dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
46,411 Commits 10 Branches 885 Tags 1.3 GiB
Commit Graph

215 Commits

Author SHA1 Message Date
Brent Cook 60bed4bd1b tidy tests, add ms17_010_psexec 2018-05-08 17:44:08 -05:00
Brent Cook 0c391c4003 reduce sleeps for a test we're running on every PR 2018-05-07 06:55:02 -05:00
Brent Cook ad78ee347b run json files through 'python -m json.tool' 2018-05-07 00:29:23 -05:00
Brent Cook 4de2dc5f8c don't disable smbv1 just yet 2018-05-07 00:24:38 -05:00
dmohanty-r7 7fa001ba50 Add tests for test lab 2018-05-07 00:24:38 -05:00
Jeffrey Martin cacb9af731
update test for CPE abstraction 2018-03-13 16:13:04 -05:00
bwatters-r7 ccbc7fcefe
Land #9606, Add some tests for cmd_exec 
Merge branch 'for-the-windows' into upstream-master
 2018-03-06 15:13:07 -06:00
bwatters-r7 43bc159022
Fix if/end 2018-03-06 15:01:15 -06:00
bwatters-r7 4694ef6723
Make Rubocop less angy 2018-03-06 14:54:00 -06:00
bwatters-r7 b13a54ba2b
clean up some code and skip non-windows tests 2018-03-06 10:10:53 -06:00
bwatters-r7 6c177b7c3b Add windows checks 2018-03-06 12:14:33 +07:00
Jeffrey Martin bb0d5ba8da
decouple hosts and targets for tests 2018-02-25 17:10:22 -06:00
Tim W bfec2e8293 add more cmd_exec tests 2018-02-22 17:14:56 +08:00
Tim W 78309f30cd add test for cmd_exec 2018-02-22 16:41:37 +08:00
Jeffrey Martin cf4d9130a9
add initial module automation tests 2017-12-05 11:19:24 -06:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
Spencer McIntyre f7c133cdf7 Add OSX support to railgun 2017-06-19 11:11:55 -04:00
Spencer McIntyre a3bcd20b26 Minor cleanups for multi-platform railgun 2017-04-25 17:45:07 -04:00
Spencer McIntyre 3347af24ba Add some basic libc definitions for railgun 2017-04-25 15:12:39 -04:00
Spencer McIntyre d3a759d631 Make changes for initial linux railgun support 2017-04-24 17:11:27 -04:00
Spencer McIntyre 2d51801b01 Use native_arch for railfun multi and test it 2017-03-01 13:07:04 -05:00
bwatters-r7 941f87fa83 Added the option to incude entropy in file/directory names to support 
automated testing
 2017-02-25 05:20:25 -06:00
Spencer McIntyre 7d1fadb84f Add a test module for railgun api calls 2017-02-18 17:37:49 -05:00
Brent Cook f69b4a330e handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations 2017-01-22 10:20:03 -06:00
Tim 090dac6d24
make the stdapi_fs_file_move test unconditional 2016-11-29 14:37:19 +08:00
Tim 94a15920ec
add test for file copy 2016-11-29 14:36:03 +08:00
David Maloney eb73a6914d
replace old rex::ui::text::table refs 
everywhere we called the class we have now rewritten it
to use the new namespace

MS-1875
 2016-08-10 13:30:09 -05:00
Brent Cook b08d1ad8d8
Revert "Land #6812, remove broken OSVDB references" 
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
 2016-07-15 12:00:31 -05:00
Brent Cook 2b016e0216
Land #6812, remove broken OSVDB references 2016-07-11 22:59:11 -05:00
Brent Cook 194a84c793 Modify stdapi so it also uses exist? over exists? for ruby parity 
Also add an alias for backward compatibility.
 2016-04-23 17:31:22 -04:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references. 
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
 2016-04-23 12:32:34 -05:00
Brendan Watters fa95922547 Add unicode test examples 2016-04-05 16:06:51 -05:00
Brent Cook da039e136a update test modules to use MetasploitModule 2016-03-13 13:44:44 -05:00
jvazquez-r7 d5a010c230
Add support for registry_key_exist? 2015-10-22 16:07:38 -05:00
wchen-r7 cf6d5fac2a Use the latest cred API, no more report_auth_info 2015-09-04 13:43:15 -05:00
wchen-r7 d55757350d Use the latest credential API, no more report_auth_info 2015-09-04 03:04:14 -05:00
wchen-r7 54c5c6ea38 Another update 2015-07-29 14:31:35 -05:00
wchen-r7 8bead5fde2 Modate update on using metasploit-credential 
Update some more modules to usethe new cred API.
Also, make sure to always provide proof because that seems handy.
 2015-07-23 18:07:19 -05:00
wchen-r7 91fc213ddf More metasploit-credential update 2015-07-23 15:50:50 -05:00
wchen-r7 4561850055 Use metasploit-credential API instead of report_auth_info 2015-07-22 01:11:43 -05:00
Tod Beardsley 31eedbcfa0
Minor cleanups on recent modules 
Edited modules/auxiliary/scanner/http/ms15_034_http_sys_memory_dump.rb
first landed in #5577, MS15-034 HTTP.SYS Information Disclosure

Edited modules/exploits/multi/browser/adobe_flash_shader_drawing_fill.rb
first landed in #5605, CVE-2015-3105 flash exploit

Edited modules/exploits/multi/browser/adobe_flash_shader_job_overflow.rb
first landed in #5559, Adobe Flash Player ShaderJob Buffer Overflow

Edited modules/auxiliary/test/report_auth_info.rb first landed in #5540,
@wchen-r7's changes for multiple auxiliary modules to use the new cred
API
 2015-06-26 12:18:33 -05:00
wchen-r7 b6379b4d24 Update drupal_views_user_enum 2015-06-16 00:02:02 -05:00
wchen-r7 0b88e86a49 Using the new cred API for multiple auxiliary modules 2015-06-15 16:06:57 -05:00
jvazquez-r7 4224008709
Delete print_debug/vprint_debug 2015-04-21 11:14:03 -05:00
Brent Cook d77f8ffeeb update meterpreter tests to test utf filenames 
This adds a new option BaseFileName that allows setting the base name for files
and directories used in the meterpreter test modules.
 2015-03-20 22:18:19 -05:00
Brent Cook 89a0a79377 revert puts back to a vprint call 2015-01-28 16:41:12 -06:00
Brent Cook 8b3a0a0bb1 really fix the cmdweb test 
this test to include the CmdStager module, not the CmdStagerVbs class

Before:
```
msf > loadpath test/modules
Loaded 32 modules:
    8 posts
    12 auxiliarys
    12 exploits
```

After:
```
msf > loadpath test/modules
Loaded 33 modules:
    8 posts
    12 auxiliarys
    13 exploits
msf > use exploit/test/cmdweb
msf exploit(cmdweb) > info

       Name: Command Stager Web Test
     Module: exploit/test/cmdweb
   Platform: Windows
 Privileged: Yes
    License: Metasploit Framework License (BSD)
       Rank: Manual
  Disclosed: 2010-02-03

Provided by:
  bannedit <bannedit@metasploit.com>

Available targets:
  Id  Name
  --  ----
  0   Automatic Targeting

Basic options:
  Name     Current Setting  Required  Description
  ----     ---------------  --------  -----------
  Proxies                   no        A proxy chain of format type:host:port[,type:host:port][...]
  RHOST                     yes       The target address
  RPORT    8080             yes       The target port
  VHOST                     no        HTTP server virtual host

Payload information:

Description:
  This module tests the command stager mixin against a shell.jsp
  application installed on an Apache Tomcat server.

msf exploit(cmdweb) > set RHOST 127.0.0.1
RHOST => 127.0.0.1
msf exploit(cmdweb) > run

[*] Started reverse handler on 127.0.0.1:4444
[*] Command Stager progress -   2.01% done (2046/101881 bytes)
[*] Command Stager progress -   4.02% done (4092/101881 bytes)
[*] Command Stager progress -   6.02% done (6138/101881 bytes)
[*] Command Stager progress -   8.03% done (8184/101881 bytes)
[*] Command Stager progress -  10.04% done (10230/101881 bytes)
[*] Command Stager progress -  12.05% done (12276/101881 bytes)
[*] Command Stager progress -  14.06% done (14322/101881 bytes)
[*] Command Stager progress -  16.07% done (16368/101881 bytes)
[*] Command Stager progress -  18.07% done (18414/101881 bytes)
...
```
 2015-01-27 11:44:34 -06:00
Brent Cook 550e6efff8 improve resiliency of meterpreter session tests 
- Use separate names for files and directories to avoid cascading
   failures if one test fails and leaves a file or directory behind.
 - Use %TEMP% rather than %TMP - the former is defined on all Windows
   versions, whereas the later is not defined on Windows 2012, causing
   the test to fail.
 - Don't assume 'HACKING' is in the current working directory, which
   breaks remote test harnesses. Instead, send the source code to the
   current __FILE__ as the test file to upload, since that works from
   any directory or remotely.
 2015-01-27 09:07:21 -06:00
Brent Cook a42cc2ef1f add support for specifying 32 or 64-bit registry access 
This adds an extra parameter to most of the post/windows/registry
methods called 'view' that specifies if a registry key should be
accessed as a native process, 32-bit or 64-bit.

Support is added to both the Meterpreter and command-line backends. For
the command backend, a lot of boilerplate is removed from each method in
favor of a few shared commands. There is an error hash that never gets
used, so I removed it as well.

This passes the post/test/registry module with meterpreter, but fails
the command line backend. However, it fails in the same way without
these changes (tested on Windows 8), so I suspect that the command line
session was already not working well, at least with newer versions of
Windows. I might look into figuring out how to fix that, but it looks
pretty fragile to me, parsing for english phrases in the output.
 2015-01-20 15:26:59 -06:00
Meatballs 0b0ac1455a
Merge remote-tracking branch 'upstream/master' into extapi_service_post 
Conflicts:
	test/modules/post/test/services.rb
 2015-01-07 20:53:34 +00:00