Land #4057 - Bring back TCP::max_send_size and TCP::send_delay options
Fix #3967
This commit is contained in:
commit
42cd288bc0
|
@ -4,6 +4,7 @@ module Metasploit
|
||||||
module Framework
|
module Framework
|
||||||
module Ftp
|
module Ftp
|
||||||
module Client
|
module Client
|
||||||
|
extend ActiveSupport::Concern
|
||||||
include Metasploit::Framework::Tcp::Client
|
include Metasploit::Framework::Tcp::Client
|
||||||
|
|
||||||
#
|
#
|
||||||
|
|
|
@ -88,6 +88,7 @@ module Metasploit
|
||||||
|
|
||||||
def each_credential
|
def each_credential
|
||||||
cred_details.each do |raw_cred|
|
cred_details.each do |raw_cred|
|
||||||
|
|
||||||
# This could be a Credential object, or a Credential Core, or an Attempt object
|
# This could be a Credential object, or a Credential Core, or an Attempt object
|
||||||
# so make sure that whatever it is, we end up with a Credential.
|
# so make sure that whatever it is, we end up with a Credential.
|
||||||
credential = raw_cred.to_credential
|
credential = raw_cred.to_credential
|
||||||
|
@ -101,6 +102,11 @@ module Metasploit
|
||||||
credential.realm_key = self.class::REALM_KEY
|
credential.realm_key = self.class::REALM_KEY
|
||||||
yield credential
|
yield credential
|
||||||
elsif credential.realm.blank? && self.class::REALM_KEY.present? && self.class::DEFAULT_REALM.present?
|
elsif credential.realm.blank? && self.class::REALM_KEY.present? && self.class::DEFAULT_REALM.present?
|
||||||
|
# XXX: This is messing up the display for mssql when not using
|
||||||
|
# Windows authentication, e.g.:
|
||||||
|
# [+] 10.0.0.53:1433 - LOGIN SUCCESSFUL: WORKSTATION\sa:msfadmin
|
||||||
|
# Realm gets ignored in that case, so it still functions, it
|
||||||
|
# just gives the user bogus info
|
||||||
credential.realm_key = self.class::REALM_KEY
|
credential.realm_key = self.class::REALM_KEY
|
||||||
credential.realm = self.class::DEFAULT_REALM
|
credential.realm = self.class::DEFAULT_REALM
|
||||||
yield credential
|
yield credential
|
||||||
|
@ -144,8 +150,10 @@ module Metasploit
|
||||||
successful_users = Set.new
|
successful_users = Set.new
|
||||||
|
|
||||||
each_credential do |credential|
|
each_credential do |credential|
|
||||||
# For Pro bruteforce Reuse and Guess we need to note that we skipped an attempt.
|
# Skip users for whom we've have already found a password
|
||||||
if successful_users.include?(credential.public)
|
if successful_users.include?(credential.public)
|
||||||
|
# For Pro bruteforce Reuse and Guess we need to note that we
|
||||||
|
# skipped an attempt.
|
||||||
if credential.parent.respond_to?(:skipped)
|
if credential.parent.respond_to?(:skipped)
|
||||||
credential.parent.skipped = true
|
credential.parent.skipped = true
|
||||||
credential.parent.save!
|
credential.parent.save!
|
||||||
|
|
|
@ -139,8 +139,6 @@ module Metasploit
|
||||||
# like timeouts and TCP evasion options
|
# like timeouts and TCP evasion options
|
||||||
def set_sane_defaults
|
def set_sane_defaults
|
||||||
self.connection_timeout ||= 20
|
self.connection_timeout ||= 20
|
||||||
self.max_send_size = 0 if self.max_send_size.nil?
|
|
||||||
self.send_delay = 0 if self.send_delay.nil?
|
|
||||||
self.uri = '/' if self.uri.blank?
|
self.uri = '/' if self.uri.blank?
|
||||||
self.method = 'GET' if self.method.blank?
|
self.method = 'GET' if self.method.blank?
|
||||||
|
|
||||||
|
|
|
@ -12,12 +12,6 @@ module Metasploit
|
||||||
|
|
||||||
included do
|
included do
|
||||||
|
|
||||||
# @!attribute max_send_size
|
|
||||||
# @return [Fixnum] The max size of the data to encapsulate in a single packet
|
|
||||||
attr_accessor :max_send_size
|
|
||||||
# @!attribute send_delay
|
|
||||||
# @return [Fixnum] The delay between sending packets
|
|
||||||
attr_accessor :send_delay
|
|
||||||
# @!attribute ssl
|
# @!attribute ssl
|
||||||
# @return [Boolean] Whether the socket should use ssl
|
# @return [Boolean] Whether the socket should use ssl
|
||||||
attr_accessor :ssl
|
attr_accessor :ssl
|
||||||
|
@ -25,21 +19,6 @@ module Metasploit
|
||||||
# @return [String] The version of SSL to implement
|
# @return [String] The version of SSL to implement
|
||||||
attr_accessor :ssl_version
|
attr_accessor :ssl_version
|
||||||
|
|
||||||
validates :max_send_size,
|
|
||||||
presence: true,
|
|
||||||
numericality: {
|
|
||||||
only_integer: true,
|
|
||||||
greater_than_or_equal_to: 0
|
|
||||||
}
|
|
||||||
|
|
||||||
validates :send_delay,
|
|
||||||
presence: true,
|
|
||||||
numericality: {
|
|
||||||
only_integer: true,
|
|
||||||
greater_than_or_equal_to: 0
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def chost
|
def chost
|
||||||
|
|
|
@ -105,12 +105,12 @@ module Metasploit
|
||||||
# like timeouts and TCP evasion options
|
# like timeouts and TCP evasion options
|
||||||
def set_sane_defaults
|
def set_sane_defaults
|
||||||
self.connection_timeout ||= 30
|
self.connection_timeout ||= 30
|
||||||
self.max_send_size ||= 0
|
|
||||||
self.port ||= DEFAULT_PORT
|
self.port ||= DEFAULT_PORT
|
||||||
self.send_delay ||= 0
|
|
||||||
self.banner_timeout ||= 25
|
self.banner_timeout ||= 25
|
||||||
self.telnet_timeout ||= 10
|
self.telnet_timeout ||= 10
|
||||||
self.connection_timeout ||= 30
|
self.connection_timeout ||= 30
|
||||||
|
self.max_send_size ||= 0
|
||||||
|
self.send_delay ||= 0
|
||||||
# Shim to set up the ivars from the old Login mixin
|
# Shim to set up the ivars from the old Login mixin
|
||||||
create_login_ivars
|
create_login_ivars
|
||||||
end
|
end
|
||||||
|
|
|
@ -56,7 +56,6 @@ module Metasploit
|
||||||
# Create our VNC client overtop of the socket
|
# Create our VNC client overtop of the socket
|
||||||
vnc = Rex::Proto::RFB::Client.new(sock, :allow_none => false)
|
vnc = Rex::Proto::RFB::Client.new(sock, :allow_none => false)
|
||||||
|
|
||||||
|
|
||||||
if vnc.handshake
|
if vnc.handshake
|
||||||
if vnc_auth(vnc,credential.private)
|
if vnc_auth(vnc,credential.private)
|
||||||
result_options[:status] = Metasploit::Model::Login::Status::SUCCESSFUL
|
result_options[:status] = Metasploit::Model::Login::Status::SUCCESSFUL
|
||||||
|
@ -77,6 +76,8 @@ module Metasploit
|
||||||
proof: e.message,
|
proof: e.message,
|
||||||
status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
|
status: Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
|
||||||
)
|
)
|
||||||
|
ensure
|
||||||
|
disconnect
|
||||||
end
|
end
|
||||||
|
|
||||||
::Metasploit::Framework::LoginScanner::Result.new(result_options)
|
::Metasploit::Framework::LoginScanner::Result.new(result_options)
|
||||||
|
|
|
@ -5,6 +5,7 @@ module Metasploit
|
||||||
module MSSQL
|
module MSSQL
|
||||||
|
|
||||||
module Client
|
module Client
|
||||||
|
extend ActiveSupport::Concern
|
||||||
include Metasploit::Framework::Tcp::Client
|
include Metasploit::Framework::Tcp::Client
|
||||||
|
|
||||||
NTLM_CRYPT = Rex::Proto::NTLM::Crypt
|
NTLM_CRYPT = Rex::Proto::NTLM::Crypt
|
||||||
|
@ -725,4 +726,4 @@ module Metasploit
|
||||||
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -40,6 +40,33 @@ module Metasploit
|
||||||
|
|
||||||
module Client
|
module Client
|
||||||
|
|
||||||
|
extend ActiveSupport::Concern
|
||||||
|
|
||||||
|
# @!attribute max_send_size
|
||||||
|
# @return [Fixnum] The max size of the data to encapsulate in a single packet
|
||||||
|
attr_accessor :max_send_size
|
||||||
|
# @!attribute send_delay
|
||||||
|
# @return [Fixnum] The delay between sending packets
|
||||||
|
attr_accessor :send_delay
|
||||||
|
|
||||||
|
included do
|
||||||
|
include ActiveModel::Validations
|
||||||
|
validates :max_send_size,
|
||||||
|
presence: true,
|
||||||
|
numericality: {
|
||||||
|
only_integer: true,
|
||||||
|
greater_than_or_equal_to: 0
|
||||||
|
}
|
||||||
|
|
||||||
|
validates :send_delay,
|
||||||
|
presence: true,
|
||||||
|
numericality: {
|
||||||
|
only_integer: true,
|
||||||
|
greater_than_or_equal_to: 0
|
||||||
|
}
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
#
|
#
|
||||||
# Establishes a TCP connection to the specified RHOST/RPORT
|
# Establishes a TCP connection to the specified RHOST/RPORT
|
||||||
#
|
#
|
||||||
|
@ -64,7 +91,6 @@ module Metasploit
|
||||||
'Proxies' => proxies,
|
'Proxies' => proxies,
|
||||||
'Timeout' => (opts['ConnectTimeout'] || connection_timeout || 10).to_i
|
'Timeout' => (opts['ConnectTimeout'] || connection_timeout || 10).to_i
|
||||||
)
|
)
|
||||||
|
|
||||||
# enable evasions on this socket
|
# enable evasions on this socket
|
||||||
set_tcp_evasions(nsock)
|
set_tcp_evasions(nsock)
|
||||||
|
|
||||||
|
@ -121,14 +147,6 @@ module Metasploit
|
||||||
#
|
#
|
||||||
##
|
##
|
||||||
|
|
||||||
def max_send_size
|
|
||||||
raise NotImplementedError
|
|
||||||
end
|
|
||||||
|
|
||||||
def send_delay
|
|
||||||
raise NotImplementedError
|
|
||||||
end
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Returns the target host
|
# Returns the target host
|
||||||
#
|
#
|
||||||
|
|
|
@ -4,6 +4,7 @@ module Metasploit
|
||||||
module Framework
|
module Framework
|
||||||
module Telnet
|
module Telnet
|
||||||
module Client
|
module Client
|
||||||
|
extend ActiveSupport::Concern
|
||||||
include Metasploit::Framework::Tcp::Client
|
include Metasploit::Framework::Tcp::Client
|
||||||
include Msf::Auxiliary::Login
|
include Msf::Auxiliary::Login
|
||||||
|
|
||||||
|
@ -216,4 +217,4 @@ module Metasploit
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -63,7 +63,9 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
proxies: datastore['PROXIES'],
|
proxies: datastore['PROXIES'],
|
||||||
cred_details: cred_collection,
|
cred_details: cred_collection,
|
||||||
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
||||||
connection_timeout: 30
|
connection_timeout: 30,
|
||||||
|
max_send_size: datastore['TCP::max_send_size'],
|
||||||
|
send_delay: datastore['TCP::send_delay'],
|
||||||
)
|
)
|
||||||
|
|
||||||
scanner.scan! do |result|
|
scanner.scan! do |result|
|
||||||
|
|
|
@ -61,7 +61,9 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
proxies: datastore['PROXIES'],
|
proxies: datastore['PROXIES'],
|
||||||
cred_details: cred_collection,
|
cred_details: cred_collection,
|
||||||
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
||||||
connection_timeout: 30
|
connection_timeout: 30,
|
||||||
|
max_send_size: datastore['TCP::max_send_size'],
|
||||||
|
send_delay: datastore['TCP::send_delay'],
|
||||||
)
|
)
|
||||||
|
|
||||||
scanner.scan! do |result|
|
scanner.scan! do |result|
|
||||||
|
|
|
@ -75,6 +75,8 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
proxies: datastore['PROXIES'],
|
proxies: datastore['PROXIES'],
|
||||||
cred_details: cred_collection,
|
cred_details: cred_collection,
|
||||||
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
||||||
|
max_send_size: datastore['TCP::max_send_size'],
|
||||||
|
send_delay: datastore['TCP::send_delay'],
|
||||||
connection_timeout: 30
|
connection_timeout: 30
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -60,7 +60,9 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
proxies: datastore['PROXIES'],
|
proxies: datastore['PROXIES'],
|
||||||
cred_details: cred_collection,
|
cred_details: cred_collection,
|
||||||
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
||||||
connection_timeout: 30
|
connection_timeout: 30,
|
||||||
|
max_send_size: datastore['TCP::max_send_size'],
|
||||||
|
send_delay: datastore['TCP::send_delay'],
|
||||||
)
|
)
|
||||||
|
|
||||||
scanner.scan! do |result|
|
scanner.scan! do |result|
|
||||||
|
@ -74,7 +76,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
credential_data[:core] = credential_core
|
credential_data[:core] = credential_core
|
||||||
create_credential_login(credential_data)
|
create_credential_login(credential_data)
|
||||||
|
|
||||||
print_good "#{ip}:#{rport} - LOGIN SUCCESSFUL: #{result.credential}"
|
print_brute :level => :good, :ip => ip, :msg => "Success: '#{result.credential}'"
|
||||||
else
|
else
|
||||||
invalidate_login(credential_data)
|
invalidate_login(credential_data)
|
||||||
vprint_error "#{ip}:#{rport} - LOGIN FAILED: #{result.credential} (#{result.status}: #{result.proof})"
|
vprint_error "#{ip}:#{rport} - LOGIN FAILED: #{result.credential} (#{result.status}: #{result.proof})"
|
||||||
|
|
|
@ -71,6 +71,8 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
ssl: datastore['SSL'],
|
ssl: datastore['SSL'],
|
||||||
cred_details: cred_collection,
|
cred_details: cred_collection,
|
||||||
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
||||||
|
max_send_size: datastore['TCP::max_send_size'],
|
||||||
|
send_delay: datastore['TCP::send_delay'],
|
||||||
)
|
)
|
||||||
|
|
||||||
scanner.scan! do |result|
|
scanner.scan! do |result|
|
||||||
|
|
|
@ -74,6 +74,8 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
port: rport,
|
port: rport,
|
||||||
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
||||||
connection_timeout: 5,
|
connection_timeout: 5,
|
||||||
|
max_send_size: datastore['TCP::max_send_size'],
|
||||||
|
send_delay: datastore['TCP::send_delay'],
|
||||||
)
|
)
|
||||||
|
|
||||||
bogus_result = @scanner.attempt_bogus_login(domain)
|
bogus_result = @scanner.attempt_bogus_login(domain)
|
||||||
|
|
|
@ -7,7 +7,6 @@ require 'msf/core'
|
||||||
require 'metasploit/framework/credential_collection'
|
require 'metasploit/framework/credential_collection'
|
||||||
require 'metasploit/framework/login_scanner/telnet'
|
require 'metasploit/framework/login_scanner/telnet'
|
||||||
|
|
||||||
|
|
||||||
class Metasploit3 < Msf::Auxiliary
|
class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
include Msf::Exploit::Remote::Telnet
|
include Msf::Exploit::Remote::Telnet
|
||||||
|
@ -27,7 +26,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
logins and hosts so you can track your access.
|
logins and hosts so you can track your access.
|
||||||
},
|
},
|
||||||
'Author' => 'egypt',
|
'Author' => 'egypt',
|
||||||
'References' =>
|
'References' =>
|
||||||
[
|
[
|
||||||
[ 'CVE', '1999-0502'] # Weak password
|
[ 'CVE', '1999-0502'] # Weak password
|
||||||
],
|
],
|
||||||
|
@ -66,6 +65,8 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
cred_details: cred_collection,
|
cred_details: cred_collection,
|
||||||
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
||||||
connection_timeout: datastore['Timeout'],
|
connection_timeout: datastore['Timeout'],
|
||||||
|
max_send_size: datastore['TCP::max_send_size'],
|
||||||
|
send_delay: datastore['TCP::send_delay'],
|
||||||
banner_timeout: datastore['TelnetBannerTimeout'],
|
banner_timeout: datastore['TelnetBannerTimeout'],
|
||||||
telnet_timeout: datastore['TelnetTimeout']
|
telnet_timeout: datastore['TelnetTimeout']
|
||||||
)
|
)
|
||||||
|
|
|
@ -72,7 +72,9 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
proxies: datastore['PROXIES'],
|
proxies: datastore['PROXIES'],
|
||||||
cred_details: cred_collection,
|
cred_details: cred_collection,
|
||||||
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
||||||
connection_timeout: 30
|
connection_timeout: 30,
|
||||||
|
max_send_size: datastore['TCP::max_send_size'],
|
||||||
|
send_delay: datastore['TCP::send_delay'],
|
||||||
)
|
)
|
||||||
|
|
||||||
scanner.scan! do |result|
|
scanner.scan! do |result|
|
||||||
|
|
|
@ -77,7 +77,9 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
proxies: datastore['PROXIES'],
|
proxies: datastore['PROXIES'],
|
||||||
cred_details: cred_collection,
|
cred_details: cred_collection,
|
||||||
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
stop_on_success: datastore['STOP_ON_SUCCESS'],
|
||||||
connection_timeout: datastore['ConnectTimeout']
|
connection_timeout: datastore['ConnectTimeout'],
|
||||||
|
max_send_size: datastore['TCP::max_send_size'],
|
||||||
|
send_delay: datastore['TCP::send_delay'],
|
||||||
)
|
)
|
||||||
|
|
||||||
scanner.scan! do |result|
|
scanner.scan! do |result|
|
||||||
|
|
|
@ -8,6 +8,7 @@ describe Metasploit::Framework::LoginScanner::AFP do
|
||||||
|
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false
|
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
||||||
|
it_behaves_like 'Metasploit::Framework::Tcp::Client'
|
||||||
|
|
||||||
it { should respond_to :login_timeout }
|
it { should respond_to :login_timeout }
|
||||||
|
|
||||||
|
|
|
@ -11,6 +11,7 @@ describe Metasploit::Framework::LoginScanner::DB2 do
|
||||||
|
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: true
|
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: true
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
||||||
|
it_behaves_like 'Metasploit::Framework::Tcp::Client'
|
||||||
|
|
||||||
context '#attempt_login' do
|
context '#attempt_login' do
|
||||||
|
|
||||||
|
|
|
@ -47,6 +47,7 @@ describe Metasploit::Framework::LoginScanner::FTP do
|
||||||
|
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false
|
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
||||||
|
it_behaves_like 'Metasploit::Framework::Tcp::Client'
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -119,4 +119,4 @@ describe Metasploit::Framework::LoginScanner::IPBoard do
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -35,6 +35,7 @@ describe Metasploit::Framework::LoginScanner::MSSQL do
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: true
|
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: true
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::NTLM'
|
it_behaves_like 'Metasploit::Framework::LoginScanner::NTLM'
|
||||||
|
it_behaves_like 'Metasploit::Framework::Tcp::Client'
|
||||||
|
|
||||||
it { should respond_to :windows_authentication }
|
it { should respond_to :windows_authentication }
|
||||||
|
|
||||||
|
|
|
@ -6,6 +6,7 @@ describe Metasploit::Framework::LoginScanner::POP3 do
|
||||||
|
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false
|
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
||||||
|
it_behaves_like 'Metasploit::Framework::Tcp::Client'
|
||||||
|
|
||||||
context "#attempt_login" do
|
context "#attempt_login" do
|
||||||
|
|
||||||
|
|
|
@ -35,6 +35,7 @@ describe Metasploit::Framework::LoginScanner::SMB do
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: true
|
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: true, has_default_realm: true
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::NTLM'
|
it_behaves_like 'Metasploit::Framework::LoginScanner::NTLM'
|
||||||
|
it_behaves_like 'Metasploit::Framework::Tcp::Client'
|
||||||
|
|
||||||
it { should respond_to :smb_chunk_size }
|
it { should respond_to :smb_chunk_size }
|
||||||
it { should respond_to :smb_name }
|
it { should respond_to :smb_name }
|
||||||
|
|
|
@ -7,6 +7,7 @@ describe Metasploit::Framework::LoginScanner::Telnet do
|
||||||
|
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false
|
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
||||||
|
it_behaves_like 'Metasploit::Framework::Tcp::Client'
|
||||||
|
|
||||||
it { should respond_to :banner_timeout }
|
it { should respond_to :banner_timeout }
|
||||||
it { should respond_to :telnet_timeout }
|
it { should respond_to :telnet_timeout }
|
||||||
|
|
|
@ -6,6 +6,7 @@ describe Metasploit::Framework::LoginScanner::VMAUTHD do
|
||||||
|
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false
|
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
||||||
|
it_behaves_like 'Metasploit::Framework::Tcp::Client'
|
||||||
|
|
||||||
context "#attempt_login" do
|
context "#attempt_login" do
|
||||||
|
|
||||||
|
|
|
@ -14,6 +14,7 @@ describe Metasploit::Framework::LoginScanner::VNC do
|
||||||
|
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false
|
it_behaves_like 'Metasploit::Framework::LoginScanner::Base', has_realm_key: false, has_default_realm: false
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
it_behaves_like 'Metasploit::Framework::LoginScanner::RexSocket'
|
||||||
|
it_behaves_like 'Metasploit::Framework::Tcp::Client'
|
||||||
|
|
||||||
|
|
||||||
context '#attempt_login' do
|
context '#attempt_login' do
|
||||||
|
|
|
@ -8,4 +8,4 @@ describe Metasploit::Framework::LoginScanner::WordpressRPC do
|
||||||
it_behaves_like 'Metasploit::Framework::LoginScanner::HTTP'
|
it_behaves_like 'Metasploit::Framework::LoginScanner::HTTP'
|
||||||
|
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,60 +1,7 @@
|
||||||
shared_examples_for 'Metasploit::Framework::LoginScanner::RexSocket' do
|
shared_examples_for 'Metasploit::Framework::LoginScanner::RexSocket' do
|
||||||
subject(:login_scanner) { described_class.new }
|
subject(:login_scanner) { described_class.new }
|
||||||
|
|
||||||
it { should respond_to :send_delay }
|
|
||||||
it { should respond_to :max_send_size }
|
|
||||||
it { should respond_to :ssl }
|
it { should respond_to :ssl }
|
||||||
it { should respond_to :ssl_version }
|
it { should respond_to :ssl_version }
|
||||||
|
|
||||||
context 'send_delay' do
|
|
||||||
it 'is not valid for a non-number' do
|
|
||||||
login_scanner.send_delay = "a"
|
|
||||||
expect(login_scanner).to_not be_valid
|
|
||||||
expect(login_scanner.errors[:send_delay]).to include "is not a number"
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'is not valid for a floating point' do
|
|
||||||
login_scanner.send_delay = 5.76
|
|
||||||
expect(login_scanner).to_not be_valid
|
|
||||||
expect(login_scanner.errors[:send_delay]).to include "must be an integer"
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'is not valid for a negative number' do
|
|
||||||
login_scanner.send_delay = -8
|
|
||||||
expect(login_scanner).to_not be_valid
|
|
||||||
expect(login_scanner.errors[:send_delay]).to include "must be greater than or equal to 0"
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'is valid for a legitimate number' do
|
|
||||||
login_scanner.send_delay = rand(1000) + 1
|
|
||||||
expect(login_scanner.errors[:send_delay]).to be_empty
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
context 'max_send_size' do
|
|
||||||
it 'is not valid for a non-number' do
|
|
||||||
login_scanner.max_send_size = "a"
|
|
||||||
expect(login_scanner).to_not be_valid
|
|
||||||
expect(login_scanner.errors[:max_send_size]).to include "is not a number"
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'is not valid for a floating point' do
|
|
||||||
login_scanner.max_send_size = 5.76
|
|
||||||
expect(login_scanner).to_not be_valid
|
|
||||||
expect(login_scanner.errors[:max_send_size]).to include "must be an integer"
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'is not valid for a negative number' do
|
|
||||||
login_scanner.max_send_size = -8
|
|
||||||
expect(login_scanner).to_not be_valid
|
|
||||||
expect(login_scanner.errors[:max_send_size]).to include "must be greater than or equal to 0"
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'is valid for a legitimate number' do
|
|
||||||
login_scanner.max_send_size = rand(1000) + 1
|
|
||||||
expect(login_scanner.errors[:max_send_size]).to be_empty
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -0,0 +1,58 @@
|
||||||
|
|
||||||
|
shared_examples_for 'Metasploit::Framework::Tcp::Client' do
|
||||||
|
subject(:login_scanner) { described_class.new }
|
||||||
|
|
||||||
|
it { should respond_to :send_delay }
|
||||||
|
it { should respond_to :max_send_size }
|
||||||
|
|
||||||
|
context 'send_delay' do
|
||||||
|
it 'is not valid for a non-number' do
|
||||||
|
login_scanner.send_delay = "a"
|
||||||
|
expect(login_scanner).to_not be_valid
|
||||||
|
expect(login_scanner.errors[:send_delay]).to include "is not a number"
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'is not valid for a floating point' do
|
||||||
|
login_scanner.send_delay = 5.76
|
||||||
|
expect(login_scanner).to_not be_valid
|
||||||
|
expect(login_scanner.errors[:send_delay]).to include "must be an integer"
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'is not valid for a negative number' do
|
||||||
|
login_scanner.send_delay = -8
|
||||||
|
expect(login_scanner).to_not be_valid
|
||||||
|
expect(login_scanner.errors[:send_delay]).to include "must be greater than or equal to 0"
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'is valid for a legitimate number' do
|
||||||
|
login_scanner.send_delay = rand(1000) + 1
|
||||||
|
expect(login_scanner.errors[:send_delay]).to be_empty
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'max_send_size' do
|
||||||
|
it 'is not valid for a non-number' do
|
||||||
|
login_scanner.max_send_size = "a"
|
||||||
|
expect(login_scanner).to_not be_valid
|
||||||
|
expect(login_scanner.errors[:max_send_size]).to include "is not a number"
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'is not valid for a floating point' do
|
||||||
|
login_scanner.max_send_size = 5.76
|
||||||
|
expect(login_scanner).to_not be_valid
|
||||||
|
expect(login_scanner.errors[:max_send_size]).to include "must be an integer"
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'is not valid for a negative number' do
|
||||||
|
login_scanner.max_send_size = -8
|
||||||
|
expect(login_scanner).to_not be_valid
|
||||||
|
expect(login_scanner.errors[:max_send_size]).to include "must be greater than or equal to 0"
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'is valid for a legitimate number' do
|
||||||
|
login_scanner.max_send_size = rand(1000) + 1
|
||||||
|
expect(login_scanner.errors[:max_send_size]).to be_empty
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
Loading…
Reference in New Issue