RubyGems - dstruct - Versions diffs - 0.0.1 - Mend

dstruct 0.0.1

Files changed (491) hide show

checksums.yaml +15 -0
data/README.markdown +23 -0
data/examples/smb_example.rb +35 -0
data/lib/rex.rb +108 -0
data/lib/rex/LICENSE +29 -0
data/lib/rex/arch.rb +104 -0
data/lib/rex/arch/sparc.rb +75 -0
data/lib/rex/arch/x86.rb +524 -0
data/lib/rex/assembly/nasm.rb +104 -0
data/lib/rex/codepage.map +104 -0
data/lib/rex/compat.rb +389 -0
data/lib/rex/constants.rb +124 -0
data/lib/rex/elfparsey.rb +9 -0
data/lib/rex/elfparsey/elf.rb +121 -0
data/lib/rex/elfparsey/elfbase.rb +256 -0
data/lib/rex/elfparsey/exceptions.rb +25 -0
data/lib/rex/elfscan.rb +10 -0
data/lib/rex/elfscan/scanner.rb +226 -0
data/lib/rex/elfscan/search.rb +44 -0
data/lib/rex/encoder/alpha2.rb +31 -0
data/lib/rex/encoder/alpha2/alpha_mixed.rb +68 -0
data/lib/rex/encoder/alpha2/alpha_upper.rb +79 -0
data/lib/rex/encoder/alpha2/generic.rb +90 -0
data/lib/rex/encoder/alpha2/unicode_mixed.rb +116 -0
data/lib/rex/encoder/alpha2/unicode_upper.rb +123 -0
data/lib/rex/encoder/bloxor/bloxor.rb +327 -0
data/lib/rex/encoder/ndr.rb +90 -0
data/lib/rex/encoder/nonalpha.rb +61 -0
data/lib/rex/encoder/nonupper.rb +64 -0
data/lib/rex/encoder/xdr.rb +107 -0
data/lib/rex/encoder/xor.rb +69 -0
data/lib/rex/encoder/xor/dword.rb +13 -0
data/lib/rex/encoder/xor/dword_additive.rb +13 -0
data/lib/rex/encoders/xor_dword.rb +35 -0
data/lib/rex/encoders/xor_dword_additive.rb +53 -0
data/lib/rex/encoding/xor.rb +20 -0
data/lib/rex/encoding/xor/byte.rb +15 -0
data/lib/rex/encoding/xor/dword.rb +21 -0
data/lib/rex/encoding/xor/dword_additive.rb +92 -0
data/lib/rex/encoding/xor/exceptions.rb +17 -0
data/lib/rex/encoding/xor/generic.rb +146 -0
data/lib/rex/encoding/xor/qword.rb +15 -0
data/lib/rex/encoding/xor/word.rb +21 -0
data/lib/rex/exceptions.rb +275 -0
data/lib/rex/exploitation/cmdstager.rb +10 -0
data/lib/rex/exploitation/cmdstager/base.rb +190 -0
data/lib/rex/exploitation/cmdstager/bourne.rb +105 -0
data/lib/rex/exploitation/cmdstager/debug_asm.rb +140 -0
data/lib/rex/exploitation/cmdstager/debug_write.rb +134 -0
data/lib/rex/exploitation/cmdstager/echo.rb +164 -0
data/lib/rex/exploitation/cmdstager/printf.rb +122 -0
data/lib/rex/exploitation/cmdstager/tftp.rb +71 -0
data/lib/rex/exploitation/cmdstager/vbs.rb +126 -0
data/lib/rex/exploitation/egghunter.rb +425 -0
data/lib/rex/exploitation/encryptjs.rb +78 -0
data/lib/rex/exploitation/heaplib.js.b64 +331 -0
data/lib/rex/exploitation/heaplib.rb +107 -0
data/lib/rex/exploitation/js.rb +6 -0
data/lib/rex/exploitation/js/detect.rb +69 -0
data/lib/rex/exploitation/js/memory.rb +81 -0
data/lib/rex/exploitation/js/network.rb +84 -0
data/lib/rex/exploitation/js/utils.rb +33 -0
data/lib/rex/exploitation/jsobfu.rb +513 -0
data/lib/rex/exploitation/obfuscatejs.rb +336 -0
data/lib/rex/exploitation/omelet.rb +321 -0
data/lib/rex/exploitation/opcodedb.rb +819 -0
data/lib/rex/exploitation/powershell.rb +62 -0
data/lib/rex/exploitation/powershell/function.rb +63 -0
data/lib/rex/exploitation/powershell/obfu.rb +98 -0
data/lib/rex/exploitation/powershell/output.rb +151 -0
data/lib/rex/exploitation/powershell/param.rb +23 -0
data/lib/rex/exploitation/powershell/parser.rb +183 -0
data/lib/rex/exploitation/powershell/psh_methods.rb +70 -0
data/lib/rex/exploitation/powershell/script.rb +99 -0
data/lib/rex/exploitation/ropdb.rb +190 -0
data/lib/rex/exploitation/seh.rb +93 -0
data/lib/rex/file.rb +160 -0
data/lib/rex/image_source.rb +10 -0
data/lib/rex/image_source/disk.rb +58 -0
data/lib/rex/image_source/image_source.rb +44 -0
data/lib/rex/image_source/memory.rb +35 -0
data/lib/rex/io/bidirectional_pipe.rb +161 -0
data/lib/rex/io/datagram_abstraction.rb +35 -0
data/lib/rex/io/ring_buffer.rb +369 -0
data/lib/rex/io/stream.rb +312 -0
data/lib/rex/io/stream_abstraction.rb +209 -0
data/lib/rex/io/stream_server.rb +221 -0
data/lib/rex/job_container.rb +200 -0
data/lib/rex/logging.rb +4 -0
data/lib/rex/logging/log_dispatcher.rb +180 -0
data/lib/rex/logging/log_sink.rb +43 -0
data/lib/rex/logging/sinks/flatfile.rb +56 -0
data/lib/rex/logging/sinks/stderr.rb +44 -0
data/lib/rex/mac_oui.rb +16581 -0
data/lib/rex/machparsey.rb +9 -0
data/lib/rex/machparsey/exceptions.rb +34 -0
data/lib/rex/machparsey/mach.rb +209 -0
data/lib/rex/machparsey/machbase.rb +408 -0
data/lib/rex/machscan.rb +9 -0
data/lib/rex/machscan/scanner.rb +217 -0
data/lib/rex/mime.rb +10 -0
data/lib/rex/mime/encoding.rb +17 -0
data/lib/rex/mime/header.rb +78 -0
data/lib/rex/mime/message.rb +150 -0
data/lib/rex/mime/part.rb +50 -0
data/lib/rex/nop/opty2.rb +109 -0
data/lib/rex/nop/opty2_tables.rb +301 -0
data/lib/rex/ole.rb +202 -0
data/lib/rex/ole/clsid.rb +44 -0
data/lib/rex/ole/difat.rb +138 -0
data/lib/rex/ole/directory.rb +228 -0
data/lib/rex/ole/direntry.rb +237 -0
data/lib/rex/ole/docs/dependencies.txt +8 -0
data/lib/rex/ole/docs/references.txt +1 -0
data/lib/rex/ole/fat.rb +96 -0
data/lib/rex/ole/header.rb +201 -0
data/lib/rex/ole/minifat.rb +74 -0
data/lib/rex/ole/propset.rb +141 -0
data/lib/rex/ole/samples/create_ole.rb +27 -0
data/lib/rex/ole/samples/dir.rb +35 -0
data/lib/rex/ole/samples/dump_stream.rb +34 -0
data/lib/rex/ole/samples/ole_info.rb +23 -0
data/lib/rex/ole/storage.rb +392 -0
data/lib/rex/ole/stream.rb +50 -0
data/lib/rex/ole/substorage.rb +46 -0
data/lib/rex/ole/util.rb +154 -0
data/lib/rex/parser/acunetix_nokogiri.rb +406 -0
data/lib/rex/parser/apple_backup_manifestdb.rb +132 -0
data/lib/rex/parser/appscan_nokogiri.rb +367 -0
data/lib/rex/parser/arguments.rb +108 -0
data/lib/rex/parser/burp_session_nokogiri.rb +291 -0
data/lib/rex/parser/ci_nokogiri.rb +193 -0
data/lib/rex/parser/foundstone_nokogiri.rb +342 -0
data/lib/rex/parser/fusionvm_nokogiri.rb +109 -0
data/lib/rex/parser/group_policy_preferences.rb +185 -0
data/lib/rex/parser/ini.rb +186 -0
data/lib/rex/parser/ip360_aspl_xml.rb +103 -0
data/lib/rex/parser/ip360_xml.rb +98 -0
data/lib/rex/parser/mbsa_nokogiri.rb +256 -0
data/lib/rex/parser/nessus_xml.rb +121 -0
data/lib/rex/parser/netsparker_xml.rb +109 -0
data/lib/rex/parser/nexpose_raw_nokogiri.rb +686 -0
data/lib/rex/parser/nexpose_simple_nokogiri.rb +330 -0
data/lib/rex/parser/nexpose_xml.rb +172 -0
data/lib/rex/parser/nmap_nokogiri.rb +394 -0
data/lib/rex/parser/nmap_xml.rb +166 -0
data/lib/rex/parser/nokogiri_doc_mixin.rb +233 -0
data/lib/rex/parser/openvas_nokogiri.rb +172 -0
data/lib/rex/parser/outpost24_nokogiri.rb +240 -0
data/lib/rex/parser/retina_xml.rb +110 -0
data/lib/rex/parser/unattend.rb +171 -0
data/lib/rex/parser/wapiti_nokogiri.rb +105 -0
data/lib/rex/payloads.rb +2 -0
data/lib/rex/payloads/win32.rb +3 -0
data/lib/rex/payloads/win32/common.rb +27 -0
data/lib/rex/payloads/win32/kernel.rb +54 -0
data/lib/rex/payloads/win32/kernel/common.rb +55 -0
data/lib/rex/payloads/win32/kernel/migration.rb +13 -0
data/lib/rex/payloads/win32/kernel/recovery.rb +51 -0
data/lib/rex/payloads/win32/kernel/stager.rb +195 -0
data/lib/rex/peparsey.rb +10 -0
data/lib/rex/peparsey/exceptions.rb +30 -0
data/lib/rex/peparsey/pe.rb +210 -0
data/lib/rex/peparsey/pe_memdump.rb +61 -0
data/lib/rex/peparsey/pebase.rb +1662 -0
data/lib/rex/peparsey/section.rb +128 -0
data/lib/rex/pescan.rb +11 -0
data/lib/rex/pescan/analyze.rb +366 -0
data/lib/rex/pescan/scanner.rb +230 -0
data/lib/rex/pescan/search.rb +68 -0
data/lib/rex/platforms.rb +2 -0
data/lib/rex/platforms/windows.rb +52 -0
data/lib/rex/poly.rb +134 -0
data/lib/rex/poly/block.rb +480 -0
data/lib/rex/poly/machine.rb +13 -0
data/lib/rex/poly/machine/machine.rb +830 -0
data/lib/rex/poly/machine/x86.rb +509 -0
data/lib/rex/poly/register.rb +101 -0
data/lib/rex/poly/register/x86.rb +41 -0
data/lib/rex/post.rb +7 -0
data/lib/rex/post/dir.rb +51 -0
data/lib/rex/post/file.rb +172 -0
data/lib/rex/post/file_stat.rb +220 -0
data/lib/rex/post/gen.pl +13 -0
data/lib/rex/post/io.rb +182 -0
data/lib/rex/post/meterpreter.rb +5 -0
data/lib/rex/post/meterpreter/channel.rb +446 -0
data/lib/rex/post/meterpreter/channel_container.rb +54 -0
data/lib/rex/post/meterpreter/channels/pool.rb +160 -0
data/lib/rex/post/meterpreter/channels/pools/file.rb +62 -0
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +103 -0
data/lib/rex/post/meterpreter/channels/stream.rb +87 -0
data/lib/rex/post/meterpreter/client.rb +483 -0
data/lib/rex/post/meterpreter/client_core.rb +352 -0
data/lib/rex/post/meterpreter/dependencies.rb +3 -0
data/lib/rex/post/meterpreter/extension.rb +32 -0
data/lib/rex/post/meterpreter/extensions/android/android.rb +128 -0
data/lib/rex/post/meterpreter/extensions/android/tlv.rb +40 -0
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +58 -0
data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +17 -0
data/lib/rex/post/meterpreter/extensions/extapi/adsi/adsi.rb +71 -0
data/lib/rex/post/meterpreter/extensions/extapi/clipboard/clipboard.rb +169 -0
data/lib/rex/post/meterpreter/extensions/extapi/extapi.rb +45 -0
data/lib/rex/post/meterpreter/extensions/extapi/service/service.rb +104 -0
data/lib/rex/post/meterpreter/extensions/extapi/tlv.rb +77 -0
data/lib/rex/post/meterpreter/extensions/extapi/window/window.rb +56 -0
data/lib/rex/post/meterpreter/extensions/extapi/wmi/wmi.rb +75 -0
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +94 -0
data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +22 -0
data/lib/rex/post/meterpreter/extensions/kiwi/kiwi.rb +361 -0
data/lib/rex/post/meterpreter/extensions/kiwi/tlv.rb +76 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/dhcp/dhcp.rb +78 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb +43 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/tftp/tftp.rb +49 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb +17 -0
data/lib/rex/post/meterpreter/extensions/mimikatz/mimikatz.rb +128 -0
data/lib/rex/post/meterpreter/extensions/mimikatz/tlv.rb +16 -0
data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +57 -0
data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +16 -0
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +118 -0
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +61 -0
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +109 -0
data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +29 -0
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +117 -0
data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +27 -0
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +396 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +284 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +399 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +104 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +48 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/arp.rb +59 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +256 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +129 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/netstat.rb +97 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/resolve.rb +106 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +67 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +139 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +180 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +168 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +209 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +38146 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +48 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +2102 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb +32 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +97 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +3852 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +100 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +168 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_psapi.rb +32 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +32 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +3170 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_version.rb +41 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb +87 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wldap32.rb +128 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +613 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +388 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +111 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +149 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb +27 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb +515 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +319 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb +23 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +301 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb +56 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb +106 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +676 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +96 -0
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +151 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +128 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +192 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +41 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +60 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +408 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +129 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +55 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +336 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +141 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +328 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +193 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +102 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb +188 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +180 -0
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +236 -0
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +259 -0
data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +201 -0
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +30 -0
data/lib/rex/post/meterpreter/object_aliases.rb +83 -0
data/lib/rex/post/meterpreter/packet.rb +709 -0
data/lib/rex/post/meterpreter/packet_dispatcher.rb +543 -0
data/lib/rex/post/meterpreter/packet_parser.rb +94 -0
data/lib/rex/post/meterpreter/packet_response_waiter.rb +83 -0
data/lib/rex/post/meterpreter/ui/console.rb +142 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +86 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/android.rb +383 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +939 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +109 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi.rb +65 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/adsi.rb +198 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/clipboard.rb +444 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/service.rb +199 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/window.rb +118 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/wmi.rb +108 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +242 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/kiwi.rb +509 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks.rb +60 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks/dhcp.rb +254 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks/tftp.rb +159 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/mimikatz.rb +182 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +232 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +62 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +97 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +52 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +133 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +204 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +66 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +527 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +448 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +906 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +318 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +343 -0
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +99 -0
data/lib/rex/post/permission.rb +26 -0
data/lib/rex/post/process.rb +57 -0
data/lib/rex/post/thread.rb +57 -0
data/lib/rex/post/ui.rb +52 -0
data/lib/rex/proto.rb +15 -0
data/lib/rex/proto/addp.rb +218 -0
data/lib/rex/proto/dcerpc.rb +7 -0
data/lib/rex/proto/dcerpc/client.rb +362 -0
data/lib/rex/proto/dcerpc/exceptions.rb +151 -0
data/lib/rex/proto/dcerpc/handle.rb +48 -0
data/lib/rex/proto/dcerpc/ndr.rb +73 -0
data/lib/rex/proto/dcerpc/packet.rb +264 -0
data/lib/rex/proto/dcerpc/response.rb +188 -0
data/lib/rex/proto/dcerpc/uuid.rb +85 -0
data/lib/rex/proto/dcerpc/wdscp.rb +3 -0
data/lib/rex/proto/dcerpc/wdscp/constants.rb +89 -0
data/lib/rex/proto/dcerpc/wdscp/packet.rb +94 -0
data/lib/rex/proto/dhcp.rb +7 -0
data/lib/rex/proto/dhcp/constants.rb +34 -0
data/lib/rex/proto/dhcp/server.rb +334 -0
data/lib/rex/proto/drda.rb +6 -0
data/lib/rex/proto/drda/constants.rb +50 -0
data/lib/rex/proto/drda/packet.rb +253 -0
data/lib/rex/proto/drda/utils.rb +124 -0
data/lib/rex/proto/http.rb +7 -0
data/lib/rex/proto/http/client.rb +722 -0
data/lib/rex/proto/http/client_request.rb +472 -0
data/lib/rex/proto/http/handler.rb +47 -0
data/lib/rex/proto/http/handler/erb.rb +129 -0
data/lib/rex/proto/http/handler/proc.rb +61 -0
data/lib/rex/proto/http/header.rb +173 -0
data/lib/rex/proto/http/packet.rb +414 -0
data/lib/rex/proto/http/request.rb +354 -0
data/lib/rex/proto/http/response.rb +151 -0
data/lib/rex/proto/http/server.rb +385 -0
data/lib/rex/proto/iax2.rb +2 -0
data/lib/rex/proto/iax2/call.rb +326 -0
data/lib/rex/proto/iax2/client.rb +218 -0
data/lib/rex/proto/iax2/codecs.rb +5 -0
data/lib/rex/proto/iax2/codecs/alaw.rb +16 -0
data/lib/rex/proto/iax2/codecs/g711.rb +2176 -0
data/lib/rex/proto/iax2/codecs/mulaw.rb +17 -0
data/lib/rex/proto/iax2/constants.rb +262 -0
data/lib/rex/proto/ipmi.rb +57 -0
data/lib/rex/proto/ipmi/channel_auth_reply.rb +89 -0
data/lib/rex/proto/ipmi/open_session_reply.rb +36 -0
data/lib/rex/proto/ipmi/rakp2.rb +36 -0
data/lib/rex/proto/ipmi/utils.rb +125 -0
data/lib/rex/proto/natpmp.rb +7 -0
data/lib/rex/proto/natpmp/constants.rb +19 -0
data/lib/rex/proto/natpmp/packet.rb +45 -0
data/lib/rex/proto/ntlm.rb +8 -0
data/lib/rex/proto/ntlm/base.rb +327 -0
data/lib/rex/proto/ntlm/constants.rb +75 -0
data/lib/rex/proto/ntlm/crypt.rb +412 -0
data/lib/rex/proto/ntlm/exceptions.rb +17 -0
data/lib/rex/proto/ntlm/message.rb +534 -0
data/lib/rex/proto/ntlm/utils.rb +765 -0
data/lib/rex/proto/ntp.rb +3 -0
data/lib/rex/proto/ntp/constants.rb +12 -0
data/lib/rex/proto/ntp/modes.rb +130 -0
data/lib/rex/proto/pjl.rb +31 -0
data/lib/rex/proto/pjl/client.rb +163 -0
data/lib/rex/proto/proxy/socks4a.rb +441 -0
data/lib/rex/proto/rfb.rb +13 -0
data/lib/rex/proto/rfb/cipher.rb +82 -0
data/lib/rex/proto/rfb/client.rb +205 -0
data/lib/rex/proto/rfb/constants.rb +50 -0
data/lib/rex/proto/sip.rb +4 -0
data/lib/rex/proto/sip/response.rb +61 -0
data/lib/rex/proto/smb.rb +8 -0
data/lib/rex/proto/smb/client.rb +2064 -0
data/lib/rex/proto/smb/constants.rb +1064 -0
data/lib/rex/proto/smb/crypt.rb +37 -0
data/lib/rex/proto/smb/evasions.rb +67 -0
data/lib/rex/proto/smb/exceptions.rb +867 -0
data/lib/rex/proto/smb/simpleclient.rb +173 -0
data/lib/rex/proto/smb/simpleclient/open_file.rb +106 -0
data/lib/rex/proto/smb/simpleclient/open_pipe.rb +57 -0
data/lib/rex/proto/smb/utils.rb +104 -0
data/lib/rex/proto/sunrpc.rb +2 -0
data/lib/rex/proto/sunrpc/client.rb +196 -0
data/lib/rex/proto/tftp.rb +13 -0
data/lib/rex/proto/tftp/client.rb +344 -0
data/lib/rex/proto/tftp/constants.rb +39 -0
data/lib/rex/proto/tftp/server.rb +497 -0
data/lib/rex/random_identifier_generator.rb +177 -0
data/lib/rex/registry.rb +14 -0
data/lib/rex/registry/hive.rb +132 -0
data/lib/rex/registry/lfkey.rb +51 -0
data/lib/rex/registry/nodekey.rb +54 -0
data/lib/rex/registry/regf.rb +25 -0
data/lib/rex/registry/valuekey.rb +67 -0
data/lib/rex/registry/valuelist.rb +29 -0
data/lib/rex/ropbuilder.rb +8 -0
data/lib/rex/ropbuilder/rop.rb +271 -0
data/lib/rex/script.rb +42 -0
data/lib/rex/script/base.rb +61 -0
data/lib/rex/script/meterpreter.rb +16 -0
data/lib/rex/script/shell.rb +10 -0
data/lib/rex/service.rb +49 -0
data/lib/rex/service_manager.rb +154 -0
data/lib/rex/services/local_relay.rb +424 -0
data/lib/rex/socket.rb +788 -0
data/lib/rex/socket/comm.rb +120 -0
data/lib/rex/socket/comm/local.rb +526 -0
data/lib/rex/socket/ip.rb +132 -0
data/lib/rex/socket/parameters.rb +363 -0
data/lib/rex/socket/range_walker.rb +470 -0
data/lib/rex/socket/ssl_tcp.rb +345 -0
data/lib/rex/socket/ssl_tcp_server.rb +188 -0
data/lib/rex/socket/subnet_walker.rb +76 -0
data/lib/rex/socket/switch_board.rb +289 -0
data/lib/rex/socket/tcp.rb +79 -0
data/lib/rex/socket/tcp_server.rb +67 -0
data/lib/rex/socket/udp.rb +165 -0
data/lib/rex/sslscan/result.rb +201 -0
data/lib/rex/sslscan/scanner.rb +206 -0
data/lib/rex/struct2.rb +5 -0
data/lib/rex/struct2/c_struct.rb +181 -0
data/lib/rex/struct2/c_struct_template.rb +39 -0
data/lib/rex/struct2/constant.rb +26 -0
data/lib/rex/struct2/element.rb +44 -0
data/lib/rex/struct2/generic.rb +73 -0
data/lib/rex/struct2/restraint.rb +54 -0
data/lib/rex/struct2/s_string.rb +72 -0
data/lib/rex/struct2/s_struct.rb +111 -0
data/lib/rex/sync.rb +6 -0
data/lib/rex/sync/event.rb +85 -0
data/lib/rex/sync/read_write_lock.rb +177 -0
data/lib/rex/sync/ref.rb +58 -0
data/lib/rex/sync/thread_safe.rb +83 -0
data/lib/rex/text.rb +1813 -0
data/lib/rex/thread_factory.rb +43 -0
data/lib/rex/time.rb +66 -0
data/lib/rex/transformer.rb +116 -0
data/lib/rex/ui.rb +22 -0
data/lib/rex/ui/interactive.rb +304 -0
data/lib/rex/ui/output.rb +85 -0
data/lib/rex/ui/output/none.rb +19 -0
data/lib/rex/ui/progress_tracker.rb +97 -0
data/lib/rex/ui/subscriber.rb +160 -0
data/lib/rex/ui/text/color.rb +98 -0
data/lib/rex/ui/text/dispatcher_shell.rb +538 -0
data/lib/rex/ui/text/input.rb +119 -0
data/lib/rex/ui/text/input/buffer.rb +79 -0
data/lib/rex/ui/text/input/readline.rb +129 -0
data/lib/rex/ui/text/input/socket.rb +96 -0
data/lib/rex/ui/text/input/stdio.rb +46 -0
data/lib/rex/ui/text/irb_shell.rb +62 -0
data/lib/rex/ui/text/output.rb +86 -0
data/lib/rex/ui/text/output/buffer.rb +62 -0
data/lib/rex/ui/text/output/buffer/stdout.rb +26 -0
data/lib/rex/ui/text/output/file.rb +44 -0
data/lib/rex/ui/text/output/socket.rb +44 -0
data/lib/rex/ui/text/output/stdio.rb +53 -0
data/lib/rex/ui/text/output/tee.rb +56 -0
data/lib/rex/ui/text/progress_tracker.rb +57 -0
data/lib/rex/ui/text/shell.rb +403 -0
data/lib/rex/ui/text/table.rb +346 -0
data/lib/rex/zip.rb +96 -0
data/lib/rex/zip/archive.rb +130 -0
data/lib/rex/zip/blocks.rb +184 -0
data/lib/rex/zip/entry.rb +122 -0
data/lib/rex/zip/jar.rb +283 -0
data/lib/rex/zip/samples/comment.rb +32 -0
data/lib/rex/zip/samples/mkwar.rb +138 -0
data/lib/rex/zip/samples/mkzip.rb +19 -0
data/lib/rex/zip/samples/recursive.rb +58 -0
metadata +536 -0

data/lib/rex/proto/ntlm/constants.rb ADDED

@@ -0,0 +1,75 @@
+# -*- coding: binary -*-
+module Rex
+module Proto
+module NTLM
+class Constants
+  SSP_SIGN = "NTLMSSP\0"
+  BLOB_SIGN = 0x00000101
+  LM_MAGIC = "KGS!@\#$%"
+  TIME_OFFSET = 11644473600
+  MAX64 = 0xffffffffffffffff
+  FLAGS = {
+  :UNICODE              => 0x00000001,
+  :OEM                  => 0x00000002,
+  :REQUEST_TARGET       => 0x00000004,
+  #:UNKNOWN              => 0x00000008,
+  :SIGN                 => 0x00000010,
+  :SEAL                 => 0x00000020,
+  #:UNKNOWN              => 0x00000040,
+  :NETWARE              => 0x00000100,
+  :NTLM                 => 0x00000200,
+  #:UNKNOWN              => 0x00000400,
+  #:UNKNOWN              => 0x00000800,
+  :DOMAIN_SUPPLIED      => 0x00001000,
+  :WORKSTATION_SUPPLIED => 0x00002000,
+  :LOCAL_CALL           => 0x00004000,
+  :ALWAYS_SIGN          => 0x00008000,
+  :TARGET_TYPE_DOMAIN   => 0x00010000,
+  :TARGET_INFO          => 0x00800000,
+  :NTLM2_KEY            => 0x00080000,
+  :KEY128               => 0x20000000,
+  :KEY56                => 0x80000000
+  }
+  FLAG_KEYS = FLAGS.keys.sort{|a, b| FLAGS[a] <=> FLAGS[b] }
+  DEFAULT_FLAGS = {
+  :TYPE1 => FLAGS[:UNICODE] | FLAGS[:OEM] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY],
+  :TYPE2 => FLAGS[:UNICODE],
+  :TYPE3 => FLAGS[:UNICODE] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY]
+  }
+  # NTLM Response Type
+  NTLM_V1_RESPONSE =		1
+  NTLM_V2_RESPONSE =		2
+  NTLM_2_SESSION_RESPONSE = 	3
+  #the same flags but merged from lib/rex/proto/smb/constants and keeped for compatibility
+  # NTLMSSP Message Flags
+  NEGOTIATE_UNICODE     = 0x00000001  # Only set if Type 1 contains it - this or oem, not both
+  NEGOTIATE_OEM         = 0x00000002  # Only set if Type 1 contains it - this or unicode, not both
+  REQUEST_TARGET        = 0x00000004  # If set in Type 1, must return domain or server
+  NEGOTIATE_SIGN        = 0x00000010  # Session signature required
+  NEGOTIATE_SEAL        = 0x00000020  # Session seal required
+  NEGOTIATE_LMKEY       = 0x00000080  # LM Session Key should be used for signing and sealing
+  NEGOTIATE_NTLM        = 0x00000200  # NTLM auth is supported
+  NEGOTIATE_ANONYMOUS   = 0x00000800  # Anonymous context used
+  NEGOTIATE_DOMAIN      = 0x00001000  # Sent in Type1, client gives domain info
+  NEGOTIATE_WORKSTATION = 0x00002000  # Sent in Type1, client gives workstation info
+  NEGOTIATE_LOCAL_CALL  = 0x00004000  # Server and client are on same machine
+  NEGOTIATE_ALWAYS_SIGN = 0x00008000  # Add signatures to packets
+  TARGET_TYPE_DOMAIN    = 0x00010000  # If REQUEST_TARGET, we're adding the domain name
+  TARGET_TYPE_SERVER    = 0x00020000  # If REQUEST_TARGET, we're adding the server name
+  TARGET_TYPE_SHARE     = 0x00040000  # Supposed to denote "a share" but for a webserver?
+  NEGOTIATE_NTLM2_KEY   = 0x00080000  # NTLMv2 Signature and Key exchanges
+  NEGOTIATE_TARGET_INFO = 0x00800000  # Server set when sending Target Information Block
+  NEGOTIATE_128         = 0x20000000  # 128-bit encryption supported
+  NEGOTIATE_KEY_EXCH    = 0x40000000  # Client will supply encrypted master key in Session Key field of Type3 msg
+  NEGOTIATE_56          = 0x80000000  # 56-bit encryption supported
+end
+end
+end
+end

data/lib/rex/proto/ntlm/crypt.rb ADDED

@@ -0,0 +1,412 @@
+# -*- coding: binary -*-
+#
+# An NTLM Authentication Library for Ruby
+#
+# This code is a derivative of "dbf2.rb" written by yrock
+# and Minero Aoki. You can find original code here:
+# http://jp.rubyist.net/magazine/?0013-CodeReview
+# -------------------------------------------------------------
+# Copyright (c) 2005,2006 yrock
+#
+# This program is free software.
+# You can distribute/modify this program under the terms of the
+# Ruby License.
+#
+# 2011-03-08 improved through a code merge with Metasploit's SMB::Crypt
+# -------------------------------------------------------------
+#
+# 2011-02-23 refactored and improved by Alexandre Maloteaux for Metasploit Project
+# -------------------------------------------------------------
+#
+# 2006-02-11 refactored by Minero Aoki
+# -------------------------------------------------------------
+#
+# All protocol information used to write this code stems from
+# "The NTLM Authentication Protocol" by Eric Glass. The author
+# would thank to him for this tremendous work and making it
+# available on the net.
+# http://davenport.sourceforge.net/ntlm.html
+# -------------------------------------------------------------
+# Copyright (c) 2003 Eric Glass
+#
+# Permission to use, copy, modify, and distribute this document
+# for any purpose and without any fee is hereby granted,
+# provided that the above copyright notice and this list of
+# conditions appear in all copies.
+# -------------------------------------------------------------
+#
+# The author also looked Mozilla-Firefox-1.0.7 source code,
+# namely, security/manager/ssl/src/nsNTLMAuthModule.cpp and
+# Jonathan Bastien-Filiatrault's libntlm-ruby.
+# "http://x2a.org/websvn/filedetails.php?
+# repname=libntlm-ruby&path=%2Ftrunk%2Fntlm.rb&sc=1"
+# The latter has a minor bug in its separate_keys function.
+# The third key has to begin from the 14th character of the
+# input string instead of 13th:)
+require 'rex/proto/ntlm/constants'
+require 'rex/proto/ntlm/base'
+module Rex
+module Proto
+module NTLM
+class Crypt
+CONST = Rex::Proto::NTLM::Constants
+BASE = Rex::Proto::NTLM::Base
+  @@loaded_openssl = false
+  begin
+    require 'openssl'
+    require 'openssl/digest'
+    @@loaded_openssl = true
+  rescue ::Exception
+  end
+  def self.gen_keys(str)
+    str.scan(/.{7}/).map{ |key| des_56_to_64(key) }
+  end
+  def self.des_56_to_64(ckey56s)
+    ckey64 = []
+    ckey56 = ckey56s.unpack('C*')
+    ckey64[0] = ckey56[0]
+    ckey64[1] = ((ckey56[0] << 7) & 0xFF) | (ckey56[1] >> 1)
+    ckey64[2] = ((ckey56[1] << 6) & 0xFF) | (ckey56[2] >> 2)
+    ckey64[3] = ((ckey56[2] << 5) & 0xFF) | (ckey56[3] >> 3)
+    ckey64[4] = ((ckey56[3] << 4) & 0xFF) | (ckey56[4] >> 4)
+    ckey64[5] = ((ckey56[4] << 3) & 0xFF) | (ckey56[5] >> 5)
+    ckey64[6] = ((ckey56[5] << 2) & 0xFF) | (ckey56[6] >> 6)
+    ckey64[7] =  (ckey56[6] << 1) & 0xFF
+    ckey64.pack('C*')
+  end
+  def self.apply_des(plain, keys)
+    raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+    dec = OpenSSL::Cipher::DES.new
+    keys.map do |k|
+      dec.key = k
+      dec.encrypt.update(plain)
+    end
+  end
+  def self.lm_hash(password, half = false)
+    size = half ? 7 : 14
+    keys = gen_keys(password.upcase.ljust(size, "\0"))
+    apply_des(CONST::LM_MAGIC, keys).join
+  end
+  def self.ntlm_hash(password, opt = {})
+    raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+    pwd = password.dup
+    unless opt[:unicode]
+      pwd = Rex::Text.to_unicode(pwd)
+    end
+    OpenSSL::Digest::MD4.digest(pwd)
+  end
+  # This hash is used for lmv2/ntlmv2 response calculation
+  def self.ntlmv2_hash(user, password, domain, opt={})
+    raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+    if opt[:pass_is_hash]
+      ntlmhash = password
+    else
+      ntlmhash = ntlm_hash(password, opt)
+    end
+    # With Win 7 and maybe other OSs we sometimes get the domain not uppercased
+    userdomain = user.upcase  + domain
+    unless opt[:unicode]
+      userdomain = Rex::Text.to_unicode(userdomain)
+    end
+    OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmhash, userdomain)
+  end
+  # Create the LANMAN response
+  def self.lm_response(arg, half = false)
+    begin
+      hash = arg[:lm_hash]
+      chal = arg[:challenge]
+    rescue
+      raise ArgumentError
+    end
+    chal = BASE::pack_int64le(chal) if chal.is_a?(Integer)
+    if half then size = 7 else  size = 21 end
+    keys = gen_keys hash.ljust(size, "\0")
+    apply_des(chal, keys).join
+  end
+  # Synonym of lm_response for old compatibility with lib/rex/proto/smb/crypt
+  def self.lanman_des(password, challenge)
+    lm_response({
+      :lm_hash => self.lm_hash(password),
+      :challenge => challenge
+    })
+  end
+  def self.ntlm_response(arg)
+    hash = arg[:ntlm_hash]
+    chal = arg[:challenge]
+    chal = BASE::pack_int64le(chal) if chal.is_a?(::Integer)
+    keys = gen_keys(hash.ljust(21, "\0"))
+    apply_des(chal, keys).join
+  end
+  #synonym of ntlm_response for old compatibility with lib/rex/proto/smb/crypt
+  def self.ntlm_md4(password, challenge)
+    ntlm_response({
+      :ntlm_hash =>  self.ntlm_hash(password),
+      :challenge => challenge
+    })
+  end
+  def self.ntlmv2_response(arg, opt = {})
+    raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+    key, chal = arg[:ntlmv2_hash], arg[:challenge]
+    if not (key and chal)
+      raise ArgumentError , 'ntlmv2_hash and challenge are mandatory'
+    end
+    chal = BASE::pack_int64le(chal) if chal.is_a?(::Integer)
+    bb   = nil
+    if opt[:nt_client_challenge]
+      if opt[:nt_client_challenge].to_s.length <= 8
+        raise ArgumentError,"nt_client_challenge is not in a correct format "
+      end
+      bb = opt[:nt_client_challenge]
+    else
+      if not arg[:target_info]
+        raise ArgumentError, "target_info is mandatory in this case"
+      end
+      ti = arg[:target_info]
+      cc = opt[:client_challenge] || rand(CONST::MAX64)
+      cc = BASE::pack_int64le(cc) if cc.is_a?(::Integer)
+      ts = opt[:timestamp] || Time.now.to_i
+      # Convert the unix timestamp to windows format
+      #   epoch -> milsec from Jan 1, 1601
+      ts = 10000000 * (ts + CONST::TIME_OFFSET)
+      blob = BASE::Blob.new
+      blob.timestamp = ts
+      blob.challenge = cc
+      blob.target_info = ti
+      bb = blob.serialize
+    end
+    OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + bb) + bb
+  end
+  def self.lmv2_response(arg, opt = {})
+    raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+    key = arg[:ntlmv2_hash]
+    chal = arg[:challenge]
+    chal = BASE::pack_int64le(chal) if chal.is_a?(::Integer)
+    cc   = opt[:client_challenge] || rand(CONST::MAX64)
+    cc   = BASE::pack_int64le(cc) if cc.is_a?(::Integer)
+    OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + cc) + cc
+  end
+  def self.ntlm2_session(arg, opt = {})
+    raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+    passwd_hash,chal = arg[:ntlm_hash],arg[:challenge]
+    if not (passwd_hash and chal)
+      raise RuntimeError, "ntlm_hash and challenge are required"
+    end
+    cc = opt[:client_challenge] || rand(CONST::MAX64)
+    cc = BASE::pack_int64le(cc) if cc.is_a?(Integer)
+    keys = gen_keys(passwd_hash.ljust(21, "\0"))
+    session_hash = OpenSSL::Digest::MD5.digest(chal + cc)[0,8]
+    response = apply_des(session_hash, keys).join
+    [cc.ljust(24, "\0"), response]
+  end
+  #this function will check if the net lm response provided correspond to en empty password
+  def self.is_hash_from_empty_pwd?(arg)
+    hash_type = arg[:type]
+    raise ArgumentError,"arg[:type] is mandatory" if not hash_type
+    raise ArgumentError,"arg[:type] must be lm or ntlm" if not hash_type  =~ /^((lm)|(ntlm))$/
+    ntlm_ver = arg[:ntlm_ver]
+    raise ArgumentError,"arg[:ntlm_ver] is mandatory" if not ntlm_ver
+    hash = arg[:hash]
+    raise ArgumentError,"arg[:hash] is mandatory" if not hash
+    srv_chall = arg[:srv_challenge]
+    raise ArgumentError,"arg[:srv_challenge] is mandatory" if not srv_chall
+    raise ArgumentError,"Server challenge length must be exactly 8 bytes" if srv_chall.length != 8
+    #calculate responses for empty pwd
+    case ntlm_ver
+    when CONST::NTLM_V1_RESPONSE
+      if hash.length != 24
+        raise ArgumentError,"hash length must be exactly 24 bytes "
+      end
+      case hash_type
+      when 'lm'
+        arglm = { 	:lm_hash => self.lm_hash(''),
+            :challenge => srv_chall}
+        calculatedhash = self.lm_response(arglm)
+      when 'ntlm'
+        argntlm = { 	:ntlm_hash =>  self.ntlm_hash(''),
+            :challenge => srv_chall }
+        calculatedhash = self.ntlm_response(argntlm)
+      end
+    when CONST::NTLM_V2_RESPONSE
+      raise ArgumentError,"hash length must be exactly 16 bytes " if hash.length != 16
+      cli_chall = arg[:cli_challenge]
+      raise ArgumentError,"arg[:cli_challenge] is mandatory in this case" if not cli_chall
+      user = arg[:user]
+      raise ArgumentError,"arg[:user] is mandatory in this case" if not user
+      domain = arg[:domain]
+      raise ArgumentError,"arg[:domain] is mandatory in this case" if not domain
+      case hash_type
+      when 'lm'
+        raise ArgumentError,"Client challenge length must be exactly 8 bytes " if cli_chall.length != 8
+        arglm = {	:ntlmv2_hash =>  self.ntlmv2_hash(user,'', domain),
+            :challenge => srv_chall }
+        optlm = {	:client_challenge => cli_chall}
+        calculatedhash = self.lmv2_response(arglm, optlm)[0,16]
+      when 'ntlm'
+        raise ArgumentError,"Client challenge length must be bigger then 8 bytes " if cli_chall.length <= 8
+        argntlm = { 	:ntlmv2_hash =>  self.ntlmv2_hash(user, '', domain),
+            :challenge => srv_chall }
+        optntlm = { 	:nt_client_challenge => cli_chall}
+        calculatedhash = self.ntlmv2_response(argntlm,optntlm)[0,16]
+      end
+    when CONST::NTLM_2_SESSION_RESPONSE
+      raise ArgumentError,"hash length must be exactly 16 bytes " if hash.length != 24
+      cli_chall = arg[:cli_challenge]
+      raise ArgumentError,"arg[:cli_challenge] is mandatory in this case" if not cli_chall
+      raise ArgumentError,"Client challenge length must be exactly 8 bytes " if cli_chall.length != 8
+      case hash_type
+      when 'lm'
+        raise ArgumentError, "ntlm2_session is incompatible with lm"
+      when 'ntlm'
+        argntlm = { 	:ntlm_hash =>  self.ntlm_hash(''),
+            :challenge => srv_chall }
+        optntlm = {	:client_challenge => cli_chall}
+      end
+      calculatedhash = self.ntlm2_session(argntlm,optntlm).join[24,24]
+    else
+      raise ArgumentError,"ntlm_ver is of unknow type"
+    end
+    hash == calculatedhash
+  end
+  #
+  # Signing method added for metasploit project
+  #
+  # Used when only the LMv1 response is provided (i.e., with Win9x clients)
+  def self.lmv1_user_session_key(pass, opt = {})
+    if opt[:pass_is_hash]
+      usk = pass[0,8]
+    else
+      usk = self.lm_hash(pass.upcase[0,7],true)
+    end
+    usk.ljust(16,"\x00")
+  end
+  # This variant is used when the client sends the NTLMv1 response
+  def self.ntlmv1_user_session_key(pass, opt = {})
+    raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+    if opt[:pass_is_hash]
+      usk = pass
+    else
+      usk = self.ntlm_hash(pass)
+    end
+    OpenSSL::Digest::MD4.digest(usk)
+  end
+  # Used when NTLMv1 authentication is employed with NTLM2 session security
+  def self.ntlm2_session_user_session_key(pass, srv_chall, cli_chall, opt = {})
+    raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+    ntlm_key = self.ntlmv1_user_session_key(pass, opt )
+    session_chal = srv_chall + cli_chall
+    OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlm_key, session_chal)
+  end
+  # Used when the LMv2 response is sent
+  def self.lmv2_user_session_key(user, pass, domain, srv_chall, cli_chall, opt = {})
+    raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+    ntlmv2_key = self.ntlmv2_hash(user, pass, domain, opt)
+    hash1 = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmv2_key, srv_chall + cli_chall)
+    OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmv2_key, hash1)
+  end
+  # Used when the NTLMv2 response is sent
+  class << self; alias_method :ntlmv2_user_session_key, :lmv2_user_session_key; end
+  # Used when LanMan Key flag is set
+  def self.lanman_session_key(pass, srvchall, opt = {})
+    if opt[:pass_is_hash]
+      halfhash = pass[0,8]
+    else
+      halfhash = lm_hash(pass.upcase[0,7],true)
+    end
+    plain = self.lm_response({
+      :lm_hash => halfhash[0,7],
+      :challenge => srvchall
+    }, true )
+    key = halfhash  + ["bdbdbdbdbdbd"].pack("H*")
+        keys = self.gen_keys(key)
+       	apply_des(plain, keys).join
+  end
+  def self.encrypt_sessionkey(session_key, user_session_key)
+    raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+    cipher = OpenSSL::Cipher::Cipher.new('rc4')
+    cipher.encrypt
+    cipher.key = user_session_key
+    cipher.update(session_key)
+  end
+  def self.decrypt_sessionkey(encrypted_session_key, user_session_key)
+    raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+    cipher = OpenSSL::Cipher::Cipher.new('rc4')
+    cipher.decrypt
+    cipher.key = user_session_key
+    cipher.update(encrypted_session_key)
+  end
+  def self.make_weak_sessionkey(session_key,key_size,lanman_key = false)
+    case key_size
+    when 40
+      if lanman_key
+        return session_key[0,5] + "\xe5\x38\xb0"
+      else
+        return session_key[0,5]
+      end
+    when 56
+      if lanman_key
+        return session_key[0,7]  + "\xa0"
+      else
+        return session_key[0,7]
+      end
+    else #128
+      return session_key[0,16]
+    end
+  end
+end
+end
+end
+end