c4c551fdef
Add disclosure date rubocop linting rule
2020-10-02 21:00:32 +01:00
d612962ef4
Land #14197 , start testing on Ruby 2.7
2020-10-02 11:26:20 -05:00
66f04a95b7
better enforcement of binary mode on test fixtures
2020-10-01 14:29:10 -05:00
c0b42ff7a2
Land #13995 , Add a Windows Secrets Dump module
2020-09-30 11:47:59 -04:00
5986bc98f1
Land #14171 , Replace erroneous calls to get_service with calls to service
2020-09-30 10:05:13 -05:00
67821e32c4
Password cracking integration
2020-09-29 20:36:39 +02:00
dceaf1d47c
force res and expected encoding in smb tests
2020-09-29 08:57:20 -05:00
0785e535aa
Land #14183 , update the debug command to additionally extract the web server logs
2020-09-29 12:48:55 +01:00
1a598b747d
Land #14186 , Add missing payload tests to rake spec file
2020-09-28 12:45:45 -05:00
9cb419ae8c
Resync with master branch
2020-09-28 15:45:02 +02:00
894ce6b72b
ignore cache size for peinject stage
2020-09-25 16:12:44 -05:00
2c9e2f79d9
optional user level
2020-09-25 15:48:31 -04:00
bccc17e4ae
updates tests to consider msf-ws.log
2020-09-25 14:45:33 +01:00
b790d697ac
add missing peinject stage payloads
2020-09-25 08:23:08 -05:00
92e41b2678
review comments
2020-09-23 10:36:26 -04:00
571504642a
fixes get_service calls
2020-09-22 12:54:58 +01:00
5eb2884c7e
fix tests
2020-09-21 19:35:46 -04:00
610d4d86d2
initial vyos implementation
2020-09-20 19:48:20 -04:00
9ef5822d3a
Revert "Replaces erroneous calls to get_service"
2020-09-18 19:09:25 +01:00
a5c30be10b
Land #14143 , Replace erroneous calls to get_service
2020-09-17 10:41:15 -05:00
14b233f957
fixes broken tests
2020-09-16 15:20:16 +01:00
e11840c2a5
land #14031 , F5 processor
2020-09-14 18:38:58 +02:00
daa10ea735
enhance user data parsing
2020-09-12 10:07:23 -04:00
177f720f80
Land #14021 , when searching modules for multiple text terms, the search will now require for all words to be matched
2020-08-27 20:02:55 +01:00
bba98d4f16
fix spec
2020-08-21 11:32:26 -04:00
9a64e3cd38
Land #13913 , [GSoC] Specs for the SQLi library
2020-08-20 17:43:11 -05:00
26a83d5d5c
rubocop
2020-08-20 14:31:18 -04:00
c8a541c187
pre rubocop
2020-08-20 14:27:51 -04:00
14e0ebe7f6
handle md5 and plaintext passwords
2020-08-20 10:25:08 -05:00
43fabcad53
arista
2020-08-20 10:25:08 -05:00
43ecb41575
Use and semantics when searching for text
2020-08-19 15:08:55 +01:00
3d1eba2b22
Land #13998 , Always use module cache for searching
...
Always use module cache for searching
2020-08-19 12:36:17 +01:00
f8523cb3e2
Add additional tests for edge cases
2020-08-19 09:37:03 +01:00
e7061439ef
Adds rhost url support behind a feature flag
...
Tidy up test
Return a string instead of a URI object
Code review comments
Rubcocop
2020-08-18 12:25:27 +01:00
baa33df45d
Always use module cache for searching
2020-08-14 19:14:54 +01:00
24d002b9e0
Fix Msf::Post::Windows::Priv#decrypt_secret_data
...
Fix the size caclculation of the decrypted data
2020-08-13 17:47:50 +02:00
e4b77616fa
Minor formatting (rubocop -a)
2020-08-08 03:49:29 +02:00
1f17b07746
use Timecop, separate query_proc from sqli_obj, and address other issues in the specs
2020-08-08 03:30:12 +02:00
231ad83773
Land #13860,Mikrotik Processing
...
Merge branch 'land-13860' into upstream-master
2020-08-07 14:48:22 -05:00
a1d7bb62a9
Add feature configuration persistence
2020-08-07 16:42:57 +01:00
d417f43b8d
Add WrappedTable support with feature flag integration
2020-08-07 16:42:54 +01:00
35017886b8
Land #13935 , Preliminary Version 6
2020-08-06 10:19:34 -05:00
9aa26d1208
Merge upstream into 6.x
2020-08-03 11:43:47 -05:00
8a86cad4a0
remove commented lines not needed
2020-07-31 11:56:52 -05:00
10e6c7a242
add missing fixture
2020-07-31 11:56:52 -05:00
0b65266ac1
adjust migration to proxy call to ActiveRecord
...
By adding proxy method the call to ActiveRecord::Migrator.migrations_paths
is decoupled from the migration task allowing more flexibility for the
underlying migration set selection to change in future Rails versions.
2020-07-31 11:56:51 -05:00
2c92d17ed9
refactor migration process for Rails 5
...
As noted in https://github.com/rails/rails/issues/36544 using
ActiveRecord migrations internally is not truly supported. This
workaround is valid for Rails 5 and might be easily adjusted
in Rails 6 although that is still TBD.
2020-07-31 11:56:51 -05:00
41776f093c
adjust xml spec to use FactoryBot for workspace
2020-07-31 11:56:51 -05:00
89d010a533
remove rails_bigdecimal_fix with rails 5 bump
2020-07-31 11:56:50 -05:00
772a24cb25
enforce json_rpc_spec to treat db as disabled
2020-07-31 11:56:50 -05:00
5d1c4dafa1
begin adjust migrations and remove old test
...
removed connection tests are from rails 3 expectations
2020-07-31 11:56:50 -05:00
07cbe426e2
Rails 5, all models inherit from ApplicationRecord
...
ApplicationRecord is a new superclass for all app models, analogous to app controllers subclassing ApplicationController instead of ActionController::Base. This gives apps a single spot to configure app-wide model behavior.
https://edgeguides.rubyonrails.org/upgrading_ruby_on_rails.html#active-record-models-now-inherit-from-applicationrecord-by-default
Deprecated Relation#uniq use Relation#distinct instead.
https://edgeguides.rubyonrails.org/5_0_release_notes.html#active-record-deprecations
2020-07-31 11:56:49 -05:00
d366666418
add Mikrotik SwOS
2020-07-30 11:29:25 -04:00
f48ed5027f
test #call_function, and not methods that might be implemented on specific DBMS only
2020-07-27 16:38:07 +02:00
50281473f1
Remove tests for removed functions
2020-07-27 09:57:41 -04:00
89fef9f9fe
Refactor and fix some specs, avoid sleeping in time-based shared examples
2020-07-27 03:15:16 +02:00
854df7e93b
Add shared examples for SQLi::Common, and some tests for MySQLi
2020-07-23 18:54:20 +02:00
a7e12bfa50
Land #13822 , update to the latest rubocop version
2020-07-22 10:18:31 +01:00
61a4fa61e5
simplify wifi block
2020-07-19 11:58:49 -04:00
e5e5faf084
add new field processors
2020-07-18 12:20:33 -04:00
eaf7161cae
mikrotik
2020-07-18 07:45:24 -04:00
65039a5091
Merge upstream into 6.x
2020-07-15 09:58:07 -05:00
384a71b06a
Land #13271 , Update auxiliary/server/capture/smtp to store credentials
2020-07-11 17:30:06 +00:00
20a5688a11
add specific error class to remove warning
2020-07-07 15:44:16 -05:00
4604488c05
Update rubocop version
2020-07-07 19:19:37 +01:00
2509bbfbc3
Remove rspec test focus, and ensure all tests run
2020-07-07 17:29:50 +01:00
ffc07d6c8f
Merge remote-tracking branch 'upstream/master' into pr/13787
2020-07-01 14:42:16 -05:00
89f7be3ef0
Improve error message
2020-07-01 14:20:04 -05:00
3737c6810c
Fix typo in debug command
2020-07-01 14:18:51 +01:00
4b78de5416
Refactor AutoCheck a bit more
2020-06-30 11:58:42 -05:00
b841246536
Update autocheck to use prepend instead of include, add ForceExploit functionality
2020-06-30 11:40:46 +01:00
babaee8c8e
adds debug command with spec tests
2020-06-29 15:38:56 +01:00
6007e13379
Fix edgecase in rubocop module description rule
2020-06-10 12:11:49 +01:00
5b69fe9757
reverse_python_ssl has has apparently stabilized in size
2020-06-09 08:59:52 +10:00
c08e86434b
Fix more specs
2020-06-09 08:58:27 +10:00
616fdaeb60
Fix up packe spec tests
2020-06-09 08:58:27 +10:00
5f8181efa7
Avoid auto-encoding payloads free of badchars
...
Payloads without any of the specified badchars will no longer be encoded
by default. This should hopefully lead to less surprising results when
using simple payloads (especially commands. Things that had incomplete
badchar analysis may break as a result, since not everything will be
encoded by default anymore. Sorry in advance if they do.
2020-05-07 10:58:03 -05:00
437a056f67
Land #13364 , .NET deserialization tool
2020-05-05 11:02:31 -05:00
e5be9ee9ef
add test for reverse_tcp_uuid stager with osx
2020-05-01 11:20:20 -05:00
b38648db12
Only fail on fatal XML syntax errors for the SoapFormatter
...
The library name in the XML needs to contain a space so it is not a valid URI.
2020-04-30 08:40:31 -04:00
d31882fe15
Modify unkown to unknown
2020-04-27 10:50:34 -05:00
48ed0ba3c5
Update java_deserialization_spec
2020-04-27 10:50:09 -05:00
af239303d2
Land #13257 , .NET Deserialization Library Improvements
2020-04-27 13:05:38 +02:00
090cf259ee
Add some additional unit testing through rspec
2020-04-22 15:53:59 -04:00
22e2a17873
cram-md5
2020-04-17 16:51:25 -04:00
15f4f7ea95
Land #13049 , Add fileformat exploit for libnotify plugin
...
Merge branch 'land-13049' into upstream-master
2020-04-16 16:03:14 -05:00
a13580bfd2
Fix the payload size tests for real this time
2020-04-16 15:35:38 -04:00
23319489b9
Remove unnecessary logic from ClassWithId
2020-04-15 18:11:45 -04:00
49580a48ac
Refactor exceptions and add more unit testing
2020-04-15 15:13:41 -04:00
82dc28e2c4
Use gadget chain classes for identification
2020-04-15 15:13:41 -04:00
46d5628d79
Add the WindowsIdentity gadget chain
2020-04-15 15:13:41 -04:00
f808121c84
Refactor formatters into modules
2020-04-15 15:13:41 -04:00
d6c2375eb8
Add chain consistency checks to the spec file
2020-04-15 15:13:41 -04:00
6a2561d2d1
remove excessive store_loot from cisco lib
2020-04-10 09:45:18 -04:00
d6d939b2ed
Land #12594 , add a Ubiquiti config importer mixin
2020-04-08 17:52:28 -04:00
89e257c722
Add spec
2020-03-26 06:55:05 +00:00
bf07b1c897
Landing #13039 , add color to search text matches and module ranks
2020-03-23 18:26:17 +00:00
04903daa4c
highlights search text & color codes module ranks
2020-03-23 17:42:17 +00:00
682653e9d9
PR comments
2020-03-13 13:32:59 +00:00
1137036ecb
Tidy up results tracking
2020-03-13 13:32:59 +00:00
55bd3f45be
run rubocop -a on new files
2020-03-13 13:32:58 +00:00
6762a7b147
Fix all the tests
2020-03-13 13:32:58 +00:00
54928c0e7b
fix tests
2020-03-13 13:32:58 +00:00
4705f9c2dc
Adds tests
2020-03-13 13:32:58 +00:00
9f76f3ef08
Use rpc specific job status tracker and add default no op tracker
2020-03-13 13:32:57 +00:00
34fc7528dd
Re-add original job state tracker code
...
This reverts commit 908ce3d3
2020-03-13 13:32:57 +00:00
bfd284b349
Add initial layout cops for the module super hash
2020-03-06 10:41:41 +00:00
3aeb6597a2
Landing #12980 , ensure json is always returned from the json rpc api
2020-03-04 12:14:53 +00:00
dd12e65828
adds middleware and application error handlers
2020-03-04 11:56:32 +00:00
5ed87be78e
Land #12989 , internal refactor sanitizing module names before they are loaded
2020-03-04 11:01:26 +00:00
607b7ae5ae
moves logic for bad paths to common.rb
2020-03-04 10:41:19 +00:00
ba924b3047
Land #13014 , Exchange ECP ViewState exploit
2020-03-03 17:23:17 -06:00
5574eaa591
Make a new .NET serialization lib
2020-03-03 10:41:59 -05:00
908ce3d36b
Revert "Land #12960 , add ttl to job results instantiated from an RPC request"
...
This reverts commit ff8bb2e16fae28463ec6
2020-03-02 15:58:13 -06:00
7c86fb8546
fix for #12358
2020-02-29 19:33:11 -05:00
3d77c48eae
almost working
2020-02-29 19:33:11 -05:00
bab5a34b34
progress on ubiquiti
2020-02-29 19:33:11 -05:00
ffd5a0b39d
add cmd/unix/reverse_ssh test stub
2020-02-27 09:07:37 -06:00
89bea26763
Replace results count with something that works and added tests
2020-02-26 11:52:45 +00:00
5c94910998
Add a cache to handle the ttl of job results
...
Remove accidental addition of gem
Remove commented out code
Remove commented out code
Remove commented out code
Refactor job tracking code, remove simple framework tests
finish renaming service to job_state_tracker
add missing require and move alias definition
fix private attr declaration
Add rspec tests
Address PR comments
Use let syntax in tests
Finish refactor moving job state tracker
2020-02-25 13:31:28 +00:00
8a59b8cb1c
Ensure thread cleanup
2020-02-21 17:36:20 +00:00
9c987b8271
Add json rpc tests for module checks
2020-02-18 21:43:15 +00:00
f4a0ef2ee9
Land #12640 , improve Wordpress check versions
...
Merge remote-tracking branch 'upstream/pr/12640' into upstream-master
2019-12-26 13:47:04 -06:00
d3a636eb6a
Land #12509 , add check result to RPC API
2019-12-02 11:37:43 -06:00
857677f39d
Update log message
2019-11-29 11:35:14 +01:00
6a7c2835ec
Update specs... again
2019-11-28 16:05:51 +01:00
127e1d451f
Update specs
2019-11-28 14:58:25 +01:00
9e47bff246
Land #12624 , add pingback payload specs
2019-11-26 12:34:23 -06:00
a417919e22
seperate x86 single and staged encrypted
2019-11-25 18:28:02 -06:00
97dbcc9476
seperate x64 single from staged
2019-11-25 17:19:38 -06:00
ece57f4da6
add pingpack payload specs
2019-11-25 16:50:19 -06:00
e883b07fd6
add helper for payloads not cached
2019-11-25 15:59:32 -06:00
a428c1a4a6
stub test for compiled encrypted payloads
2019-11-25 14:02:34 -06:00
8d057518ce
add jjs payload tests and set cached sizes
2019-11-21 16:38:18 -06:00
da81c1600e
Trivial specs on the attrs for now
2019-11-19 00:30:44 -06:00
6d23059cc0
android hashdump updates
2019-11-09 10:11:45 -05:00
eb07305104
Land #11695 , Password Cracker Overhaul(ie hashcat)
2019-11-07 19:09:52 -06:00
87d0fa46f8
Get rid of RSpec implicit block expectation syntax
...
The syntax was removed in rspec-expectations 3.8.5.
Related:
https://blog.rubystyle.guide/rspec/2019/07/17/rspec-implicit-block-syntax.html
https://github.com/rspec/rspec-expectations/pull/1125
https://github.com/rubocop-hq/rspec-style-guide/issues/76
This is a follow-up to #12397 and unpins `rspec-expectations`.
2019-10-04 23:12:34 +03:00
fd66829cbb
remove unneeded change in workspace variable
2019-09-25 03:47:14 -05:00
27f5720055
use unique Dummy*Class per test
2019-09-25 03:46:11 -05:00
75c58d39a9
Land #12314 , Clarify file: handling with the RHOSTS parameter
2019-09-24 06:10:29 -05:00
0ed09cc9bf
Land #11927 , Add Brocade post module and config parser
2019-09-24 05:59:21 -05:00
ecb5eec969
RHOSTS: test for accept both "file://<path>" and "file:<path>" syntax
2019-09-11 19:04:53 +02:00
e4992c6817
move bigdecimal fix to separate file, include for specs
...
This fixes some noisy warnings about bignum when running specs, making it easier to see the real problems.
2019-09-10 18:40:14 -05:00
6a8f6d7a57
Unify spec and lib
2019-08-22 18:03:13 -05:00
40d11b2fdd
explicitly require factory_bot, see #12181
2019-08-20 06:54:34 -05:00
a2160c84c6
juniper config parser tests
2019-08-10 09:39:26 -04:00
0c510ca428
cisco spec w/ more usernames
2019-07-21 21:59:04 -04:00
18b8974761
Land #11969 , deprecate db_rebuild_cache command
2019-07-11 11:02:17 -05:00
4e11dcfee1
Fix import issue caused by missing wspace key
...
Modify import module to follow pattern used in other Msf::DBManager
import modules. Test module updated for method name changes.
2019-07-01 15:58:36 -04:00
Alan Foster