
to communicate with mainframes.
2015-09-28 13:31:30 -05:00
Jon Hart e1c3d3e277
Stub unit tests for capture_sendto. Unsure if these will be possible 2015-09-27 15:51:40 -07:00
Meatballs 66c9222968
Make web_delivery proxy aware 2015-09-23 20:45:51 +01:00
Fernando Arias 52e3405192
Passing report_exploit_success specs
MSP-13119
2015-09-23 11:12:02 -05:00
Fernando Arias dc84b3b1ba
Passing report_exploit_failure specs
MSP-13119
2015-09-23 10:54:13 -05:00
Mo Sadek fb051edc2e Changed the rspec 2015-09-18 12:48:30 -05:00
Fernando Arias 359306a1a4
Add specs to exploit_attempt to cover report_exploit_failure
MSP-13119
2015-09-18 12:25:21 -05:00
Fernando Arias d3a73149a2
Add specs around match result creation in exploit attempt
MSP-13119
2015-09-18 12:04:45 -05:00
Fernando Arias c7f15ca940
Rework how match results get created
MSP-13119

* Create match result when we create vuln attempt
2015-09-14 12:18:47 -05:00
jvazquez-r7 eaf51a2113
Land #5722, @vallejocc's busybox work 2015-09-04 13:36:44 -05:00
jvazquez-r7 05e1a69fe5
Add specs for prepend 2015-09-04 11:14:53 -05:00
James Lee 3d428ef33d
Fix spec like I shoulda done before landing #5736 2015-09-03 14:23:30 -05:00
James Lee 7665747d1c
Land #5736, certutil cmdstager
Ferreal this time.
2015-09-03 14:21:21 -05:00
James Lee 82b27c9038 Revert "Land #5736, certutil cmdstager"
This reverts commit 93eb42dfa3.

Conflicts:
	spec/lib/rex/exploitation/cmdstager/certutil_spec.rb
2015-09-03 14:18:28 -05:00
James Lee 956c8e550d
Fix spec like I shoulda done before landing #5736 2015-09-03 13:53:21 -05:00
James Lee 93eb42dfa3
Land #5736, certutil cmdstager 2015-09-03 13:13:24 -05:00
Brent Cook 70b5336356 Merge branch 'upstream-master' into land-5890-android-post-api 2015-09-03 09:51:35 -05:00
HD Moore 9f9bbce034
Land #5840, add LLMNR & mDNS modules 2015-09-02 18:30:29 -05:00
Meatballs 8e1a0e039e
Add spec 2015-09-01 22:04:35 +01:00
Jon Hart 779ece3096
Correct workspace unit tests 2015-08-28 12:19:42 -07:00
jvazquez-r7 06712817cf
Fix specs 2015-08-28 14:06:04 -05:00
jvazquez-r7 54243d411e
Change spec file name 2015-08-28 13:28:34 -05:00
Jon Hart 0f9032100d
Stub print_status to allow testing of workspace...
and other things that may use print_status rather than print line
2015-08-28 11:10:35 -07:00
Jon Hart 52a11cc383
Use correct calls to cmd_workspace 2015-08-28 11:03:47 -07:00
Jon Hart fc7a93ac30
Fix syntax and style 2015-08-28 10:51:57 -07:00
Jon Hart aaa8b2c907
Add rspec coverage for the rest of workspace while here 2015-08-28 10:47:51 -07:00
Jon Hart 3f7c8e03e2
Update workspace command to support deleting all workspaces 2015-08-28 10:23:41 -07:00
wchen-r7 ad3e37fda2 Fix rspec 2015-08-26 02:38:13 -05:00
wchen-r7 3f994e964d Change method name and update rspec 2015-08-25 23:23:26 -05:00
wchen-r7 3412f31f85 Add Android POST API 2015-08-24 18:37:25 -05:00
jvicente b37efd29b0 Modified module busybox_pingnet.rb to avoid sending an ash script but executing each ping command separately. Added some fixes. Modified spec file for busybox.rb. 2015-08-23 12:17:17 +02:00
jvazquez-r7 83ca4e984f
Land #5772, @wchen-r7's fixes #5753, support Origin for the creds command 2015-08-21 16:07:45 -05:00
Dev Mohanty 68a802b980 Merge pull request #5834 from gmikeska-r7/bug/MSP-13064/SVV-validations-not-created
Bug/msp 13064/svv validations not created
2015-08-19 12:47:59 -05:00
jvazquez-r7 0a7ac2d758
Delete another debug puts 2015-08-17 15:28:48 -05:00
jvazquez-r7 09c888bc49
Fix minor things 2015-08-17 15:27:26 -05:00
James Lee c52da9f50d Add regression spec for #5856 2015-08-17 14:32:20 -05:00
jvazquez-r7 f25a5da46f
Do Minor fixes 2015-08-14 12:37:49 -05:00
Greg Mikeska 66148336e1
Modify tests to resolve false negative
MSP-13064
2015-08-14 11:48:52 -05:00
Brent Cook 6b1e911041 Instantiate payload modules so parameter validation occurs
Calling .new on payload modules does not perform parameter validation, leading
to a number cached sizes based on invalid parameters. Most notably,
normalization does not occur either, which makes all OptBool params default to
true.
2015-08-14 11:35:39 -05:00
Jon Hart 3a7cea51b4
Merge master and fix Net::DNS::RR merge conflicts 2015-08-13 08:53:25 -07:00
wchen-r7 25dde141d6 fix rspec 2015-07-24 15:24:18 -05:00
xistence 844b47e8ce Additional changes 2015-07-18 14:10:46 +07:00
wchen-r7 0929b54cd3 Update spec for notes help menu 2015-07-16 00:43:08 -05:00
jvazquez-r7 886ca47dfb
Land #5650, @wchen-r7's browser autopwn 2 2015-07-15 10:21:44 -05:00
wchen-r7 4f8f640189 Rename autopwnv2 to just autopwn2 2015-07-14 17:38:51 -05:00
wchen-r7 2276e355aa Fix a typo 2015-07-14 10:51:15 -05:00
Samuel Huckins 60444c208b
Land #5658, MSF version includes git hash now 2015-07-14 09:21:25 -05:00
Brent Cook a2bdd0bab9
Land #5541, add more compat fixed-cmd 64-bit BSD payloads
Merge branch 'land-5541-bsd-shellcode' into upstream-master
2015-07-13 21:01:55 -05:00
wchen-r7 88a00b1ed8 We don't use MessagePack anymore 2015-07-12 14:45:46 -05:00
wchen-r7 a7424c93a0 Update BES rspec 2015-07-12 01:26:43 -05:00
wchen-r7 eabf561a1f Fix some BES rspec 2015-07-11 22:16:10 -05:00
wchen-r7 5a858d68a5 Add rspec for browser_profile_manager 2015-07-11 21:11:31 -05:00
wchen-r7 b2d723e4a3 Rspec 2015-07-11 19:13:20 -05:00
wchen-r7 b1208e1337 Pending rspec 2015-07-11 00:16:48 -05:00
Brent Cook 8349a274ea use and include git hash of Framework as part of the version
Because we do not always update the version number, multiple releases have
shown version string, which is not useful for helping debug issues, or for
knowing what features are enabled.

This adds the git hash or reads from a file a copy of the git hash (useful for
doing packaged builds without git) so that it is clear the origin of a
particular metasploit-framework version.
2015-07-10 18:03:37 -05:00
wchen-r7 c8c3e1a258 Fix rspec 2015-07-10 13:42:25 -05:00
wchen-r7 f59c99e2ff Remove msfcli, please use msfconsole -x instead
msfcli is no longer supported, please use msfconsole.

Announcement on SecurityStreet:
Weekly Metasploit Wrapup
Posted by Tod Beardsley in Metasploit on Jan 23, 2015 11:57:05 AM
2015-07-09 12:50:02 -05:00
wchen-r7 fdb715c9dd
Merge branch 'upstream-master' into bapv2 2015-07-07 13:45:39 -05:00
wchen-r7 6d30dfd93e Remove the parts that are not broken for BES spec 2015-07-06 23:28:52 -05:00
wchen-r7 a9eeae56cb Remove the broken parts in browser_autopwnv2_spec 2015-07-06 22:24:32 -05:00
Brent Cook 653c4808b2 update framework version spec 2015-07-06 10:42:48 -05:00
HD Moore b9a8308138 Replace BAP profiles with a framework-instance hash 2015-07-02 12:53:24 -05:00
wchen-r7 9bd920b169
Merge branch 'upstream-master' into bapv2 2015-06-27 12:19:55 -05:00
wchen-r7 88e58cbdc5 Better performance 2015-06-27 12:19:07 -05:00
jvazquez-r7 bf7e0695d0
Land #5570, @todb-r7 Removes references to Iconv gem, since it's deprecated 2015-06-19 17:19:03 -05:00
wchen-r7 bd097e3264
Land #5497, Refactor LoginScanner::SNMP to be fast and less buggy 2015-06-19 14:57:36 -05:00
Tod Beardsley 66fecb2832
Add some specs around changed methods
See #4525
2015-06-19 13:23:07 -05:00