librex 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README +4 -0
- data/lib/rex.rb +101 -0
- data/lib/rex.rb.ts.rb +70 -0
- data/lib/rex/LICENSE +29 -0
- data/lib/rex/arch.rb +103 -0
- data/lib/rex/arch/sparc.rb +75 -0
- data/lib/rex/arch/sparc.rb.ut.rb +18 -0
- data/lib/rex/arch/x86.rb +513 -0
- data/lib/rex/arch/x86.rb.ut.rb +93 -0
- data/lib/rex/assembly/nasm.rb +100 -0
- data/lib/rex/assembly/nasm.rb.ut.rb +22 -0
- data/lib/rex/codepage.map +104 -0
- data/lib/rex/compat.rb +281 -0
- data/lib/rex/constants.rb +113 -0
- data/lib/rex/elfparsey.rb +11 -0
- data/lib/rex/elfparsey/elf.rb +123 -0
- data/lib/rex/elfparsey/elfbase.rb +260 -0
- data/lib/rex/elfparsey/exceptions.rb +27 -0
- data/lib/rex/elfscan.rb +12 -0
- data/lib/rex/elfscan/scanner.rb +207 -0
- data/lib/rex/elfscan/search.rb +46 -0
- data/lib/rex/encoder/alpha2.rb +31 -0
- data/lib/rex/encoder/alpha2/alpha_mixed.rb +68 -0
- data/lib/rex/encoder/alpha2/alpha_upper.rb +79 -0
- data/lib/rex/encoder/alpha2/generic.rb +113 -0
- data/lib/rex/encoder/alpha2/unicode_mixed.rb +117 -0
- data/lib/rex/encoder/alpha2/unicode_upper.rb +129 -0
- data/lib/rex/encoder/ndr.rb +89 -0
- data/lib/rex/encoder/ndr.rb.ut.rb +44 -0
- data/lib/rex/encoder/nonalpha.rb +61 -0
- data/lib/rex/encoder/nonupper.rb +64 -0
- data/lib/rex/encoder/xdr.rb +106 -0
- data/lib/rex/encoder/xdr.rb.ut.rb +29 -0
- data/lib/rex/encoder/xor.rb +69 -0
- data/lib/rex/encoder/xor/dword.rb +13 -0
- data/lib/rex/encoder/xor/dword_additive.rb +13 -0
- data/lib/rex/encoders/xor_dword.rb +35 -0
- data/lib/rex/encoders/xor_dword_additive.rb +53 -0
- data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +12 -0
- data/lib/rex/encoding/xor.rb +20 -0
- data/lib/rex/encoding/xor.rb.ts.rb +14 -0
- data/lib/rex/encoding/xor/byte.rb +15 -0
- data/lib/rex/encoding/xor/byte.rb.ut.rb +21 -0
- data/lib/rex/encoding/xor/dword.rb +21 -0
- data/lib/rex/encoding/xor/dword.rb.ut.rb +15 -0
- data/lib/rex/encoding/xor/dword_additive.rb +92 -0
- data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +15 -0
- data/lib/rex/encoding/xor/exceptions.rb +17 -0
- data/lib/rex/encoding/xor/generic.rb +146 -0
- data/lib/rex/encoding/xor/generic.rb.ut.rb +120 -0
- data/lib/rex/encoding/xor/qword.rb +15 -0
- data/lib/rex/encoding/xor/word.rb +21 -0
- data/lib/rex/encoding/xor/word.rb.ut.rb +13 -0
- data/lib/rex/exceptions.rb +275 -0
- data/lib/rex/exceptions.rb.ut.rb +44 -0
- data/lib/rex/exploitation/cmdstager.rb +133 -0
- data/lib/rex/exploitation/egghunter.rb +143 -0
- data/lib/rex/exploitation/egghunter.rb.ut.rb +25 -0
- data/lib/rex/exploitation/encryptjs.rb +77 -0
- data/lib/rex/exploitation/heaplib.js.b64 +331 -0
- data/lib/rex/exploitation/heaplib.rb +94 -0
- data/lib/rex/exploitation/javascriptosdetect.rb +735 -0
- data/lib/rex/exploitation/obfuscatejs.rb +335 -0
- data/lib/rex/exploitation/opcodedb.rb +818 -0
- data/lib/rex/exploitation/opcodedb.rb.ut.rb +279 -0
- data/lib/rex/exploitation/seh.rb +92 -0
- data/lib/rex/exploitation/seh.rb.ut.rb +19 -0
- data/lib/rex/file.rb +84 -0
- data/lib/rex/file.rb.ut.rb +16 -0
- data/lib/rex/image_source.rb +12 -0
- data/lib/rex/image_source/disk.rb +60 -0
- data/lib/rex/image_source/image_source.rb +46 -0
- data/lib/rex/image_source/memory.rb +37 -0
- data/lib/rex/io/bidirectional_pipe.rb +157 -0
- data/lib/rex/io/datagram_abstraction.rb +35 -0
- data/lib/rex/io/stream.rb +313 -0
- data/lib/rex/io/stream_abstraction.rb +186 -0
- data/lib/rex/io/stream_server.rb +211 -0
- data/lib/rex/job_container.rb +202 -0
- data/lib/rex/logging.rb +4 -0
- data/lib/rex/logging/log_dispatcher.rb +179 -0
- data/lib/rex/logging/log_sink.rb +42 -0
- data/lib/rex/logging/sinks/flatfile.rb +55 -0
- data/lib/rex/logging/sinks/stderr.rb +43 -0
- data/lib/rex/machparsey.rb +9 -0
- data/lib/rex/machparsey/exceptions.rb +34 -0
- data/lib/rex/machparsey/mach.rb +209 -0
- data/lib/rex/machparsey/machbase.rb +408 -0
- data/lib/rex/machscan.rb +9 -0
- data/lib/rex/machscan/scanner.rb +217 -0
- data/lib/rex/mime.rb +9 -0
- data/lib/rex/mime/header.rb +75 -0
- data/lib/rex/mime/message.rb +112 -0
- data/lib/rex/mime/part.rb +20 -0
- data/lib/rex/nop/opty2.rb +108 -0
- data/lib/rex/nop/opty2.rb.ut.rb +23 -0
- data/lib/rex/nop/opty2_tables.rb +300 -0
- data/lib/rex/ole.rb +128 -0
- data/lib/rex/ole/clsid.rb +47 -0
- data/lib/rex/ole/difat.rb +141 -0
- data/lib/rex/ole/directory.rb +230 -0
- data/lib/rex/ole/direntry.rb +240 -0
- data/lib/rex/ole/fat.rb +99 -0
- data/lib/rex/ole/header.rb +204 -0
- data/lib/rex/ole/minifat.rb +77 -0
- data/lib/rex/ole/samples/create_ole.rb +27 -0
- data/lib/rex/ole/samples/dir.rb +35 -0
- data/lib/rex/ole/samples/dump_stream.rb +34 -0
- data/lib/rex/ole/samples/ole_info.rb +23 -0
- data/lib/rex/ole/storage.rb +395 -0
- data/lib/rex/ole/stream.rb +53 -0
- data/lib/rex/ole/substorage.rb +49 -0
- data/lib/rex/ole/util.rb +157 -0
- data/lib/rex/parser/arguments.rb +97 -0
- data/lib/rex/parser/arguments.rb.ut.rb +67 -0
- data/lib/rex/parser/ini.rb +185 -0
- data/lib/rex/parser/ini.rb.ut.rb +29 -0
- data/lib/rex/parser/nmap_xml.rb +111 -0
- data/lib/rex/payloads.rb +1 -0
- data/lib/rex/payloads/win32.rb +2 -0
- data/lib/rex/payloads/win32/common.rb +26 -0
- data/lib/rex/payloads/win32/kernel.rb +53 -0
- data/lib/rex/payloads/win32/kernel/common.rb +54 -0
- data/lib/rex/payloads/win32/kernel/migration.rb +12 -0
- data/lib/rex/payloads/win32/kernel/recovery.rb +50 -0
- data/lib/rex/payloads/win32/kernel/stager.rb +171 -0
- data/lib/rex/peparsey.rb +12 -0
- data/lib/rex/peparsey/exceptions.rb +32 -0
- data/lib/rex/peparsey/pe.rb +188 -0
- data/lib/rex/peparsey/pe_memdump.rb +63 -0
- data/lib/rex/peparsey/pebase.rb +1655 -0
- data/lib/rex/peparsey/section.rb +136 -0
- data/lib/rex/pescan.rb +13 -0
- data/lib/rex/pescan/analyze.rb +309 -0
- data/lib/rex/pescan/scanner.rb +206 -0
- data/lib/rex/pescan/search.rb +56 -0
- data/lib/rex/platforms.rb +1 -0
- data/lib/rex/platforms/windows.rb +51 -0
- data/lib/rex/poly.rb +132 -0
- data/lib/rex/poly/block.rb +468 -0
- data/lib/rex/poly/register.rb +100 -0
- data/lib/rex/poly/register/x86.rb +40 -0
- data/lib/rex/post.rb +8 -0
- data/lib/rex/post/dir.rb +51 -0
- data/lib/rex/post/file.rb +172 -0
- data/lib/rex/post/file_stat.rb +220 -0
- data/lib/rex/post/gen.pl +13 -0
- data/lib/rex/post/io.rb +182 -0
- data/lib/rex/post/meterpreter.rb +4 -0
- data/lib/rex/post/meterpreter/channel.rb +438 -0
- data/lib/rex/post/meterpreter/channel_container.rb +54 -0
- data/lib/rex/post/meterpreter/channels/pool.rb +160 -0
- data/lib/rex/post/meterpreter/channels/pools/file.rb +62 -0
- data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +103 -0
- data/lib/rex/post/meterpreter/channels/stream.rb +87 -0
- data/lib/rex/post/meterpreter/client.rb +335 -0
- data/lib/rex/post/meterpreter/client_core.rb +274 -0
- data/lib/rex/post/meterpreter/dependencies.rb +3 -0
- data/lib/rex/post/meterpreter/extension.rb +32 -0
- data/lib/rex/post/meterpreter/extensions/espia/espia.rb +58 -0
- data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +16 -0
- data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +94 -0
- data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +21 -0
- data/lib/rex/post/meterpreter/extensions/priv/fs.rb +118 -0
- data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +61 -0
- data/lib/rex/post/meterpreter/extensions/priv/priv.rb +104 -0
- data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +28 -0
- data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +100 -0
- data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +24 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +333 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +273 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +235 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +103 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +48 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +144 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +73 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +56 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +137 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +167 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +167 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +192 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +139 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +97 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +184 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +41 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +61 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +361 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +129 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +55 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +336 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +141 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +279 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +182 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +102 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +174 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +185 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +227 -0
- data/lib/rex/post/meterpreter/inbound_packet_handler.rb +30 -0
- data/lib/rex/post/meterpreter/object_aliases.rb +83 -0
- data/lib/rex/post/meterpreter/packet.rb +596 -0
- data/lib/rex/post/meterpreter/packet_dispatcher.rb +409 -0
- data/lib/rex/post/meterpreter/packet_parser.rb +94 -0
- data/lib/rex/post/meterpreter/packet_response_waiter.rb +83 -0
- data/lib/rex/post/meterpreter/ui/console.rb +135 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +62 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +595 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +108 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +241 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +61 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +98 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +51 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +132 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +187 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +63 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +376 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +270 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +484 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +315 -0
- data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +95 -0
- data/lib/rex/post/permission.rb +26 -0
- data/lib/rex/post/process.rb +57 -0
- data/lib/rex/post/thread.rb +57 -0
- data/lib/rex/post/ui.rb +52 -0
- data/lib/rex/proto.rb +12 -0
- data/lib/rex/proto.rb.ts.rb +8 -0
- data/lib/rex/proto/dcerpc.rb +6 -0
- data/lib/rex/proto/dcerpc.rb.ts.rb +9 -0
- data/lib/rex/proto/dcerpc/client.rb +358 -0
- data/lib/rex/proto/dcerpc/client.rb.ut.rb +491 -0
- data/lib/rex/proto/dcerpc/exceptions.rb +150 -0
- data/lib/rex/proto/dcerpc/handle.rb +47 -0
- data/lib/rex/proto/dcerpc/handle.rb.ut.rb +85 -0
- data/lib/rex/proto/dcerpc/ndr.rb +72 -0
- data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +41 -0
- data/lib/rex/proto/dcerpc/packet.rb +253 -0
- data/lib/rex/proto/dcerpc/packet.rb.ut.rb +56 -0
- data/lib/rex/proto/dcerpc/response.rb +186 -0
- data/lib/rex/proto/dcerpc/response.rb.ut.rb +15 -0
- data/lib/rex/proto/dcerpc/uuid.rb +84 -0
- data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +46 -0
- data/lib/rex/proto/drda.rb +5 -0
- data/lib/rex/proto/drda.rb.ts.rb +17 -0
- data/lib/rex/proto/drda/constants.rb +49 -0
- data/lib/rex/proto/drda/constants.rb.ut.rb +23 -0
- data/lib/rex/proto/drda/packet.rb +252 -0
- data/lib/rex/proto/drda/packet.rb.ut.rb +109 -0
- data/lib/rex/proto/drda/utils.rb +123 -0
- data/lib/rex/proto/drda/utils.rb.ut.rb +84 -0
- data/lib/rex/proto/http.rb +5 -0
- data/lib/rex/proto/http.rb.ts.rb +12 -0
- data/lib/rex/proto/http/client.rb +817 -0
- data/lib/rex/proto/http/client.rb.ut.rb +93 -0
- data/lib/rex/proto/http/handler.rb +46 -0
- data/lib/rex/proto/http/handler/erb.rb +128 -0
- data/lib/rex/proto/http/handler/erb.rb.ut.rb +21 -0
- data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +1 -0
- data/lib/rex/proto/http/handler/proc.rb +54 -0
- data/lib/rex/proto/http/handler/proc.rb.ut.rb +24 -0
- data/lib/rex/proto/http/header.rb +161 -0
- data/lib/rex/proto/http/header.rb.ut.rb +46 -0
- data/lib/rex/proto/http/packet.rb +394 -0
- data/lib/rex/proto/http/packet.rb.ut.rb +165 -0
- data/lib/rex/proto/http/request.rb +356 -0
- data/lib/rex/proto/http/request.rb.ut.rb +214 -0
- data/lib/rex/proto/http/response.rb +85 -0
- data/lib/rex/proto/http/response.rb.ut.rb +149 -0
- data/lib/rex/proto/http/server.rb +367 -0
- data/lib/rex/proto/http/server.rb.ut.rb +79 -0
- data/lib/rex/proto/smb.rb +7 -0
- data/lib/rex/proto/smb.rb.ts.rb +8 -0
- data/lib/rex/proto/smb/client.rb +1733 -0
- data/lib/rex/proto/smb/client.rb.ut.rb +223 -0
- data/lib/rex/proto/smb/constants.rb +1062 -0
- data/lib/rex/proto/smb/constants.rb.ut.rb +18 -0
- data/lib/rex/proto/smb/crypt.rb +95 -0
- data/lib/rex/proto/smb/crypt.rb.ut.rb +20 -0
- data/lib/rex/proto/smb/evasions.rb +65 -0
- data/lib/rex/proto/smb/exceptions.rb +846 -0
- data/lib/rex/proto/smb/simpleclient.rb +292 -0
- data/lib/rex/proto/smb/simpleclient.rb.ut.rb +128 -0
- data/lib/rex/proto/smb/utils.rb +514 -0
- data/lib/rex/proto/smb/utils.rb.ut.rb +20 -0
- data/lib/rex/proto/sunrpc.rb +1 -0
- data/lib/rex/proto/sunrpc/client.rb +195 -0
- data/lib/rex/script.rb +42 -0
- data/lib/rex/script/base.rb +59 -0
- data/lib/rex/script/meterpreter.rb +9 -0
- data/lib/rex/script/shell.rb +9 -0
- data/lib/rex/service.rb +48 -0
- data/lib/rex/service_manager.rb +141 -0
- data/lib/rex/service_manager.rb.ut.rb +32 -0
- data/lib/rex/services/local_relay.rb +423 -0
- data/lib/rex/socket.rb +586 -0
- data/lib/rex/socket.rb.ut.rb +86 -0
- data/lib/rex/socket/comm.rb +119 -0
- data/lib/rex/socket/comm/local.rb +409 -0
- data/lib/rex/socket/comm/local.rb.ut.rb +75 -0
- data/lib/rex/socket/ip.rb +129 -0
- data/lib/rex/socket/parameters.rb +345 -0
- data/lib/rex/socket/parameters.rb.ut.rb +51 -0
- data/lib/rex/socket/range_walker.rb +295 -0
- data/lib/rex/socket/range_walker.rb.ut.rb +55 -0
- data/lib/rex/socket/ssl_tcp.rb +184 -0
- data/lib/rex/socket/ssl_tcp.rb.ut.rb +39 -0
- data/lib/rex/socket/ssl_tcp_server.rb +122 -0
- data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +51 -0
- data/lib/rex/socket/subnet_walker.rb +75 -0
- data/lib/rex/socket/subnet_walker.rb.ut.rb +28 -0
- data/lib/rex/socket/switch_board.rb +272 -0
- data/lib/rex/socket/switch_board.rb.ut.rb +52 -0
- data/lib/rex/socket/tcp.rb +76 -0
- data/lib/rex/socket/tcp.rb.ut.rb +64 -0
- data/lib/rex/socket/tcp_server.rb +67 -0
- data/lib/rex/socket/tcp_server.rb.ut.rb +44 -0
- data/lib/rex/socket/udp.rb +157 -0
- data/lib/rex/socket/udp.rb.ut.rb +44 -0
- data/lib/rex/struct2.rb +5 -0
- data/lib/rex/struct2/c_struct.rb +181 -0
- data/lib/rex/struct2/c_struct_template.rb +39 -0
- data/lib/rex/struct2/constant.rb +26 -0
- data/lib/rex/struct2/element.rb +44 -0
- data/lib/rex/struct2/generic.rb +73 -0
- data/lib/rex/struct2/restraint.rb +54 -0
- data/lib/rex/struct2/s_string.rb +72 -0
- data/lib/rex/struct2/s_struct.rb +111 -0
- data/lib/rex/sync.rb +6 -0
- data/lib/rex/sync/event.rb +94 -0
- data/lib/rex/sync/read_write_lock.rb +176 -0
- data/lib/rex/sync/ref.rb +57 -0
- data/lib/rex/sync/thread_safe.rb +82 -0
- data/lib/rex/test.rb +35 -0
- data/lib/rex/text.rb +1029 -0
- data/lib/rex/text.rb.ut.rb +168 -0
- data/lib/rex/time.rb +65 -0
- data/lib/rex/transformer.rb +115 -0
- data/lib/rex/transformer.rb.ut.rb +38 -0
- data/lib/rex/ui.rb +21 -0
- data/lib/rex/ui/interactive.rb +252 -0
- data/lib/rex/ui/output.rb +80 -0
- data/lib/rex/ui/output/none.rb +18 -0
- data/lib/rex/ui/progress_tracker.rb +96 -0
- data/lib/rex/ui/subscriber.rb +149 -0
- data/lib/rex/ui/text/color.rb +97 -0
- data/lib/rex/ui/text/color.rb.ut.rb +18 -0
- data/lib/rex/ui/text/dispatcher_shell.rb +382 -0
- data/lib/rex/ui/text/input.rb +117 -0
- data/lib/rex/ui/text/input/buffer.rb +75 -0
- data/lib/rex/ui/text/input/readline.rb +129 -0
- data/lib/rex/ui/text/input/socket.rb +95 -0
- data/lib/rex/ui/text/input/stdio.rb +45 -0
- data/lib/rex/ui/text/irb_shell.rb +55 -0
- data/lib/rex/ui/text/output.rb +80 -0
- data/lib/rex/ui/text/output/buffer.rb +65 -0
- data/lib/rex/ui/text/output/file.rb +37 -0
- data/lib/rex/ui/text/output/socket.rb +43 -0
- data/lib/rex/ui/text/output/stdio.rb +40 -0
- data/lib/rex/ui/text/progress_tracker.rb +56 -0
- data/lib/rex/ui/text/progress_tracker.rb.ut.rb +34 -0
- data/lib/rex/ui/text/shell.rb +321 -0
- data/lib/rex/ui/text/table.rb +254 -0
- data/lib/rex/ui/text/table.rb.ut.rb +55 -0
- data/lib/rex/zip.rb +93 -0
- data/lib/rex/zip/archive.rb +91 -0
- data/lib/rex/zip/blocks.rb +182 -0
- data/lib/rex/zip/entry.rb +95 -0
- data/lib/rex/zip/samples/comment.rb +32 -0
- data/lib/rex/zip/samples/mkwar.rb +138 -0
- data/lib/rex/zip/samples/mkzip.rb +19 -0
- data/lib/rex/zip/samples/recursive.rb +58 -0
- metadata +435 -0
data/lib/rex/ole.rb
ADDED
@@ -0,0 +1,128 @@
|
|
1
|
+
##
|
2
|
+
# $Id: ole.rb 8457 2010-02-11 18:36:38Z jduck $
|
3
|
+
# Version: $Revision: 8457 $
|
4
|
+
##
|
5
|
+
|
6
|
+
##
|
7
|
+
# Rex::OLE - an OLE implementation
|
8
|
+
# written in 2010 by Joshua J. Drake <jduck [at] metasploit.com>
|
9
|
+
#
|
10
|
+
# License: MSF_LICENSE
|
11
|
+
#
|
12
|
+
#
|
13
|
+
# This module implements Object-Linking-and-Embedding otherwise known as
|
14
|
+
# Compound File Binary File Format or Windows Compound Binary File Format.
|
15
|
+
# OLE is the container format for modern Excel, Word, PowerPoint, and many
|
16
|
+
# other file formats.
|
17
|
+
#
|
18
|
+
# NOTE: This implementation is almost fully compliant with [MS-CFB] v1.1
|
19
|
+
#
|
20
|
+
#
|
21
|
+
# SUPPORTS:
|
22
|
+
#
|
23
|
+
# 1. R/W v3 OLE files (v4 may work, but wasn't tested)
|
24
|
+
# 2. RO double-indirect fat sectors
|
25
|
+
# 3. RO fat sectors (including those in double-indirect parts)
|
26
|
+
# 4. WO support for less than 109 fat sectors :)
|
27
|
+
# 5. R/W minifat sectors
|
28
|
+
# 6. R/W ministream
|
29
|
+
# 7. R/W normal streams
|
30
|
+
# 8. R/W substorages (including nesting)
|
31
|
+
# 9. full directory support (hierarchal and flattened access)
|
32
|
+
# 10. big and little endian files (although only little endian was tested)
|
33
|
+
#
|
34
|
+
#
|
35
|
+
# TODO (in order of priority):
|
36
|
+
#
|
37
|
+
# 1. support deleting storages/streams
|
38
|
+
# 2. create copyto and other typical interface functions
|
39
|
+
# 3. support writing DIF sectors > 109
|
40
|
+
# - may lead to allocating more fat sectors :-/
|
41
|
+
# 4. properly support mode params for open_stream/open_storage/etc
|
42
|
+
# 5. optimize to prevent unecessary loading/writing
|
43
|
+
# 6. support for auxillary streams (DocumentSummaryInformation and SummaryInformation)
|
44
|
+
# 7. support non-committal editing (open, change, close w/o save)
|
45
|
+
# 8. support timestamps
|
46
|
+
# 9. provide interface to change paramters (endian, etc)
|
47
|
+
#
|
48
|
+
#
|
49
|
+
# TO INVESTIGATE:
|
50
|
+
#
|
51
|
+
# 1. moving storage interface functions into something used by both
|
52
|
+
# the main storage and substorages (unifying the code) (mixin?)
|
53
|
+
# 2. eliminating flattening the directory prior to writing it out
|
54
|
+
#
|
55
|
+
##
|
56
|
+
|
57
|
+
require 'rex'
|
58
|
+
|
59
|
+
module Rex
|
60
|
+
module OLE
|
61
|
+
|
62
|
+
# misc util
|
63
|
+
# NOTE: the v1.1 spec says that everything "MUST be stored in little-endian byte order"
|
64
|
+
BIG_ENDIAN = 0xfeff
|
65
|
+
LITTLE_ENDIAN = 0xfffe
|
66
|
+
# defines Util class
|
67
|
+
require 'rex/ole/util'
|
68
|
+
require 'rex/ole/clsid'
|
69
|
+
|
70
|
+
|
71
|
+
# constants for dealing with the header
|
72
|
+
HDR_SZ = 512
|
73
|
+
# signatures
|
74
|
+
SIG = "\xd0\xcf\x11\xe0\xa1\xb1\x1a\xe1"
|
75
|
+
SIG_BETA = "\x0e\x11\xfc\x0d\xd0\xcf\x11\xe0"
|
76
|
+
# defines Header class
|
77
|
+
require 'rex/ole/header'
|
78
|
+
|
79
|
+
|
80
|
+
# sector types
|
81
|
+
SECT_MAX = 0xfffffffa
|
82
|
+
SECT_DIF = 0xfffffffc
|
83
|
+
SECT_FAT = 0xfffffffd
|
84
|
+
SECT_END = 0xfffffffe
|
85
|
+
SECT_FREE = 0xffffffff
|
86
|
+
# defines DIFAT class
|
87
|
+
require 'rex/ole/difat'
|
88
|
+
# defines FAT class
|
89
|
+
require 'rex/ole/fat'
|
90
|
+
# defines MiniFAT class
|
91
|
+
require 'rex/ole/minifat'
|
92
|
+
|
93
|
+
|
94
|
+
# directory entries
|
95
|
+
DIRENTRY_SZ = 128
|
96
|
+
DIR_NOSTREAM = 0xffffffff
|
97
|
+
DIR_MAXREGSID = 0xfffffffa
|
98
|
+
# defines Directory class
|
99
|
+
require 'rex/ole/directory'
|
100
|
+
|
101
|
+
# types
|
102
|
+
STGTY_INVALID = 0
|
103
|
+
STGTY_STORAGE = 1
|
104
|
+
STGTY_STREAM = 2
|
105
|
+
STGTY_LOCKBYTES = 3
|
106
|
+
STGTY_PROPERTY = 4
|
107
|
+
STGTY_ROOT = 5
|
108
|
+
# for red/black tree
|
109
|
+
COLOR_RED = 0
|
110
|
+
COLOR_BLACK = 1
|
111
|
+
# defines DirEntry base class
|
112
|
+
require 'rex/ole/direntry'
|
113
|
+
|
114
|
+
|
115
|
+
# constants for storages
|
116
|
+
STGM_READ = 0
|
117
|
+
STGM_WRITE = 1
|
118
|
+
STGM_READWRITE = 2
|
119
|
+
# defines Storage class
|
120
|
+
require 'rex/ole/storage'
|
121
|
+
# defines SubStorage class
|
122
|
+
require 'rex/ole/substorage'
|
123
|
+
# defines Stream class
|
124
|
+
require 'rex/ole/stream'
|
125
|
+
|
126
|
+
|
127
|
+
end
|
128
|
+
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
##
|
2
|
+
# $Id: clsid.rb 8457 2010-02-11 18:36:38Z jduck $
|
3
|
+
# Version: $Revision: 8457 $
|
4
|
+
##
|
5
|
+
|
6
|
+
##
|
7
|
+
# Rex::OLE - an OLE implementation
|
8
|
+
# written in 2010 by Joshua J. Drake <jduck [at] metasploit.com>
|
9
|
+
##
|
10
|
+
|
11
|
+
|
12
|
+
module Rex
|
13
|
+
module OLE
|
14
|
+
|
15
|
+
class CLSID
|
16
|
+
|
17
|
+
def initialize(buf=nil)
|
18
|
+
@buf = buf
|
19
|
+
@buf ||= "\x00" * 16
|
20
|
+
end
|
21
|
+
|
22
|
+
def pack
|
23
|
+
@buf
|
24
|
+
end
|
25
|
+
|
26
|
+
def to_s
|
27
|
+
ret = ""
|
28
|
+
ret << "%08x" % Util.get32(@buf, 0)
|
29
|
+
ret << "-"
|
30
|
+
ret << "%04x" % Util.get16(@buf, 4)
|
31
|
+
ret << "-"
|
32
|
+
ret << "%04x" % Util.get16(@buf, 6)
|
33
|
+
ret << "-"
|
34
|
+
idx = 0
|
35
|
+
last8 = @buf[8,8]
|
36
|
+
last8.unpack('C*').each { |byte|
|
37
|
+
ret << [byte].pack('C').unpack('H*')[0]
|
38
|
+
ret << "-" if (idx == 1)
|
39
|
+
idx += 1
|
40
|
+
}
|
41
|
+
ret
|
42
|
+
end
|
43
|
+
|
44
|
+
end
|
45
|
+
|
46
|
+
end
|
47
|
+
end
|
@@ -0,0 +1,141 @@
|
|
1
|
+
##
|
2
|
+
# $Id: difat.rb 8457 2010-02-11 18:36:38Z jduck $
|
3
|
+
# Version: $Revision: 8457 $
|
4
|
+
##
|
5
|
+
|
6
|
+
##
|
7
|
+
# Rex::OLE - an OLE implementation
|
8
|
+
# written in 2010 by Joshua J. Drake <jduck [at] metasploit.com>
|
9
|
+
##
|
10
|
+
|
11
|
+
module Rex
|
12
|
+
module OLE
|
13
|
+
|
14
|
+
class DIFAT
|
15
|
+
|
16
|
+
def initialize stg
|
17
|
+
@stg = stg
|
18
|
+
@entries = []
|
19
|
+
end
|
20
|
+
|
21
|
+
#
|
22
|
+
# convenience access to entries
|
23
|
+
#
|
24
|
+
def []=(idx,expr)
|
25
|
+
@entries[idx] = expr
|
26
|
+
end
|
27
|
+
|
28
|
+
def [](idx)
|
29
|
+
@entries[idx]
|
30
|
+
end
|
31
|
+
|
32
|
+
def +(expr)
|
33
|
+
@entries += expr
|
34
|
+
self
|
35
|
+
end
|
36
|
+
|
37
|
+
def <<(expr)
|
38
|
+
@entries << expr
|
39
|
+
end
|
40
|
+
|
41
|
+
def length
|
42
|
+
@entries.length
|
43
|
+
end
|
44
|
+
|
45
|
+
def slice!(start,stop)
|
46
|
+
@entries.slice!(start,stop)
|
47
|
+
end
|
48
|
+
|
49
|
+
def reset
|
50
|
+
@entries = []
|
51
|
+
end
|
52
|
+
|
53
|
+
def each
|
54
|
+
@entries.each { |el|
|
55
|
+
yield el
|
56
|
+
}
|
57
|
+
end
|
58
|
+
|
59
|
+
#
|
60
|
+
# woop
|
61
|
+
#
|
62
|
+
def to_s
|
63
|
+
ret = "{ "
|
64
|
+
@entries.each { |el|
|
65
|
+
ret << ", " if (ret.length > 2)
|
66
|
+
case el
|
67
|
+
when SECT_END
|
68
|
+
ret << "END"
|
69
|
+
when SECT_DIF
|
70
|
+
ret << "DIF"
|
71
|
+
when SECT_FAT
|
72
|
+
ret << "FAT"
|
73
|
+
when SECT_FREE
|
74
|
+
ret << "FREE"
|
75
|
+
else
|
76
|
+
ret << "0x%x" % el
|
77
|
+
end
|
78
|
+
}
|
79
|
+
ret << " }"
|
80
|
+
ret
|
81
|
+
end
|
82
|
+
|
83
|
+
#
|
84
|
+
# low-level functions
|
85
|
+
#
|
86
|
+
def read
|
87
|
+
@entries = []
|
88
|
+
|
89
|
+
# start with the header part
|
90
|
+
@entries += @stg.header._sectFat
|
91
|
+
|
92
|
+
# double indirect fat
|
93
|
+
sect = @stg.header._sectDifStart
|
94
|
+
while (sect != SECT_END)
|
95
|
+
if (@entries.include?(sect))
|
96
|
+
raise RuntimeError, 'Sector chain loop detected (0x%08x)' % sect
|
97
|
+
end
|
98
|
+
|
99
|
+
@entries << sect
|
100
|
+
buf = @stg.read_sector(sect, @stg.header.sector_size)
|
101
|
+
|
102
|
+
# the last sect ptr in the block becomes the next entry
|
103
|
+
sect = Util.get32(buf, ((@stg.header.idx_per_sect)-1) * 4)
|
104
|
+
end
|
105
|
+
|
106
|
+
# don't need these free ones, but it doesn't hurt to keep them.
|
107
|
+
#@difat.delete(SECT_FREE)
|
108
|
+
end
|
109
|
+
|
110
|
+
def write
|
111
|
+
len = @entries.length
|
112
|
+
first109 = @entries.dup
|
113
|
+
|
114
|
+
rest = nil
|
115
|
+
if (len > 109)
|
116
|
+
rest = first109.slice!(109,len)
|
117
|
+
end
|
118
|
+
|
119
|
+
@stg.header._sectFat = []
|
120
|
+
@stg.header._sectFat += first109
|
121
|
+
if (len < 109)
|
122
|
+
need = 109 - len
|
123
|
+
need.times {
|
124
|
+
@stg.header._sectFat << SECT_FREE
|
125
|
+
}
|
126
|
+
end
|
127
|
+
|
128
|
+
if (rest and rest.length > 0)
|
129
|
+
raise RuntimeError, 'TODO: support writing DIF properly!'
|
130
|
+
# may require adding more fat sectors :-/
|
131
|
+
#@stg.header._csectDif = rest.length
|
132
|
+
#@stg.header._sectDifStart = idx
|
133
|
+
end
|
134
|
+
|
135
|
+
@stg.header._csectFat = len
|
136
|
+
end
|
137
|
+
|
138
|
+
end
|
139
|
+
|
140
|
+
end
|
141
|
+
end
|
@@ -0,0 +1,230 @@
|
|
1
|
+
##
|
2
|
+
# $Id: directory.rb 8457 2010-02-11 18:36:38Z jduck $
|
3
|
+
# Version: $Revision: 8457 $
|
4
|
+
##
|
5
|
+
|
6
|
+
##
|
7
|
+
# Rex::OLE - an OLE implementation
|
8
|
+
# written in 2010 by Joshua J. Drake <jduck [at] metasploit.com>
|
9
|
+
##
|
10
|
+
|
11
|
+
module Rex
|
12
|
+
module OLE
|
13
|
+
|
14
|
+
require 'rex/ole/direntry'
|
15
|
+
|
16
|
+
#
|
17
|
+
# This class serves as the root directory entry in addition to
|
18
|
+
# an abstraction around the concept of a directory as a whole.
|
19
|
+
#
|
20
|
+
class Directory < DirEntry
|
21
|
+
|
22
|
+
# XXX: num_entries is not maintained once a stream/storage is added!
|
23
|
+
attr_accessor :num_entries
|
24
|
+
|
25
|
+
def initialize(stg)
|
26
|
+
super
|
27
|
+
|
28
|
+
@num_entries = 1
|
29
|
+
end
|
30
|
+
|
31
|
+
|
32
|
+
# woop, recursive each
|
33
|
+
def yield_entries(de, &block)
|
34
|
+
block.call(de)
|
35
|
+
de.each { |el|
|
36
|
+
yield_entries(el, &block)
|
37
|
+
}
|
38
|
+
end
|
39
|
+
def each_entry(&block)
|
40
|
+
yield_entries(self, &block)
|
41
|
+
end
|
42
|
+
|
43
|
+
|
44
|
+
def set_ministream_params(start, size)
|
45
|
+
@_sectStart = start
|
46
|
+
@_ulSize = size
|
47
|
+
end
|
48
|
+
|
49
|
+
def link_item(parent, child)
|
50
|
+
# set sid, advance count
|
51
|
+
child.sid = @num_entries
|
52
|
+
@num_entries += 1
|
53
|
+
|
54
|
+
|
55
|
+
# link item to siblings and/or parent
|
56
|
+
if (parent._sidChild == DIR_NOSTREAM)
|
57
|
+
parent._sidChild = child.sid
|
58
|
+
dlog("Linking #{child.name} as THE child of #{parent.name} as sid #{child.sid}", 'rex', LEV_3)
|
59
|
+
else
|
60
|
+
sib = nil
|
61
|
+
parent.each { |el|
|
62
|
+
if (el._sidLeftSib == DIR_NOSTREAM)
|
63
|
+
sib = el
|
64
|
+
el._sidLeftSib = child.sid
|
65
|
+
dlog("Linking #{child.name} as the LEFT sibling of #{sib.name} as sid #{child.sid}", 'rex', LEV_3)
|
66
|
+
break
|
67
|
+
end
|
68
|
+
if (el._sidRightSib == DIR_NOSTREAM)
|
69
|
+
sib = el
|
70
|
+
el._sidRightSib = child.sid
|
71
|
+
dlog("Linking #{child.name} as the RIGHT sibling of #{sib.name} as sid #{child.sid}", 'rex', LEV_3)
|
72
|
+
break
|
73
|
+
end
|
74
|
+
}
|
75
|
+
raise RuntimeError, 'Unable to find a sibling to link to in the directory'
|
76
|
+
end
|
77
|
+
parent << child
|
78
|
+
end
|
79
|
+
|
80
|
+
|
81
|
+
#
|
82
|
+
# low-level functions
|
83
|
+
#
|
84
|
+
def from_s(sid, buf)
|
85
|
+
super
|
86
|
+
|
87
|
+
if (@_sidRightSib != DIR_NOSTREAM)
|
88
|
+
raise RuntimeError, 'Root Entry is invalid! (has right sibling)'
|
89
|
+
end
|
90
|
+
if (@_sidLeftSib != DIR_NOSTREAM)
|
91
|
+
raise RuntimeError, 'Root Entry is invalid! (has left sibling)'
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
95
|
+
def read
|
96
|
+
@children = []
|
97
|
+
visited = []
|
98
|
+
entries = []
|
99
|
+
root_node = nil
|
100
|
+
sect = @stg.header._sectDirStart
|
101
|
+
while (sect != SECT_END)
|
102
|
+
|
103
|
+
if (visited.include?(sect))
|
104
|
+
raise RuntimeError, 'Sector chain loop detected (0x%08x)' % sect
|
105
|
+
end
|
106
|
+
visited << sect
|
107
|
+
|
108
|
+
sbuf = @stg.read_sector(sect, @stg.header.sector_size)
|
109
|
+
while (sbuf.length >= DIRENTRY_SZ)
|
110
|
+
debuf = sbuf.slice!(0, DIRENTRY_SZ)
|
111
|
+
|
112
|
+
type = Util.get8(debuf, 0x42)
|
113
|
+
case type
|
114
|
+
when STGTY_ROOT
|
115
|
+
if (entries.length != 0)
|
116
|
+
raise RuntimeError, 'Root Entry found, but not first encountered!'
|
117
|
+
end
|
118
|
+
if (root_node)
|
119
|
+
raise RuntimeError, 'Multiple root directory sectors detected (0x%08x)' % sect
|
120
|
+
end
|
121
|
+
de = self
|
122
|
+
root_node = de
|
123
|
+
|
124
|
+
when STGTY_STORAGE
|
125
|
+
de = SubStorage.new @stg
|
126
|
+
|
127
|
+
when STGTY_STREAM
|
128
|
+
de = Stream.new @stg
|
129
|
+
|
130
|
+
when STGTY_INVALID
|
131
|
+
# skip invalid entries
|
132
|
+
next
|
133
|
+
|
134
|
+
else
|
135
|
+
raise RuntimeError, 'Unsupported directory entry type (0x%02x)' % type
|
136
|
+
end
|
137
|
+
|
138
|
+
# read content
|
139
|
+
de.from_s(entries.length, debuf)
|
140
|
+
entries << de
|
141
|
+
end
|
142
|
+
sect = @stg.next_sector(sect)
|
143
|
+
end
|
144
|
+
|
145
|
+
@num_entries = entries.length
|
146
|
+
|
147
|
+
# sort out the tree structure, starting with the root
|
148
|
+
if (@_sidChild != DIR_NOSTREAM)
|
149
|
+
populate_children(entries, root_node, @_sidChild)
|
150
|
+
end
|
151
|
+
end
|
152
|
+
|
153
|
+
|
154
|
+
# recursively add entries to their proper parents :)
|
155
|
+
def populate_children(entries, parent, sid)
|
156
|
+
node = entries[sid]
|
157
|
+
dlog("populate_children(entries, \"#{parent.name}\", #{sid}) - node: #{node.name}", 'rex', LEV_3)
|
158
|
+
parent << node
|
159
|
+
if (node.type == STGTY_STORAGE) and (node._sidChild != DIR_NOSTREAM)
|
160
|
+
populate_children(entries, node, node._sidChild)
|
161
|
+
end
|
162
|
+
if (node._sidLeftSib != DIR_NOSTREAM)
|
163
|
+
populate_children(entries, parent, node._sidLeftSib)
|
164
|
+
end
|
165
|
+
if (node._sidRightSib != DIR_NOSTREAM)
|
166
|
+
populate_children(entries, parent, node._sidRightSib)
|
167
|
+
end
|
168
|
+
end
|
169
|
+
|
170
|
+
# NOTE: this may not be necessary if we were to use each_entry
|
171
|
+
def flatten_tree(entries, parent)
|
172
|
+
entries << parent
|
173
|
+
parent.each { |el|
|
174
|
+
flatten_tree(entries, el)
|
175
|
+
}
|
176
|
+
end
|
177
|
+
|
178
|
+
|
179
|
+
def write
|
180
|
+
# flatten the directory again
|
181
|
+
entries = []
|
182
|
+
flatten_tree(entries, self)
|
183
|
+
dlog("flattened tree has #{entries.length} entries...", 'rex', LEV_3)
|
184
|
+
|
185
|
+
# count directory sectors
|
186
|
+
ds_count = entries.length / 4
|
187
|
+
if ((entries.length % 4) > 0)
|
188
|
+
# one more sector to hold the rest
|
189
|
+
ds_count += 1
|
190
|
+
end
|
191
|
+
|
192
|
+
# put the root entry first
|
193
|
+
sbuf = self.pack
|
194
|
+
|
195
|
+
# add the rest
|
196
|
+
prev_sect = nil
|
197
|
+
dir_start = nil
|
198
|
+
entries.each { |de|
|
199
|
+
# we already got the root entry, no more!
|
200
|
+
next if (de.type == STGTY_ROOT)
|
201
|
+
|
202
|
+
dir = de.pack
|
203
|
+
dlog("writing dir entry #{de.name}", 'rex', LEV_3)
|
204
|
+
sbuf << dir
|
205
|
+
|
206
|
+
if (sbuf.length == @stg.header.sector_size)
|
207
|
+
# we have a full sector, add it!
|
208
|
+
sect = @stg.write_sector(sbuf, nil, prev_sect)
|
209
|
+
prev_sect = sect
|
210
|
+
dir_start ||= sect
|
211
|
+
# reset..
|
212
|
+
sbuf = ""
|
213
|
+
end
|
214
|
+
}
|
215
|
+
|
216
|
+
# still a partial sector left?
|
217
|
+
if (sbuf.length > 0)
|
218
|
+
# add it! (NOTE: it will get padded with nul bytes if its not sector sized)
|
219
|
+
sect = @stg.write_sector(sbuf, nil, prev_sect)
|
220
|
+
prev_sect = sect
|
221
|
+
dir_start ||= sect
|
222
|
+
end
|
223
|
+
|
224
|
+
@stg.header._sectDirStart = dir_start
|
225
|
+
end
|
226
|
+
|
227
|
+
end
|
228
|
+
|
229
|
+
end
|
230
|
+
end
|