phpmyadmin login scanner

[HugoDelval]

Hi,

sorry if I make a lot of mistakes, that's my first pull request.
I wrote a login scanner for phpMyAdmin (which brute-force the credentials).
That's also my first module in metasploit so if something is wrong, please tell me.
It is working fine as far as I tested.

Have a good day!

[bcook-r7]

Hi @HugoDelval - please note the msftidy warnings building this pull request. Looks like some minor whitespace issues.

[HugoDelval]

Hi @bcook-r7 I wasn't aware of this feature (travis-ci), looks awesome !
It seems to work now :)

[todb-r7]

@HugoDelval you'll want to revert those Gemfile changes, too. Module submissions pretty much never need to touch those.

[HugoDelval]

Done :)

[void-in]

@HugoDelval Do you have any experience of rspec? Changing anything in lib require writing the specs.

[HugoDelval]

@void-in no I don't :/ I didn't know that !

[void-in]

@HugoDelval You can take a look at https://github.com/rapid7/metasploit-framework/blob/bf7e0695d0bae27a94772f7079221a5128795920/spec/lib/metasploit/framework/login_scanner/nessus_spec.rb as an example. If you didn't understand, it's no issue. I will wrote the specs for your module then.

[HugoDelval]

@void-in I am going to learn it but not right now, I guess there is no rush ? I'll re-post here when it's done :)

[void-in]

@HugoDelval No rush at all. Once you are comfortable, add the spec file and update your branch. This PR will be automatically updated with the third file included.

If you ever need help, post it at https://community.rapid7.com and will figure out there.

[wchen-r7]

@HugoDelval @void-in what versions did you guys test this on? I tested it on 3.5.0 and above, and it didn't work for me, so I tried to fix it. I've submitted a patch here to @HugoDelval: HugoDelval#1

[wchen-r7]

Marking this PR as delayed, because I think more work is needed.

[void-in]

@wchen-r7 I think the version I tested on was 3.0. However I am not sure. Will test it again on the mentioned targets. If there isn't any progress on this in the coming days, I will take it.

[bcook-r7]

We are going to move this to unstable.

[jvazquez-r7]

I've moved the module to unstable with this PR: #6194

@HugoDelval feel free to open an new pr at any moment once you are ready to continue. According to the comments the remaining tasks to allow landing it into master are:

• specs for the lib code
• @wchen-r7 couldn't make it work on 3.5.0, if this version isn't supported, information about the supported versions in order to test is required. Also, supporting 3.5.0 if it's newer would be nice :)

Thanks!