adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

1363 Commits

Author SHA1 Message Date
Joe Vennix c6bbc5bccf Merge branch 'landing-4055' into upstream-master 2014-10-28 11:18:20 -05:00
sinn3r e31c9f579d Land #3987 - Buffalo Linkstation NAS Login Scanner 2014-10-28 01:45:57 -05:00
Luke Imhoff c84febea5f tools/missing-payload-tests.rb 
MSP-11145

**NOTE: Failing specs**

Add a tool for reading `log/untested-payload.log` and
`framework.payloads` to determine `context`s to add
`spec/modules/payloads_spec.rb` to test the untested payloads.
 2014-10-27 13:03:31 -05:00
Jon Hart b8c9ef96ca Land #4003, @nstarke's Login Scanner for WD MyBook Live NAS 2014-10-27 09:57:43 -07:00
Jon Hart 765b5e686c Use configured method and URI rather than duplicated values 2014-10-27 09:56:39 -07:00
Luke Imhoff 605f48e58d Detect leaked constants under Msf::Modules 
MSP-11130

Detect constants leaked under Msf::Modules after the suite completes.
 2014-10-27 11:13:43 -05:00
nstarke 44f7db4798 Refactoring Success Case 
I have refactored the code so that it will work with
non-root accounts.
 2014-10-25 13:31:36 +00:00
Luke Imhoff 48d6880f1d Add docs for untested payload testing 
MSP-11145

Add docs to rake task, shared examples, and share contexts for how to
use all 3 together.
 2014-10-23 11:17:05 -05:00
Luke Imhoff f827a1c761 Extract untested-payloads.log checker spec task action 
MSP-11145

Extract the spec task action which errored out if
`log/untested-payloads.log` exists to
`Metasploit::Framework::Spec::UntestedPayloads.define_task`.
 2014-10-23 10:24:33 -05:00
Jon Hart 83df08aaa7 Properly encode body and catch invalid configs 2014-10-22 22:43:06 -07:00
James Lee a5a84886ee Make sure vnc closes the socket 2014-10-22 15:53:05 -05:00
Jon Hart ce8a9941ea Cleanup. Sanity check in setup. vprint 2014-10-22 10:36:24 -07:00
James Lee 46acf08e2d Merge remote-tracking branch 'upstream/master' into bug/msp-11497/loginscanner-tcp-evasions 2014-10-22 09:09:34 -05:00
nstarke ee3dd3a2ac More Fixes for WD MyBook Live Scanner 
Fixes include removing deregistered options
from credentials collection object and adding proof
 when there is no response
 2014-10-22 03:06:21 +00:00
James Lee e1a7e902d6 Re-enable tcp evasions for more LoginScanners 
Untested since I don't have targets for these.
 2014-10-21 18:58:28 -05:00
sinn3r 79d393c5aa Resolve merge conflicts 
Conflicts:
	lib/msf/core/exploit/smb.rb
	lib/msf/core/exploit/tcp.rb
	modules/auxiliary/scanner/http/axis_login.rb
 2014-10-21 13:06:35 -05:00
James Lee 83b1d270cd Fix ftp and mssql 2014-10-21 11:09:39 -05:00
James Lee 8b2dcac730 Fix telnet 2014-10-21 11:08:41 -05:00
James Lee 2fcb1004fb Move tcp options to Tcp::Client out of RexSocket 2014-10-21 09:59:26 -05:00
James Lee e76ee294a1 Restore tcp evasions to telnet 2014-10-21 09:44:55 -05:00
James Lee cb9a77c06b Fix NoMethodError when unable to connect 
Derp.
 2014-10-21 08:58:45 -05:00
James Lee 6f3b26f5e9 Remove tcp evasions from Http 
Can't use 'em anyway
 2014-10-21 08:27:29 -05:00
nstarke 82b74d5f3c Fixes to MyBook Live Module 
This commit contains three fixes as requested on PR
#4003.  Those include:

+ Removing extraneous puts statement
+ Checking for valid response
+ SSL support.
 2014-10-21 00:50:40 +00:00
nstarke 70b13819d9 Adding Login Scanner for MyBook Live 
This is a LoginScanner auxiliary module for Western
Digital MyBook Live NAS devices as well as the spec
for testing.
 2014-10-21 00:50:40 +00:00
James Lee 3051b6c5ba Clean up exceptions 
Of particular note is mysql, who was rescuing Rex::ConnectionTimeout
*after* Rex::ConnectionError, which never would have fired anyway.
 2014-10-20 10:27:02 -05:00
James Lee b7d69bec83 Restore proxies to ssh scanners 2014-10-20 10:19:06 -05:00
Tod Beardsley a431bff13f @wvu-r7 is a skilled negotiator. s/stdout/stderr/ 2014-10-17 13:13:44 -05:00
Tod Beardsley 5978bd5e62 Control the startup msg with -q, too 2014-10-17 12:41:58 -05:00
Tod Beardsley a45b21b6bf -q will quiet the animation, too 2014-10-17 12:32:28 -05:00
James Lee 41a57b7ba5 Re-enable proxies for HTTP-based login scanners 2014-10-15 17:00:44 -05:00
Tod Beardsley e010d70913 No need for that bool option 2014-10-14 14:59:57 -05:00
Tod Beardsley bf0a5d038e Add an animation to comfort the user 
Sometimes msfconsole takes a little while to start.

This adds a fairly common ASCII spinner to the startup sequence.

I haven't spec'ed it, and the code organization isn't great, so consider
this PR more of a cry for help than something immediately landable.

That said, it works for me.
 2014-10-14 14:54:45 -05:00
nstarke f8d6af6d4e Rescuing from JSON Parse 
Previous code was not using any sort of exception handling
for parsing the response body.  I have added a rescue block
for JSON errors to remedy this problem.
 2014-10-10 12:41:11 +00:00
nstarke 472985a8a8 Adding Buffalo Linkstation NAS Login Scanner 
I have added a login scanner for the Buffalo Linkstation
NAS.  I have been testing against version 1.68 of the
firmware.  Also included are some specs for this module.
 2014-10-10 03:16:48 +00:00
nstarke eed0958de5 Fixing Comment 
Comment was incorrect and needed to be fixed.
 2014-10-07 11:28:40 -05:00
nstarke b8c2643d56 Converting Module to LoginScanner w/ Specs 
The previous commits for this Jenkins CI module relied on an
obsolete pattern.  Consequently, it was necessary to write
this module as a LoginScanner and incorporate the appropriate
specs so that the tests will run properly.
 2014-10-06 21:14:10 -05:00
Matt Buck 0bb4eac259 Rename the method for optional requires 
MSP-11412
 2014-10-03 14:06:13 -05:00
Matt Buck 88cbf22ef0 Optionally require mdm, as well 
MSP-11412
 2014-10-03 13:49:39 -05:00
Matt Buck dabec92e61 Ensure require of metasploit/credential/engine is optional 2014-10-02 14:46:56 -05:00
Matt Buck 7ed1977d0b Specific require all metasploit gem dependencies' engines 
MSP-11412
 2014-10-02 14:20:10 -05:00
sinn3r 7163b8c55a Fixes #3915 - NoMethodError private method `rhost' 
There's no self.rhost, but rhost is defined
 2014-09-30 11:34:16 -05:00
David Maloney 5ff4a55cd2 smb connection error not setting result properly 
if the initial connection from the SMB LoginScanner fails
it wouldn't set the target information on the result. this could cause
smb_login to throw a stack trace when it calls invalidate_login
 2014-09-16 15:24:14 -05:00
David Maloney e5aa5c4014 missing postgres rescues 2014-09-16 15:04:07 -05:00
sinn3r 169d04020d Land #3571 - Add Wordpress XML-RPC Login Scanner (with LoginScanner) 2014-09-16 14:51:24 -05:00
David Maloney aeed66b694 missing mysql rescue 2014-09-16 13:41:03 -05:00
David Maloney d708de07a3 return the lgoinscanner class name in an invalid exception 
when a loginScanner throws an Invalid exception , the message
will now include the classname of the Scanner that threw it.
 2014-09-16 13:24:08 -05:00
David Maloney 6decd3cbd2 fix exceptions thrown in telnet loginscanner too 2014-09-16 10:09:59 -05:00
David Maloney bf8f7221c7 rescue exceptions in check_setup 2014-09-15 13:52:17 -05:00
jvazquez-r7 7d4c4c3658 Land #3699, @dmaloney-r7's ipboard login refactor 2014-09-15 08:29:42 -05:00
jvazquez-r7 917a7ffa1e Add specs for valid IPBoard application 2014-09-12 16:08:03 -05:00