RubyGems - librex - Versions diffs - 0.0.1 - Mend

librex 0.0.1

Files changed (370) hide show

data/README +4 -0
data/lib/rex.rb +101 -0
data/lib/rex.rb.ts.rb +70 -0
data/lib/rex/LICENSE +29 -0
data/lib/rex/arch.rb +103 -0
data/lib/rex/arch/sparc.rb +75 -0
data/lib/rex/arch/sparc.rb.ut.rb +18 -0
data/lib/rex/arch/x86.rb +513 -0
data/lib/rex/arch/x86.rb.ut.rb +93 -0
data/lib/rex/assembly/nasm.rb +100 -0
data/lib/rex/assembly/nasm.rb.ut.rb +22 -0
data/lib/rex/codepage.map +104 -0
data/lib/rex/compat.rb +281 -0
data/lib/rex/constants.rb +113 -0
data/lib/rex/elfparsey.rb +11 -0
data/lib/rex/elfparsey/elf.rb +123 -0
data/lib/rex/elfparsey/elfbase.rb +260 -0
data/lib/rex/elfparsey/exceptions.rb +27 -0
data/lib/rex/elfscan.rb +12 -0
data/lib/rex/elfscan/scanner.rb +207 -0
data/lib/rex/elfscan/search.rb +46 -0
data/lib/rex/encoder/alpha2.rb +31 -0
data/lib/rex/encoder/alpha2/alpha_mixed.rb +68 -0
data/lib/rex/encoder/alpha2/alpha_upper.rb +79 -0
data/lib/rex/encoder/alpha2/generic.rb +113 -0
data/lib/rex/encoder/alpha2/unicode_mixed.rb +117 -0
data/lib/rex/encoder/alpha2/unicode_upper.rb +129 -0
data/lib/rex/encoder/ndr.rb +89 -0
data/lib/rex/encoder/ndr.rb.ut.rb +44 -0
data/lib/rex/encoder/nonalpha.rb +61 -0
data/lib/rex/encoder/nonupper.rb +64 -0
data/lib/rex/encoder/xdr.rb +106 -0
data/lib/rex/encoder/xdr.rb.ut.rb +29 -0
data/lib/rex/encoder/xor.rb +69 -0
data/lib/rex/encoder/xor/dword.rb +13 -0
data/lib/rex/encoder/xor/dword_additive.rb +13 -0
data/lib/rex/encoders/xor_dword.rb +35 -0
data/lib/rex/encoders/xor_dword_additive.rb +53 -0
data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +12 -0
data/lib/rex/encoding/xor.rb +20 -0
data/lib/rex/encoding/xor.rb.ts.rb +14 -0
data/lib/rex/encoding/xor/byte.rb +15 -0
data/lib/rex/encoding/xor/byte.rb.ut.rb +21 -0
data/lib/rex/encoding/xor/dword.rb +21 -0
data/lib/rex/encoding/xor/dword.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/dword_additive.rb +92 -0
data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/exceptions.rb +17 -0
data/lib/rex/encoding/xor/generic.rb +146 -0
data/lib/rex/encoding/xor/generic.rb.ut.rb +120 -0
data/lib/rex/encoding/xor/qword.rb +15 -0
data/lib/rex/encoding/xor/word.rb +21 -0
data/lib/rex/encoding/xor/word.rb.ut.rb +13 -0
data/lib/rex/exceptions.rb +275 -0
data/lib/rex/exceptions.rb.ut.rb +44 -0
data/lib/rex/exploitation/cmdstager.rb +133 -0
data/lib/rex/exploitation/egghunter.rb +143 -0
data/lib/rex/exploitation/egghunter.rb.ut.rb +25 -0
data/lib/rex/exploitation/encryptjs.rb +77 -0
data/lib/rex/exploitation/heaplib.js.b64 +331 -0
data/lib/rex/exploitation/heaplib.rb +94 -0
data/lib/rex/exploitation/javascriptosdetect.rb +735 -0
data/lib/rex/exploitation/obfuscatejs.rb +335 -0
data/lib/rex/exploitation/opcodedb.rb +818 -0
data/lib/rex/exploitation/opcodedb.rb.ut.rb +279 -0
data/lib/rex/exploitation/seh.rb +92 -0
data/lib/rex/exploitation/seh.rb.ut.rb +19 -0
data/lib/rex/file.rb +84 -0
data/lib/rex/file.rb.ut.rb +16 -0
data/lib/rex/image_source.rb +12 -0
data/lib/rex/image_source/disk.rb +60 -0
data/lib/rex/image_source/image_source.rb +46 -0
data/lib/rex/image_source/memory.rb +37 -0
data/lib/rex/io/bidirectional_pipe.rb +157 -0
data/lib/rex/io/datagram_abstraction.rb +35 -0
data/lib/rex/io/stream.rb +313 -0
data/lib/rex/io/stream_abstraction.rb +186 -0
data/lib/rex/io/stream_server.rb +211 -0
data/lib/rex/job_container.rb +202 -0
data/lib/rex/logging.rb +4 -0
data/lib/rex/logging/log_dispatcher.rb +179 -0
data/lib/rex/logging/log_sink.rb +42 -0
data/lib/rex/logging/sinks/flatfile.rb +55 -0
data/lib/rex/logging/sinks/stderr.rb +43 -0
data/lib/rex/machparsey.rb +9 -0
data/lib/rex/machparsey/exceptions.rb +34 -0
data/lib/rex/machparsey/mach.rb +209 -0
data/lib/rex/machparsey/machbase.rb +408 -0
data/lib/rex/machscan.rb +9 -0
data/lib/rex/machscan/scanner.rb +217 -0
data/lib/rex/mime.rb +9 -0
data/lib/rex/mime/header.rb +75 -0
data/lib/rex/mime/message.rb +112 -0
data/lib/rex/mime/part.rb +20 -0
data/lib/rex/nop/opty2.rb +108 -0
data/lib/rex/nop/opty2.rb.ut.rb +23 -0
data/lib/rex/nop/opty2_tables.rb +300 -0
data/lib/rex/ole.rb +128 -0
data/lib/rex/ole/clsid.rb +47 -0
data/lib/rex/ole/difat.rb +141 -0
data/lib/rex/ole/directory.rb +230 -0
data/lib/rex/ole/direntry.rb +240 -0
data/lib/rex/ole/fat.rb +99 -0
data/lib/rex/ole/header.rb +204 -0
data/lib/rex/ole/minifat.rb +77 -0
data/lib/rex/ole/samples/create_ole.rb +27 -0
data/lib/rex/ole/samples/dir.rb +35 -0
data/lib/rex/ole/samples/dump_stream.rb +34 -0
data/lib/rex/ole/samples/ole_info.rb +23 -0
data/lib/rex/ole/storage.rb +395 -0
data/lib/rex/ole/stream.rb +53 -0
data/lib/rex/ole/substorage.rb +49 -0
data/lib/rex/ole/util.rb +157 -0
data/lib/rex/parser/arguments.rb +97 -0
data/lib/rex/parser/arguments.rb.ut.rb +67 -0
data/lib/rex/parser/ini.rb +185 -0
data/lib/rex/parser/ini.rb.ut.rb +29 -0
data/lib/rex/parser/nmap_xml.rb +111 -0
data/lib/rex/payloads.rb +1 -0
data/lib/rex/payloads/win32.rb +2 -0
data/lib/rex/payloads/win32/common.rb +26 -0
data/lib/rex/payloads/win32/kernel.rb +53 -0
data/lib/rex/payloads/win32/kernel/common.rb +54 -0
data/lib/rex/payloads/win32/kernel/migration.rb +12 -0
data/lib/rex/payloads/win32/kernel/recovery.rb +50 -0
data/lib/rex/payloads/win32/kernel/stager.rb +171 -0
data/lib/rex/peparsey.rb +12 -0
data/lib/rex/peparsey/exceptions.rb +32 -0
data/lib/rex/peparsey/pe.rb +188 -0
data/lib/rex/peparsey/pe_memdump.rb +63 -0
data/lib/rex/peparsey/pebase.rb +1655 -0
data/lib/rex/peparsey/section.rb +136 -0
data/lib/rex/pescan.rb +13 -0
data/lib/rex/pescan/analyze.rb +309 -0
data/lib/rex/pescan/scanner.rb +206 -0
data/lib/rex/pescan/search.rb +56 -0
data/lib/rex/platforms.rb +1 -0
data/lib/rex/platforms/windows.rb +51 -0
data/lib/rex/poly.rb +132 -0
data/lib/rex/poly/block.rb +468 -0
data/lib/rex/poly/register.rb +100 -0
data/lib/rex/poly/register/x86.rb +40 -0
data/lib/rex/post.rb +8 -0
data/lib/rex/post/dir.rb +51 -0
data/lib/rex/post/file.rb +172 -0
data/lib/rex/post/file_stat.rb +220 -0
data/lib/rex/post/gen.pl +13 -0
data/lib/rex/post/io.rb +182 -0
data/lib/rex/post/meterpreter.rb +4 -0
data/lib/rex/post/meterpreter/channel.rb +438 -0
data/lib/rex/post/meterpreter/channel_container.rb +54 -0
data/lib/rex/post/meterpreter/channels/pool.rb +160 -0
data/lib/rex/post/meterpreter/channels/pools/file.rb +62 -0
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +103 -0
data/lib/rex/post/meterpreter/channels/stream.rb +87 -0
data/lib/rex/post/meterpreter/client.rb +335 -0
data/lib/rex/post/meterpreter/client_core.rb +274 -0
data/lib/rex/post/meterpreter/dependencies.rb +3 -0
data/lib/rex/post/meterpreter/extension.rb +32 -0
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +58 -0
data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +16 -0
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +94 -0
data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +21 -0
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +118 -0
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +61 -0
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +104 -0
data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +28 -0
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +100 -0
data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +24 -0
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +333 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +273 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +235 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +103 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +48 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +144 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +73 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +56 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +137 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +192 -0
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +139 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +97 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +184 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +41 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +61 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +361 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +129 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +55 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +336 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +141 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +279 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +182 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +102 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +174 -0
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +185 -0
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +227 -0
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +30 -0
data/lib/rex/post/meterpreter/object_aliases.rb +83 -0
data/lib/rex/post/meterpreter/packet.rb +596 -0
data/lib/rex/post/meterpreter/packet_dispatcher.rb +409 -0
data/lib/rex/post/meterpreter/packet_parser.rb +94 -0
data/lib/rex/post/meterpreter/packet_response_waiter.rb +83 -0
data/lib/rex/post/meterpreter/ui/console.rb +135 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +62 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +595 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +108 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +241 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +61 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +98 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +51 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +132 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +187 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +63 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +376 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +270 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +484 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +315 -0
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +95 -0
data/lib/rex/post/permission.rb +26 -0
data/lib/rex/post/process.rb +57 -0
data/lib/rex/post/thread.rb +57 -0
data/lib/rex/post/ui.rb +52 -0
data/lib/rex/proto.rb +12 -0
data/lib/rex/proto.rb.ts.rb +8 -0
data/lib/rex/proto/dcerpc.rb +6 -0
data/lib/rex/proto/dcerpc.rb.ts.rb +9 -0
data/lib/rex/proto/dcerpc/client.rb +358 -0
data/lib/rex/proto/dcerpc/client.rb.ut.rb +491 -0
data/lib/rex/proto/dcerpc/exceptions.rb +150 -0
data/lib/rex/proto/dcerpc/handle.rb +47 -0
data/lib/rex/proto/dcerpc/handle.rb.ut.rb +85 -0
data/lib/rex/proto/dcerpc/ndr.rb +72 -0
data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +41 -0
data/lib/rex/proto/dcerpc/packet.rb +253 -0
data/lib/rex/proto/dcerpc/packet.rb.ut.rb +56 -0
data/lib/rex/proto/dcerpc/response.rb +186 -0
data/lib/rex/proto/dcerpc/response.rb.ut.rb +15 -0
data/lib/rex/proto/dcerpc/uuid.rb +84 -0
data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +46 -0
data/lib/rex/proto/drda.rb +5 -0
data/lib/rex/proto/drda.rb.ts.rb +17 -0
data/lib/rex/proto/drda/constants.rb +49 -0
data/lib/rex/proto/drda/constants.rb.ut.rb +23 -0
data/lib/rex/proto/drda/packet.rb +252 -0
data/lib/rex/proto/drda/packet.rb.ut.rb +109 -0
data/lib/rex/proto/drda/utils.rb +123 -0
data/lib/rex/proto/drda/utils.rb.ut.rb +84 -0
data/lib/rex/proto/http.rb +5 -0
data/lib/rex/proto/http.rb.ts.rb +12 -0
data/lib/rex/proto/http/client.rb +817 -0
data/lib/rex/proto/http/client.rb.ut.rb +93 -0
data/lib/rex/proto/http/handler.rb +46 -0
data/lib/rex/proto/http/handler/erb.rb +128 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb +21 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +1 -0
data/lib/rex/proto/http/handler/proc.rb +54 -0
data/lib/rex/proto/http/handler/proc.rb.ut.rb +24 -0
data/lib/rex/proto/http/header.rb +161 -0
data/lib/rex/proto/http/header.rb.ut.rb +46 -0
data/lib/rex/proto/http/packet.rb +394 -0
data/lib/rex/proto/http/packet.rb.ut.rb +165 -0
data/lib/rex/proto/http/request.rb +356 -0
data/lib/rex/proto/http/request.rb.ut.rb +214 -0
data/lib/rex/proto/http/response.rb +85 -0
data/lib/rex/proto/http/response.rb.ut.rb +149 -0
data/lib/rex/proto/http/server.rb +367 -0
data/lib/rex/proto/http/server.rb.ut.rb +79 -0
data/lib/rex/proto/smb.rb +7 -0
data/lib/rex/proto/smb.rb.ts.rb +8 -0
data/lib/rex/proto/smb/client.rb +1733 -0
data/lib/rex/proto/smb/client.rb.ut.rb +223 -0
data/lib/rex/proto/smb/constants.rb +1062 -0
data/lib/rex/proto/smb/constants.rb.ut.rb +18 -0
data/lib/rex/proto/smb/crypt.rb +95 -0
data/lib/rex/proto/smb/crypt.rb.ut.rb +20 -0
data/lib/rex/proto/smb/evasions.rb +65 -0
data/lib/rex/proto/smb/exceptions.rb +846 -0
data/lib/rex/proto/smb/simpleclient.rb +292 -0
data/lib/rex/proto/smb/simpleclient.rb.ut.rb +128 -0
data/lib/rex/proto/smb/utils.rb +514 -0
data/lib/rex/proto/smb/utils.rb.ut.rb +20 -0
data/lib/rex/proto/sunrpc.rb +1 -0
data/lib/rex/proto/sunrpc/client.rb +195 -0
data/lib/rex/script.rb +42 -0
data/lib/rex/script/base.rb +59 -0
data/lib/rex/script/meterpreter.rb +9 -0
data/lib/rex/script/shell.rb +9 -0
data/lib/rex/service.rb +48 -0
data/lib/rex/service_manager.rb +141 -0
data/lib/rex/service_manager.rb.ut.rb +32 -0
data/lib/rex/services/local_relay.rb +423 -0
data/lib/rex/socket.rb +586 -0
data/lib/rex/socket.rb.ut.rb +86 -0
data/lib/rex/socket/comm.rb +119 -0
data/lib/rex/socket/comm/local.rb +409 -0
data/lib/rex/socket/comm/local.rb.ut.rb +75 -0
data/lib/rex/socket/ip.rb +129 -0
data/lib/rex/socket/parameters.rb +345 -0
data/lib/rex/socket/parameters.rb.ut.rb +51 -0
data/lib/rex/socket/range_walker.rb +295 -0
data/lib/rex/socket/range_walker.rb.ut.rb +55 -0
data/lib/rex/socket/ssl_tcp.rb +184 -0
data/lib/rex/socket/ssl_tcp.rb.ut.rb +39 -0
data/lib/rex/socket/ssl_tcp_server.rb +122 -0
data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +51 -0
data/lib/rex/socket/subnet_walker.rb +75 -0
data/lib/rex/socket/subnet_walker.rb.ut.rb +28 -0
data/lib/rex/socket/switch_board.rb +272 -0
data/lib/rex/socket/switch_board.rb.ut.rb +52 -0
data/lib/rex/socket/tcp.rb +76 -0
data/lib/rex/socket/tcp.rb.ut.rb +64 -0
data/lib/rex/socket/tcp_server.rb +67 -0
data/lib/rex/socket/tcp_server.rb.ut.rb +44 -0
data/lib/rex/socket/udp.rb +157 -0
data/lib/rex/socket/udp.rb.ut.rb +44 -0
data/lib/rex/struct2.rb +5 -0
data/lib/rex/struct2/c_struct.rb +181 -0
data/lib/rex/struct2/c_struct_template.rb +39 -0
data/lib/rex/struct2/constant.rb +26 -0
data/lib/rex/struct2/element.rb +44 -0
data/lib/rex/struct2/generic.rb +73 -0
data/lib/rex/struct2/restraint.rb +54 -0
data/lib/rex/struct2/s_string.rb +72 -0
data/lib/rex/struct2/s_struct.rb +111 -0
data/lib/rex/sync.rb +6 -0
data/lib/rex/sync/event.rb +94 -0
data/lib/rex/sync/read_write_lock.rb +176 -0
data/lib/rex/sync/ref.rb +57 -0
data/lib/rex/sync/thread_safe.rb +82 -0
data/lib/rex/test.rb +35 -0
data/lib/rex/text.rb +1029 -0
data/lib/rex/text.rb.ut.rb +168 -0
data/lib/rex/time.rb +65 -0
data/lib/rex/transformer.rb +115 -0
data/lib/rex/transformer.rb.ut.rb +38 -0
data/lib/rex/ui.rb +21 -0
data/lib/rex/ui/interactive.rb +252 -0
data/lib/rex/ui/output.rb +80 -0
data/lib/rex/ui/output/none.rb +18 -0
data/lib/rex/ui/progress_tracker.rb +96 -0
data/lib/rex/ui/subscriber.rb +149 -0
data/lib/rex/ui/text/color.rb +97 -0
data/lib/rex/ui/text/color.rb.ut.rb +18 -0
data/lib/rex/ui/text/dispatcher_shell.rb +382 -0
data/lib/rex/ui/text/input.rb +117 -0
data/lib/rex/ui/text/input/buffer.rb +75 -0
data/lib/rex/ui/text/input/readline.rb +129 -0
data/lib/rex/ui/text/input/socket.rb +95 -0
data/lib/rex/ui/text/input/stdio.rb +45 -0
data/lib/rex/ui/text/irb_shell.rb +55 -0
data/lib/rex/ui/text/output.rb +80 -0
data/lib/rex/ui/text/output/buffer.rb +65 -0
data/lib/rex/ui/text/output/file.rb +37 -0
data/lib/rex/ui/text/output/socket.rb +43 -0
data/lib/rex/ui/text/output/stdio.rb +40 -0
data/lib/rex/ui/text/progress_tracker.rb +56 -0
data/lib/rex/ui/text/progress_tracker.rb.ut.rb +34 -0
data/lib/rex/ui/text/shell.rb +321 -0
data/lib/rex/ui/text/table.rb +254 -0
data/lib/rex/ui/text/table.rb.ut.rb +55 -0
data/lib/rex/zip.rb +93 -0
data/lib/rex/zip/archive.rb +91 -0
data/lib/rex/zip/blocks.rb +182 -0
data/lib/rex/zip/entry.rb +95 -0
data/lib/rex/zip/samples/comment.rb +32 -0
data/lib/rex/zip/samples/mkwar.rb +138 -0
data/lib/rex/zip/samples/mkzip.rb +19 -0
data/lib/rex/zip/samples/recursive.rb +58 -0
metadata +435 -0

data/lib/rex/elfparsey/exceptions.rb ADDED

@@ -0,0 +1,27 @@
+#!/usr/bin/env ruby
+# $Id: exceptions.rb 5413 2008-02-13 02:43:56Z ramon $
+module Rex
+module ElfParsey
+class ElfError < ::RuntimeError
+end
+class ParseError < ElfError
+end
+class ElfHeaderError < ParseError
+end
+class ProgramHeaderError < ParseError
+end
+class BoundsError < ElfError
+end
+class WtfError < ElfError
+end
+end
+end

data/lib/rex/elfscan.rb ADDED

@@ -0,0 +1,12 @@
+#!/usr/bin/env ruby
+# $Id: elfscan.rb 5398 2008-02-06 17:31:57Z ramon $
+module Rex
+module ElfScan
+end
+end
+require 'rex/elfscan/scanner'
+require 'rex/elfscan/search'

data/lib/rex/elfscan/scanner.rb ADDED

@@ -0,0 +1,207 @@
+# $Id: scanner.rb 7320 2009-11-02 17:09:13Z hdm $
+module Rex
+module ElfScan
+module Scanner
+class Generic
+	attr_accessor :elf, :regex
+	def initialize(elf)
+		self.elf = elf
+	end
+	def config(param)
+	end
+	def scan(param)
+		config(param)
+		$stdout.puts "[#{param['file']}]"
+		elf.program_header.each do |program_header|
+			# Scan only loadable segment entries in the program header table
+			if program_header.p_type == Rex::ElfParsey::ElfBase::PT_LOAD
+				hits = scan_segment(program_header, param)
+				hits.each do |hit|
+					rva  = hit[0]
+					message  = hit[1].is_a?(Array) ? hit[1].join(" ") : hit[1]
+					$stdout.puts elf.ptr_s(rva) + " " + message
+				end
+			end
+		end
+	end
+	def scan_segment(program_header, param={})
+		[]
+	end
+end
+class JmpRegScanner < Generic
+	def config(param)
+		regnums = param['args']
+		# build a list of the call bytes
+		calls  = _build_byte_list(0xd0, regnums - [4]) # note call esp's don't work..
+		jmps   = _build_byte_list(0xe0, regnums)
+		pushs1 = _build_byte_list(0x50, regnums)
+		pushs2 = _build_byte_list(0xf0, regnums)
+		regexstr = '('
+		if !calls.empty?
+			regexstr += "\xff[#{calls}]|"
+		end
+		regexstr += "\xff[#{jmps}]|([#{pushs1}]|\xff[#{pushs2}])(\xc3|\xc2..))"
+		self.regex = Regexp.new(regexstr, nil, 'n')
+	end
+	# build a list for regex of the possible bytes, based on a base
+	# byte and a list of register numbers..
+	def _build_byte_list(base, regnums)
+		regnums.collect { |regnum| Regexp.escape((base | regnum).chr) }.join('')
+	end
+	def _ret_size(offset)
+		case elf.read(offset, 1)
+			when "\xc3"
+				return 1
+			when "\xc2"
+				return 3
+		end
+		raise "wtf"
+	end
+	def _parse_ret(data)
+		if data.length == 1
+			return "ret"
+		else
+			return "retn 0x%04x" % data[1, 2].unpack('v')[0]
+		end
+	end
+	def scan_segment(program_header, param={})
+		offset = program_header.p_offset
+		hits = []
+		while (offset = elf.index(regex, offset)) != nil
+			rva     = elf.offset_to_rva(offset)
+			message = ''
+			parse_ret = false
+			byte1 = elf.read(offset, 1).unpack('C')[0]
+			if byte1 == 0xff
+				byte2   = elf.read(offset+1, 1).unpack('C')[0]
+				regname = Rex::Arch::X86.reg_name32(byte2 & 0x7)
+				case byte2 & 0xf8
+				when 0xd0
+					message = "call #{regname}"
+					offset += 2
+				when 0xe0
+					message = "jmp #{regname}"
+					offset += 2
+				when 0xf0
+					retsize = _ret_size(offset+2)
+					message = "push #{regname}; " + _parse_ret(elf.read(offset+2, retsize))
+					offset += 2 + retsize
+				else
+					raise "wtf"
+				end
+			else
+				regname = Rex::Arch::X86.reg_name32(byte1 & 0x7)
+				retsize = _ret_size(offset+1)
+				message = "push #{regname}; " + _parse_ret(elf.read(offset+1, retsize))
+				offset += 1 + retsize
+			end
+			hits << [ rva, message ]
+		end
+		return hits
+	end
+end
+class PopPopRetScanner < JmpRegScanner
+	def config(param)
+		pops = _build_byte_list(0x58, (0 .. 7).to_a - [4]) # we don't want pop esp's...
+		self.regex = Regexp.new("[#{pops}][#{pops}](\xc3|\xc2..)", nil, 'n')
+	end
+	def scan_segment(program_header, param={})
+		offset = program_header.p_offset
+		hits = []
+		while offset < program_header.p_offset + program_header.p_filesz &&
+		(offset = elf.index(regex, offset)) != nil
+			rva     = elf.offset_to_rva(offset)
+			message = ''
+			pops = elf.read(offset, 2)
+			reg1 = Rex::Arch::X86.reg_name32(pops[0,1].unpack('C*')[0] & 0x7)
+			reg2 = Rex::Arch::X86.reg_name32(pops[1,1].unpack('C*')[0] & 0x7)
+			message = "pop #{reg1}; pop #{reg2}; "
+			retsize = _ret_size(offset+2)
+			message += _parse_ret(elf.read(offset+2, retsize))
+			offset += 2 + retsize
+			hits << [ rva, message ]
+		end
+		return hits
+	end
+end
+class RegexScanner < JmpRegScanner
+	def config(param)
+		self.regex = Regexp.new(param['args'], nil, 'n')
+	end
+	def scan_segment(program_header, param={})
+		offset = program_header.p_offset
+		hits = []
+		while offset < program_header.p_offset + program_header.p_filesz &&
+		(offset = elf.index(regex, offset)) != nil
+			idx = offset
+			buf = ''
+			mat = nil
+			while (! (mat = buf.match(regex)))
+				buf << elf.read(idx, 1)
+				idx += 1
+			end
+			rva = elf.offset_to_rva(offset)
+			hits << [ rva, buf.unpack("H*") ]
+			offset += buf.length
+		end
+		return hits
+	end
+end
+end
+end
+end

data/lib/rex/elfscan/search.rb ADDED

@@ -0,0 +1,46 @@
+#!/usr/bin/env ruby
+# $Id: search.rb 5413 2008-02-13 02:43:56Z ramon $
+module Rex
+module ElfScan
+module Search
+	class DumpRVA
+		attr_accessor :elf
+		def initialize(elf)
+			self.elf = elf
+		end
+		def config(param)
+			@address = param['args']
+		end
+		def scan(param)
+			config(param)
+			$stdout.puts "[#{param['file']}]"
+			# Adjust based on -A and -B flags
+			pre = param['before'] || 0
+			suf = param['after']  || 16
+			@address -= pre
+			@address = 0 if (@address < 0 || ! @address)
+			buf = elf.read_rva(@address, suf)
+			$stdout.puts elf.ptr_s(@address) + " " + buf.unpack("H*")[0]
+		end
+	end
+	class DumpOffset < DumpRVA
+		def config(param)
+			begin
+				@address = elf.offset_to_rva(param['args'])
+			rescue Rex::ElfParsey::BoundsError
+			end
+		end
+	end
+end
+end
+end

data/lib/rex/encoder/alpha2.rb ADDED

@@ -0,0 +1,31 @@
+#!/usr/bin/env ruby
+#
+# ________________________________________________________________________________
+#
+#     ,sSSs,,s,  ,sSSSs,  ALPHA 2: Zero-tolerance. (build 07)
+#    SS"  Y$P"  SY"  ,SY
+#   iS'   dY       ,sS"   Unicode-proof uppercase alphanumeric shellcode encoding.
+#   YS,  dSb    ,sY"      Copyright (C) 2003, 2004 by Berend-Jan Wever.
+#   `"YSS'"S' 'SSSSSSSP   <skylined@edup.tudelft.nl>
+# ________________________________________________________________________________
+#
+#
+# make sure the namespace is created
+#
+module Rex
+module Encoder
+module Alpha2
+end end end
+#
+# include the Alpha2 encodings
+#
+require 'rex/encoder/alpha2/generic'
+require 'rex/encoder/alpha2/alpha_mixed'
+require 'rex/encoder/alpha2/alpha_upper'
+require 'rex/encoder/alpha2/unicode_mixed'
+require 'rex/encoder/alpha2/unicode_upper'

data/lib/rex/encoder/alpha2/alpha_mixed.rb ADDED

@@ -0,0 +1,68 @@
+#!/usr/bin/env ruby
+require 'rex/encoder/alpha2/generic'
+module Rex
+module Encoder
+module Alpha2
+class AlphaMixed < Generic
+	def self.gen_decoder_prefix(reg, offset)
+		if (offset > 32)
+			raise "Critical: Offset is greater than 32"
+		end
+		# use inc ebx as a nop here so we still pad correctly
+		if (offset <= 16)
+			nop = 'C' * offset
+			mod = 'I' * (16 - offset) + nop + '7QZ'    # dec ecx,,, push ecx, pop edx
+			edxmod = 'J' * (17 - offset)
+		else
+			mod = 'A' * (offset - 16)
+			nop = 'C' * (16 - mod.length)
+			mod << nop + '7QZ'
+			edxmod = 'B' * (17 - (offset - 16))
+		end
+		regprefix = {
+			'EAX'   => 'PY' + mod,                         # push eax, pop ecx
+			'ECX'   => 'I' + mod,                          # dec ecx
+			'EDX'   =>  edxmod + nop + '7RY',			   # dec edx,,, push edx, pop ecx
+			'EBX'   => 'SY' + mod,                         # push ebx, pop ecx
+			'ESP'   => 'TY' + mod,                         # push esp, pop ecx
+			'EBP'   => 'UY' + mod,                         # push ebp, pop ecx
+			'ESI'   => 'VY' + mod,                         # push esi, pop ecx
+			'EDI'   => 'WY' + mod,                         # push edi, pop ecx
+		}
+		reg.upcase!
+		if (not regprefix.keys.include? reg)
+			raise ArgumentError.new("Invalid register name")
+		end
+		return regprefix[reg]
+	end
+	def self.gen_decoder(reg, offset)
+		decoder =
+			 gen_decoder_prefix(reg, offset) +
+			 "jA" +          # push 0x41
+			 "X" +           # pop eax
+			 "P" +           # push eax
+			 "0A0" +         # xor byte [ecx+30], al
+			 "A" +           # inc ecx                        <---
+			 "kAAQ" +        # imul eax, [ecx+42], 51 -> 10       |
+			 "2AB" +         # xor al, [ecx + 42]                 |
+			 "2BB" +         # xor al, [edx + 42]                 |
+			 "0BB" +         # xor [edx + 42], al                 |
+			 "A" +           # inc ecx                            |
+			 "B" +           # inc edx                            |
+			 "X" +           # pop eax                            |
+			 "P" +           # push eax                           |
+			 "8AB" +         # cmp [ecx + 42], al                 |
+			 "uJ" +          # jnz short -------------------------
+			 "I"             # first encoded char, fixes the above J
+		return decoder
+	end
+end end end end

data/lib/rex/encoder/alpha2/alpha_upper.rb ADDED

@@ -0,0 +1,79 @@
+#!/usr/bin/env ruby
+require 'rex/encoder/alpha2/generic'
+module Rex
+module Encoder
+module Alpha2
+class AlphaUpper < Generic
+	def self.default_accepted_chars ; ('B' .. 'Z').to_a + ('0' .. '9').to_a ; end
+	def self.gen_decoder_prefix(reg, offset)
+		if (offset > 20)
+			raise "Critical: Offset is greater than 20"
+		end
+		# use inc ebx as a nop here so we still pad correctly
+		if (offset <= 10)
+			nop = 'C' * offset
+			mod = 'I' * (10 - offset) + nop + 'QZ'    # dec ecx,,, push ecx, pop edx
+			edxmod = 'J' * (11 - offset)
+		else
+			mod = 'A' * (offset - 10)
+			nop = 'C' * (10 - mod.length)
+			mod << nop + 'QZ'
+			edxmod = 'B' * (11 - (offset - 10))
+		end
+		regprefix = {
+			'EAX'   => 'PY' + mod,                        # push eax, pop ecx
+			'ECX'   => 'I' + mod,                         # dec ecx
+			'EDX'   =>  edxmod + nop + 'RY',  			  # mod edx,,, push edx, pop ecx
+			'EBX'   => 'SY' + mod,                        # push ebx, pop ecx
+			'ESP'   => 'TY' + mod,                        # push esp, pop ecx
+			'EBP'   => 'UY' + mod,                        # push ebp, pop ecx
+			'ESI'   => 'VY' + mod,                        # push esi, pop ecx
+			'EDI'   => 'WY' + mod,                        # push edi, pop edi
+		}
+		reg.upcase!
+		if (not regprefix.keys.include? reg)
+			raise ArgumentError.new("Invalid register name")
+		end
+		return regprefix[reg]
+	end
+	def self.gen_decoder(reg, offset)
+		decoder =
+			gen_decoder_prefix(reg, offset) +
+			"V" +           # push esi
+			"T" +           # push esp
+			"X" +           # pop eax
+			"30" +          # xor esi, [eax]
+			"V" +           # push esi
+			"X" +           # pop eax
+			"4A" +          # xor al, 41
+			"P" +           # push eax
+			"0A3" +         # xor [ecx+33], al
+			"H" +           # dec eax
+			"H" +           # dec eax
+			"0A0" +         # xor [ecx+30], al
+			"0AB" +         # xor [ecx+42], al
+			"A" +           # inc ecx   <---------------
+			"A" +           # inc ecx                   |
+			"B" +           # inc edx                   |
+			"TAAQ" +        # imul eax, [ecx+41], 10 *  |
+			"2AB" +         # xor al [ecx+42]           |
+			"2BB" +         # xor al, [edx+42]          |
+			"0BB" +         # xor [edx+42], al          |
+			"X" +           # pop eax                   |
+			"P" +           # push eax                  |
+			"8AC" +         # cmp [ecx+43], al          |
+			"JJ" +          # jnz * --------------------
+			"I"             # first encoded char, fixes the above J
+		return decoder
+	end
+end end end end