RubyGems - librex - Versions diffs - 0.0.1 - Mend

librex 0.0.1

Files changed (370) hide show

data/README +4 -0
data/lib/rex.rb +101 -0
data/lib/rex.rb.ts.rb +70 -0
data/lib/rex/LICENSE +29 -0
data/lib/rex/arch.rb +103 -0
data/lib/rex/arch/sparc.rb +75 -0
data/lib/rex/arch/sparc.rb.ut.rb +18 -0
data/lib/rex/arch/x86.rb +513 -0
data/lib/rex/arch/x86.rb.ut.rb +93 -0
data/lib/rex/assembly/nasm.rb +100 -0
data/lib/rex/assembly/nasm.rb.ut.rb +22 -0
data/lib/rex/codepage.map +104 -0
data/lib/rex/compat.rb +281 -0
data/lib/rex/constants.rb +113 -0
data/lib/rex/elfparsey.rb +11 -0
data/lib/rex/elfparsey/elf.rb +123 -0
data/lib/rex/elfparsey/elfbase.rb +260 -0
data/lib/rex/elfparsey/exceptions.rb +27 -0
data/lib/rex/elfscan.rb +12 -0
data/lib/rex/elfscan/scanner.rb +207 -0
data/lib/rex/elfscan/search.rb +46 -0
data/lib/rex/encoder/alpha2.rb +31 -0
data/lib/rex/encoder/alpha2/alpha_mixed.rb +68 -0
data/lib/rex/encoder/alpha2/alpha_upper.rb +79 -0
data/lib/rex/encoder/alpha2/generic.rb +113 -0
data/lib/rex/encoder/alpha2/unicode_mixed.rb +117 -0
data/lib/rex/encoder/alpha2/unicode_upper.rb +129 -0
data/lib/rex/encoder/ndr.rb +89 -0
data/lib/rex/encoder/ndr.rb.ut.rb +44 -0
data/lib/rex/encoder/nonalpha.rb +61 -0
data/lib/rex/encoder/nonupper.rb +64 -0
data/lib/rex/encoder/xdr.rb +106 -0
data/lib/rex/encoder/xdr.rb.ut.rb +29 -0
data/lib/rex/encoder/xor.rb +69 -0
data/lib/rex/encoder/xor/dword.rb +13 -0
data/lib/rex/encoder/xor/dword_additive.rb +13 -0
data/lib/rex/encoders/xor_dword.rb +35 -0
data/lib/rex/encoders/xor_dword_additive.rb +53 -0
data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +12 -0
data/lib/rex/encoding/xor.rb +20 -0
data/lib/rex/encoding/xor.rb.ts.rb +14 -0
data/lib/rex/encoding/xor/byte.rb +15 -0
data/lib/rex/encoding/xor/byte.rb.ut.rb +21 -0
data/lib/rex/encoding/xor/dword.rb +21 -0
data/lib/rex/encoding/xor/dword.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/dword_additive.rb +92 -0
data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/exceptions.rb +17 -0
data/lib/rex/encoding/xor/generic.rb +146 -0
data/lib/rex/encoding/xor/generic.rb.ut.rb +120 -0
data/lib/rex/encoding/xor/qword.rb +15 -0
data/lib/rex/encoding/xor/word.rb +21 -0
data/lib/rex/encoding/xor/word.rb.ut.rb +13 -0
data/lib/rex/exceptions.rb +275 -0
data/lib/rex/exceptions.rb.ut.rb +44 -0
data/lib/rex/exploitation/cmdstager.rb +133 -0
data/lib/rex/exploitation/egghunter.rb +143 -0
data/lib/rex/exploitation/egghunter.rb.ut.rb +25 -0
data/lib/rex/exploitation/encryptjs.rb +77 -0
data/lib/rex/exploitation/heaplib.js.b64 +331 -0
data/lib/rex/exploitation/heaplib.rb +94 -0
data/lib/rex/exploitation/javascriptosdetect.rb +735 -0
data/lib/rex/exploitation/obfuscatejs.rb +335 -0
data/lib/rex/exploitation/opcodedb.rb +818 -0
data/lib/rex/exploitation/opcodedb.rb.ut.rb +279 -0
data/lib/rex/exploitation/seh.rb +92 -0
data/lib/rex/exploitation/seh.rb.ut.rb +19 -0
data/lib/rex/file.rb +84 -0
data/lib/rex/file.rb.ut.rb +16 -0
data/lib/rex/image_source.rb +12 -0
data/lib/rex/image_source/disk.rb +60 -0
data/lib/rex/image_source/image_source.rb +46 -0
data/lib/rex/image_source/memory.rb +37 -0
data/lib/rex/io/bidirectional_pipe.rb +157 -0
data/lib/rex/io/datagram_abstraction.rb +35 -0
data/lib/rex/io/stream.rb +313 -0
data/lib/rex/io/stream_abstraction.rb +186 -0
data/lib/rex/io/stream_server.rb +211 -0
data/lib/rex/job_container.rb +202 -0
data/lib/rex/logging.rb +4 -0
data/lib/rex/logging/log_dispatcher.rb +179 -0
data/lib/rex/logging/log_sink.rb +42 -0
data/lib/rex/logging/sinks/flatfile.rb +55 -0
data/lib/rex/logging/sinks/stderr.rb +43 -0
data/lib/rex/machparsey.rb +9 -0
data/lib/rex/machparsey/exceptions.rb +34 -0
data/lib/rex/machparsey/mach.rb +209 -0
data/lib/rex/machparsey/machbase.rb +408 -0
data/lib/rex/machscan.rb +9 -0
data/lib/rex/machscan/scanner.rb +217 -0
data/lib/rex/mime.rb +9 -0
data/lib/rex/mime/header.rb +75 -0
data/lib/rex/mime/message.rb +112 -0
data/lib/rex/mime/part.rb +20 -0
data/lib/rex/nop/opty2.rb +108 -0
data/lib/rex/nop/opty2.rb.ut.rb +23 -0
data/lib/rex/nop/opty2_tables.rb +300 -0
data/lib/rex/ole.rb +128 -0
data/lib/rex/ole/clsid.rb +47 -0
data/lib/rex/ole/difat.rb +141 -0
data/lib/rex/ole/directory.rb +230 -0
data/lib/rex/ole/direntry.rb +240 -0
data/lib/rex/ole/fat.rb +99 -0
data/lib/rex/ole/header.rb +204 -0
data/lib/rex/ole/minifat.rb +77 -0
data/lib/rex/ole/samples/create_ole.rb +27 -0
data/lib/rex/ole/samples/dir.rb +35 -0
data/lib/rex/ole/samples/dump_stream.rb +34 -0
data/lib/rex/ole/samples/ole_info.rb +23 -0
data/lib/rex/ole/storage.rb +395 -0
data/lib/rex/ole/stream.rb +53 -0
data/lib/rex/ole/substorage.rb +49 -0
data/lib/rex/ole/util.rb +157 -0
data/lib/rex/parser/arguments.rb +97 -0
data/lib/rex/parser/arguments.rb.ut.rb +67 -0
data/lib/rex/parser/ini.rb +185 -0
data/lib/rex/parser/ini.rb.ut.rb +29 -0
data/lib/rex/parser/nmap_xml.rb +111 -0
data/lib/rex/payloads.rb +1 -0
data/lib/rex/payloads/win32.rb +2 -0
data/lib/rex/payloads/win32/common.rb +26 -0
data/lib/rex/payloads/win32/kernel.rb +53 -0
data/lib/rex/payloads/win32/kernel/common.rb +54 -0
data/lib/rex/payloads/win32/kernel/migration.rb +12 -0
data/lib/rex/payloads/win32/kernel/recovery.rb +50 -0
data/lib/rex/payloads/win32/kernel/stager.rb +171 -0
data/lib/rex/peparsey.rb +12 -0
data/lib/rex/peparsey/exceptions.rb +32 -0
data/lib/rex/peparsey/pe.rb +188 -0
data/lib/rex/peparsey/pe_memdump.rb +63 -0
data/lib/rex/peparsey/pebase.rb +1655 -0
data/lib/rex/peparsey/section.rb +136 -0
data/lib/rex/pescan.rb +13 -0
data/lib/rex/pescan/analyze.rb +309 -0
data/lib/rex/pescan/scanner.rb +206 -0
data/lib/rex/pescan/search.rb +56 -0
data/lib/rex/platforms.rb +1 -0
data/lib/rex/platforms/windows.rb +51 -0
data/lib/rex/poly.rb +132 -0
data/lib/rex/poly/block.rb +468 -0
data/lib/rex/poly/register.rb +100 -0
data/lib/rex/poly/register/x86.rb +40 -0
data/lib/rex/post.rb +8 -0
data/lib/rex/post/dir.rb +51 -0
data/lib/rex/post/file.rb +172 -0
data/lib/rex/post/file_stat.rb +220 -0
data/lib/rex/post/gen.pl +13 -0
data/lib/rex/post/io.rb +182 -0
data/lib/rex/post/meterpreter.rb +4 -0
data/lib/rex/post/meterpreter/channel.rb +438 -0
data/lib/rex/post/meterpreter/channel_container.rb +54 -0
data/lib/rex/post/meterpreter/channels/pool.rb +160 -0
data/lib/rex/post/meterpreter/channels/pools/file.rb +62 -0
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +103 -0
data/lib/rex/post/meterpreter/channels/stream.rb +87 -0
data/lib/rex/post/meterpreter/client.rb +335 -0
data/lib/rex/post/meterpreter/client_core.rb +274 -0
data/lib/rex/post/meterpreter/dependencies.rb +3 -0
data/lib/rex/post/meterpreter/extension.rb +32 -0
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +58 -0
data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +16 -0
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +94 -0
data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +21 -0
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +118 -0
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +61 -0
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +104 -0
data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +28 -0
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +100 -0
data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +24 -0
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +333 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +273 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +235 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +103 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +48 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +144 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +73 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +56 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +137 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +192 -0
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +139 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +97 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +184 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +41 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +61 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +361 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +129 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +55 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +336 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +141 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +279 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +182 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +102 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +174 -0
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +185 -0
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +227 -0
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +30 -0
data/lib/rex/post/meterpreter/object_aliases.rb +83 -0
data/lib/rex/post/meterpreter/packet.rb +596 -0
data/lib/rex/post/meterpreter/packet_dispatcher.rb +409 -0
data/lib/rex/post/meterpreter/packet_parser.rb +94 -0
data/lib/rex/post/meterpreter/packet_response_waiter.rb +83 -0
data/lib/rex/post/meterpreter/ui/console.rb +135 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +62 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +595 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +108 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +241 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +61 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +98 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +51 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +132 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +187 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +63 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +376 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +270 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +484 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +315 -0
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +95 -0
data/lib/rex/post/permission.rb +26 -0
data/lib/rex/post/process.rb +57 -0
data/lib/rex/post/thread.rb +57 -0
data/lib/rex/post/ui.rb +52 -0
data/lib/rex/proto.rb +12 -0
data/lib/rex/proto.rb.ts.rb +8 -0
data/lib/rex/proto/dcerpc.rb +6 -0
data/lib/rex/proto/dcerpc.rb.ts.rb +9 -0
data/lib/rex/proto/dcerpc/client.rb +358 -0
data/lib/rex/proto/dcerpc/client.rb.ut.rb +491 -0
data/lib/rex/proto/dcerpc/exceptions.rb +150 -0
data/lib/rex/proto/dcerpc/handle.rb +47 -0
data/lib/rex/proto/dcerpc/handle.rb.ut.rb +85 -0
data/lib/rex/proto/dcerpc/ndr.rb +72 -0
data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +41 -0
data/lib/rex/proto/dcerpc/packet.rb +253 -0
data/lib/rex/proto/dcerpc/packet.rb.ut.rb +56 -0
data/lib/rex/proto/dcerpc/response.rb +186 -0
data/lib/rex/proto/dcerpc/response.rb.ut.rb +15 -0
data/lib/rex/proto/dcerpc/uuid.rb +84 -0
data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +46 -0
data/lib/rex/proto/drda.rb +5 -0
data/lib/rex/proto/drda.rb.ts.rb +17 -0
data/lib/rex/proto/drda/constants.rb +49 -0
data/lib/rex/proto/drda/constants.rb.ut.rb +23 -0
data/lib/rex/proto/drda/packet.rb +252 -0
data/lib/rex/proto/drda/packet.rb.ut.rb +109 -0
data/lib/rex/proto/drda/utils.rb +123 -0
data/lib/rex/proto/drda/utils.rb.ut.rb +84 -0
data/lib/rex/proto/http.rb +5 -0
data/lib/rex/proto/http.rb.ts.rb +12 -0
data/lib/rex/proto/http/client.rb +817 -0
data/lib/rex/proto/http/client.rb.ut.rb +93 -0
data/lib/rex/proto/http/handler.rb +46 -0
data/lib/rex/proto/http/handler/erb.rb +128 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb +21 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +1 -0
data/lib/rex/proto/http/handler/proc.rb +54 -0
data/lib/rex/proto/http/handler/proc.rb.ut.rb +24 -0
data/lib/rex/proto/http/header.rb +161 -0
data/lib/rex/proto/http/header.rb.ut.rb +46 -0
data/lib/rex/proto/http/packet.rb +394 -0
data/lib/rex/proto/http/packet.rb.ut.rb +165 -0
data/lib/rex/proto/http/request.rb +356 -0
data/lib/rex/proto/http/request.rb.ut.rb +214 -0
data/lib/rex/proto/http/response.rb +85 -0
data/lib/rex/proto/http/response.rb.ut.rb +149 -0
data/lib/rex/proto/http/server.rb +367 -0
data/lib/rex/proto/http/server.rb.ut.rb +79 -0
data/lib/rex/proto/smb.rb +7 -0
data/lib/rex/proto/smb.rb.ts.rb +8 -0
data/lib/rex/proto/smb/client.rb +1733 -0
data/lib/rex/proto/smb/client.rb.ut.rb +223 -0
data/lib/rex/proto/smb/constants.rb +1062 -0
data/lib/rex/proto/smb/constants.rb.ut.rb +18 -0
data/lib/rex/proto/smb/crypt.rb +95 -0
data/lib/rex/proto/smb/crypt.rb.ut.rb +20 -0
data/lib/rex/proto/smb/evasions.rb +65 -0
data/lib/rex/proto/smb/exceptions.rb +846 -0
data/lib/rex/proto/smb/simpleclient.rb +292 -0
data/lib/rex/proto/smb/simpleclient.rb.ut.rb +128 -0
data/lib/rex/proto/smb/utils.rb +514 -0
data/lib/rex/proto/smb/utils.rb.ut.rb +20 -0
data/lib/rex/proto/sunrpc.rb +1 -0
data/lib/rex/proto/sunrpc/client.rb +195 -0
data/lib/rex/script.rb +42 -0
data/lib/rex/script/base.rb +59 -0
data/lib/rex/script/meterpreter.rb +9 -0
data/lib/rex/script/shell.rb +9 -0
data/lib/rex/service.rb +48 -0
data/lib/rex/service_manager.rb +141 -0
data/lib/rex/service_manager.rb.ut.rb +32 -0
data/lib/rex/services/local_relay.rb +423 -0
data/lib/rex/socket.rb +586 -0
data/lib/rex/socket.rb.ut.rb +86 -0
data/lib/rex/socket/comm.rb +119 -0
data/lib/rex/socket/comm/local.rb +409 -0
data/lib/rex/socket/comm/local.rb.ut.rb +75 -0
data/lib/rex/socket/ip.rb +129 -0
data/lib/rex/socket/parameters.rb +345 -0
data/lib/rex/socket/parameters.rb.ut.rb +51 -0
data/lib/rex/socket/range_walker.rb +295 -0
data/lib/rex/socket/range_walker.rb.ut.rb +55 -0
data/lib/rex/socket/ssl_tcp.rb +184 -0
data/lib/rex/socket/ssl_tcp.rb.ut.rb +39 -0
data/lib/rex/socket/ssl_tcp_server.rb +122 -0
data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +51 -0
data/lib/rex/socket/subnet_walker.rb +75 -0
data/lib/rex/socket/subnet_walker.rb.ut.rb +28 -0
data/lib/rex/socket/switch_board.rb +272 -0
data/lib/rex/socket/switch_board.rb.ut.rb +52 -0
data/lib/rex/socket/tcp.rb +76 -0
data/lib/rex/socket/tcp.rb.ut.rb +64 -0
data/lib/rex/socket/tcp_server.rb +67 -0
data/lib/rex/socket/tcp_server.rb.ut.rb +44 -0
data/lib/rex/socket/udp.rb +157 -0
data/lib/rex/socket/udp.rb.ut.rb +44 -0
data/lib/rex/struct2.rb +5 -0
data/lib/rex/struct2/c_struct.rb +181 -0
data/lib/rex/struct2/c_struct_template.rb +39 -0
data/lib/rex/struct2/constant.rb +26 -0
data/lib/rex/struct2/element.rb +44 -0
data/lib/rex/struct2/generic.rb +73 -0
data/lib/rex/struct2/restraint.rb +54 -0
data/lib/rex/struct2/s_string.rb +72 -0
data/lib/rex/struct2/s_struct.rb +111 -0
data/lib/rex/sync.rb +6 -0
data/lib/rex/sync/event.rb +94 -0
data/lib/rex/sync/read_write_lock.rb +176 -0
data/lib/rex/sync/ref.rb +57 -0
data/lib/rex/sync/thread_safe.rb +82 -0
data/lib/rex/test.rb +35 -0
data/lib/rex/text.rb +1029 -0
data/lib/rex/text.rb.ut.rb +168 -0
data/lib/rex/time.rb +65 -0
data/lib/rex/transformer.rb +115 -0
data/lib/rex/transformer.rb.ut.rb +38 -0
data/lib/rex/ui.rb +21 -0
data/lib/rex/ui/interactive.rb +252 -0
data/lib/rex/ui/output.rb +80 -0
data/lib/rex/ui/output/none.rb +18 -0
data/lib/rex/ui/progress_tracker.rb +96 -0
data/lib/rex/ui/subscriber.rb +149 -0
data/lib/rex/ui/text/color.rb +97 -0
data/lib/rex/ui/text/color.rb.ut.rb +18 -0
data/lib/rex/ui/text/dispatcher_shell.rb +382 -0
data/lib/rex/ui/text/input.rb +117 -0
data/lib/rex/ui/text/input/buffer.rb +75 -0
data/lib/rex/ui/text/input/readline.rb +129 -0
data/lib/rex/ui/text/input/socket.rb +95 -0
data/lib/rex/ui/text/input/stdio.rb +45 -0
data/lib/rex/ui/text/irb_shell.rb +55 -0
data/lib/rex/ui/text/output.rb +80 -0
data/lib/rex/ui/text/output/buffer.rb +65 -0
data/lib/rex/ui/text/output/file.rb +37 -0
data/lib/rex/ui/text/output/socket.rb +43 -0
data/lib/rex/ui/text/output/stdio.rb +40 -0
data/lib/rex/ui/text/progress_tracker.rb +56 -0
data/lib/rex/ui/text/progress_tracker.rb.ut.rb +34 -0
data/lib/rex/ui/text/shell.rb +321 -0
data/lib/rex/ui/text/table.rb +254 -0
data/lib/rex/ui/text/table.rb.ut.rb +55 -0
data/lib/rex/zip.rb +93 -0
data/lib/rex/zip/archive.rb +91 -0
data/lib/rex/zip/blocks.rb +182 -0
data/lib/rex/zip/entry.rb +95 -0
data/lib/rex/zip/samples/comment.rb +32 -0
data/lib/rex/zip/samples/mkwar.rb +138 -0
data/lib/rex/zip/samples/mkzip.rb +19 -0
data/lib/rex/zip/samples/recursive.rb +58 -0
metadata +435 -0

data/lib/rex/proto/drda/constants.rb.ut.rb ADDED

@@ -0,0 +1,23 @@
+#!/usr/bin/env ruby
+$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
+require 'rex/test'
+require 'rex/proto/drda/constants'
+class Rex::Proto::DRDA::Constants::UnitTest < Test::Unit::TestCase
+	Konst = Rex::Proto::DRDA::Constants
+	def test_defines
+		assert_equal(Konst::EXCSAT, 0x1041)
+		assert_equal(Konst::MGRLVLLS, 0x1404)
+		assert_equal(Konst::SECCHKCD, 0x11a4)
+	end
+	def test_const_values
+		assert_kind_of(Array, Konst.const_values)
+		assert Konst.const_values.include? Konst::EXCSAT
+	end
+end

data/lib/rex/proto/drda/packet.rb ADDED

@@ -0,0 +1,252 @@
+require 'rex/proto/drda'
+module Rex
+module Proto
+module DRDA
+class Error < StandardError; end
+class RespError < Error; end
+# See:
+# http://publib.boulder.ibm.com/infocenter/dzichelp/v2r2/index.jsp?topic=/com.ibm.db29.doc.drda/db2z_excsat.htm
+class MGRLVLLS_PARAM < Struct.new(:length, :codepoint, :payload)
+	def initialize(args={})
+		self[:codepoint] = Constants::MGRLVLLS
+		self[:payload] = "\x14\x03\x00\x0a\x24\x07\x00\x0a" +
+			"\x14\x74\x00\x05\x24\x0f\x00\x08" +
+			"\x14\x40\x00\x09\x1c\x08\x04\xb8"
+		self[:length] = self[:payload].to_s.size+4
+	end
+	def to_s
+		self.to_a.pack("nna*")
+	end
+end
+# Currently, only takes a MGRLVLLS param. Extend the struct
+# when more parameters are defined.
+class EXCSAT_DDM < Struct.new(:length, :magic, :format, :correlid, :length2,
+	 :codepoint, :mgrlvlls)
+	def initialize(args={})
+		self[:magic] = 0xd0
+		self[:format] = 0x41
+		self[:correlid] = 1
+		self[:codepoint] = Constants::EXCSAT
+		self[:mgrlvlls] = args[:mgrlvlls] || MGRLVLLS_PARAM.new.to_s
+		self[:length] = (10 + self[:mgrlvlls].to_s.size)
+		self[:length2] = self[:length]-6
+	end
+	def to_s
+		packstr = "nCCnnn"
+		packstr += "a*"  # Pack smarter as more params are added.
+		self.to_a.pack(packstr)
+	end
+end
+# See http://publib.boulder.ibm.com/infocenter/dzichelp/v2r2/index.jsp?topic=/com.ibm.db29.doc.drda/db2z_accsec.htm
+# for all sorts of info about SECMEC.
+class SECMEC_PARAM < Struct.new(:length, :codepoint, :payload)
+	def initialize(args={})
+		self[:length] = 6
+		self[:codepoint] = Constants::SECMEC
+		self[:payload] = 3 # Plaintext username and password.
+	end
+	def to_s
+		self.to_a.pack("nnn")
+	end
+end
+# Relational Database name parameter.
+class RDBNAM_PARAM < Struct.new(:length, :codepoint, :payload)
+	def initialize(args={})
+		self[:length] = 22 # Since the database name is padded out.
+		self[:codepoint] = Constants::RDBNAM
+		self[:payload] = encode(args[:payload].to_s)
+	end
+	def encode(str)
+		Rex::Text.to_ebcdic([str].pack("A18"))
+	end
+	def payload=(str)
+		self[:payload] = encode(str.to_s)
+	end
+	def to_s
+		self.to_a.pack("nna18")
+	end
+end
+# The ACCSEC DDM is responsible for picking the security mechanism (SECMEC)
+# which, in our case, will always be plain text username and password. It
+# also sets the relational database name (RDBNAM), if specified. You need
+# one to login, but not to probe.
+class ACCSEC_DDM < Struct.new(:length, :magic, :format, :correlid, :length2,
+	 :codepoint, :secmec, :rdbnam)
+	def initialize(args={})
+		self[:magic] = 0xd0
+		self[:format] = args[:format] || 0x01
+		self[:correlid] = 2
+		self[:codepoint] = Constants::ACCSEC
+		self[:secmec] = SECMEC_PARAM.new.to_s
+		if args[:dbname] # Include a database name if we're given one.
+			self[:rdbnam] = RDBNAM_PARAM.new(:payload => args[:dbname]).to_s
+		end
+		self[:length] =  10 + self[:secmec].to_s.size + self[:rdbnam].to_s.size
+		self[:length2] = self[:length]-6
+	end
+	def dbname=(str)
+		self[:rdbnam] = RDBNAM_PARAM.new(:payload => args[:dbname]).to_s
+	end
+	def to_s
+		packstr = "nCCnnna6"
+		packstr += "a22" if self[:rdbnam]
+		self.to_a.pack(packstr)
+	end
+end
+class DDM_PARAM < Struct.new(:length, :codepoint, :payload)
+	def read(str="")
+		raise DRDA::Error, "Input isn't a String." if !str.kind_of? String
+		raise DRDA::RespError, "DDM_PARAM is too short" if str.size < 4
+		(self[:length], self[:codepoint]) =
+			str.unpack("nn")
+		raise DRDA::RespError, "DDM_PARAM Length is too short" if self[:length] < 4
+		rest = str[4,self[:length]-4] # If it's negative or whatever, it'll end up as "".
+		self[:payload] = rest.to_s[0,self[:length]-4]
+		return self
+	end
+	def to_s
+		self.to_a.pack("nna*")
+	end
+end
+class BASIC_DDM < Struct.new(:length, :magic, :format, :correlid,
+	:length2, :codepoint, :payload)
+	def initialize
+		self[:payload] = []
+	end
+	def read(str="")
+		self[:payload].clear
+		raise DRDA::Error, "Input isn't a String." if !str.kind_of? String
+		raise DRDA::RespError, "Response is too short." if str.size < 10
+		(self[:length],self[:magic],self[:format],
+		 self[:correlid],self[:length2],self[:codepoint]) =
+		 str.unpack("nCCnnn")
+		sanity_check
+		rest = str[10,self[:length2]-4]
+		i = 0
+		while (i < rest.size)
+			if self[:codepoint] == Constants::SQLCARD # These aren't DDM's.
+				this_param = rest[i,self[:length]-10]
+			else
+				this_param = DDM_PARAM.new.read(rest[i,rest.size])
+			end
+			self[:payload] << this_param
+			i += this_param.to_s.size
+		end
+		return self
+	end
+	# Just a quick test.
+	def sanity_check
+		if self[:length] < 10
+			raise DRDA::RespError, "DDM Length is too short."
+		elsif self[:length2] < 4
+			raise DRDA::RespError, "DDM Length2 is too short."
+		elsif self[:length]-6 != self[:length2]
+			raise DRDA::RespError, "Codepoint: 0x#{self[:codepoint].to_s(16)} DDM Length2 (0x#{self[:length2].to_s(16)}) isn't six less than Length (0x#{self[:length].to_s(16)})"
+		end
+	end
+	def to_s
+		self.to_a.pack("nCCnnn") + self[:payload].map {|x| x.to_s}.join
+	end
+end
+class SERVER_PACKET < Array
+	def read(str="")
+		raise DRDA::Error, "Input isn't a String." if !str.kind_of? String
+		self.clear
+		i = 0
+		while(i < str.size)
+			this_ddm = BASIC_DDM.new.read(str[i,str.size])
+			self << this_ddm
+			i += this_ddm.to_s.size
+		end
+		return self
+	end
+	def to_s; self.join; end
+	def sz; self.to_s.size; end
+end
+class PASSWORD_PARAM < Struct.new(:length, :codepoint, :payload)
+	def initialize(args={})
+		self[:codepoint] = Constants::PASSWORD
+		self[:payload] = Rex::Text.to_ebcdic(args[:payload].to_s)
+		self[:length] = self[:payload].size + 4
+	end
+	def encode(str)
+		Rex::Text.to_ebcdic(str)
+	end
+	def to_s
+		self.to_a.pack("nna*")
+	end
+end
+class USERID_PARAM < Struct.new(:length, :codepoint, :payload)
+	def initialize(args={})
+		self[:codepoint] = Constants::USERID
+		self[:payload] = Rex::Text.to_ebcdic(args[:payload].to_s)
+		self[:length] = self[:payload].size + 4
+	end
+	def encode(str)
+		Rex::Text.to_ebcdic(str)
+	end
+	def to_s
+		self.to_a.pack("nna*")
+	end
+end
+class SECCHK_DDM < Struct.new(:length, :magic, :format, :correlid, :length2,
+	:codepoint, :secmec, :rdbnam, :password, :userid)
+	def initialize(args={}) # Takes :dbname, :dbpass, :dbuser
+		self[:magic] = 0xd0
+		self[:format] = 0x01
+		self[:correlid] = 2
+		self[:codepoint] = Constants::SECCHK
+		self[:secmec] = SECMEC_PARAM.new.to_s
+		if args[:dbname] # Include a database name if we're given one.
+			self[:rdbnam] = RDBNAM_PARAM.new(:payload => args[:dbname]).to_s
+		end
+		self[:password] = PASSWORD_PARAM.new(:payload => args[:dbpass]).to_s
+		self[:userid] = USERID_PARAM.new(:payload => args[:dbuser]).to_s
+		self[:length] = ( 10 + self[:secmec].to_s.size + self[:rdbnam].to_s.size +
+					 self[:password].to_s.size + self[:userid].to_s.size )
+		self[:length2] = self[:length]-6
+	end
+	def dbname=(str)
+		self[:rdbnam] = RDBNAM_PARAM.new(:payload => args[:dbname]).to_s
+	end
+	def to_s
+		packstr = "nCCnnna6"
+		packstr += "a22" if self[:rdbnam]
+		packstr += "a*a*" # username and password
+		self.to_a.pack(packstr)
+	end
+end
+end
+end
+end

data/lib/rex/proto/drda/packet.rb.ut.rb ADDED

@@ -0,0 +1,109 @@
+#!/usr/bin/env ruby
+$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
+require 'rex/test'
+require 'rex/proto/drda/packet'
+class Rex::Proto::DRDA::UnitTest < Test::Unit::TestCase
+	Klass = Rex::Proto::DRDA
+	Konst = Rex::Proto::DRDA::Constants
+	# Test a sample param
+	def test_mgrlvlls_param
+		p = Klass::MGRLVLLS_PARAM.new
+		assert_kind_of(Struct, p)
+		assert_equal(Konst::MGRLVLLS, p.codepoint)
+	end
+	# Test a sample ddm
+	def test_secchk_ddm
+		d = Klass::SECCHK_DDM.new
+		assert_kind_of Struct, d
+		assert_equal Konst::SECCHK, d.codepoint
+	end
+	# All parameter names should have a corresponding codepoint,
+	# except "DDM_PARAM" (a generic parameter).
+	def test_all_param_codepoints
+		params = Klass.constants.map {|x| x if x =~ /PARAM$/}.compact
+		assert_operator params.size, :>=, 6 # Allow for more later.
+		params.each do |p|
+			cp = p.split(/_PARAM/).first
+			next if cp == "DDM"
+			assert Konst.const_defined? cp
+			assert_kind_of Numeric, Konst.const_get(cp)
+		end
+	end
+	# Similarly, so should DDM Structs.
+	def test_all_ddm_codepoints
+		ddms = Klass.constants.map {|x| x if x =~ /DDM$/}.compact
+		assert_operator ddms.size, :>=, 4 # Allow for more later.
+		ddms.each do |p|
+			cp = p.split(/_DDM/).first
+			next if cp == "BASIC"
+			assert_kind_of Numeric, Konst.const_get(cp)
+		end
+	end
+	# Ensure that all params have the same struct.
+	def test_param_struct
+		params = Klass.constants.map {|x| x if x =~ /PARAM$/}.compact
+		params.each do |p|
+			obj = Klass.const_get(p).new
+			assert_equal 3, obj.size
+			assert_respond_to obj, :codepoint
+			assert_respond_to obj, :length
+			assert_respond_to obj, :payload
+		end
+	end
+	# Make some similiar assertions about DDMs, though specific DDMs
+	# will have particular elements after the codepoint, usually more
+	# than one.
+	def test_ddm_struct
+		ddms = Klass.constants.map {|x| x if x =~ /DDM$/}.compact
+		ddms.each do |d|
+			obj = Klass.const_get(d).new
+			assert_operator obj.size, :>=, 7
+			assert_respond_to obj, :length
+			assert_respond_to obj, :magic
+			assert_respond_to obj, :format
+			assert_respond_to obj, :correlid
+			assert_respond_to obj, :length2
+			assert_respond_to obj, :codepoint
+		end
+	end
+	# The server packet is special since it's an Array of BASIC_DDM's,
+	# and doesn't have a particular, fixed struct. (It would be nice
+	# to build those up on the fly, but we're not really interested in
+	# validating most server responses right now.
+	def test_server_packet_structure
+		s = Klass::SERVER_PACKET.new
+		assert_kind_of Array, s
+		assert_respond_to s, :to_s
+		assert_respond_to s, :sz
+		assert_respond_to s, :read
+	end
+	# Exercise the SERVER_PACKET#read function with a sample packet.
+	def test_server_packet_read
+		pkt = "0015d0420001000f1219000611490000000511a4000050d0520002004a2201000611490000000c112ee2d8d3f0f8f0f2f4000d002fd8e3c4e2d8d3e7f8f6000a00350006119c033300062103022e00172135c3f0c1f8f6c1f0f14bc5c6f1f2070402195612008cd0030002008624080000000000303030303053514c303830323400ffffffff0200000000000000030000000000000000000000202020202020202020202000124d59444232444220202020202020202020200000003331ff383139ff4d59555345522020ff4d594442324442ff514442322f4c494e5558ff353538ff353538ff30ff31323038ff30ffff".scan(/../).map {|x| x.to_i(16).chr}.join
+		s = Klass::SERVER_PACKET.new
+		assert_equal 0, s.size
+		s.read(pkt)
+		assert_equal 3, s.size
+		assert_equal Konst::SECCHKRM, s[0].codepoint
+		assert_equal Konst::ACCRDBRM, s[1].codepoint
+		assert_equal Konst::SQLCARD, s[2].codepoint
+		assert_equal 0xd0, s[0].magic
+		assert_equal 0x52, s[1].format
+		assert_equal 134, s[2].length2
+		assert_equal 21+80+140, s.sz
+	end
+end

data/lib/rex/proto/drda/utils.rb ADDED

@@ -0,0 +1,123 @@
+require 'rex/proto/drda'
+module Rex
+module Proto
+module DRDA
+class Utils
+	# Creates a packet with EXCSAT_DDM and an ACCSEC_DDM. This will elicit
+	# a reponse from the target server.
+	def self.client_probe(dbname=nil)
+		pkt = [
+			EXCSAT_DDM.new,
+			ACCSEC_DDM.new(:dbname => dbname)
+		]
+		pkt.map {|x| x.to_s}.join
+	end
+	# Creates a packet with EXCSAT_DDM and an SECCHK_DDM.
+	# In order to ever succeed, you do need a successful probe first.
+	def self.client_auth(args={})
+		dbname = args[:dbname]
+		dbuser = args[:dbuser]
+		dbpass = args[:dbpass]
+		pkt = [
+			ACCSEC_DDM.new(:format => 0x41),
+			SECCHK_DDM.new(:dbname => dbname, :dbuser => dbuser, :dbpass => dbpass)
+		]
+		pkt.map {|x| x.to_s}.join
+	end
+	def self.server_packet_info(obj)
+		info_hash = {}
+		return info_hash unless obj.kind_of? Rex::Proto::DRDA::SERVER_PACKET
+		obj.each do |ddm|
+			case ddm.codepoint
+			when Constants::EXCSATRD
+				info_hash.merge!(_info_excsatrd(ddm))
+			when Constants::ACCSECRD
+				info_hash.merge!(_info_accsecrd(ddm))
+			when Constants::RDBNFNRM
+				info_hash.merge!(_info_rdbnfnrm(ddm))
+			when Constants::SECCHKRM
+				info_hash.merge!(_info_secchkrm(ddm))
+			else
+				next
+			end
+		end
+		return info_hash
+	end
+	def self._info_excsatrd(ddm)
+		info_hash = {:excsatrd => true}
+		ddm.payload.each do |param|
+			case param.codepoint
+			when Constants::SRVNAM
+				info_hash[:instance_name] = Rex::Text.from_ebcdic(param.payload)
+			when Constants::SRVCLSNM
+				info_hash[:platform] = Rex::Text.from_ebcdic(param.payload)
+			when Constants::SRVRLSLV
+				info_hash[:version] = Rex::Text.from_ebcdic(param.payload)
+			else
+				next
+			end
+		end
+	 return info_hash
+	end
+	def self._info_accsecrd(ddm)
+		info_hash = {:accsecrd => true}
+		ddm.payload.each do |param|
+			case param.codepoint
+			when Constants::SECMEC
+				info_hash[:plaintext_auth] = true if param.payload =~ /\x00\x03/
+			when Constants::SECCHKCD
+				info_hash[:security_check_code] = param.payload.unpack("C").first
+				# A little spurious? This is always nonzero when there's no SECCHKRM DDM.
+				info_hash[:db_login_success] = false unless info_hash[:security_check_code].zero?
+			else
+				next
+			end
+		end
+		return info_hash
+	end
+	def self._info_rdbnfnrm(ddm)
+		info_hash = {:rdbnfnrm => true}
+		info_hash[:database_found] = false
+		ddm.payload.each do |param|
+			case param.codepoint
+			when Constants::RDBNAM
+				info_hash[:db_name] = Rex::Text.from_ebcdic(param.payload).unpack("A*").first
+			when Constants::SRVDGN
+				info_hash[:error_message] = Rex::Text.from_ebcdic(param.payload)
+			else
+				next
+			end
+		end
+		return info_hash
+	end
+	def self._info_secchkrm(ddm)
+		info_hash = {:secchkrm => true}
+		ddm.payload.each do |param|
+			case param.codepoint
+			when Constants::SRVCOD
+				info_hash[:severity_code] = param.payload.unpack("n").first
+			when Constants::SECCHKCD
+				info_hash[:security_check_code] = param.payload.unpack("C").first
+			else
+				next
+			end
+		end
+		if info_hash[:serverity].to_i.zero? and info_hash[:security_check_code].to_i.zero?
+			info_hash[:db_login_success] = true
+		end
+		return info_hash
+	end
+end
+end
+end
+end