RubyGems - dstruct - Versions diffs - 0.0.1 - Mend

dstruct 0.0.1

Files changed (491) hide show

checksums.yaml +15 -0
data/README.markdown +23 -0
data/examples/smb_example.rb +35 -0
data/lib/rex.rb +108 -0
data/lib/rex/LICENSE +29 -0
data/lib/rex/arch.rb +104 -0
data/lib/rex/arch/sparc.rb +75 -0
data/lib/rex/arch/x86.rb +524 -0
data/lib/rex/assembly/nasm.rb +104 -0
data/lib/rex/codepage.map +104 -0
data/lib/rex/compat.rb +389 -0
data/lib/rex/constants.rb +124 -0
data/lib/rex/elfparsey.rb +9 -0
data/lib/rex/elfparsey/elf.rb +121 -0
data/lib/rex/elfparsey/elfbase.rb +256 -0
data/lib/rex/elfparsey/exceptions.rb +25 -0
data/lib/rex/elfscan.rb +10 -0
data/lib/rex/elfscan/scanner.rb +226 -0
data/lib/rex/elfscan/search.rb +44 -0
data/lib/rex/encoder/alpha2.rb +31 -0
data/lib/rex/encoder/alpha2/alpha_mixed.rb +68 -0
data/lib/rex/encoder/alpha2/alpha_upper.rb +79 -0
data/lib/rex/encoder/alpha2/generic.rb +90 -0
data/lib/rex/encoder/alpha2/unicode_mixed.rb +116 -0
data/lib/rex/encoder/alpha2/unicode_upper.rb +123 -0
data/lib/rex/encoder/bloxor/bloxor.rb +327 -0
data/lib/rex/encoder/ndr.rb +90 -0
data/lib/rex/encoder/nonalpha.rb +61 -0
data/lib/rex/encoder/nonupper.rb +64 -0
data/lib/rex/encoder/xdr.rb +107 -0
data/lib/rex/encoder/xor.rb +69 -0
data/lib/rex/encoder/xor/dword.rb +13 -0
data/lib/rex/encoder/xor/dword_additive.rb +13 -0
data/lib/rex/encoders/xor_dword.rb +35 -0
data/lib/rex/encoders/xor_dword_additive.rb +53 -0
data/lib/rex/encoding/xor.rb +20 -0
data/lib/rex/encoding/xor/byte.rb +15 -0
data/lib/rex/encoding/xor/dword.rb +21 -0
data/lib/rex/encoding/xor/dword_additive.rb +92 -0
data/lib/rex/encoding/xor/exceptions.rb +17 -0
data/lib/rex/encoding/xor/generic.rb +146 -0
data/lib/rex/encoding/xor/qword.rb +15 -0
data/lib/rex/encoding/xor/word.rb +21 -0
data/lib/rex/exceptions.rb +275 -0
data/lib/rex/exploitation/cmdstager.rb +10 -0
data/lib/rex/exploitation/cmdstager/base.rb +190 -0
data/lib/rex/exploitation/cmdstager/bourne.rb +105 -0
data/lib/rex/exploitation/cmdstager/debug_asm.rb +140 -0
data/lib/rex/exploitation/cmdstager/debug_write.rb +134 -0
data/lib/rex/exploitation/cmdstager/echo.rb +164 -0
data/lib/rex/exploitation/cmdstager/printf.rb +122 -0
data/lib/rex/exploitation/cmdstager/tftp.rb +71 -0
data/lib/rex/exploitation/cmdstager/vbs.rb +126 -0
data/lib/rex/exploitation/egghunter.rb +425 -0
data/lib/rex/exploitation/encryptjs.rb +78 -0
data/lib/rex/exploitation/heaplib.js.b64 +331 -0
data/lib/rex/exploitation/heaplib.rb +107 -0
data/lib/rex/exploitation/js.rb +6 -0
data/lib/rex/exploitation/js/detect.rb +69 -0
data/lib/rex/exploitation/js/memory.rb +81 -0
data/lib/rex/exploitation/js/network.rb +84 -0
data/lib/rex/exploitation/js/utils.rb +33 -0
data/lib/rex/exploitation/jsobfu.rb +513 -0
data/lib/rex/exploitation/obfuscatejs.rb +336 -0
data/lib/rex/exploitation/omelet.rb +321 -0
data/lib/rex/exploitation/opcodedb.rb +819 -0
data/lib/rex/exploitation/powershell.rb +62 -0
data/lib/rex/exploitation/powershell/function.rb +63 -0
data/lib/rex/exploitation/powershell/obfu.rb +98 -0
data/lib/rex/exploitation/powershell/output.rb +151 -0
data/lib/rex/exploitation/powershell/param.rb +23 -0
data/lib/rex/exploitation/powershell/parser.rb +183 -0
data/lib/rex/exploitation/powershell/psh_methods.rb +70 -0
data/lib/rex/exploitation/powershell/script.rb +99 -0
data/lib/rex/exploitation/ropdb.rb +190 -0
data/lib/rex/exploitation/seh.rb +93 -0
data/lib/rex/file.rb +160 -0
data/lib/rex/image_source.rb +10 -0
data/lib/rex/image_source/disk.rb +58 -0
data/lib/rex/image_source/image_source.rb +44 -0
data/lib/rex/image_source/memory.rb +35 -0
data/lib/rex/io/bidirectional_pipe.rb +161 -0
data/lib/rex/io/datagram_abstraction.rb +35 -0
data/lib/rex/io/ring_buffer.rb +369 -0
data/lib/rex/io/stream.rb +312 -0
data/lib/rex/io/stream_abstraction.rb +209 -0
data/lib/rex/io/stream_server.rb +221 -0
data/lib/rex/job_container.rb +200 -0
data/lib/rex/logging.rb +4 -0
data/lib/rex/logging/log_dispatcher.rb +180 -0
data/lib/rex/logging/log_sink.rb +43 -0
data/lib/rex/logging/sinks/flatfile.rb +56 -0
data/lib/rex/logging/sinks/stderr.rb +44 -0
data/lib/rex/mac_oui.rb +16581 -0
data/lib/rex/machparsey.rb +9 -0
data/lib/rex/machparsey/exceptions.rb +34 -0
data/lib/rex/machparsey/mach.rb +209 -0
data/lib/rex/machparsey/machbase.rb +408 -0
data/lib/rex/machscan.rb +9 -0
data/lib/rex/machscan/scanner.rb +217 -0
data/lib/rex/mime.rb +10 -0
data/lib/rex/mime/encoding.rb +17 -0
data/lib/rex/mime/header.rb +78 -0
data/lib/rex/mime/message.rb +150 -0
data/lib/rex/mime/part.rb +50 -0
data/lib/rex/nop/opty2.rb +109 -0
data/lib/rex/nop/opty2_tables.rb +301 -0
data/lib/rex/ole.rb +202 -0
data/lib/rex/ole/clsid.rb +44 -0
data/lib/rex/ole/difat.rb +138 -0
data/lib/rex/ole/directory.rb +228 -0
data/lib/rex/ole/direntry.rb +237 -0
data/lib/rex/ole/docs/dependencies.txt +8 -0
data/lib/rex/ole/docs/references.txt +1 -0
data/lib/rex/ole/fat.rb +96 -0
data/lib/rex/ole/header.rb +201 -0
data/lib/rex/ole/minifat.rb +74 -0
data/lib/rex/ole/propset.rb +141 -0
data/lib/rex/ole/samples/create_ole.rb +27 -0
data/lib/rex/ole/samples/dir.rb +35 -0
data/lib/rex/ole/samples/dump_stream.rb +34 -0
data/lib/rex/ole/samples/ole_info.rb +23 -0
data/lib/rex/ole/storage.rb +392 -0
data/lib/rex/ole/stream.rb +50 -0
data/lib/rex/ole/substorage.rb +46 -0
data/lib/rex/ole/util.rb +154 -0
data/lib/rex/parser/acunetix_nokogiri.rb +406 -0
data/lib/rex/parser/apple_backup_manifestdb.rb +132 -0
data/lib/rex/parser/appscan_nokogiri.rb +367 -0
data/lib/rex/parser/arguments.rb +108 -0
data/lib/rex/parser/burp_session_nokogiri.rb +291 -0
data/lib/rex/parser/ci_nokogiri.rb +193 -0
data/lib/rex/parser/foundstone_nokogiri.rb +342 -0
data/lib/rex/parser/fusionvm_nokogiri.rb +109 -0
data/lib/rex/parser/group_policy_preferences.rb +185 -0
data/lib/rex/parser/ini.rb +186 -0
data/lib/rex/parser/ip360_aspl_xml.rb +103 -0
data/lib/rex/parser/ip360_xml.rb +98 -0
data/lib/rex/parser/mbsa_nokogiri.rb +256 -0
data/lib/rex/parser/nessus_xml.rb +121 -0
data/lib/rex/parser/netsparker_xml.rb +109 -0
data/lib/rex/parser/nexpose_raw_nokogiri.rb +686 -0
data/lib/rex/parser/nexpose_simple_nokogiri.rb +330 -0
data/lib/rex/parser/nexpose_xml.rb +172 -0
data/lib/rex/parser/nmap_nokogiri.rb +394 -0
data/lib/rex/parser/nmap_xml.rb +166 -0
data/lib/rex/parser/nokogiri_doc_mixin.rb +233 -0
data/lib/rex/parser/openvas_nokogiri.rb +172 -0
data/lib/rex/parser/outpost24_nokogiri.rb +240 -0
data/lib/rex/parser/retina_xml.rb +110 -0
data/lib/rex/parser/unattend.rb +171 -0
data/lib/rex/parser/wapiti_nokogiri.rb +105 -0
data/lib/rex/payloads.rb +2 -0
data/lib/rex/payloads/win32.rb +3 -0
data/lib/rex/payloads/win32/common.rb +27 -0
data/lib/rex/payloads/win32/kernel.rb +54 -0
data/lib/rex/payloads/win32/kernel/common.rb +55 -0
data/lib/rex/payloads/win32/kernel/migration.rb +13 -0
data/lib/rex/payloads/win32/kernel/recovery.rb +51 -0
data/lib/rex/payloads/win32/kernel/stager.rb +195 -0
data/lib/rex/peparsey.rb +10 -0
data/lib/rex/peparsey/exceptions.rb +30 -0
data/lib/rex/peparsey/pe.rb +210 -0
data/lib/rex/peparsey/pe_memdump.rb +61 -0
data/lib/rex/peparsey/pebase.rb +1662 -0
data/lib/rex/peparsey/section.rb +128 -0
data/lib/rex/pescan.rb +11 -0
data/lib/rex/pescan/analyze.rb +366 -0
data/lib/rex/pescan/scanner.rb +230 -0
data/lib/rex/pescan/search.rb +68 -0
data/lib/rex/platforms.rb +2 -0
data/lib/rex/platforms/windows.rb +52 -0
data/lib/rex/poly.rb +134 -0
data/lib/rex/poly/block.rb +480 -0
data/lib/rex/poly/machine.rb +13 -0
data/lib/rex/poly/machine/machine.rb +830 -0
data/lib/rex/poly/machine/x86.rb +509 -0
data/lib/rex/poly/register.rb +101 -0
data/lib/rex/poly/register/x86.rb +41 -0
data/lib/rex/post.rb +7 -0
data/lib/rex/post/dir.rb +51 -0
data/lib/rex/post/file.rb +172 -0
data/lib/rex/post/file_stat.rb +220 -0
data/lib/rex/post/gen.pl +13 -0
data/lib/rex/post/io.rb +182 -0
data/lib/rex/post/meterpreter.rb +5 -0
data/lib/rex/post/meterpreter/channel.rb +446 -0
data/lib/rex/post/meterpreter/channel_container.rb +54 -0
data/lib/rex/post/meterpreter/channels/pool.rb +160 -0
data/lib/rex/post/meterpreter/channels/pools/file.rb +62 -0
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +103 -0
data/lib/rex/post/meterpreter/channels/stream.rb +87 -0
data/lib/rex/post/meterpreter/client.rb +483 -0
data/lib/rex/post/meterpreter/client_core.rb +352 -0
data/lib/rex/post/meterpreter/dependencies.rb +3 -0
data/lib/rex/post/meterpreter/extension.rb +32 -0
data/lib/rex/post/meterpreter/extensions/android/android.rb +128 -0
data/lib/rex/post/meterpreter/extensions/android/tlv.rb +40 -0
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +58 -0
data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +17 -0
data/lib/rex/post/meterpreter/extensions/extapi/adsi/adsi.rb +71 -0
data/lib/rex/post/meterpreter/extensions/extapi/clipboard/clipboard.rb +169 -0
data/lib/rex/post/meterpreter/extensions/extapi/extapi.rb +45 -0
data/lib/rex/post/meterpreter/extensions/extapi/service/service.rb +104 -0
data/lib/rex/post/meterpreter/extensions/extapi/tlv.rb +77 -0
data/lib/rex/post/meterpreter/extensions/extapi/window/window.rb +56 -0
data/lib/rex/post/meterpreter/extensions/extapi/wmi/wmi.rb +75 -0
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +94 -0
data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +22 -0
data/lib/rex/post/meterpreter/extensions/kiwi/kiwi.rb +361 -0
data/lib/rex/post/meterpreter/extensions/kiwi/tlv.rb +76 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/dhcp/dhcp.rb +78 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb +43 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/tftp/tftp.rb +49 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb +17 -0
data/lib/rex/post/meterpreter/extensions/mimikatz/mimikatz.rb +128 -0
data/lib/rex/post/meterpreter/extensions/mimikatz/tlv.rb +16 -0
data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +57 -0
data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +16 -0
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +118 -0
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +61 -0
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +109 -0
data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +29 -0
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +117 -0
data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +27 -0
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +396 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +284 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +399 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +104 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +48 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/arp.rb +59 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +256 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +129 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/netstat.rb +97 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/resolve.rb +106 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +67 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +139 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +180 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +168 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +209 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +38146 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +48 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +2102 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb +32 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +97 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +3852 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +100 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +168 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_psapi.rb +32 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +32 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +3170 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_version.rb +41 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb +87 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wldap32.rb +128 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +613 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +388 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +111 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +149 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb +27 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb +515 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +319 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb +23 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +301 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb +56 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb +106 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +676 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +96 -0
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +151 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +128 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +192 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +41 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +60 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +408 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +129 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +55 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +336 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +141 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +328 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +193 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +102 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb +188 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +180 -0
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +236 -0
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +259 -0
data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +201 -0
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +30 -0
data/lib/rex/post/meterpreter/object_aliases.rb +83 -0
data/lib/rex/post/meterpreter/packet.rb +709 -0
data/lib/rex/post/meterpreter/packet_dispatcher.rb +543 -0
data/lib/rex/post/meterpreter/packet_parser.rb +94 -0
data/lib/rex/post/meterpreter/packet_response_waiter.rb +83 -0
data/lib/rex/post/meterpreter/ui/console.rb +142 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +86 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/android.rb +383 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +939 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +109 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi.rb +65 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/adsi.rb +198 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/clipboard.rb +444 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/service.rb +199 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/window.rb +118 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/wmi.rb +108 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +242 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/kiwi.rb +509 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks.rb +60 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks/dhcp.rb +254 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks/tftp.rb +159 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/mimikatz.rb +182 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +232 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +62 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +97 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +52 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +133 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +204 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +66 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +527 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +448 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +906 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +318 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +343 -0
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +99 -0
data/lib/rex/post/permission.rb +26 -0
data/lib/rex/post/process.rb +57 -0
data/lib/rex/post/thread.rb +57 -0
data/lib/rex/post/ui.rb +52 -0
data/lib/rex/proto.rb +15 -0
data/lib/rex/proto/addp.rb +218 -0
data/lib/rex/proto/dcerpc.rb +7 -0
data/lib/rex/proto/dcerpc/client.rb +362 -0
data/lib/rex/proto/dcerpc/exceptions.rb +151 -0
data/lib/rex/proto/dcerpc/handle.rb +48 -0
data/lib/rex/proto/dcerpc/ndr.rb +73 -0
data/lib/rex/proto/dcerpc/packet.rb +264 -0
data/lib/rex/proto/dcerpc/response.rb +188 -0
data/lib/rex/proto/dcerpc/uuid.rb +85 -0
data/lib/rex/proto/dcerpc/wdscp.rb +3 -0
data/lib/rex/proto/dcerpc/wdscp/constants.rb +89 -0
data/lib/rex/proto/dcerpc/wdscp/packet.rb +94 -0
data/lib/rex/proto/dhcp.rb +7 -0
data/lib/rex/proto/dhcp/constants.rb +34 -0
data/lib/rex/proto/dhcp/server.rb +334 -0
data/lib/rex/proto/drda.rb +6 -0
data/lib/rex/proto/drda/constants.rb +50 -0
data/lib/rex/proto/drda/packet.rb +253 -0
data/lib/rex/proto/drda/utils.rb +124 -0
data/lib/rex/proto/http.rb +7 -0
data/lib/rex/proto/http/client.rb +722 -0
data/lib/rex/proto/http/client_request.rb +472 -0
data/lib/rex/proto/http/handler.rb +47 -0
data/lib/rex/proto/http/handler/erb.rb +129 -0
data/lib/rex/proto/http/handler/proc.rb +61 -0
data/lib/rex/proto/http/header.rb +173 -0
data/lib/rex/proto/http/packet.rb +414 -0
data/lib/rex/proto/http/request.rb +354 -0
data/lib/rex/proto/http/response.rb +151 -0
data/lib/rex/proto/http/server.rb +385 -0
data/lib/rex/proto/iax2.rb +2 -0
data/lib/rex/proto/iax2/call.rb +326 -0
data/lib/rex/proto/iax2/client.rb +218 -0
data/lib/rex/proto/iax2/codecs.rb +5 -0
data/lib/rex/proto/iax2/codecs/alaw.rb +16 -0
data/lib/rex/proto/iax2/codecs/g711.rb +2176 -0
data/lib/rex/proto/iax2/codecs/mulaw.rb +17 -0
data/lib/rex/proto/iax2/constants.rb +262 -0
data/lib/rex/proto/ipmi.rb +57 -0
data/lib/rex/proto/ipmi/channel_auth_reply.rb +89 -0
data/lib/rex/proto/ipmi/open_session_reply.rb +36 -0
data/lib/rex/proto/ipmi/rakp2.rb +36 -0
data/lib/rex/proto/ipmi/utils.rb +125 -0
data/lib/rex/proto/natpmp.rb +7 -0
data/lib/rex/proto/natpmp/constants.rb +19 -0
data/lib/rex/proto/natpmp/packet.rb +45 -0
data/lib/rex/proto/ntlm.rb +8 -0
data/lib/rex/proto/ntlm/base.rb +327 -0
data/lib/rex/proto/ntlm/constants.rb +75 -0
data/lib/rex/proto/ntlm/crypt.rb +412 -0
data/lib/rex/proto/ntlm/exceptions.rb +17 -0
data/lib/rex/proto/ntlm/message.rb +534 -0
data/lib/rex/proto/ntlm/utils.rb +765 -0
data/lib/rex/proto/ntp.rb +3 -0
data/lib/rex/proto/ntp/constants.rb +12 -0
data/lib/rex/proto/ntp/modes.rb +130 -0
data/lib/rex/proto/pjl.rb +31 -0
data/lib/rex/proto/pjl/client.rb +163 -0
data/lib/rex/proto/proxy/socks4a.rb +441 -0
data/lib/rex/proto/rfb.rb +13 -0
data/lib/rex/proto/rfb/cipher.rb +82 -0
data/lib/rex/proto/rfb/client.rb +205 -0
data/lib/rex/proto/rfb/constants.rb +50 -0
data/lib/rex/proto/sip.rb +4 -0
data/lib/rex/proto/sip/response.rb +61 -0
data/lib/rex/proto/smb.rb +8 -0
data/lib/rex/proto/smb/client.rb +2064 -0
data/lib/rex/proto/smb/constants.rb +1064 -0
data/lib/rex/proto/smb/crypt.rb +37 -0
data/lib/rex/proto/smb/evasions.rb +67 -0
data/lib/rex/proto/smb/exceptions.rb +867 -0
data/lib/rex/proto/smb/simpleclient.rb +173 -0
data/lib/rex/proto/smb/simpleclient/open_file.rb +106 -0
data/lib/rex/proto/smb/simpleclient/open_pipe.rb +57 -0
data/lib/rex/proto/smb/utils.rb +104 -0
data/lib/rex/proto/sunrpc.rb +2 -0
data/lib/rex/proto/sunrpc/client.rb +196 -0
data/lib/rex/proto/tftp.rb +13 -0
data/lib/rex/proto/tftp/client.rb +344 -0
data/lib/rex/proto/tftp/constants.rb +39 -0
data/lib/rex/proto/tftp/server.rb +497 -0
data/lib/rex/random_identifier_generator.rb +177 -0
data/lib/rex/registry.rb +14 -0
data/lib/rex/registry/hive.rb +132 -0
data/lib/rex/registry/lfkey.rb +51 -0
data/lib/rex/registry/nodekey.rb +54 -0
data/lib/rex/registry/regf.rb +25 -0
data/lib/rex/registry/valuekey.rb +67 -0
data/lib/rex/registry/valuelist.rb +29 -0
data/lib/rex/ropbuilder.rb +8 -0
data/lib/rex/ropbuilder/rop.rb +271 -0
data/lib/rex/script.rb +42 -0
data/lib/rex/script/base.rb +61 -0
data/lib/rex/script/meterpreter.rb +16 -0
data/lib/rex/script/shell.rb +10 -0
data/lib/rex/service.rb +49 -0
data/lib/rex/service_manager.rb +154 -0
data/lib/rex/services/local_relay.rb +424 -0
data/lib/rex/socket.rb +788 -0
data/lib/rex/socket/comm.rb +120 -0
data/lib/rex/socket/comm/local.rb +526 -0
data/lib/rex/socket/ip.rb +132 -0
data/lib/rex/socket/parameters.rb +363 -0
data/lib/rex/socket/range_walker.rb +470 -0
data/lib/rex/socket/ssl_tcp.rb +345 -0
data/lib/rex/socket/ssl_tcp_server.rb +188 -0
data/lib/rex/socket/subnet_walker.rb +76 -0
data/lib/rex/socket/switch_board.rb +289 -0
data/lib/rex/socket/tcp.rb +79 -0
data/lib/rex/socket/tcp_server.rb +67 -0
data/lib/rex/socket/udp.rb +165 -0
data/lib/rex/sslscan/result.rb +201 -0
data/lib/rex/sslscan/scanner.rb +206 -0
data/lib/rex/struct2.rb +5 -0
data/lib/rex/struct2/c_struct.rb +181 -0
data/lib/rex/struct2/c_struct_template.rb +39 -0
data/lib/rex/struct2/constant.rb +26 -0
data/lib/rex/struct2/element.rb +44 -0
data/lib/rex/struct2/generic.rb +73 -0
data/lib/rex/struct2/restraint.rb +54 -0
data/lib/rex/struct2/s_string.rb +72 -0
data/lib/rex/struct2/s_struct.rb +111 -0
data/lib/rex/sync.rb +6 -0
data/lib/rex/sync/event.rb +85 -0
data/lib/rex/sync/read_write_lock.rb +177 -0
data/lib/rex/sync/ref.rb +58 -0
data/lib/rex/sync/thread_safe.rb +83 -0
data/lib/rex/text.rb +1813 -0
data/lib/rex/thread_factory.rb +43 -0
data/lib/rex/time.rb +66 -0
data/lib/rex/transformer.rb +116 -0
data/lib/rex/ui.rb +22 -0
data/lib/rex/ui/interactive.rb +304 -0
data/lib/rex/ui/output.rb +85 -0
data/lib/rex/ui/output/none.rb +19 -0
data/lib/rex/ui/progress_tracker.rb +97 -0
data/lib/rex/ui/subscriber.rb +160 -0
data/lib/rex/ui/text/color.rb +98 -0
data/lib/rex/ui/text/dispatcher_shell.rb +538 -0
data/lib/rex/ui/text/input.rb +119 -0
data/lib/rex/ui/text/input/buffer.rb +79 -0
data/lib/rex/ui/text/input/readline.rb +129 -0
data/lib/rex/ui/text/input/socket.rb +96 -0
data/lib/rex/ui/text/input/stdio.rb +46 -0
data/lib/rex/ui/text/irb_shell.rb +62 -0
data/lib/rex/ui/text/output.rb +86 -0
data/lib/rex/ui/text/output/buffer.rb +62 -0
data/lib/rex/ui/text/output/buffer/stdout.rb +26 -0
data/lib/rex/ui/text/output/file.rb +44 -0
data/lib/rex/ui/text/output/socket.rb +44 -0
data/lib/rex/ui/text/output/stdio.rb +53 -0
data/lib/rex/ui/text/output/tee.rb +56 -0
data/lib/rex/ui/text/progress_tracker.rb +57 -0
data/lib/rex/ui/text/shell.rb +403 -0
data/lib/rex/ui/text/table.rb +346 -0
data/lib/rex/zip.rb +96 -0
data/lib/rex/zip/archive.rb +130 -0
data/lib/rex/zip/blocks.rb +184 -0
data/lib/rex/zip/entry.rb +122 -0
data/lib/rex/zip/jar.rb +283 -0
data/lib/rex/zip/samples/comment.rb +32 -0
data/lib/rex/zip/samples/mkwar.rb +138 -0
data/lib/rex/zip/samples/mkzip.rb +19 -0
data/lib/rex/zip/samples/recursive.rb +58 -0
metadata +536 -0

@@ -0,0 +1,124 @@
+# -*- coding: binary -*-
+#
+# Log severities
+#
+LOG_ERROR = 'error'
+LOG_DEBUG = 'debug'
+LOG_INFO  = 'info'
+LOG_WARN  = 'warn'
+LOG_RAW   = 'raw'
+##
+#
+# Log levels
+#
+##
+#
+# LEV_0 - Default
+#
+# This log level is the default log level if none is specified.  It should be
+# used when a log message should always be displayed when logging is enabled.
+# Very few log messages should occur at this level aside from necessary
+# information logging and error/warning logging.  Debug logging at level zero
+# is not advised.
+#
+LEV_0     = 0
+#
+# LEV_1 - Extra
+#
+# This log level should be used when extra information may be needed to
+# understand the cause of an error or warning message or to get debugging
+# information that might give clues as to why something is happening.  This
+# log level should be used only when information may be useful to understanding
+# the behavior of something at a basic level.  This log level should not be
+# used in an exhaustively verbose fashion.
+#
+LEV_1     = 1
+#
+# LEV_2 - Verbose
+#
+# This log level should be used when verbose information may be needed to
+# analyze the behavior of the framework.  This should be the default log
+# level for all detailed information not falling into LEV_0 or LEV_1.
+# It is recommended that this log level be used by default if you are
+# unsure.
+#
+LEV_2     = 2
+#
+# LEV_3 - Insanity
+#
+# This log level should contain very verbose information about the
+# behavior of the framework, such as detailed information about variable
+# states at certain phases including, but not limited to, loop iterations,
+# function calls, and so on.  This log level will rarely be displayed,
+# but when it is the information provided should make it easy to analyze
+# any problem.
+#
+LEV_3     = 3
+#
+# Architecture constants
+#
+ARCH_ANY     = '_any_'
+ARCH_X86     = 'x86'
+ARCH_X86_64  = 'x86_64'
+ARCH_X64     = 'x64' # To be used for compatability with ARCH_X86_64
+ARCH_MIPS    = 'mips'
+ARCH_MIPSLE  = 'mipsle'
+ARCH_MIPSBE  = 'mipsbe'
+ARCH_PPC     = 'ppc'
+ARCH_PPC64   = 'ppc64'
+ARCH_CBEA    = 'cbea'
+ARCH_CBEA64  = 'cbea64'
+ARCH_SPARC   = 'sparc'
+ARCH_CMD     = 'cmd'
+ARCH_PHP     = 'php'
+ARCH_TTY     = 'tty'
+ARCH_ARMLE   = 'armle'
+ARCH_ARMBE   = 'armbe'
+ARCH_JAVA    = 'java'
+ARCH_RUBY    = 'ruby'
+ARCH_DALVIK  = 'dalvik'
+ARCH_PYTHON  = 'python'
+ARCH_NODEJS  = 'nodejs'
+ARCH_FIREFOX = 'firefox'
+ARCH_TYPES   =
+  [
+    ARCH_X86,
+    ARCH_X86_64,
+    ARCH_MIPS,
+    ARCH_MIPSLE,
+    ARCH_MIPSBE,
+    ARCH_PPC,
+    ARCH_PPC64,
+    ARCH_CBEA,
+    ARCH_CBEA64,
+    ARCH_SPARC,
+    ARCH_ARMLE,
+    ARCH_ARMBE,
+    ARCH_CMD,
+    ARCH_PHP,
+    ARCH_TTY,
+    ARCH_JAVA,
+    ARCH_RUBY,
+    ARCH_DALVIK,
+    ARCH_PYTHON,
+    ARCH_NODEJS,
+    ARCH_FIREFOX
+  ]
+ARCH_ALL = ARCH_TYPES
+#
+# Endian constants
+#
+ENDIAN_LITTLE = 0
+ENDIAN_BIG    = 1
+IS_ENDIAN_LITTLE = ( [1].pack('s') == "\x01\x00" ) ? true : false
+IS_ENDIAN_BIG    = ( not IS_ENDIAN_LITTLE )

data/lib/rex/elfparsey.rb ADDED

@@ -0,0 +1,9 @@
+# -*- coding: binary -*-
+module Rex
+module ElfParsey
+end
+end
+require 'rex/elfparsey/elf'

data/lib/rex/elfparsey/elf.rb ADDED

@@ -0,0 +1,121 @@
+# -*- coding: binary -*-
+require 'rex/elfparsey/elfbase'
+require 'rex/elfparsey/exceptions'
+require 'rex/image_source'
+module Rex
+module ElfParsey
+class Elf < ElfBase
+  attr_accessor :elf_header, :program_header, :base_addr, :isource
+  def initialize(isource)
+    offset = 0
+    base_addr = 0
+    # ELF Header
+    elf_header = ElfHeader.new(isource.read(offset, ELF_HEADER_SIZE))
+    # Data encoding
+    ei_data = elf_header.e_ident[EI_DATA,1].unpack("C")[0]
+    e_phoff = elf_header.e_phoff
+    e_phentsize = elf_header.e_phentsize
+    e_phnum = elf_header.e_phnum
+    # Program Header Table
+    program_header = []
+    e_phnum.times do |i|
+      offset = e_phoff + (e_phentsize * i)
+      program_header << ProgramHeader.new(
+        isource.read(offset, PROGRAM_HEADER_SIZE), ei_data
+      )
+      if program_header[-1].p_type == PT_LOAD && base_addr == 0
+        base_addr = program_header[-1].p_vaddr
+      end
+    end
+    self.elf_header = elf_header
+    self.program_header = program_header
+    self.base_addr = base_addr
+    self.isource = isource
+  end
+  def self.new_from_file(filename, disk_backed = false)
+    file = ::File.new(filename)
+    # file.binmode # windows... :\
+    if disk_backed
+      return self.new(ImageSource::Disk.new(file))
+    else
+      obj = new_from_string(file.read)
+      file.close
+      return obj
+    end
+  end
+  def self.new_from_string(data)
+    return self.new(ImageSource::Memory.new(data))
+  end
+  #
+  # Returns true if this binary is for a 64-bit architecture.
+  #
+  def ptr_64?
+    unless [ ELFCLASS32, ELFCLASS64 ].include?(
+    elf_header.e_ident[EI_CLASS,1].unpack("C*")[0])
+      raise ElfHeaderError, 'Invalid class', caller
+    end
+    elf_header.e_ident[EI_CLASS,1].unpack("C*")[0] == ELFCLASS64
+  end
+  #
+  # Returns true if this binary is for a 32-bit architecture.
+  # This check does not take into account 16-bit binaries at the moment.
+  #
+  def ptr_32?
+    ptr_64? == false
+  end
+  #
+  # Converts a virtual address to a string representation based on the
+  # underlying architecture.
+  #
+  def ptr_s(rva)
+    (ptr_32?) ? ("0x%.8x" % rva) : ("0x%.16x" % rva)
+  end
+  def offset_to_rva(offset)
+    base_addr + offset
+  end
+  def rva_to_offset(rva)
+    rva - base_addr
+  end
+  def read(offset, len)
+    isource.read(offset, len)
+  end
+  def read_rva(rva, len)
+    isource.read(rva_to_offset(rva), len)
+  end
+  def index(*args)
+    isource.index(*args)
+  end
+  def close
+    isource.close
+  end
+end
+end
+end

data/lib/rex/elfparsey/elfbase.rb ADDED

@@ -0,0 +1,256 @@
+# -*- coding: binary -*-
+require 'rex/struct2'
+module Rex
+module ElfParsey
+class ElfBase
+  # ELF Header
+  ELF_HEADER_SIZE = 52
+  EI_NIDENT = 16
+  ELF32_EHDR_LSB = Rex::Struct2::CStructTemplate.new(
+    [ 'string',  'e_ident',     EI_NIDENT, '' ],
+    [ 'uint16v', 'e_type',      0 ],
+    [ 'uint16v', 'e_machine',   0 ],
+    [ 'uint32v', 'e_version',   0 ],
+    [ 'uint32v', 'e_entry',     0 ],
+    [ 'uint32v', 'e_phoff',     0 ],
+    [ 'uint32v', 'e_shoff',     0 ],
+    [ 'uint32v', 'e_flags',     0 ],
+    [ 'uint16v', 'e_ehsize',    0 ],
+    [ 'uint16v', 'e_phentsize', 0 ],
+    [ 'uint16v', 'e_phnum',     0 ],
+    [ 'uint16v', 'e_shentsize', 0 ],
+    [ 'uint16v', 'e_shnum',     0 ],
+    [ 'uint16v', 'e_shstrndx',  0 ]
+  )
+  ELF32_EHDR_MSB = Rex::Struct2::CStructTemplate.new(
+    [ 'string',  'e_ident',     EI_NIDENT, '' ],
+    [ 'uint16n', 'e_type',      0 ],
+    [ 'uint16n', 'e_machine',   0 ],
+    [ 'uint32n', 'e_version',   0 ],
+    [ 'uint32n', 'e_entry',     0 ],
+    [ 'uint32n', 'e_phoff',     0 ],
+    [ 'uint32n', 'e_shoff',     0 ],
+    [ 'uint32n', 'e_flags',     0 ],
+    [ 'uint16n', 'e_ehsize',    0 ],
+    [ 'uint16n', 'e_phentsize', 0 ],
+    [ 'uint16n', 'e_phnum',     0 ],
+    [ 'uint16n', 'e_shentsize', 0 ],
+    [ 'uint16n', 'e_shnum',     0 ],
+    [ 'uint16n', 'e_shstrndx',  0 ]
+  )
+  # e_type  This member identifies the object file type
+  ET_NONE   = 0       # No file type
+  ET_REL    = 1       # Relocatable file
+  ET_EXEC   = 2       # Executable file
+  ET_DYN    = 3       # Shared object file
+  ET_CORE   = 4       # Core file
+  ET_LOPROC = 0xff00  # Processor-specific
+  ET_HIPROC = 0xffff  # Processor-specific
+  #
+  # e_machine  This member's value specifies the required architecture for an
+  # individual file.
+  #
+  # ET_NONE        = 0   # No machine
+  EM_M32         = 1   # AT&T WE 32100
+  EM_SPARC       = 2   # SPARC
+  EM_386         = 3   # Intel Architecture
+  EM_68K         = 4   # Motorola 68000
+  EM_88K         = 5   # Motorola 88000
+  EM_860         = 7   # Intel 80860
+  EM_MIPS        = 8   # MIPS RS3000 Big-Endian
+  EM_MIPS_RS4_BE = 10  # MIPS RS4000 Big-Endian
+  # e_version  This member identifies the object file version
+  EV_NONE    = 0  # Invalid version
+  EV_CURRENT = 1  # Current version
+  # ELF Identification
+  # e_ident[]  Identification indexes
+  EI_MAG0    = 0   # File identification
+  EI_MAG1    = 1   # File identification
+  EI_MAG2    = 2   # File identification
+  EI_MAG3    = 3   # File identification
+  EI_CLASS   = 4   # File class
+  EI_DATA    = 5   # Data encoding
+  EI_VERSION = 6   # File version
+  EI_PAD     = 7   # Start of padding bytes
+  # EI_NIDENT  = 16  # Size of e_ident[]
+  #
+  # EI_MAG0 to EI_MAG3  A file's first 4 bytes hold a "magic number",
+  # identifying the file as an ELF object file.
+  #
+  ELFMAG0 = 0x7f  # e_ident[EI_MAG0]
+  ELFMAG1 = ?E   # e_ident[EI_MAG1]
+  ELFMAG2 = ?L   # e_ident[EI_MAG2]
+  ELFMAG3 = ?F   # e_ident[EI_MAG3]
+  ELFMAG = ELFMAG0.chr + ELFMAG1.chr + ELFMAG2.chr + ELFMAG3.chr
+  # EI_CLASS  Identifies the file's class, or capacity
+  ELFCLASSNONE = 0  # Invalid class
+  ELFCLASS32   = 1  # 32-bit objects
+  ELFCLASS64   = 2  # 64-bit objects
+  #
+  # EI_DATA  Specifies the data encoding of the processor-specific data in
+  # the object file. The following encodings are currently defined.
+  #
+  ELFDATANONE = 0  # Invalid data encoding
+  ELFDATA2LSB = 1  # Least significant byte first
+  ELFDATA2MSB = 2  # Most significant byte first
+  class GenericStruct
+    attr_accessor :struct
+    def initialize(_struct)
+      self.struct = _struct
+    end
+    # The following methods are just pass-throughs for struct
+    # Access a value
+    def v
+      struct.v
+    end
+    # Access a value by array
+    def [](*args)
+      struct[*args]
+    end
+    # Obtain an array of all fields
+    def keys
+      struct.keys
+    end
+    def method_missing(meth, *args)
+      v[meth.to_s] || (raise NoMethodError.new, meth)
+    end
+  end
+  class GenericHeader < GenericStruct
+  end
+  class ElfHeader < GenericHeader
+    def initialize(rawdata)
+      # Identify the data encoding and parse ELF Header
+      elf_header = ELF32_EHDR_LSB.make_struct
+      if !elf_header.from_s(rawdata)
+        raise ElfHeaderError, "Couldn't parse ELF Header", caller
+      end
+      if elf_header.v['e_ident'][EI_DATA,1].unpack('C')[0] == ELFDATA2MSB
+        elf_header = ELF32_EHDR_MSB.make_struct
+        if !elf_header.from_s(rawdata)
+          raise ElfHeaderError, "Couldn't parse ELF Header", caller
+        end
+      end
+      unless [ ELFDATA2LSB, ELFDATA2MSB ].include?(
+      elf_header.v['e_ident'][EI_DATA,1].unpack('C')[0])
+        raise ElfHeaderError, "Invalid data encoding", caller
+      end
+      # Identify the file as an ELF object file
+      unless elf_header.v['e_ident'][EI_MAG0, 4] == ELFMAG
+        raise ElfHeaderError, 'Invalid magic number', caller
+      end
+      self.struct = elf_header
+    end
+    def e_ident
+      struct.v['e_ident']
+    end
+  end
+  # Program Header
+  PROGRAM_HEADER_SIZE = 32
+  ELF32_PHDR_LSB = Rex::Struct2::CStructTemplate.new(
+    [ 'uint32v', 'p_type',   0 ],
+    [ 'uint32v', 'p_offset', 0 ],
+    [ 'uint32v', 'p_vaddr',  0 ],
+    [ 'uint32v', 'p_paddr',  0 ],
+    [ 'uint32v', 'p_filesz', 0 ],
+    [ 'uint32v', 'p_memsz',  0 ],
+    [ 'uint32v', 'p_flags',  0 ],
+    [ 'uint32v', 'p_align',  0 ]
+  )
+  ELF32_PHDR_MSB = Rex::Struct2::CStructTemplate.new(
+    [ 'uint32n', 'p_type',   0 ],
+    [ 'uint32n', 'p_offset', 0 ],
+    [ 'uint32n', 'p_vaddr',  0 ],
+    [ 'uint32n', 'p_paddr',  0 ],
+    [ 'uint32n', 'p_filesz', 0 ],
+    [ 'uint32n', 'p_memsz',  0 ],
+    [ 'uint32n', 'p_flags',  0 ],
+    [ 'uint32n', 'p_align',  0 ]
+  )
+  #
+  # p_type  This member tells what kind of segment this array element
+  # describes or how to interpret the array element's information.
+  #
+  # Segment Types
+  PT_NULL    = 0
+  PT_LOAD    = 1
+  PT_DYNAMIC = 2
+  PT_INTERP  = 3
+  PT_NOTE    = 4
+  PT_SHLIB   = 5
+  PT_PHDR    = 6
+  PT_LOPROC  = 0x70000000
+  PT_HIPROC  = 0x7fffffff
+  class ProgramHeader < GenericHeader
+    def initialize(rawdata, ei_data)
+      # Identify the data encoding and parse Program Header
+      if ei_data == ELFDATA2LSB
+        program_header = ELF32_PHDR_LSB.make_struct
+      elsif ei_data == ELFDATA2MSB
+        program_header = ELF32_PHDR_MSB.make_struct
+      else
+        raise ElfHeaderError, "Invalid data encoding", caller
+      end
+      if !program_header.from_s(rawdata)
+        raise ProgramHeaderError, "Couldn't parse Program Header", caller
+      end
+      self.struct = program_header
+    end
+  end
+end
+end
+end