Commit Graph

1278 Commits (ad28f9767f27eb8ca24f04f0479a650b6b24a2f8)

Author SHA1 Message Date
Luke Imhoff a64036f6cf
Move Msf::DBManager#sync to Msf::DBManager::Sink
MSP-11124

The comment on `#sync` says it's related to `sink`, so move it into its
Module.
2014-10-08 15:38:56 -05:00
Luke Imhoff 37e0b9ffe0
Extract Msf::DBManagerSink examples to shared example
MSP-11124
2014-10-08 15:30:20 -05:00
Luke Imhoff a0a19e5ce8
Spec classes, constants and methods from lib/msf/db.rb
MSP-11466

Method specces only check that the method is defined as they only need
to catch deleted methods during the reorganization.
2014-10-08 11:07:15 -05:00
Luke Imhoff 6a54f0ac4c
Spec methods from db_manager.rb
MSP-11466
2014-10-08 10:53:14 -05:00
Luke Imhoff c09335985b
Sort specs
MSP-11466
2014-10-08 10:52:21 -05:00
nstarke b8c2643d56 Converting Module to LoginScanner w/ Specs
The previous commits for this Jenkins CI module relied on an
obsolete pattern.  Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
2014-10-06 21:14:10 -05:00
jvazquez-r7 3aadaf672e Fix @lsanchez-r7's feedback, single expectation per test and avoid explicit use of subject 2014-10-06 16:08:20 -05:00
Samuel Huckins 0dfd8e25b8
Land #3846, Rex::ImageSource specs 2014-10-02 12:33:56 -05:00
Vincent Herbulot 041d44ecc6 Spec modification to allow previous commit
The spec was requiring the WAR to be at /deploy but this path was a
typo introduce while refactoring. The initial correct path is
/deploy/management
2014-10-01 18:30:53 +02:00
Vincent Herbulot a48d6053ab Added spec for jboss/deployment_file_repository 2014-10-01 11:57:01 +02:00
us3r777 47507e1ff1 Slight modifications to pass msftidy 2014-09-29 23:59:12 +02:00
us3r777 f9b6519e49 Added spec to new methods in Jboss mixin 2014-09-29 23:45:40 +02:00
sinn3r 9e5826c4eb
Land #3844 - Add the JSObfu mixin to Firefox exploits 2014-09-29 11:15:14 -05:00
Joe Vennix 2b02174999
Yank Android->jsobfu integration. Not really needed currently. 2014-09-25 16:00:37 -05:00
jvazquez-r7 e4f71d79ac Fix grammar 2014-09-24 15:17:09 -05:00
sinn3r 35f788a1a4
Land #3848 - Add specs for Rex::Arch 2014-09-23 13:03:40 -05:00
jvazquez-r7 0dfc2d3f87 Add specs for Rex::ExtTime 2014-09-22 14:55:14 -05:00
jvazquez-r7 db587afac8 Add specs for Rex::Arch 2014-09-22 14:10:55 -05:00
jvazquez-r7 701d6470c9 Add specs for Rex::Oui 2014-09-22 13:28:07 -05:00
jvazquez-r7 45011ae87f Add shared examples 2014-09-22 12:15:04 -05:00
jvazquez-r7 a677749f5b Add specs for #read_asciiz and fix bugs there 2014-09-22 12:14:21 -05:00
jvazquez-r7 f804d42ddc Add specs for Memory#index 2014-09-22 11:43:18 -05:00
jvazquez-r7 b121764003 Add specs for Memory#subsource 2014-09-22 11:30:30 -05:00
jvazquez-r7 3500e1ce7c Add specs for Memory#close 2014-09-22 11:18:21 -05:00
jvazquez-r7 a612caf1ae Finish examples for Memory#read 2014-09-22 11:17:09 -05:00
jvazquez-r7 df7ee55962 Add first specs for Rex::ImageSource::Memory#read 2014-09-22 11:06:34 -05:00
jvazquez-r7 77122895db Add specs for Rex::ImageSource::Memory#initialize 2014-09-22 11:02:24 -05:00
jvazquez-r7 a249eb1026 Add specs for Disk#subsource and Disk#close 2014-09-22 10:50:11 -05:00
jvazquez-r7 23bf36bc75 Start specs for Disk#subsource 2014-09-22 10:37:56 -05:00
jvazquez-r7 3f1eea55a6 Add specs for Disk#read and Disk#index 2014-09-22 10:35:54 -05:00
Luke Imhoff f61afe2598
Merge branch 'master' into bug/MSP-11368/boot-profiling
MSP-11368
2014-09-22 10:00:07 -05:00
jvazquez-r7 46e4235e79 Add spec templates 2014-09-22 09:16:21 -05:00
Joe Vennix ec88957ff4
Whitespace tweaks. 2014-09-21 23:57:58 -05:00
Joe Vennix d9e6f2896f
Add the JSObfu mixin to a lot of places. 2014-09-21 23:45:59 -05:00
sinn3r 2e96026725 avoid saying 'should' 2014-09-21 00:56:13 -05:00
sinn3r e1cfc74c32 Move jsobfu to a mixin 2014-09-21 00:39:04 -05:00
sinn3r 9191af6241 Update js_obfuscate 2014-09-20 23:38:35 -05:00
sinn3r cd70014446 Fix os detection rspec
no more window
2014-09-20 21:29:13 -05:00
sinn3r 2d828a2144 Update rspec 2014-09-20 18:09:22 -05:00
sinn3r 135bed254d Update BrowserExploitServer for JSObfu 2014-09-20 17:59:36 -05:00
sinn3r d52236fe05
Land #3835 - JSObfu to a gem 2014-09-20 01:38:45 -05:00
Joe Vennix 8e1b00ce95
Adds JSObfu.disabled for spec stubbing, fixes BES specs. 2014-09-19 20:42:05 -05:00
Joe Vennix df999db547
Add spec to ensure gem loads without error. 2014-09-19 19:49:01 -05:00
Luke Imhoff b863978028
Remove fastlib
MSP-11368
MSP-11143

Remove fastlib as it slows down the code loading process.  From the
previous commit, the mean loading for
`METASPLOIT_FRAMEWORK_PROFILE=true msfconsole -q -x exit` was
27.9530±0.3485 seconds (N=10).  The mean after removal of fastlib
was 17.9820±0.6497 seconds (N=10).  This means an average 35.67%
reduction in boot time.
2014-09-18 15:24:21 -05:00
Luke Imhoff 44588cc014
Add detected_arch to expected hosts columns in spec
MSP-11359
2014-09-18 12:34:34 -05:00
James Lee 3e42fcbbab
Land #3794, NDR encoding specs
MSP-11370 #land
2014-09-16 16:23:22 -05:00
sinn3r 169d04020d
Land #3571 - Add Wordpress XML-RPC Login Scanner (with LoginScanner) 2014-09-16 14:51:24 -05:00
jvazquez-r7 ca4c4f55bd Add specs for Rex::Encoder::Alpha2::UnicodeMixed 2014-09-15 17:05:08 -05:00
jvazquez-r7 ee45056827 Add specs for Rex::Encoder::Alpha2::UnicodeUpper 2014-09-15 16:57:26 -05:00
jvazquez-r7 3dc53cd013 Add specs for Rex::Encoder::Alpha2::AlphaMixed 2014-09-15 16:43:40 -05:00
jvazquez-r7 e8dce6ac59 Add specs for Rex::Encoder::Alpha2::AlphaUpper 2014-09-15 16:35:54 -05:00
jvazquez-r7 0e1ba8fb5e Use non aphanumeric badchar 2014-09-15 15:59:18 -05:00
jvazquez-r7 36e5dcd149 Fix shared examples 2014-09-15 15:56:19 -05:00
jvazquez-r7 2e126b6a68 Include it_behaves_like 2014-09-15 15:46:53 -05:00
jvazquez-r7 4064fb60ef Refactor specs for Rex::Encoder::Alpha2::Generic 2014-09-15 15:43:31 -05:00
jvazquez-r7 2728318358 Add specs for Rex::Encoder::Alpha2::Generic 2014-09-15 15:26:13 -05:00
jvazquez-r7 3f5fdaebb4 Add specs for Rex::Encoder::NDR 2014-09-15 13:49:18 -05:00
jvazquez-r7 7d4c4c3658
Land #3699, @dmaloney-r7's ipboard login refactor 2014-09-15 08:29:42 -05:00
HD Moore 6bd3675f03 Land #3680, add specs for Rex::MIME 2014-09-13 00:34:39 -05:00
HD Moore 6a2a85d2c4 Land #3789, adds specs for Rex::Proto::Http::Packet::Header
orts
2014-09-13 00:21:43 -05:00
jvazquez-r7 9e21cc8ad4 Add specs for invalid IPBoard application 2014-09-12 16:14:10 -05:00
jvazquez-r7 917a7ffa1e Add specs for valid IPBoard application 2014-09-12 16:08:03 -05:00
Cucumber b80519dc16
Lands #3779, specs
MSP-11343

Merge specs that I missed during last merge.
2014-09-12 14:49:26 -05:00
James Lee f68628c487 Add minimal specs for rex/proto/http/packet/header 2014-09-12 14:30:27 -05:00
sinn3r 12e3cb3c6a
Land #3764 - Add specs for Rex::Encoder::NonAlpha 2014-09-12 12:09:55 -05:00
sinn3r 54c353a15e
Land #3788 - Adds a spec to ensure HttpServer runs Concern hooks. 2014-09-12 12:05:55 -05:00
Joe Vennix a617556f29
Add a helpful comment. 2014-09-12 10:55:08 -05:00
Joe Vennix 0194674542
Oops. Don't duplicate spec block. 2014-09-12 10:54:30 -05:00
Joe Vennix 46f256a6bd
Adds a spec to ensure HttpServer runs Concern hooks. 2014-09-12 10:52:57 -05:00
jvazquez-r7 25a09ea227 Fix valid requests specs 2014-09-12 10:30:17 -05:00
jvazquez-r7 0d054d8354 Update with master changes 2014-09-12 09:52:32 -05:00
jvazquez-r7 183ba3422d Add specs for logins 2014-09-12 09:50:32 -05:00
James Lee 0ab36453b9
Add another header spec 2014-09-11 12:20:54 -05:00
James Lee a8e3ff0c0f
Add specs to verify server header matching 2014-09-11 11:42:38 -05:00
James Lee 8aa06b8605
Better api for check_setup 2014-09-10 23:43:54 -05:00
sinn3r 1b4ceec4f9
Land #3743 - Add specs for Rex::Arch::X86 2014-09-09 17:24:08 -05:00
sinn3r e82348f157
Land #3762 - Add specs for Rex::Arch::Sparc 2014-09-09 16:10:26 -05:00
jvazquez-r7 962c66b3bb Fix some descriptions 2014-09-08 18:17:24 -05:00
jvazquez-r7 8370bf0f2a Finish XDR specs 2014-09-08 18:05:09 -05:00
jvazquez-r7 44724d1141 Add specs for .decode_varray 2014-09-08 17:12:04 -05:00
jvazquez-r7 8af13592c2 Add first specs for Rex::Encoder::XDR 2014-09-08 16:25:53 -05:00
David Maloney cd3cdc5384
Merge branch 'master' into feature/ipboard-login-refactor 2014-09-08 14:48:37 -05:00
jvazquez-r7 f521cc598d Delete .encode specs, anyone uses the method, plus looks wrong 2014-09-08 14:42:43 -05:00
jvazquez-r7 9a74e60db3 Add specs for .encode 2014-09-08 14:32:33 -05:00
jvazquez-r7 11ca383d4f Add specs for .encode_byte 2014-09-08 14:24:03 -05:00
jvazquez-r7 3535a6a21d Add first specs for .gen_decoder and .encode_byte 2014-09-08 14:07:21 -05:00
jvazquez-r7 4c15954be5 Add specs for Rex::Arch::Sparc 2014-09-08 11:59:52 -05:00
William Vu ae5a8f449c
Land #3691, gdbserver hax 2014-09-08 11:48:39 -05:00
us3r777 cc5b852517 Fixed spec for lib/msf/http/jboss
Revert commit abdd72e8c6.
Added some spec for lib/msf/http/jboss/deployment_file_repository_scripts
2014-09-08 17:42:04 +02:00
jvazquez-r7 10bb77af9f
Land #3716, @wchen-r7's Glassfish LoginScanner update 2014-09-07 21:54:34 -05:00
jvazquez-r7 6cdfd322f2 change should to expect 2014-09-07 21:35:33 -05:00
jvazquez-r7 e6f7b35d0d Use context to describe #attempt_login 2014-09-07 21:26:01 -05:00
jvazquez-r7 f266ca99f5 Use allow_any_instance_of as with rspec 3 2014-09-07 21:18:22 -05:00
jvazquez-r7 768b50974f Redo try_glassfish_3 specs 2014-09-07 21:04:43 -05:00
jvazquez-r7 07238ef7b3 Redo try_glassfish_2 specs 2014-09-07 20:47:54 -05:00
jvazquez-r7 9a42e7635a Use expect instead of should on try_login 2014-09-07 20:01:44 -05:00
jvazquez-r7 06207afb12 Use expect instead of should 2014-09-07 19:37:24 -05:00
jvazquez-r7 424d1ec47f Add example to describe how send_request handles a JSESSIONID cookie 2014-09-07 19:33:56 -05:00
sinn3r ff6cce8bd1 3rd person 2014-09-06 01:56:39 -05:00
sinn3r 419b2136b1 remove the "instance methods" context 2014-09-06 01:42:48 -05:00
sinn3r c8ccb5e848 In 3rd person 2014-09-06 01:39:32 -05:00
sinn3r 0dcf481d76 This one is good to go 2014-09-04 14:13:33 -05:00
sinn3r e1694ec3e5 LoginScanner update for hp_sys_mgmt_login
Work in progress
2014-09-03 16:23:57 -05:00
sinn3r 954475c0bf Add rspec and update about secure admin 2014-09-02 20:35:25 -05:00
jvazquez-r7 15f19468a1 Do last cleanup 2014-09-02 18:57:10 -05:00
jvazquez-r7 3ad0542b2a Fix some specs 2014-09-02 18:50:37 -05:00
jvazquez-r7 a1823b6c1e Add more specs for Rex::Arch::X86 2014-09-02 18:17:14 -05:00
jvazquez-r7 16111aa2f7 Use RSpec::Mocks::Double 2014-09-02 13:25:05 -05:00
jvazquez-r7 fdb66d978b Fix remainings be_truthy and be_falsey conditionals 2014-09-02 13:22:21 -05:00
jvazquez-r7 9cec62d52b
Merge branch 'specs_its' into fix_deprecation_warnings 2014-09-02 13:14:21 -05:00
jvazquez-r7 15e564ddf3
Merge branch 'collection_owner' into fix_deprecation_warnings 2014-09-02 13:14:09 -05:00
jvazquez-r7 824ff7fc72
Merge branch 'specs_skip' into fix_deprecation_warnings 2014-09-02 13:13:09 -05:00
jvazquez-r7 33784777df Avoid its in Msfupdate specs 2014-09-02 12:53:24 -05:00
jvazquez-r7 e0c6f5032f Avoid its in Msf::DBManager specs 2014-09-02 12:46:50 -05:00
jvazquez-r7 d7af3a628d Avoid its on Msf::ModuleManager::Cache shared examples specs 2014-09-02 12:02:26 -05:00
jvazquez-r7 bf0d30cf03 Fix rspec-collection_matchers deprecation warning in Rex::Socket::RangeWalker 2014-09-02 11:08:26 -05:00
jvazquez-r7 5a0b6ece6e Use is_expected 2014-09-02 10:27:53 -05:00
jvazquez-r7 764af20567 Fix rspec-collection_matchers deprecation warnings in Rex::Socket 2014-09-02 10:21:52 -05:00
us3r777 abdd72e8c6 Refactor spec to match lib/msf/jboss
Moved bean_hsell_scripts_spec to scripts_spec. Fixed a typo.
2014-08-31 19:13:40 +02:00
David Maloney 928aeffcba
add wordpress_rpc loginscanner and specs 2014-08-29 13:06:12 -05:00
Samuel Huckins fa77caa819
Merge branch 'bug/MSP-11153/database-config-overrides'
MSP-11153 #land
2014-08-28 17:12:37 -05:00
Luke Imhoff 5ab8fcd026
Remove realpath call from expected user_configurations_pathname
MSP-11153

realpath is not used in the actual code anymore because it doesn't work
for non-existent paths.
2014-08-28 11:51:25 -05:00
Luke Imhoff 951ce15b44
Move database.yml selection to Metasploit::Framework::Database
MSP-11153

Test the following paths in order and only return them if the path
exists:

1. MSF_DATABASE_CONFIG environment variable
2. ~/.msf4/database.yml
3. <project>/config/database.yml
2014-08-27 12:01:43 -05:00
Tom Sellers 4a1b037af0 Remaining files.. 2014-08-26 18:15:58 -05:00
jvazquez-r7 b37e1a5421 Solve conflicts 2014-08-26 17:51:37 -05:00
jvazquez-r7 0d9d722525 skip examples pending of pivotaltracker 38730815 2014-08-26 16:49:13 -05:00
Joshua Smith 49adde2095
Land 3702, prefer be_falsey and cleanup specs 2014-08-26 15:24:41 -05:00
Joshua Smith 1fa26e2afb cleans up a bunch of spec msftidy issues 2014-08-26 15:24:08 -05:00
jvazquez-r7 042b8a3672 Switch from pending to skip in specs 2014-08-26 15:17:00 -05:00
HD Moore ba1f7c3bf6 Land #3687, reworks the nat-pmp portscanner 2014-08-26 14:34:46 -05:00
HD Moore 4e19d9ade1 Land #3545, fix up sip scanners, msftidy, db services cmd 2014-08-26 14:07:21 -05:00
Jon Hart 5ad090e833 Add unit test for and correct parsing of NAT-PMP port map responses 2014-08-26 10:49:53 -07:00
Jon Hart b0347906e3 Correct NATPMP external address resposne epoch and result parsing 2014-08-26 10:49:52 -07:00
Jon Hart 337cd02dd7
Change Auxiliary::DRDoS' prove_drdos to prove_amplification 2014-08-26 07:48:44 -07:00
jvazquez-r7 41420a97d5 Solve conflicts 2014-08-26 09:04:05 -05:00
jvazquez-r7 57afaf6580 undo be_false case 2014-08-25 23:58:08 -05:00
jvazquez-r7 60ecf4e8c4 Use be_truthy instead of be_true 2014-08-25 23:58:08 -05:00
jvazquez-r7 aa47746290 Undo incorrect be_true switch 2014-08-25 18:23:55 -05:00
jvazquez-r7 c372f5164b And switch more cases to be_falsey 2014-08-25 17:50:38 -05:00
jvazquez-r7 a1e1cef418 More use of be_falsey 2014-08-25 17:38:50 -05:00
jvazquez-r7 dd1c015e4e Use be_falsey 2014-08-25 17:34:55 -05:00
jvazquez-r7 9a14b64051 First version of Rex::Arch::X86 specs 2014-08-25 16:44:28 -05:00
Jon Hart 6185721a61 Address @hmoore-r7's feedback regarding binary encoding 2014-08-25 13:11:22 -07:00
Jon Hart e3753e3649 Refactor SIP response parsing for future improvements 2014-08-25 13:11:21 -07:00
Jon Hart 02e41c27e7 Split SIP response parsing out on its own, add unit tests.
Passes rspec but fails in framework. WIP.
2014-08-25 13:11:20 -07:00
David Maloney 32b1a5ea23
add ipboard loginscanner
add loginscanner class for IPBoard with specs
this should replicate the functionality originally written
by Chris Truncer, but move it into a testable, reusable class
2014-08-25 13:58:30 -05:00
William Vu 1ee83ff57e
Land #3696, pile of NTP DRDoS 0days
Dr. DoS in da house?
2014-08-25 11:47:28 -05:00
Joe Vennix a27754c5c1
Tweak specs a bit. 2014-08-24 02:41:37 -05:00
Joe Vennix 120f416f9c
Add spec for Msf::EncodedPayload.create. 2014-08-24 02:36:09 -05:00
Joe Vennix 6313b29b7a
Add #arch method to Msf::EncodedPayload.
This allows exploits with few one automatic target to support many
different architectures.
2014-08-24 02:22:15 -05:00
jvazquez-r7 8945f04ffd Add specs for Msf::HTTP::JBoss::BeanShell 2014-08-22 16:13:38 -05:00
jvazquez-r7 f57dd9a224 Add specs for #generate_bsh 2014-08-22 15:39:58 -05:00
jvazquez-r7 2b3058869f Add Msf::HTTP::JBoss::BeanShellScripts specs 2014-08-22 15:36:29 -05:00
jvazquez-r7 7ee5423310 Add specs for Msf::HTTP::JBoss::Base 2014-08-22 15:11:27 -05:00
jvazquez-r7 38e6576990 Update 2014-08-22 13:22:57 -05:00
jvazquez-r7 da0950df24
Land #3674, @todb-r7's patch for RangeWalker spec 2014-08-22 11:57:14 -05:00
Joe Vennix 95fbb8f1b7
Land PR #3672, dmaloney-r7's login scanner credential rework. 2014-08-22 11:15:32 -05:00
Brandon Turner 05f0d09828
Merge branch staging/electro-release into master
On August 15, shuckins-r7 merged the Metasploit 4.10.0 branch
(staging/electro-release) into master.  Rather than merging with
history, he squashed all history into two commits (see
149c3ecc63 and
82760bf5b3).

We want to preserve history (for things like git blame, git log, etc.).
So on August 22, we reverted the commits above (see
19ba7772f3).

This merge commit merges the staging/electro-release branch
(62b81d6814) into master
(48f0743d1b).  It ensures that any changes
committed to master since the original squashed merge are retained.

As a side effect, you may see this merge commit in history/blame for the
time period between August 15 and August 22.
2014-08-22 10:50:38 -05:00
Brandon Turner 19ba7772f3
Revert "Various merge resolutions from master <- staging"
This reverts commit 149c3ecc63.

Conflicts:
	lib/metasploit/framework/command/base.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/require.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/smb/smb_login.rb
	msfconsole
2014-08-22 10:17:44 -05:00
jvazquez-r7 fd05e634e8 Move once more let into describe 2014-08-21 10:41:37 -05:00
jvazquez-r7 b0a4ea6750 Move let helpers to describe groups 2014-08-21 10:39:16 -05:00
jvazquez-r7 6301d79162 Describe setters just expecting how assignement to properties should happen 2014-08-21 10:34:52 -05:00
jvazquez-r7 54395e38a0 Use a part subject to describe #add_part 2014-08-21 10:29:44 -05:00
jvazquez-r7 9dcc95fb04 Fix Rex::MIME::Message#initialize boundaries parsing 2014-08-20 10:22:38 -05:00
jvazquez-r7 e8a6307df1 Fix Rex::MIME::Header#parse 2014-08-20 09:42:44 -05:00
jvazquez-r7 e5fc0a007f Add some Message specs 2014-08-20 09:31:49 -05:00
jvazquez-r7 e4b586a96d Add specs for add_part_inline_attachment 2014-08-20 08:32:58 -05:00
jvazquez-r7 381c88f814 Add specs for add_part and add_part_attachment 2014-08-19 17:06:59 -05:00
Tod Beardsley a4c6a10edb
The .foo domain is live now.
I still kinda hate these tests, though, since they fail in wildcard DNS
environments (like OpenDNS).
2014-08-19 16:47:30 -05:00
jvazquez-r7 0585b13398 Add first specs for Rex::MIME::Message 2014-08-19 15:17:17 -05:00
sinn3r 311cc5befb
Land #3668 - Add specs for Rex::Exploitation::HeapLib 2014-08-19 13:14:24 -05:00
sinn3r 7bf637716a
Land #3663 - Add specs for Rex::Exploitation::EncryptJS 2014-08-19 13:08:14 -05:00
sinn3r ad241910d0 This is more invalid than the other one 2014-08-19 10:39:50 -05:00
David Maloney 473b92a060
Merge branch 'master' into feature/MSP-10992/scanner-dry
Conflicts:
	Gemfile.lock
	lib/metasploit/framework/command/console.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/credential.rb
	lib/metasploit/framework/credential_collection.rb
	lib/metasploit/framework/login_scanner/afp.rb
	lib/metasploit/framework/login_scanner/axis2.rb
	lib/metasploit/framework/login_scanner/db2.rb
	lib/metasploit/framework/login_scanner/ftp.rb
	lib/metasploit/framework/login_scanner/http.rb
	lib/metasploit/framework/login_scanner/mssql.rb
	lib/metasploit/framework/login_scanner/mysql.rb
	lib/metasploit/framework/login_scanner/pop3.rb
	lib/metasploit/framework/login_scanner/postgres.rb
	lib/metasploit/framework/login_scanner/result.rb
	lib/metasploit/framework/login_scanner/smb.rb
	lib/metasploit/framework/login_scanner/snmp.rb
	lib/metasploit/framework/login_scanner/ssh.rb
	lib/metasploit/framework/login_scanner/telnet.rb
	lib/metasploit/framework/login_scanner/vnc.rb
	lib/metasploit/framework/parsed_options/console.rb
	lib/metasploit/framework/require.rb
	lib/metasploit/framework/version.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/afp/afp_login.rb
	modules/auxiliary/scanner/db2/db2_auth.rb
	modules/auxiliary/scanner/ftp/ftp_login.rb
	modules/auxiliary/scanner/http/axis_login.rb
	modules/auxiliary/scanner/http/http_login.rb
	modules/auxiliary/scanner/http/tomcat_mgr_login.rb
	modules/auxiliary/scanner/mssql/mssql_login.rb
	modules/auxiliary/scanner/mysql/mysql_login.rb
	modules/auxiliary/scanner/pop3/pop3_login.rb
	modules/auxiliary/scanner/postgres/postgres_login.rb
	modules/auxiliary/scanner/snmp/snmp_login.rb
	modules/auxiliary/scanner/ssh/ssh_login.rb
	modules/auxiliary/scanner/ssh/ssh_login_pubkey.rb
	modules/auxiliary/scanner/telnet/telnet_login.rb
	modules/auxiliary/scanner/vnc/vnc_login.rb
	modules/auxiliary/scanner/winrm/winrm_login.rb
	spec/lib/metasploit/framework/credential_spec.rb
	spec/lib/msf/core/framework_spec.rb
2014-08-19 10:30:16 -05:00
sinn3r 17b03e7d34 Fix rspec due to an invalid dns becoming valid 2014-08-19 10:28:30 -05:00
jvazquez-r7 663e11f16b Add specs for Rex::MIME::Part 2014-08-18 18:03:27 -05:00
jvazquez-r7 85662d5ccd Add specs for Rex::MIME::Header 2014-08-18 17:33:26 -05:00
jvazquez-r7 73ac0e9537 Add specs for Rex::MIME::Encoding 2014-08-18 16:04:08 -05:00
jvazquez-r7 f812d2619c Fix load_js when opts[:newobfu] and add specs 2014-08-18 13:50:19 -05:00
jvazquez-r7 3dae6ee934 Not prefixing the class when describing method 2014-08-18 12:19:30 -05:00
jvazquez-r7 2dc579d467 Add template for specs 2014-08-18 12:16:20 -05:00
jvazquez-r7 75df32b1d3 Use single quoted strings out of the spec strings 2014-08-18 11:43:54 -05:00
jvazquez-r7 4ffd166918 Add specs for Rex::Exploitation::EncryptJS 2014-08-18 11:31:36 -05:00
Vincent Herbulot 2b59337e9a Jboss spec modifications.
Various changes in the jboss spec to match the newly refactored
methods in lib/msf/http/jboss.
2014-08-18 17:19:09 +02:00
Samuel Huckins 149c3ecc63
Various merge resolutions from master <- staging
* --ask option ported to new location
* --version option now works
* MSF version updated
* All specs passing
2014-08-15 11:33:31 -05:00
David Maloney fcfce9efec
Merge branch 'staging/electro-release' into feature/MSP-10992/scanner-dry 2014-08-12 11:22:51 -05:00
Jon Hart 8e626c1b60
Add rspec coverage for Msf::Auxiliary::DRDoS 2014-08-09 21:12:10 -07:00
Brandon Turner 91bb0b6e10 Metasploit Framework 4.9.3-2014072301
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJT0CeVAAoJEJMMBVMNnmqO/7AP/0CBRHjtgiR9VnFKSQ+iWTQV
 iPNMBevn0mpSRq/gpoKCeFBZ6b+YQYrOLXDKVk62VV9LCslkr/P8LW8ul+m+JtB0
 mM6V5esUXM1XhgGEyTnTLRx6BR/WQU1RHlb56ae3nZjQlwCuH/5zEmcy5toZxpsY
 6HO46zE0GGBoLr/VgyYlfT08bfoQ+ICyJN0H5ixoovCc3iW0K1MNqLMfdani8zBJ
 gYJaMysV7XtepumWWQMSC+b/EuertdXXzWDy2bwe0Q3cQXNXzrkPAvtMqucWG+gy
 783OLKCPtVoEZiX87xAptkwmVCRdNGPclaWH7YRZDAh1tqBfRQUg72V/TIrOHCP1
 /lYO7yp5pBQg+1UNnpH+xI2YePFfYdHpYDNT5FSQGOnQjJg30ll4SqCm7cVmo2h5
 BRSYXkPCsQeXGaFarxGERNb8e+qN/WzSrHzY45tQw8mDuhg94tlf3VtDag3FXxhj
 zCxd6bu+tdboVm7FERS85T46kxzmeIycZ4p+Sf7d8gXitl2RKbBdKFNDi1gzeK1T
 yN7bDl4sL7qtDgZLXjFrnyC8vXyAqIrAgmFr2JywMBRm6TiCGQvgnrs+sScU3RFU
 W2tblGbKQq+CwDeC59uQPqxRkm72SMUrKX9448VEQ+9XbKE3TMQ5Q4qCxmnw31Op
 aJ0QgKJz8thZgafZc89I
 =e1z9
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCgAGBQJT4pb8AAoJEA+Ckxyj7hsHn+8P/3FlEYCmoqQ/JzsVtmP3Yi4Q
 gBRva+crY831mCCQXFrPJBvWfmy5HOzVh+Zh7zWF0GQ1WuuMppHfR5ARFVwmiDs3
 qwndhXwziDzBnznf0JKSgT5eJsH23s/ots1lyWymKJvPuT6hn6MRAHUawgnNmYR9
 ttnawmHvCM9Iha2oz3nmkLcNd+83bdBfEWi5l8AQ7jJxwMC2/8VPpMscVVwXqPzd
 CoQugAYZW5VeaEiGio5+19Ix9EPkIDvs6wnfGBtfPfeaOIDZV4XOFoIFUtEeZd5o
 olvEpYvdqscy4Qujzn4C++3wX3bUxkIbHTJHgrKmlD83dI7Cu1JH716G+yfLoJo0
 pQBWTGeWYKEh6leK/9J5Bo1/tOJ/ylbcbvH0Y0tmdu4icHar6uYe1QBrCB9xIdh1
 F+xo4guYnVo616DXJQSwjIye83b5dBxACrfA3bqCnFVFgTM5jXGV1cqiBgs9Dl++
 tIDPgUJkCe/bIdQ7PntlGRzxKihHahlxhCa++YaGKqSq7gXie8Rl4qgloIrbfNZ/
 z3XsoOLNdbMGO7ip88Zjwq4Khj5WZu7ijfCtXO7GU1UJZL1tJ2yK2ic7ZDLc251Y
 8EGMSTG53+6yvZYFtWMZeQzjwD2cpuF04dOmHOKi6KGJJ7KRPhn6gpsbc6U1mbH9
 AjGcfOzhhcsY+WAQ7OG+
 =Pjob
 -----END PGP SIGNATURE-----

Merge tag '2014072301' into staging/electro-release

Conflicts:
	Gemfile.lock
	modules/post/windows/gather/credentials/gpp.rb

This removes the active flag in the gpp.rb module.  According to Lance,
the active flag is no longer used.
2014-08-06 15:58:12 -05:00
Luke Imhoff a37244c14e
Fix specs
MSP-10998
2014-08-01 21:55:10 -05:00
Luke Imhoff 9096a8a1f5
Remove Msf::Framework::VersionAPI
MSP-10998

It's compacting of the version parts into a single float doesn't work
with APIMinor over 10, so replace with Gem::Version, which compares
parts correctly.
2014-08-01 21:43:14 -05:00
Luke Imhoff 22db5aad8a
Remove Msf::Framework::VersionCore
MSP-10998

It can't handle 4.10.0 because it tries to compact the multiple part
version into one float using (1 / 10.0).
2014-08-01 21:31:48 -05:00
dmaloney-r7 e6a0e079b6 Merge pull request #3596 from darkbushido/bug/MSP-10937/adding-parent-to-cores-to-credential
.to_credential now assigns a parent
2014-08-01 13:13:48 -05:00
David Maloney dbde046f44
use to_h instead of to_hash
apparently ruby 2 adds this as a standard method so
we should stay compliant
2014-08-01 09:45:51 -05:00
David Maloney 0e65792f43
Merge branch 'staging/electro-release' into feature/loginscanner-report-dry 2014-08-01 09:41:30 -05:00
Brandon Turner 915e09ac50
Update framework version spec and Gemfile 2014-08-01 09:26:38 -05:00
Meatballs b4111df381
Retab spec 2014-08-01 14:41:20 +01:00
Meatballs 4ef3de84f3
get some more test cases 2014-08-01 14:34:17 +01:00
Meatballs 1fb4216d6d
Update spec 2014-08-01 12:08:03 +01:00
David Maloney 374c6532fa
add to_hash to Credential
begining of the chain to DRYing up
credential reporting in the loginscanner
2014-07-31 18:10:48 -05:00
darkbushido ad6eed01a2
.to_credential now assigns a parent
Metasploit::Credential::Core#to_credential will set the parent to the original core objext
Metasploit::Framework::Credential#to_credential also sets the parent to itself.
2014-07-31 14:52:27 -05:00
Meatballs 53b66f3b4a Land #2075, Powershell Improvements 2014-07-31 00:49:39 +01:00
James Lee 77d99b7374
Land #3586, fix msfconsole when running without db
Conflicts:
	Gemfile.lock
	metasploit-framework.gemspec
2014-07-30 17:24:21 -05:00
James Lee ef59d88f64
Fix spec failure due to workspace mismatch
Also fixes intermittent failure from FactoryGirl picking a heinous
Origin type.
2014-07-30 11:26:35 -05:00
Luke Imhoff e4f665fe72
Require 'active_record/railtie' for specs
MSP-10905
2014-07-30 11:10:02 -05:00
us3r777 2efeb850ee Added spec to lib/msf/http/jboss 2014-07-29 02:04:57 +02:00
us3r777 9e9244830a Added spec for lib/msf/http/jboss
Also renamed get_undeploy_bsh and get_undeploy_stager to
gen_undeploy_bsh and gen_undeploy_stager to be consistent
with the other functions
2014-07-29 01:57:04 +02:00
jvazquez-r7 79fe342688
Land #3558, @FireFart's improvements to wordpress mixin 2014-07-28 09:52:20 -05:00
James Lee c65db18090
Add rudimentary specs and fix some help wording 2014-07-28 09:19:09 -05:00
darkbushido 064d624322
changing Credential == operator
it should no longer raise no method errors when comparing a credential to
an object that doesnt respond to public, private, or realm
2014-07-23 16:17:09 -05:00
Christian Mehlmauer baff003ecc
extracted check version to module
also added some wordpress specs and applied
rubocop
2014-07-22 17:02:35 +02:00
Luke Imhoff 14fa49cdeb
Update spec to handle Mdm::Service#proto sequence
MSP-10029

Mdm::Service factories were changed in metasploit_data_models 0.19.0 to
use a sequence that cycles between 'tcp' and 'udp'.  To make the spec
clearer, just hard-code the protos under test instead of relying on
default behavior.
2014-07-22 09:47:35 -05:00
jvazquez-r7 ef12a632f6 Change filename 2014-07-22 08:20:32 -05:00
jvazquez-r7 72c2c07495 Add the specs, really 2014-07-21 17:39:51 -05:00
Tod Beardsley ffafd4c01f
Add NTP fuzzer from @jhart-r7
Looks good to me!
2014-07-21 12:38:12 -05:00
Meatballs 474ee81807
Merge remote-tracking branch 'upstream/master' into pr2075 2014-07-20 21:01:54 +01:00
Meatballs b28343842f Address @jhart-r7's comments 2014-07-20 21:00:34 +01:00
scriptjunkie 8fe508207c Merge Meatballs' gpp_again pull into new branch 2014-07-19 11:10:14 -05:00
William Vu 25f74b79b8
Land #3484, bad pack/unpack specifier fix 2014-07-16 14:52:23 -05:00
Meatballs 7583ed4950
Merge remote-tracking branch 'upstream/master' into pr2075 2014-07-16 20:34:34 +01:00
sinn3r 4fb58202fa
Land #3529 - Handle Rex::AddressInUse exception 2014-07-16 13:57:41 -05:00
David Maloney 52a29856b3
Merge branch 'master' into staging/electro-release
Conflicts:
	Gemfile
	Gemfile.lock
2014-07-16 09:38:44 -05:00
Matt Buck eff2defdde
Fix bug due to Metasploit::Model::Login::Status refactor
MSP-10718
2014-07-16 04:14:45 -05:00
David Maloney 939e585658
refactor all loginscanners
loginscanners now use LoginStatus constants
for the result statuses
2014-07-15 13:17:56 -05:00
jvazquez-r7 4098979448 Add spec 2014-07-15 13:06:53 -05:00
David Maloney 846679bef9
change Result status
result bojects now use Login::status constants
for their status
2014-07-15 11:39:38 -05:00
James Lee 4b16985eb8
Stop trying more creds for a user after success
This is more like the behavior of the old AuthBrute mixin, where a
scanner module was expected to return :next_user in the block given to
each_user_pass when it successfully authenticated.

The advantage is a reduced number of attempts that are very unlikely to
be successful since we already know the password. However, note that
since we don't compare realms, this will cause a false negative in the
rare case where the same username exists with different realms on the
same service.

MSP-10686
2014-07-10 17:48:58 -05:00
James Lee e4039c2382
Merge branch 'staging/electro-release' into feature/MSP-10679/refactor-invalidate-login 2014-07-10 14:00:28 -05:00
James Lee 147c6d8160
Merge branch 'feature/MSP-10660/realm_adjustments' into staging/electro-release 2014-07-10 13:52:21 -05:00
David Maloney 8833429987
make shared example usage more readable
this seems less obtuse
2014-07-10 12:58:13 -05:00
David Maloney 7dc58d060e
make only one each method
made the one true enumerator of credentials
for the login_scanner.

also covered the wierd http case where it can have a realm key
but no default realm.
2014-07-10 12:35:09 -05:00
David Maloney 87e6ede123
Merge branch 'master' into staging/electro-release 2014-07-10 08:44:12 -05:00
James Lee 0daa395007
Fix specs for LoginError cases 2014-07-09 18:11:20 -05:00
David Maloney 25ee278097
strip vestigial realms
in the cases where we don't want a realm we should be
stripping it from the credential so we can build accurate results
2014-07-09 17:46:56 -05:00
Tod Beardsley 038d1e210a
Merge upstream/master to deconflict.
Conflicts:
	Gemfile.lock
2014-07-09 17:43:42 -05:00
David Maloney 0c4e53ce5a
fix up specs
a whole bunch of spec changes needed for
these changes.

alos the axis2 spec was actually testing the winrm
class due to copypasta error.
2014-07-09 16:32:59 -05:00
David Maloney c7b37743ef
working realm coercion
LoginScanners will now figure out
the right thing to do about Realms
based on attributes of the Scanner itself
2014-07-09 15:56:39 -05:00
David Maloney 24fced822e
coerce realm_key when it exists
if the cred has a realm and the loginscanner
has a realm_key, make the credential use the
scanner's realm key
2014-07-09 14:58:20 -05:00
David Maloney 766b50b5e0
REALM_KEY not _TYPE
arg typos
2014-07-09 14:01:41 -05:00
James Lee afe36ab6ad
Merge branch 'staging/electro-release' into feature/MSP-9707/smb-bruteforce-refactor
Conflicts:
	lib/metasploit/framework/login_scanner/smb.rb
2014-07-09 12:50:24 -05:00
David Maloney aeda74f394
Merge branch 'master' into staging/electro-release
Conflicts:
	Gemfile
	Gemfile.lock
2014-07-07 16:41:23 -05:00
David Maloney 2c13ff4038
Merge branch 'staging/electro-release' into feature/MSP-10656/unify-ssh-scanners 2014-07-07 16:32:39 -05:00
dmaloney-r7 db8b0c907b Merge pull request #94 from rapid7/feature/MSP-10648/login-scanner-creation
Feature/msp 10648/login scanner creation
2014-07-07 16:04:09 -05:00
dmaloney-r7 c4c7ff519f Merge pull request #96 from rapid7/feature/MSP-10657/add-private-type
Add private_type and realm_key accessors to Framework::Credential
2014-07-07 15:43:18 -05:00
James Lee 4d4b8078f8
Unify SSH specs as well 2014-07-07 13:41:08 -05:00
James Lee 71cbbc5388
Merge branch 'feature/MSP-10648/login-scanner-creation' into feature/MSP-10656/unify-ssh-scanners 2014-07-07 13:19:34 -05:00
James Lee b7cfc927c4
Add private_type and realm_key accessors 2014-07-07 13:07:28 -05:00
James Lee cff2e1a1c1
And remove specs referencing obsolete accessors 2014-07-07 12:37:14 -05:00
James Lee 325d2d25b9
Fix requires and derp typos 2014-07-07 10:09:45 -05:00
jvazquez-r7 14b1ed5290 Add spec for comma separated cookies 2014-07-06 16:23:43 -05:00
James Lee 311f43f1e4
Constpocalypse 2014-07-03 18:49:46 -05:00
jvazquez-r7 405de05e4b Add specs for module_flavors 2014-07-03 10:31:39 -05:00
Jon Hart bc3ac1ee36 Correct private message format, update tests 2014-07-03 08:27:27 -07:00
James Lee b7a55d402d
Add likely service ports and names for HTTP 2014-07-02 23:41:31 -05:00
James Lee 9dde47a0bc
Add a simple classes_for_service method 2014-07-02 23:31:56 -05:00
Jon Hart 1830bdc7a5 Add rspec coverage for Rex::Proto::NTP 2014-07-01 12:29:47 -07:00
HD Moore 4ff211ec8d Fix the spec to allow for 1 or more spaces between 2014-06-30 13:18:43 -05:00
Tod Beardsley 8b63d3d467 Revert the revert of #3446
This reverts commit 9b35b0e13a.

This should not land on master until the Metasploit Pro folks (@trosen-r7
and friends) get their Meterpreter path specifications working the
same way as Framework's does.
2014-06-29 17:22:21 -05:00
dmaloney-r7 0a6a5a0a12 Merge pull request #92 from rapid7/feature/MSP-9912/metamodule-refactor-ssh-key
Feature/msp 9912/metamodule refactor ssh key
2014-06-27 11:48:57 -05:00
Lance Sanchez c1877cfba2
fixing the broken to_credential test
MSP-9912
2014-06-27 10:06:38 -05:00
Spencer McIntyre 1b4b4fd1c0 Update the cmdstager spec ArgumentError text 2014-06-27 08:34:57 -04:00
jvazquez-r7 dcd0e77f9e Change #compatible? method name because it's used by Module 2014-06-27 08:34:56 -04:00
jvazquez-r7 af568c856a Add CMStager specs 2014-06-27 08:34:56 -04:00
Lance Sanchez b5351eec2b
adding .to_credential
Metasploit::Framework::Credential and Metasploit::Credential::Core
need to be consumable by the login scanners. the easiest way to do this
was to create a shared to_credential method on both that return Metasploit::Framework::Credential

MSP-9912
2014-06-26 11:05:59 -05:00
David Maloney 9cec330f05
Merge branch 'master' into staging/electro-release 2014-06-26 10:22:30 -05:00
Matt Buck 27ef12bafe
Land #3478, disallow port 0 for portspec
[Closes #3478]
2014-06-25 15:46:30 -05:00
Lance Sanchez 07d548caeb
dropping lib from shared examples
MSP-9912
2014-06-25 14:32:43 -05:00
David Maloney 42bfe8ba4f
make portspec specs not insane
the specs for the portspec_to_portlist method
need a lot of work. this gives us some btter minimum coverage
2014-06-25 14:10:06 -05:00
Chris Doughty 9b35b0e13a Revert "Land #3446 -- Meterpreter bins gem switch" due to build failures
This reverts commit bba8bd3498, reversing
changes made to 002234993f.
2014-06-25 13:24:07 -05:00
James Lee f225ac92ab
Refactor smb_login
Maintains the new admin check functionality added in
rapid7/metasploit-framework#3330
2014-06-25 04:13:37 -05:00
OJ bba8bd3498
Land #3446 -- Meterpreter bins gem switch 2014-06-25 03:00:11 +10:00
James Lee 85611702f9 Merge branch 'upstream-master' into feature/MSP-9707/smb-bruteforce-refactor 2014-06-23 23:58:47 -05:00
Tod Beardsley c71eb1aa4e
Add specs for changed object UI 2014-06-22 13:05:17 -05:00
Tod Beardsley 53d0aba305
Add some specs for changed object Priv 2014-06-22 12:54:10 -05:00
Spencer McIntyre 05d4a1ab2c
Land #3342, Support negation in portspec 2014-06-21 18:14:50 -04:00
Tod Beardsley f90e8f00e5
Add the first few specs
Coverage for meterpreter and client core, just the bits I'm changing. I
intend to make liberal use of doubles, since they're easier than mocks
and all I care about is the changed behavior. I refuse to fall into a
trap where I need to first spec out aaaaaalllll of Metepreter just to
make this one change.
2014-06-20 13:18:55 -05:00
David Maloney 99b1702559
Merge branch 'master' into staging/electro-release
Conflicts:
	lib/msfenv.rb
2014-06-20 11:38:47 -05:00
jvazquez-r7 4203e75777
Land #3408, @m-1-k-3's exploit for D-Link hedwig.cgi OSVDB 95950 2014-06-20 10:27:32 -05:00
jvazquez-r7 330caa8c13 Fix specs 2014-06-20 00:08:55 -05:00
jvazquez-r7 ee62428248 Add specs 2014-06-19 18:13:14 -05:00
Luke Imhoff af99c0c01e
Remove `should_receive(:with_connection)` from specs
MSP-10127

Causes specs to randomly fail when with_connection calls from
before(:each) or after(:each) are intercepted by the should_receive
call.
2014-06-19 16:24:53 -05:00
David Maloney d9b7a320ae
fix more broken specs 2014-06-19 14:07:39 -05:00
David Maloney 2ac2dc9d7a
2 minor spec fixes 2014-06-19 13:23:37 -05:00
James Lee b606448976
Merge branch 'feature/MSP-9689/jtr_cracker' into staging/electro-release 2014-06-19 10:14:57 -05:00
navs ccf967fdfe added support to msfpayload to use elf so payload target 2014-06-19 00:59:49 -05:00
David Maloney f1a39ef973
enumerators all done with specs
the enumeration chains are now all complete with specs
so we can enumerate all the words generated by the given options.
2014-06-16 13:31:30 -05:00
David Maloney 9af811a2ed
we need to pass in a workspace 2014-06-15 15:52:57 -05:00
David Maloney 897b0b1ee5
wordlist enumerators with some specs
started the enumerators on the wordlist class
and began adding the specs for them
2014-06-15 13:37:50 -05:00
David Maloney a00ff5aeef
yield custom_wordlist words 2014-06-15 12:16:21 -05:00
David Maloney 8ada0804bd
add valid! spec 2014-06-15 11:22:43 -05:00
David Maloney 41d6b326f2
specs for wordlist validations
added specs to cover the validations on
the JtR wordlist class.
2014-06-15 11:14:11 -05:00
David Maloney a5fb898904
actually set max run time
make maxrutnime affect the crack command
2014-06-14 20:03:56 -05:00
David Maloney 33519b1fcd
cracker validations and specs
more validations and specs for the cracker class
2014-06-14 19:59:59 -05:00
David Maloney 466576d03f
jtr wordlist validations started
start adding validations and exceptions for the
JtR Wordlist class.
2014-06-14 16:16:30 -05:00
David Maloney 873d6e5b99
add all the specs 2014-06-14 12:28:17 -05:00
David Maloney 300baa577c
moar specs! 2014-06-13 17:34:16 -05:00
David Maloney b784bea48e
slow roll of specs for jtr cracker
slowly adding spec coverage for the JtR cracker
2014-06-13 16:08:56 -05:00
David Maloney 7187138134
start injecting sanity 2014-06-13 14:53:56 -05:00
David Maloney a9bcb8b3bd
add skeleton for JtR Cracker
starting work on creating the JtR Cracker class
2014-06-13 11:10:12 -05:00
Samuel Huckins d215b8e5b2 Merge pull request #47 from rapid7/feature/MSP-9712/winrm-bruteforce
45 merged, steps passing.

MSP-9712 #land
2014-06-12 16:04:17 -05:00
dmaloney-r7 ed84336149 Merge pull request #60 from rapid7/feature/MSP-9992/creds-command
Refactor the creds command
2014-06-12 12:24:09 -05:00
James Lee b756395eaa
Merge branch 'staging/electro-release' into feature/MSP-9712/winrm-bruteforce
Conflicts:
	lib/metasploit/framework/credential_collection.rb
	spec/lib/metasploit/framework/credential_collection_spec.rb
2014-06-11 16:21:59 -05:00
James Lee 3a8f6236ad
Add ability to prepend creds to a collection 2014-06-11 14:30:45 -05:00
James Lee c0c1bd40a9
Fix help spec 2014-06-10 17:28:55 -05:00
James Lee 552899ef13
Add a couple more specs for CredentialCollection
Also fixes some typos in docs
2014-06-06 12:12:32 -05:00
David Maloney 9b9de12a38
Merge branch 'master' into staging/electro-release
Conflicts:
	lib/msf/core/framework.rb
2014-06-06 12:04:53 -05:00
dmaloney-r7 ff8e6d2c50 Merge pull request #45 from rapid7/feature/MSP-9988/credential-collection
Add a CredCollection class and refactor WinRM bruteforce module
2014-06-06 11:53:28 -05:00
David Maloney 90b52814b1
fix some spec issues for recent changes 2014-06-06 11:52:49 -05:00
Brandon Turner 82464bd6aa
Update version spec 2014-06-06 10:16:44 -05:00
Luke Imhoff f2a56c041b
Merge branch 'staging/electro-release' into feature/MSP-9653/use-metasploit-concern-in-pro
MSP-9653

Conflicts:
	Gemfile
	Gemfile.lock
2014-06-05 16:22:02 -05:00
Luke Imhoff 5ae5448005
Join killed threads to ensure cleanup
MSP-9653
2014-06-05 12:40:24 -05:00
James Lee 33a9f8c43f
Add spec for userpass_file 2014-06-05 11:54:59 -05:00
James Lee 45c26343a1
Add spec for pass_file 2014-06-05 11:51:11 -05:00
James Lee b1136752be
Add Credential#== to facilitate specs 2014-06-05 11:37:48 -05:00
Lance Sanchez 262deac155
Fixing the failing specs
for some reason on my box sock.closed? isnt being called. stubbing it out

Kernel.select is being called and cant cast a mock object to an IO object
ok to fix this I'm stubbing select on the scanner object then the call wont
get passed onto the Kernel module
2014-06-05 11:21:34 -05:00
James Lee 41644970bf
Add a CredentialCollection
Also moves Metasploit::Framework::LoginScanner::Credential to
Metasploit::Framework::Credential
2014-06-04 13:01:09 -05:00
Luke Imhoff ca63d2201e
Update init_module_paths spec to match Rails::Engine behavior
MSP-9653
2014-06-02 14:26:35 -05:00
Luke Imhoff 1295028595
Remove unneeded MetasploitDataModels.require_models
MSP-9653

Models are loaded using railties features.
2014-06-02 13:54:38 -05:00
Lance Sanchez 15fffb1668
Adding in some tests
cleaning up the regex a bit

MSP-9678
2014-06-02 13:50:30 -05:00
Lance Sanchez f2a2975bc1 Merge branch 'staging/electro-release' into feature/MSP-9678/pop3-login-scanner 2014-06-02 10:56:54 -05:00
Trevor Rosen 8bcd763039 Merge pull request #26 from rapid7/feature/MSP-9685/telnet_login_scanner
Feature/msp 9685/telnet login scanner

MSP-9685 #land
2014-05-30 13:40:18 -05:00
David Maloney 98a23881ee
remove cred creation methods
removed cred creation methods from framework
and include them from the metasploit-credential gem instead
2014-05-30 11:28:53 -05:00
dmaloney-r7 e669324366 Merge pull request #25 from rapid7/feature/MSP-9673/axis2-login-scanner
Add axis2 login scanner
2014-05-29 11:22:22 -05:00
David Maloney d95b0497a7
add more specs
added more specs around telnet specific validations
2014-05-29 11:11:19 -05:00
James Lee 572e4f2bdf
Fix dumb missing options and add spec 2014-05-28 16:32:38 -05:00
David Maloney 1bc2140fa6
Telnet LoginScanner basics
basic Telnet LoginScanner with shell
specs. Need to test functionality
and write additional specs
2014-05-28 14:47:58 -05:00
Lance Sanchez 07a61ae696
adding in changes from before my vacation..
MSP-9678
2014-05-28 13:18:28 -05:00
David Maloney 821a62627a
final spec cleanup 2014-05-28 09:56:26 -05:00
David Maloney ca4c942ceb Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation 2014-05-28 09:40:44 -05:00
David Maloney 967b0d49b1
Merge branch 'master' into staging/electro-release
Conflicts:
	Gemfile
	Gemfile.lock
2014-05-28 09:39:56 -05:00
David Maloney c975d4dc49
some minor cleanup items 2014-05-28 09:26:19 -05:00
Christian Mehlmauer da0a9f66ea
Resolved all msftidy vars_get warnings 2014-05-25 19:29:39 +02:00
Lutz Wolf 2b75a53c93 Add basic rspec for portspec_to_portlist 2014-05-24 23:46:26 +02:00
dmaloney-r7 85737d1235 Merge pull request #22 from rapid7/feature/MSP-9646/afp-loginscanner
AFP login scanner
2014-05-22 15:05:24 -05:00
David Maloney fbacf80839 Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation 2014-05-22 14:39:17 -05:00
David Maloney 19e36cccb3
Credential Core creation now complete 2014-05-21 16:37:13 -05:00
James Lee 5d1a0397ed
Add Tomcat login scanner 2014-05-21 14:28:54 -05:00
David Maloney 3ea99a9d43
private creation w/ specs and docs
the private creation method is now done
with specs and YARD docs
2014-05-21 13:21:56 -05:00
David Maloney 2629549f6f
added realm creation
added method for creating credential realm
creation.
2014-05-21 11:22:22 -05:00
James Lee 8be35b90f4
Add some more specs for AFP login scanner 2014-05-20 17:44:41 -05:00
James Lee d061d36229 Merge branch 'staging/electro-release' into feature/MSP-9646/afp-loginscanner 2014-05-20 17:25:42 -05:00
James Lee 21de14ac3d
Initial stab at AFP login scanner 2014-05-20 17:08:12 -05:00
Meatballs 09af023a71
Merge in parser 2014-05-20 21:56:35 +01:00
Samuel Huckins 62bae8e23b Merge pull request #21 from rapid7/feature/MSP-9687/winrm-loginscanner
Specs and functional steps passing. 

MSP-9687 #land
2014-05-20 11:32:37 -05:00
David Maloney 8a2f05b7d2 Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation 2014-05-20 10:28:33 -05:00
David Maloney 9cdddb08d9
origin specs for realsies
final specs and fixes for the origin creation
methods
2014-05-20 10:19:03 -05:00
David Maloney b84aaaad19
specs and fixes for origin creation 2014-05-20 09:59:15 -05:00
David Maloney ddfa4f1ee7
some origin creation specs
started getting working specs
for the origin creation methods. feel
into the weeds for a bit, but making progress at last.
2014-05-19 15:16:02 -05:00
Samuel Huckins d9687d87f9 Merge pull request #20 from rapid7/feature/MSP-9667/db2_login
Specs passing post update.

MSP-9667 #land
2014-05-16 11:29:31 -05:00
James Lee 9582d82fba Merge remote-tracking branch 'private/staging/electro-release' into feature/MSP-9687/winrm-loginscanner 2014-05-15 13:59:48 -05:00
James Lee efd0db9c39 Merge branch 'upstream-master' into HEAD 2014-05-15 13:53:16 -05:00
James Lee 8a9abb90c0
Add specs for connection error conditions 2014-05-15 10:06:17 -05:00
Lance Sanchez e9b3f10ba7
Drying up some of the status codes
MSP-9678
2014-05-14 17:02:26 -05:00
James Lee 59050d9bf1
Add specs for WinRM, improve those for HTTP 2014-05-14 15:13:29 -05:00
James Lee 99f8fbbc9c
Add WinRM login scanner
* Genericizes HTTP a bit to make these kinds of HTTP-based scanners
  simpler and easier
* Adds support for default ports to HTTP. This should probably be
  rafactored up into Base
* Removes spec that complains about port being unset (which now fails
  because defaults ensure it's always set)
2014-05-14 14:35:49 -05:00
Christian Mehlmauer dc7a8d32d8
Land #3324, msfconsole search timestamp fixes 2014-05-14 21:30:02 +02:00
Luke Imhoff 82d32e39cc
Merge branch 'feature/MSP-9686/vnc_login' into staging/electro-release
MSP-9686
2014-05-14 13:24:13 -05:00
Luke Imhoff a32152ecaa
Merge branch 'staging/electro-release' into feature/MSP-9686/vnc_login
MSP-9686
2014-05-14 13:22:41 -05:00
David Maloney fb671c72a7
Merge branch 'master' into staging/electro-release 2014-05-14 13:00:37 -05:00
dmaloney-r7 acaf713229 Merge pull request #17 from rapid7/feature/MSP-9606/metasploit-credential
Run migrations from Metasploit::Credential and initialize its concerns which patch Mdm
2014-05-14 11:15:07 -05:00
nstarke bb6201d66d Fixing nil bug and making format constant
The date format has been moved into a constant variable.
Certain modules do not have a disclosure_date.  For example,
‘checkvm’.  This necessitated checking disclosure_date for nil
before attempting a format conversion.  Also, there was an additional
location in core.rb that needed the formatting / nil check added.  Specs
were also updated appropriately.
2014-05-14 15:51:42 +00:00
James Lee 08a7acef3f
Make sure fail case is correct
`rand(1000)` would return 0 one in a thousand times, causing this test to
randomly fail at that interval
2014-05-14 10:22:47 -05:00
Samuel Huckins 162038bde4 Merge pull request #19 from rapid7/feature/login_scanner/smb
Specs all passing, functional steps working.
2014-05-13 14:37:13 -05:00
James Lee 2a13010bfb
Fix faulty spec 2014-05-13 14:15:00 -05:00
David Maloney f5751d6a85
first pass at attempt_login for DB2
first pass through at the attempt_login method
for the DB2 LoginScanner. still adding specs
and possibly refactoring
2014-05-13 14:10:30 -05:00
David Maloney 5dcf3efd1a
skeleton for DB2 loginscanner
add basic  skeleton and specs for the DB2
LoginScanner class.
2014-05-13 13:16:56 -05:00
Luke Imhoff 3370465d84
Use railties to load Metasploit::Credential correctly
MSP-9606

In order to support Metasploit::Credential correctly,
metasploit-framework needs to support Metasploit::Concern, which does
all its magic using a Rails::Engine initializer, so the easiest path is
to make metasploit-framework be able to use Rails::Engines.  To make
Rails::Engine use Rails::Engine, make a dummy Rails::Application
subclass so that all the initializers will be run when anything requires
msfenv.
2014-05-12 15:03:51 -05:00
Jeff Jarmoc 638ae477d9 Fix up spec. Rex::Proto::Http::ClientRequest handles & and = outside of Rex::Text::uri_encode, so mode doesn't affect them.
Fix erroneous typo char.
2014-05-12 12:10:30 -05:00
Jeff Jarmoc cba39a9a04 Adds spec for 'hex-all' mode 2014-05-12 12:01:06 -05:00
David Maloney 7f98d1630e
specs for VNC Loginscanner
cover remaining behaviour for the
VNC LoginScanner class.
2014-05-12 11:29:27 -05:00
Jeff Jarmoc 5f523e8a04 Rex::Text::uri_encode - make 'hex-all' really mean all.
'hex-all' encoding was previously ignoring slashes.
This pull adds 'hex-noslashes' mode which carries forward the previous functionality, and replaces all existing references to 'hex-all' with 'hex-noslashes'  It then adds a replacement 'hex-all' mode, which really encodes *ALL* characters.
2014-05-12 11:26:27 -05:00
David Maloney f84d763382
refactoring conditional logic
the class works but the conditional logic needs
refactoring to be smoothed out more.
2014-05-12 11:10:36 -05:00
James Lee 3831042dca
Add specs, validations for LoginScanner::SMB 2014-05-09 18:58:49 -05:00
David Maloney 4e76330643
Add skeleton for VNC lgoinscanner
Add skeleton and specs for the VNC Loginscanner

MSP-9686
2014-05-09 11:55:15 -05:00
David Maloney 8b937b7c35
Merge branch 'master' into staging/electro_release 2014-05-09 11:46:08 -05:00
Trevor Rosen c77412d373 Merge pull request #13 from rapid7/feature/login_scanner/mysql
Add LoginScanner for MySQL

MSP-9676 #land
2014-05-08 15:05:24 -05:00
Trevor Rosen 894ecaafb4 Merge pull request #12 from rapid7/feature/login_scanner/pg
Add Postgres LoginScanner class

MSP-9679 #land
2014-05-08 14:38:56 -05:00
David Maloney 42de1ab1f1
whitespace removal 2014-05-08 14:18:06 -05:00
David Maloney cfb13ed1bd
Merge branch 'staging/electro_release' into feature/login_scanner/mysql 2014-05-08 13:55:09 -05:00
James Lee 2d2b5ea9e4 Merge remote-tracking branch 'private/feature/login_scanner/mssql' into feature/login_scanner/smb 2014-05-08 13:45:06 -05:00
James Lee 13fe8c0869
Default Credential#paired to true 2014-05-08 13:34:31 -05:00
David Maloney 20edabb0f5
mySQL Loginscanner with specs to match
This season's colours for Loginscanner is MySQL
with Unit Test Coverage applied to match.
2014-05-08 13:16:12 -05:00
William Vu 102eb85277
Update CommandDispatcher::Db spec 2014-05-08 03:05:49 -05:00
David Maloney b72f0f8ffc
try to fix bad push/revert mess 2014-05-07 18:43:37 -05:00
David Maloney 9919d54116 Revert "final touches and specs"
This reverts commit e025fa1791.
2014-05-07 18:34:34 -05:00
David Maloney e025fa1791
final touches and specs
add finishing touches to postgres
Loginscanner and add specs to cover
the behaviour
2014-05-07 18:32:36 -05:00
David Maloney acbff23c32
final wrap-up specs
successkid.jpg
2014-05-07 16:07:18 -05:00
David Maloney ec974535ac
create base object for mssql scanner
created skeleton for MSSQL Loginscanner
included concerns.

also added an NTLM concern and shared example group
2014-05-07 14:43:15 -05:00
David Maloney 507fe566a4
Merge branch 'master' into staging/electro_release 2014-05-06 11:36:19 -05:00
Meatballs dc38212741
Fix function parsing 2014-05-05 20:53:36 +01:00
Meatballs e946046de5
Add methods spec 2014-05-05 19:08:18 +01:00
Meatballs 0b886db406
Script specs and remove unknown method 2014-05-05 19:01:36 +01:00
Meatballs 0177e51148
Finish obfu specs and use rig 2014-05-05 18:47:25 +01:00
Meatballs 6ab85027a4
More spec 2014-05-05 17:47:30 +01:00
Meatballs 162b6a8ab9
Add output spec 2014-05-05 14:48:18 +01:00
Meatballs 589d235a80
Simple param spec 2014-05-05 13:46:52 +01:00
David Maloney 5e6f57f711
fix up some more specs
some spec cleanup and added basic specs
to the HTTP LoginScanner
2014-05-01 12:10:51 -05:00
David Maloney 0dd22395eb
use credential objects inside results
altered results to just hold a credential
object instead of duplicating attributes
2014-04-30 17:17:57 -05:00
David Maloney 4995fcdced Shared Examples for RexSocket mixin
shared example group for the Loginscanner RexSocket
mixin. Pretty simple stuff, just trying to keep it
DRY.
2014-04-30 15:47:52 -05:00
David Maloney 1cd3f3f0da
finished first shared example group
base behaviour is now defined in shared
example group and the specs all use that
shared example group
2014-04-30 14:40:37 -05:00
David Maloney a4cc311106
test base behaviour in shared examples
start moving specs to a shared example group
for all behaviour defined by the LoginScanner
Base
2014-04-30 14:35:29 -05:00
David Maloney a08421b30f
apply reasonable defaults
give each lgoinscanner the ability to select
reasonable defaults for certain attributes
2014-04-30 13:56:29 -05:00
David Maloney e5276d111d
Merge branch 'staging/electro_release' into feature/login_scanner/snmp
Conflicts:
	lib/metasploit/framework/login_scanner/result.rb
2014-04-30 10:21:35 -05:00
Lance Sanchez ddee401e27
Merge branch 'feature/MSP-9684/sshkey_loginscanner' into staging/electro_release
MSP-9684 #land
2014-04-29 15:21:56 -05:00
David Maloney e8ea6a86b5
add specs for snmp
add specs for the snmp loginscanner
and modify the specs to Result class
to account for the access_level attribute
2014-04-29 14:49:35 -05:00
jvazquez-r7 2b4006089b
Land #3298, @wvu-r7's fix for db_import and its spec 2014-04-28 17:29:52 -05:00
Meatballs b860cecad6
Function spec (doesnt pass) 2014-04-28 14:09:39 +01:00
David Maloney c02fb21c3b
Finalized specs for sshkey
shkey loginscanner now compelte along
with specs
2014-04-25 15:20:33 -05:00
William Vu 9964548b41
Amend spec for db_import help 2014-04-25 14:28:29 -05:00
David Maloney e2d6a57db1
fix spec filename
had an extra underscore
2014-04-25 14:27:10 -05:00
David Maloney 0fcfb9d655
add proxies to ssh scanner
allow the SSH LoginScanner
to accept a proxy directive
2014-04-25 14:22:21 -05:00
David Maloney 35a039848c
add sshkey loginscanner
added the loginscanner class for SSHKey and
the base specs
2014-04-25 14:21:08 -05:00
Meatballs 3ae8c3ff46
Basic specs 2014-04-25 18:14:39 +01:00
Meatballs 8031e50d35
Make Exploitation::Powershell testable
Example test
2014-04-26 13:27:25 +01:00
Meatballs 318ae46085
Remove puts 2014-04-26 12:59:19 +01:00
Meatballs 3f5cc13bf8
Better eof test 2014-04-25 17:15:12 +01:00
David Maloney 2346d583ed
touchups and specsfor FTP Scanner
add some final touchups and specs to the FTP
Loginscanner object. now fully working.
2014-04-25 11:02:15 -05:00
David Maloney 838a444b23
first pass of FTP LoginScanner
made the first pass at the ftp
LoginScanner, with base specs.
Need to still tierate, add more new
specs and clean it up
2014-04-25 10:14:48 -05:00
Meatballs d85e4b1313
Error if encode_inner and encode_final 2014-04-25 15:47:36 +01:00
Meatballs ae574bec2b
Correct spec 2014-04-25 15:42:48 +01:00
Meatballs 5b9ec72395
Remove read_script spec 2014-04-25 15:40:52 +01:00
Meatballs 206184007f
Move methods and rename file so it is run by rspec 2014-04-25 15:16:15 +01:00
David Maloney 3a66723741
nake scan! more generic
scan! can now be reused for each scanner and
only attempt_login is specific for each thing.
2014-04-24 09:43:39 -05:00
Meatballs 72a2849bf1
Better specs
90.6% line coverage in Exploit::Powershell
77.32% in Rex::Exploitation::Powershell and haven't even started
writing those specs...
2014-04-23 08:07:42 +01:00
Meatballs 58c3bf0e59
Further speccage 2014-04-23 06:08:39 +01:00
Meatballs c4cfa42e5b
More specs 2014-04-23 02:37:19 +01:00
David Maloney 36dd10e1c2
add the renamed spec
renamed spec for credential class
forgot to add it
2014-04-22 11:05:58 -05:00
David Maloney 526bb4989a
more explicit requires
LoginScanner module brings in all the deps
while the individual classes require
the module then to get their deps.
2014-04-22 10:28:01 -05:00
David Maloney 645eef51b7
Rename CredDetail to Credential
it was felt this was better naming
for the class. Refactored all occurence
2014-04-22 10:25:36 -05:00
Rick Farina (Zero_Chaos) f35314b9f0 adjust Msf::Util::EXE for newer file output
Newer releases of File have a much different output when given a jar
file. Adjust regex per egyp7's suggestion to close bug 8792 on redmine.

Failure/Error: verify_bin_fingerprint(format_hash, bin)
expected: /zip/i
got: "/dev/stdin: Java archive data (JAR)\n" (using =~)

Tested and confirmed working with file 5.17 on Gentoo Linux.
2014-04-22 02:21:09 -05:00
David Maloney f079d3f3a9
move requires into module
move all the requires into the LoginScanner
module area to clean up requires
2014-04-21 19:14:50 -05:00
David Maloney 9c6528f13f
use the CredDetail class
now that we have the new CredDetail
class, use it instead of hashes
2014-04-21 18:58:23 -05:00
David Maloney 1a6ef8dced
allow for balnk passwords
have to alter validation slightly
to allow for blank passwords
2014-04-21 18:57:28 -05:00
David Maloney fd1777a79f
add CredDetail class
rather than passing dumb hashes around
added a CredDetail class that comes
with it's own conditional validations
2014-04-21 18:26:38 -05:00
David Maloney de2bb7d66c
dd tests for #scan!
the scan! method is mostly done
and has unit tests
2014-04-21 17:59:50 -05:00
David Maloney 2e11f80a98
refactor to use Result class
we now use a Result class to handle
all result codes from the login attempt
2014-04-21 15:35:16 -05:00
David Maloney d313047532
add loginscanner result class
add a result class to have more
tightly defined return values from
the loginscanner classes
2014-04-21 15:11:56 -05:00
David Maloney aa1d1be786
do not create sessions with scanner
the session creation behaviour is
currently inextricably linked to module
behaviour. We will have our scanner class
only return success status. The calling module
will be responsible for opening sessions afterwards.
2014-04-21 11:38:48 -05:00
Meatballs 67f44072ca
Merge remote-tracking branch 'upstream/master' into pr2075 2014-04-19 18:45:55 +01:00
David Maloney 9a15a2be04
basic login attempt functionality
groundowkr now layed for trying
authentication attempts on the
SSH LoginScanner, with test coverage
2014-04-18 20:08:28 -05:00
David Maloney 85349ccec4
SSH connection exception handling
added in the exception handling
around the Net::SSH conenction
in attempt_login
2014-04-18 18:13:05 -05:00
David Maloney 17b4d4a416
Add more attributes and validations
Added some more attributes neccesary
for the actual running of the login scan
as well as accompanying validations and
specs
2014-04-18 16:23:35 -05:00
David Maloney 613612eecb
Merge branch 'master' into feature/ssh_login_scanner 2014-04-18 11:16:18 -05:00
David Maloney 756488b581
last of the validations
finalized validation for SSH lgoinscanner
2014-04-16 13:34:23 -05:00
David Maloney bf20ed5812
add validations for cred_details
Adds validator for the cred_details
attribute on the SSH Login Scanner.
Makes sure propper input is always supplied
for the scanner.
2014-04-16 13:20:14 -05:00
David Maloney 434391c308
add host validations to ssh scanner
add validations to the :host attribute
on the SSH LoginScanner
2014-04-16 10:26:00 -05:00
sinn3r 7a4e12976c
First little bit at Bug 8498
[FixRM #8489] rhost/rport modification
2014-04-15 18:20:16 -05:00
David Maloney 60c879c824
specs for port validation
created specs for port validation

MSP-9683
2014-04-15 17:25:55 -05:00
David Maloney 02a17b8612
namespace change to Metasploit
chaning the code to live in the namespace of
Metasploit::Framework instead of Msf::Auxiliary

MSP-9683
2014-04-15 17:11:25 -05:00
Meatballs 38d8df4040
Merge remote-tracking branch 'upstream/master' into pr2075
Conflicts:
	modules/exploits/windows/local/wmi.rb
2014-04-15 22:06:45 +01:00
David Maloney 3c9507c30c
Adds invalid exception class
adds an invalid exception class to the
LoginScanner namespace.

MSP-9683
2014-04-15 13:23:24 -05:00
Tod Beardsley e4a61e2730
Fix Module.new bug and test for vhost 2014-04-14 18:01:13 -05:00
sinn3r 7b6b94acd5
Land #3247 - Revert #3224 jsobfu string size fixes 2014-04-12 00:58:27 -05:00
joev e09f887c4c Revert "Fixes large-string expansion in JSObfu."
This reverts commit 14fed8c610.
2014-04-11 16:51:47 -05:00
sinn3r 68a50e3663
Land #3224 - Fixes large-string expansion in JSObfu 2014-04-10 12:09:22 -05:00
Tod Beardsley ea8c15ba47
Land #3241 back into master 2014-04-11 15:08:01 -05:00
Tod Beardsley bbc72c3e1c
Update spec to reflect the correct version. 2014-04-11 12:29:26 -05:00
Joe Vennix 14fed8c610 Fixes large-string expansion in JSObfu. 2014-04-09 15:45:48 -05:00
William Vu 9779913060
Land #3184, Rex::Proto::Http::Client IOError fix 2014-04-03 15:58:50 -05:00
joev 3504ddc633 Fix http spec. 2014-04-03 14:50:54 -05:00
William Vu 92c6113a7c
Fix broken spec for Rex::Text.randomize_space 2014-04-02 11:48:50 -05:00
Tod Beardsley 8ab03f3aeb
Use Array#sample in randomize_space 2014-04-01 14:09:07 -05:00
Tod Beardsley ec7bb6de54
Land #2969, random name generator for phishing 2014-04-01 13:00:55 -05:00
William Vu 35d3e064b2
Update spec for #3162 2014-03-28 21:18:26 -05:00
William Vu 355cda0a43
Add specs for random name and e-mail methods
Babby's first RSpec. Style is consistent with the rest of the tests.
2014-03-28 16:47:52 -05:00
David Maloney 617e916511
fix specs from change
spec changes to go with the previous code change
2014-03-18 13:52:17 -05:00
sinn3r b431bf3da9
Land #3052 - Fix nil error in BES 2014-03-11 12:51:03 -05:00
Joe Vennix 78393057fe Fix failing spec 2014-03-10 16:40:46 -05:00
Joe Vennix 5790547d34 Start undoing some work. 2014-03-04 17:01:53 -06:00
Joe Vennix 2a87973d3c Use be instead of eq. 2014-03-03 21:55:12 -06:00
Joe Vennix a382b78f80 Oops, $ and _ need to be in the spec.
* Repeats the random check 20 times for each spec.
2014-03-03 21:54:09 -06:00
Joe Vennix bfecf9525d Add Rex::RandomIdentifierGenerator. 2014-03-03 16:43:49 -06:00
Joe Vennix e8b10db73b Dropped a space. 2014-03-03 15:48:44 -06:00
Joe Vennix 1352e5eacb Add presence spec. 2014-03-03 15:47:30 -06:00
Joe Vennix b3ab8f7ce1 Make random_var_name public, add specs for it. 2014-03-03 15:39:56 -06:00
Joe Vennix 6574a06bc3 Whitespace fix. 2014-03-02 20:55:07 -06:00
Joe Vennix 4514e32df8 Remove spec changes, oops. 2014-03-02 20:54:22 -06:00
Joe Vennix 894d16af80 Add specs for new/returning/previous visitors. 2014-03-02 20:50:10 -06:00
Joe Vennix b458b8ad63 Add specs for new methods. 2014-03-02 20:23:20 -06:00
Meatballs 2885ebcb40
Merge remote-tracking branch 'upstream/master' into pr2075 2014-03-02 20:57:02 +00:00
Meatballs 1ca690eccf
Do some rspec 2014-03-02 20:37:08 +00:00
sinn3r 8be99fc299 Fix payload_generator.format_payload rspec
The platform should match.
2014-02-25 16:37:21 -06:00
David Maloney a098c08f2f pend out bad spec 2014-02-13 15:44:05 -06:00
David Maloney f7a4dc967d remove obsolete msfvenom spec 2014-02-05 16:38:44 -06:00
David Maloney b3db623277 add shellcode file fixture
add shellcode file fixture for specs
2014-02-05 11:01:40 -06:00
David Maloney 508f251db2 add cli compat
add cli capability to putut verbose info to the console
2014-02-05 11:00:57 -06:00
David Maloney fc9105d862 final generation and specs
generation wrapped method complete with specs
2014-02-04 17:52:20 -06:00
David Maloney 4dcae920f8 add specs for generate_java_payload
pretty self-explanatory
2014-02-04 17:40:59 -06:00
David Maloney 70d8246791 finish wiring up the final generation
formating and main generate methods wired up
still need to add some final tests
2014-02-04 15:52:18 -06:00
David Maloney c8b7dc30b4 added encoding routines
now has a method for encoding the shellcode
and tests to go with
2014-02-03 17:51:22 -06:00
David Maloney 3b648346da starting in on encoders
added get_encoders method to find propper encoders
started on encode_payload, incomplete
added specs
2014-02-03 00:59:08 -06:00
David Maloney 4a82bc74cf added nop sled generator
added code to prepend a nop sled
with tests to match
2014-02-02 22:51:12 -06:00
David Maloney 3e945418df specs for added shellcode
add specs around adding extra shellcode to the payload
2014-02-02 22:17:52 -06:00
David Maloney bb5f5542f0 generating raw payload bits now
added raw payload generation, arch selection,
and specs for everything thus far
2014-02-02 21:09:17 -06:00
David Maloney f9c31f988e test platform selection
added tests around platform selection
2014-02-02 16:52:41 -06:00
David Maloney f5d730e874 write specs around initialiser
added specs around object initialisation
2014-02-02 16:05:11 -06:00
David Maloney e265d6f54c begining of payload generator
started basics of generator
started adding specs
added option to simple framework to disable logging
2014-02-02 14:35:16 -06:00
jvazquez-r7 9db295769d
Land #2905, @wchen-r7's update of exploit checks 2014-01-24 16:49:33 -06:00
Tod Beardsley 2ea3b46988
Remove to_s inside #{} 2014-01-23 14:21:48 -06:00
sinn3r 5073d3201f Update rspec for ms08_067 check
The original version doesn't return a check if the host is invalid,
looks like it was forgotten. The new version will return Unknown
instead.
2014-01-22 16:10:14 -06:00
William Vu 0a3ee573bc Uncomment spec_helper require 2014-01-22 11:58:10 -06:00