Commit Graph

625 Commits (a74a7dde558368c49715c72101349de1be846b7a)

Author SHA1 Message Date
sinn3r 8a8d6fb5ab Some more changes 2015-03-25 02:00:23 -05:00
sinn3r 855cadc6b1 Rescue more exceptions
The attempt_login method is rescuing these exceptions, so maybe
I should do the same.
2015-03-25 01:48:37 -05:00
sinn3r 8f95624bf7 Add #send_request to Metasploit::Framework::LoginScanner::HTTP 2015-03-25 01:40:02 -05:00
sinn3r bef67d773c Don't break untested_payloads.rb 2015-03-24 00:54:11 -05:00
jvazquez-r7 1226b3656f
Land #4945, @wchen-r7's login scanner for Symantec web gateway 2015-03-20 14:44:05 -05:00
jvazquez-r7 62871255b0
Match class and file names 2015-03-20 14:25:20 -05:00
jvazquez-r7 179177d5c0
Fix typo 2015-03-20 13:27:41 -05:00
Matt Buck f29a3f69e9 Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	metasploit-framework-db.gemspec
2015-03-17 15:47:48 -05:00
sinn3r 608bf55b79 Update 2015-03-17 11:54:38 -05:00
sinn3r 27b6fbb648 I don't need :ssl and :ssl_version 2015-03-17 11:31:38 -05:00
Meatballs 69453c1955
Missing ? 2015-03-17 12:00:58 +00:00
Meatballs fcc21ff928
Stylish like @limhoff-r7 2015-03-17 11:44:02 +00:00
Meatballs d18224e3cb
Correct capitilzation of GitLab 2015-03-17 11:32:14 +00:00
Meatballs 25840c41cf
Rubocop 2015-03-17 11:21:05 +00:00
Meatballs f4a1e981ab
Add gitlab login scanner 2015-03-17 11:19:23 +00:00
sinn3r ff58f7d270 Add Symantec Web Gateway Login Module 2015-03-17 02:51:57 -05:00
root 591716e557 brocade enable command bruteforcer 2015-03-06 09:41:14 -05:00
David Maloney 75c075e32b
properly anchor regexes
duh
2015-03-03 19:15:29 -06:00
David Maloney 64490c746a
CredCollection now knows about postgres_md5
the cred collection can now identify a postgres_md5 hash string
and set the type on the Metasploit::Framework::Credential object
appropriately

MSP-12244
2015-03-03 16:43:52 -06:00
David Maloney c836078292
allow credentials to have a type of postgres_md5
add postgres_md5 to the type validation on
Metasploit::Framework::Credential to account
for the new Private type

MSP-12244
2015-03-03 16:35:30 -06:00
David Maloney aa4038d539
allow the postgres librry to take an md5 hash
allow the raw md5 password hash to be passed in instead of
a password for md5 authentication in postgres. Adds an extra exception
class for when an md5 hash is given but the server expects
a different form of authentication.

MSP-12244
2015-03-03 13:16:46 -06:00
William Vu 8c5ff858d0
Land #4812, hp_sys_mgmt_login configurable URIs 2015-02-23 19:04:14 -06:00
HD Moore 97ccf7e23f Fixes SSL support for http_login (variable shadowing) 2015-02-23 14:00:29 -06:00
sinn3r c39d6e152e
Land #4819, Normalize HTTP LoginScanner modules 2015-02-23 11:43:42 -06:00
HD Moore c60e2584bf Comment typo 2015-02-22 02:51:18 -06:00
HD Moore 888c718f40 Fix two typos 2015-02-22 02:45:50 -06:00
HD Moore 8e8a366889 Pass Http::Client parameters into LoginScanner::Http (see #4803) 2015-02-22 02:26:15 -06:00
sinn3r bf2be7964b Fix #4592, print_* methods used in LoginScanner modules
Fix #4592
2015-02-20 22:46:21 -06:00
sinn3r 40c237f507 Fix #3982, allow URIs to be user configurable
Fix #3982
2015-02-20 21:54:03 -06:00
Matt Buck e397ecec9d Merge branch 'upstream-master' into staging/rails-4.0 2015-02-18 15:05:39 -06:00
David Maloney ffa6550aec
Land #4787, HD's new Zabbix and Chef LoginScanners
Lands the new LoginScanners HD wrote for Zabbix
and the Chef WebUI
2015-02-18 14:51:16 -06:00
David Maloney 804db0ff0c
add leixcal sorting to methods
lexical sort the new methods except for
msf module entrypoint methods which should always be at
the top
2015-02-18 14:50:33 -06:00
HD Moore 2847507f03 Add a chef brute force module 2015-02-17 23:49:57 -06:00
HD Moore 27d5ab45b4 Add a zabbix brute force module 2015-02-17 22:56:08 -06:00
HD Moore 85fd139ab0 Add missing context and a normalize_uri helper method 2015-02-17 22:55:53 -06:00
HD Moore 16932372db Calls to Rex::Proto::Http::Client.new were passing in empty context 2015-02-17 20:44:37 -06:00
Meatballs 5fba54db99 Add addtional timing options 2015-02-16 19:07:55 +00:00
Matt Buck d4d1dc09f3
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile.lock
	db/schema.rb
	metasploit-framework-db.gemspec
	metasploit-framework.gemspec
2015-02-13 16:13:18 -06:00
HD Moore 8d982e3286 Pass the framework/module down into LoginScanner 2015-02-07 11:50:30 -06:00
HD Moore 985641dbc4 Add missing Context, fixes #4723 2015-02-07 11:27:57 -06:00
Christian Catalan 7d1090baca Convert #find(:all) to #where or #all 2015-02-01 00:31:58 -06:00
William Vu 8f54e4d611
Implement "-" for msfconsole -r from stdin
More predictable than /dev/stdin, which is usually a symlink to
/proc/self/fd/0 or /dev/fd/0, but the feature is not guaranteed to be
present.

This isn't *terribly* useful, but it can be. -x is recommended, but it
doesn't allow for ERB directives. This is mostly for hax.
2015-01-29 19:26:56 -06:00
Jon Hart 69f03f5c5d
Move ACPP default port into Rex 2015-01-12 19:43:57 -08:00
Jon Hart e9557ffe58 Simplify module in prep for some authbrute cleanups 2015-01-12 13:08:12 -08:00
Jon Hart 97f5cbdf08 Add initial Airport ACPP login scanner 2015-01-12 13:08:12 -08:00
Matt Buck b4eef14ac6
Update metasploit gems 2015-01-08 15:33:23 -06:00
Matt Buck 2cd5be021b
Merge branch 'master' into staging/rails-4.0
Conflicts:
	Gemfile
	Gemfile.lock
	db/schema.rb
	metasploit-framework-db.gemspec
	metasploit-framework.gemspec
2015-01-08 13:12:27 -06:00
Meatballs bdbb26ba31
Land #4540, resolves #4532, honour DB_ALL_* options 2015-01-07 21:12:23 +00:00
David Maloney 5d68d48ca5
Land #4385, fixes bruteforce_speed validator
bruteforce_speed validator now accepts nil
2015-01-07 12:09:25 -06:00
David Maloney 702511dbc5
respect DB_ALL_USERS & DB_ALL_PASS
fix last few things in authbrute
and make the CredentialCollections understand the
additional seperate components

MSP-11986
2015-01-07 11:41:41 -06:00
David Maloney 7ff2ba0725
first pass on fixing DB_ALL authbrute stuff
DB_ALL_CREDS worked but DB_ALL_USER and DB_ALL_PASS
did not. working on fixing that.
This commit also does some nice DRY work in the auth_brute mixin

MSP-11986
2015-01-07 11:30:39 -06:00
Tod Beardsley 6ded5a7eb4
Avoid spinner on Windows
Fixes #4147, probably.
2014-12-30 10:17:56 -06:00
Fernando Arias 337b2d784f
Land #4416, define rails version dep in one place
* Bump rails to 3.2.21
2014-12-19 15:17:54 -06:00
Matt Buck db0aeb2a05
Make the version constraint a range 2014-12-19 13:54:13 -06:00
Matt Buck c493ccfc06
Define the Rails version constraint in a library constant 2014-12-19 11:46:39 -06:00
Trevor Rosen 80cd04d76a
Land #4332, test optimization for Cucumber
* Make Cuke run faster on TravisCI
2014-12-18 09:34:55 -06:00
Samuel Huckins 4c994d84e0
Updating version to 4.11 for Flood release 2014-12-15 14:42:09 -06:00
Tod Beardsley ac004d2770
Fix bruteforce validators to accept nil
bruteforce_speed isn't always required, because the speed checker
already handles nil (and presumes the user wants the fastest possible).

See also MSP-11842
2014-12-12 13:57:37 -06:00
Tod Beardsley 4eaf64afef
Don't lie about stop_on_success
This absolutely needs to be honored too, though.

See #4365.
2014-12-11 12:37:13 -06:00
Tod Beardsley edf541fabe
Fix some double spacing 2014-12-11 09:39:15 -06:00
Tod Beardsley 09617f990b Implement BRUTEFORCE_SPEED respect (telnet)
This implements just for telnet, but assuming this strategy is kosher,
it's not too painful to add for the rest of the LoginScanner using the
old defaults used by `AuthBrute`.

See #3904, @dmaloney-r7 or @jlee-r7
2014-12-09 15:40:43 -06:00
Luke Imhoff 8c0610cb7a
Merge branch 'master' into feature/MSP-11671/test-optimization
MSP-11671

Conflicts:
	.travis.yml
2014-12-08 08:46:22 -06:00
sinn3r 9cc04e59eb Fix #4304 - Blank password is tried when it shouldn't happen
Fix #4304
2014-12-04 12:59:51 -06:00
Luke Imhoff f696a5ab0e
msfconsole --defer-module-loads
MSP-11671

Add command line option --defer-module-loads to msfconsole.  It will
stop `Msf::Ui::Console::Driver` from calling
`framework.modules.init_module_paths` AND
`framework.modules.refresh_cache_from_database`.  This flag is only
meant to speed up msfconsole boot when modules do not need to accessed,
such as during cucumber testing of command help or command line options.
2014-12-02 14:41:32 -06:00
Luke Imhoff 33b42389f0
Merge branch 'feature/MSP-11147/thread-leak-detection' into feature/MSP-11605/lazy-thread-creation
MSP-11605
2014-11-17 09:35:47 -06:00
Luke Imhoff e3869ee1ae
Include Thread status when printing leaked threads
MSP-11147

Sometime travis-ci is showing leaked threads even when
'Msf::Framework#threads cleaner' is being used, so I'm adding the
`Thread#status` to the data printed about the Thread to see if the
sometimes leaked threads have an odd status.  There's still a chance
that there will be a race-condition between when I call Thread.list and
I ask for each Thread's status that the VM could finish aborting a
Thread so that status I print isn't the same as the one that caused the
Thread to be returned in Thread.list.
2014-11-17 09:30:46 -06:00
Luke Imhoff ba836f2383
Only calculate thread UUIDs if they are needed
MSP-11147

Only calculate thread UUIDs if the thread count exceeds
EXPECTED_THREAD_COUNT_AROUND_SUITE.
2014-11-17 09:17:44 -06:00
Luke Imhoff ceb7a63a5c
Merge branch 'master' into feature/MSP-11147/thread-leak-detection
MSP-11147
2014-11-14 18:20:55 -06:00
Trevor Rosen 3b558624f3
Merge branch 'landing/4129' into upstream-master
Landing #4129

* Detect leaked constants in spec runs
2014-11-14 12:55:56 -06:00
Luke Imhoff 14fa1dba0b
Merge branch 'master' into feature/MSP-11605/lazy-thread-creation
MSP-11605
2014-11-14 11:58:16 -06:00
Luke Imhoff d9a25005a6
Wrap Msf::Framework#threads in Metasploit::Framework::ThreadFactoryProvider
MSP-11605

`Rex::ThreadFactory.provider` needs to be set in
`Msf::Framework#initialize`, but setting it directly to
`Msf::Framework#threads` eliminates the laziness of
`Msf::Framework#threads`.  In order keep `framework.threads` lazy,
`framework` is wrapped in a
`Metasploit::Framework::ThreadFactoryProvider`, which responds to
`spawn`, which is needed by `Rex::ThreadFactory`, by calling
`framework.threads.spawn`, which lazily initialized `framework.threads`
when the first thread needs to be spawned.
2014-11-13 14:08:26 -06:00
Luke Imhoff b17b263cc7
Ignore debugger threads
MSP-11147

When using the debugger, it adds a thread that should be allowed and not
go towards the count.
2014-11-13 09:49:08 -06:00
Luke Imhoff 535f69b56d
Append to RUBYOPT for debugger compatibility
MSP-11147

When using Rubymine's debugger, the tests would run and say there were
no tests and no break points would be hit.  It was determined that this
was due the Rubymine's debugger injecting itself into RUBYOPTS and only
working if it's first in RUBYOPT, which means that
'metasploit:framework:spec:threads:suite' must inject '-Ilib
-rmetasploit/framework/spec/threads/logger' at the end of RUBOPT instead
of the beginning.
2014-11-13 09:19:07 -06:00
Luke Imhoff 69043d51e0
Merge branch 'master' into feature/MSP-11147/thread-leak-detection
MSP-11147
2014-11-12 12:34:25 -06:00
HD Moore 6b4eb9a8e2 Differentiate failed binds from connects, closes #4169
This change adds two new Rex exceptions and changes the local comm to raise the right one depending on the circumstances. The problem with the existing model is
that failed binds and failed connections both raised the same exception. This change is backwards compatible with modules that rescue Rex::AddressInUse in additi
on to Rex::ConnectionError. There were two corner cases that rescued Rex::AddressInUse specifically:

1. The 'r'-services mixin and modules caught the old exception when handling bind errors. These have been updated to use BindFailed
2. The meterpreter client had a catch for the old exception when the socket reports a bad destination (usually a network connection dropped). This has been updat
ed to use InvalidDestination as that was the intention prior to this change.

Since AddressInUse was part of ConnectionError, modules and mixins which caught both in the same rescue have been updated to just catch ConnectionError.
2014-11-11 14:59:41 -06:00
Luke Imhoff 8416985c9d
Give Threads UUIDs for spec run so caller can be correlated
Have 'metasploit/framework/spec/threads/suite/logger' generate a UUID
for each Thread.  This UUID is printed on the "BEGIN Thread.new caller"
line and is assigned as a thread-local variable,
'metasploit/framework/spec/threads/logger/uuid'.  In `after(:suite)`,
the log can be parsed to map the caller back to each UUID and then only
the UUID of the still existing threads is used to look up the caller and
print their stacktraces.  This means only leaked threads callers will be
printed.
2014-11-06 14:05:35 -06:00
Luke Imhoff 8f635a1d76
Remove empty define_task
MSP-11147
2014-11-06 09:11:31 -06:00
Luke Imhoff 8855e0731c
Fix multiline string indentation
MSP-11147
2014-11-06 09:11:12 -06:00
Luke Imhoff 8d06189a19
Tell use to run with `rake spec` to see Thread.new caller
MSP-11147

If the log isn't available, tell the user to rerun with `rake spec`
instead of printing nothing after the `:\n`, which looks incomplete.
2014-11-06 09:10:04 -06:00
Luke Imhoff c1f1222783
Check that threads/suite.log exists before reading
MSP-11147

Even with leaked threads, there may be no log if the suite is run
without `rake spec`, such as when `rspec` is used directly to run a
subset of specs.
2014-11-06 09:07:11 -06:00
Luke Imhoff d66c98b34d
Remove prior log/metasploit/framework/spec/threads/suite.log
MSP-11147
2014-11-05 15:51:43 -06:00
Luke Imhoff d4d710cc3a
Merge branch 'feature/MSP-11130/metasploit-framework-spec-constants' into feature/MSP-11147/thread-leak-detection
MSP-11147

Merge to get framework instance cleanup, which should clean up a lot of
thread leaks too.

Conflicts:
	Rakefile
	lib/metasploit/framework/spec.rb
	spec/spec_helper.rb
2014-11-05 15:47:59 -06:00
Luke Imhoff 097aa330e1
Log caller for each Thread.new for `rake spec`
MSP-11147
2014-11-05 15:34:35 -06:00
Luke Imhoff 96990fdc02
Fail before suite if more than 1 thread exists
MSP-11147

Detect thread leaks in a `before(:suite)` configured by
`Metasploit::Framework::Spec::Threads::Suite.configure!` and fail if any
leaks are found.
2014-11-05 14:38:43 -06:00
Luke Imhoff 3093ba8394
Explicitly require 'metasploit/credential' and 'metasploit_data_models'
By putting the db group into the metasploit-framework-db.gemspec,
bundler no longer automatically required 'metasploit/credential' and
'metasploit_data_models' because gems, such as metasploit-framework-db,
are expected to explictly require their dependencies.
2014-11-05 09:25:50 -06:00
Luke Imhoff 9f573e2d8d
Revert "Add .log extension to metasploit/framework/spec/constants/suite log"
MSP-11130

This reverts commit 4f986c4a48.

Extension wasn't there because it was a directory name and a log file
name.
2014-11-04 14:03:54 -06:00
Luke Imhoff dee02fc85b
Automatically clear previous log/metasploit/framework/spec/constants/each.log
MSP-11130

Have a task, 'metasploit:framework:spec:constants:each:clean' run before
`rake spec` that removes the previous
`log/metasploit/framework/spec/constants/each.log` so that the user doesn't
have to manually remove the load when removing
`Metasploit::Framework::Spec::Constants::Each.configure!` from
`spec/spec_helper.rb`.
2014-11-04 13:58:13 -06:00
Luke Imhoff 313d86982c
Log Spec::Constants::Each error instead of flag.
MSP-11130

Instead of writing `1` to the file and then printing a verbose message
in the spec task action, log the verbose message and just print the log
in the spec task action, so other tools can just look at the log when
not using `rake spec`.

NOTE: Failing specs due to unnecessary
`Metasploit::Framework::Spec::Constants::Each.configure!`
2014-11-04 13:36:52 -06:00
Luke Imhoff 1d09fa677e
log/remove-cleaner -> log/metasploit/framework/spec/constants/each.log
MSP-11130

Rename log file to match naming scheme for
Metasploit::Framework::Spec::Constants::Suite.
2014-11-04 13:21:47 -06:00
Luke Imhoff 4f986c4a48
Add .log extension to metasploit/framework/spec/constants/suite log
MSP-11130
2014-11-04 13:20:10 -06:00
Luke Imhoff 7cb0954a6e
Add manual removal of `log/remove-cleaner` to Each removal
MSP-11130

When removing `Metasploit::Framework::Spec::Constants::Each.configure`
from spec/spec_helper.rb,
`Metasploit::Framework::Spec::Constants::Each.define_task` will see the
`log/remove-cleaner` from the last run unless it is manually removed.
2014-11-04 10:10:28 -06:00
Luke Imhoff b0f1b2a1f7
Merge branch 'master' into feature/MSP-11130/metasploit-framework-spec-constants
MSP-11130

Conflicts:
	Rakefile
2014-11-04 10:10:12 -06:00
Luke Imhoff 325c01e45d
Log constants leaked before and after suite
MSP-11130

Some constants can be leaked before suite if module are loaded during
spec loading, such as if a framework instance in made in the context
body of a spec instead of in a before callback.
2014-10-30 14:04:07 -05:00
Luke Imhoff ae0a98785f
Print when Metasploit::Framework::Spec::Constants::Each before(:each) cleans
MSP-11130

Print to stderr the full description of the example when
`Metasploit::Framework::Spec::Constants.configure!`'s `before(:each)`
cleans constants as it may clean constants that are leaked from the
class level at parse time.
2014-10-30 12:34:55 -05:00
Luke Imhoff c8e4745d6d
Fail `rake spec` if leak tracking unnecessary
MSP-11130

Fail `rake spec` if
`Metasploit::Framework::Spec::Constants::Each.configure!`'s
`before(:each)` does not clean all leaked constants and if should be
removed so that it does not interefore with future specs.
2014-10-30 09:37:17 -05:00
Luke Imhoff c2bd75b587
Clean up leaked constants
MSP-11130
2014-10-29 15:50:47 -05:00
Luke Imhoff 892aeaf727
Metasploit::Framework::Spec::Constants cleaner
MSP-11130

Shared context will calls `Metasploit::Framework::Spec::Constants.clean
after each example.
2014-10-29 11:31:17 -05:00
Luke Imhoff 0d4b22ce7a
Detect constant leaks in individual examples
MSP-11130

`Metasploit::Framework::Spec::Constants::Each.configure!` will set up an
`after(:each)` callback that will fail the example if there are leaked
constants.  Leaked constants are cleaned up to prevent misattribution.
2014-10-28 15:50:24 -05:00
Luke Imhoff f9b1f2a424
Extract Metasploit::Framework::Spec::Constants::Suite
MSP-11130

`Metasploit::Framework::Spec::Constants::Suite` extracts out
`LOG_PATHNAME`, `configure!`, and `define_task` as those piece are
specific to handling constant leaks for the entire suite.  This is in
preparation for `Metasploit::Framework::Spec::Constants::Each`.
2014-10-28 15:07:32 -05:00
Luke Imhoff 3ec9cf54c9
Filter non-loaded-module constants from leaked constants
MSP-11130

Constants from library Modules or Classes should not be reported as
leaked since they have been required and should be persistent between
spec runs.
2014-10-28 14:05:27 -05:00
Luke Imhoff 1a1f3335b8
Extract Metasploit::Framework::Spec::Constants.full_name
MSP-11130

Extract method to convert child constant names to module full names so
it can be reused 'Metasploit::Framework::Spec::Constants tracker' shared
context.
2014-10-28 13:53:48 -05:00
Luke Imhoff a0a9c2140b
Log leaked constants and fail rake spec on leak
MSP-11130

Instead of printing the leaked constants to stderr, log them to
`log/leaked-constants.log`.  In task action for spec, read
`log/leaked-constants.log`.  If it exists, print each leaked constants
(and it appropriate it's module full name) and then exit with 1.  If the
file does not exist, do nothing.
2014-10-28 11:21:35 -05:00
Joe Vennix c6bbc5bccf
Merge branch 'landing-4055' into upstream-master 2014-10-28 11:18:20 -05:00
sinn3r e31c9f579d
Land #3987 - Buffalo Linkstation NAS Login Scanner 2014-10-28 01:45:57 -05:00
Luke Imhoff c84febea5f
tools/missing-payload-tests.rb
MSP-11145

**NOTE: Failing specs**

Add a tool for reading `log/untested-payload.log` and
`framework.payloads` to determine `context`s to add
`spec/modules/payloads_spec.rb` to test the untested payloads.
2014-10-27 13:03:31 -05:00
Jon Hart b8c9ef96ca
Land #4003, @nstarke's Login Scanner for WD MyBook Live NAS 2014-10-27 09:57:43 -07:00
Jon Hart 765b5e686c
Use configured method and URI rather than duplicated values 2014-10-27 09:56:39 -07:00
Luke Imhoff 605f48e58d
Detect leaked constants under Msf::Modules
MSP-11130

Detect constants leaked under Msf::Modules after the suite completes.
2014-10-27 11:13:43 -05:00
nstarke 44f7db4798 Refactoring Success Case
I have refactored the code so that it will work with
non-root accounts.
2014-10-25 13:31:36 +00:00
Luke Imhoff 48d6880f1d
Add docs for untested payload testing
MSP-11145

Add docs to rake task, shared examples, and share contexts for how to
use all 3 together.
2014-10-23 11:17:05 -05:00
Luke Imhoff f827a1c761
Extract untested-payloads.log checker spec task action
MSP-11145

Extract the spec task action which errored out if
`log/untested-payloads.log` exists to
`Metasploit::Framework::Spec::UntestedPayloads.define_task`.
2014-10-23 10:24:33 -05:00
Jon Hart 83df08aaa7 Properly encode body and catch invalid configs 2014-10-22 22:43:06 -07:00
James Lee a5a84886ee
Make sure vnc closes the socket 2014-10-22 15:53:05 -05:00
Jon Hart ce8a9941ea Cleanup. Sanity check in setup. vprint 2014-10-22 10:36:24 -07:00
James Lee 46acf08e2d Merge remote-tracking branch 'upstream/master' into bug/msp-11497/loginscanner-tcp-evasions 2014-10-22 09:09:34 -05:00
nstarke ee3dd3a2ac More Fixes for WD MyBook Live Scanner
Fixes include removing deregistered options
from credentials collection object and adding proof
 when there is no response
2014-10-22 03:06:21 +00:00
James Lee e1a7e902d6
Re-enable tcp evasions for more LoginScanners
Untested since I don't have targets for these.
2014-10-21 18:58:28 -05:00
sinn3r 79d393c5aa Resolve merge conflicts
Conflicts:
	lib/msf/core/exploit/smb.rb
	lib/msf/core/exploit/tcp.rb
	modules/auxiliary/scanner/http/axis_login.rb
2014-10-21 13:06:35 -05:00
James Lee 83b1d270cd
Fix ftp and mssql 2014-10-21 11:09:39 -05:00
James Lee 8b2dcac730
Fix telnet 2014-10-21 11:08:41 -05:00
James Lee 2fcb1004fb
Move tcp options to Tcp::Client out of RexSocket 2014-10-21 09:59:26 -05:00
James Lee e76ee294a1
Restore tcp evasions to telnet 2014-10-21 09:44:55 -05:00
James Lee cb9a77c06b
Fix NoMethodError when unable to connect
Derp.
2014-10-21 08:58:45 -05:00
James Lee 6f3b26f5e9
Remove tcp evasions from Http
Can't use 'em anyway
2014-10-21 08:27:29 -05:00
nstarke 82b74d5f3c Fixes to MyBook Live Module
This commit contains three fixes as requested on PR
#4003.  Those include:

+ Removing extraneous puts statement
+ Checking for valid response
+ SSL support.
2014-10-21 00:50:40 +00:00
nstarke 70b13819d9 Adding Login Scanner for MyBook Live
This is a LoginScanner auxiliary module for Western
Digital MyBook Live NAS devices as well as the spec
for testing.
2014-10-21 00:50:40 +00:00
James Lee 3051b6c5ba
Clean up exceptions
Of particular note is mysql, who was rescuing Rex::ConnectionTimeout
*after* Rex::ConnectionError, which never would have fired anyway.
2014-10-20 10:27:02 -05:00
James Lee b7d69bec83
Restore proxies to ssh scanners 2014-10-20 10:19:06 -05:00
Tod Beardsley a431bff13f
@wvu-r7 is a skilled negotiator. s/stdout/stderr/ 2014-10-17 13:13:44 -05:00
Tod Beardsley 5978bd5e62
Control the startup msg with -q, too 2014-10-17 12:41:58 -05:00
Tod Beardsley a45b21b6bf
-q will quiet the animation, too 2014-10-17 12:32:28 -05:00
James Lee 41a57b7ba5
Re-enable proxies for HTTP-based login scanners 2014-10-15 17:00:44 -05:00
Tod Beardsley e010d70913
No need for that bool option 2014-10-14 14:59:57 -05:00
Tod Beardsley bf0a5d038e
Add an animation to comfort the user
Sometimes msfconsole takes a little while to start.

This adds a fairly common ASCII spinner to the startup sequence.

I haven't spec'ed it, and the code organization isn't great, so consider
this PR more of a cry for help than something immediately landable.

That said, it works for me.
2014-10-14 14:54:45 -05:00
nstarke f8d6af6d4e Rescuing from JSON Parse
Previous code was not using any sort of exception handling
for parsing the response body.  I have added a rescue block
for JSON errors to remedy this problem.
2014-10-10 12:41:11 +00:00
nstarke 472985a8a8 Adding Buffalo Linkstation NAS Login Scanner
I have added a login scanner for the Buffalo Linkstation
NAS.  I have been testing against version 1.68 of the
firmware.  Also included are some specs for this module.
2014-10-10 03:16:48 +00:00
nstarke eed0958de5 Fixing Comment
Comment was incorrect and needed to be fixed.
2014-10-07 11:28:40 -05:00
nstarke b8c2643d56 Converting Module to LoginScanner w/ Specs
The previous commits for this Jenkins CI module relied on an
obsolete pattern.  Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
2014-10-06 21:14:10 -05:00
Matt Buck 0bb4eac259
Rename the method for optional requires
MSP-11412
2014-10-03 14:06:13 -05:00
Matt Buck 88cbf22ef0
Optionally require mdm, as well
MSP-11412
2014-10-03 13:49:39 -05:00
Matt Buck dabec92e61
Ensure require of metasploit/credential/engine is optional 2014-10-02 14:46:56 -05:00
Matt Buck 7ed1977d0b
Specific require all metasploit gem dependencies' engines
MSP-11412
2014-10-02 14:20:10 -05:00
sinn3r 7163b8c55a Fixes #3915 - NoMethodError private method `rhost'
There's no self.rhost, but rhost is defined
2014-09-30 11:34:16 -05:00
David Maloney 5ff4a55cd2
smb connection error not setting result properly
if the initial connection from the SMB LoginScanner fails
it wouldn't set the target information on the result. this could cause
smb_login to throw a stack trace when it calls invalidate_login
2014-09-16 15:24:14 -05:00
David Maloney e5aa5c4014
missing postgres rescues 2014-09-16 15:04:07 -05:00
sinn3r 169d04020d
Land #3571 - Add Wordpress XML-RPC Login Scanner (with LoginScanner) 2014-09-16 14:51:24 -05:00
David Maloney aeed66b694
missing mysql rescue 2014-09-16 13:41:03 -05:00
David Maloney d708de07a3
return the lgoinscanner class name in an invalid exception
when a loginScanner throws an Invalid exception , the message
will now include the classname of the Scanner that threw it.
2014-09-16 13:24:08 -05:00
David Maloney 6decd3cbd2
fix exceptions thrown in telnet loginscanner too 2014-09-16 10:09:59 -05:00
David Maloney bf8f7221c7
rescue exceptions in check_setup 2014-09-15 13:52:17 -05:00
jvazquez-r7 7d4c4c3658
Land #3699, @dmaloney-r7's ipboard login refactor 2014-09-15 08:29:42 -05:00
jvazquez-r7 917a7ffa1e Add specs for valid IPBoard application 2014-09-12 16:08:03 -05:00
Cucumber b80519dc16
Lands #3779, specs
MSP-11343

Merge specs that I missed during last merge.
2014-09-12 14:49:26 -05:00
jvazquez-r7 0d054d8354 Update with master changes 2014-09-12 09:52:32 -05:00
jvazquez-r7 b8d31891f8 Clean YARD documentation 2014-09-12 09:32:32 -05:00
Joe Vennix 55519d8867
Land #3781, my addition of Metasploit::Concern to msf. 2014-09-11 16:57:24 -05:00
Luke Imhoff 706655f755
Land #3779, Glassfish LoginScanner exception
MSP-11343
2014-09-11 15:57:47 -05:00
Joe Vennix 8654b63c58
Make sure Metasploit::Concern is accessible everywhere. 2014-09-11 14:46:35 -05:00
David Maloney 0663355237
catch connectionreset in ftp login scanner
add exception rescue for Errno::ECONNRESET
2014-09-11 14:39:36 -05:00
James Lee a8e3ff0c0f
Add specs to verify server header matching 2014-09-11 11:42:38 -05:00
James Lee 9151c2c79d
Add docstrings and avoid multiple returns 2014-09-11 10:50:42 -05:00
James Lee 20e48a233a
Explicitly set @version to nil if we can't detect 2014-09-11 10:30:52 -05:00
Cenk Kalpakoğlu 11004ab7c6 typo fix 2014-09-11 16:27:35 +03:00
James Lee 8aa06b8605
Better api for check_setup 2014-09-10 23:43:54 -05:00
James Lee c1658e5d51 Add a check_setup method 2014-09-10 20:09:46 -05:00
James Lee 84e4db9035 Don't raise in the middle
MSP-11343

This means we don't bomb out with an unhandled exception, instead
continuing attempting logins against the host even though it will never
succeed. Next up: verify state before running scan!()
2014-09-10 20:09:33 -05:00
David Maloney 2ac15f2088
some fixes based on Christruncer's feedback
fixed some stuff i borked, back to you chris
2014-09-08 15:27:01 -05:00
David Maloney cd3cdc5384
Merge branch 'master' into feature/ipboard-login-refactor 2014-09-08 14:48:37 -05:00
David Maloney b84142715f
rescue mysql host blocked
rbmysql can throw an exception if the
server blocked this host due to too many connection errors
2014-09-08 12:45:10 -05:00
jvazquez-r7 10bb77af9f
Land #3716, @wchen-r7's Glassfish LoginScanner update 2014-09-07 21:54:34 -05:00
jvazquez-r7 768b50974f Redo try_glassfish_3 specs 2014-09-07 21:04:43 -05:00
jvazquez-r7 07238ef7b3 Redo try_glassfish_2 specs 2014-09-07 20:47:54 -05:00
sinn3r 6df7658267 Very small change to the doc 2014-09-06 01:54:52 -05:00
jvazquez-r7 78cf75c4d5 Clean YARD documentation 2014-09-06 00:24:39 -05:00
sinn3r 0dcf481d76 This one is good to go 2014-09-04 14:13:33 -05:00
David Maloney 28427ccee3
add VHOST and useragent support to loginscanner 2014-09-04 10:59:07 -05:00
sinn3r e1694ec3e5 LoginScanner update for hp_sys_mgmt_login
Work in progress
2014-09-03 16:23:57 -05:00
sinn3r 61e58dc6d3 Yard doc 2014-09-02 20:48:07 -05:00
sinn3r 954475c0bf Add rspec and update about secure admin 2014-09-02 20:35:25 -05:00
David Maloney 928aeffcba
add wordpress_rpc loginscanner and specs 2014-08-29 13:06:12 -05:00
Samuel Huckins fa77caa819
Merge branch 'bug/MSP-11153/database-config-overrides'
MSP-11153 #land
2014-08-28 17:12:37 -05:00
Luke Imhoff 20177c7c23
Restore backup database.yml when retesting after interrupt
MSP-11153

Restore the config/database.yml backed up to
config/database.yml.cucumber.bak in the db:config:restore task, which is
made a dependency of the environment rake task so that
config/database.yml is restored before Rails tries to use it in the
environment task.  This specifically, allows for rake cucumber to be
interrupted when the config/database.yml has been moved to
config/database.yml.cucumber.bak and a subsequence rake cucumber to
succeed and restore config/database.yml, but any task that depends on
environment will restore the config/database.yml.
2014-08-28 15:20:53 -05:00
sinn3r f097ef96e0 Use && 2014-08-28 12:13:03 -05:00
sinn3r d0d9949d91 Do SSL options correctly 2014-08-28 12:04:14 -05:00
Luke Imhoff 275fa5cb50
Remove unnecessary return
MSP-11153

Leftover from earlier design.
2014-08-27 16:58:45 -05:00
Luke Imhoff 83b6f268b4
Remove unnecessary realpath
MSP-11153

Causes errors on machines that don't have ~/.msf4 like travis-ci.
2014-08-27 16:58:05 -05:00
sinn3r df215a380d Do not send 2 content-length headers 2014-08-27 16:05:08 -05:00
sinn3r a32ffc4c26 Add the final portion for Glassfish login module 2014-08-27 15:09:11 -05:00
Luke Imhoff 951ce15b44
Move database.yml selection to Metasploit::Framework::Database
MSP-11153

Test the following paths in order and only return them if the path
exists:

1. MSF_DATABASE_CONFIG environment variable
2. ~/.msf4/database.yml
3. <project>/config/database.yml
2014-08-27 12:01:43 -05:00
sinn3r 5d8cbe0544 Early version of Glassfish using LoginScanner 2014-08-27 01:23:02 -05:00
Tom Sellers 4a1b037af0 Remaining files.. 2014-08-26 18:15:58 -05:00
David Maloney c42517a14a
missing exception rescue
needed to also rescue Errno::ETIMEDOUT
2014-08-26 13:58:34 -05:00
David Maloney 32b1a5ea23
add ipboard loginscanner
add loginscanner class for IPBoard with specs
this should replicate the functionality originally written
by Chris Truncer, but move it into a testable, reusable class
2014-08-25 13:58:30 -05:00
Joe Vennix 95fbb8f1b7
Land PR #3672, dmaloney-r7's login scanner credential rework. 2014-08-22 11:15:32 -05:00
Brandon Turner 05f0d09828
Merge branch staging/electro-release into master
On August 15, shuckins-r7 merged the Metasploit 4.10.0 branch
(staging/electro-release) into master.  Rather than merging with
history, he squashed all history into two commits (see
149c3ecc63 and
82760bf5b3).

We want to preserve history (for things like git blame, git log, etc.).
So on August 22, we reverted the commits above (see
19ba7772f3).

This merge commit merges the staging/electro-release branch
(62b81d6814) into master
(48f0743d1b).  It ensures that any changes
committed to master since the original squashed merge are retained.

As a side effect, you may see this merge commit in history/blame for the
time period between August 15 and August 22.
2014-08-22 10:50:38 -05:00
Brandon Turner 19ba7772f3
Revert "Various merge resolutions from master <- staging"
This reverts commit 149c3ecc63.

Conflicts:
	lib/metasploit/framework/command/base.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/require.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/smb/smb_login.rb
	msfconsole
2014-08-22 10:17:44 -05:00
James Lee c3e8bc8fa0
Fix a crash when we can't connect to PG, again 2014-08-20 11:02:46 -05:00
James Lee fa27def41f Revert "Fix a crash when we can't connect to PG"
This reverts commit b6deb6a342.
2014-08-20 11:01:29 -05:00
James Lee b6deb6a342
Fix a crash when we can't connect to PG
MSP-11061

No Postgres, no cry
2014-08-19 15:30:24 -05:00
David Maloney 473b92a060
Merge branch 'master' into feature/MSP-10992/scanner-dry
Conflicts:
	Gemfile.lock
	lib/metasploit/framework/command/console.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/credential.rb
	lib/metasploit/framework/credential_collection.rb
	lib/metasploit/framework/login_scanner/afp.rb
	lib/metasploit/framework/login_scanner/axis2.rb
	lib/metasploit/framework/login_scanner/db2.rb
	lib/metasploit/framework/login_scanner/ftp.rb
	lib/metasploit/framework/login_scanner/http.rb
	lib/metasploit/framework/login_scanner/mssql.rb
	lib/metasploit/framework/login_scanner/mysql.rb
	lib/metasploit/framework/login_scanner/pop3.rb
	lib/metasploit/framework/login_scanner/postgres.rb
	lib/metasploit/framework/login_scanner/result.rb
	lib/metasploit/framework/login_scanner/smb.rb
	lib/metasploit/framework/login_scanner/snmp.rb
	lib/metasploit/framework/login_scanner/ssh.rb
	lib/metasploit/framework/login_scanner/telnet.rb
	lib/metasploit/framework/login_scanner/vnc.rb
	lib/metasploit/framework/parsed_options/console.rb
	lib/metasploit/framework/require.rb
	lib/metasploit/framework/version.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/afp/afp_login.rb
	modules/auxiliary/scanner/db2/db2_auth.rb
	modules/auxiliary/scanner/ftp/ftp_login.rb
	modules/auxiliary/scanner/http/axis_login.rb
	modules/auxiliary/scanner/http/http_login.rb
	modules/auxiliary/scanner/http/tomcat_mgr_login.rb
	modules/auxiliary/scanner/mssql/mssql_login.rb
	modules/auxiliary/scanner/mysql/mysql_login.rb
	modules/auxiliary/scanner/pop3/pop3_login.rb
	modules/auxiliary/scanner/postgres/postgres_login.rb
	modules/auxiliary/scanner/snmp/snmp_login.rb
	modules/auxiliary/scanner/ssh/ssh_login.rb
	modules/auxiliary/scanner/ssh/ssh_login_pubkey.rb
	modules/auxiliary/scanner/telnet/telnet_login.rb
	modules/auxiliary/scanner/vnc/vnc_login.rb
	modules/auxiliary/scanner/winrm/winrm_login.rb
	spec/lib/metasploit/framework/credential_spec.rb
	spec/lib/msf/core/framework_spec.rb
2014-08-19 10:30:16 -05:00