Commit Graph

349 Commits (e17a788ab5e578974b8618b7f926dd07343af617)

Author SHA1 Message Date
Brandon Turner 91bb0b6e10 Metasploit Framework 4.9.3-2014072301
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJT0CeVAAoJEJMMBVMNnmqO/7AP/0CBRHjtgiR9VnFKSQ+iWTQV
 iPNMBevn0mpSRq/gpoKCeFBZ6b+YQYrOLXDKVk62VV9LCslkr/P8LW8ul+m+JtB0
 mM6V5esUXM1XhgGEyTnTLRx6BR/WQU1RHlb56ae3nZjQlwCuH/5zEmcy5toZxpsY
 6HO46zE0GGBoLr/VgyYlfT08bfoQ+ICyJN0H5ixoovCc3iW0K1MNqLMfdani8zBJ
 gYJaMysV7XtepumWWQMSC+b/EuertdXXzWDy2bwe0Q3cQXNXzrkPAvtMqucWG+gy
 783OLKCPtVoEZiX87xAptkwmVCRdNGPclaWH7YRZDAh1tqBfRQUg72V/TIrOHCP1
 /lYO7yp5pBQg+1UNnpH+xI2YePFfYdHpYDNT5FSQGOnQjJg30ll4SqCm7cVmo2h5
 BRSYXkPCsQeXGaFarxGERNb8e+qN/WzSrHzY45tQw8mDuhg94tlf3VtDag3FXxhj
 zCxd6bu+tdboVm7FERS85T46kxzmeIycZ4p+Sf7d8gXitl2RKbBdKFNDi1gzeK1T
 yN7bDl4sL7qtDgZLXjFrnyC8vXyAqIrAgmFr2JywMBRm6TiCGQvgnrs+sScU3RFU
 W2tblGbKQq+CwDeC59uQPqxRkm72SMUrKX9448VEQ+9XbKE3TMQ5Q4qCxmnw31Op
 aJ0QgKJz8thZgafZc89I
 =e1z9
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCgAGBQJT4pb8AAoJEA+Ckxyj7hsHn+8P/3FlEYCmoqQ/JzsVtmP3Yi4Q
 gBRva+crY831mCCQXFrPJBvWfmy5HOzVh+Zh7zWF0GQ1WuuMppHfR5ARFVwmiDs3
 qwndhXwziDzBnznf0JKSgT5eJsH23s/ots1lyWymKJvPuT6hn6MRAHUawgnNmYR9
 ttnawmHvCM9Iha2oz3nmkLcNd+83bdBfEWi5l8AQ7jJxwMC2/8VPpMscVVwXqPzd
 CoQugAYZW5VeaEiGio5+19Ix9EPkIDvs6wnfGBtfPfeaOIDZV4XOFoIFUtEeZd5o
 olvEpYvdqscy4Qujzn4C++3wX3bUxkIbHTJHgrKmlD83dI7Cu1JH716G+yfLoJo0
 pQBWTGeWYKEh6leK/9J5Bo1/tOJ/ylbcbvH0Y0tmdu4icHar6uYe1QBrCB9xIdh1
 F+xo4guYnVo616DXJQSwjIye83b5dBxACrfA3bqCnFVFgTM5jXGV1cqiBgs9Dl++
 tIDPgUJkCe/bIdQ7PntlGRzxKihHahlxhCa++YaGKqSq7gXie8Rl4qgloIrbfNZ/
 z3XsoOLNdbMGO7ip88Zjwq4Khj5WZu7ijfCtXO7GU1UJZL1tJ2yK2ic7ZDLc251Y
 8EGMSTG53+6yvZYFtWMZeQzjwD2cpuF04dOmHOKi6KGJJ7KRPhn6gpsbc6U1mbH9
 AjGcfOzhhcsY+WAQ7OG+
 =Pjob
 -----END PGP SIGNATURE-----

Merge tag '2014072301' into staging/electro-release

Conflicts:
	Gemfile.lock
	modules/post/windows/gather/credentials/gpp.rb

This removes the active flag in the gpp.rb module.  According to Lance,
the active flag is no longer used.
2014-08-06 15:58:12 -05:00
darkbushido ad6eed01a2
.to_credential now assigns a parent
Metasploit::Credential::Core#to_credential will set the parent to the original core objext
Metasploit::Framework::Credential#to_credential also sets the parent to itself.
2014-07-31 14:52:27 -05:00
David Maloney 939e585658
refactor all loginscanners
loginscanners now use LoginStatus constants
for the result statuses
2014-07-15 13:17:56 -05:00
David Maloney 846679bef9
change Result status
result bojects now use Login::status constants
for their status
2014-07-15 11:39:38 -05:00
James Lee 4b16985eb8
Stop trying more creds for a user after success
This is more like the behavior of the old AuthBrute mixin, where a
scanner module was expected to return :next_user in the block given to
each_user_pass when it successfully authenticated.

The advantage is a reduced number of attempts that are very unlikely to
be successful since we already know the password. However, note that
since we don't compare realms, this will cause a false negative in the
rare case where the same username exists with different realms on the
same service.

MSP-10686
2014-07-10 17:48:58 -05:00
David Maloney 8833429987
make shared example usage more readable
this seems less obtuse
2014-07-10 12:58:13 -05:00
David Maloney 7dc58d060e
make only one each method
made the one true enumerator of credentials
for the login_scanner.

also covered the wierd http case where it can have a realm key
but no default realm.
2014-07-10 12:35:09 -05:00
David Maloney 25ee278097
strip vestigial realms
in the cases where we don't want a realm we should be
stripping it from the credential so we can build accurate results
2014-07-09 17:46:56 -05:00
David Maloney c7b37743ef
working realm coercion
LoginScanners will now figure out
the right thing to do about Realms
based on attributes of the Scanner itself
2014-07-09 15:56:39 -05:00
David Maloney 24fced822e
coerce realm_key when it exists
if the cred has a realm and the loginscanner
has a realm_key, make the credential use the
scanner's realm key
2014-07-09 14:58:20 -05:00
David Maloney 766b50b5e0
REALM_KEY not _TYPE
arg typos
2014-07-09 14:01:41 -05:00
James Lee cff2e1a1c1
And remove specs referencing obsolete accessors 2014-07-07 12:37:14 -05:00
HD Moore 4ff211ec8d Fix the spec to allow for 1 or more spaces between 2014-06-30 13:18:43 -05:00
Lance Sanchez c1877cfba2
fixing the broken to_credential test
MSP-9912
2014-06-27 10:06:38 -05:00
Lance Sanchez b5351eec2b
adding .to_credential
Metasploit::Framework::Credential and Metasploit::Credential::Core
need to be consumable by the login scanners. the easiest way to do this
was to create a shared to_credential method on both that return Metasploit::Framework::Credential

MSP-9912
2014-06-26 11:05:59 -05:00
Lance Sanchez 07d548caeb
dropping lib from shared examples
MSP-9912
2014-06-25 14:32:43 -05:00
Luke Imhoff af99c0c01e
Remove `should_receive(:with_connection)` from specs
MSP-10127

Causes specs to randomly fail when with_connection calls from
before(:each) or after(:each) are intercepted by the should_receive
call.
2014-06-19 16:24:53 -05:00
navs ccf967fdfe added support to msfpayload to use elf so payload target 2014-06-19 00:59:49 -05:00
dmaloney-r7 ff8e6d2c50 Merge pull request #45 from rapid7/feature/MSP-9988/credential-collection
Add a CredCollection class and refactor WinRM bruteforce module
2014-06-06 11:53:28 -05:00
David Maloney 90b52814b1
fix some spec issues for recent changes 2014-06-06 11:52:49 -05:00
Luke Imhoff 5ae5448005
Join killed threads to ensure cleanup
MSP-9653
2014-06-05 12:40:24 -05:00
Luke Imhoff ca63d2201e
Update init_module_paths spec to match Rails::Engine behavior
MSP-9653
2014-06-02 14:26:35 -05:00
James Lee 5d1a0397ed
Add Tomcat login scanner 2014-05-21 14:28:54 -05:00
James Lee 9582d82fba Merge remote-tracking branch 'private/staging/electro-release' into feature/MSP-9687/winrm-loginscanner 2014-05-15 13:59:48 -05:00
James Lee 99f8fbbc9c
Add WinRM login scanner
* Genericizes HTTP a bit to make these kinds of HTTP-based scanners
  simpler and easier
* Adds support for default ports to HTTP. This should probably be
  rafactored up into Base
* Removes spec that complains about port being unset (which now fails
  because defaults ensure it's always set)
2014-05-14 14:35:49 -05:00
dmaloney-r7 acaf713229 Merge pull request #17 from rapid7/feature/MSP-9606/metasploit-credential
Run migrations from Metasploit::Credential and initialize its concerns which patch Mdm
2014-05-14 11:15:07 -05:00
James Lee 08a7acef3f
Make sure fail case is correct
`rand(1000)` would return 0 one in a thousand times, causing this test to
randomly fail at that interval
2014-05-14 10:22:47 -05:00
Luke Imhoff 3370465d84
Use railties to load Metasploit::Credential correctly
MSP-9606

In order to support Metasploit::Credential correctly,
metasploit-framework needs to support Metasploit::Concern, which does
all its magic using a Rails::Engine initializer, so the easiest path is
to make metasploit-framework be able to use Rails::Engines.  To make
Rails::Engine use Rails::Engine, make a dummy Rails::Application
subclass so that all the initializers will be run when anything requires
msfenv.
2014-05-12 15:03:51 -05:00
James Lee 3831042dca
Add specs, validations for LoginScanner::SMB 2014-05-09 18:58:49 -05:00
David Maloney acbff23c32
final wrap-up specs
successkid.jpg
2014-05-07 16:07:18 -05:00
David Maloney ec974535ac
create base object for mssql scanner
created skeleton for MSSQL Loginscanner
included concerns.

also added an NTLM concern and shared example group
2014-05-07 14:43:15 -05:00
David Maloney 507fe566a4
Merge branch 'master' into staging/electro_release 2014-05-06 11:36:19 -05:00
David Maloney 5e6f57f711
fix up some more specs
some spec cleanup and added basic specs
to the HTTP LoginScanner
2014-05-01 12:10:51 -05:00
David Maloney 0dd22395eb
use credential objects inside results
altered results to just hold a credential
object instead of duplicating attributes
2014-04-30 17:17:57 -05:00
David Maloney 4995fcdced Shared Examples for RexSocket mixin
shared example group for the Loginscanner RexSocket
mixin. Pretty simple stuff, just trying to keep it
DRY.
2014-04-30 15:47:52 -05:00
David Maloney 1cd3f3f0da
finished first shared example group
base behaviour is now defined in shared
example group and the specs all use that
shared example group
2014-04-30 14:40:37 -05:00
David Maloney a4cc311106
test base behaviour in shared examples
start moving specs to a shared example group
for all behaviour defined by the LoginScanner
Base
2014-04-30 14:35:29 -05:00
Rick Farina (Zero_Chaos) f35314b9f0 adjust Msf::Util::EXE for newer file output
Newer releases of File have a much different output when given a jar
file. Adjust regex per egyp7's suggestion to close bug 8792 on redmine.

Failure/Error: verify_bin_fingerprint(format_hash, bin)
expected: /zip/i
got: "/dev/stdin: Java archive data (JAR)\n" (using =~)

Tested and confirmed working with file 5.17 on Gentoo Linux.
2014-04-22 02:21:09 -05:00
Timothy Swartz cce354762d Altered case by request 2013-12-31 16:09:11 -08:00
Timothy Swartz fc792bdaae Fix for Rspec failure in Msf::Util::EXE
[FixRM #8723]
2013-12-21 02:49:44 -07:00
sinn3r 8ab7964aa7 improve regex 2013-11-11 15:29:34 -06:00
sinn3r 9b3211af6b Add regex patterns for OSX files 2013-11-11 15:20:00 -06:00
Tab Assassin 2e8d19edcf Retab all the things (except external/) 2013-09-30 13:47:53 -05:00
Meatballs 8a9843cca6
Merge upstream/master 2013-09-27 20:02:23 +01:00
Meatballs 695fdf836c Generate NonUAC MSIs 2013-09-21 13:13:18 +01:00
Meatballs 85ea9ca05a Merge branch 'master' of github.com:rapid7/metasploit-framework into msi_payload 2013-09-21 12:49:38 +01:00
Meatballs 11bdf5d332 New pull 2013-09-19 19:57:38 +01:00
Brandon Turner 35ec21cc97 Update test gems
This should not affect core Metasploit Framework as it only updates gems
in the test group (and dependencies of those gems).
2013-09-06 09:34:05 -05:00
Brandon Turner 4760000bca Replace mock with double in specs
mock is deprecated - https://www.relishapp.com/rspec/rspec-mocks/docs
2013-09-06 09:34:05 -05:00
Meatballs 53c3f6b2db Deconflict 2013-08-30 10:52:42 +01:00
James Lee eba6762977 Land #2270, Util::EXE refactor
With a minor rebase to fix a commit message

[Closes #2270]

Conflicts:
	spec/support/shared/contexts/msf/util/exe.rb
2013-08-28 21:49:59 -05:00
Meatballs fbbfb0a26d Merge and rescue ex correctly 2013-08-28 21:39:56 -05:00
Meatballs 239fd4840e Update spec 2013-08-25 19:21:05 +01:00
Meatballs 9ea17ef1e1 Merge upstream 2013-08-24 03:34:02 +01:00
Meatballs ffc575dcc2 Whitespace in spec 2013-08-24 00:47:16 +01:00
Meatballs 9e2d9da017 Make spec exercise non-exes 2013-08-24 00:33:06 +01:00
sinn3r 92d57ef37d Fix merge conflict
Conflicts:
	msfvenom
2013-08-13 00:00:16 -05:00
James Lee 55147d9bde Fix regex to work on OSX's file(1) 2013-08-06 14:00:35 -05:00
sinn3r ed51d284fa Change name, change how data is passed, fix rspec 2013-07-24 17:15:56 -05:00
William Vu d493346691 Land #2137, fixes and specs for Opt containers 2013-07-23 15:58:09 -05:00
lsanchez-r7 03cd3ff4eb adding new lines to the end of files. 2013-07-22 16:26:45 -05:00
David Maloney d6f2b28708 More opt specs 2013-07-20 17:37:39 -05:00
lsanchez-r7 18200c8490 passing all of my changes into rubymines formatter
this should convert everything over to tabs
fixing a filename error and some white space at the EOL
2013-07-20 17:32:05 -05:00
David Maloney 7c8f7329e9 integrate with egypt's already better specs 2013-07-20 16:46:16 -05:00
lsanchez-r7 49bb484d14 Adding in specs for ui command dispatchers
SEERM #4821
while looking into what it would take to fix bug 4821, I found that there are no specs
for any of the other methods in command dispatcher. I have attempted to add stubs for a
few of the methods and tested a few of the help outputs.
2013-07-18 12:56:21 -05:00
James Lee 00c7581099 Fix constant names and 'exe-only'
That'll teach me to commit before the specs finish.

Really [FixRM #8149]
2013-07-06 12:39:15 -05:00
James Lee 1b504197be Check equality instead of regex
Thanks, @Meatballs1 for finding the cause of this bug!

[FixRM #8149]
2013-07-06 12:29:37 -05:00
James Lee 60a7ad551e Derp, missed file 2013-07-05 17:02:45 -05:00
James Lee 0f2ea755c5 Add encoding comment to spec files for 2.0 compat 2013-06-07 13:27:39 -05:00
Luke Imhoff e0e348a17e Specs to ensure File.mtime error is caught.
[#47720609]
2013-05-30 13:09:40 -05:00
Luke Imhoff 4ba571346e Spec Msf::Simple::Framework#init_module_paths
[#47720609]
2013-05-24 12:33:42 -05:00
Luke Imhoff 1a487e476d Merge branch 'master' into bug/module-load-cache-update 2013-05-23 14:23:14 -05:00
Luke Imhoff 2b70ec2e08 Payload compatible cache_in_memory
[#47720609]

Msf::PayloadSet#add_module does NOT return an annotated module class as
Msf::ModuleSet#add_module does because a payload module is defined as a
ruby Module instead of a ruby Class.   Since add_module doesn't always
return an annotated_class, the logic in
Msf::ModuleManager#on_module_load needed to change to NOT use
annotated_class and create #add_module as return [void].  Thus, it is
necessary to pass in all the metasploit module metadata to
Msf::ModuleManager#cache_in_memory instead of assuming they can be
derived from the (payload) Module or (other) Class.
2013-05-22 16:06:02 -05:00
Luke Imhoff 57576de85f Update in-memory cache to fix file_changed?
[#47720609]

Msf::ModuleManager#module_info_by_path was not being updated when a
module was loaded, so if a load_module was called again, say during
start up of prosvc, the module would reload even though there was no
change in the file because file_changed? couldn't find an entry for the
module's path in module_info_by_path.
2013-05-22 12:28:42 -05:00
Luke Imhoff eede80509f Reuse appropriate terminology in docs
[#47720609]

Fix some docs and variable names to make it clearer when methods are
expecting module instance and module classes.  Change some 'name'
variables to 'reference_name' since that's the proper terminology.
2013-05-21 08:19:47 -05:00
Luke Imhoff a70d63ebad Spec Msf::ModuleManager#on_module_load
[#47720609]
2013-05-20 14:52:37 -05:00
Luke Imhoff 89bd5b4791 Reset column information after running migrations
[#50179803]
[SeeRM #7967]
[SeeRM #7870]

Because metasploit-framework runs migrations with the same process and
with the same connection as it later accesses the database, the column
information can become cached prematurely and be incorrect by the end of
the migrations.  Fix the bad cache by automatically resetting the column
information for all model classes after the migrations have run.
2013-05-20 13:08:07 -05:00
Luke Imhoff 0e435d378c Move Msf::DBManager#migrate(d) to module
[#50179803]

Move Msf::DBManager#migrate and the migrated attribute to
Msf::DBManager::Migration module to lower complexity of db_manager.rb
and in preparation for more migration related code on this branch.
2013-05-20 12:45:17 -05:00
Luke Imhoff c8657fb46b Fix Mdm::Module::Detail#stance bug
[#49858419]
[SEERM #7958]

metasploit_data_models 0.14.3 relaxes the validation on
Mdm::Module::Detail#stance so it only needs to be in
Mdm::Module::Detail::STANCES if Mdm::Module::Detail#mtype is 'auxiliary'
or 'exploit' as framework only supplies a stance for those types when
using Mdm::Module::Detail.
2013-05-17 11:58:10 -05:00
Luke Imhoff bc92b43408 Update to metasploit_data_models 0.11.0
[#47979793]
2013-05-09 13:25:26 -05:00
Luke Imhoff a5648a8830 Merge branch 'master' into feature/mdm-module-namespace
Conflicts:
	Gemfile
	Gemfile.lock
	lib/msf/core/db_manager.rb
2013-05-08 13:22:41 -05:00
Luke Imhoff 249a09cd52 Update to metasploit_data_models 0.7.1
[#47979793]
2013-04-26 13:14:38 -05:00
James Lee e2dece6f0e Make sure xor encoders work with odd padding 2013-04-25 15:45:06 -05:00
Luke Imhoff 24b97137ea Msf::DBManager Mdm::Module* specs
[#47979793]
2013-04-25 09:46:53 -05:00
Luke Imhoff 492b081280 Msf::DBManager::Export#extract_module_detail_info spec
[#47979793]
2013-04-20 16:44:42 -05:00
Luke Imhoff 3bf3cfccc6 Use be_within to loosen tolerance for Time comparisons
[#47979793]
[#48414569]

Even though using Timecop locally on OS X makes the `should == <Time>`
work, it fails on travis-ci, so try using `should
be_within(1.second).of(<Time>)` instead.
2013-04-19 12:07:12 -05:00
Luke Imhoff 2c681005c0 Msf::ModuleManager::Cache spec coverage
[#47979793]
2013-04-15 13:08:12 -05:00
Luke Imhoff 0709395570 Msf::ModuleManager::Loading shared example
[#47979793]
2013-04-12 15:18:16 -05:00
Luke Imhoff ff7a8e6351 Msf::ModuleManager::ModulePaths shared example
[#47979793]
2013-04-12 15:14:04 -05:00
Luke Imhoff 7d5f010e4e Fix typo in spec let
[#46491831]

The root element was web_page in the source for example that tests that
import_msf_web_vuln_element creates an Mdm::WebVuln.  The root element
name did not actually matter for the example, but it looked like an
error and was confusing to read the setup that root element was web_page
instead of the correct web_vuln.
2013-04-02 09:11:43 -05:00
Luke Imhoff 0bb79ba890 Msf::DBManager#import_msf_xml refactor
[#46491831]

Move Msf::DBManager#import_msf_xml into
Msf::DBManager::ImportMsfXml#import_msf_xml and include
Msf::DBManager::ImportMsfXml to cut down size of the infamous db.rb.
Break up #import_msf_xml to have separate methods for parsing web_forms,
web_pages, and web_vulns.  The method for
web_vulns, #import_msf_web_vuln_element is needed so that it can be overridden in
Pro to handle the Pro-only changes to Mdm::WebVuln.
2013-04-01 16:06:40 -05:00
Luke Imhoff 8c6a9d5622 Turn shared prefixes into directories
[#46491831]

Change the shared msf_modules_* prefixes in spec/support/shared/* into
directories.
2013-03-28 15:39:07 -05:00
James Lee 2ee0c0d8fb Add simple specs for Rex::Encoding::Xor* 2013-01-15 16:59:01 -06:00
James Lee cf93a81110 Add specs and pending examples for more Opt*s
[SeeRM #7535]
[SeeRM #7536]
[SeeRM #7537]
[SeeRM #7539]
[SeeRM #7540]
2012-11-29 16:35:50 -06:00
James Lee 7f34586780 Add specs for several Opt* classes 2012-11-29 14:40:25 -06:00
James Lee 57bb23ce3d Fix 1.9ism that breaks specs on 1.8 2012-11-08 09:55:29 -06:00
Luke Imhoff 16407f91c8 Rescue Errno::ENOENT from File.open in read_module_content
[Fixes #38426061, #38097411]

Msf::Modules::Loader::Directory#read_module_content may calculate a non-existent
module_path that gets passed to File.open causing an Errno::ENOENT exception
to be raised when using the module cache with a module that has been
moved to a new path (as is the case that originally found this bug) or
deleted.  Now, the exception is rescued and read_module_content returns
an empty string (''), which load_module detects with
module_content.empty? and returns earlier without attempting to module
eval the (empty) content.

As having Msf::Modules::Loader::Directory#read_module_content rescue the
exception, meant there was another place that needed to log and error
and store an error in Msf::ModuleManager#module_load_error_by_path, I
refactored the error reporting to call
Msf::Modules::Loader::Base#load_error, which handles writing to the log
and setting the Hash, so the error reporting is consistent across the
loaders.

The exception hierarchy was also refactored so that
namespace_module.metasploit_class now has an error raising counter-part:
namespace_module.metasploit_class! that can be used with
Msf::Modules::Loader::Base#load_error as it requires an exception, and
not just a string so the exception class, message, and backtrace can be
logged.
2012-11-06 17:38:38 -06:00
Luke Imhoff 471ac6d15d Use typed_enable?(type) instead of protected enablement_by_type[type]
Msf::Modules::Loader::Archive#each_module_reference_name tried to check
the enabled types for the module_manager by accessing the
enabledment_by_type Hash, which is protected.  Instead, it should use
the public type_enabled? method.

Add specs to test all of Msf::Modules::Loader::Archive while testing
each_module_reference_name.  In order to properly test that modules
could be found in archives, I had to produce a fastlib archive, so there
is now a spec for FastLib.dump and FastLib.load.  Some specs are marked
pending as I found a bug in FastLib, which has a work-around.  The bug
is filed in PivotalTracker as
https://www.pivotaltracker.com/story/show/38730815 and the pending tests
include the URL also in their tags.
2012-10-31 11:43:28 -05:00
Luke Imhoff 69a8739d52 Pass module_path instead of parent_path to file_changed?
[Fixes #37630057]

Modules were always being detected as having file changes because the
parent_path directory, instead of the actual module_path, was being
passed to module_manager.file_changed?, which caused the modification
times to not match.

To ensure this change fixes the ambiguous module warnings, a full spec
for Msf::Core::Modules::Loader::Base has been written.

spec/msf has moved to spec/lib/msf to match conventional spec layout and
allow for the spec/support directory to not be confused as a lib
subdirectory being tested.
2012-10-24 15:11:53 -05:00