Commit Graph

177 Commits (858d9b1e7a9f08b876ea55147e855d3c2cc8fb19)

Author SHA1 Message Date
jvazquez-r7 57afaf6580 undo be_false case 2014-08-25 23:58:08 -05:00
jvazquez-r7 60ecf4e8c4 Use be_truthy instead of be_true 2014-08-25 23:58:08 -05:00
jvazquez-r7 c372f5164b And switch more cases to be_falsey 2014-08-25 17:50:38 -05:00
David Maloney 32b1a5ea23
add ipboard loginscanner
add loginscanner class for IPBoard with specs
this should replicate the functionality originally written
by Chris Truncer, but move it into a testable, reusable class
2014-08-25 13:58:30 -05:00
Samuel Huckins 149c3ecc63
Various merge resolutions from master <- staging
* --ask option ported to new location
* --version option now works
* MSF version updated
* All specs passing
2014-08-15 11:33:31 -05:00
David Maloney dbde046f44
use to_h instead of to_hash
apparently ruby 2 adds this as a standard method so
we should stay compliant
2014-08-01 09:45:51 -05:00
David Maloney 374c6532fa
add to_hash to Credential
begining of the chain to DRYing up
credential reporting in the loginscanner
2014-07-31 18:10:48 -05:00
darkbushido 064d624322
changing Credential == operator
it should no longer raise no method errors when comparing a credential to
an object that doesnt respond to public, private, or realm
2014-07-23 16:17:09 -05:00
Matt Buck eff2defdde
Fix bug due to Metasploit::Model::Login::Status refactor
MSP-10718
2014-07-16 04:14:45 -05:00
David Maloney 939e585658
refactor all loginscanners
loginscanners now use LoginStatus constants
for the result statuses
2014-07-15 13:17:56 -05:00
David Maloney 846679bef9
change Result status
result bojects now use Login::status constants
for their status
2014-07-15 11:39:38 -05:00
Trevor Rosen cc93dbbe29 Merge pull request #102 from rapid7/feature/MSP-9707/smb-bruteforce-refactor
Feature/msp 9707/smb bruteforce refactor

MSP-9707 #land
2014-07-11 11:33:12 -05:00
David Maloney 8833429987
make shared example usage more readable
this seems less obtuse
2014-07-10 12:58:13 -05:00
David Maloney 7dc58d060e
make only one each method
made the one true enumerator of credentials
for the login_scanner.

also covered the wierd http case where it can have a realm key
but no default realm.
2014-07-10 12:35:09 -05:00
James Lee 0daa395007
Fix specs for LoginError cases 2014-07-09 18:11:20 -05:00
David Maloney 0c4e53ce5a
fix up specs
a whole bunch of spec changes needed for
these changes.

alos the axis2 spec was actually testing the winrm
class due to copypasta error.
2014-07-09 16:32:59 -05:00
David Maloney 24fced822e
coerce realm_key when it exists
if the cred has a realm and the loginscanner
has a realm_key, make the credential use the
scanner's realm key
2014-07-09 14:58:20 -05:00
James Lee afe36ab6ad
Merge branch 'staging/electro-release' into feature/MSP-9707/smb-bruteforce-refactor
Conflicts:
	lib/metasploit/framework/login_scanner/smb.rb
2014-07-09 12:50:24 -05:00
James Lee 4d4b8078f8
Unify SSH specs as well 2014-07-07 13:41:08 -05:00
James Lee 71cbbc5388
Merge branch 'feature/MSP-10648/login-scanner-creation' into feature/MSP-10656/unify-ssh-scanners 2014-07-07 13:19:34 -05:00
James Lee b7cfc927c4
Add private_type and realm_key accessors 2014-07-07 13:07:28 -05:00
James Lee 325d2d25b9
Fix requires and derp typos 2014-07-07 10:09:45 -05:00
James Lee 311f43f1e4
Constpocalypse 2014-07-03 18:49:46 -05:00
James Lee b7a55d402d
Add likely service ports and names for HTTP 2014-07-02 23:41:31 -05:00
James Lee 9dde47a0bc
Add a simple classes_for_service method 2014-07-02 23:31:56 -05:00
Lance Sanchez b5351eec2b
adding .to_credential
Metasploit::Framework::Credential and Metasploit::Credential::Core
need to be consumable by the login scanners. the easiest way to do this
was to create a shared to_credential method on both that return Metasploit::Framework::Credential

MSP-9912
2014-06-26 11:05:59 -05:00
James Lee f225ac92ab
Refactor smb_login
Maintains the new admin check functionality added in
rapid7/metasploit-framework#3330
2014-06-25 04:13:37 -05:00
David Maloney 2ac2dc9d7a
2 minor spec fixes 2014-06-19 13:23:37 -05:00
James Lee b606448976
Merge branch 'feature/MSP-9689/jtr_cracker' into staging/electro-release 2014-06-19 10:14:57 -05:00
David Maloney f1a39ef973
enumerators all done with specs
the enumeration chains are now all complete with specs
so we can enumerate all the words generated by the given options.
2014-06-16 13:31:30 -05:00
David Maloney 9af811a2ed
we need to pass in a workspace 2014-06-15 15:52:57 -05:00
David Maloney 897b0b1ee5
wordlist enumerators with some specs
started the enumerators on the wordlist class
and began adding the specs for them
2014-06-15 13:37:50 -05:00
David Maloney a00ff5aeef
yield custom_wordlist words 2014-06-15 12:16:21 -05:00
David Maloney 8ada0804bd
add valid! spec 2014-06-15 11:22:43 -05:00
David Maloney 41d6b326f2
specs for wordlist validations
added specs to cover the validations on
the JtR wordlist class.
2014-06-15 11:14:11 -05:00
David Maloney a5fb898904
actually set max run time
make maxrutnime affect the crack command
2014-06-14 20:03:56 -05:00
David Maloney 33519b1fcd
cracker validations and specs
more validations and specs for the cracker class
2014-06-14 19:59:59 -05:00
David Maloney 466576d03f
jtr wordlist validations started
start adding validations and exceptions for the
JtR Wordlist class.
2014-06-14 16:16:30 -05:00
David Maloney 873d6e5b99
add all the specs 2014-06-14 12:28:17 -05:00
David Maloney 300baa577c
moar specs! 2014-06-13 17:34:16 -05:00
David Maloney b784bea48e
slow roll of specs for jtr cracker
slowly adding spec coverage for the JtR cracker
2014-06-13 16:08:56 -05:00
David Maloney 7187138134
start injecting sanity 2014-06-13 14:53:56 -05:00
David Maloney a9bcb8b3bd
add skeleton for JtR Cracker
starting work on creating the JtR Cracker class
2014-06-13 11:10:12 -05:00
James Lee b756395eaa
Merge branch 'staging/electro-release' into feature/MSP-9712/winrm-bruteforce
Conflicts:
	lib/metasploit/framework/credential_collection.rb
	spec/lib/metasploit/framework/credential_collection_spec.rb
2014-06-11 16:21:59 -05:00
James Lee 3a8f6236ad
Add ability to prepend creds to a collection 2014-06-11 14:30:45 -05:00
James Lee 552899ef13
Add a couple more specs for CredentialCollection
Also fixes some typos in docs
2014-06-06 12:12:32 -05:00
dmaloney-r7 ff8e6d2c50 Merge pull request #45 from rapid7/feature/MSP-9988/credential-collection
Add a CredCollection class and refactor WinRM bruteforce module
2014-06-06 11:53:28 -05:00
David Maloney 90b52814b1
fix some spec issues for recent changes 2014-06-06 11:52:49 -05:00
James Lee 33a9f8c43f
Add spec for userpass_file 2014-06-05 11:54:59 -05:00
James Lee 45c26343a1
Add spec for pass_file 2014-06-05 11:51:11 -05:00
James Lee b1136752be
Add Credential#== to facilitate specs 2014-06-05 11:37:48 -05:00
Lance Sanchez 262deac155
Fixing the failing specs
for some reason on my box sock.closed? isnt being called. stubbing it out

Kernel.select is being called and cant cast a mock object to an IO object
ok to fix this I'm stubbing select on the scanner object then the call wont
get passed onto the Kernel module
2014-06-05 11:21:34 -05:00
James Lee 41644970bf
Add a CredentialCollection
Also moves Metasploit::Framework::LoginScanner::Credential to
Metasploit::Framework::Credential
2014-06-04 13:01:09 -05:00
Lance Sanchez 15fffb1668
Adding in some tests
cleaning up the regex a bit

MSP-9678
2014-06-02 13:50:30 -05:00
Lance Sanchez f2a2975bc1 Merge branch 'staging/electro-release' into feature/MSP-9678/pop3-login-scanner 2014-06-02 10:56:54 -05:00
Trevor Rosen 8bcd763039 Merge pull request #26 from rapid7/feature/MSP-9685/telnet_login_scanner
Feature/msp 9685/telnet login scanner

MSP-9685 #land
2014-05-30 13:40:18 -05:00
David Maloney d95b0497a7
add more specs
added more specs around telnet specific validations
2014-05-29 11:11:19 -05:00
James Lee 572e4f2bdf
Fix dumb missing options and add spec 2014-05-28 16:32:38 -05:00
David Maloney 1bc2140fa6
Telnet LoginScanner basics
basic Telnet LoginScanner with shell
specs. Need to test functionality
and write additional specs
2014-05-28 14:47:58 -05:00
Lance Sanchez 07a61ae696
adding in changes from before my vacation..
MSP-9678
2014-05-28 13:18:28 -05:00
dmaloney-r7 85737d1235 Merge pull request #22 from rapid7/feature/MSP-9646/afp-loginscanner
AFP login scanner
2014-05-22 15:05:24 -05:00
James Lee 5d1a0397ed
Add Tomcat login scanner 2014-05-21 14:28:54 -05:00
James Lee 8be35b90f4
Add some more specs for AFP login scanner 2014-05-20 17:44:41 -05:00
James Lee d061d36229 Merge branch 'staging/electro-release' into feature/MSP-9646/afp-loginscanner 2014-05-20 17:25:42 -05:00
James Lee 21de14ac3d
Initial stab at AFP login scanner 2014-05-20 17:08:12 -05:00
Samuel Huckins 62bae8e23b Merge pull request #21 from rapid7/feature/MSP-9687/winrm-loginscanner
Specs and functional steps passing. 

MSP-9687 #land
2014-05-20 11:32:37 -05:00
Samuel Huckins d9687d87f9 Merge pull request #20 from rapid7/feature/MSP-9667/db2_login
Specs passing post update.

MSP-9667 #land
2014-05-16 11:29:31 -05:00
James Lee 9582d82fba Merge remote-tracking branch 'private/staging/electro-release' into feature/MSP-9687/winrm-loginscanner 2014-05-15 13:59:48 -05:00
James Lee 8a9abb90c0
Add specs for connection error conditions 2014-05-15 10:06:17 -05:00
Lance Sanchez e9b3f10ba7
Drying up some of the status codes
MSP-9678
2014-05-14 17:02:26 -05:00
James Lee 59050d9bf1
Add specs for WinRM, improve those for HTTP 2014-05-14 15:13:29 -05:00
Luke Imhoff a32152ecaa
Merge branch 'staging/electro-release' into feature/MSP-9686/vnc_login
MSP-9686
2014-05-14 13:22:41 -05:00
Samuel Huckins 162038bde4 Merge pull request #19 from rapid7/feature/login_scanner/smb
Specs all passing, functional steps working.
2014-05-13 14:37:13 -05:00
James Lee 2a13010bfb
Fix faulty spec 2014-05-13 14:15:00 -05:00
David Maloney f5751d6a85
first pass at attempt_login for DB2
first pass through at the attempt_login method
for the DB2 LoginScanner. still adding specs
and possibly refactoring
2014-05-13 14:10:30 -05:00
David Maloney 5dcf3efd1a
skeleton for DB2 loginscanner
add basic  skeleton and specs for the DB2
LoginScanner class.
2014-05-13 13:16:56 -05:00
David Maloney 7f98d1630e
specs for VNC Loginscanner
cover remaining behaviour for the
VNC LoginScanner class.
2014-05-12 11:29:27 -05:00
David Maloney f84d763382
refactoring conditional logic
the class works but the conditional logic needs
refactoring to be smoothed out more.
2014-05-12 11:10:36 -05:00
James Lee 3831042dca
Add specs, validations for LoginScanner::SMB 2014-05-09 18:58:49 -05:00
David Maloney 4e76330643
Add skeleton for VNC lgoinscanner
Add skeleton and specs for the VNC Loginscanner

MSP-9686
2014-05-09 11:55:15 -05:00
Trevor Rosen c77412d373 Merge pull request #13 from rapid7/feature/login_scanner/mysql
Add LoginScanner for MySQL

MSP-9676 #land
2014-05-08 15:05:24 -05:00
Trevor Rosen 894ecaafb4 Merge pull request #12 from rapid7/feature/login_scanner/pg
Add Postgres LoginScanner class

MSP-9679 #land
2014-05-08 14:38:56 -05:00
David Maloney 42de1ab1f1
whitespace removal 2014-05-08 14:18:06 -05:00
David Maloney cfb13ed1bd
Merge branch 'staging/electro_release' into feature/login_scanner/mysql 2014-05-08 13:55:09 -05:00
James Lee 2d2b5ea9e4 Merge remote-tracking branch 'private/feature/login_scanner/mssql' into feature/login_scanner/smb 2014-05-08 13:45:06 -05:00
James Lee 13fe8c0869
Default Credential#paired to true 2014-05-08 13:34:31 -05:00
David Maloney 20edabb0f5
mySQL Loginscanner with specs to match
This season's colours for Loginscanner is MySQL
with Unit Test Coverage applied to match.
2014-05-08 13:16:12 -05:00
David Maloney b72f0f8ffc
try to fix bad push/revert mess 2014-05-07 18:43:37 -05:00
David Maloney 9919d54116 Revert "final touches and specs"
This reverts commit e025fa1791.
2014-05-07 18:34:34 -05:00
David Maloney e025fa1791
final touches and specs
add finishing touches to postgres
Loginscanner and add specs to cover
the behaviour
2014-05-07 18:32:36 -05:00
David Maloney acbff23c32
final wrap-up specs
successkid.jpg
2014-05-07 16:07:18 -05:00
David Maloney ec974535ac
create base object for mssql scanner
created skeleton for MSSQL Loginscanner
included concerns.

also added an NTLM concern and shared example group
2014-05-07 14:43:15 -05:00
David Maloney 5e6f57f711
fix up some more specs
some spec cleanup and added basic specs
to the HTTP LoginScanner
2014-05-01 12:10:51 -05:00
David Maloney 0dd22395eb
use credential objects inside results
altered results to just hold a credential
object instead of duplicating attributes
2014-04-30 17:17:57 -05:00
David Maloney 4995fcdced Shared Examples for RexSocket mixin
shared example group for the Loginscanner RexSocket
mixin. Pretty simple stuff, just trying to keep it
DRY.
2014-04-30 15:47:52 -05:00
David Maloney 1cd3f3f0da
finished first shared example group
base behaviour is now defined in shared
example group and the specs all use that
shared example group
2014-04-30 14:40:37 -05:00
David Maloney a4cc311106
test base behaviour in shared examples
start moving specs to a shared example group
for all behaviour defined by the LoginScanner
Base
2014-04-30 14:35:29 -05:00
David Maloney a08421b30f
apply reasonable defaults
give each lgoinscanner the ability to select
reasonable defaults for certain attributes
2014-04-30 13:56:29 -05:00
David Maloney e5276d111d
Merge branch 'staging/electro_release' into feature/login_scanner/snmp
Conflicts:
	lib/metasploit/framework/login_scanner/result.rb
2014-04-30 10:21:35 -05:00
Lance Sanchez ddee401e27
Merge branch 'feature/MSP-9684/sshkey_loginscanner' into staging/electro_release
MSP-9684 #land
2014-04-29 15:21:56 -05:00