metasploit-credential 0.14.8 → 1.0.0.pre.rails.pre.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Rakefile +0 -0
- data/app/concerns/mdm/task/metasploit_credential_core.rb +2 -2
- data/app/concerns/mdm/task/metasploit_credential_login.rb +2 -2
- data/app/models/metasploit/credential/core.rb +13 -4
- data/app/models/metasploit/credential/login.rb +3 -11
- data/app/models/metasploit/credential/origin/import.rb +0 -7
- data/app/models/metasploit/credential/origin/service.rb +0 -6
- data/app/models/metasploit/credential/origin/session.rb +0 -6
- data/app/models/metasploit/credential/private.rb +0 -6
- data/app/models/metasploit/credential/public.rb +0 -6
- data/app/models/metasploit/credential/realm.rb +0 -7
- data/db/migrate/20140331173835_create_metasploit_credential_publics.rb +1 -1
- data/db/migrate/20140407212345_create_metasploit_credential_privates.rb +1 -1
- data/db/migrate/20140410132401_create_metasploit_credential_realms.rb +1 -1
- data/db/migrate/20140410191213_create_metasploit_credential_origin_manuals.rb +1 -1
- data/db/migrate/20140410205410_create_metasploit_credential_origin_imports.rb +1 -1
- data/db/migrate/20140411142102_create_metasploit_credential_origin_sessions.rb +1 -1
- data/db/migrate/20140411205325_create_metasploit_credential_origin_services.rb +1 -1
- data/db/migrate/20140414192550_create_metasploit_credential_cores.rb +1 -1
- data/db/migrate/20140417140933_create_metasploit_credential_logins.rb +1 -1
- data/db/migrate/20140605173747_create_metasploit_credential_origin_cracked_passwords.rb +1 -1
- data/lib/metasploit/credential/engine.rb +1 -1
- data/lib/metasploit/credential/exporter/core.rb +1 -1
- data/lib/metasploit/credential/exporter/pwdump.rb +1 -1
- data/lib/metasploit/credential/version.rb +6 -6
- data/spec/dummy/config/application.rb +2 -10
- data/spec/dummy/config/database.yml +9 -14
- data/spec/dummy/config/environments/development.rb +4 -14
- data/spec/dummy/config/environments/production.rb +6 -3
- data/spec/dummy/config/environments/test.rb +9 -7
- data/spec/dummy/db/structure.sql +24 -19
- data/spec/factories/metasploit/credential/cores.rb +5 -5
- data/spec/factories/metasploit/credential/logins.rb +1 -1
- data/spec/factories/metasploit/credential/origin/services.rb +1 -1
- data/spec/factories/metasploit/credential/password_hashes.rb +2 -2
- data/spec/factories/metasploit/credential/publics.rb +1 -1
- data/spec/factories/metasploit/credential/ssh_keys.rb +3 -3
- data/spec/lib/metasploit/credential/creation_spec.rb +1 -1
- data/spec/lib/metasploit/credential/exporter/core_spec.rb +3 -4
- data/spec/lib/metasploit/credential/exporter/pwdump_spec.rb +1 -1
- data/spec/lib/metasploit/credential/migrator_spec.rb +9 -15
- data/spec/lib/metasploit/credential/version_spec.rb +1 -3
- data/spec/models/metasploit/credential/blank_username_spec.rb +0 -8
- data/spec/models/metasploit/credential/login_spec.rb +1 -13
- data/spec/models/metasploit/credential/origin/import_spec.rb +0 -7
- data/spec/models/metasploit/credential/origin/service_spec.rb +0 -8
- data/spec/models/metasploit/credential/origin/session_spec.rb +0 -8
- data/spec/models/metasploit/credential/private_spec.rb +1 -9
- data/spec/models/metasploit/credential/public_spec.rb +0 -6
- data/spec/models/metasploit/credential/realm_spec.rb +2 -8
- data/spec/models/metasploit/credential/username_spec.rb +0 -6
- data/spec/support/shared/examples/timestamp_database_column.rb +2 -2
- metadata +17 -17
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1efca2efc37f91d52ec2143adcd8eee2e159486d
|
4
|
+
data.tar.gz: 73a2bf5fd644056094597f10bb6a63908b893681
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fea97168a4a19a01980bedfa046d5be7766eb36f35c2910e604db4d531d5d7867a437b112241325f0be6dc35c567219abff722d517ca7e468154e4af47598d38
|
7
|
+
data.tar.gz: a07277c1422761b87560288b3f77829376603338640d3f8e58a2f609495d3b0bad004a189a493de1d740f79b696faa254f46e34afb5100eea22cc4285db33b9e
|
data/Rakefile
CHANGED
File without changes
|
@@ -12,8 +12,8 @@ module Mdm::Task::MetasploitCredentialCore
|
|
12
12
|
#
|
13
13
|
# @return [ActiveRecord::Relation<Metasploit::Credential::Core>]
|
14
14
|
has_and_belongs_to_many :credential_cores,
|
15
|
+
-> { uniq },
|
15
16
|
class_name: "Metasploit::Credential::Core",
|
16
|
-
join_table: "credential_cores_tasks"
|
17
|
-
uniq: true
|
17
|
+
join_table: "credential_cores_tasks"
|
18
18
|
end
|
19
19
|
end
|
@@ -12,8 +12,8 @@ module Mdm::Task::MetasploitCredentialLogin
|
|
12
12
|
#
|
13
13
|
# @return [ActiveRecord::Relation<Metasploit::Credential::Core>]
|
14
14
|
has_and_belongs_to_many :credential_logins,
|
15
|
+
-> { uniq },
|
15
16
|
class_name: "Metasploit::Credential::Login",
|
16
|
-
join_table: "credential_logins_tasks"
|
17
|
-
uniq: true
|
17
|
+
join_table: "credential_logins_tasks"
|
18
18
|
end
|
19
19
|
end
|
@@ -16,9 +16,9 @@ class Metasploit::Credential::Core < ActiveRecord::Base
|
|
16
16
|
#
|
17
17
|
# @return [ActiveRecord::Relation<Mdm::Task>]
|
18
18
|
has_and_belongs_to_many :tasks,
|
19
|
+
-> { uniq },
|
19
20
|
class_name: "Mdm::Task",
|
20
|
-
join_table: "credential_cores_tasks"
|
21
|
-
uniq: true
|
21
|
+
join_table: "credential_cores_tasks"
|
22
22
|
|
23
23
|
# @!attribute logins
|
24
24
|
# The {Metasploit::Credential::Login logins} using this core credential to log into a service.
|
@@ -277,9 +277,18 @@ class Metasploit::Credential::Core < ActiveRecord::Base
|
|
277
277
|
# @param host_id [Integer]
|
278
278
|
# @return [String]
|
279
279
|
def self.cores_from_host_sql(host_id)
|
280
|
+
left = origin_service_host_id(host_id).ast
|
281
|
+
right = origin_session_host_id(host_id).ast
|
282
|
+
|
283
|
+
# TODO: Kill with fire. ActiveRecord 4.0.x leaks order/limit scopes
|
284
|
+
# We strip out order/limit statement from the subquery since it's invalid SQL
|
285
|
+
# https://github.com/rails/rails/issues/14003
|
286
|
+
left.orders = []
|
287
|
+
right.orders = []
|
288
|
+
|
280
289
|
Arel::Nodes::Union.new(
|
281
|
-
|
282
|
-
|
290
|
+
left,
|
291
|
+
right
|
283
292
|
).to_sql
|
284
293
|
end
|
285
294
|
|
@@ -12,10 +12,10 @@ class Metasploit::Credential::Login < ActiveRecord::Base
|
|
12
12
|
# The {Mdm::Task tasks} using this to track what tasks interacted with a given core.
|
13
13
|
#
|
14
14
|
# @return [ActiveRecord::Relation<Mdm::Task>]
|
15
|
-
has_and_belongs_to_many :tasks,
|
15
|
+
has_and_belongs_to_many :tasks,
|
16
|
+
-> { uniq },
|
16
17
|
class_name: "Mdm::Task",
|
17
|
-
join_table: "credential_logins_tasks"
|
18
|
-
uniq: true
|
18
|
+
join_table: "credential_logins_tasks"
|
19
19
|
|
20
20
|
# @!attribute core
|
21
21
|
# The {Metasploit::Credential::Core core credential} used to authenticate to {#service}.
|
@@ -94,14 +94,6 @@ class Metasploit::Credential::Login < ActiveRecord::Base
|
|
94
94
|
|
95
95
|
before_validation :blank_to_nil
|
96
96
|
|
97
|
-
#
|
98
|
-
# Mass Assignment Security
|
99
|
-
#
|
100
|
-
|
101
|
-
attr_accessible :access_level
|
102
|
-
attr_accessible :last_attempted_at
|
103
|
-
attr_accessible :status
|
104
|
-
|
105
97
|
#
|
106
98
|
#
|
107
99
|
# Search
|
@@ -45,12 +45,6 @@ class Metasploit::Credential::Origin::Service < ActiveRecord::Base
|
|
45
45
|
# @return [String] `'auxiliary/<Mdm::Module::Detail#refname>'` if an auxiliary module was used.
|
46
46
|
# @return [String] `'exploit/<Mdm::Module::Detail#refname>'` if an exploit module was used.
|
47
47
|
|
48
|
-
#
|
49
|
-
# Mass Assignment Security
|
50
|
-
#
|
51
|
-
|
52
|
-
attr_accessible :module_full_name
|
53
|
-
|
54
48
|
#
|
55
49
|
# Validations
|
56
50
|
#
|
@@ -36,12 +36,6 @@ class Metasploit::Credential::Origin::Session < ActiveRecord::Base
|
|
36
36
|
# @return [String] a `Mdm::Module::Detail#refname` for a `Mdm::Module::Detail` where `Mdm::Module:Detail#mtype` is
|
37
37
|
# `'post'.`
|
38
38
|
|
39
|
-
#
|
40
|
-
# Mass Assignment Security
|
41
|
-
#
|
42
|
-
|
43
|
-
attr_accessible :post_reference_name
|
44
|
-
|
45
39
|
#
|
46
40
|
# Validations
|
47
41
|
#
|
@@ -12,7 +12,7 @@ class Metasploit::Credential::Engine < Rails::Engine
|
|
12
12
|
|
13
13
|
# Remove ActiveSupport::Dependencies loading paths to save time during constant resolution and to ensure that
|
14
14
|
# metasploit_data_models is properly declaring all autoloads and not falling back on ActiveSupport::Dependencies
|
15
|
-
config.paths.
|
15
|
+
config.paths.values.each do |path|
|
16
16
|
path.skip_autoload!
|
17
17
|
path.skip_autoload_once!
|
18
18
|
path.skip_eager_load!
|
@@ -130,7 +130,7 @@ class Metasploit::Credential::Exporter::Core
|
|
130
130
|
def line_for_login(login)
|
131
131
|
result = line_for_core(login.core)
|
132
132
|
result.merge({
|
133
|
-
host_address: login.service.host.address,
|
133
|
+
host_address: login.service.host.address.to_s,
|
134
134
|
service_port: login.service.port,
|
135
135
|
service_name: login.service.try(:name),
|
136
136
|
service_protocol: login.service.proto,
|
@@ -137,7 +137,7 @@ class Metasploit::Credential::Exporter::Pwdump
|
|
137
137
|
# @return [String]
|
138
138
|
def format_service_for_login(login)
|
139
139
|
service = login.service
|
140
|
-
address = service.host.address
|
140
|
+
address = service.host.address.to_s
|
141
141
|
"#{address}:#{service.port}/#{service.proto} (#{service.name})"
|
142
142
|
end
|
143
143
|
|
@@ -5,13 +5,13 @@ module Metasploit
|
|
5
5
|
# Holds components of {VERSION} as defined by {http://semver.org/spec/v2.0.0.html semantic versioning v2.0.0}.
|
6
6
|
module Version
|
7
7
|
# The major version number.
|
8
|
-
MAJOR =
|
8
|
+
MAJOR = 1
|
9
9
|
# The minor version number, scoped to the {MAJOR} version number.
|
10
|
-
MINOR =
|
11
|
-
# The patch number, scoped to the {
|
12
|
-
PATCH =
|
13
|
-
#
|
14
|
-
|
10
|
+
MINOR = 0
|
11
|
+
# The patch number, scoped to the {MINOR} version number.
|
12
|
+
PATCH = 0
|
13
|
+
# the prerelease identifier
|
14
|
+
PRERELEASE = 'rails-4.0'
|
15
15
|
|
16
16
|
# The full version string, including the {MAJOR}, {MINOR}, {PATCH}, and optionally, the {PRERELEASE} in the
|
17
17
|
# {http://semver.org/spec/v2.0.0.html semantic versioning v2.0.0} format.
|
@@ -3,10 +3,8 @@ require File.expand_path('../boot', __FILE__)
|
|
3
3
|
# Pick the frameworks you want:
|
4
4
|
require "active_record/railtie"
|
5
5
|
require "action_controller/railtie"
|
6
|
-
require "action_mailer/railtie"
|
7
|
-
require "
|
8
|
-
require "sprockets/railtie"
|
9
|
-
# require "rails/test_unit/railtie"
|
6
|
+
# require "action_mailer/railtie"
|
7
|
+
## require "sprockets/railtie"
|
10
8
|
|
11
9
|
Bundler.require(*Rails.groups)
|
12
10
|
require "metasploit/credential"
|
@@ -54,12 +52,6 @@ module Dummy
|
|
54
52
|
# like if you have constraints or database-specific column types
|
55
53
|
config.active_record.schema_format = :sql
|
56
54
|
|
57
|
-
# Enforce whitelist mode for mass assignment.
|
58
|
-
# This will create an empty whitelist of attributes available for mass-assignment for all models
|
59
|
-
# in your app. As such, your models will need to explicitly whitelist or blacklist accessible
|
60
|
-
# parameters by using an attr_accessible or attr_protected declaration.
|
61
|
-
config.active_record.whitelist_attributes = true
|
62
|
-
|
63
55
|
# Enable the asset pipeline
|
64
56
|
config.assets.enabled = true
|
65
57
|
|
@@ -1,22 +1,17 @@
|
|
1
|
-
|
2
|
-
defaults: &defaults
|
1
|
+
development: &pgsql
|
3
2
|
adapter: postgresql
|
4
|
-
|
3
|
+
database: metasploit_credential_development
|
4
|
+
username: lance
|
5
5
|
password: pass123
|
6
6
|
host: localhost
|
7
7
|
port: 5432
|
8
|
-
pool:
|
8
|
+
pool: 15
|
9
9
|
timeout: 5
|
10
|
-
|
11
|
-
development:
|
12
|
-
database: metasploit_cr_dev
|
13
|
-
<<: *defaults
|
14
|
-
|
15
|
-
test:
|
16
|
-
database: metasploit_cr_test
|
17
10
|
min_messages: WARNING
|
18
|
-
<<: *defaults
|
19
11
|
|
20
12
|
production:
|
21
|
-
|
22
|
-
|
13
|
+
<<: *pgsql
|
14
|
+
|
15
|
+
test:
|
16
|
+
<<: *pgsql
|
17
|
+
database: metasploit_credential_test
|
@@ -6,29 +6,19 @@ Dummy::Application.configure do
|
|
6
6
|
# since you don't have to restart the web server when you make code changes.
|
7
7
|
config.cache_classes = false
|
8
8
|
|
9
|
-
#
|
10
|
-
config.
|
9
|
+
# Do not eager load code on boot.
|
10
|
+
config.eager_load = false
|
11
11
|
|
12
12
|
# Show full error reports and disable caching
|
13
13
|
config.consider_all_requests_local = true
|
14
14
|
config.action_controller.perform_caching = false
|
15
15
|
|
16
|
-
# Don't care if the mailer can't send
|
17
|
-
config.action_mailer.raise_delivery_errors = false
|
16
|
+
# # Don't care if the mailer can't send
|
17
|
+
# config.action_mailer.raise_delivery_errors = false
|
18
18
|
|
19
19
|
# Print deprecation notices to the Rails logger
|
20
20
|
config.active_support.deprecation = :log
|
21
21
|
|
22
|
-
# Only use best-standards-support built into browsers
|
23
|
-
config.action_dispatch.best_standards_support = :builtin
|
24
|
-
|
25
|
-
# Raise exception on mass assignment protection for Active Record models
|
26
|
-
config.active_record.mass_assignment_sanitizer = :strict
|
27
|
-
|
28
|
-
# Log the query plan for queries taking more than this (works
|
29
|
-
# with SQLite, MySQL, and PostgreSQL)
|
30
|
-
config.active_record.auto_explain_threshold_in_seconds = 0.5
|
31
|
-
|
32
22
|
# Do not compress assets
|
33
23
|
config.assets.compress = false
|
34
24
|
|
@@ -3,6 +3,12 @@ Dummy::Application.configure do
|
|
3
3
|
|
4
4
|
# Code is not reloaded between requests
|
5
5
|
config.cache_classes = true
|
6
|
+
|
7
|
+
# Eager load code on boot. This eager loads most of Rails and
|
8
|
+
# your application in memory, allowing both thread web servers
|
9
|
+
# and those relying on copy on write to perform better.
|
10
|
+
# Rake tasks automatically ignore this option for performance.
|
11
|
+
config.eager_load = true
|
6
12
|
|
7
13
|
# Full error reports are disabled and caching is turned on
|
8
14
|
config.consider_all_requests_local = false
|
@@ -61,7 +67,4 @@ Dummy::Application.configure do
|
|
61
67
|
# Send deprecation notices to registered listeners
|
62
68
|
config.active_support.deprecation = :notify
|
63
69
|
|
64
|
-
# Log the query plan for queries taking more than this (works
|
65
|
-
# with SQLite, MySQL, and PostgreSQL)
|
66
|
-
# config.active_record.auto_explain_threshold_in_seconds = 0.5
|
67
70
|
end
|
@@ -7,6 +7,11 @@ Dummy::Application.configure do
|
|
7
7
|
# and recreated between test runs. Don't rely on the data there!
|
8
8
|
config.cache_classes = true
|
9
9
|
|
10
|
+
# Do not eager load code on boot. This avoids loading your whole application
|
11
|
+
# just for the purpose of running a single test. If you are using a tool that
|
12
|
+
# preloads Rails for running tests, you may have to set it to true.
|
13
|
+
config.eager_load = false
|
14
|
+
|
10
15
|
# Configure static asset server for tests with Cache-Control for performance
|
11
16
|
config.serve_static_assets = true
|
12
17
|
config.static_cache_control = "public, max-age=3600"
|
@@ -22,13 +27,10 @@ Dummy::Application.configure do
|
|
22
27
|
# Disable request forgery protection in test environment
|
23
28
|
config.action_controller.allow_forgery_protection = false
|
24
29
|
|
25
|
-
# Tell Action Mailer not to deliver emails to the real world.
|
26
|
-
# The :test delivery method accumulates sent emails in the
|
27
|
-
# ActionMailer::Base.deliveries array.
|
28
|
-
config.action_mailer.delivery_method = :test
|
29
|
-
|
30
|
-
# Raise exception on mass assignment protection for Active Record models
|
31
|
-
config.active_record.mass_assignment_sanitizer = :strict
|
30
|
+
# # Tell Action Mailer not to deliver emails to the real world.
|
31
|
+
# # The :test delivery method accumulates sent emails in the
|
32
|
+
# # ActionMailer::Base.deliveries array.
|
33
|
+
# config.action_mailer.delivery_method = :test
|
32
34
|
|
33
35
|
# Print deprecation notices to the stderr
|
34
36
|
config.active_support.deprecation = :stderr
|
data/spec/dummy/db/structure.sql
CHANGED
@@ -3,6 +3,7 @@
|
|
3
3
|
--
|
4
4
|
|
5
5
|
SET statement_timeout = 0;
|
6
|
+
SET lock_timeout = 0;
|
6
7
|
SET client_encoding = 'UTF8';
|
7
8
|
SET standard_conforming_strings = on;
|
8
9
|
SET check_function_bodies = false;
|
@@ -3326,17 +3327,17 @@ CREATE INDEX index_automatic_exploitation_match_sets_on_workspace_id ON automati
|
|
3326
3327
|
|
3327
3328
|
|
3328
3329
|
--
|
3329
|
-
-- Name:
|
3330
|
+
-- Name: index_automatic_exploitation_matches_on_module_detail_id; Type: INDEX; Schema: public; Owner: -; Tablespace:
|
3330
3331
|
--
|
3331
3332
|
|
3332
|
-
CREATE INDEX
|
3333
|
+
CREATE INDEX index_automatic_exploitation_matches_on_module_detail_id ON automatic_exploitation_matches USING btree (module_detail_id);
|
3333
3334
|
|
3334
3335
|
|
3335
3336
|
--
|
3336
|
-
-- Name:
|
3337
|
+
-- Name: index_automatic_exploitation_matches_on_module_fullname; Type: INDEX; Schema: public; Owner: -; Tablespace:
|
3337
3338
|
--
|
3338
3339
|
|
3339
|
-
CREATE INDEX
|
3340
|
+
CREATE INDEX index_automatic_exploitation_matches_on_module_fullname ON automatic_exploitation_matches USING btree (module_fullname);
|
3340
3341
|
|
3341
3342
|
|
3342
3343
|
--
|
@@ -3494,24 +3495,24 @@ CREATE UNIQUE INDEX index_metasploit_credential_realms_on_key_and_value ON metas
|
|
3494
3495
|
|
3495
3496
|
|
3496
3497
|
--
|
3497
|
-
-- Name:
|
3498
|
+
-- Name: index_module_actions_on_detail_id; Type: INDEX; Schema: public; Owner: -; Tablespace:
|
3498
3499
|
--
|
3499
3500
|
|
3500
|
-
CREATE INDEX
|
3501
|
+
CREATE INDEX index_module_actions_on_detail_id ON module_actions USING btree (detail_id);
|
3501
3502
|
|
3502
3503
|
|
3503
3504
|
--
|
3504
|
-
-- Name:
|
3505
|
+
-- Name: index_module_archs_on_detail_id; Type: INDEX; Schema: public; Owner: -; Tablespace:
|
3505
3506
|
--
|
3506
3507
|
|
3507
|
-
CREATE INDEX
|
3508
|
+
CREATE INDEX index_module_archs_on_detail_id ON module_archs USING btree (detail_id);
|
3508
3509
|
|
3509
3510
|
|
3510
3511
|
--
|
3511
|
-
-- Name:
|
3512
|
+
-- Name: index_module_authors_on_detail_id; Type: INDEX; Schema: public; Owner: -; Tablespace:
|
3512
3513
|
--
|
3513
3514
|
|
3514
|
-
CREATE INDEX
|
3515
|
+
CREATE INDEX index_module_authors_on_detail_id ON module_authors USING btree (detail_id);
|
3515
3516
|
|
3516
3517
|
|
3517
3518
|
--
|
@@ -3543,24 +3544,24 @@ CREATE INDEX index_module_details_on_refname ON module_details USING btree (refn
|
|
3543
3544
|
|
3544
3545
|
|
3545
3546
|
--
|
3546
|
-
-- Name:
|
3547
|
+
-- Name: index_module_mixins_on_detail_id; Type: INDEX; Schema: public; Owner: -; Tablespace:
|
3547
3548
|
--
|
3548
3549
|
|
3549
|
-
CREATE INDEX
|
3550
|
+
CREATE INDEX index_module_mixins_on_detail_id ON module_mixins USING btree (detail_id);
|
3550
3551
|
|
3551
3552
|
|
3552
3553
|
--
|
3553
|
-
-- Name:
|
3554
|
+
-- Name: index_module_platforms_on_detail_id; Type: INDEX; Schema: public; Owner: -; Tablespace:
|
3554
3555
|
--
|
3555
3556
|
|
3556
|
-
CREATE INDEX
|
3557
|
+
CREATE INDEX index_module_platforms_on_detail_id ON module_platforms USING btree (detail_id);
|
3557
3558
|
|
3558
3559
|
|
3559
3560
|
--
|
3560
|
-
-- Name:
|
3561
|
+
-- Name: index_module_refs_on_detail_id; Type: INDEX; Schema: public; Owner: -; Tablespace:
|
3561
3562
|
--
|
3562
3563
|
|
3563
|
-
CREATE INDEX
|
3564
|
+
CREATE INDEX index_module_refs_on_detail_id ON module_refs USING btree (detail_id);
|
3564
3565
|
|
3565
3566
|
|
3566
3567
|
--
|
@@ -3585,10 +3586,10 @@ CREATE INDEX index_module_runs_on_user_id ON module_runs USING btree (user_id);
|
|
3585
3586
|
|
3586
3587
|
|
3587
3588
|
--
|
3588
|
-
-- Name:
|
3589
|
+
-- Name: index_module_targets_on_detail_id; Type: INDEX; Schema: public; Owner: -; Tablespace:
|
3589
3590
|
--
|
3590
3591
|
|
3591
|
-
CREATE INDEX
|
3592
|
+
CREATE INDEX index_module_targets_on_detail_id ON module_targets USING btree (detail_id);
|
3592
3593
|
|
3593
3594
|
|
3594
3595
|
--
|
@@ -4058,8 +4059,12 @@ INSERT INTO schema_migrations (version) VALUES ('20150226151459');
|
|
4058
4059
|
|
4059
4060
|
INSERT INTO schema_migrations (version) VALUES ('20150312155312');
|
4060
4061
|
|
4062
|
+
INSERT INTO schema_migrations (version) VALUES ('20150317145455');
|
4063
|
+
|
4061
4064
|
INSERT INTO schema_migrations (version) VALUES ('20150326183742');
|
4062
4065
|
|
4066
|
+
INSERT INTO schema_migrations (version) VALUES ('20150421211719');
|
4067
|
+
|
4063
4068
|
INSERT INTO schema_migrations (version) VALUES ('21');
|
4064
4069
|
|
4065
4070
|
INSERT INTO schema_migrations (version) VALUES ('22');
|
@@ -4084,4 +4089,4 @@ INSERT INTO schema_migrations (version) VALUES ('7');
|
|
4084
4089
|
|
4085
4090
|
INSERT INTO schema_migrations (version) VALUES ('8');
|
4086
4091
|
|
4087
|
-
INSERT INTO schema_migrations (version) VALUES ('9');
|
4092
|
+
INSERT INTO schema_migrations (version) VALUES ('9');
|
@@ -1,7 +1,7 @@
|
|
1
1
|
FactoryGirl.define do
|
2
2
|
factory :metasploit_credential_core,
|
3
3
|
class: Metasploit::Credential::Core do
|
4
|
-
|
4
|
+
transient do
|
5
5
|
origin_factory { generate :metasploit_credential_core_origin_factory }
|
6
6
|
private_factory { generate :metasploit_credential_core_private_factory }
|
7
7
|
realm_factory { generate :metasploit_credential_core_realm_factory }
|
@@ -34,25 +34,25 @@ FactoryGirl.define do
|
|
34
34
|
}
|
35
35
|
|
36
36
|
factory :metasploit_credential_core_import do
|
37
|
-
|
37
|
+
transient do
|
38
38
|
origin_factory :metasploit_credential_origin_import
|
39
39
|
end
|
40
40
|
end
|
41
41
|
|
42
42
|
factory :metasploit_credential_core_manual do
|
43
|
-
|
43
|
+
transient do
|
44
44
|
origin_factory :metasploit_credential_origin_manual
|
45
45
|
end
|
46
46
|
end
|
47
47
|
|
48
48
|
factory :metasploit_credential_core_service do
|
49
|
-
|
49
|
+
transient do
|
50
50
|
origin_factory :metasploit_credential_origin_service
|
51
51
|
end
|
52
52
|
end
|
53
53
|
|
54
54
|
factory :metasploit_credential_core_session do
|
55
|
-
|
55
|
+
transient do
|
56
56
|
origin_factory :metasploit_credential_origin_session
|
57
57
|
end
|
58
58
|
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
FactoryGirl.define do
|
2
2
|
factory :metasploit_credential_origin_service,
|
3
3
|
class: Metasploit::Credential::Origin::Service do
|
4
|
-
|
4
|
+
transient do
|
5
5
|
module_type { generate :metasploit_credential_origin_service_module_type }
|
6
6
|
reference_name { generate :metasploit_credential_origin_service_reference_name }
|
7
7
|
end
|
@@ -4,12 +4,12 @@ FactoryGirl.define do
|
|
4
4
|
# uses its own data sequence to differentiate password hashes from other private data and #type is
|
5
5
|
# automatically set by ActiveRecord because Metasploit::Credential::Password is an STI subclass.
|
6
6
|
class: Metasploit::Credential::Password do
|
7
|
-
|
7
|
+
transient do
|
8
8
|
password_data { generate :metasploit_credential_password_data }
|
9
9
|
end
|
10
10
|
|
11
11
|
data {
|
12
|
-
BCrypt::Password.create(password_data).hash
|
12
|
+
BCrypt::Password.create(password_data).hash.to_s
|
13
13
|
}
|
14
14
|
end
|
15
15
|
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
FactoryGirl.define do
|
2
2
|
factory :metasploit_credential_ssh_key,
|
3
3
|
class: Metasploit::Credential::SSHKey do
|
4
|
-
|
4
|
+
transient do
|
5
5
|
key_type { generate :metasploit_credential_ssh_key_key_type }
|
6
6
|
# key size tuned for speed. DO NOT use for production, it is below current recommended key size of 2048
|
7
7
|
key_size { 512 }
|
@@ -13,13 +13,13 @@ FactoryGirl.define do
|
|
13
13
|
}
|
14
14
|
|
15
15
|
factory :metasploit_credential_dsa_key do
|
16
|
-
|
16
|
+
transient do
|
17
17
|
key_type :DSA
|
18
18
|
end
|
19
19
|
end
|
20
20
|
|
21
21
|
factory :metasploit_credential_rsa_key do
|
22
|
-
|
22
|
+
transient do
|
23
23
|
key_type :RSA
|
24
24
|
end
|
25
25
|
end
|
@@ -575,7 +575,7 @@ describe Metasploit::Credential::Creation do
|
|
575
575
|
let(:untried_login) { FactoryGirl.create(:metasploit_credential_login, status: Metasploit::Model::Login::Status::UNTRIED)}
|
576
576
|
|
577
577
|
let(:opts) {{
|
578
|
-
address: untried_login.service.host.address,
|
578
|
+
address: untried_login.service.host.address.to_s,
|
579
579
|
port: untried_login.service.port,
|
580
580
|
protocol: untried_login.service.proto,
|
581
581
|
username: untried_login.core.public.username,
|
@@ -86,14 +86,14 @@ describe Metasploit::Credential::Exporter::Core do
|
|
86
86
|
it 'should produce values in the proper order' do
|
87
87
|
result_hash.values.should == [core.public.username, core.private.type,
|
88
88
|
core.private.data, core.realm.key, core.realm.value,
|
89
|
-
login.service.host.address, login.service.port,
|
89
|
+
login.service.host.address.to_s, login.service.port,
|
90
90
|
login.service.name, login.service.proto,
|
91
91
|
login.status, login.access_level, login.last_attempted_at
|
92
92
|
]
|
93
93
|
end
|
94
94
|
|
95
95
|
it 'should produce a hash with the service host address' do
|
96
|
-
result_hash[:host_address].should == login.service.host.address
|
96
|
+
result_hash[:host_address].should == login.service.host.address.to_s
|
97
97
|
end
|
98
98
|
|
99
99
|
it 'should produce a hash with the service port' do
|
@@ -341,8 +341,7 @@ describe Metasploit::Credential::Exporter::Core do
|
|
341
341
|
end
|
342
342
|
|
343
343
|
it 'should contain the associated Mdm::Host#address for all Login objects' do
|
344
|
-
@login_host_addresses.should include(login1.service.host.address)
|
345
|
-
@login_host_addresses.should include(login2.service.host.address)
|
344
|
+
@login_host_addresses.should include(login1.service.host.address.to_s, login2.service.host.address.to_s)
|
346
345
|
end
|
347
346
|
|
348
347
|
it 'should contain the associated Mdm::Service#port (stringified) for all Login objects' do
|
@@ -13,7 +13,7 @@ describe Metasploit::Credential::Exporter::Pwdump do
|
|
13
13
|
describe "associated Mdm::Service objects" do
|
14
14
|
it 'should properly format the service information' do
|
15
15
|
service = login.service
|
16
|
-
exporter.format_service_for_login(login).should == "#{service.host.address}:#{service.port}/#{service.proto} (#{service.name})"
|
16
|
+
exporter.format_service_for_login(login).should == "#{service.host.address.to_s}:#{service.port}/#{service.proto} (#{service.name})"
|
17
17
|
end
|
18
18
|
end
|
19
19
|
|
@@ -14,7 +14,9 @@ describe Metasploit::Credential::Migrator do
|
|
14
14
|
describe "#convert_creds_in_workspace" do
|
15
15
|
describe "when there are no Mdm::Cred objects in the workspace" do
|
16
16
|
before(:each) do
|
17
|
-
workspace.
|
17
|
+
workspace.services.each do |service|
|
18
|
+
service.creds = []
|
19
|
+
end
|
18
20
|
end
|
19
21
|
|
20
22
|
it 'should not change the Core count' do
|
@@ -44,13 +46,9 @@ describe Metasploit::Credential::Migrator do
|
|
44
46
|
let(:service2){ FactoryGirl.create(:mdm_service, host: host2)}
|
45
47
|
let(:service3){ FactoryGirl.create(:mdm_service, host: host3)}
|
46
48
|
|
47
|
-
let(:cred1){ FactoryGirl.create(:mdm_cred, service: service1)}
|
48
|
-
let(:cred2){ FactoryGirl.create(:mdm_cred, service: service2)}
|
49
|
-
let(:cred3){ FactoryGirl.create(:mdm_cred, service: service3)}
|
50
|
-
|
51
|
-
before(:each) do
|
52
|
-
cred1; cred2; cred3
|
53
|
-
end
|
49
|
+
let!(:cred1){ FactoryGirl.create(:mdm_cred, service: service1)}
|
50
|
+
let!(:cred2){ FactoryGirl.create(:mdm_cred, service: service2)}
|
51
|
+
let!(:cred3){ FactoryGirl.create(:mdm_cred, service: service3)}
|
54
52
|
|
55
53
|
it 'should migrate them into Metasploit::Credential::Core objects' do
|
56
54
|
expect{migrator.convert_creds_in_workspace(workspace)}.to change(Metasploit::Credential::Core, :count).from(0).to(3)
|
@@ -62,10 +60,9 @@ describe Metasploit::Credential::Migrator do
|
|
62
60
|
end
|
63
61
|
|
64
62
|
it "should be created for each Mdm::Cred" do
|
65
|
-
Metasploit::Credential::Public.
|
66
|
-
Metasploit::Credential::Public.where(username: cred2.user).should_not be_blank
|
67
|
-
Metasploit::Credential::Public.where(username: cred3.user).should_not be_blank
|
63
|
+
expect(Metasploit::Credential::Public.pluck(:username)).to match_array([cred1.user, cred2.user, cred3.user])
|
68
64
|
end
|
65
|
+
|
69
66
|
end
|
70
67
|
|
71
68
|
describe "new Privates" do
|
@@ -74,10 +71,7 @@ describe Metasploit::Credential::Migrator do
|
|
74
71
|
end
|
75
72
|
|
76
73
|
it "should be created for each Mdm::Cred" do
|
77
|
-
|
78
|
-
Metasploit::Credential::Password.where(data: cred1.pass).should_not be_blank
|
79
|
-
Metasploit::Credential::Password.where(data: cred2.pass).should_not be_blank
|
80
|
-
Metasploit::Credential::Password.where(data: cred3.pass).should_not be_blank
|
74
|
+
expect(Metasploit::Credential::Password.pluck(:data)).to match_array([cred1.pass, cred2.pass, cred3.pass])
|
81
75
|
end
|
82
76
|
end
|
83
77
|
end
|
@@ -16,12 +16,4 @@ describe Metasploit::Credential::BlankUsername do
|
|
16
16
|
end
|
17
17
|
end
|
18
18
|
|
19
|
-
context 'mass assignment security' do
|
20
|
-
it { should_not allow_mass_assignment_of(:created_at) }
|
21
|
-
it { should_not allow_mass_assignment_of(:updated_at) }
|
22
|
-
it { should allow_mass_assignment_of(:username) }
|
23
|
-
end
|
24
|
-
|
25
|
-
|
26
|
-
|
27
19
|
end
|
@@ -153,18 +153,6 @@ describe Metasploit::Credential::Login do
|
|
153
153
|
end
|
154
154
|
end
|
155
155
|
|
156
|
-
context 'mass assignment security' do
|
157
|
-
it { should allow_mass_assignment_of(:access_level) }
|
158
|
-
it { should_not allow_mass_assignment_of(:core) }
|
159
|
-
it { should_not allow_mass_assignment_of(:core_id) }
|
160
|
-
it { should_not allow_mass_assignment_of(:created_at) }
|
161
|
-
it { should allow_mass_assignment_of(:last_attempted_at) }
|
162
|
-
it { should_not allow_mass_assignment_of(:service) }
|
163
|
-
it { should_not allow_mass_assignment_of(:service_id) }
|
164
|
-
it { should allow_mass_assignment_of(:status) }
|
165
|
-
it { should_not allow_mass_assignment_of(:updated_at) }
|
166
|
-
end
|
167
|
-
|
168
156
|
context 'search' do
|
169
157
|
let(:base_class) {
|
170
158
|
described_class
|
@@ -208,7 +196,7 @@ describe Metasploit::Credential::Login do
|
|
208
196
|
end
|
209
197
|
|
210
198
|
it { should validate_presence_of :service }
|
211
|
-
it { should
|
199
|
+
it { should validate_inclusion_of(:status).in_array(Metasploit::Model::Login::Status::ALL) }
|
212
200
|
|
213
201
|
context '#consistent_last_attempted_at' do
|
214
202
|
include_context 'Mdm::Workspace'
|
@@ -36,11 +36,4 @@ describe Metasploit::Credential::Origin::Import do
|
|
36
36
|
it { should be_valid }
|
37
37
|
end
|
38
38
|
|
39
|
-
context 'mass assignment security' do
|
40
|
-
it { should_not allow_mass_assignment_of :created_at }
|
41
|
-
it { should allow_mass_assignment_of :filename }
|
42
|
-
it { should_not allow_mass_assignment_of :task }
|
43
|
-
it { should_not allow_mass_assignment_of :task_id }
|
44
|
-
it { should_not allow_mass_assignment_of :updated_at }
|
45
|
-
end
|
46
39
|
end
|
@@ -40,14 +40,6 @@ describe Metasploit::Credential::Origin::Service do
|
|
40
40
|
end
|
41
41
|
end
|
42
42
|
|
43
|
-
context 'mass assignment security' do
|
44
|
-
it { should_not allow_mass_assignment_of :created_at }
|
45
|
-
it { should allow_mass_assignment_of :module_full_name }
|
46
|
-
it { should_not allow_mass_assignment_of :service }
|
47
|
-
it { should_not allow_mass_assignment_of :service_id }
|
48
|
-
it { should_not allow_mass_assignment_of :updated_at }
|
49
|
-
end
|
50
|
-
|
51
43
|
context 'validations' do
|
52
44
|
context '#module_full_name' do
|
53
45
|
# there is no way to test all values that match and do not match a regex, so testing by value is all that's
|
@@ -36,14 +36,6 @@ describe Metasploit::Credential::Origin::Session do
|
|
36
36
|
end
|
37
37
|
end
|
38
38
|
|
39
|
-
context 'mass assignment security' do
|
40
|
-
it { should_not allow_mass_assignment_of(:created_at) }
|
41
|
-
it { should allow_mass_assignment_of(:post_reference_name) }
|
42
|
-
it { should_not allow_mass_assignment_of(:session) }
|
43
|
-
it { should_not allow_mass_assignment_of(:session_id) }
|
44
|
-
it { should_not allow_mass_assignment_of(:updated_at) }
|
45
|
-
end
|
46
|
-
|
47
39
|
context 'validations' do
|
48
40
|
context 'post_reference_name' do
|
49
41
|
include_context 'Mdm::Workspace'
|
@@ -26,14 +26,6 @@ describe Metasploit::Credential::Private do
|
|
26
26
|
end
|
27
27
|
end
|
28
28
|
|
29
|
-
context 'mass assignement security' do
|
30
|
-
it { should_not allow_mass_assignment_of :created_at }
|
31
|
-
it { should allow_mass_assignment_of :data }
|
32
|
-
it { should_not allow_mass_assignment_of :id }
|
33
|
-
it { should_not allow_mass_assignment_of :updated_at }
|
34
|
-
it { should_not allow_mass_assignment_of :type }
|
35
|
-
end
|
36
|
-
|
37
29
|
context 'validations' do
|
38
30
|
context 'data' do
|
39
31
|
it { should validate_non_nilness_of :data }
|
@@ -50,7 +42,7 @@ describe Metasploit::Credential::Private do
|
|
50
42
|
#
|
51
43
|
|
52
44
|
let(:error) do
|
53
|
-
I18n.translate!(:'
|
45
|
+
I18n.translate!(:'errors.messages.taken')
|
54
46
|
end
|
55
47
|
|
56
48
|
let(:new_private) do
|
@@ -25,12 +25,6 @@ describe Metasploit::Credential::Public do
|
|
25
25
|
end
|
26
26
|
end
|
27
27
|
|
28
|
-
context 'mass assignment security' do
|
29
|
-
it { should_not allow_mass_assignment_of(:created_at) }
|
30
|
-
it { should_not allow_mass_assignment_of(:updated_at) }
|
31
|
-
it { should allow_mass_assignment_of(:username) }
|
32
|
-
end
|
33
|
-
|
34
28
|
context 'search' do
|
35
29
|
let(:base_class) {
|
36
30
|
described_class
|
@@ -80,12 +80,6 @@ describe Metasploit::Credential::Realm do
|
|
80
80
|
end
|
81
81
|
end
|
82
82
|
|
83
|
-
context 'mass assignment security' do
|
84
|
-
it { should allow_mass_assignment_of(:key) }
|
85
|
-
it { should allow_mass_assignment_of(:value) }
|
86
|
-
end
|
87
|
-
|
88
|
-
|
89
83
|
context 'search' do
|
90
84
|
context 'attributes' do
|
91
85
|
let(:base_class) {
|
@@ -106,7 +100,7 @@ describe Metasploit::Credential::Realm do
|
|
106
100
|
|
107
101
|
context 'validations' do
|
108
102
|
context 'on #key' do
|
109
|
-
it { should
|
103
|
+
it { should validate_inclusion_of(:key).in_array(Metasploit::Model::Realm::Key::ALL) }
|
110
104
|
it { should validate_presence_of :key }
|
111
105
|
end
|
112
106
|
|
@@ -125,7 +119,7 @@ describe Metasploit::Credential::Realm do
|
|
125
119
|
#
|
126
120
|
|
127
121
|
let(:error) do
|
128
|
-
I18n.translate!('
|
122
|
+
I18n.translate!('errors.messages.taken')
|
129
123
|
end
|
130
124
|
|
131
125
|
let(:new_realm) do
|
@@ -15,12 +15,6 @@ describe Metasploit::Credential::Username do
|
|
15
15
|
end
|
16
16
|
end
|
17
17
|
|
18
|
-
context 'mass assignment security' do
|
19
|
-
it { should_not allow_mass_assignment_of(:created_at) }
|
20
|
-
it { should_not allow_mass_assignment_of(:updated_at) }
|
21
|
-
it { should allow_mass_assignment_of(:username) }
|
22
|
-
end
|
23
|
-
|
24
18
|
context 'validations' do
|
25
19
|
context 'username' do
|
26
20
|
it { should validate_presence_of :username }
|
@@ -1,4 +1,4 @@
|
|
1
1
|
shared_examples_for 'timestamp database columns' do
|
2
|
-
it { should have_db_column(:created_at).of_type(:datetime)
|
3
|
-
it { should have_db_column(:updated_at).of_type(:datetime)
|
2
|
+
it { should have_db_column(:created_at).of_type(:datetime) }
|
3
|
+
it { should have_db_column(:updated_at).of_type(:datetime) }
|
4
4
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: metasploit-credential
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 1.0.0.pre.rails.pre.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Luke Imhoff
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2015-
|
12
|
+
date: 2015-04-29 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: metasploit-concern
|
@@ -17,56 +17,56 @@ dependencies:
|
|
17
17
|
requirements:
|
18
18
|
- - '='
|
19
19
|
- !ruby/object:Gem::Version
|
20
|
-
version: 0.4.0
|
20
|
+
version: 1.0.0.pre.rails.pre.4.0
|
21
21
|
type: :runtime
|
22
22
|
prerelease: false
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
24
24
|
requirements:
|
25
25
|
- - '='
|
26
26
|
- !ruby/object:Gem::Version
|
27
|
-
version: 0.4.0
|
27
|
+
version: 1.0.0.pre.rails.pre.4.0
|
28
28
|
- !ruby/object:Gem::Dependency
|
29
29
|
name: metasploit_data_models
|
30
30
|
requirement: !ruby/object:Gem::Requirement
|
31
31
|
requirements:
|
32
32
|
- - '='
|
33
33
|
- !ruby/object:Gem::Version
|
34
|
-
version: 0.
|
34
|
+
version: 1.0.0.pre.rails.pre.4.0a
|
35
35
|
type: :runtime
|
36
36
|
prerelease: false
|
37
37
|
version_requirements: !ruby/object:Gem::Requirement
|
38
38
|
requirements:
|
39
39
|
- - '='
|
40
40
|
- !ruby/object:Gem::Version
|
41
|
-
version: 0.
|
41
|
+
version: 1.0.0.pre.rails.pre.4.0a
|
42
42
|
- !ruby/object:Gem::Dependency
|
43
43
|
name: metasploit-model
|
44
44
|
requirement: !ruby/object:Gem::Requirement
|
45
45
|
requirements:
|
46
|
-
- -
|
46
|
+
- - '='
|
47
47
|
- !ruby/object:Gem::Version
|
48
|
-
version: 0.
|
48
|
+
version: 1.0.0.pre.rails.pre.4.0
|
49
49
|
type: :runtime
|
50
50
|
prerelease: false
|
51
51
|
version_requirements: !ruby/object:Gem::Requirement
|
52
52
|
requirements:
|
53
|
-
- -
|
53
|
+
- - '='
|
54
54
|
- !ruby/object:Gem::Version
|
55
|
-
version: 0.
|
55
|
+
version: 1.0.0.pre.rails.pre.4.0
|
56
56
|
- !ruby/object:Gem::Dependency
|
57
57
|
name: railties
|
58
58
|
requirement: !ruby/object:Gem::Requirement
|
59
59
|
requirements:
|
60
|
-
- - "
|
60
|
+
- - ">="
|
61
61
|
- !ruby/object:Gem::Version
|
62
|
-
version:
|
62
|
+
version: '0'
|
63
63
|
type: :runtime
|
64
64
|
prerelease: false
|
65
65
|
version_requirements: !ruby/object:Gem::Requirement
|
66
66
|
requirements:
|
67
|
-
- - "
|
67
|
+
- - ">="
|
68
68
|
- !ruby/object:Gem::Version
|
69
|
-
version:
|
69
|
+
version: '0'
|
70
70
|
- !ruby/object:Gem::Dependency
|
71
71
|
name: rubyntlm
|
72
72
|
requirement: !ruby/object:Gem::Requirement
|
@@ -313,12 +313,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
313
313
|
version: '2.1'
|
314
314
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
315
315
|
requirements:
|
316
|
-
- - "
|
316
|
+
- - ">"
|
317
317
|
- !ruby/object:Gem::Version
|
318
|
-
version:
|
318
|
+
version: 1.3.1
|
319
319
|
requirements: []
|
320
320
|
rubyforge_project:
|
321
|
-
rubygems_version: 2.4.
|
321
|
+
rubygems_version: 2.4.3
|
322
322
|
signing_key:
|
323
323
|
specification_version: 4
|
324
324
|
summary: Credential models for metasploit-framework and Metasploit Pro
|