infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
33,816 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

1522 Commits (dabc7abae5e2d32ad895a32147f5ec90e0eb7e85)

Author SHA1 Message Date
James Lee 76bfaa6ce9
Fix dumb inverted logic. Thanks, rspec! 2015-03-31 14:28:07 -05:00
James Lee 176cdcb836
Use sym-to-proc instead of reimplementing it 2015-03-31 11:21:53 -05:00
James Lee dfaf1b3a8f
Stub monitor_sock so we don't leak threads 2015-03-30 22:03:39 -05:00
OJ 97d788676c Set dynamic_size true for x64 stageless 2015-03-31 07:37:46 +10:00
James Lee 790a08a848
It's pronounced "exploit", not "assoc_exploit" 2015-03-30 16:21:17 -05:00
James Lee 2394d4bae8
Merge branch 'staging/single-vuln-push' into feature/MSP-11934/refactor-report-exploit-success 
Conflicts:
	Gemfile
	Gemfile.lock
	spec/support/shared/examples/msf/db_manager/exploit_attempt.rb
 2015-03-30 14:08:54 -05:00
James Lee 2ab4584079
Merge remote-tracking branch 'upstream/master' into staging/single-vuln-push 2015-03-30 13:50:52 -05:00
James Lee 6386289d80
Remove bogus spec 
No longer necessary to check that we're instantiating an Msf::Module
because we get the same information by reusing an existing
Mdm::Module::Detail
 2015-03-30 13:10:36 -05:00
OJ 6610504b10 Update payload spec 2015-03-30 21:07:30 +10:00
James Lee 7b1ac29788
Fix subject 2015-03-30 00:53:31 -05:00
James Lee 283e50fd42
Check the case of having no vuln 2015-03-30 00:09:49 -05:00
HD Moore a1c755161a Add spec coverage for appender, fix injector 2015-03-29 11:52:06 -05:00
Meatballs 9eca3a0ab5
Impersonation spec 2015-03-29 00:52:27 +00:00
Meatballs 10029eedb9
Add command specs 2015-03-29 00:05:44 +00:00
Meatballs f7e3abf760
sqlcmd specs and fixes 2015-03-28 23:23:00 +00:00
Meatballs 3b651aecdc
Specs for sqlserver check and fixes 2015-03-28 22:59:00 +00:00
sinn3r 9cfafdd8b8
Land #4649, improve post/windows/manage/run_as and as an exploit 2015-03-27 17:31:30 -05:00
Trevor Rosen 2815462375
Update Mdm to staging hash 2015-03-27 15:16:33 -05:00
James Lee 466ef4349e
Second verse, same as the first 2015-03-27 09:59:10 -05:00
James Lee 88a8186a11
Pull up redundant hash literal 2015-03-26 19:33:53 -05:00
Brent Cook e0568e95c2
Land #4978 @zerosteiner adds reverse https for python meterpreter 2015-03-26 19:16:46 -05:00
jvazquez-r7 d84c48cb7d
Use newer hash syntax 2015-03-25 13:39:34 -05:00
jvazquez-r7 72a0909e9b
Land #4992, @wchen-r7's support for multiple ActiveX controls on BrowserExploitServerMerge 2015-03-25 13:30:36 -05:00
James Lee 95d70e7211
Remove respond_to check for protected method 
Fails on Ruby 2.x, and doesn't really gain us anything anyway.
 2015-03-25 12:50:46 -05:00
James Lee 8f0c434faa Add specs for the new method 2015-03-25 12:34:10 -05:00
jvazquez-r7 0540e25db2
Calculate the java/rmi/registry/RegistryImpl_Stub hash dinamically 2015-03-25 11:29:07 -05:00
sinn3r 6e3e696262 Use symantec_web_gateway as an example of using send_request 2015-03-25 10:55:46 -05:00
sinn3r 111e3fcb88 Add rspec for #send_request 2015-03-25 01:45:03 -05:00
jvazquez-r7 a5c39db6c3
Use mocks like a boss... 2015-03-24 19:30:59 -05:00
jvazquez-r7 0b671d5210
Add specs for Msf::Java::Rmi::Client::Jmx::Connection 2015-03-24 19:15:25 -05:00
jvazquez-r7 356e8c727c
Add specs for Msf::Java::Rmi::Client::Jmx::Server 2015-03-24 18:56:58 -05:00
jvazquez-r7 464a6df5e0
Add specs for Msf::Java::Rmi::Client::Registry 2015-03-24 18:42:35 -05:00
jvazquez-r7 0fe98bc023
Delete old JMX mixin specs 2015-03-24 17:30:37 -05:00
jvazquez-r7 e20398a70a
Add specs for Msf::Java::Rmi::Client::Jmx::Server::Parser 2015-03-24 17:30:06 -05:00
jvazquez-r7 0a352fc7d4
Finish specs for Msf::Java::Rmi::Client::Jmx::Connection::Builder 2015-03-24 17:06:05 -05:00
jvazquez-r7 115c4e5a06
Add first specs for Msf::Java::Rmi::Client::Jmx::Connection::Builder 2015-03-24 16:37:05 -05:00
Matt Buck c26dfa263d
Ensure IP addresses are explicitly converted to strings 
MSP-12113
 2015-03-24 16:26:00 -05:00
jvazquez-r7 82d545850e
Add specs for Msf::Java::Rmi::Client::Jmx::Server::Builder 2015-03-24 16:04:18 -05:00
jvazquez-r7 87cac6fd55
Complete specs for Msf::Java::Rmi::Util 2015-03-24 15:41:32 -05:00
jvazquez-r7 48026da35f
Fix RMI specs 2015-03-24 15:14:36 -05:00
jvazquez-r7 0a07bb4d17
Add a couple of specs for Rex::Proto::Rmi::Model::ReturnValue 2015-03-24 15:08:59 -05:00
Christian Mehlmauer 7bf00f8f47
Land #4789, @rastating WPLMS wordpress module 2015-03-24 20:46:38 +01:00
James Lee 023f47f19a
Use build instead of create 2015-03-24 13:17:42 -05:00
James Lee b9934cfd3f
Add workspace to ensure consistency with session 2015-03-24 13:14:55 -05:00
James Lee 13a899b3d2
Use a named subject 2015-03-24 13:13:54 -05:00
James Lee 414983ac8c
Merge branch 'feature/MSP-11925/create-user-data' into staging/single-vuln-push 
Conflicts:
	Gemfile.lock
 2015-03-24 12:42:08 -05:00
Christian Mehlmauer 6eedf6ac03
Land #4975, egghunter tool, Resolve #4944 2015-03-24 06:20:30 +01:00
Christian Mehlmauer 71c544c3c5
added newline at end of file 2015-03-24 06:19:27 +01:00
sinn3r 3c4da5c3ff Update BES rspec 2015-03-24 00:10:18 -05:00
HD Moore c7da9d6f79 Move file: prefix checks out of option class specs (would need to go into console test specs at some point) 2015-03-23 15:09:22 -05:00
jvazquez-r7 79068c8ec2
Delete JMX discovery stream 2015-03-23 10:21:37 -05:00
sinn3r 01caf161f8 Fix syntax error in db_spec.rb 2015-03-23 01:35:26 -05:00
sinn3r 2e75d14d56 Update rspec 2015-03-23 00:53:55 -05:00
Spencer McIntyre 7282968d8a Python reverse HTTPS stager 2015-03-21 12:43:14 -04:00
sinn3r 675f96ecd1 Don't need this require 2015-03-20 23:32:23 -05:00
sinn3r 96bcdd211c Finished rspec 2015-03-20 20:53:04 -05:00
sinn3r 470464874f The important test cases I want to cover 2015-03-20 16:53:42 -05:00
sinn3r 2fda115110 rspec starter 2015-03-20 16:46:09 -05:00
jvazquez-r7 1226b3656f
Land #4945, @wchen-r7's login scanner for Symantec web gateway 2015-03-20 14:44:05 -05:00
jvazquez-r7 e257e742e0
Fix require 2015-03-20 14:26:55 -05:00
jvazquez-r7 62871255b0
Match class and file names 2015-03-20 14:25:20 -05:00
jvazquez-r7 eb73da2f39 Clean specs 2015-03-20 14:19:02 -05:00
sinn3r b19f766728
Land #4942, Gitlab Login Scanner 2015-03-20 13:02:12 -05:00
William Vu cf645772b6
Land #4960, hosts -i, -n, and -m support 2015-03-19 21:34:14 -05:00
jvazquez-r7 da51d2be67
Really add specs for Msf::Java::Rmi::Client::Registry::Parser 2015-03-19 19:07:42 -05:00
jvazquez-r7 6eecbc3de1
Add specs for Msf::Java::Rmi::Client::Registry::Builder 2015-03-19 18:24:31 -05:00
sinn3r 6c84081552 Update db_spec.rb 2015-03-19 18:12:37 -05:00
jvazquez-r7 ec90594f7e
Add support for Rex::Java::Serialization::ProxyClassDesc 2015-03-19 15:41:24 -05:00
OJ 7899881416 Update POSIX bins from master 2015-03-19 14:50:14 +10:00
Meatballs a5d589ef55
Railgun calls should return a hash 2015-03-19 00:05:02 +00:00
Meatballs 975ddc9092
Add some spec mockery 2015-03-18 23:43:46 +00:00
jvazquez-r7 8113ed2e1f
Move specs 2015-03-18 09:29:37 -05:00
jvazquez-r7 0968f14ac1
Add specs for CallData 2015-03-17 20:53:02 -05:00
jvazquez-r7 6315e07312 Add specs for UniqueIdentifier 2015-03-17 20:38:43 -05:00
jvazquez-r7 4bc4936083 Add specs for ReturnValue 2015-03-17 17:30:53 -05:00
jvazquez-r7 87b777e923
Refactor moving code to rex 2015-03-17 17:15:32 -05:00
sinn3r 78ec4c91e8 Completed rspec 2015-03-17 16:15:12 -05:00
Matt Buck f29a3f69e9 Merge branch 'master' into staging/rails-4.0 
Conflicts:
	Gemfile.lock
	metasploit-framework-db.gemspec
 2015-03-17 15:47:48 -05:00
sinn3r ee276434a4 Update swg spec, looking good so far 2015-03-17 15:15:32 -05:00
sinn3r d5b77d053b Update for rspec 2015-03-17 12:14:58 -05:00
sinn3r 503fb602f9 Get rspec going 2015-03-17 12:01:46 -05:00
jvazquez-r7 2d8782d711 Fix RMI specs 2015-03-17 11:48:38 -05:00
jvazquez-r7 ebe7ad07b0 Add specs, plus modify java_rmi_server modules 2015-03-17 11:26:27 -05:00
Meatballs 2c6b904c02
Correct spec too 2015-03-17 11:36:36 +00:00
Meatballs f4a1e981ab
Add gitlab login scanner 2015-03-17 11:19:23 +00:00
Brent Cook abb8a32e68 update spec for dynamic meterpreter payloads 2015-03-16 18:08:13 -05:00
Brent Cook b68e05e536
Land #4914, @hmoore-r7 and @BorjaMerino winhttp stagers 2015-03-13 08:24:11 -05:00
William Vu fa2fbc387c
Land #4922, REG_MULTI_SZ for type2str 2015-03-13 01:07:27 -05:00
HD Moore 66a45ac7fd Add spec for reverse_winhttps 2015-03-11 16:29:22 -05:00
HD Moore ea1bc69e2e Merge branch 'master' into feature/add-reverse_winhttp-stagers 2015-03-11 14:29:34 -05:00
Brent Cook ceeee4446f
Land #4904, @hmoore-r7 reworks reverse_http/s stagers 
They are now assembled dynamically and support more flexible options,
such as long URLs.
 2015-03-11 10:41:59 -05:00
HD Moore cb1a1ef692 Remove bad stager+stage combinations from the payload set 2015-03-11 00:46:24 -05:00
James Lee cb41154712
Make a MatchResult when sessions are reported 2015-03-10 15:17:57 -05:00
HD Moore db351317a5 Merge with PR branch 2015-03-10 14:08:35 -05:00
HD Moore 0f763c2cb3 First step to reworking the winhttp stagers 2015-03-10 14:07:25 -05:00
Borja Merino 991e72a4fa HTTP stager based on WinHttp 2015-03-10 13:40:16 -05:00
HD Moore 966848127a Refactor x86 Windows reverse_http and reverse_https stagers 2015-03-10 12:48:30 -05:00
HD Moore d0324e8ad3 Final cleanup, passing specs 2015-03-09 15:50:57 -05:00
James Lee 838746b021
Add user_data_is_match? method 2015-03-09 15:35:53 -05:00
HD Moore 60145ad9a1 Cosmetic tweaks to the specs 2015-03-09 15:08:11 -05:00
HD Moore 7dc0af443f Rework specs 2015-03-09 14:41:25 -05:00
HD Moore 33f96f5c31 Remvoe the useless pinst variable from the previous test 2015-03-09 13:59:58 -05:00
HD Moore f61c3f33bd Validate cached_size and dynamic_size? in the payload specs 2015-03-09 13:58:18 -05:00
James Lee ff91953f92
Whitespace 2015-03-09 08:58:25 -05:00
James Lee 9195479a6d
Add a context for without user_data 2015-03-09 08:56:52 -05:00
James Lee b37a975108
Use metasploit_data_models staging branch 2015-03-09 01:28:27 -05:00
James Lee cd5699dc39
Sort cases and add specs 2015-03-08 23:27:32 -05:00
jvazquez-r7 38f8fe382c Update specs 2015-03-05 12:24:41 -06:00
jvazquez-r7 1c064f6b46
Land #3074, @0x41414141 SMB Share mixin 2015-03-04 10:16:04 -06:00
jvazquez-r7 a57aefb721 Add specs for QUERY information level 2015-03-03 15:24:13 -06:00
jvazquez-r7 96c0f1847b Fix examples descriptions 2015-03-03 14:48:18 -06:00
jvazquez-r7 7f7b17c04e Really add specs 2015-03-03 14:14:03 -06:00
jvazquez-r7 df7c07bfd1 Really add the specs 2015-03-03 13:19:50 -06:00
jvazquez-r7 a2a24c56d6 Add specs for QueryFileInformation 2015-03-03 13:04:30 -06:00
jvazquez-r7 1322cb0d3f Clean find_first2 specs 2015-03-03 12:46:25 -06:00
jvazquez-r7 8328c5c5e9 Add specs for SMB_FIND_FILE_BOTH_DIRECTORY_INFO requests 2015-03-03 12:43:41 -06:00
jvazquez-r7 597f99ade9 Finish TRANS2 specs 2015-03-03 11:46:13 -06:00
jvazquez-r7 a204b550d2 Add specs for TRANSACTION2 helper methods 2015-03-03 10:55:55 -06:00
jvazquez-r7 bece2e7088 Really add the specs 2015-03-03 10:32:35 -06:00
jvazquez-r7 4bbc0b5b0b Fix valid_request on negotiate_spec 2015-03-02 17:39:39 -06:00
jvazquez-r7 a92dc7e73d Fix nt_create_andx specs 2015-03-02 17:38:24 -06:00
jvazquez-r7 4fc08d7243 Add specs for Msf::Exploit::Remote::SMB::Server::Share::Command::ReadAndX 2015-03-02 17:32:03 -06:00
jvazquez-r7 b5e5d390ac Add specs for Msf::Exploit::Remote::SMB::Server::Share::Command::NtCreateAndx 2015-03-02 16:55:36 -06:00
jvazquez-r7 584e5f7d8b Add specs for Exploit::Remote::SMB::Server::Share::Command::Negotiate 2015-03-02 16:29:33 -06:00
jvazquez-r7 50f5baa7c6 Add specs for Msf::Exploit::Remote::SMB::Server::Share::Command::Close 2015-03-02 16:00:02 -06:00
rastating 00c4d704f2 Update rspec to include new functionality 
Added a new test for testing when all versions of a plugin are
vulnerable and added tests for checking theme versions from the
style.css file
 2015-02-26 21:18:51 +00:00
William Vu 3efae77212 Use /dev/null instead of /etc/passwd 
File.read returns "" on /dev/null. Don't try it on /dev/zero. :-)
 2015-02-26 14:19:25 -06:00
William Vu f625ad4f9c Remove unnecessary tests in spec 2015-02-26 14:12:39 -06:00
William Vu 4aedd7e5d3 Fix spec for fsquery support 2015-02-25 18:14:17 -06:00
William Vu a543eccdb4 Add FSQUERY test to spec 2015-02-25 17:18:29 -06:00
William Vu af5e0ec0d6 Update spec with a couple more cases 
Also fix a bad copypasta.
 2015-02-25 16:43:40 -06:00
William Vu 513d11ce93 Complete replacement of "pathname" with "path" 
See e8c2c3687d.
 2015-02-25 15:52:26 -06:00
William Vu c95855ff11 Add fsdelete test to spec 2015-02-25 15:44:12 -06:00
William Vu 26cbeb011b Add fsdownload test to spec 2015-02-25 15:00:37 -06:00
William Vu f61fb0555d Add case-insensitive test of delete 2015-02-25 10:47:36 -06:00
William Vu 36e40f02c9 Fix delete in datastore spec 
I was tired and accidentally a should. :(
 2015-02-25 10:47:32 -06:00
William Vu 2a66a6ae88 Add delete to datastore spec 2015-02-24 20:57:38 -06:00
sinn3r 12a99ecee5
Land #4796, Handle incompatible payload architecture in BES 2015-02-24 10:02:25 -06:00
William Vu 8c5ff858d0
Land #4812, hp_sys_mgmt_login configurable URIs 2015-02-23 19:04:14 -06:00
HD Moore 8b0354b193 Fix the SSL boolean test 2015-02-23 14:29:28 -06:00
sinn3r fb9a054713 Fix rspec 
The login URi is user-configurable so we shouldn't dictate this
anymore.
 2015-02-20 22:08:09 -06:00
Brent Cook 641b67469d add payload specs for reverse_http_proxy_pstore 
PR predated the spec
 2015-02-20 12:23:51 -06:00
sinn3r 1835120851 Update rspec for get_payload in BES 2015-02-19 02:45:54 -06:00
Matt Buck e397ecec9d Merge branch 'upstream-master' into staging/rails-4.0 2015-02-18 15:05:39 -06:00
HD Moore 2847507f03 Add a chef brute force module 2015-02-17 23:49:57 -06:00
HD Moore 27d5ab45b4 Add a zabbix brute force module 2015-02-17 22:56:08 -06:00
Meatballs 0debbbb948 Fixup spec 2015-02-16 19:07:55 +00:00
Matt Buck d4d1dc09f3
Merge branch 'master' into staging/rails-4.0 
Conflicts:
	Gemfile.lock
	db/schema.rb
	metasploit-framework-db.gemspec
	metasploit-framework.gemspec
 2015-02-13 16:13:18 -06:00
Meatballs 33560a2657 Refactor Msf::Exploit::Powershell to Rex::Powershell to allow for 
msfvenom usage.
 2015-02-10 20:53:46 +00:00
jvazquez-r7 b8f614ef59
Fix namespaces in specs 2015-02-10 12:00:04 -06:00