adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
37,190 Commits 27 Branches 1,043 Tags
f8d6a59cdc72ffa3bcbe1270276f3fb0a7bdfa22
Commit Graph

20 Commits

Author SHA1 Message Date
David Maloney c6656e4031 example_group and hook_scope conversions 
not strictly required, these conversions keep us
up to date with latest rspec conventions and best practices
which will prevent use from having to convert them when they become
deprecated later
 2015-12-31 16:56:13 -06:00
Luke Imhoff 6f71810010 it { should -> it { is_expected.to 
MSP-13484
 2015-12-10 21:47:22 -06:00
Luke Imhoff 0eb68ef16c .should_not_receive -> expect().not_to receive 
MSP-13484
 2015-12-10 21:47:22 -06:00
Luke Imhoff 03c649bb91 should_receive -> expect().to receive 
MSP-13484
 2015-12-10 21:47:22 -06:00
HD Moore 8b0354b193 Fix the SSL boolean test 2015-02-23 14:29:28 -06:00
James Lee bb119b840a Move Tcp specs into their own shared example 
All the Tcp options formerly in RexSocket got moved, this just brings
the specs in line with the new reality.
 2014-10-22 09:16:14 -05:00
jvazquez-r7 41420a97d5 Solve conflicts 2014-08-26 09:04:05 -05:00
jvazquez-r7 60ecf4e8c4 Use be_truthy instead of be_true 2014-08-25 23:58:08 -05:00
jvazquez-r7 dd1c015e4e Use be_falsey 2014-08-25 17:34:55 -05:00
David Maloney 939e585658 refactor all loginscanners 
loginscanners now use LoginStatus constants
for the result statuses
 2014-07-15 13:17:56 -05:00
David Maloney 846679bef9 change Result status 
result bojects now use Login::status constants
for their status
 2014-07-15 11:39:38 -05:00
James Lee 4b16985eb8 Stop trying more creds for a user after success 
This is more like the behavior of the old AuthBrute mixin, where a
scanner module was expected to return :next_user in the block given to
each_user_pass when it successfully authenticated.

The advantage is a reduced number of attempts that are very unlikely to
be successful since we already know the password. However, note that
since we don't compare realms, this will cause a false negative in the
rare case where the same username exists with different realms on the
same service.

MSP-10686
 2014-07-10 17:48:58 -05:00
David Maloney 8833429987 make shared example usage more readable 
this seems less obtuse
 2014-07-10 12:58:13 -05:00
David Maloney 7dc58d060e make only one each method 
made the one true enumerator of credentials
for the login_scanner.

also covered the wierd http case where it can have a realm key
but no default realm.
 2014-07-10 12:35:09 -05:00
David Maloney 25ee278097 strip vestigial realms 
in the cases where we don't want a realm we should be
stripping it from the credential so we can build accurate results
 2014-07-09 17:46:56 -05:00
David Maloney c7b37743ef working realm coercion 
LoginScanners will now figure out
the right thing to do about Realms
based on attributes of the Scanner itself
 2014-07-09 15:56:39 -05:00
David Maloney 24fced822e coerce realm_key when it exists 
if the cred has a realm and the loginscanner
has a realm_key, make the credential use the
scanner's realm key
 2014-07-09 14:58:20 -05:00
David Maloney 766b50b5e0 REALM_KEY not _TYPE 
arg typos
 2014-07-09 14:01:41 -05:00
James Lee cff2e1a1c1 And remove specs referencing obsolete accessors 2014-07-07 12:37:14 -05:00
Lance Sanchez 07d548caeb dropping lib from shared examples 
MSP-9912
 2014-06-25 14:32:43 -05:00