b1136752be
Add Credential#== to facilitate specs
2014-06-05 11:37:48 -05:00
262deac155
Fixing the failing specs
...
for some reason on my box sock.closed? isnt being called. stubbing it out
Kernel.select is being called and cant cast a mock object to an IO object
ok to fix this I'm stubbing select on the scanner object then the call wont
get passed onto the Kernel module
2014-06-05 11:21:34 -05:00
41644970bf
Add a CredentialCollection
...
Also moves Metasploit::Framework::LoginScanner::Credential to
Metasploit::Framework::Credential
2014-06-04 13:01:09 -05:00
ca63d2201e
Update init_module_paths spec to match Rails::Engine behavior
...
MSP-9653
2014-06-02 14:26:35 -05:00
1295028595
Remove unneeded MetasploitDataModels.require_models
...
MSP-9653
Models are loaded using railties features.
2014-06-02 13:54:38 -05:00
15fffb1668
Adding in some tests
...
cleaning up the regex a bit
MSP-9678
2014-06-02 13:50:30 -05:00
f2a2975bc1
Merge branch 'staging/electro-release' into feature/MSP-9678/pop3-login-scanner
2014-06-02 10:56:54 -05:00
8bcd763039
Merge pull request #26 from rapid7/feature/MSP-9685/telnet_login_scanner
...
Feature/msp 9685/telnet login scanner
MSP-9685 #land
2014-05-30 13:40:18 -05:00
98a23881ee
remove cred creation methods
...
removed cred creation methods from framework
and include them from the metasploit-credential gem instead
2014-05-30 11:28:53 -05:00
e669324366
Merge pull request #25 from rapid7/feature/MSP-9673/axis2-login-scanner
...
Add axis2 login scanner
2014-05-29 11:22:22 -05:00
d95b0497a7
add more specs
...
added more specs around telnet specific validations
2014-05-29 11:11:19 -05:00
572e4f2bdf
Fix dumb missing options and add spec
2014-05-28 16:32:38 -05:00
1bc2140fa6
Telnet LoginScanner basics
...
basic Telnet LoginScanner with shell
specs. Need to test functionality
and write additional specs
2014-05-28 14:47:58 -05:00
07a61ae696
adding in changes from before my vacation..
...
MSP-9678
2014-05-28 13:18:28 -05:00
821a62627a
final spec cleanup
2014-05-28 09:56:26 -05:00
ca4c942ceb
Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation
2014-05-28 09:40:44 -05:00
967b0d49b1
Merge branch 'master' into staging/electro-release
...
Conflicts:
Gemfile
Gemfile.lock
2014-05-28 09:39:56 -05:00
c975d4dc49
some minor cleanup items
2014-05-28 09:26:19 -05:00
da0a9f66ea
Resolved all msftidy vars_get warnings
2014-05-25 19:29:39 +02:00
2b75a53c93
Add basic rspec for portspec_to_portlist
2014-05-24 23:46:26 +02:00
85737d1235
Merge pull request #22 from rapid7/feature/MSP-9646/afp-loginscanner
...
AFP login scanner
2014-05-22 15:05:24 -05:00
fbacf80839
Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation
2014-05-22 14:39:17 -05:00
19e36cccb3
Credential Core creation now complete
2014-05-21 16:37:13 -05:00
5d1a0397ed
Add Tomcat login scanner
2014-05-21 14:28:54 -05:00
3ea99a9d43
private creation w/ specs and docs
...
the private creation method is now done
with specs and YARD docs
2014-05-21 13:21:56 -05:00
2629549f6f
added realm creation
...
added method for creating credential realm
creation.
2014-05-21 11:22:22 -05:00
8be35b90f4
Add some more specs for AFP login scanner
2014-05-20 17:44:41 -05:00
d061d36229
Merge branch 'staging/electro-release' into feature/MSP-9646/afp-loginscanner
2014-05-20 17:25:42 -05:00
21de14ac3d
Initial stab at AFP login scanner
2014-05-20 17:08:12 -05:00
62bae8e23b
Merge pull request #21 from rapid7/feature/MSP-9687/winrm-loginscanner
...
Specs and functional steps passing.
MSP-9687 #land
2014-05-20 11:32:37 -05:00
8a2f05b7d2
Merge branch 'staging/electro-release' into feature/MSP-9640/cred_creation
2014-05-20 10:28:33 -05:00
9cdddb08d9
origin specs for realsies
...
final specs and fixes for the origin creation
methods
2014-05-20 10:19:03 -05:00
b84aaaad19
specs and fixes for origin creation
2014-05-20 09:59:15 -05:00
ddfa4f1ee7
some origin creation specs
...
started getting working specs
for the origin creation methods. feel
into the weeds for a bit, but making progress at last.
2014-05-19 15:16:02 -05:00
d9687d87f9
Merge pull request #20 from rapid7/feature/MSP-9667/db2_login
...
Specs passing post update.
MSP-9667 #land
2014-05-16 11:29:31 -05:00
9582d82fba
Merge remote-tracking branch 'private/staging/electro-release' into feature/MSP-9687/winrm-loginscanner
2014-05-15 13:59:48 -05:00
efd0db9c39
Merge branch 'upstream-master' into HEAD
2014-05-15 13:53:16 -05:00
8a9abb90c0
Add specs for connection error conditions
2014-05-15 10:06:17 -05:00
e9b3f10ba7
Drying up some of the status codes
...
MSP-9678
2014-05-14 17:02:26 -05:00
59050d9bf1
Add specs for WinRM, improve those for HTTP
2014-05-14 15:13:29 -05:00
99f8fbbc9c
Add WinRM login scanner
...
* Genericizes HTTP a bit to make these kinds of HTTP-based scanners
simpler and easier
* Adds support for default ports to HTTP. This should probably be
rafactored up into Base
* Removes spec that complains about port being unset (which now fails
because defaults ensure it's always set)
2014-05-14 14:35:49 -05:00
dc7a8d32d8
Land #3324 , msfconsole search timestamp fixes
2014-05-14 21:30:02 +02:00
82d32e39cc
Merge branch 'feature/MSP-9686/vnc_login' into staging/electro-release
...
MSP-9686
2014-05-14 13:24:13 -05:00
a32152ecaa
Merge branch 'staging/electro-release' into feature/MSP-9686/vnc_login
...
MSP-9686
2014-05-14 13:22:41 -05:00
fb671c72a7
Merge branch 'master' into staging/electro-release
2014-05-14 13:00:37 -05:00
acaf713229
Merge pull request #17 from rapid7/feature/MSP-9606/metasploit-credential
...
Run migrations from Metasploit::Credential and initialize its concerns which patch Mdm
2014-05-14 11:15:07 -05:00
bb6201d66d
Fixing nil bug and making format constant
...
The date format has been moved into a constant variable.
Certain modules do not have a disclosure_date. For example,
‘checkvm’. This necessitated checking disclosure_date for nil
before attempting a format conversion. Also, there was an additional
location in core.rb that needed the formatting / nil check added. Specs
were also updated appropriately.
2014-05-14 15:51:42 +00:00
08a7acef3f
Make sure fail case is correct
...
`rand(1000)` would return 0 one in a thousand times, causing this test to
randomly fail at that interval
2014-05-14 10:22:47 -05:00
162038bde4
Merge pull request #19 from rapid7/feature/login_scanner/smb
...
Specs all passing, functional steps working.
2014-05-13 14:37:13 -05:00
2a13010bfb
Fix faulty spec
2014-05-13 14:15:00 -05:00
f5751d6a85
first pass at attempt_login for DB2
...
first pass through at the attempt_login method
for the DB2 LoginScanner. still adding specs
and possibly refactoring
2014-05-13 14:10:30 -05:00
5dcf3efd1a
skeleton for DB2 loginscanner
...
add basic skeleton and specs for the DB2
LoginScanner class.
2014-05-13 13:16:56 -05:00
3370465d84
Use railties to load Metasploit::Credential correctly
...
MSP-9606
In order to support Metasploit::Credential correctly,
metasploit-framework needs to support Metasploit::Concern, which does
all its magic using a Rails::Engine initializer, so the easiest path is
to make metasploit-framework be able to use Rails::Engines. To make
Rails::Engine use Rails::Engine, make a dummy Rails::Application
subclass so that all the initializers will be run when anything requires
msfenv.
2014-05-12 15:03:51 -05:00
638ae477d9
Fix up spec. Rex::Proto::Http::ClientRequest handles & and = outside of Rex::Text::uri_encode, so mode doesn't affect them.
...
Fix erroneous typo char.
2014-05-12 12:10:30 -05:00
cba39a9a04
Adds spec for 'hex-all' mode
2014-05-12 12:01:06 -05:00
7f98d1630e
specs for VNC Loginscanner
...
cover remaining behaviour for the
VNC LoginScanner class.
2014-05-12 11:29:27 -05:00
5f523e8a04
Rex::Text::uri_encode - make 'hex-all' really mean all.
...
'hex-all' encoding was previously ignoring slashes.
This pull adds 'hex-noslashes' mode which carries forward the previous functionality, and replaces all existing references to 'hex-all' with 'hex-noslashes' It then adds a replacement 'hex-all' mode, which really encodes *ALL* characters.
2014-05-12 11:26:27 -05:00
f84d763382
refactoring conditional logic
...
the class works but the conditional logic needs
refactoring to be smoothed out more.
2014-05-12 11:10:36 -05:00
3831042dca
Add specs, validations for LoginScanner::SMB
2014-05-09 18:58:49 -05:00
4e76330643
Add skeleton for VNC lgoinscanner
...
Add skeleton and specs for the VNC Loginscanner
MSP-9686
2014-05-09 11:55:15 -05:00
8b937b7c35
Merge branch 'master' into staging/electro_release
2014-05-09 11:46:08 -05:00
c77412d373
Merge pull request #13 from rapid7/feature/login_scanner/mysql
...
Add LoginScanner for MySQL
MSP-9676 #land
2014-05-08 15:05:24 -05:00
894ecaafb4
Merge pull request #12 from rapid7/feature/login_scanner/pg
...
Add Postgres LoginScanner class
MSP-9679 #land
2014-05-08 14:38:56 -05:00
42de1ab1f1
whitespace removal
2014-05-08 14:18:06 -05:00
cfb13ed1bd
Merge branch 'staging/electro_release' into feature/login_scanner/mysql
2014-05-08 13:55:09 -05:00
2d2b5ea9e4
Merge remote-tracking branch 'private/feature/login_scanner/mssql' into feature/login_scanner/smb
2014-05-08 13:45:06 -05:00
13fe8c0869
Default Credential#paired to true
2014-05-08 13:34:31 -05:00
20edabb0f5
mySQL Loginscanner with specs to match
...
This season's colours for Loginscanner is MySQL
with Unit Test Coverage applied to match.
2014-05-08 13:16:12 -05:00
102eb85277
Update CommandDispatcher::Db spec
2014-05-08 03:05:49 -05:00
b72f0f8ffc
try to fix bad push/revert mess
2014-05-07 18:43:37 -05:00
9919d54116
Revert "final touches and specs"
...
This reverts commit e025fa1791
2014-05-07 18:34:34 -05:00
e025fa1791
final touches and specs
...
add finishing touches to postgres
Loginscanner and add specs to cover
the behaviour
2014-05-07 18:32:36 -05:00
acbff23c32
final wrap-up specs
...
successkid.jpg
2014-05-07 16:07:18 -05:00
ec974535ac
create base object for mssql scanner
...
created skeleton for MSSQL Loginscanner
included concerns.
also added an NTLM concern and shared example group
2014-05-07 14:43:15 -05:00
507fe566a4
Merge branch 'master' into staging/electro_release
2014-05-06 11:36:19 -05:00
5e6f57f711
fix up some more specs
...
some spec cleanup and added basic specs
to the HTTP LoginScanner
2014-05-01 12:10:51 -05:00
0dd22395eb
use credential objects inside results
...
altered results to just hold a credential
object instead of duplicating attributes
2014-04-30 17:17:57 -05:00
4995fcdced
Shared Examples for RexSocket mixin
...
shared example group for the Loginscanner RexSocket
mixin. Pretty simple stuff, just trying to keep it
DRY.
2014-04-30 15:47:52 -05:00
1cd3f3f0da
finished first shared example group
...
base behaviour is now defined in shared
example group and the specs all use that
shared example group
2014-04-30 14:40:37 -05:00
a4cc311106
test base behaviour in shared examples
...
start moving specs to a shared example group
for all behaviour defined by the LoginScanner
Base
2014-04-30 14:35:29 -05:00
a08421b30f
apply reasonable defaults
...
give each lgoinscanner the ability to select
reasonable defaults for certain attributes
2014-04-30 13:56:29 -05:00
e5276d111d
Merge branch 'staging/electro_release' into feature/login_scanner/snmp
...
Conflicts:
lib/metasploit/framework/login_scanner/result.rb
2014-04-30 10:21:35 -05:00
ddee401e27
Merge branch 'feature/MSP-9684/sshkey_loginscanner' into staging/electro_release
...
MSP-9684 #land
2014-04-29 15:21:56 -05:00
e8ea6a86b5
add specs for snmp
...
add specs for the snmp loginscanner
and modify the specs to Result class
to account for the access_level attribute
2014-04-29 14:49:35 -05:00
2b4006089b
Land #3298 , @wvu-r7's fix for db_import and its spec
2014-04-28 17:29:52 -05:00
c02fb21c3b
Finalized specs for sshkey
...
shkey loginscanner now compelte along
with specs
2014-04-25 15:20:33 -05:00
9964548b41
Amend spec for db_import help
2014-04-25 14:28:29 -05:00
e2d6a57db1
fix spec filename
...
had an extra underscore
2014-04-25 14:27:10 -05:00
0fcfb9d655
add proxies to ssh scanner
...
allow the SSH LoginScanner
to accept a proxy directive
2014-04-25 14:22:21 -05:00
35a039848c
add sshkey loginscanner
...
added the loginscanner class for SSHKey and
the base specs
2014-04-25 14:21:08 -05:00
2346d583ed
touchups and specsfor FTP Scanner
...
add some final touchups and specs to the FTP
Loginscanner object. now fully working.
2014-04-25 11:02:15 -05:00
838a444b23
first pass of FTP LoginScanner
...
made the first pass at the ftp
LoginScanner, with base specs.
Need to still tierate, add more new
specs and clean it up
2014-04-25 10:14:48 -05:00
3a66723741
nake scan! more generic
...
scan! can now be reused for each scanner and
only attempt_login is specific for each thing.
2014-04-24 09:43:39 -05:00
36dd10e1c2
add the renamed spec
...
renamed spec for credential class
forgot to add it
2014-04-22 11:05:58 -05:00
526bb4989a
more explicit requires
...
LoginScanner module brings in all the deps
while the individual classes require
the module then to get their deps.
2014-04-22 10:28:01 -05:00
645eef51b7
Rename CredDetail to Credential
...
it was felt this was better naming
for the class. Refactored all occurence
2014-04-22 10:25:36 -05:00
f35314b9f0
adjust Msf::Util::EXE for newer file output
...
Newer releases of File have a much different output when given a jar
file. Adjust regex per egyp7's suggestion to close bug 8792 on redmine.
Failure/Error: verify_bin_fingerprint(format_hash, bin)
expected: /zip/i
got: "/dev/stdin: Java archive data (JAR)\n" (using =~)
Tested and confirmed working with file 5.17 on Gentoo Linux.
2014-04-22 02:21:09 -05:00
f079d3f3a9
move requires into module
...
move all the requires into the LoginScanner
module area to clean up requires
2014-04-21 19:14:50 -05:00
9c6528f13f
use the CredDetail class
...
now that we have the new CredDetail
class, use it instead of hashes
2014-04-21 18:58:23 -05:00
1a6ef8dced
allow for balnk passwords
...
have to alter validation slightly
to allow for blank passwords
2014-04-21 18:57:28 -05:00
James Lee
Lance Sanchez
Luke Imhoff
Trevor Rosen
David Maloney
Christian Mehlmauer
Lutz Wolf
Samuel Huckins
nstarke
Jeff Jarmoc
William Vu
Lance Sanchez
jvazquez-r7
Rick Farina (Zero_Chaos)