adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
27,843 Commits 27 Branches 1,043 Tags
e5cc456be7b5cb1893ce5c4178e95b3fc4e2a2ec
Commit Graph

97 Commits

Author SHA1 Message Date
Luke Imhoff c501e1e58a Extract Msf::Module::Rank shared examples 
MSP-11126
 2014-10-16 14:41:59 -05:00
Luke Imhoff 925cd63171 Extrat Msf::Module::Type shared examples 
MSP-11126
 2014-10-16 14:28:43 -05:00
Luke Imhoff e418f98d45 arch -> Msf::Module::Arch 
MSP-11126
 2014-10-16 13:21:11 -05:00
Luke Imhoff 28af6a490b Extract Msf::Module::Arch shared examples 
MSP-11126
 2014-10-16 13:16:57 -05:00
Luke Imhoff a2dc3b754f Extract Msf::Module::ModuleInfo shared examples 
MSP-11126
 2014-10-16 13:10:15 -05:00
Luke Imhoff f8ada87e86 Extract Msf::Module::Options shared examples 
MSP-11126
 2014-10-16 11:24:03 -05:00
Luke Imhoff c50cb2eb8a Extract Msf::Module::UI::*::Verbose and shared examples 
MSP-11126
 2014-10-16 10:05:45 -05:00
Luke Imhoff a3afb92ee2 Extract Msf::Module::UI::Line shared examples 
MSP-11126
 2014-10-16 09:51:23 -05:00
Luke Imhoff 96864b3892 Extract Msf::Module::UI::Message shared examples 
MSP-11126
 2014-10-16 09:45:17 -05:00
Luke Imhoff 4d9f7db15a Extract Msf::Module::Compatibility 
MSP-11126
 2014-10-16 09:29:31 -05:00
Luke Imhoff 9b10a3f1dc Extract Msf::Module::DataStore shared examples 
MSP-11126
 2014-10-16 09:14:44 -05:00
Luke Imhoff 6a194b3a88 Extract Msf::Module::ModuleStore shared examples 
MSP-11126
 2014-10-16 09:03:12 -05:00
Samuel Huckins 0dfd8e25b8 Land #3846, Rex::ImageSource specs 2014-10-02 12:33:56 -05:00
sinn3r 9e5826c4eb Land #3844 - Add the JSObfu mixin to Firefox exploits 2014-09-29 11:15:14 -05:00
jvazquez-r7 45011ae87f Add shared examples 2014-09-22 12:15:04 -05:00
Joe Vennix ec88957ff4 Whitespace tweaks. 2014-09-21 23:57:58 -05:00
Joe Vennix d9e6f2896f Add the JSObfu mixin to a lot of places. 2014-09-21 23:45:59 -05:00
Luke Imhoff b863978028 Remove fastlib 
MSP-11368
MSP-11143

Remove fastlib as it slows down the code loading process.  From the
previous commit, the mean loading for
`METASPLOIT_FRAMEWORK_PROFILE=true msfconsole -q -x exit` was
27.9530±0.3485 seconds (N=10).  The mean after removal of fastlib
was 17.9820±0.6497 seconds (N=10).  This means an average 35.67%
reduction in boot time.
 2014-09-18 15:24:21 -05:00
jvazquez-r7 3f5fdaebb4 Add specs for Rex::Encoder::NDR 2014-09-15 13:49:18 -05:00
James Lee f68628c487 Add minimal specs for rex/proto/http/packet/header 2014-09-12 14:30:27 -05:00
jvazquez-r7 fdb66d978b Fix remainings be_truthy and be_falsey conditionals 2014-09-02 13:22:21 -05:00
jvazquez-r7 9cec62d52b Merge branch 'specs_its' into fix_deprecation_warnings 2014-09-02 13:14:21 -05:00
jvazquez-r7 d7af3a628d Avoid its on Msf::ModuleManager::Cache shared examples specs 2014-09-02 12:02:26 -05:00
jvazquez-r7 b37e1a5421 Solve conflicts 2014-08-26 17:51:37 -05:00
Joshua Smith 1fa26e2afb cleans up a bunch of spec msftidy issues 2014-08-26 15:24:08 -05:00
jvazquez-r7 042b8a3672 Switch from pending to skip in specs 2014-08-26 15:17:00 -05:00
jvazquez-r7 41420a97d5 Solve conflicts 2014-08-26 09:04:05 -05:00
jvazquez-r7 60ecf4e8c4 Use be_truthy instead of be_true 2014-08-25 23:58:08 -05:00
jvazquez-r7 dd1c015e4e Use be_falsey 2014-08-25 17:34:55 -05:00
darkbushido ad6eed01a2 .to_credential now assigns a parent 
Metasploit::Credential::Core#to_credential will set the parent to the original core objext
Metasploit::Framework::Credential#to_credential also sets the parent to itself.
 2014-07-31 14:52:27 -05:00
David Maloney 939e585658 refactor all loginscanners 
loginscanners now use LoginStatus constants
for the result statuses
 2014-07-15 13:17:56 -05:00
David Maloney 846679bef9 change Result status 
result bojects now use Login::status constants
for their status
 2014-07-15 11:39:38 -05:00
James Lee 4b16985eb8 Stop trying more creds for a user after success 
This is more like the behavior of the old AuthBrute mixin, where a
scanner module was expected to return :next_user in the block given to
each_user_pass when it successfully authenticated.

The advantage is a reduced number of attempts that are very unlikely to
be successful since we already know the password. However, note that
since we don't compare realms, this will cause a false negative in the
rare case where the same username exists with different realms on the
same service.

MSP-10686
 2014-07-10 17:48:58 -05:00
David Maloney 8833429987 make shared example usage more readable 
this seems less obtuse
 2014-07-10 12:58:13 -05:00
David Maloney 7dc58d060e make only one each method 
made the one true enumerator of credentials
for the login_scanner.

also covered the wierd http case where it can have a realm key
but no default realm.
 2014-07-10 12:35:09 -05:00
David Maloney 25ee278097 strip vestigial realms 
in the cases where we don't want a realm we should be
stripping it from the credential so we can build accurate results
 2014-07-09 17:46:56 -05:00
David Maloney c7b37743ef working realm coercion 
LoginScanners will now figure out
the right thing to do about Realms
based on attributes of the Scanner itself
 2014-07-09 15:56:39 -05:00
David Maloney 24fced822e coerce realm_key when it exists 
if the cred has a realm and the loginscanner
has a realm_key, make the credential use the
scanner's realm key
 2014-07-09 14:58:20 -05:00
David Maloney 766b50b5e0 REALM_KEY not _TYPE 
arg typos
 2014-07-09 14:01:41 -05:00
James Lee cff2e1a1c1 And remove specs referencing obsolete accessors 2014-07-07 12:37:14 -05:00
Lance Sanchez c1877cfba2 fixing the broken to_credential test 
MSP-9912
 2014-06-27 10:06:38 -05:00
Lance Sanchez b5351eec2b adding .to_credential 
Metasploit::Framework::Credential and Metasploit::Credential::Core
need to be consumable by the login scanners. the easiest way to do this
was to create a shared to_credential method on both that return Metasploit::Framework::Credential

MSP-9912
 2014-06-26 11:05:59 -05:00
Lance Sanchez 07d548caeb dropping lib from shared examples 
MSP-9912
 2014-06-25 14:32:43 -05:00
Luke Imhoff af99c0c01e Remove should_receive(:with_connection) from specs 
MSP-10127

Causes specs to randomly fail when with_connection calls from
before(:each) or after(:each) are intercepted by the should_receive
call.
 2014-06-19 16:24:53 -05:00
dmaloney-r7 ff8e6d2c50 Merge pull request #45 from rapid7/feature/MSP-9988/credential-collection 
Add a CredCollection class and refactor WinRM bruteforce module
 2014-06-06 11:53:28 -05:00
David Maloney 90b52814b1 fix some spec issues for recent changes 2014-06-06 11:52:49 -05:00
Luke Imhoff ca63d2201e Update init_module_paths spec to match Rails::Engine behavior 
MSP-9653
 2014-06-02 14:26:35 -05:00
James Lee 5d1a0397ed Add Tomcat login scanner 2014-05-21 14:28:54 -05:00
James Lee 9582d82fba Merge remote-tracking branch 'private/staging/electro-release' into feature/MSP-9687/winrm-loginscanner 2014-05-15 13:59:48 -05:00
James Lee 99f8fbbc9c Add WinRM login scanner 
* Genericizes HTTP a bit to make these kinds of HTTP-based scanners
  simpler and easier
* Adds support for default ports to HTTP. This should probably be
  rafactored up into Base
* Removes spec that complains about port being unset (which now fails
  because defaults ensure it's always set)
 2014-05-14 14:35:49 -05:00