darkbushido
1fcd20b7ef
adding a spec to show creating a core and login
2017-01-30 12:11:31 -06:00
darkbushido
c20cdc2943
cleaning up some of the specs
2017-01-30 10:43:28 -06:00
Brent Cook
4480ea7877
Land #7827 , Cisco Firepower Management Console LoginScanner
2017-01-27 16:26:40 -06:00
wchen-r7
781bc8420a
Add Advantech WebAccess LoginScanner module
2017-01-26 13:54:50 -06:00
bwatters
253e39e18c
Land #7680 , Fix #7679 , LoginScanner should abort if there is no creds to try
2017-01-23 14:08:32 -06:00
wchen-r7
d9ead4484e
Mock :password
2017-01-23 13:42:30 -06:00
Jeffrey Martin
7cf812ed99
add rspec test for inspect on all TLV_TYPE objects
2017-01-23 09:19:53 -06:00
Brent Cook
ac2ceca5e3
Land #7804 , Switch the creds command to use named options
2017-01-22 10:49:19 -06:00
Brent Cook
99047fa8a1
be stricter in what we accept for payload uri
...
datastore needs to contain something to produce a valid URI
2017-01-22 10:20:04 -06:00
Brent Cook
66e9f1d334
fix doc normalizer spec
2017-01-22 10:20:04 -06:00
Brent Cook
f69b4a330e
handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations
2017-01-22 10:20:03 -06:00
wchen-r7
d7f43a2c66
Fix base_spec
2017-01-17 15:58:30 -06:00
wchen-r7
ecf246b380
Fix more prepended_creds issues
2017-01-17 15:41:24 -06:00
wchen-r7
9efa84298c
Mock more methods for base_spec
2017-01-17 15:17:15 -06:00
wchen-r7
d79f4fbda2
Update cisco_firepower_spec
2017-01-17 13:33:56 -06:00
William Vu
77c78fa5f4
Move Rex::Text::Table workspace output to -v
2017-01-15 23:15:14 -06:00
William Vu
360ad26d9c
Fix spec because I suck
2017-01-15 04:00:33 -06:00
wchen-r7
a687073416
Add Cisco Firepower Management Console LoginScanner
2017-01-13 16:59:20 -06:00
David Maloney
9b9d3127a8
cleanup leaked constants
...
use constant cleaner
7824
2017-01-12 15:49:24 -06:00
wchen-r7
08d529b818
Fix login_scanner_base rspec
2017-01-11 14:53:04 -06:00
wchen-r7
90c42b4740
Update rspec
2017-01-11 14:23:28 -06:00
wchen-r7
2377f17663
Fix typos
2017-01-11 14:05:22 -06:00
wchen-r7
9136e008bb
Update rspec
2017-01-11 12:00:43 -06:00
wchen-r7
c97dba39f2
creds should mock these methods too
2017-01-11 11:48:52 -06:00
David Maloney
4029dbd5ca
try not to forget fixing the spec...
2017-01-10 14:33:18 -06:00
darkbushido
6bd2e03f37
dding realm tests showed a bug. its now squashed.
2017-01-09 13:04:34 -06:00
darkbushido
fe3885f88a
changing expect do end back to expect {}
2017-01-09 13:04:34 -06:00
darkbushido
30fe429ada
fixing more whitespace issues
...
converting double quotes to single
2017-01-09 13:04:34 -06:00
darkbushido
0c3760a843
adding more tests
...
rubocoping the file
2017-01-09 13:04:34 -06:00
darkbushido
3674b25885
fixing the tests, more need to be added
2017-01-09 13:04:34 -06:00
darkbushido
18c7fc5a85
moving the cred tests out of the db tests
2017-01-09 13:04:34 -06:00
dmohanty-r7
5cba9b0034
Land #7747 , Add LoginScanner module for BAVision IP cameras
2017-01-06 16:25:44 -06:00
David Maloney
2108913e77
target_host method had a name collision
...
this method appears to have been accidentaly overriding another
method causing sessions to never finish being established
2017-01-06 12:44:37 -06:00
David Maloney
9dc4ee57b6
minor fixes to linux example module
...
fixed a copy paste error in the linux_autotarget
test exploit and added actual linux targets to it
2017-01-03 14:38:52 -06:00
David Maloney
5fd531028c
ome minor guards and spec fixes
...
some minor conditional guards and spec fixes
2017-01-03 14:38:51 -06:00
David Maloney
a61b92aa3e
tweak target selection
...
the target selection actually adjust the datastore
as if a user selected the target, this prevents
a mismatch between the target and the target index
MS-2325
2017-01-03 14:38:51 -06:00
David Maloney
3d2957dff1
tying it all together
...
insert our autotarget routine into
the main target selection process
MS-2325
2017-01-03 14:38:50 -06:00
David Maloney
44830dfc54
prefer authour's target over ours
...
if the module authour added an automatic target
we skip our routine, to let the module's own automatic targeting
take over as it likely be better
MS-2325
2017-01-03 14:38:50 -06:00
David Maloney
1afc57da40
determine most precise filter
...
drop back to our most precise level of filtering
MS-2325
2017-01-03 14:38:50 -06:00
David Maloney
201b65e43d
remaining os filtering
...
now can filter by os name and service pack
need to do final logic to turn that into an actual
target selection
MS-2325
2017-01-03 14:38:50 -06:00
David Maloney
05ac2ee6ed
convert first stage to os_family
...
added the new os-family column to Host
so now we use that as our first stage filter
for targets
MS-2325
2017-01-03 14:38:49 -06:00
David Maloney
95d5c7a778
filtering by os_name
...
targets now filtered by OS name, but a little
more processing may be needed on this part because
it looks like what you'd expect in os_flavor gets jammed
into name instead
MS-2325
2017-01-03 14:38:49 -06:00
David Maloney
f107408389
target_host specs
...
add specs for finding the 'target host' ie.
the mdm::Host object related to the RHOST value
to see what we know about our target
MS-2325
2017-01-03 14:38:49 -06:00
David Maloney
4060e63b89
add tests for auto target addition
...
tests to make sure we add auto targets only
in the appropriate conditions
MS-2325
2017-01-03 14:38:49 -06:00
David Maloney
84d5e42e4f
start gearing up for testing
...
start getting auto-targeting test framework in place
so we can have unit tests for this behaviour
MS-2325
2017-01-03 14:38:45 -06:00
wchen-r7
144f886e8b
Add LoginScanner module for BAVision IP cameras
2016-12-23 16:22:17 -06:00
Brent Cook
9e75866188
Land #7738 , Add sort by column to services and hosts commands
2016-12-22 01:10:45 -06:00
William Vu
a8f36c2a2c
Update spec
2016-12-20 23:32:28 -06:00
Brent Cook
fa016de78a
Land #7634 , Implement universal HTTP/S handlers for Meterpreter payloads
2016-12-13 18:13:22 -06:00
William Vu
4ad42784d3
Update spec
2016-12-12 14:24:24 -06:00
Adam Cammack
ccba73b324
Add stageless mettle for Linux/zarch
2016-12-09 18:30:52 -06:00
Adam Cammack
24cf756f5b
Add stageless mettle for Linux/x86
2016-12-09 18:29:34 -06:00
Adam Cammack
62a9a31222
Add stageless mettle for Linux/x64
2016-12-09 18:28:29 -06:00
Adam Cammack
7d36d41b20
Add stageless mettle for Linux/ppc64le
2016-12-09 18:27:22 -06:00
Adam Cammack
ee7d5fc0c9
Add stageless mettle for Linux/ppc
2016-12-09 18:25:57 -06:00
Adam Cammack
4570a7198c
Add stageless mettle for Linux/mipsle
2016-12-09 18:24:12 -06:00
Adam Cammack
25b069f6b4
Add stageless mettle for Linux/mipsbe
2016-12-09 18:23:03 -06:00
Adam Cammack
7aec68c1fe
Add stageless mettle for Linux/mips64
2016-12-09 18:21:52 -06:00
Adam Cammack
7a654ca76c
Add stageless mettle for Linux/armle
2016-12-09 18:19:58 -06:00
Adam Cammack
b74482aa6e
Add stageless mettle for Linux/armbe
2016-12-09 18:18:22 -06:00
Adam Cammack
12b296ab1a
Add stageless mettle for Linux/aarch64
2016-12-09 18:05:34 -06:00
wchen-r7
dd2fb2dbbe
Update rspec
2016-12-09 10:33:34 -06:00
wchen-r7
d8d4479d55
Update rspecs
2016-12-08 16:39:45 -06:00
wchen-r7
ef4dd80e2b
Update rspecs
2016-12-08 16:34:19 -06:00
Jon Hart
4614b7023d
Land #7604 , @godinezj's post module for creating AWS IAM accounts
2016-12-08 14:26:22 -08:00
wchen-r7
ce5c1f07c3
Fix rspecs
2016-12-08 16:11:06 -06:00
Javier Godinez
33add4c11f
Updated spec to match latest changes
2016-12-07 11:32:08 -08:00
OJ
2839b198ba
Update payload spec to include multi payloads
2016-12-06 11:22:12 +10:00
OJ
ffee0ff1b6
Fix payload cache size issue, fix shell/bind payloads
2016-12-06 11:12:02 +10:00
David Maloney
d85f9880ff
fix command dispatcher specs
2016-12-05 11:16:15 -06:00
Javier Godinez
53a66585cf
Removed dubious unit test
2016-11-28 10:07:18 -08:00
Javier Godinez
83e0a21a52
Added unit tests
2016-11-24 21:04:17 -08:00
Brent Cook
f313389be4
Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch
2016-11-20 19:08:56 -06:00
Tod Beardsley
1deacad2be
Add a print_bad alias for print_error
...
Came up on Twitter, where Justin may have been trolling a little:
https://twitter.com/jstnkndy/status/798671298302017536
We have a `print_good` method, but not a `print_bad`, which seems a
little weird for Ruby -- opposite methods should be intuitive as Justin
is implying.
Anyway, I went with alias_method, thanks to the compelling argument at
https://github.com/bbatsov/ruby-style-guide#alias-method
...since Metasploit is all about the singleton, and didn't want to risk
some unexpected scoping thing.
Also dang, we define the `print_` methods like fifty billion times!
Really should fix that some day.
2016-11-15 19:20:42 -06:00
OJ
d751c43f52
FINALLY fix the last of the tests
...
Sorry for the stupidity.
2016-11-05 06:20:43 +10:00
OJ
3bc6808278
Really fix the session test this time
2016-11-05 06:07:44 +10:00
OJ
5f5684841b
Fix the DB/Session test
2016-11-05 05:59:31 +10:00
OJ
abe46024de
Fix tests after arch refactor
2016-11-05 05:15:57 +10:00
OJ
e4edbb16fe
Fix encoded_payload_spec
2016-10-29 15:29:23 +10:00
Jon Hart
12508f7140
Fix DRDoS mixin to handle empty responses
2016-10-24 14:21:28 -07:00
David Maloney
6b77f509ba
fixes bad file refs for cmdstagers
...
when moving to the rex-exploitation gem some of the
file references were missed, partially due to silly differences
between how each file was referenced
Fixes #7466
2016-10-21 12:31:18 -05:00
David Maloney
7894d5b2c1
Revert "Revert "use the new rex-exploitation gem""
...
This reverts commit f3166070ba
.
2016-10-11 17:40:43 -05:00
Brent Cook
fabb296b15
update cache and add payload test
2016-09-29 21:19:55 -05:00
Tod Beardsley
de9434870c
Land #7375 , mock some rex tests for DNS lookups
...
Fixes #6467 , as far as @lsato-r7 and I can tell.
2016-09-29 16:37:38 -05:00
William Vu
075401d702
Update dynamic_size for andterp spec
2016-09-28 16:58:34 -05:00
Louis Sato
ca683576d0
Mock rex-socket getaddress call for loginscanner
...
Since we're using the rex-socket gem, we don't need to
test the getaddress call for each one of the login scanner specs
2016-09-28 11:32:06 -05:00
Tim
de1e0aae99
add missing payload tests
2016-09-27 11:05:19 +08:00
Brent Cook
1b31e0a63e
remove osvdb links
2016-09-20 14:27:59 -05:00
David Maloney
7e10b5c482
use new rex-encoder gem
...
remove all the encoidng lbiraries and use the new gem
rex-encoder that contains them now.
MS-1708
2016-09-14 12:07:26 -05:00
wchen-r7
245237d650
Land #7288 , Add LoginScannerfor Octopus Deploy server
2016-09-13 17:26:56 -05:00
Pearce Barry
4495b27e67
Land #7254 , Rex::SSLScan Gemification
2016-09-08 13:20:56 -05:00
David Maloney
7857c58655
remove all the left voer cruft
...
remove all the files that got xfered out to the gems
MS-1715
2016-09-07 11:38:28 -05:00
james-otten
dcf0d74428
Adding module to scan for Octopus Deploy server
...
This module tries to log into one or more Octopus Deploy servers.
More information about Octopus Deploy:
https://octopus.com
2016-09-06 20:52:49 -05:00
Pearce Barry
9d5a276e91
Fix recent metasploit-framework.gemspec conflict.
2016-09-06 13:10:28 -05:00
dmohanty-r7
e36cfa54b1
Use rex-mime gem
...
MS-1710
2016-09-01 11:38:07 -05:00
David Maloney
029a28c95b
use the new rex-sslscan gem
...
remove old integerated code and replace it
with the gem. done.
MS-1693
2016-08-30 10:43:47 -05:00
David Maloney
b1009ab8dc
remove all the left voer cruft
...
remove all the files that got xfered out to the gems
MS-1715
2016-08-26 14:31:27 -05:00
David Maloney
d2a6c2e9ca
move rex bintools into new gem
...
move all the *scan *parsey code out into
the new rex-bin_tools gem
MS-1691
2016-08-15 14:01:43 -05:00
darkbushido
5a1cd24350
finishing converting the last of this to credentials
2016-07-29 09:58:17 -05:00
darkbushido
0972005b24
updating 'ppp.*username secret'
2016-07-29 09:58:17 -05:00