adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

1982 Commits

Author SHA1 Message Date
Meatballs 4ef3de84f3 get some more test cases 2014-08-01 14:34:17 +01:00
Meatballs 1fb4216d6d Update spec 2014-08-01 12:08:03 +01:00
David Maloney 374c6532fa add to_hash to Credential 
begining of the chain to DRYing up
credential reporting in the loginscanner
 2014-07-31 18:10:48 -05:00
darkbushido ad6eed01a2 .to_credential now assigns a parent 
Metasploit::Credential::Core#to_credential will set the parent to the original core objext
Metasploit::Framework::Credential#to_credential also sets the parent to itself.
 2014-07-31 14:52:27 -05:00
Meatballs 53b66f3b4a Land #2075, Powershell Improvements 2014-07-31 00:49:39 +01:00
James Lee 77d99b7374 Land #3586, fix msfconsole when running without db 
Conflicts:
	Gemfile.lock
	metasploit-framework.gemspec
 2014-07-30 17:24:21 -05:00
James Lee ef59d88f64 Fix spec failure due to workspace mismatch 
Also fixes intermittent failure from FactoryGirl picking a heinous
Origin type.
 2014-07-30 11:26:35 -05:00
Luke Imhoff e4f665fe72 Require 'active_record/railtie' for specs 
MSP-10905
 2014-07-30 11:10:02 -05:00
us3r777 2efeb850ee Added spec to lib/msf/http/jboss 2014-07-29 02:04:57 +02:00
us3r777 9e9244830a Added spec for lib/msf/http/jboss 
Also renamed get_undeploy_bsh and get_undeploy_stager to
gen_undeploy_bsh and gen_undeploy_stager to be consistent
with the other functions
 2014-07-29 01:57:04 +02:00
jvazquez-r7 79fe342688 Land #3558, @FireFart's improvements to wordpress mixin 2014-07-28 09:52:20 -05:00
James Lee c65db18090 Add rudimentary specs and fix some help wording 2014-07-28 09:19:09 -05:00
darkbushido 064d624322 changing Credential == operator 
it should no longer raise no method errors when comparing a credential to
an object that doesnt respond to public, private, or realm
 2014-07-23 16:17:09 -05:00
Christian Mehlmauer baff003ecc extracted check version to module 
also added some wordpress specs and applied
rubocop
 2014-07-22 17:02:35 +02:00
Luke Imhoff 14fa49cdeb Update spec to handle Mdm::Service#proto sequence 
MSP-10029

Mdm::Service factories were changed in metasploit_data_models 0.19.0 to
use a sequence that cycles between 'tcp' and 'udp'.  To make the spec
clearer, just hard-code the protos under test instead of relying on
default behavior.
 2014-07-22 09:47:35 -05:00
jvazquez-r7 ef12a632f6 Change filename 2014-07-22 08:20:32 -05:00
jvazquez-r7 72c2c07495 Add the specs, really 2014-07-21 17:39:51 -05:00
Tod Beardsley ffafd4c01f Add NTP fuzzer from @jhart-r7 
Looks good to me!
 2014-07-21 12:38:12 -05:00
Meatballs 474ee81807 Merge remote-tracking branch 'upstream/master' into pr2075 2014-07-20 21:01:54 +01:00
Meatballs b28343842f Address @jhart-r7's comments 2014-07-20 21:00:34 +01:00
scriptjunkie 8fe508207c Merge Meatballs' gpp_again pull into new branch 2014-07-19 11:10:14 -05:00
William Vu 25f74b79b8 Land #3484, bad pack/unpack specifier fix 2014-07-16 14:52:23 -05:00
Meatballs 7583ed4950 Merge remote-tracking branch 'upstream/master' into pr2075 2014-07-16 20:34:34 +01:00
sinn3r 4fb58202fa Land #3529 - Handle Rex::AddressInUse exception 2014-07-16 13:57:41 -05:00
David Maloney 52a29856b3 Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-07-16 09:38:44 -05:00
Matt Buck eff2defdde Fix bug due to Metasploit::Model::Login::Status refactor 
MSP-10718
 2014-07-16 04:14:45 -05:00
David Maloney 939e585658 refactor all loginscanners 
loginscanners now use LoginStatus constants
for the result statuses
 2014-07-15 13:17:56 -05:00
jvazquez-r7 4098979448 Add spec 2014-07-15 13:06:53 -05:00
David Maloney 846679bef9 change Result status 
result bojects now use Login::status constants
for their status
 2014-07-15 11:39:38 -05:00
James Lee 4b16985eb8 Stop trying more creds for a user after success 
This is more like the behavior of the old AuthBrute mixin, where a
scanner module was expected to return :next_user in the block given to
each_user_pass when it successfully authenticated.

The advantage is a reduced number of attempts that are very unlikely to
be successful since we already know the password. However, note that
since we don't compare realms, this will cause a false negative in the
rare case where the same username exists with different realms on the
same service.

MSP-10686
 2014-07-10 17:48:58 -05:00
James Lee e4039c2382 Merge branch 'staging/electro-release' into feature/MSP-10679/refactor-invalidate-login 2014-07-10 14:00:28 -05:00
James Lee 147c6d8160 Merge branch 'feature/MSP-10660/realm_adjustments' into staging/electro-release 2014-07-10 13:52:21 -05:00
David Maloney 8833429987 make shared example usage more readable 
this seems less obtuse
 2014-07-10 12:58:13 -05:00
David Maloney 7dc58d060e make only one each method 
made the one true enumerator of credentials
for the login_scanner.

also covered the wierd http case where it can have a realm key
but no default realm.
 2014-07-10 12:35:09 -05:00
David Maloney 87e6ede123 Merge branch 'master' into staging/electro-release 2014-07-10 08:44:12 -05:00
James Lee 0daa395007 Fix specs for LoginError cases 2014-07-09 18:11:20 -05:00
David Maloney 25ee278097 strip vestigial realms 
in the cases where we don't want a realm we should be
stripping it from the credential so we can build accurate results
 2014-07-09 17:46:56 -05:00
Tod Beardsley 038d1e210a Merge upstream/master to deconflict. 
Conflicts:
	Gemfile.lock
 2014-07-09 17:43:42 -05:00
David Maloney 0c4e53ce5a fix up specs 
a whole bunch of spec changes needed for
these changes.

alos the axis2 spec was actually testing the winrm
class due to copypasta error.
 2014-07-09 16:32:59 -05:00
David Maloney c7b37743ef working realm coercion 
LoginScanners will now figure out
the right thing to do about Realms
based on attributes of the Scanner itself
 2014-07-09 15:56:39 -05:00
David Maloney 24fced822e coerce realm_key when it exists 
if the cred has a realm and the loginscanner
has a realm_key, make the credential use the
scanner's realm key
 2014-07-09 14:58:20 -05:00
David Maloney 766b50b5e0 REALM_KEY not _TYPE 
arg typos
 2014-07-09 14:01:41 -05:00
James Lee afe36ab6ad Merge branch 'staging/electro-release' into feature/MSP-9707/smb-bruteforce-refactor 
Conflicts:
	lib/metasploit/framework/login_scanner/smb.rb
 2014-07-09 12:50:24 -05:00
David Maloney aeda74f394 Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-07-07 16:41:23 -05:00
David Maloney 2c13ff4038 Merge branch 'staging/electro-release' into feature/MSP-10656/unify-ssh-scanners 2014-07-07 16:32:39 -05:00
dmaloney-r7 db8b0c907b Merge pull request #94 from rapid7/feature/MSP-10648/login-scanner-creation 
Feature/msp 10648/login scanner creation
 2014-07-07 16:04:09 -05:00
dmaloney-r7 c4c7ff519f Merge pull request #96 from rapid7/feature/MSP-10657/add-private-type 
Add private_type and realm_key accessors to Framework::Credential
 2014-07-07 15:43:18 -05:00
James Lee 4d4b8078f8 Unify SSH specs as well 2014-07-07 13:41:08 -05:00
James Lee 71cbbc5388 Merge branch 'feature/MSP-10648/login-scanner-creation' into feature/MSP-10656/unify-ssh-scanners 2014-07-07 13:19:34 -05:00
James Lee b7cfc927c4 Add private_type and realm_key accessors 2014-07-07 13:07:28 -05:00