Commit Graph

1055 Commits (858d9b1e7a9f08b876ea55147e855d3c2cc8fb19)

Author SHA1 Message Date
Luke Imhoff 6a54f0ac4c
Spec methods from db_manager.rb
MSP-11466
2014-10-08 10:53:14 -05:00
Luke Imhoff c09335985b
Sort specs
MSP-11466
2014-10-08 10:52:21 -05:00
nstarke b8c2643d56 Converting Module to LoginScanner w/ Specs
The previous commits for this Jenkins CI module relied on an
obsolete pattern.  Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
2014-10-06 21:14:10 -05:00
jvazquez-r7 3aadaf672e Fix @lsanchez-r7's feedback, single expectation per test and avoid explicit use of subject 2014-10-06 16:08:20 -05:00
Samuel Huckins 0dfd8e25b8
Land #3846, Rex::ImageSource specs 2014-10-02 12:33:56 -05:00
Vincent Herbulot 041d44ecc6 Spec modification to allow previous commit
The spec was requiring the WAR to be at /deploy but this path was a
typo introduce while refactoring. The initial correct path is
/deploy/management
2014-10-01 18:30:53 +02:00
Vincent Herbulot a48d6053ab Added spec for jboss/deployment_file_repository 2014-10-01 11:57:01 +02:00
us3r777 47507e1ff1 Slight modifications to pass msftidy 2014-09-29 23:59:12 +02:00
us3r777 f9b6519e49 Added spec to new methods in Jboss mixin 2014-09-29 23:45:40 +02:00
sinn3r 9e5826c4eb
Land #3844 - Add the JSObfu mixin to Firefox exploits 2014-09-29 11:15:14 -05:00
Joe Vennix 2b02174999
Yank Android->jsobfu integration. Not really needed currently. 2014-09-25 16:00:37 -05:00
jvazquez-r7 e4f71d79ac Fix grammar 2014-09-24 15:17:09 -05:00
sinn3r 35f788a1a4
Land #3848 - Add specs for Rex::Arch 2014-09-23 13:03:40 -05:00
jvazquez-r7 0dfc2d3f87 Add specs for Rex::ExtTime 2014-09-22 14:55:14 -05:00
jvazquez-r7 db587afac8 Add specs for Rex::Arch 2014-09-22 14:10:55 -05:00
jvazquez-r7 701d6470c9 Add specs for Rex::Oui 2014-09-22 13:28:07 -05:00
jvazquez-r7 a677749f5b Add specs for #read_asciiz and fix bugs there 2014-09-22 12:14:21 -05:00
jvazquez-r7 f804d42ddc Add specs for Memory#index 2014-09-22 11:43:18 -05:00
jvazquez-r7 b121764003 Add specs for Memory#subsource 2014-09-22 11:30:30 -05:00
jvazquez-r7 3500e1ce7c Add specs for Memory#close 2014-09-22 11:18:21 -05:00
jvazquez-r7 a612caf1ae Finish examples for Memory#read 2014-09-22 11:17:09 -05:00
jvazquez-r7 df7ee55962 Add first specs for Rex::ImageSource::Memory#read 2014-09-22 11:06:34 -05:00
jvazquez-r7 77122895db Add specs for Rex::ImageSource::Memory#initialize 2014-09-22 11:02:24 -05:00
jvazquez-r7 a249eb1026 Add specs for Disk#subsource and Disk#close 2014-09-22 10:50:11 -05:00
jvazquez-r7 23bf36bc75 Start specs for Disk#subsource 2014-09-22 10:37:56 -05:00
jvazquez-r7 3f1eea55a6 Add specs for Disk#read and Disk#index 2014-09-22 10:35:54 -05:00
Luke Imhoff f61afe2598
Merge branch 'master' into bug/MSP-11368/boot-profiling
MSP-11368
2014-09-22 10:00:07 -05:00
jvazquez-r7 46e4235e79 Add spec templates 2014-09-22 09:16:21 -05:00
Joe Vennix ec88957ff4
Whitespace tweaks. 2014-09-21 23:57:58 -05:00
Joe Vennix d9e6f2896f
Add the JSObfu mixin to a lot of places. 2014-09-21 23:45:59 -05:00
sinn3r 2e96026725 avoid saying 'should' 2014-09-21 00:56:13 -05:00
sinn3r e1cfc74c32 Move jsobfu to a mixin 2014-09-21 00:39:04 -05:00
sinn3r 9191af6241 Update js_obfuscate 2014-09-20 23:38:35 -05:00
sinn3r cd70014446 Fix os detection rspec
no more window
2014-09-20 21:29:13 -05:00
sinn3r 2d828a2144 Update rspec 2014-09-20 18:09:22 -05:00
sinn3r 135bed254d Update BrowserExploitServer for JSObfu 2014-09-20 17:59:36 -05:00
sinn3r d52236fe05
Land #3835 - JSObfu to a gem 2014-09-20 01:38:45 -05:00
Joe Vennix 8e1b00ce95
Adds JSObfu.disabled for spec stubbing, fixes BES specs. 2014-09-19 20:42:05 -05:00
Joe Vennix df999db547
Add spec to ensure gem loads without error. 2014-09-19 19:49:01 -05:00
Luke Imhoff b863978028
Remove fastlib
MSP-11368
MSP-11143

Remove fastlib as it slows down the code loading process.  From the
previous commit, the mean loading for
`METASPLOIT_FRAMEWORK_PROFILE=true msfconsole -q -x exit` was
27.9530±0.3485 seconds (N=10).  The mean after removal of fastlib
was 17.9820±0.6497 seconds (N=10).  This means an average 35.67%
reduction in boot time.
2014-09-18 15:24:21 -05:00
Luke Imhoff 44588cc014
Add detected_arch to expected hosts columns in spec
MSP-11359
2014-09-18 12:34:34 -05:00
James Lee 3e42fcbbab
Land #3794, NDR encoding specs
MSP-11370 #land
2014-09-16 16:23:22 -05:00
sinn3r 169d04020d
Land #3571 - Add Wordpress XML-RPC Login Scanner (with LoginScanner) 2014-09-16 14:51:24 -05:00
jvazquez-r7 ca4c4f55bd Add specs for Rex::Encoder::Alpha2::UnicodeMixed 2014-09-15 17:05:08 -05:00
jvazquez-r7 ee45056827 Add specs for Rex::Encoder::Alpha2::UnicodeUpper 2014-09-15 16:57:26 -05:00
jvazquez-r7 3dc53cd013 Add specs for Rex::Encoder::Alpha2::AlphaMixed 2014-09-15 16:43:40 -05:00
jvazquez-r7 e8dce6ac59 Add specs for Rex::Encoder::Alpha2::AlphaUpper 2014-09-15 16:35:54 -05:00
jvazquez-r7 2e126b6a68 Include it_behaves_like 2014-09-15 15:46:53 -05:00
jvazquez-r7 4064fb60ef Refactor specs for Rex::Encoder::Alpha2::Generic 2014-09-15 15:43:31 -05:00
jvazquez-r7 2728318358 Add specs for Rex::Encoder::Alpha2::Generic 2014-09-15 15:26:13 -05:00
jvazquez-r7 3f5fdaebb4 Add specs for Rex::Encoder::NDR 2014-09-15 13:49:18 -05:00
jvazquez-r7 7d4c4c3658
Land #3699, @dmaloney-r7's ipboard login refactor 2014-09-15 08:29:42 -05:00
HD Moore 6bd3675f03 Land #3680, add specs for Rex::MIME 2014-09-13 00:34:39 -05:00
HD Moore 6a2a85d2c4 Land #3789, adds specs for Rex::Proto::Http::Packet::Header
orts
2014-09-13 00:21:43 -05:00
jvazquez-r7 9e21cc8ad4 Add specs for invalid IPBoard application 2014-09-12 16:14:10 -05:00
jvazquez-r7 917a7ffa1e Add specs for valid IPBoard application 2014-09-12 16:08:03 -05:00
Cucumber b80519dc16
Lands #3779, specs
MSP-11343

Merge specs that I missed during last merge.
2014-09-12 14:49:26 -05:00
James Lee f68628c487 Add minimal specs for rex/proto/http/packet/header 2014-09-12 14:30:27 -05:00
sinn3r 12e3cb3c6a
Land #3764 - Add specs for Rex::Encoder::NonAlpha 2014-09-12 12:09:55 -05:00
sinn3r 54c353a15e
Land #3788 - Adds a spec to ensure HttpServer runs Concern hooks. 2014-09-12 12:05:55 -05:00
Joe Vennix a617556f29
Add a helpful comment. 2014-09-12 10:55:08 -05:00
Joe Vennix 0194674542
Oops. Don't duplicate spec block. 2014-09-12 10:54:30 -05:00
Joe Vennix 46f256a6bd
Adds a spec to ensure HttpServer runs Concern hooks. 2014-09-12 10:52:57 -05:00
jvazquez-r7 25a09ea227 Fix valid requests specs 2014-09-12 10:30:17 -05:00
jvazquez-r7 0d054d8354 Update with master changes 2014-09-12 09:52:32 -05:00
jvazquez-r7 183ba3422d Add specs for logins 2014-09-12 09:50:32 -05:00
James Lee 0ab36453b9
Add another header spec 2014-09-11 12:20:54 -05:00
James Lee a8e3ff0c0f
Add specs to verify server header matching 2014-09-11 11:42:38 -05:00
James Lee 8aa06b8605
Better api for check_setup 2014-09-10 23:43:54 -05:00
sinn3r 1b4ceec4f9
Land #3743 - Add specs for Rex::Arch::X86 2014-09-09 17:24:08 -05:00
sinn3r e82348f157
Land #3762 - Add specs for Rex::Arch::Sparc 2014-09-09 16:10:26 -05:00
jvazquez-r7 962c66b3bb Fix some descriptions 2014-09-08 18:17:24 -05:00
jvazquez-r7 8370bf0f2a Finish XDR specs 2014-09-08 18:05:09 -05:00
jvazquez-r7 44724d1141 Add specs for .decode_varray 2014-09-08 17:12:04 -05:00
jvazquez-r7 8af13592c2 Add first specs for Rex::Encoder::XDR 2014-09-08 16:25:53 -05:00
David Maloney cd3cdc5384
Merge branch 'master' into feature/ipboard-login-refactor 2014-09-08 14:48:37 -05:00
jvazquez-r7 f521cc598d Delete .encode specs, anyone uses the method, plus looks wrong 2014-09-08 14:42:43 -05:00
jvazquez-r7 9a74e60db3 Add specs for .encode 2014-09-08 14:32:33 -05:00
jvazquez-r7 11ca383d4f Add specs for .encode_byte 2014-09-08 14:24:03 -05:00
jvazquez-r7 3535a6a21d Add first specs for .gen_decoder and .encode_byte 2014-09-08 14:07:21 -05:00
jvazquez-r7 4c15954be5 Add specs for Rex::Arch::Sparc 2014-09-08 11:59:52 -05:00
William Vu ae5a8f449c
Land #3691, gdbserver hax 2014-09-08 11:48:39 -05:00
us3r777 cc5b852517 Fixed spec for lib/msf/http/jboss
Revert commit abdd72e8c6.
Added some spec for lib/msf/http/jboss/deployment_file_repository_scripts
2014-09-08 17:42:04 +02:00
jvazquez-r7 10bb77af9f
Land #3716, @wchen-r7's Glassfish LoginScanner update 2014-09-07 21:54:34 -05:00
jvazquez-r7 6cdfd322f2 change should to expect 2014-09-07 21:35:33 -05:00
jvazquez-r7 e6f7b35d0d Use context to describe #attempt_login 2014-09-07 21:26:01 -05:00
jvazquez-r7 f266ca99f5 Use allow_any_instance_of as with rspec 3 2014-09-07 21:18:22 -05:00
jvazquez-r7 768b50974f Redo try_glassfish_3 specs 2014-09-07 21:04:43 -05:00
jvazquez-r7 07238ef7b3 Redo try_glassfish_2 specs 2014-09-07 20:47:54 -05:00
jvazquez-r7 9a42e7635a Use expect instead of should on try_login 2014-09-07 20:01:44 -05:00
jvazquez-r7 06207afb12 Use expect instead of should 2014-09-07 19:37:24 -05:00
jvazquez-r7 424d1ec47f Add example to describe how send_request handles a JSESSIONID cookie 2014-09-07 19:33:56 -05:00
sinn3r ff6cce8bd1 3rd person 2014-09-06 01:56:39 -05:00
sinn3r 419b2136b1 remove the "instance methods" context 2014-09-06 01:42:48 -05:00
sinn3r c8ccb5e848 In 3rd person 2014-09-06 01:39:32 -05:00
sinn3r 0dcf481d76 This one is good to go 2014-09-04 14:13:33 -05:00
sinn3r e1694ec3e5 LoginScanner update for hp_sys_mgmt_login
Work in progress
2014-09-03 16:23:57 -05:00
sinn3r 954475c0bf Add rspec and update about secure admin 2014-09-02 20:35:25 -05:00
jvazquez-r7 15f19468a1 Do last cleanup 2014-09-02 18:57:10 -05:00
jvazquez-r7 3ad0542b2a Fix some specs 2014-09-02 18:50:37 -05:00
jvazquez-r7 a1823b6c1e Add more specs for Rex::Arch::X86 2014-09-02 18:17:14 -05:00
jvazquez-r7 16111aa2f7 Use RSpec::Mocks::Double 2014-09-02 13:25:05 -05:00
jvazquez-r7 fdb66d978b Fix remainings be_truthy and be_falsey conditionals 2014-09-02 13:22:21 -05:00
jvazquez-r7 9cec62d52b
Merge branch 'specs_its' into fix_deprecation_warnings 2014-09-02 13:14:21 -05:00
jvazquez-r7 15e564ddf3
Merge branch 'collection_owner' into fix_deprecation_warnings 2014-09-02 13:14:09 -05:00
jvazquez-r7 824ff7fc72
Merge branch 'specs_skip' into fix_deprecation_warnings 2014-09-02 13:13:09 -05:00
jvazquez-r7 e0c6f5032f Avoid its in Msf::DBManager specs 2014-09-02 12:46:50 -05:00
jvazquez-r7 bf0d30cf03 Fix rspec-collection_matchers deprecation warning in Rex::Socket::RangeWalker 2014-09-02 11:08:26 -05:00
jvazquez-r7 5a0b6ece6e Use is_expected 2014-09-02 10:27:53 -05:00
jvazquez-r7 764af20567 Fix rspec-collection_matchers deprecation warnings in Rex::Socket 2014-09-02 10:21:52 -05:00
us3r777 abdd72e8c6 Refactor spec to match lib/msf/jboss
Moved bean_hsell_scripts_spec to scripts_spec. Fixed a typo.
2014-08-31 19:13:40 +02:00
David Maloney 928aeffcba
add wordpress_rpc loginscanner and specs 2014-08-29 13:06:12 -05:00
Samuel Huckins fa77caa819
Merge branch 'bug/MSP-11153/database-config-overrides'
MSP-11153 #land
2014-08-28 17:12:37 -05:00
Luke Imhoff 5ab8fcd026
Remove realpath call from expected user_configurations_pathname
MSP-11153

realpath is not used in the actual code anymore because it doesn't work
for non-existent paths.
2014-08-28 11:51:25 -05:00
Luke Imhoff 951ce15b44
Move database.yml selection to Metasploit::Framework::Database
MSP-11153

Test the following paths in order and only return them if the path
exists:

1. MSF_DATABASE_CONFIG environment variable
2. ~/.msf4/database.yml
3. <project>/config/database.yml
2014-08-27 12:01:43 -05:00
Tom Sellers 4a1b037af0 Remaining files.. 2014-08-26 18:15:58 -05:00
jvazquez-r7 b37e1a5421 Solve conflicts 2014-08-26 17:51:37 -05:00
jvazquez-r7 0d9d722525 skip examples pending of pivotaltracker 38730815 2014-08-26 16:49:13 -05:00
Joshua Smith 49adde2095
Land 3702, prefer be_falsey and cleanup specs 2014-08-26 15:24:41 -05:00
Joshua Smith 1fa26e2afb cleans up a bunch of spec msftidy issues 2014-08-26 15:24:08 -05:00
jvazquez-r7 042b8a3672 Switch from pending to skip in specs 2014-08-26 15:17:00 -05:00
HD Moore ba1f7c3bf6 Land #3687, reworks the nat-pmp portscanner 2014-08-26 14:34:46 -05:00
HD Moore 4e19d9ade1 Land #3545, fix up sip scanners, msftidy, db services cmd 2014-08-26 14:07:21 -05:00
Jon Hart 5ad090e833 Add unit test for and correct parsing of NAT-PMP port map responses 2014-08-26 10:49:53 -07:00
Jon Hart b0347906e3 Correct NATPMP external address resposne epoch and result parsing 2014-08-26 10:49:52 -07:00
Jon Hart 337cd02dd7
Change Auxiliary::DRDoS' prove_drdos to prove_amplification 2014-08-26 07:48:44 -07:00
jvazquez-r7 41420a97d5 Solve conflicts 2014-08-26 09:04:05 -05:00
jvazquez-r7 57afaf6580 undo be_false case 2014-08-25 23:58:08 -05:00
jvazquez-r7 60ecf4e8c4 Use be_truthy instead of be_true 2014-08-25 23:58:08 -05:00
jvazquez-r7 aa47746290 Undo incorrect be_true switch 2014-08-25 18:23:55 -05:00
jvazquez-r7 c372f5164b And switch more cases to be_falsey 2014-08-25 17:50:38 -05:00
jvazquez-r7 a1e1cef418 More use of be_falsey 2014-08-25 17:38:50 -05:00
jvazquez-r7 dd1c015e4e Use be_falsey 2014-08-25 17:34:55 -05:00
jvazquez-r7 9a14b64051 First version of Rex::Arch::X86 specs 2014-08-25 16:44:28 -05:00
Jon Hart 6185721a61 Address @hmoore-r7's feedback regarding binary encoding 2014-08-25 13:11:22 -07:00
Jon Hart e3753e3649 Refactor SIP response parsing for future improvements 2014-08-25 13:11:21 -07:00
Jon Hart 02e41c27e7 Split SIP response parsing out on its own, add unit tests.
Passes rspec but fails in framework. WIP.
2014-08-25 13:11:20 -07:00
David Maloney 32b1a5ea23
add ipboard loginscanner
add loginscanner class for IPBoard with specs
this should replicate the functionality originally written
by Chris Truncer, but move it into a testable, reusable class
2014-08-25 13:58:30 -05:00
William Vu 1ee83ff57e
Land #3696, pile of NTP DRDoS 0days
Dr. DoS in da house?
2014-08-25 11:47:28 -05:00
Joe Vennix a27754c5c1
Tweak specs a bit. 2014-08-24 02:41:37 -05:00
Joe Vennix 120f416f9c
Add spec for Msf::EncodedPayload.create. 2014-08-24 02:36:09 -05:00
Joe Vennix 6313b29b7a
Add #arch method to Msf::EncodedPayload.
This allows exploits with few one automatic target to support many
different architectures.
2014-08-24 02:22:15 -05:00
jvazquez-r7 8945f04ffd Add specs for Msf::HTTP::JBoss::BeanShell 2014-08-22 16:13:38 -05:00
jvazquez-r7 f57dd9a224 Add specs for #generate_bsh 2014-08-22 15:39:58 -05:00
jvazquez-r7 2b3058869f Add Msf::HTTP::JBoss::BeanShellScripts specs 2014-08-22 15:36:29 -05:00
jvazquez-r7 7ee5423310 Add specs for Msf::HTTP::JBoss::Base 2014-08-22 15:11:27 -05:00
jvazquez-r7 38e6576990 Update 2014-08-22 13:22:57 -05:00
jvazquez-r7 da0950df24
Land #3674, @todb-r7's patch for RangeWalker spec 2014-08-22 11:57:14 -05:00
Joe Vennix 95fbb8f1b7
Land PR #3672, dmaloney-r7's login scanner credential rework. 2014-08-22 11:15:32 -05:00
Brandon Turner 05f0d09828
Merge branch staging/electro-release into master
On August 15, shuckins-r7 merged the Metasploit 4.10.0 branch
(staging/electro-release) into master.  Rather than merging with
history, he squashed all history into two commits (see
149c3ecc63 and
82760bf5b3).

We want to preserve history (for things like git blame, git log, etc.).
So on August 22, we reverted the commits above (see
19ba7772f3).

This merge commit merges the staging/electro-release branch
(62b81d6814) into master
(48f0743d1b).  It ensures that any changes
committed to master since the original squashed merge are retained.

As a side effect, you may see this merge commit in history/blame for the
time period between August 15 and August 22.
2014-08-22 10:50:38 -05:00
Brandon Turner 19ba7772f3
Revert "Various merge resolutions from master <- staging"
This reverts commit 149c3ecc63.

Conflicts:
	lib/metasploit/framework/command/base.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/require.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/smb/smb_login.rb
	msfconsole
2014-08-22 10:17:44 -05:00
jvazquez-r7 fd05e634e8 Move once more let into describe 2014-08-21 10:41:37 -05:00
jvazquez-r7 b0a4ea6750 Move let helpers to describe groups 2014-08-21 10:39:16 -05:00
jvazquez-r7 6301d79162 Describe setters just expecting how assignement to properties should happen 2014-08-21 10:34:52 -05:00
jvazquez-r7 54395e38a0 Use a part subject to describe #add_part 2014-08-21 10:29:44 -05:00
jvazquez-r7 9dcc95fb04 Fix Rex::MIME::Message#initialize boundaries parsing 2014-08-20 10:22:38 -05:00
jvazquez-r7 e8a6307df1 Fix Rex::MIME::Header#parse 2014-08-20 09:42:44 -05:00
jvazquez-r7 e5fc0a007f Add some Message specs 2014-08-20 09:31:49 -05:00
jvazquez-r7 e4b586a96d Add specs for add_part_inline_attachment 2014-08-20 08:32:58 -05:00
jvazquez-r7 381c88f814 Add specs for add_part and add_part_attachment 2014-08-19 17:06:59 -05:00
Tod Beardsley a4c6a10edb
The .foo domain is live now.
I still kinda hate these tests, though, since they fail in wildcard DNS
environments (like OpenDNS).
2014-08-19 16:47:30 -05:00
jvazquez-r7 0585b13398 Add first specs for Rex::MIME::Message 2014-08-19 15:17:17 -05:00
sinn3r 311cc5befb
Land #3668 - Add specs for Rex::Exploitation::HeapLib 2014-08-19 13:14:24 -05:00
sinn3r 7bf637716a
Land #3663 - Add specs for Rex::Exploitation::EncryptJS 2014-08-19 13:08:14 -05:00
sinn3r ad241910d0 This is more invalid than the other one 2014-08-19 10:39:50 -05:00
David Maloney 473b92a060
Merge branch 'master' into feature/MSP-10992/scanner-dry
Conflicts:
	Gemfile.lock
	lib/metasploit/framework/command/console.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/credential.rb
	lib/metasploit/framework/credential_collection.rb
	lib/metasploit/framework/login_scanner/afp.rb
	lib/metasploit/framework/login_scanner/axis2.rb
	lib/metasploit/framework/login_scanner/db2.rb
	lib/metasploit/framework/login_scanner/ftp.rb
	lib/metasploit/framework/login_scanner/http.rb
	lib/metasploit/framework/login_scanner/mssql.rb
	lib/metasploit/framework/login_scanner/mysql.rb
	lib/metasploit/framework/login_scanner/pop3.rb
	lib/metasploit/framework/login_scanner/postgres.rb
	lib/metasploit/framework/login_scanner/result.rb
	lib/metasploit/framework/login_scanner/smb.rb
	lib/metasploit/framework/login_scanner/snmp.rb
	lib/metasploit/framework/login_scanner/ssh.rb
	lib/metasploit/framework/login_scanner/telnet.rb
	lib/metasploit/framework/login_scanner/vnc.rb
	lib/metasploit/framework/parsed_options/console.rb
	lib/metasploit/framework/require.rb
	lib/metasploit/framework/version.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/afp/afp_login.rb
	modules/auxiliary/scanner/db2/db2_auth.rb
	modules/auxiliary/scanner/ftp/ftp_login.rb
	modules/auxiliary/scanner/http/axis_login.rb
	modules/auxiliary/scanner/http/http_login.rb
	modules/auxiliary/scanner/http/tomcat_mgr_login.rb
	modules/auxiliary/scanner/mssql/mssql_login.rb
	modules/auxiliary/scanner/mysql/mysql_login.rb
	modules/auxiliary/scanner/pop3/pop3_login.rb
	modules/auxiliary/scanner/postgres/postgres_login.rb
	modules/auxiliary/scanner/snmp/snmp_login.rb
	modules/auxiliary/scanner/ssh/ssh_login.rb
	modules/auxiliary/scanner/ssh/ssh_login_pubkey.rb
	modules/auxiliary/scanner/telnet/telnet_login.rb
	modules/auxiliary/scanner/vnc/vnc_login.rb
	modules/auxiliary/scanner/winrm/winrm_login.rb
	spec/lib/metasploit/framework/credential_spec.rb
	spec/lib/msf/core/framework_spec.rb
2014-08-19 10:30:16 -05:00
sinn3r 17b03e7d34 Fix rspec due to an invalid dns becoming valid 2014-08-19 10:28:30 -05:00
jvazquez-r7 663e11f16b Add specs for Rex::MIME::Part 2014-08-18 18:03:27 -05:00
jvazquez-r7 85662d5ccd Add specs for Rex::MIME::Header 2014-08-18 17:33:26 -05:00
jvazquez-r7 73ac0e9537 Add specs for Rex::MIME::Encoding 2014-08-18 16:04:08 -05:00
jvazquez-r7 f812d2619c Fix load_js when opts[:newobfu] and add specs 2014-08-18 13:50:19 -05:00
jvazquez-r7 3dae6ee934 Not prefixing the class when describing method 2014-08-18 12:19:30 -05:00
jvazquez-r7 2dc579d467 Add template for specs 2014-08-18 12:16:20 -05:00
jvazquez-r7 75df32b1d3 Use single quoted strings out of the spec strings 2014-08-18 11:43:54 -05:00
jvazquez-r7 4ffd166918 Add specs for Rex::Exploitation::EncryptJS 2014-08-18 11:31:36 -05:00
Vincent Herbulot 2b59337e9a Jboss spec modifications.
Various changes in the jboss spec to match the newly refactored
methods in lib/msf/http/jboss.
2014-08-18 17:19:09 +02:00
Samuel Huckins 149c3ecc63
Various merge resolutions from master <- staging
* --ask option ported to new location
* --version option now works
* MSF version updated
* All specs passing
2014-08-15 11:33:31 -05:00
David Maloney fcfce9efec
Merge branch 'staging/electro-release' into feature/MSP-10992/scanner-dry 2014-08-12 11:22:51 -05:00
Jon Hart 8e626c1b60
Add rspec coverage for Msf::Auxiliary::DRDoS 2014-08-09 21:12:10 -07:00
Brandon Turner 91bb0b6e10 Metasploit Framework 4.9.3-2014072301
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJT0CeVAAoJEJMMBVMNnmqO/7AP/0CBRHjtgiR9VnFKSQ+iWTQV
 iPNMBevn0mpSRq/gpoKCeFBZ6b+YQYrOLXDKVk62VV9LCslkr/P8LW8ul+m+JtB0
 mM6V5esUXM1XhgGEyTnTLRx6BR/WQU1RHlb56ae3nZjQlwCuH/5zEmcy5toZxpsY
 6HO46zE0GGBoLr/VgyYlfT08bfoQ+ICyJN0H5ixoovCc3iW0K1MNqLMfdani8zBJ
 gYJaMysV7XtepumWWQMSC+b/EuertdXXzWDy2bwe0Q3cQXNXzrkPAvtMqucWG+gy
 783OLKCPtVoEZiX87xAptkwmVCRdNGPclaWH7YRZDAh1tqBfRQUg72V/TIrOHCP1
 /lYO7yp5pBQg+1UNnpH+xI2YePFfYdHpYDNT5FSQGOnQjJg30ll4SqCm7cVmo2h5
 BRSYXkPCsQeXGaFarxGERNb8e+qN/WzSrHzY45tQw8mDuhg94tlf3VtDag3FXxhj
 zCxd6bu+tdboVm7FERS85T46kxzmeIycZ4p+Sf7d8gXitl2RKbBdKFNDi1gzeK1T
 yN7bDl4sL7qtDgZLXjFrnyC8vXyAqIrAgmFr2JywMBRm6TiCGQvgnrs+sScU3RFU
 W2tblGbKQq+CwDeC59uQPqxRkm72SMUrKX9448VEQ+9XbKE3TMQ5Q4qCxmnw31Op
 aJ0QgKJz8thZgafZc89I
 =e1z9
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCgAGBQJT4pb8AAoJEA+Ckxyj7hsHn+8P/3FlEYCmoqQ/JzsVtmP3Yi4Q
 gBRva+crY831mCCQXFrPJBvWfmy5HOzVh+Zh7zWF0GQ1WuuMppHfR5ARFVwmiDs3
 qwndhXwziDzBnznf0JKSgT5eJsH23s/ots1lyWymKJvPuT6hn6MRAHUawgnNmYR9
 ttnawmHvCM9Iha2oz3nmkLcNd+83bdBfEWi5l8AQ7jJxwMC2/8VPpMscVVwXqPzd
 CoQugAYZW5VeaEiGio5+19Ix9EPkIDvs6wnfGBtfPfeaOIDZV4XOFoIFUtEeZd5o
 olvEpYvdqscy4Qujzn4C++3wX3bUxkIbHTJHgrKmlD83dI7Cu1JH716G+yfLoJo0
 pQBWTGeWYKEh6leK/9J5Bo1/tOJ/ylbcbvH0Y0tmdu4icHar6uYe1QBrCB9xIdh1
 F+xo4guYnVo616DXJQSwjIye83b5dBxACrfA3bqCnFVFgTM5jXGV1cqiBgs9Dl++
 tIDPgUJkCe/bIdQ7PntlGRzxKihHahlxhCa++YaGKqSq7gXie8Rl4qgloIrbfNZ/
 z3XsoOLNdbMGO7ip88Zjwq4Khj5WZu7ijfCtXO7GU1UJZL1tJ2yK2ic7ZDLc251Y
 8EGMSTG53+6yvZYFtWMZeQzjwD2cpuF04dOmHOKi6KGJJ7KRPhn6gpsbc6U1mbH9
 AjGcfOzhhcsY+WAQ7OG+
 =Pjob
 -----END PGP SIGNATURE-----

Merge tag '2014072301' into staging/electro-release

Conflicts:
	Gemfile.lock
	modules/post/windows/gather/credentials/gpp.rb

This removes the active flag in the gpp.rb module.  According to Lance,
the active flag is no longer used.
2014-08-06 15:58:12 -05:00
Luke Imhoff a37244c14e
Fix specs
MSP-10998
2014-08-01 21:55:10 -05:00
Luke Imhoff 9096a8a1f5
Remove Msf::Framework::VersionAPI
MSP-10998

It's compacting of the version parts into a single float doesn't work
with APIMinor over 10, so replace with Gem::Version, which compares
parts correctly.
2014-08-01 21:43:14 -05:00
Luke Imhoff 22db5aad8a
Remove Msf::Framework::VersionCore
MSP-10998

It can't handle 4.10.0 because it tries to compact the multiple part
version into one float using (1 / 10.0).
2014-08-01 21:31:48 -05:00
David Maloney dbde046f44
use to_h instead of to_hash
apparently ruby 2 adds this as a standard method so
we should stay compliant
2014-08-01 09:45:51 -05:00
David Maloney 0e65792f43
Merge branch 'staging/electro-release' into feature/loginscanner-report-dry 2014-08-01 09:41:30 -05:00
Brandon Turner 915e09ac50
Update framework version spec and Gemfile 2014-08-01 09:26:38 -05:00
Meatballs b4111df381
Retab spec 2014-08-01 14:41:20 +01:00
Meatballs 4ef3de84f3
get some more test cases 2014-08-01 14:34:17 +01:00
Meatballs 1fb4216d6d
Update spec 2014-08-01 12:08:03 +01:00
David Maloney 374c6532fa
add to_hash to Credential
begining of the chain to DRYing up
credential reporting in the loginscanner
2014-07-31 18:10:48 -05:00
Meatballs 53b66f3b4a Land #2075, Powershell Improvements 2014-07-31 00:49:39 +01:00
James Lee ef59d88f64
Fix spec failure due to workspace mismatch
Also fixes intermittent failure from FactoryGirl picking a heinous
Origin type.
2014-07-30 11:26:35 -05:00
us3r777 2efeb850ee Added spec to lib/msf/http/jboss 2014-07-29 02:04:57 +02:00
us3r777 9e9244830a Added spec for lib/msf/http/jboss
Also renamed get_undeploy_bsh and get_undeploy_stager to
gen_undeploy_bsh and gen_undeploy_stager to be consistent
with the other functions
2014-07-29 01:57:04 +02:00
jvazquez-r7 79fe342688
Land #3558, @FireFart's improvements to wordpress mixin 2014-07-28 09:52:20 -05:00
James Lee c65db18090
Add rudimentary specs and fix some help wording 2014-07-28 09:19:09 -05:00
darkbushido 064d624322
changing Credential == operator
it should no longer raise no method errors when comparing a credential to
an object that doesnt respond to public, private, or realm
2014-07-23 16:17:09 -05:00
Christian Mehlmauer baff003ecc
extracted check version to module
also added some wordpress specs and applied
rubocop
2014-07-22 17:02:35 +02:00
Luke Imhoff 14fa49cdeb
Update spec to handle Mdm::Service#proto sequence
MSP-10029

Mdm::Service factories were changed in metasploit_data_models 0.19.0 to
use a sequence that cycles between 'tcp' and 'udp'.  To make the spec
clearer, just hard-code the protos under test instead of relying on
default behavior.
2014-07-22 09:47:35 -05:00
jvazquez-r7 ef12a632f6 Change filename 2014-07-22 08:20:32 -05:00
jvazquez-r7 72c2c07495 Add the specs, really 2014-07-21 17:39:51 -05:00
Tod Beardsley ffafd4c01f
Add NTP fuzzer from @jhart-r7
Looks good to me!
2014-07-21 12:38:12 -05:00
Meatballs 474ee81807
Merge remote-tracking branch 'upstream/master' into pr2075 2014-07-20 21:01:54 +01:00
Meatballs b28343842f Address @jhart-r7's comments 2014-07-20 21:00:34 +01:00
scriptjunkie 8fe508207c Merge Meatballs' gpp_again pull into new branch 2014-07-19 11:10:14 -05:00
Meatballs 7583ed4950
Merge remote-tracking branch 'upstream/master' into pr2075 2014-07-16 20:34:34 +01:00
sinn3r 4fb58202fa
Land #3529 - Handle Rex::AddressInUse exception 2014-07-16 13:57:41 -05:00
David Maloney 52a29856b3
Merge branch 'master' into staging/electro-release
Conflicts:
	Gemfile
	Gemfile.lock
2014-07-16 09:38:44 -05:00
Matt Buck eff2defdde
Fix bug due to Metasploit::Model::Login::Status refactor
MSP-10718
2014-07-16 04:14:45 -05:00
David Maloney 939e585658
refactor all loginscanners
loginscanners now use LoginStatus constants
for the result statuses
2014-07-15 13:17:56 -05:00
jvazquez-r7 4098979448 Add spec 2014-07-15 13:06:53 -05:00
David Maloney 846679bef9
change Result status
result bojects now use Login::status constants
for their status
2014-07-15 11:39:38 -05:00
Trevor Rosen cc93dbbe29 Merge pull request #102 from rapid7/feature/MSP-9707/smb-bruteforce-refactor
Feature/msp 9707/smb bruteforce refactor

MSP-9707 #land
2014-07-11 11:33:12 -05:00
James Lee 147c6d8160
Merge branch 'feature/MSP-10660/realm_adjustments' into staging/electro-release 2014-07-10 13:52:21 -05:00
David Maloney 8833429987
make shared example usage more readable
this seems less obtuse
2014-07-10 12:58:13 -05:00
David Maloney 7dc58d060e
make only one each method
made the one true enumerator of credentials
for the login_scanner.

also covered the wierd http case where it can have a realm key
but no default realm.
2014-07-10 12:35:09 -05:00
David Maloney 87e6ede123
Merge branch 'master' into staging/electro-release 2014-07-10 08:44:12 -05:00
James Lee 0daa395007
Fix specs for LoginError cases 2014-07-09 18:11:20 -05:00
Tod Beardsley 038d1e210a
Merge upstream/master to deconflict.
Conflicts:
	Gemfile.lock
2014-07-09 17:43:42 -05:00
David Maloney 0c4e53ce5a
fix up specs
a whole bunch of spec changes needed for
these changes.

alos the axis2 spec was actually testing the winrm
class due to copypasta error.
2014-07-09 16:32:59 -05:00
David Maloney 24fced822e
coerce realm_key when it exists
if the cred has a realm and the loginscanner
has a realm_key, make the credential use the
scanner's realm key
2014-07-09 14:58:20 -05:00
James Lee afe36ab6ad
Merge branch 'staging/electro-release' into feature/MSP-9707/smb-bruteforce-refactor
Conflicts:
	lib/metasploit/framework/login_scanner/smb.rb
2014-07-09 12:50:24 -05:00
David Maloney aeda74f394
Merge branch 'master' into staging/electro-release
Conflicts:
	Gemfile
	Gemfile.lock
2014-07-07 16:41:23 -05:00
James Lee 4d4b8078f8
Unify SSH specs as well 2014-07-07 13:41:08 -05:00
James Lee 71cbbc5388
Merge branch 'feature/MSP-10648/login-scanner-creation' into feature/MSP-10656/unify-ssh-scanners 2014-07-07 13:19:34 -05:00
James Lee b7cfc927c4
Add private_type and realm_key accessors 2014-07-07 13:07:28 -05:00
James Lee 325d2d25b9
Fix requires and derp typos 2014-07-07 10:09:45 -05:00
jvazquez-r7 14b1ed5290 Add spec for comma separated cookies 2014-07-06 16:23:43 -05:00
James Lee 311f43f1e4
Constpocalypse 2014-07-03 18:49:46 -05:00
jvazquez-r7 405de05e4b Add specs for module_flavors 2014-07-03 10:31:39 -05:00
Jon Hart bc3ac1ee36 Correct private message format, update tests 2014-07-03 08:27:27 -07:00
James Lee b7a55d402d
Add likely service ports and names for HTTP 2014-07-02 23:41:31 -05:00
James Lee 9dde47a0bc
Add a simple classes_for_service method 2014-07-02 23:31:56 -05:00
Jon Hart 1830bdc7a5 Add rspec coverage for Rex::Proto::NTP 2014-07-01 12:29:47 -07:00
Tod Beardsley 8b63d3d467 Revert the revert of #3446
This reverts commit 9b35b0e13a.

This should not land on master until the Metasploit Pro folks (@trosen-r7
and friends) get their Meterpreter path specifications working the
same way as Framework's does.
2014-06-29 17:22:21 -05:00
dmaloney-r7 0a6a5a0a12 Merge pull request #92 from rapid7/feature/MSP-9912/metamodule-refactor-ssh-key
Feature/msp 9912/metamodule refactor ssh key
2014-06-27 11:48:57 -05:00
Spencer McIntyre 1b4b4fd1c0 Update the cmdstager spec ArgumentError text 2014-06-27 08:34:57 -04:00
jvazquez-r7 dcd0e77f9e Change #compatible? method name because it's used by Module 2014-06-27 08:34:56 -04:00
jvazquez-r7 af568c856a Add CMStager specs 2014-06-27 08:34:56 -04:00
Lance Sanchez b5351eec2b
adding .to_credential
Metasploit::Framework::Credential and Metasploit::Credential::Core
need to be consumable by the login scanners. the easiest way to do this
was to create a shared to_credential method on both that return Metasploit::Framework::Credential

MSP-9912
2014-06-26 11:05:59 -05:00
David Maloney 9cec330f05
Merge branch 'master' into staging/electro-release 2014-06-26 10:22:30 -05:00
Matt Buck 27ef12bafe
Land #3478, disallow port 0 for portspec
[Closes #3478]
2014-06-25 15:46:30 -05:00
David Maloney 42bfe8ba4f
make portspec specs not insane
the specs for the portspec_to_portlist method
need a lot of work. this gives us some btter minimum coverage
2014-06-25 14:10:06 -05:00
Chris Doughty 9b35b0e13a Revert "Land #3446 -- Meterpreter bins gem switch" due to build failures
This reverts commit bba8bd3498, reversing
changes made to 002234993f.
2014-06-25 13:24:07 -05:00
James Lee f225ac92ab
Refactor smb_login
Maintains the new admin check functionality added in
rapid7/metasploit-framework#3330
2014-06-25 04:13:37 -05:00
OJ bba8bd3498
Land #3446 -- Meterpreter bins gem switch 2014-06-25 03:00:11 +10:00
James Lee 85611702f9 Merge branch 'upstream-master' into feature/MSP-9707/smb-bruteforce-refactor 2014-06-23 23:58:47 -05:00
Tod Beardsley c71eb1aa4e
Add specs for changed object UI 2014-06-22 13:05:17 -05:00
Tod Beardsley 53d0aba305
Add some specs for changed object Priv 2014-06-22 12:54:10 -05:00
Spencer McIntyre 05d4a1ab2c
Land #3342, Support negation in portspec 2014-06-21 18:14:50 -04:00
Tod Beardsley f90e8f00e5
Add the first few specs
Coverage for meterpreter and client core, just the bits I'm changing. I
intend to make liberal use of doubles, since they're easier than mocks
and all I care about is the changed behavior. I refuse to fall into a
trap where I need to first spec out aaaaaalllll of Metepreter just to
make this one change.
2014-06-20 13:18:55 -05:00
David Maloney 99b1702559
Merge branch 'master' into staging/electro-release
Conflicts:
	lib/msfenv.rb
2014-06-20 11:38:47 -05:00
jvazquez-r7 4203e75777
Land #3408, @m-1-k-3's exploit for D-Link hedwig.cgi OSVDB 95950 2014-06-20 10:27:32 -05:00
jvazquez-r7 330caa8c13 Fix specs 2014-06-20 00:08:55 -05:00
jvazquez-r7 ee62428248 Add specs 2014-06-19 18:13:14 -05:00
Luke Imhoff af99c0c01e
Remove `should_receive(:with_connection)` from specs
MSP-10127

Causes specs to randomly fail when with_connection calls from
before(:each) or after(:each) are intercepted by the should_receive
call.
2014-06-19 16:24:53 -05:00
David Maloney d9b7a320ae
fix more broken specs 2014-06-19 14:07:39 -05:00
David Maloney 2ac2dc9d7a
2 minor spec fixes 2014-06-19 13:23:37 -05:00
James Lee b606448976
Merge branch 'feature/MSP-9689/jtr_cracker' into staging/electro-release 2014-06-19 10:14:57 -05:00
David Maloney f1a39ef973
enumerators all done with specs
the enumeration chains are now all complete with specs
so we can enumerate all the words generated by the given options.
2014-06-16 13:31:30 -05:00
David Maloney 9af811a2ed
we need to pass in a workspace 2014-06-15 15:52:57 -05:00
David Maloney 897b0b1ee5
wordlist enumerators with some specs
started the enumerators on the wordlist class
and began adding the specs for them
2014-06-15 13:37:50 -05:00
David Maloney a00ff5aeef
yield custom_wordlist words 2014-06-15 12:16:21 -05:00
David Maloney 8ada0804bd
add valid! spec 2014-06-15 11:22:43 -05:00
David Maloney 41d6b326f2
specs for wordlist validations
added specs to cover the validations on
the JtR wordlist class.
2014-06-15 11:14:11 -05:00
David Maloney a5fb898904
actually set max run time
make maxrutnime affect the crack command
2014-06-14 20:03:56 -05:00
David Maloney 33519b1fcd
cracker validations and specs
more validations and specs for the cracker class
2014-06-14 19:59:59 -05:00
David Maloney 466576d03f
jtr wordlist validations started
start adding validations and exceptions for the
JtR Wordlist class.
2014-06-14 16:16:30 -05:00
David Maloney 873d6e5b99
add all the specs 2014-06-14 12:28:17 -05:00
David Maloney 300baa577c
moar specs! 2014-06-13 17:34:16 -05:00
David Maloney b784bea48e
slow roll of specs for jtr cracker
slowly adding spec coverage for the JtR cracker
2014-06-13 16:08:56 -05:00
David Maloney 7187138134
start injecting sanity 2014-06-13 14:53:56 -05:00
David Maloney a9bcb8b3bd
add skeleton for JtR Cracker
starting work on creating the JtR Cracker class
2014-06-13 11:10:12 -05:00
Samuel Huckins d215b8e5b2 Merge pull request #47 from rapid7/feature/MSP-9712/winrm-bruteforce
45 merged, steps passing.

MSP-9712 #land
2014-06-12 16:04:17 -05:00
dmaloney-r7 ed84336149 Merge pull request #60 from rapid7/feature/MSP-9992/creds-command
Refactor the creds command
2014-06-12 12:24:09 -05:00
James Lee b756395eaa
Merge branch 'staging/electro-release' into feature/MSP-9712/winrm-bruteforce
Conflicts:
	lib/metasploit/framework/credential_collection.rb
	spec/lib/metasploit/framework/credential_collection_spec.rb
2014-06-11 16:21:59 -05:00
James Lee 3a8f6236ad
Add ability to prepend creds to a collection 2014-06-11 14:30:45 -05:00
James Lee c0c1bd40a9
Fix help spec 2014-06-10 17:28:55 -05:00
James Lee 552899ef13
Add a couple more specs for CredentialCollection
Also fixes some typos in docs
2014-06-06 12:12:32 -05:00
David Maloney 9b9de12a38
Merge branch 'master' into staging/electro-release
Conflicts:
	lib/msf/core/framework.rb
2014-06-06 12:04:53 -05:00
dmaloney-r7 ff8e6d2c50 Merge pull request #45 from rapid7/feature/MSP-9988/credential-collection
Add a CredCollection class and refactor WinRM bruteforce module
2014-06-06 11:53:28 -05:00
David Maloney 90b52814b1
fix some spec issues for recent changes 2014-06-06 11:52:49 -05:00
Brandon Turner 82464bd6aa
Update version spec 2014-06-06 10:16:44 -05:00
Luke Imhoff f2a56c041b
Merge branch 'staging/electro-release' into feature/MSP-9653/use-metasploit-concern-in-pro
MSP-9653

Conflicts:
	Gemfile
	Gemfile.lock
2014-06-05 16:22:02 -05:00
James Lee 33a9f8c43f
Add spec for userpass_file 2014-06-05 11:54:59 -05:00
James Lee 45c26343a1
Add spec for pass_file 2014-06-05 11:51:11 -05:00
James Lee b1136752be
Add Credential#== to facilitate specs 2014-06-05 11:37:48 -05:00
Lance Sanchez 262deac155
Fixing the failing specs
for some reason on my box sock.closed? isnt being called. stubbing it out

Kernel.select is being called and cant cast a mock object to an IO object
ok to fix this I'm stubbing select on the scanner object then the call wont
get passed onto the Kernel module
2014-06-05 11:21:34 -05:00
James Lee 41644970bf
Add a CredentialCollection
Also moves Metasploit::Framework::LoginScanner::Credential to
Metasploit::Framework::Credential
2014-06-04 13:01:09 -05:00
Luke Imhoff 1295028595
Remove unneeded MetasploitDataModels.require_models
MSP-9653

Models are loaded using railties features.
2014-06-02 13:54:38 -05:00
Lance Sanchez 15fffb1668
Adding in some tests
cleaning up the regex a bit

MSP-9678
2014-06-02 13:50:30 -05:00
Lance Sanchez f2a2975bc1 Merge branch 'staging/electro-release' into feature/MSP-9678/pop3-login-scanner 2014-06-02 10:56:54 -05:00
Trevor Rosen 8bcd763039 Merge pull request #26 from rapid7/feature/MSP-9685/telnet_login_scanner
Feature/msp 9685/telnet login scanner

MSP-9685 #land
2014-05-30 13:40:18 -05:00
David Maloney 98a23881ee
remove cred creation methods
removed cred creation methods from framework
and include them from the metasploit-credential gem instead
2014-05-30 11:28:53 -05:00
dmaloney-r7 e669324366 Merge pull request #25 from rapid7/feature/MSP-9673/axis2-login-scanner
Add axis2 login scanner
2014-05-29 11:22:22 -05:00
David Maloney d95b0497a7
add more specs
added more specs around telnet specific validations
2014-05-29 11:11:19 -05:00
James Lee 572e4f2bdf
Fix dumb missing options and add spec 2014-05-28 16:32:38 -05:00
David Maloney 1bc2140fa6
Telnet LoginScanner basics
basic Telnet LoginScanner with shell
specs. Need to test functionality
and write additional specs
2014-05-28 14:47:58 -05:00
Lance Sanchez 07a61ae696
adding in changes from before my vacation..
MSP-9678
2014-05-28 13:18:28 -05:00
David Maloney 821a62627a
final spec cleanup 2014-05-28 09:56:26 -05:00
David Maloney ca4c942ceb Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation 2014-05-28 09:40:44 -05:00
David Maloney 967b0d49b1
Merge branch 'master' into staging/electro-release
Conflicts:
	Gemfile
	Gemfile.lock
2014-05-28 09:39:56 -05:00
David Maloney c975d4dc49
some minor cleanup items 2014-05-28 09:26:19 -05:00
Christian Mehlmauer da0a9f66ea
Resolved all msftidy vars_get warnings 2014-05-25 19:29:39 +02:00
Lutz Wolf 2b75a53c93 Add basic rspec for portspec_to_portlist 2014-05-24 23:46:26 +02:00
dmaloney-r7 85737d1235 Merge pull request #22 from rapid7/feature/MSP-9646/afp-loginscanner
AFP login scanner
2014-05-22 15:05:24 -05:00
David Maloney fbacf80839 Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation 2014-05-22 14:39:17 -05:00
David Maloney 19e36cccb3
Credential Core creation now complete 2014-05-21 16:37:13 -05:00
James Lee 5d1a0397ed
Add Tomcat login scanner 2014-05-21 14:28:54 -05:00
David Maloney 3ea99a9d43
private creation w/ specs and docs
the private creation method is now done
with specs and YARD docs
2014-05-21 13:21:56 -05:00
David Maloney 2629549f6f
added realm creation
added method for creating credential realm
creation.
2014-05-21 11:22:22 -05:00
James Lee 8be35b90f4
Add some more specs for AFP login scanner 2014-05-20 17:44:41 -05:00
James Lee d061d36229 Merge branch 'staging/electro-release' into feature/MSP-9646/afp-loginscanner 2014-05-20 17:25:42 -05:00
James Lee 21de14ac3d
Initial stab at AFP login scanner 2014-05-20 17:08:12 -05:00
Meatballs 09af023a71
Merge in parser 2014-05-20 21:56:35 +01:00
Samuel Huckins 62bae8e23b Merge pull request #21 from rapid7/feature/MSP-9687/winrm-loginscanner
Specs and functional steps passing. 

MSP-9687 #land
2014-05-20 11:32:37 -05:00
David Maloney 8a2f05b7d2 Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation 2014-05-20 10:28:33 -05:00
David Maloney 9cdddb08d9
origin specs for realsies
final specs and fixes for the origin creation
methods
2014-05-20 10:19:03 -05:00
David Maloney b84aaaad19
specs and fixes for origin creation 2014-05-20 09:59:15 -05:00
David Maloney ddfa4f1ee7
some origin creation specs
started getting working specs
for the origin creation methods. feel
into the weeds for a bit, but making progress at last.
2014-05-19 15:16:02 -05:00
Samuel Huckins d9687d87f9 Merge pull request #20 from rapid7/feature/MSP-9667/db2_login
Specs passing post update.

MSP-9667 #land
2014-05-16 11:29:31 -05:00
James Lee 9582d82fba Merge remote-tracking branch 'private/staging/electro-release' into feature/MSP-9687/winrm-loginscanner 2014-05-15 13:59:48 -05:00
James Lee efd0db9c39 Merge branch 'upstream-master' into HEAD 2014-05-15 13:53:16 -05:00
James Lee 8a9abb90c0
Add specs for connection error conditions 2014-05-15 10:06:17 -05:00
Lance Sanchez e9b3f10ba7
Drying up some of the status codes
MSP-9678
2014-05-14 17:02:26 -05:00
James Lee 59050d9bf1
Add specs for WinRM, improve those for HTTP 2014-05-14 15:13:29 -05:00
Christian Mehlmauer dc7a8d32d8
Land #3324, msfconsole search timestamp fixes 2014-05-14 21:30:02 +02:00
Luke Imhoff 82d32e39cc
Merge branch 'feature/MSP-9686/vnc_login' into staging/electro-release
MSP-9686
2014-05-14 13:24:13 -05:00
Luke Imhoff a32152ecaa
Merge branch 'staging/electro-release' into feature/MSP-9686/vnc_login
MSP-9686
2014-05-14 13:22:41 -05:00
David Maloney fb671c72a7
Merge branch 'master' into staging/electro-release 2014-05-14 13:00:37 -05:00
dmaloney-r7 acaf713229 Merge pull request #17 from rapid7/feature/MSP-9606/metasploit-credential
Run migrations from Metasploit::Credential and initialize its concerns which patch Mdm
2014-05-14 11:15:07 -05:00
nstarke bb6201d66d Fixing nil bug and making format constant
The date format has been moved into a constant variable.
Certain modules do not have a disclosure_date.  For example,
‘checkvm’.  This necessitated checking disclosure_date for nil
before attempting a format conversion.  Also, there was an additional
location in core.rb that needed the formatting / nil check added.  Specs
were also updated appropriately.
2014-05-14 15:51:42 +00:00
Samuel Huckins 162038bde4 Merge pull request #19 from rapid7/feature/login_scanner/smb
Specs all passing, functional steps working.
2014-05-13 14:37:13 -05:00
James Lee 2a13010bfb
Fix faulty spec 2014-05-13 14:15:00 -05:00
David Maloney f5751d6a85
first pass at attempt_login for DB2
first pass through at the attempt_login method
for the DB2 LoginScanner. still adding specs
and possibly refactoring
2014-05-13 14:10:30 -05:00
David Maloney 5dcf3efd1a
skeleton for DB2 loginscanner
add basic  skeleton and specs for the DB2
LoginScanner class.
2014-05-13 13:16:56 -05:00
Luke Imhoff 3370465d84
Use railties to load Metasploit::Credential correctly
MSP-9606

In order to support Metasploit::Credential correctly,
metasploit-framework needs to support Metasploit::Concern, which does
all its magic using a Rails::Engine initializer, so the easiest path is
to make metasploit-framework be able to use Rails::Engines.  To make
Rails::Engine use Rails::Engine, make a dummy Rails::Application
subclass so that all the initializers will be run when anything requires
msfenv.
2014-05-12 15:03:51 -05:00
Jeff Jarmoc 638ae477d9 Fix up spec. Rex::Proto::Http::ClientRequest handles & and = outside of Rex::Text::uri_encode, so mode doesn't affect them.
Fix erroneous typo char.
2014-05-12 12:10:30 -05:00
Jeff Jarmoc cba39a9a04 Adds spec for 'hex-all' mode 2014-05-12 12:01:06 -05:00
David Maloney 7f98d1630e
specs for VNC Loginscanner
cover remaining behaviour for the
VNC LoginScanner class.
2014-05-12 11:29:27 -05:00
Jeff Jarmoc 5f523e8a04 Rex::Text::uri_encode - make 'hex-all' really mean all.
'hex-all' encoding was previously ignoring slashes.
This pull adds 'hex-noslashes' mode which carries forward the previous functionality, and replaces all existing references to 'hex-all' with 'hex-noslashes'  It then adds a replacement 'hex-all' mode, which really encodes *ALL* characters.
2014-05-12 11:26:27 -05:00
David Maloney f84d763382
refactoring conditional logic
the class works but the conditional logic needs
refactoring to be smoothed out more.
2014-05-12 11:10:36 -05:00
James Lee 3831042dca
Add specs, validations for LoginScanner::SMB 2014-05-09 18:58:49 -05:00
David Maloney 4e76330643
Add skeleton for VNC lgoinscanner
Add skeleton and specs for the VNC Loginscanner

MSP-9686
2014-05-09 11:55:15 -05:00
David Maloney 8b937b7c35
Merge branch 'master' into staging/electro_release 2014-05-09 11:46:08 -05:00
Trevor Rosen c77412d373 Merge pull request #13 from rapid7/feature/login_scanner/mysql
Add LoginScanner for MySQL

MSP-9676 #land
2014-05-08 15:05:24 -05:00
Trevor Rosen 894ecaafb4 Merge pull request #12 from rapid7/feature/login_scanner/pg
Add Postgres LoginScanner class

MSP-9679 #land
2014-05-08 14:38:56 -05:00
David Maloney 42de1ab1f1
whitespace removal 2014-05-08 14:18:06 -05:00
David Maloney cfb13ed1bd
Merge branch 'staging/electro_release' into feature/login_scanner/mysql 2014-05-08 13:55:09 -05:00
James Lee 2d2b5ea9e4 Merge remote-tracking branch 'private/feature/login_scanner/mssql' into feature/login_scanner/smb 2014-05-08 13:45:06 -05:00
James Lee 13fe8c0869
Default Credential#paired to true 2014-05-08 13:34:31 -05:00
David Maloney 20edabb0f5
mySQL Loginscanner with specs to match
This season's colours for Loginscanner is MySQL
with Unit Test Coverage applied to match.
2014-05-08 13:16:12 -05:00
William Vu 102eb85277
Update CommandDispatcher::Db spec 2014-05-08 03:05:49 -05:00
David Maloney b72f0f8ffc
try to fix bad push/revert mess 2014-05-07 18:43:37 -05:00
David Maloney 9919d54116 Revert "final touches and specs"
This reverts commit e025fa1791.
2014-05-07 18:34:34 -05:00
David Maloney e025fa1791
final touches and specs
add finishing touches to postgres
Loginscanner and add specs to cover
the behaviour
2014-05-07 18:32:36 -05:00
David Maloney acbff23c32
final wrap-up specs
successkid.jpg
2014-05-07 16:07:18 -05:00
David Maloney ec974535ac
create base object for mssql scanner
created skeleton for MSSQL Loginscanner
included concerns.

also added an NTLM concern and shared example group
2014-05-07 14:43:15 -05:00
David Maloney 507fe566a4
Merge branch 'master' into staging/electro_release 2014-05-06 11:36:19 -05:00
Meatballs dc38212741
Fix function parsing 2014-05-05 20:53:36 +01:00
Meatballs e946046de5
Add methods spec 2014-05-05 19:08:18 +01:00
Meatballs 0b886db406
Script specs and remove unknown method 2014-05-05 19:01:36 +01:00
Meatballs 0177e51148
Finish obfu specs and use rig 2014-05-05 18:47:25 +01:00
Meatballs 6ab85027a4
More spec 2014-05-05 17:47:30 +01:00
Meatballs 162b6a8ab9
Add output spec 2014-05-05 14:48:18 +01:00
Meatballs 589d235a80
Simple param spec 2014-05-05 13:46:52 +01:00
David Maloney 5e6f57f711
fix up some more specs
some spec cleanup and added basic specs
to the HTTP LoginScanner
2014-05-01 12:10:51 -05:00
David Maloney 0dd22395eb
use credential objects inside results
altered results to just hold a credential
object instead of duplicating attributes
2014-04-30 17:17:57 -05:00
David Maloney 4995fcdced Shared Examples for RexSocket mixin
shared example group for the Loginscanner RexSocket
mixin. Pretty simple stuff, just trying to keep it
DRY.
2014-04-30 15:47:52 -05:00
David Maloney 1cd3f3f0da
finished first shared example group
base behaviour is now defined in shared
example group and the specs all use that
shared example group
2014-04-30 14:40:37 -05:00
David Maloney a4cc311106
test base behaviour in shared examples
start moving specs to a shared example group
for all behaviour defined by the LoginScanner
Base
2014-04-30 14:35:29 -05:00
David Maloney a08421b30f
apply reasonable defaults
give each lgoinscanner the ability to select
reasonable defaults for certain attributes
2014-04-30 13:56:29 -05:00
David Maloney e5276d111d
Merge branch 'staging/electro_release' into feature/login_scanner/snmp
Conflicts:
	lib/metasploit/framework/login_scanner/result.rb
2014-04-30 10:21:35 -05:00
Lance Sanchez ddee401e27
Merge branch 'feature/MSP-9684/sshkey_loginscanner' into staging/electro_release
MSP-9684 #land
2014-04-29 15:21:56 -05:00
David Maloney e8ea6a86b5
add specs for snmp
add specs for the snmp loginscanner
and modify the specs to Result class
to account for the access_level attribute
2014-04-29 14:49:35 -05:00
Meatballs b860cecad6
Function spec (doesnt pass) 2014-04-28 14:09:39 +01:00
David Maloney c02fb21c3b
Finalized specs for sshkey
shkey loginscanner now compelte along
with specs
2014-04-25 15:20:33 -05:00
William Vu 9964548b41
Amend spec for db_import help 2014-04-25 14:28:29 -05:00
David Maloney e2d6a57db1
fix spec filename
had an extra underscore
2014-04-25 14:27:10 -05:00
David Maloney 0fcfb9d655
add proxies to ssh scanner
allow the SSH LoginScanner
to accept a proxy directive
2014-04-25 14:22:21 -05:00
David Maloney 35a039848c
add sshkey loginscanner
added the loginscanner class for SSHKey and
the base specs
2014-04-25 14:21:08 -05:00
Meatballs 3ae8c3ff46
Basic specs 2014-04-25 18:14:39 +01:00
Meatballs 8031e50d35
Make Exploitation::Powershell testable
Example test
2014-04-26 13:27:25 +01:00
Meatballs 318ae46085
Remove puts 2014-04-26 12:59:19 +01:00
Meatballs 3f5cc13bf8
Better eof test 2014-04-25 17:15:12 +01:00
David Maloney 2346d583ed
touchups and specsfor FTP Scanner
add some final touchups and specs to the FTP
Loginscanner object. now fully working.
2014-04-25 11:02:15 -05:00
David Maloney 838a444b23
first pass of FTP LoginScanner
made the first pass at the ftp
LoginScanner, with base specs.
Need to still tierate, add more new
specs and clean it up
2014-04-25 10:14:48 -05:00
Meatballs d85e4b1313
Error if encode_inner and encode_final 2014-04-25 15:47:36 +01:00
Meatballs ae574bec2b
Correct spec 2014-04-25 15:42:48 +01:00
Meatballs 5b9ec72395
Remove read_script spec 2014-04-25 15:40:52 +01:00
Meatballs 206184007f
Move methods and rename file so it is run by rspec 2014-04-25 15:16:15 +01:00
David Maloney 3a66723741
nake scan! more generic
scan! can now be reused for each scanner and
only attempt_login is specific for each thing.
2014-04-24 09:43:39 -05:00
Meatballs 72a2849bf1
Better specs
90.6% line coverage in Exploit::Powershell
77.32% in Rex::Exploitation::Powershell and haven't even started
writing those specs...
2014-04-23 08:07:42 +01:00
Meatballs 58c3bf0e59
Further speccage 2014-04-23 06:08:39 +01:00
Meatballs c4cfa42e5b
More specs 2014-04-23 02:37:19 +01:00
David Maloney 36dd10e1c2
add the renamed spec
renamed spec for credential class
forgot to add it
2014-04-22 11:05:58 -05:00
David Maloney 526bb4989a
more explicit requires
LoginScanner module brings in all the deps
while the individual classes require
the module then to get their deps.
2014-04-22 10:28:01 -05:00
David Maloney 645eef51b7
Rename CredDetail to Credential
it was felt this was better naming
for the class. Refactored all occurence
2014-04-22 10:25:36 -05:00
David Maloney f079d3f3a9
move requires into module
move all the requires into the LoginScanner
module area to clean up requires
2014-04-21 19:14:50 -05:00
David Maloney 9c6528f13f
use the CredDetail class
now that we have the new CredDetail
class, use it instead of hashes
2014-04-21 18:58:23 -05:00