dmohanty-r7
f096c3bb99
Land #6821 Fix send_request_cgi! redirection
2016-05-05 09:09:30 -05:00
David Maloney
55b38ad089
Land #6398 , content length header
...
lands wei's content length header pr
2016-05-04 11:53:46 -05:00
David Maloney
fb5b228984
Merge branch 'master' into staging/rails-upgrade
2016-05-02 11:33:35 -05:00
dmohanty-r7
050061762b
Fix db_manager rspec tests
...
MS-255
2016-04-28 13:17:02 -05:00
wchen-r7
d4b89edf9c
Fix #6398 , Missing Content-Length header in HTTP POST
...
RFC-7230 states that a Content-Length header is normally sent in
a POST request even when the value (length) is 0, indicating an
empty payload body. Rex HTTP client failed to follow this spec,
and caused some modules to fail (such as winrm_login).
Fix #6398
2016-04-28 11:44:10 -05:00
James Lee
e7f0163c2e
Apparently super doesn't work the same here in 2.3
...
But it doesn't matter, the value just needs to be before the current
time, so replace it with a simpler solution.
2016-04-26 10:35:41 -05:00
wchen-r7
47d52a250e
Fix #6806 and #6820 - Fix send_request_cgi! redirection
...
This patch fixes two problems:
1. 6820 - If the HTTP server returns a relative path
(example: /test), there is no host to extract, therefore the HOST
header in the HTTP request ends up being empty. When the web
server sees this, it might return an HTTP 400 Bad Request, and
the redirection fails.
2. 6806 - If the HTTP server returns a relative path that begins
with a dot, send_request_cgi! will literally send that in the
GET request. Since that isn't a valid GET request path format,
the redirection fails.
Fix #6806
Fix #6820
2016-04-25 14:30:46 -05:00
wchen-r7
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
Brent Cook
7ff5a5fd7e
switch mainframe payloads to fixed size
2016-04-23 11:40:05 -04:00
Brent Cook
e75ce8b248
update test to hook exist? rather than exists?
2016-04-21 06:56:48 -04:00
thao doan
e70d967b4e
Land #6763 , Add rspec for lib/metasploit/framework/login_scanner/redis
2016-04-18 10:05:24 -07:00
David Maloney
3a623862e3
Merge branch 'master' into staging/rails-upgrade
2016-04-15 10:55:43 -05:00
Brent Cook
d3e5dffe26
whitespace
2016-04-13 22:20:42 -05:00
Brent Cook
6ce7055130
Land #6737 , Added reverse shell JCL payload for z/OS
2016-04-13 22:19:15 -05:00
Brent Cook
09873f2f9c
Land #6717 , Add new cmd mainframe payload (generic_jcl) for z/OS
2016-04-13 22:10:23 -05:00
wchen-r7
6c5886afba
Resolve #6736 , Add rspec for login_scanner/redis lib
...
Resolve #6736
2016-04-08 11:41:08 -05:00
Fernando Arias
8f3f2f74b4
Move shared example from pro into framework
...
MS-1361
2016-04-07 13:09:52 -05:00
Fernando Arias
f5415c8058
Move pro concern logic into framework
...
MS-1361
2016-04-07 10:59:40 -05:00
William Vu
22d08fdf39
Revert #6748 , premature Gemfile* changes
2016-04-06 14:52:22 -05:00
David Maloney
8de58e4b80
Merge branch 'master' into staging/rails-upgrade
2016-04-04 09:30:01 -05:00
wchen-r7
f7dd326b16
Land #6455 , Fix dns labels/names size limits for lib/net/dns/names/names
2016-04-01 21:57:09 -05:00
Bigendian Smalls
6a4d7e3b58
Revshell cmd JCL payload for z/OS
...
Added a JCL-based reverse shell. Uses the same source code as the
shellcode version does. Source code is in
external/source/shellcode/mainframe/shell_reverse_tcp.s
2016-03-31 20:42:42 -05:00
wchen-r7
46d4b533f3
Add rspec for lib/net/dns/names/names.rb
2016-03-31 11:29:30 -05:00
wchen-r7
bc48ebd43b
Use patch_finder for msu_finder
2016-03-29 23:21:01 -05:00
wchen-r7
1bcd3fac25
Land #6724 , Import workspace IP validation from Mdm
...
MS-902
2016-03-29 18:31:47 -05:00
Adam Cammack
3b0170e87d
Import workspace IP validation from Mdm
...
This allows us to actually test the validations, since the code calls
out to Rex::Socket::RangeWalker.
MS-902
2016-03-29 17:56:22 -05:00
Bigendian Smalls
a6518b5273
Add generic JCL cmd payload for z/OS (mainframe)
...
This payload does nothing but return successfully. It can be used to
test exploits and as a basis for other JCL cmd payloads.
2016-03-28 21:01:39 -05:00
wchen-r7
c4735bd72a
Fix rspec pull_request_finder_spec.rb
2016-03-24 20:56:46 -05:00
wchen-r7
57984706b8
Resolve merge conflict with Gemfile
2016-03-24 18:13:31 -05:00
James Lee
1375600780
Land #6644 , datastore validation on assignment
2016-03-17 11:16:12 -05:00
Adam Cammack
32fe9ae55d
Remove dead version check in db_manager.rb
...
The check appears to have been orphaned in the db_manager refactor, but
I can't track down the exact commit.
2016-03-16 15:24:55 -05:00
Brent Cook
903807d039
update spec for pre-check
2016-03-15 14:21:01 -05:00
Brent Cook
dabe5c8465
Land #6655 , use MetasploitModule as module class name
2016-03-13 13:48:31 -05:00
David Maloney
88697a5d3f
Merge branch 'master' into staging/rails-upgrade
2016-03-08 15:22:04 -06:00
wchen-r7
860159fa00
Update rspec
2016-03-08 11:37:25 -06:00
wchen-r7
58b8c35146
Escape HTML for KB and update rspec
2016-03-08 10:10:10 -06:00
Christian Mehlmauer
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
Brent Cook
659af68b16
Land #6388 , update msftidy check for new preferred Metasploit module base class
2016-03-06 17:12:20 -06:00
Brent Cook
cc436fe438
update to new preferred base class for modules
2016-03-06 17:11:51 -06:00
Brent Cook
a2c3b05416
Land #6405 , prefer default module base class of simply 'Metasploit'
2016-03-06 17:10:55 -06:00
Brent Cook
e1db3ef369
Land #6388 , Update msftidy to error when module super class is incorrect
2016-03-06 16:53:11 -06:00
Brent Cook
0fc4ebf4ab
Land #6618 , Improve Content-Length behavior in Rex HTTP
2016-03-06 16:38:44 -06:00
Brent Cook
8faae94338
Land #6592 , make linux/x86/shell_reverse_tcp's shell path configurable and remove shell_reverse_tcp2
2016-03-06 15:33:53 -06:00
Gregory Mikeska
c2f7360a9a
replace deprecated 'ignore' with 'transient'
2016-02-29 14:57:09 -06:00
wchen-r7
bff4b4d5fc
Fix #6609 and #6587 - Change Content-Length behavior in Rex HTTP
...
This patches changes two things:
1. If a module has a custom Content-Length, it will respect that
instead of forcing its own.
2. If a request does not have anything in the body, the
Content-Length header will not be set.
Fix #6609
Fix #6587
2016-02-29 10:50:21 -06:00
wchen-r7
814d53aee0
Add rspec for Msf::Util::DocumentGenerator::PullrequestFinder
2016-02-24 15:13:04 -06:00
wchen-r7
753e0f7693
Add rspec for Msf::Util::DocumentGenerator::DocumentNormalizer
2016-02-23 15:34:34 -06:00
joev
39f1113bca
Remove unused spec.
2016-02-18 22:20:13 -06:00
OJ
44eb2d6a80
Merge branch 'upstream/master' into default-xor
2016-02-11 14:30:18 +10:00
Brent Cook
2386cb1344
Land #6527 , add support for importing Burp suite vuln exports
2016-02-10 13:19:21 -06:00
wchen-r7
942eec5fee
Update rspec
2016-02-07 12:37:08 -06:00
Brian Patterson
4dcbd7c1ae
Add a nokogiri xml stream parser for Burp issue xml and rename original burp parser to burp session parser so both are supported.
2016-02-04 10:30:56 -06:00
Jon Hart
53d4e31844
Allow OptPath to valid symbolic paths that need expansion
2016-02-03 14:12:03 -08:00
Brent Cook
c0ed57db43
Land #6267 , the rest of the rspec3 updates
2016-01-29 11:36:58 -06:00
Brent Cook
d35d0993c1
should -> expect
2016-01-29 11:36:38 -06:00
Brent Cook
ac822943b1
Land #6267 , update to rspec3
2016-01-29 11:33:30 -06:00
Brent Cook
8c94d3c1bd
adjust namespec for rspec3
2016-01-29 11:32:22 -06:00
Brent Cook
b6bc862c1b
Land #6267 , fix Rex::Parser::Ini#each_group
2016-01-29 11:19:40 -06:00
wchen-r7
6187354392
Land #6226 , Add Wordpress XML-RPC system.multicall Credential BF
2016-01-23 00:12:46 -06:00
wchen-r7
781ff4bb7d
Rspec is deprecated. Use RSpec instead.
2016-01-22 20:39:40 -06:00
wchen-r7
6bbfc5a869
Fix rspec
2016-01-22 20:27:45 -06:00
wchen-r7
0f9cf812b7
Bring wordpress_xmlrpc_login back, make wordpress_multicall as new
2016-01-22 18:54:20 -06:00
Christian Mehlmauer
e6147d60e2
fix rspecs
2016-01-22 23:43:13 +01:00
Christian Mehlmauer
f92f59a4c8
remove corresponding spec files
2016-01-22 23:38:44 +01:00
wchen-r7
216986f7af
Do API documentation, rspec, and other small changes
2016-01-21 17:22:14 -06:00
Christian Mehlmauer
478cd2ed5c
check database.yml path
2016-01-21 20:32:32 +01:00
OJ
ac0b489a90
Revert bad merge and include expect calls
2016-01-21 10:28:38 +10:00
Christian Mehlmauer
f68b2b56fa
use hardcoded path
2016-01-19 23:51:28 +01:00
Christian Mehlmauer
aaa1174ca5
fix rspec errors without database
2016-01-19 20:28:58 +01:00
OJ
18fe9bd96f
Merge branch 'upstream/master' into default-xor
2016-01-13 10:05:59 +10:00
Brent Cook
7f9b804060
Land #6410 , remove JtR binaries, update for independent framework releases
2016-01-06 14:16:49 -06:00
Brent Cook
388bfec46c
Land #6415 , update rspec3 conventions
2016-01-06 12:14:15 -06:00
wchen-r7
92503c0ff6
Remove extra check_setup call
2016-01-06 11:01:35 -06:00
wchen-r7
480913cb32
Add rspec
2016-01-06 01:41:13 -06:00
David Maloney
06a75e1339
re-enable deprecation errors
...
had to disable this to let transpec do
dynamic analysis. re-enabling now to throw
an error on any deprecation warning
2015-12-31 16:57:17 -06:00
David Maloney
c6656e4031
example_group and hook_scope conversions
...
not strictly required, these conversions keep us
up to date with latest rspec conventions and best practices
which will prevent use from having to convert them when they become
deprecated later
2015-12-31 16:56:13 -06:00
David Maloney
0a8cc8e01c
basic transpec conversions
...
no options apssed, first run of transpec
not much to report
2015-12-31 16:43:26 -06:00
Chris Doughty
8090bbc750
Changes to support framework as a gem
2015-12-30 11:00:45 -06:00
Jon Hart
46a3c839b4
Refactor existing tests that had been duplicating get_std*
2015-12-24 11:03:11 -08:00
Jon Hart
be84ed13a2
Update msftidy spec to be more easily added to
2015-12-24 10:55:13 -08:00
Jon Hart
f029cd0c9a
Add common helpers for capturing stdout/stderr
2015-12-24 10:54:51 -08:00
Jon Hart
5ac4e9aa6b
Correct payload fixture
2015-12-23 12:55:01 -08:00
Jon Hart
83f0c2fa05
Add beginnings of rspec coverage for msftidy
2015-12-23 12:53:12 -08:00
Brent Cook
6eda702b25
Land #6292 , add reverse_tcp command shell for Z/OS (MVS)
2015-12-23 14:11:37 -06:00
wchen-r7
7d8ecf2341
Add Joomla mixin
2015-12-18 21:14:04 -06:00
Brent Cook
eccf61bec5
ensure that the metasploit database environment variable is unset
2015-12-14 14:29:25 -06:00
Brent Cook
6551df6446
update bitlocker for rspec3
2015-12-10 21:52:15 -06:00
Brent Cook
fb578e9063
use explicit exceptions for raise_error
2015-12-10 21:47:22 -06:00
Brent Cook
f59446851f
update namespace
2015-12-10 21:47:22 -06:00
Gregory Mikeska
99931aff44
Call stance only if module implements stance
2015-12-10 21:47:22 -06:00
Greg Mikeska
b29459747b
stub out private meterpreter accessor method net
2015-12-10 21:47:22 -06:00
Greg Mikeska
2a6db4092d
fix stub on Database specs
2015-12-10 21:47:22 -06:00
Greg Mikeska
a96445b302
switch out expect with a proper mock by allow
2015-12-10 21:47:22 -06:00
Greg Mikeska
d0d09097d5
stub out name on foo_inst in the option_container_spec
2015-12-10 21:47:22 -06:00
Greg Mikeska
9a59671330
switch expect to allow on runas_spec cases
2015-12-10 21:47:22 -06:00
Greg Mikeska
e8440f9798
remove deprecated syntax from text_spec
2015-12-10 21:47:22 -06:00
Greg Mikeska
5056321d34
replace before block expecations with allow statements
...
comment out some before statements that seem to be causing a problem
2015-12-10 21:47:22 -06:00
Greg Mikeska
1a36bcb525
Replace expect with allow the directory_spec
2015-12-10 21:47:22 -06:00
Greg Mikeska
cd0d774db6
replace deprecated unsub, and replace expecations with allows
...
in base_spec
2015-12-10 21:47:22 -06:00
Greg Mikeska
c5d77c3476
change stubs from expect to allow on directory_spec
2015-12-10 21:47:22 -06:00
Greg Mikeska
5b568f2e4b
added missing expectation wrapper
2015-12-10 21:47:22 -06:00
Greg Mikeska
1521fd0a95
remove unnecessary message chain call
2015-12-10 21:47:22 -06:00
Greg Mikeska
b84bd0327d
fix MSSQL test stubs
2015-12-10 21:47:22 -06:00
Greg Mikeska
5c733a3b6d
fix stub on module loader test
2015-12-10 21:47:22 -06:00
Greg Mikeska
71ce9b377a
change module manager stub from expect to allow
2015-12-10 21:47:22 -06:00
Greg Mikeska
69bb683d0a
fix typo in runas spec and change some more expects to allow
2015-12-10 21:47:22 -06:00
Greg Mikeska
2fc0c0b326
switch expect stubs
...
in ui_driver shared context to allows
2015-12-10 21:47:22 -06:00
Greg Mikeska
93d4be2301
replace stubbing expects with allow statements
2015-12-10 21:47:22 -06:00
Greg Mikeska
bf9da1440e
change module_manager to allow from expect
2015-12-10 21:47:22 -06:00
Greg Mikeska
605756a500
and receive needed to be and_return
2015-12-10 21:47:22 -06:00
jvazquez-r7
aca4c6a986
Change include_context on jmx specs
2015-12-10 21:47:22 -06:00
jvazquez-r7
d5d177b782
Use Msf::StringIO on query_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
2dbb610d99
Use Msf::StringIO on find_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
5600119fca
Use Msf::StringIO on trans2_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
07ab7bac9c
Use Msf::StringIO on query_path_information_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
21ea110aef
Use Msf::StringIO on query_file_information_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
6405c8102d
Use Msf::StringIO on find_first2_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
eeca2f4b8a
Use Msf::StringIO on session_setup_and_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
692a3cb24c
Use Msf::StringIO on read_andx_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
87a189d990
Use Msf::StringIO on nt_create_andx_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
7933fa5356
Use Msf::StringIO on negotaite_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
60de01432c
Use Msf::StringIO in close_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
085598f6d2
Use lets
2015-12-10 21:47:22 -06:00
jvazquez-r7
2beb42a734
Use msf_data attribute
2015-12-10 21:47:22 -06:00
jvazquez-r7
b61a7f43ef
Use Msf::StringIO context on registry_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
bc80bf7fdb
use Msf::StringIO on client_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
046a73b3b3
Use set_msf_data on connection_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
3d0fcdf84d
Add set_msf_data
2015-12-10 21:47:22 -06:00
jvazquez-r7
2041149d54
Use Msf::StringIO in connection_spec
2015-12-10 21:47:22 -06:00
jvazquez-r7
4872628ff5
Try to make it generic
2015-12-10 21:47:22 -06:00
jvazquez-r7
236c28b6fb
Add shared context
2015-12-10 21:47:22 -06:00
Brent Cook
11ea7ee5b9
update mocks for smb specs
2015-12-10 21:47:22 -06:00
Luke Imhoff
c3e2615a23
Implement stub methods instead using allow which verifies
...
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff
bb7c463c44
Remove operators after .to with matchers
...
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff
76d1f6ba0a
Fix Rex::Psot::Meterpreter::PacketParser spec
...
MSP-13484
Use allow instead of expect because call count isn't important.
2015-12-10 21:47:22 -06:00
Luke Imhoff
04ea44e76b
eq {} -> eq({})
...
So that the `{}` isn't interpreted as a block to `eq`.
2015-12-10 21:47:22 -06:00
Luke Imhoff
f31e578780
Add missing RSpec. before describe
2015-12-10 21:47:22 -06:00
Luke Imhoff
bde4f8bbe7
Fix allows in Exploit::Remote::Java::Rmi::Client::Jmx::Server spec
...
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff
e3f2db8f09
Fix allows in Exploit::Remote::Java::Rmi::Client::Jmx::Connection
...
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff
c754dca48b
fix allows in Exploit::Remote::JAva::Rmi::Client spec
...
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff
61e1dc2363
Fix allows in FirefoxAddonGenerator spec
...
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff
2d8d876eaa
Fix allow errors in BrowserAutopwn2 specs
...
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff
00ad6afd4f
Fix typo shoftname -> shortname
...
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff
164f24ef8a
Fix stubbing on class instead of instance
...
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff
fbddd4cc47
Fix IO stubbing
...
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff
db42c9f760
Fix service double stubbing
...
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff
c46b97cef9
=~ <Array> -> match_array
...
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff
99eaa8efb3
Change some expects back to allows to match old stubs
...
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff
f48f8c1540
Use `be` before operators
...
MSP-13484
2015-12-10 21:47:22 -06:00
Luke Imhoff
4f23b83fa3
.should\n -> expect().to
...
MSP-13484
2015-12-10 21:47:22 -06:00