Commit Graph

1045 Commits (f5f32fac061eb660aa1ec5694922625001929f8c)

Author SHA1 Message Date
jvazquez-r7 10d50e77eb Avoid explicit use of subject 2014-10-13 10:21:31 -05:00
Luke Imhoff 8026352433
Extract Msf::DBManager::Ref shared examples
MSP-11124
2014-10-13 10:12:09 -05:00
Luke Imhoff 7a5b3c9ee7
Move report_artifact example to Msf::DBManager::Report
MSP-11124
2014-10-13 10:01:08 -05:00
Luke Imhoff a970d76a2a
Extract Msf::DBManager::VulnDetail shared examples
MSP-11124
2014-10-13 09:58:59 -05:00
Luke Imhoff 97b3198923
Extract Msf::DBManager::ExploitAttempt shared examples
MSP-11124
2014-10-13 09:43:40 -05:00
Luke Imhoff b007fba79f
Extract Msf::DBManager::Task shared examples
MSP-11124
2014-10-13 09:32:42 -05:00
Luke Imhoff 66845508d9
Extract Msf::DBManager::Report shared examples
MSP-11124
2014-10-13 09:24:27 -05:00
Luke Imhoff e82a46cc47
Extract Msf::DBManager::Event shared examples
MSP-11124
2014-10-13 09:12:49 -05:00
Luke Imhoff 0e93b55397
Extract Msf::DBManager::Client shared examples
MSP-11124
2014-10-13 08:40:34 -05:00
nstarke 472985a8a8 Adding Buffalo Linkstation NAS Login Scanner
I have added a login scanner for the Buffalo Linkstation
NAS.  I have been testing against version 1.68 of the
firmware.  Also included are some specs for this module.
2014-10-10 03:16:48 +00:00
Luke Imhoff b05a466e0a
Extract Msf::DBManager::Vuln shared examples
MSP-11124
2014-10-09 15:51:39 -05:00
Luke Imhoff e403e54896
Extract Msf::DBManager::Note shared examples
MSP-11124
2014-10-09 15:39:55 -05:00
Luke Imhoff e42d60801d
Extract Msf::DBManager::Loot shared examples
MSP-11124
2014-10-09 15:21:43 -05:00
Luke Imhoff 2c6753a2e0
Extract Msf::DBManager::Import shared examples
MSP-11124
2014-10-09 15:07:17 -05:00
Luke Imhoff 45f5fe36f1
Extract Msf::DBManager::ExploitedHost shared examples
MSP-11124
2014-10-09 12:58:30 -05:00
Luke Imhoff 3ec93dea43
Extract Msf::DBManager::Cred shared examples
MSP-11124
2014-10-09 11:44:15 -05:00
Luke Imhoff 96b4491d8e
Extract Msf::DBManager::Service shared examples
MSP-11124
2014-10-09 11:35:07 -05:00
Luke Imhoff e7800697eb
Extract Msf::DBManager::Host shared examples
MSP-11124
2014-10-09 11:16:04 -05:00
Luke Imhoff 148ad8b050
Extract Msf::DBManager::WMAP shared examples
MSP-11124
2014-10-09 10:49:26 -05:00
Luke Imhoff e723aa7eb3
Extract Msf::DBManager::IPAddress shared examples
MSP-11124
2014-10-09 09:40:11 -05:00
Luke Imhoff f5ea81cd97
Test for #match_values
MSP-11124
2014-10-09 09:20:27 -05:00
Luke Imhoff 37c38ad27b
Extract Msf::DBManager::ModuleCache shared examples
MSP-11124
2014-10-09 09:14:45 -05:00
Luke Imhoff 70d4f672e2
Extract Msf::DBManager::Workspace examples to shared example
MSP-11124
2014-10-08 15:54:29 -05:00
Luke Imhoff a64036f6cf
Move Msf::DBManager#sync to Msf::DBManager::Sink
MSP-11124

The comment on `#sync` says it's related to `sink`, so move it into its
Module.
2014-10-08 15:38:56 -05:00
Luke Imhoff 37e0b9ffe0
Extract Msf::DBManagerSink examples to shared example
MSP-11124
2014-10-08 15:30:20 -05:00
Luke Imhoff a0a19e5ce8
Spec classes, constants and methods from lib/msf/db.rb
MSP-11466

Method specces only check that the method is defined as they only need
to catch deleted methods during the reorganization.
2014-10-08 11:07:15 -05:00
Luke Imhoff 6a54f0ac4c
Spec methods from db_manager.rb
MSP-11466
2014-10-08 10:53:14 -05:00
Luke Imhoff c09335985b
Sort specs
MSP-11466
2014-10-08 10:52:21 -05:00
nstarke b8c2643d56 Converting Module to LoginScanner w/ Specs
The previous commits for this Jenkins CI module relied on an
obsolete pattern.  Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
2014-10-06 21:14:10 -05:00
jvazquez-r7 3aadaf672e Fix @lsanchez-r7's feedback, single expectation per test and avoid explicit use of subject 2014-10-06 16:08:20 -05:00
Samuel Huckins 0dfd8e25b8
Land #3846, Rex::ImageSource specs 2014-10-02 12:33:56 -05:00
sinn3r 9e5826c4eb
Land #3844 - Add the JSObfu mixin to Firefox exploits 2014-09-29 11:15:14 -05:00
Joe Vennix 2b02174999
Yank Android->jsobfu integration. Not really needed currently. 2014-09-25 16:00:37 -05:00
jvazquez-r7 e4f71d79ac Fix grammar 2014-09-24 15:17:09 -05:00
sinn3r 35f788a1a4
Land #3848 - Add specs for Rex::Arch 2014-09-23 13:03:40 -05:00
jvazquez-r7 0dfc2d3f87 Add specs for Rex::ExtTime 2014-09-22 14:55:14 -05:00
jvazquez-r7 db587afac8 Add specs for Rex::Arch 2014-09-22 14:10:55 -05:00
jvazquez-r7 701d6470c9 Add specs for Rex::Oui 2014-09-22 13:28:07 -05:00
jvazquez-r7 45011ae87f Add shared examples 2014-09-22 12:15:04 -05:00
jvazquez-r7 a677749f5b Add specs for #read_asciiz and fix bugs there 2014-09-22 12:14:21 -05:00
jvazquez-r7 f804d42ddc Add specs for Memory#index 2014-09-22 11:43:18 -05:00
jvazquez-r7 b121764003 Add specs for Memory#subsource 2014-09-22 11:30:30 -05:00
jvazquez-r7 3500e1ce7c Add specs for Memory#close 2014-09-22 11:18:21 -05:00
jvazquez-r7 a612caf1ae Finish examples for Memory#read 2014-09-22 11:17:09 -05:00
jvazquez-r7 df7ee55962 Add first specs for Rex::ImageSource::Memory#read 2014-09-22 11:06:34 -05:00
jvazquez-r7 77122895db Add specs for Rex::ImageSource::Memory#initialize 2014-09-22 11:02:24 -05:00
jvazquez-r7 a249eb1026 Add specs for Disk#subsource and Disk#close 2014-09-22 10:50:11 -05:00
jvazquez-r7 23bf36bc75 Start specs for Disk#subsource 2014-09-22 10:37:56 -05:00
jvazquez-r7 3f1eea55a6 Add specs for Disk#read and Disk#index 2014-09-22 10:35:54 -05:00
Luke Imhoff f61afe2598
Merge branch 'master' into bug/MSP-11368/boot-profiling
MSP-11368
2014-09-22 10:00:07 -05:00
jvazquez-r7 46e4235e79 Add spec templates 2014-09-22 09:16:21 -05:00
Joe Vennix ec88957ff4
Whitespace tweaks. 2014-09-21 23:57:58 -05:00
Joe Vennix d9e6f2896f
Add the JSObfu mixin to a lot of places. 2014-09-21 23:45:59 -05:00
sinn3r 2e96026725 avoid saying 'should' 2014-09-21 00:56:13 -05:00
sinn3r e1cfc74c32 Move jsobfu to a mixin 2014-09-21 00:39:04 -05:00
sinn3r 9191af6241 Update js_obfuscate 2014-09-20 23:38:35 -05:00
sinn3r cd70014446 Fix os detection rspec
no more window
2014-09-20 21:29:13 -05:00
sinn3r 2d828a2144 Update rspec 2014-09-20 18:09:22 -05:00
sinn3r 135bed254d Update BrowserExploitServer for JSObfu 2014-09-20 17:59:36 -05:00
sinn3r d52236fe05
Land #3835 - JSObfu to a gem 2014-09-20 01:38:45 -05:00
Joe Vennix 8e1b00ce95
Adds JSObfu.disabled for spec stubbing, fixes BES specs. 2014-09-19 20:42:05 -05:00
Joe Vennix df999db547
Add spec to ensure gem loads without error. 2014-09-19 19:49:01 -05:00
Luke Imhoff b863978028
Remove fastlib
MSP-11368
MSP-11143

Remove fastlib as it slows down the code loading process.  From the
previous commit, the mean loading for
`METASPLOIT_FRAMEWORK_PROFILE=true msfconsole -q -x exit` was
27.9530±0.3485 seconds (N=10).  The mean after removal of fastlib
was 17.9820±0.6497 seconds (N=10).  This means an average 35.67%
reduction in boot time.
2014-09-18 15:24:21 -05:00
Luke Imhoff 44588cc014
Add detected_arch to expected hosts columns in spec
MSP-11359
2014-09-18 12:34:34 -05:00
James Lee 3e42fcbbab
Land #3794, NDR encoding specs
MSP-11370 #land
2014-09-16 16:23:22 -05:00
sinn3r 169d04020d
Land #3571 - Add Wordpress XML-RPC Login Scanner (with LoginScanner) 2014-09-16 14:51:24 -05:00
jvazquez-r7 ca4c4f55bd Add specs for Rex::Encoder::Alpha2::UnicodeMixed 2014-09-15 17:05:08 -05:00
jvazquez-r7 ee45056827 Add specs for Rex::Encoder::Alpha2::UnicodeUpper 2014-09-15 16:57:26 -05:00
jvazquez-r7 3dc53cd013 Add specs for Rex::Encoder::Alpha2::AlphaMixed 2014-09-15 16:43:40 -05:00
jvazquez-r7 e8dce6ac59 Add specs for Rex::Encoder::Alpha2::AlphaUpper 2014-09-15 16:35:54 -05:00
jvazquez-r7 0e1ba8fb5e Use non aphanumeric badchar 2014-09-15 15:59:18 -05:00
jvazquez-r7 36e5dcd149 Fix shared examples 2014-09-15 15:56:19 -05:00
jvazquez-r7 2e126b6a68 Include it_behaves_like 2014-09-15 15:46:53 -05:00
jvazquez-r7 4064fb60ef Refactor specs for Rex::Encoder::Alpha2::Generic 2014-09-15 15:43:31 -05:00
jvazquez-r7 2728318358 Add specs for Rex::Encoder::Alpha2::Generic 2014-09-15 15:26:13 -05:00
jvazquez-r7 3f5fdaebb4 Add specs for Rex::Encoder::NDR 2014-09-15 13:49:18 -05:00
jvazquez-r7 7d4c4c3658
Land #3699, @dmaloney-r7's ipboard login refactor 2014-09-15 08:29:42 -05:00
HD Moore 6bd3675f03 Land #3680, add specs for Rex::MIME 2014-09-13 00:34:39 -05:00
HD Moore 6a2a85d2c4 Land #3789, adds specs for Rex::Proto::Http::Packet::Header
orts
2014-09-13 00:21:43 -05:00
jvazquez-r7 9e21cc8ad4 Add specs for invalid IPBoard application 2014-09-12 16:14:10 -05:00
jvazquez-r7 917a7ffa1e Add specs for valid IPBoard application 2014-09-12 16:08:03 -05:00
Cucumber b80519dc16
Lands #3779, specs
MSP-11343

Merge specs that I missed during last merge.
2014-09-12 14:49:26 -05:00
James Lee f68628c487 Add minimal specs for rex/proto/http/packet/header 2014-09-12 14:30:27 -05:00
sinn3r 12e3cb3c6a
Land #3764 - Add specs for Rex::Encoder::NonAlpha 2014-09-12 12:09:55 -05:00
sinn3r 54c353a15e
Land #3788 - Adds a spec to ensure HttpServer runs Concern hooks. 2014-09-12 12:05:55 -05:00
Joe Vennix a617556f29
Add a helpful comment. 2014-09-12 10:55:08 -05:00
Joe Vennix 0194674542
Oops. Don't duplicate spec block. 2014-09-12 10:54:30 -05:00
Joe Vennix 46f256a6bd
Adds a spec to ensure HttpServer runs Concern hooks. 2014-09-12 10:52:57 -05:00
jvazquez-r7 25a09ea227 Fix valid requests specs 2014-09-12 10:30:17 -05:00
jvazquez-r7 0d054d8354 Update with master changes 2014-09-12 09:52:32 -05:00
jvazquez-r7 183ba3422d Add specs for logins 2014-09-12 09:50:32 -05:00
James Lee 0ab36453b9
Add another header spec 2014-09-11 12:20:54 -05:00
James Lee a8e3ff0c0f
Add specs to verify server header matching 2014-09-11 11:42:38 -05:00
James Lee 8aa06b8605
Better api for check_setup 2014-09-10 23:43:54 -05:00
sinn3r 1b4ceec4f9
Land #3743 - Add specs for Rex::Arch::X86 2014-09-09 17:24:08 -05:00
sinn3r e82348f157
Land #3762 - Add specs for Rex::Arch::Sparc 2014-09-09 16:10:26 -05:00
jvazquez-r7 962c66b3bb Fix some descriptions 2014-09-08 18:17:24 -05:00
jvazquez-r7 8370bf0f2a Finish XDR specs 2014-09-08 18:05:09 -05:00
jvazquez-r7 44724d1141 Add specs for .decode_varray 2014-09-08 17:12:04 -05:00
jvazquez-r7 8af13592c2 Add first specs for Rex::Encoder::XDR 2014-09-08 16:25:53 -05:00
David Maloney cd3cdc5384
Merge branch 'master' into feature/ipboard-login-refactor 2014-09-08 14:48:37 -05:00
jvazquez-r7 f521cc598d Delete .encode specs, anyone uses the method, plus looks wrong 2014-09-08 14:42:43 -05:00
jvazquez-r7 9a74e60db3 Add specs for .encode 2014-09-08 14:32:33 -05:00
jvazquez-r7 11ca383d4f Add specs for .encode_byte 2014-09-08 14:24:03 -05:00
jvazquez-r7 3535a6a21d Add first specs for .gen_decoder and .encode_byte 2014-09-08 14:07:21 -05:00
jvazquez-r7 4c15954be5 Add specs for Rex::Arch::Sparc 2014-09-08 11:59:52 -05:00
William Vu ae5a8f449c
Land #3691, gdbserver hax 2014-09-08 11:48:39 -05:00
jvazquez-r7 10bb77af9f
Land #3716, @wchen-r7's Glassfish LoginScanner update 2014-09-07 21:54:34 -05:00
jvazquez-r7 6cdfd322f2 change should to expect 2014-09-07 21:35:33 -05:00
jvazquez-r7 e6f7b35d0d Use context to describe #attempt_login 2014-09-07 21:26:01 -05:00
jvazquez-r7 f266ca99f5 Use allow_any_instance_of as with rspec 3 2014-09-07 21:18:22 -05:00
jvazquez-r7 768b50974f Redo try_glassfish_3 specs 2014-09-07 21:04:43 -05:00
jvazquez-r7 07238ef7b3 Redo try_glassfish_2 specs 2014-09-07 20:47:54 -05:00
jvazquez-r7 9a42e7635a Use expect instead of should on try_login 2014-09-07 20:01:44 -05:00
jvazquez-r7 06207afb12 Use expect instead of should 2014-09-07 19:37:24 -05:00
jvazquez-r7 424d1ec47f Add example to describe how send_request handles a JSESSIONID cookie 2014-09-07 19:33:56 -05:00
sinn3r ff6cce8bd1 3rd person 2014-09-06 01:56:39 -05:00
sinn3r 419b2136b1 remove the "instance methods" context 2014-09-06 01:42:48 -05:00
sinn3r c8ccb5e848 In 3rd person 2014-09-06 01:39:32 -05:00
sinn3r 0dcf481d76 This one is good to go 2014-09-04 14:13:33 -05:00
sinn3r e1694ec3e5 LoginScanner update for hp_sys_mgmt_login
Work in progress
2014-09-03 16:23:57 -05:00
sinn3r 954475c0bf Add rspec and update about secure admin 2014-09-02 20:35:25 -05:00
jvazquez-r7 15f19468a1 Do last cleanup 2014-09-02 18:57:10 -05:00
jvazquez-r7 3ad0542b2a Fix some specs 2014-09-02 18:50:37 -05:00
jvazquez-r7 a1823b6c1e Add more specs for Rex::Arch::X86 2014-09-02 18:17:14 -05:00
jvazquez-r7 16111aa2f7 Use RSpec::Mocks::Double 2014-09-02 13:25:05 -05:00
jvazquez-r7 fdb66d978b Fix remainings be_truthy and be_falsey conditionals 2014-09-02 13:22:21 -05:00
jvazquez-r7 9cec62d52b
Merge branch 'specs_its' into fix_deprecation_warnings 2014-09-02 13:14:21 -05:00
jvazquez-r7 15e564ddf3
Merge branch 'collection_owner' into fix_deprecation_warnings 2014-09-02 13:14:09 -05:00
jvazquez-r7 824ff7fc72
Merge branch 'specs_skip' into fix_deprecation_warnings 2014-09-02 13:13:09 -05:00
jvazquez-r7 33784777df Avoid its in Msfupdate specs 2014-09-02 12:53:24 -05:00
jvazquez-r7 e0c6f5032f Avoid its in Msf::DBManager specs 2014-09-02 12:46:50 -05:00
jvazquez-r7 d7af3a628d Avoid its on Msf::ModuleManager::Cache shared examples specs 2014-09-02 12:02:26 -05:00
jvazquez-r7 bf0d30cf03 Fix rspec-collection_matchers deprecation warning in Rex::Socket::RangeWalker 2014-09-02 11:08:26 -05:00
jvazquez-r7 5a0b6ece6e Use is_expected 2014-09-02 10:27:53 -05:00
jvazquez-r7 764af20567 Fix rspec-collection_matchers deprecation warnings in Rex::Socket 2014-09-02 10:21:52 -05:00
David Maloney 928aeffcba
add wordpress_rpc loginscanner and specs 2014-08-29 13:06:12 -05:00
Samuel Huckins fa77caa819
Merge branch 'bug/MSP-11153/database-config-overrides'
MSP-11153 #land
2014-08-28 17:12:37 -05:00
Luke Imhoff 5ab8fcd026
Remove realpath call from expected user_configurations_pathname
MSP-11153

realpath is not used in the actual code anymore because it doesn't work
for non-existent paths.
2014-08-28 11:51:25 -05:00
Luke Imhoff 951ce15b44
Move database.yml selection to Metasploit::Framework::Database
MSP-11153

Test the following paths in order and only return them if the path
exists:

1. MSF_DATABASE_CONFIG environment variable
2. ~/.msf4/database.yml
3. <project>/config/database.yml
2014-08-27 12:01:43 -05:00
Tom Sellers 4a1b037af0 Remaining files.. 2014-08-26 18:15:58 -05:00
jvazquez-r7 b37e1a5421 Solve conflicts 2014-08-26 17:51:37 -05:00
jvazquez-r7 0d9d722525 skip examples pending of pivotaltracker 38730815 2014-08-26 16:49:13 -05:00
Joshua Smith 49adde2095
Land 3702, prefer be_falsey and cleanup specs 2014-08-26 15:24:41 -05:00
Joshua Smith 1fa26e2afb cleans up a bunch of spec msftidy issues 2014-08-26 15:24:08 -05:00
jvazquez-r7 042b8a3672 Switch from pending to skip in specs 2014-08-26 15:17:00 -05:00
HD Moore ba1f7c3bf6 Land #3687, reworks the nat-pmp portscanner 2014-08-26 14:34:46 -05:00
HD Moore 4e19d9ade1 Land #3545, fix up sip scanners, msftidy, db services cmd 2014-08-26 14:07:21 -05:00
Jon Hart 5ad090e833 Add unit test for and correct parsing of NAT-PMP port map responses 2014-08-26 10:49:53 -07:00
Jon Hart b0347906e3 Correct NATPMP external address resposne epoch and result parsing 2014-08-26 10:49:52 -07:00
Jon Hart 337cd02dd7
Change Auxiliary::DRDoS' prove_drdos to prove_amplification 2014-08-26 07:48:44 -07:00
jvazquez-r7 41420a97d5 Solve conflicts 2014-08-26 09:04:05 -05:00
jvazquez-r7 57afaf6580 undo be_false case 2014-08-25 23:58:08 -05:00
jvazquez-r7 60ecf4e8c4 Use be_truthy instead of be_true 2014-08-25 23:58:08 -05:00
jvazquez-r7 aa47746290 Undo incorrect be_true switch 2014-08-25 18:23:55 -05:00
jvazquez-r7 c372f5164b And switch more cases to be_falsey 2014-08-25 17:50:38 -05:00
jvazquez-r7 a1e1cef418 More use of be_falsey 2014-08-25 17:38:50 -05:00
jvazquez-r7 dd1c015e4e Use be_falsey 2014-08-25 17:34:55 -05:00
jvazquez-r7 9a14b64051 First version of Rex::Arch::X86 specs 2014-08-25 16:44:28 -05:00
Jon Hart 6185721a61 Address @hmoore-r7's feedback regarding binary encoding 2014-08-25 13:11:22 -07:00
Jon Hart e3753e3649 Refactor SIP response parsing for future improvements 2014-08-25 13:11:21 -07:00
Jon Hart 02e41c27e7 Split SIP response parsing out on its own, add unit tests.
Passes rspec but fails in framework. WIP.
2014-08-25 13:11:20 -07:00
David Maloney 32b1a5ea23
add ipboard loginscanner
add loginscanner class for IPBoard with specs
this should replicate the functionality originally written
by Chris Truncer, but move it into a testable, reusable class
2014-08-25 13:58:30 -05:00
William Vu 1ee83ff57e
Land #3696, pile of NTP DRDoS 0days
Dr. DoS in da house?
2014-08-25 11:47:28 -05:00
Joe Vennix a27754c5c1
Tweak specs a bit. 2014-08-24 02:41:37 -05:00
Joe Vennix 120f416f9c
Add spec for Msf::EncodedPayload.create. 2014-08-24 02:36:09 -05:00
Joe Vennix 6313b29b7a
Add #arch method to Msf::EncodedPayload.
This allows exploits with few one automatic target to support many
different architectures.
2014-08-24 02:22:15 -05:00
jvazquez-r7 8945f04ffd Add specs for Msf::HTTP::JBoss::BeanShell 2014-08-22 16:13:38 -05:00
jvazquez-r7 f57dd9a224 Add specs for #generate_bsh 2014-08-22 15:39:58 -05:00
jvazquez-r7 2b3058869f Add Msf::HTTP::JBoss::BeanShellScripts specs 2014-08-22 15:36:29 -05:00
jvazquez-r7 7ee5423310 Add specs for Msf::HTTP::JBoss::Base 2014-08-22 15:11:27 -05:00
jvazquez-r7 38e6576990 Update 2014-08-22 13:22:57 -05:00
jvazquez-r7 da0950df24
Land #3674, @todb-r7's patch for RangeWalker spec 2014-08-22 11:57:14 -05:00
Joe Vennix 95fbb8f1b7
Land PR #3672, dmaloney-r7's login scanner credential rework. 2014-08-22 11:15:32 -05:00
Brandon Turner 05f0d09828
Merge branch staging/electro-release into master
On August 15, shuckins-r7 merged the Metasploit 4.10.0 branch
(staging/electro-release) into master.  Rather than merging with
history, he squashed all history into two commits (see
149c3ecc63 and
82760bf5b3).

We want to preserve history (for things like git blame, git log, etc.).
So on August 22, we reverted the commits above (see
19ba7772f3).

This merge commit merges the staging/electro-release branch
(62b81d6814) into master
(48f0743d1b).  It ensures that any changes
committed to master since the original squashed merge are retained.

As a side effect, you may see this merge commit in history/blame for the
time period between August 15 and August 22.
2014-08-22 10:50:38 -05:00
Brandon Turner 19ba7772f3
Revert "Various merge resolutions from master <- staging"
This reverts commit 149c3ecc63.

Conflicts:
	lib/metasploit/framework/command/base.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/require.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/smb/smb_login.rb
	msfconsole
2014-08-22 10:17:44 -05:00
jvazquez-r7 fd05e634e8 Move once more let into describe 2014-08-21 10:41:37 -05:00
jvazquez-r7 b0a4ea6750 Move let helpers to describe groups 2014-08-21 10:39:16 -05:00
jvazquez-r7 6301d79162 Describe setters just expecting how assignement to properties should happen 2014-08-21 10:34:52 -05:00
jvazquez-r7 54395e38a0 Use a part subject to describe #add_part 2014-08-21 10:29:44 -05:00
jvazquez-r7 9dcc95fb04 Fix Rex::MIME::Message#initialize boundaries parsing 2014-08-20 10:22:38 -05:00
jvazquez-r7 e8a6307df1 Fix Rex::MIME::Header#parse 2014-08-20 09:42:44 -05:00
jvazquez-r7 e5fc0a007f Add some Message specs 2014-08-20 09:31:49 -05:00
jvazquez-r7 e4b586a96d Add specs for add_part_inline_attachment 2014-08-20 08:32:58 -05:00
jvazquez-r7 381c88f814 Add specs for add_part and add_part_attachment 2014-08-19 17:06:59 -05:00
Tod Beardsley a4c6a10edb
The .foo domain is live now.
I still kinda hate these tests, though, since they fail in wildcard DNS
environments (like OpenDNS).
2014-08-19 16:47:30 -05:00
jvazquez-r7 0585b13398 Add first specs for Rex::MIME::Message 2014-08-19 15:17:17 -05:00
sinn3r 311cc5befb
Land #3668 - Add specs for Rex::Exploitation::HeapLib 2014-08-19 13:14:24 -05:00
sinn3r 7bf637716a
Land #3663 - Add specs for Rex::Exploitation::EncryptJS 2014-08-19 13:08:14 -05:00
sinn3r ad241910d0 This is more invalid than the other one 2014-08-19 10:39:50 -05:00
David Maloney 473b92a060
Merge branch 'master' into feature/MSP-10992/scanner-dry
Conflicts:
	Gemfile.lock
	lib/metasploit/framework/command/console.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/credential.rb
	lib/metasploit/framework/credential_collection.rb
	lib/metasploit/framework/login_scanner/afp.rb
	lib/metasploit/framework/login_scanner/axis2.rb
	lib/metasploit/framework/login_scanner/db2.rb
	lib/metasploit/framework/login_scanner/ftp.rb
	lib/metasploit/framework/login_scanner/http.rb
	lib/metasploit/framework/login_scanner/mssql.rb
	lib/metasploit/framework/login_scanner/mysql.rb
	lib/metasploit/framework/login_scanner/pop3.rb
	lib/metasploit/framework/login_scanner/postgres.rb
	lib/metasploit/framework/login_scanner/result.rb
	lib/metasploit/framework/login_scanner/smb.rb
	lib/metasploit/framework/login_scanner/snmp.rb
	lib/metasploit/framework/login_scanner/ssh.rb
	lib/metasploit/framework/login_scanner/telnet.rb
	lib/metasploit/framework/login_scanner/vnc.rb
	lib/metasploit/framework/parsed_options/console.rb
	lib/metasploit/framework/require.rb
	lib/metasploit/framework/version.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/afp/afp_login.rb
	modules/auxiliary/scanner/db2/db2_auth.rb
	modules/auxiliary/scanner/ftp/ftp_login.rb
	modules/auxiliary/scanner/http/axis_login.rb
	modules/auxiliary/scanner/http/http_login.rb
	modules/auxiliary/scanner/http/tomcat_mgr_login.rb
	modules/auxiliary/scanner/mssql/mssql_login.rb
	modules/auxiliary/scanner/mysql/mysql_login.rb
	modules/auxiliary/scanner/pop3/pop3_login.rb
	modules/auxiliary/scanner/postgres/postgres_login.rb
	modules/auxiliary/scanner/snmp/snmp_login.rb
	modules/auxiliary/scanner/ssh/ssh_login.rb
	modules/auxiliary/scanner/ssh/ssh_login_pubkey.rb
	modules/auxiliary/scanner/telnet/telnet_login.rb
	modules/auxiliary/scanner/vnc/vnc_login.rb
	modules/auxiliary/scanner/winrm/winrm_login.rb
	spec/lib/metasploit/framework/credential_spec.rb
	spec/lib/msf/core/framework_spec.rb
2014-08-19 10:30:16 -05:00
sinn3r 17b03e7d34 Fix rspec due to an invalid dns becoming valid 2014-08-19 10:28:30 -05:00
jvazquez-r7 663e11f16b Add specs for Rex::MIME::Part 2014-08-18 18:03:27 -05:00
jvazquez-r7 85662d5ccd Add specs for Rex::MIME::Header 2014-08-18 17:33:26 -05:00
jvazquez-r7 73ac0e9537 Add specs for Rex::MIME::Encoding 2014-08-18 16:04:08 -05:00
jvazquez-r7 f812d2619c Fix load_js when opts[:newobfu] and add specs 2014-08-18 13:50:19 -05:00
jvazquez-r7 3dae6ee934 Not prefixing the class when describing method 2014-08-18 12:19:30 -05:00
jvazquez-r7 2dc579d467 Add template for specs 2014-08-18 12:16:20 -05:00
jvazquez-r7 75df32b1d3 Use single quoted strings out of the spec strings 2014-08-18 11:43:54 -05:00
jvazquez-r7 4ffd166918 Add specs for Rex::Exploitation::EncryptJS 2014-08-18 11:31:36 -05:00
Vincent Herbulot 2b59337e9a Jboss spec modifications.
Various changes in the jboss spec to match the newly refactored
methods in lib/msf/http/jboss.
2014-08-18 17:19:09 +02:00
Samuel Huckins 149c3ecc63
Various merge resolutions from master <- staging
* --ask option ported to new location
* --version option now works
* MSF version updated
* All specs passing
2014-08-15 11:33:31 -05:00
David Maloney fcfce9efec
Merge branch 'staging/electro-release' into feature/MSP-10992/scanner-dry 2014-08-12 11:22:51 -05:00
Jon Hart 8e626c1b60
Add rspec coverage for Msf::Auxiliary::DRDoS 2014-08-09 21:12:10 -07:00
Brandon Turner 91bb0b6e10 Metasploit Framework 4.9.3-2014072301
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJT0CeVAAoJEJMMBVMNnmqO/7AP/0CBRHjtgiR9VnFKSQ+iWTQV
 iPNMBevn0mpSRq/gpoKCeFBZ6b+YQYrOLXDKVk62VV9LCslkr/P8LW8ul+m+JtB0
 mM6V5esUXM1XhgGEyTnTLRx6BR/WQU1RHlb56ae3nZjQlwCuH/5zEmcy5toZxpsY
 6HO46zE0GGBoLr/VgyYlfT08bfoQ+ICyJN0H5ixoovCc3iW0K1MNqLMfdani8zBJ
 gYJaMysV7XtepumWWQMSC+b/EuertdXXzWDy2bwe0Q3cQXNXzrkPAvtMqucWG+gy
 783OLKCPtVoEZiX87xAptkwmVCRdNGPclaWH7YRZDAh1tqBfRQUg72V/TIrOHCP1
 /lYO7yp5pBQg+1UNnpH+xI2YePFfYdHpYDNT5FSQGOnQjJg30ll4SqCm7cVmo2h5
 BRSYXkPCsQeXGaFarxGERNb8e+qN/WzSrHzY45tQw8mDuhg94tlf3VtDag3FXxhj
 zCxd6bu+tdboVm7FERS85T46kxzmeIycZ4p+Sf7d8gXitl2RKbBdKFNDi1gzeK1T
 yN7bDl4sL7qtDgZLXjFrnyC8vXyAqIrAgmFr2JywMBRm6TiCGQvgnrs+sScU3RFU
 W2tblGbKQq+CwDeC59uQPqxRkm72SMUrKX9448VEQ+9XbKE3TMQ5Q4qCxmnw31Op
 aJ0QgKJz8thZgafZc89I
 =e1z9
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCgAGBQJT4pb8AAoJEA+Ckxyj7hsHn+8P/3FlEYCmoqQ/JzsVtmP3Yi4Q
 gBRva+crY831mCCQXFrPJBvWfmy5HOzVh+Zh7zWF0GQ1WuuMppHfR5ARFVwmiDs3
 qwndhXwziDzBnznf0JKSgT5eJsH23s/ots1lyWymKJvPuT6hn6MRAHUawgnNmYR9
 ttnawmHvCM9Iha2oz3nmkLcNd+83bdBfEWi5l8AQ7jJxwMC2/8VPpMscVVwXqPzd
 CoQugAYZW5VeaEiGio5+19Ix9EPkIDvs6wnfGBtfPfeaOIDZV4XOFoIFUtEeZd5o
 olvEpYvdqscy4Qujzn4C++3wX3bUxkIbHTJHgrKmlD83dI7Cu1JH716G+yfLoJo0
 pQBWTGeWYKEh6leK/9J5Bo1/tOJ/ylbcbvH0Y0tmdu4icHar6uYe1QBrCB9xIdh1
 F+xo4guYnVo616DXJQSwjIye83b5dBxACrfA3bqCnFVFgTM5jXGV1cqiBgs9Dl++
 tIDPgUJkCe/bIdQ7PntlGRzxKihHahlxhCa++YaGKqSq7gXie8Rl4qgloIrbfNZ/
 z3XsoOLNdbMGO7ip88Zjwq4Khj5WZu7ijfCtXO7GU1UJZL1tJ2yK2ic7ZDLc251Y
 8EGMSTG53+6yvZYFtWMZeQzjwD2cpuF04dOmHOKi6KGJJ7KRPhn6gpsbc6U1mbH9
 AjGcfOzhhcsY+WAQ7OG+
 =Pjob
 -----END PGP SIGNATURE-----

Merge tag '2014072301' into staging/electro-release

Conflicts:
	Gemfile.lock
	modules/post/windows/gather/credentials/gpp.rb

This removes the active flag in the gpp.rb module.  According to Lance,
the active flag is no longer used.
2014-08-06 15:58:12 -05:00
Luke Imhoff a37244c14e
Fix specs
MSP-10998
2014-08-01 21:55:10 -05:00
Luke Imhoff 9096a8a1f5
Remove Msf::Framework::VersionAPI
MSP-10998

It's compacting of the version parts into a single float doesn't work
with APIMinor over 10, so replace with Gem::Version, which compares
parts correctly.
2014-08-01 21:43:14 -05:00
Luke Imhoff 22db5aad8a
Remove Msf::Framework::VersionCore
MSP-10998

It can't handle 4.10.0 because it tries to compact the multiple part
version into one float using (1 / 10.0).
2014-08-01 21:31:48 -05:00
dmaloney-r7 e6a0e079b6 Merge pull request #3596 from darkbushido/bug/MSP-10937/adding-parent-to-cores-to-credential
.to_credential now assigns a parent
2014-08-01 13:13:48 -05:00
David Maloney dbde046f44
use to_h instead of to_hash
apparently ruby 2 adds this as a standard method so
we should stay compliant
2014-08-01 09:45:51 -05:00
David Maloney 0e65792f43
Merge branch 'staging/electro-release' into feature/loginscanner-report-dry 2014-08-01 09:41:30 -05:00
Brandon Turner 915e09ac50
Update framework version spec and Gemfile 2014-08-01 09:26:38 -05:00
Meatballs b4111df381
Retab spec 2014-08-01 14:41:20 +01:00
Meatballs 4ef3de84f3
get some more test cases 2014-08-01 14:34:17 +01:00
Meatballs 1fb4216d6d
Update spec 2014-08-01 12:08:03 +01:00
David Maloney 374c6532fa
add to_hash to Credential
begining of the chain to DRYing up
credential reporting in the loginscanner
2014-07-31 18:10:48 -05:00
darkbushido ad6eed01a2
.to_credential now assigns a parent
Metasploit::Credential::Core#to_credential will set the parent to the original core objext
Metasploit::Framework::Credential#to_credential also sets the parent to itself.
2014-07-31 14:52:27 -05:00
Meatballs 53b66f3b4a Land #2075, Powershell Improvements 2014-07-31 00:49:39 +01:00
James Lee 77d99b7374
Land #3586, fix msfconsole when running without db
Conflicts:
	Gemfile.lock
	metasploit-framework.gemspec
2014-07-30 17:24:21 -05:00
James Lee ef59d88f64
Fix spec failure due to workspace mismatch
Also fixes intermittent failure from FactoryGirl picking a heinous
Origin type.
2014-07-30 11:26:35 -05:00
Luke Imhoff e4f665fe72
Require 'active_record/railtie' for specs
MSP-10905
2014-07-30 11:10:02 -05:00
us3r777 2efeb850ee Added spec to lib/msf/http/jboss 2014-07-29 02:04:57 +02:00
us3r777 9e9244830a Added spec for lib/msf/http/jboss
Also renamed get_undeploy_bsh and get_undeploy_stager to
gen_undeploy_bsh and gen_undeploy_stager to be consistent
with the other functions
2014-07-29 01:57:04 +02:00
jvazquez-r7 79fe342688
Land #3558, @FireFart's improvements to wordpress mixin 2014-07-28 09:52:20 -05:00
James Lee c65db18090
Add rudimentary specs and fix some help wording 2014-07-28 09:19:09 -05:00
darkbushido 064d624322
changing Credential == operator
it should no longer raise no method errors when comparing a credential to
an object that doesnt respond to public, private, or realm
2014-07-23 16:17:09 -05:00
Christian Mehlmauer baff003ecc
extracted check version to module
also added some wordpress specs and applied
rubocop
2014-07-22 17:02:35 +02:00
Luke Imhoff 14fa49cdeb
Update spec to handle Mdm::Service#proto sequence
MSP-10029

Mdm::Service factories were changed in metasploit_data_models 0.19.0 to
use a sequence that cycles between 'tcp' and 'udp'.  To make the spec
clearer, just hard-code the protos under test instead of relying on
default behavior.
2014-07-22 09:47:35 -05:00
jvazquez-r7 ef12a632f6 Change filename 2014-07-22 08:20:32 -05:00
jvazquez-r7 72c2c07495 Add the specs, really 2014-07-21 17:39:51 -05:00
Tod Beardsley ffafd4c01f
Add NTP fuzzer from @jhart-r7
Looks good to me!
2014-07-21 12:38:12 -05:00
Meatballs 474ee81807
Merge remote-tracking branch 'upstream/master' into pr2075 2014-07-20 21:01:54 +01:00
Meatballs b28343842f Address @jhart-r7's comments 2014-07-20 21:00:34 +01:00
scriptjunkie 8fe508207c Merge Meatballs' gpp_again pull into new branch 2014-07-19 11:10:14 -05:00
William Vu 25f74b79b8
Land #3484, bad pack/unpack specifier fix 2014-07-16 14:52:23 -05:00
Meatballs 7583ed4950
Merge remote-tracking branch 'upstream/master' into pr2075 2014-07-16 20:34:34 +01:00
sinn3r 4fb58202fa
Land #3529 - Handle Rex::AddressInUse exception 2014-07-16 13:57:41 -05:00
David Maloney 52a29856b3
Merge branch 'master' into staging/electro-release
Conflicts:
	Gemfile
	Gemfile.lock
2014-07-16 09:38:44 -05:00
Matt Buck eff2defdde
Fix bug due to Metasploit::Model::Login::Status refactor
MSP-10718
2014-07-16 04:14:45 -05:00
David Maloney 939e585658
refactor all loginscanners
loginscanners now use LoginStatus constants
for the result statuses
2014-07-15 13:17:56 -05:00
jvazquez-r7 4098979448 Add spec 2014-07-15 13:06:53 -05:00
David Maloney 846679bef9
change Result status
result bojects now use Login::status constants
for their status
2014-07-15 11:39:38 -05:00
James Lee 4b16985eb8
Stop trying more creds for a user after success
This is more like the behavior of the old AuthBrute mixin, where a
scanner module was expected to return :next_user in the block given to
each_user_pass when it successfully authenticated.

The advantage is a reduced number of attempts that are very unlikely to
be successful since we already know the password. However, note that
since we don't compare realms, this will cause a false negative in the
rare case where the same username exists with different realms on the
same service.

MSP-10686
2014-07-10 17:48:58 -05:00
James Lee e4039c2382
Merge branch 'staging/electro-release' into feature/MSP-10679/refactor-invalidate-login 2014-07-10 14:00:28 -05:00
James Lee 147c6d8160
Merge branch 'feature/MSP-10660/realm_adjustments' into staging/electro-release 2014-07-10 13:52:21 -05:00
David Maloney 8833429987
make shared example usage more readable
this seems less obtuse
2014-07-10 12:58:13 -05:00
David Maloney 7dc58d060e
make only one each method
made the one true enumerator of credentials
for the login_scanner.

also covered the wierd http case where it can have a realm key
but no default realm.
2014-07-10 12:35:09 -05:00
David Maloney 87e6ede123
Merge branch 'master' into staging/electro-release 2014-07-10 08:44:12 -05:00
James Lee 0daa395007
Fix specs for LoginError cases 2014-07-09 18:11:20 -05:00
David Maloney 25ee278097
strip vestigial realms
in the cases where we don't want a realm we should be
stripping it from the credential so we can build accurate results
2014-07-09 17:46:56 -05:00