RubyGems - librex - Versions diffs - 0.0.1 - Mend

librex 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (370) hide show

data/README +4 -0
data/lib/rex.rb +101 -0
data/lib/rex.rb.ts.rb +70 -0
data/lib/rex/LICENSE +29 -0
data/lib/rex/arch.rb +103 -0
data/lib/rex/arch/sparc.rb +75 -0
data/lib/rex/arch/sparc.rb.ut.rb +18 -0
data/lib/rex/arch/x86.rb +513 -0
data/lib/rex/arch/x86.rb.ut.rb +93 -0
data/lib/rex/assembly/nasm.rb +100 -0
data/lib/rex/assembly/nasm.rb.ut.rb +22 -0
data/lib/rex/codepage.map +104 -0
data/lib/rex/compat.rb +281 -0
data/lib/rex/constants.rb +113 -0
data/lib/rex/elfparsey.rb +11 -0
data/lib/rex/elfparsey/elf.rb +123 -0
data/lib/rex/elfparsey/elfbase.rb +260 -0
data/lib/rex/elfparsey/exceptions.rb +27 -0
data/lib/rex/elfscan.rb +12 -0
data/lib/rex/elfscan/scanner.rb +207 -0
data/lib/rex/elfscan/search.rb +46 -0
data/lib/rex/encoder/alpha2.rb +31 -0
data/lib/rex/encoder/alpha2/alpha_mixed.rb +68 -0
data/lib/rex/encoder/alpha2/alpha_upper.rb +79 -0
data/lib/rex/encoder/alpha2/generic.rb +113 -0
data/lib/rex/encoder/alpha2/unicode_mixed.rb +117 -0
data/lib/rex/encoder/alpha2/unicode_upper.rb +129 -0
data/lib/rex/encoder/ndr.rb +89 -0
data/lib/rex/encoder/ndr.rb.ut.rb +44 -0
data/lib/rex/encoder/nonalpha.rb +61 -0
data/lib/rex/encoder/nonupper.rb +64 -0
data/lib/rex/encoder/xdr.rb +106 -0
data/lib/rex/encoder/xdr.rb.ut.rb +29 -0
data/lib/rex/encoder/xor.rb +69 -0
data/lib/rex/encoder/xor/dword.rb +13 -0
data/lib/rex/encoder/xor/dword_additive.rb +13 -0
data/lib/rex/encoders/xor_dword.rb +35 -0
data/lib/rex/encoders/xor_dword_additive.rb +53 -0
data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +12 -0
data/lib/rex/encoding/xor.rb +20 -0
data/lib/rex/encoding/xor.rb.ts.rb +14 -0
data/lib/rex/encoding/xor/byte.rb +15 -0
data/lib/rex/encoding/xor/byte.rb.ut.rb +21 -0
data/lib/rex/encoding/xor/dword.rb +21 -0
data/lib/rex/encoding/xor/dword.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/dword_additive.rb +92 -0
data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/exceptions.rb +17 -0
data/lib/rex/encoding/xor/generic.rb +146 -0
data/lib/rex/encoding/xor/generic.rb.ut.rb +120 -0
data/lib/rex/encoding/xor/qword.rb +15 -0
data/lib/rex/encoding/xor/word.rb +21 -0
data/lib/rex/encoding/xor/word.rb.ut.rb +13 -0
data/lib/rex/exceptions.rb +275 -0
data/lib/rex/exceptions.rb.ut.rb +44 -0
data/lib/rex/exploitation/cmdstager.rb +133 -0
data/lib/rex/exploitation/egghunter.rb +143 -0
data/lib/rex/exploitation/egghunter.rb.ut.rb +25 -0
data/lib/rex/exploitation/encryptjs.rb +77 -0
data/lib/rex/exploitation/heaplib.js.b64 +331 -0
data/lib/rex/exploitation/heaplib.rb +94 -0
data/lib/rex/exploitation/javascriptosdetect.rb +735 -0
data/lib/rex/exploitation/obfuscatejs.rb +335 -0
data/lib/rex/exploitation/opcodedb.rb +818 -0
data/lib/rex/exploitation/opcodedb.rb.ut.rb +279 -0
data/lib/rex/exploitation/seh.rb +92 -0
data/lib/rex/exploitation/seh.rb.ut.rb +19 -0
data/lib/rex/file.rb +84 -0
data/lib/rex/file.rb.ut.rb +16 -0
data/lib/rex/image_source.rb +12 -0
data/lib/rex/image_source/disk.rb +60 -0
data/lib/rex/image_source/image_source.rb +46 -0
data/lib/rex/image_source/memory.rb +37 -0
data/lib/rex/io/bidirectional_pipe.rb +157 -0
data/lib/rex/io/datagram_abstraction.rb +35 -0
data/lib/rex/io/stream.rb +313 -0
data/lib/rex/io/stream_abstraction.rb +186 -0
data/lib/rex/io/stream_server.rb +211 -0
data/lib/rex/job_container.rb +202 -0
data/lib/rex/logging.rb +4 -0
data/lib/rex/logging/log_dispatcher.rb +179 -0
data/lib/rex/logging/log_sink.rb +42 -0
data/lib/rex/logging/sinks/flatfile.rb +55 -0
data/lib/rex/logging/sinks/stderr.rb +43 -0
data/lib/rex/machparsey.rb +9 -0
data/lib/rex/machparsey/exceptions.rb +34 -0
data/lib/rex/machparsey/mach.rb +209 -0
data/lib/rex/machparsey/machbase.rb +408 -0
data/lib/rex/machscan.rb +9 -0
data/lib/rex/machscan/scanner.rb +217 -0
data/lib/rex/mime.rb +9 -0
data/lib/rex/mime/header.rb +75 -0
data/lib/rex/mime/message.rb +112 -0
data/lib/rex/mime/part.rb +20 -0
data/lib/rex/nop/opty2.rb +108 -0
data/lib/rex/nop/opty2.rb.ut.rb +23 -0
data/lib/rex/nop/opty2_tables.rb +300 -0
data/lib/rex/ole.rb +128 -0
data/lib/rex/ole/clsid.rb +47 -0
data/lib/rex/ole/difat.rb +141 -0
data/lib/rex/ole/directory.rb +230 -0
data/lib/rex/ole/direntry.rb +240 -0
data/lib/rex/ole/fat.rb +99 -0
data/lib/rex/ole/header.rb +204 -0
data/lib/rex/ole/minifat.rb +77 -0
data/lib/rex/ole/samples/create_ole.rb +27 -0
data/lib/rex/ole/samples/dir.rb +35 -0
data/lib/rex/ole/samples/dump_stream.rb +34 -0
data/lib/rex/ole/samples/ole_info.rb +23 -0
data/lib/rex/ole/storage.rb +395 -0
data/lib/rex/ole/stream.rb +53 -0
data/lib/rex/ole/substorage.rb +49 -0
data/lib/rex/ole/util.rb +157 -0
data/lib/rex/parser/arguments.rb +97 -0
data/lib/rex/parser/arguments.rb.ut.rb +67 -0
data/lib/rex/parser/ini.rb +185 -0
data/lib/rex/parser/ini.rb.ut.rb +29 -0
data/lib/rex/parser/nmap_xml.rb +111 -0
data/lib/rex/payloads.rb +1 -0
data/lib/rex/payloads/win32.rb +2 -0
data/lib/rex/payloads/win32/common.rb +26 -0
data/lib/rex/payloads/win32/kernel.rb +53 -0
data/lib/rex/payloads/win32/kernel/common.rb +54 -0
data/lib/rex/payloads/win32/kernel/migration.rb +12 -0
data/lib/rex/payloads/win32/kernel/recovery.rb +50 -0
data/lib/rex/payloads/win32/kernel/stager.rb +171 -0
data/lib/rex/peparsey.rb +12 -0
data/lib/rex/peparsey/exceptions.rb +32 -0
data/lib/rex/peparsey/pe.rb +188 -0
data/lib/rex/peparsey/pe_memdump.rb +63 -0
data/lib/rex/peparsey/pebase.rb +1655 -0
data/lib/rex/peparsey/section.rb +136 -0
data/lib/rex/pescan.rb +13 -0
data/lib/rex/pescan/analyze.rb +309 -0
data/lib/rex/pescan/scanner.rb +206 -0
data/lib/rex/pescan/search.rb +56 -0
data/lib/rex/platforms.rb +1 -0
data/lib/rex/platforms/windows.rb +51 -0
data/lib/rex/poly.rb +132 -0
data/lib/rex/poly/block.rb +468 -0
data/lib/rex/poly/register.rb +100 -0
data/lib/rex/poly/register/x86.rb +40 -0
data/lib/rex/post.rb +8 -0
data/lib/rex/post/dir.rb +51 -0
data/lib/rex/post/file.rb +172 -0
data/lib/rex/post/file_stat.rb +220 -0
data/lib/rex/post/gen.pl +13 -0
data/lib/rex/post/io.rb +182 -0
data/lib/rex/post/meterpreter.rb +4 -0
data/lib/rex/post/meterpreter/channel.rb +438 -0
data/lib/rex/post/meterpreter/channel_container.rb +54 -0
data/lib/rex/post/meterpreter/channels/pool.rb +160 -0
data/lib/rex/post/meterpreter/channels/pools/file.rb +62 -0
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +103 -0
data/lib/rex/post/meterpreter/channels/stream.rb +87 -0
data/lib/rex/post/meterpreter/client.rb +335 -0
data/lib/rex/post/meterpreter/client_core.rb +274 -0
data/lib/rex/post/meterpreter/dependencies.rb +3 -0
data/lib/rex/post/meterpreter/extension.rb +32 -0
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +58 -0
data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +16 -0
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +94 -0
data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +21 -0
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +118 -0
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +61 -0
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +104 -0
data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +28 -0
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +100 -0
data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +24 -0
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +333 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +273 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +235 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +103 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +48 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +144 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +73 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +56 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +137 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +192 -0
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +139 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +97 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +184 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +41 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +61 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +361 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +129 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +55 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +336 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +141 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +279 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +182 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +102 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +174 -0
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +185 -0
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +227 -0
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +30 -0
data/lib/rex/post/meterpreter/object_aliases.rb +83 -0
data/lib/rex/post/meterpreter/packet.rb +596 -0
data/lib/rex/post/meterpreter/packet_dispatcher.rb +409 -0
data/lib/rex/post/meterpreter/packet_parser.rb +94 -0
data/lib/rex/post/meterpreter/packet_response_waiter.rb +83 -0
data/lib/rex/post/meterpreter/ui/console.rb +135 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +62 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +595 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +108 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +241 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +61 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +98 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +51 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +132 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +187 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +63 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +376 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +270 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +484 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +315 -0
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +95 -0
data/lib/rex/post/permission.rb +26 -0
data/lib/rex/post/process.rb +57 -0
data/lib/rex/post/thread.rb +57 -0
data/lib/rex/post/ui.rb +52 -0
data/lib/rex/proto.rb +12 -0
data/lib/rex/proto.rb.ts.rb +8 -0
data/lib/rex/proto/dcerpc.rb +6 -0
data/lib/rex/proto/dcerpc.rb.ts.rb +9 -0
data/lib/rex/proto/dcerpc/client.rb +358 -0
data/lib/rex/proto/dcerpc/client.rb.ut.rb +491 -0
data/lib/rex/proto/dcerpc/exceptions.rb +150 -0
data/lib/rex/proto/dcerpc/handle.rb +47 -0
data/lib/rex/proto/dcerpc/handle.rb.ut.rb +85 -0
data/lib/rex/proto/dcerpc/ndr.rb +72 -0
data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +41 -0
data/lib/rex/proto/dcerpc/packet.rb +253 -0
data/lib/rex/proto/dcerpc/packet.rb.ut.rb +56 -0
data/lib/rex/proto/dcerpc/response.rb +186 -0
data/lib/rex/proto/dcerpc/response.rb.ut.rb +15 -0
data/lib/rex/proto/dcerpc/uuid.rb +84 -0
data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +46 -0
data/lib/rex/proto/drda.rb +5 -0
data/lib/rex/proto/drda.rb.ts.rb +17 -0
data/lib/rex/proto/drda/constants.rb +49 -0
data/lib/rex/proto/drda/constants.rb.ut.rb +23 -0
data/lib/rex/proto/drda/packet.rb +252 -0
data/lib/rex/proto/drda/packet.rb.ut.rb +109 -0
data/lib/rex/proto/drda/utils.rb +123 -0
data/lib/rex/proto/drda/utils.rb.ut.rb +84 -0
data/lib/rex/proto/http.rb +5 -0
data/lib/rex/proto/http.rb.ts.rb +12 -0
data/lib/rex/proto/http/client.rb +817 -0
data/lib/rex/proto/http/client.rb.ut.rb +93 -0
data/lib/rex/proto/http/handler.rb +46 -0
data/lib/rex/proto/http/handler/erb.rb +128 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb +21 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +1 -0
data/lib/rex/proto/http/handler/proc.rb +54 -0
data/lib/rex/proto/http/handler/proc.rb.ut.rb +24 -0
data/lib/rex/proto/http/header.rb +161 -0
data/lib/rex/proto/http/header.rb.ut.rb +46 -0
data/lib/rex/proto/http/packet.rb +394 -0
data/lib/rex/proto/http/packet.rb.ut.rb +165 -0
data/lib/rex/proto/http/request.rb +356 -0
data/lib/rex/proto/http/request.rb.ut.rb +214 -0
data/lib/rex/proto/http/response.rb +85 -0
data/lib/rex/proto/http/response.rb.ut.rb +149 -0
data/lib/rex/proto/http/server.rb +367 -0
data/lib/rex/proto/http/server.rb.ut.rb +79 -0
data/lib/rex/proto/smb.rb +7 -0
data/lib/rex/proto/smb.rb.ts.rb +8 -0
data/lib/rex/proto/smb/client.rb +1733 -0
data/lib/rex/proto/smb/client.rb.ut.rb +223 -0
data/lib/rex/proto/smb/constants.rb +1062 -0
data/lib/rex/proto/smb/constants.rb.ut.rb +18 -0
data/lib/rex/proto/smb/crypt.rb +95 -0
data/lib/rex/proto/smb/crypt.rb.ut.rb +20 -0
data/lib/rex/proto/smb/evasions.rb +65 -0
data/lib/rex/proto/smb/exceptions.rb +846 -0
data/lib/rex/proto/smb/simpleclient.rb +292 -0
data/lib/rex/proto/smb/simpleclient.rb.ut.rb +128 -0
data/lib/rex/proto/smb/utils.rb +514 -0
data/lib/rex/proto/smb/utils.rb.ut.rb +20 -0
data/lib/rex/proto/sunrpc.rb +1 -0
data/lib/rex/proto/sunrpc/client.rb +195 -0
data/lib/rex/script.rb +42 -0
data/lib/rex/script/base.rb +59 -0
data/lib/rex/script/meterpreter.rb +9 -0
data/lib/rex/script/shell.rb +9 -0
data/lib/rex/service.rb +48 -0
data/lib/rex/service_manager.rb +141 -0
data/lib/rex/service_manager.rb.ut.rb +32 -0
data/lib/rex/services/local_relay.rb +423 -0
data/lib/rex/socket.rb +586 -0
data/lib/rex/socket.rb.ut.rb +86 -0
data/lib/rex/socket/comm.rb +119 -0
data/lib/rex/socket/comm/local.rb +409 -0
data/lib/rex/socket/comm/local.rb.ut.rb +75 -0
data/lib/rex/socket/ip.rb +129 -0
data/lib/rex/socket/parameters.rb +345 -0
data/lib/rex/socket/parameters.rb.ut.rb +51 -0
data/lib/rex/socket/range_walker.rb +295 -0
data/lib/rex/socket/range_walker.rb.ut.rb +55 -0
data/lib/rex/socket/ssl_tcp.rb +184 -0
data/lib/rex/socket/ssl_tcp.rb.ut.rb +39 -0
data/lib/rex/socket/ssl_tcp_server.rb +122 -0
data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +51 -0
data/lib/rex/socket/subnet_walker.rb +75 -0
data/lib/rex/socket/subnet_walker.rb.ut.rb +28 -0
data/lib/rex/socket/switch_board.rb +272 -0
data/lib/rex/socket/switch_board.rb.ut.rb +52 -0
data/lib/rex/socket/tcp.rb +76 -0
data/lib/rex/socket/tcp.rb.ut.rb +64 -0
data/lib/rex/socket/tcp_server.rb +67 -0
data/lib/rex/socket/tcp_server.rb.ut.rb +44 -0
data/lib/rex/socket/udp.rb +157 -0
data/lib/rex/socket/udp.rb.ut.rb +44 -0
data/lib/rex/struct2.rb +5 -0
data/lib/rex/struct2/c_struct.rb +181 -0
data/lib/rex/struct2/c_struct_template.rb +39 -0
data/lib/rex/struct2/constant.rb +26 -0
data/lib/rex/struct2/element.rb +44 -0
data/lib/rex/struct2/generic.rb +73 -0
data/lib/rex/struct2/restraint.rb +54 -0
data/lib/rex/struct2/s_string.rb +72 -0
data/lib/rex/struct2/s_struct.rb +111 -0
data/lib/rex/sync.rb +6 -0
data/lib/rex/sync/event.rb +94 -0
data/lib/rex/sync/read_write_lock.rb +176 -0
data/lib/rex/sync/ref.rb +57 -0
data/lib/rex/sync/thread_safe.rb +82 -0
data/lib/rex/test.rb +35 -0
data/lib/rex/text.rb +1029 -0
data/lib/rex/text.rb.ut.rb +168 -0
data/lib/rex/time.rb +65 -0
data/lib/rex/transformer.rb +115 -0
data/lib/rex/transformer.rb.ut.rb +38 -0
data/lib/rex/ui.rb +21 -0
data/lib/rex/ui/interactive.rb +252 -0
data/lib/rex/ui/output.rb +80 -0
data/lib/rex/ui/output/none.rb +18 -0
data/lib/rex/ui/progress_tracker.rb +96 -0
data/lib/rex/ui/subscriber.rb +149 -0
data/lib/rex/ui/text/color.rb +97 -0
data/lib/rex/ui/text/color.rb.ut.rb +18 -0
data/lib/rex/ui/text/dispatcher_shell.rb +382 -0
data/lib/rex/ui/text/input.rb +117 -0
data/lib/rex/ui/text/input/buffer.rb +75 -0
data/lib/rex/ui/text/input/readline.rb +129 -0
data/lib/rex/ui/text/input/socket.rb +95 -0
data/lib/rex/ui/text/input/stdio.rb +45 -0
data/lib/rex/ui/text/irb_shell.rb +55 -0
data/lib/rex/ui/text/output.rb +80 -0
data/lib/rex/ui/text/output/buffer.rb +65 -0
data/lib/rex/ui/text/output/file.rb +37 -0
data/lib/rex/ui/text/output/socket.rb +43 -0
data/lib/rex/ui/text/output/stdio.rb +40 -0
data/lib/rex/ui/text/progress_tracker.rb +56 -0
data/lib/rex/ui/text/progress_tracker.rb.ut.rb +34 -0
data/lib/rex/ui/text/shell.rb +321 -0
data/lib/rex/ui/text/table.rb +254 -0
data/lib/rex/ui/text/table.rb.ut.rb +55 -0
data/lib/rex/zip.rb +93 -0
data/lib/rex/zip/archive.rb +91 -0
data/lib/rex/zip/blocks.rb +182 -0
data/lib/rex/zip/entry.rb +95 -0
data/lib/rex/zip/samples/comment.rb +32 -0
data/lib/rex/zip/samples/mkwar.rb +138 -0
data/lib/rex/zip/samples/mkzip.rb +19 -0
data/lib/rex/zip/samples/recursive.rb +58 -0
metadata +435 -0

data/lib/rex/proto/http/request.rb ADDED

@@ -0,0 +1,356 @@
+require 'uri'
+require 'rex/proto/http'
+module Rex
+module Proto
+module Http
+###
+#
+# HTTP request class.
+#
+###
+class Request < Packet
+	PostRequests = ['POST', 'SEARCH']
+	##
+	#
+	# Some individual request types.
+	#
+	##
+	#
+	# HTTP GET request class wrapper.
+	#
+	class Get < Request
+		def initialize(uri = '/', proto = DefaultProtocol)
+			super('GET', uri, proto)
+		end
+	end
+	#
+	# HTTP POST request class wrapper.
+	#
+	class Post < Request
+		def initialize(uri = '/', proto = DefaultProtocol)
+			super('POST', uri, proto)
+		end
+	end
+	#
+	# HTTP PUT request class wrapper.
+	#
+	class Put < Request
+		def initialize(uri = '/', proto = DefaultProtocol)
+			super('PUT', uri, proto)
+		end
+	end
+	#
+	# Initializes an instance of an HTTP request with the supplied method, URI,
+	# and protocol.
+	#
+	def initialize(method = 'GET', uri = '/', proto = DefaultProtocol)
+		super()
+		self.method    = method
+		self.raw_uri   = uri
+		self.uri_parts = {}
+		self.proto     = proto || DefaultProtocol
+		self.chunk_min_size = 1
+		self.chunk_max_size = 10
+		self.uri_encode_mode = 'hex-normal'
+		update_uri_parts
+	end
+	#
+	# Updates the command parts for this specific packet type.
+	#
+	def update_cmd_parts(str)
+		if (md = str.match(/^(.+?)\s+(.+?)\s+HTTP\/(.+?)\r?\n?$/))
+			self.method  = md[1]
+			self.raw_uri = URI.decode(md[2])
+			self.proto   = md[3]
+			update_uri_parts
+		else
+			raise RuntimeError, "Invalid request command string", caller
+		end
+	end
+	#
+	# Split the URI into the resource being requested and its query string.
+	#
+	def update_uri_parts
+		# If it has a query string, get the parts.
+		if ((self.raw_uri) and (md = self.raw_uri.match(/(.+?)\?(.*)$/)))
+			self.uri_parts['QueryString'] = parse_cgi_qstring(md[2])
+			self.uri_parts['Resource']    = md[1]
+		# Otherwise, just assume that the URI is equal to the resource being
+		# requested.
+		else
+			self.uri_parts['QueryString'] = {}
+			self.uri_parts['Resource']    = self.raw_uri
+		end
+		self.normalize!(resource)
+		# Set the relative resource to the actual resource.
+		self.relative_resource = resource
+	end
+	# normalize out multiple slashes, directory traversal, and self referrential directories
+	def normalize!(str)
+		i = 0
+		while (str.gsub!(/(\/\.\/|\/\w+\/\.\.\/|\/\/)/,'/')); i += 1; end
+		i
+	end
+	# Puts a URI back together based on the URI parts
+	def uri
+		str = self.uri_parts['Resource'].dup || '/'
+		# /././././
+		if self.junk_self_referring_directories
+			str.gsub!(/\//) {
+				'/.' * (rand(3) + 1) + '/'
+			}
+		end
+		# /%3faaa=bbbbb
+		# which could possibly decode to "/?aaa=bbbbb", which if the IDS normalizes first, then splits the URI on ?, then it can be bypassed
+		if self.junk_param_start
+			str.sub!(/\//, '/%3f' + Rex::Text.rand_text_alpha(rand(5) + 1) + '=' + Rex::Text.rand_text_alpha(rand(10) + 1) + '/../')
+		end
+		# /RAND/../RAND../
+		if self.junk_directories
+			str.gsub!(/\//) {
+				dirs = ''
+				(rand(5)+5).times {
+					dirs << '/' + Rex::Text.rand_text_alpha(rand(5) + 1) + '/..'
+				}
+				dirs + '/'
+			}
+		end
+		# ////
+		#
+		# NOTE: this must be done after all other odd directory junk, since they would cancel this out, except junk_end_of_uri, since that a specific slash in a specific place
+		if self.junk_slashes
+			str.gsub!(/\//) {
+				'/' * (rand(3) + 2)
+			}
+			str.sub!(/^[\/]+/, '/') # only one beginning slash!
+		end
+		# /%20HTTP/1.0%0d%0a/../../
+		# which decodes to "/ HTTP/1.0\r\n"
+		if self.junk_end_of_uri
+			str.sub!(/^\//, '/%20HTTP/1.0%0d%0a/../../')
+		end
+		Rex::Text.uri_encode(str, self.uri_encode_mode)
+		if !PostRequests.include?(self.method)
+			if param_string.size > 0
+				str << '?' + param_string
+			end
+		end
+		str
+	end
+	def param_string
+		params=[]
+		self.uri_parts['QueryString'].each_pair { |param, value|
+			# inject a random number of params in between each param
+			if self.junk_params
+				rand(10)+5.times {
+					params.push(Rex::Text.rand_text_alpha(rand(16) + 5) + '=' + Rex::Text.rand_text_alpha(rand(10) + 1))
+				}
+			end
+			if value.kind_of?(Array)
+				value.each { |subvalue|
+    				params.push(Rex::Text.uri_encode(param, self.uri_encode_mode) + '=' + Rex::Text.uri_encode(subvalue, self.uri_encode_mode))
+				}
+			else
+    			if !value.nil?
+    				params.push(Rex::Text.uri_encode(param, self.uri_encode_mode) + '=' + Rex::Text.uri_encode(value, self.uri_encode_mode))
+    			else
+    				params.push(Rex::Text.uri_encode(param, self.uri_encode_mode))
+    			end
+			end
+		}
+		# inject some junk params at the end of the param list, just to be sure :P
+		if self.junk_params
+			rand(10)+5.times {
+				params.push(Rex::Text.rand_text_alpha(rand(32) + 5) + '=' + Rex::Text.rand_text_alpha(rand(64) + 5))
+			}
+		end
+		params.join('&')
+	end
+	# Updates the underlying URI structure
+	def uri=(str)
+		self.raw_uri = str
+		update_uri_parts
+	end
+	# Returns a request packet
+	def to_s
+		str = ''
+		if self.junk_pipeline
+			host = ''
+			if self.headers['Host']
+				host = "Host: #{self.headers['Host']}\r\n"
+			end
+			str << "GET / HTTP/1.1\r\n#{host}Connection: Keep-Alive\r\n\r\n" * self.junk_pipeline
+			self.headers['Connection'] = 'Closed'
+		end
+		str + super
+	end
+	def body
+		str = super || ''
+		if str.length > 0
+			return str
+		end
+		if PostRequests.include?(self.method)
+			return param_string
+		end
+		''
+	end
+	#
+	# Returns the command string derived from the three values.
+	#
+	def cmd_string
+		proto_str = (self.proto =~ /^\d/) ? "HTTP/#{self.proto}" : self.proto
+		"#{self.method} #{self.uri} #{proto_str}\r\n"
+	end
+	#
+	# Returns the resource that is being requested.
+	#
+	def resource
+		self.uri_parts['Resource']
+	end
+	#
+	# Changes the resource URI.  This is used when making a request relative to
+	# a given mount point.
+	#
+	def resource=(rsrc)
+		self.uri_parts['Resource'] = rsrc
+	end
+	#
+	# If there were CGI parameters in the URI, this will hold a hash of each
+	# variable to value.  If there is more than one value for a given variable,
+	# an array of each value is returned.
+	#
+	def qstring
+		self.uri_parts['QueryString']
+	end
+	#
+	# Returns a hash of variables that contain information about the request,
+	# such as the remote host information.
+	#
+	# TODO
+	#
+	def meta_vars
+	end
+	#
+	# The method being used for the request (e.g. GET).
+	#
+	attr_accessor :method
+	#
+	# The raw URI being requested, before any mucking gets to it
+	#
+	attr_accessor :raw_uri
+	#
+	# The split up parts of the URI.
+	#
+	attr_accessor :uri_parts
+	#
+	# The protocol to be sent with the request.
+	#
+	attr_accessor :proto
+	#
+	# The resource path relative to the root of a server mount point.
+	#
+	attr_accessor :relative_resource
+	# add junk directories
+	attr_accessor :junk_directories
+	# add junk slashes
+	attr_accessor :junk_slashes
+	# add junk self referring directories (aka  /././././)
+	attr_accessor :junk_self_referring_directories
+	# add junk params
+	attr_accessor :junk_params
+	# add junk pipeline requests
+	attr_accessor :junk_pipeline
+	# add junk start of params
+	attr_accessor :junk_param_start
+	# add junk end of URI
+	attr_accessor :junk_end_of_uri
+	# encoding uri
+	attr_accessor :uri_encode_mode
+protected
+	#
+	# Parses a CGI query string into the var/val combinations.
+	#
+	def parse_cgi_qstring(str)
+		qstring = {}
+		# Delimit on each variable
+		str.split(/[;&]/).each { |vv|
+			var = vv
+			val = ''
+			if (md = vv.match(/(.+?)=(.*)/))
+				var = md[1]
+				val = md[2]
+			end
+			# Add the item to the hash with logic to convert values to an array
+			# if so desired.
+			if (qstring.include?(var))
+				if (qstring[var].kind_of?(Array))
+					qstring[var] << val
+				else
+					curr = self.qstring[var]
+					qstring[var] = [ curr, val ]
+				end
+			else
+				qstring[var] = val
+			end
+		}
+		return qstring
+	end
+end
+end
+end
+end

data/lib/rex/proto/http/request.rb.ut.rb ADDED

@@ -0,0 +1,214 @@
+#!/usr/bin/env ruby
+$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
+require 'test/unit'
+require 'rex/proto/http'
+class Rex::Proto::Http::Request::UnitTest < Test::Unit::TestCase
+	Klass = Rex::Proto::Http::Request
+	def test_to_s
+		h = Klass.new
+		h.headers['Foo']     = 'Fishing'
+		h.headers['Chicken'] = 47
+		h.auto_cl = true
+		assert_equal(
+			"GET / HTTP/1.1\r\n" +
+			"Foo: Fishing\r\n" +
+			"Content-Length: 0\r\n" +
+			"Chicken: 47\r\n\r\n", h.to_s)
+	end
+	def test_from_s
+		h = Klass.new
+		h.from_s(
+			"POST /foo HTTP/1.0\r\n" +
+			"Lucifer: Beast\r\n" +
+			"HoHo: Satan\r\n" +
+			"Eat: Babies\r\n" +
+			"\r\n")
+		assert_equal('POST', h.method, 'method')
+		assert_equal('/foo', h.uri, 'uri')
+		assert_equal('1.0', h.proto, 'proto')
+		assert_equal('Babies', h['Eat'], 'header')
+		assert_equal("POST /foo HTTP/1.0\r\n", h.cmd_string, 'cmd_string')
+		h.method = 'GET'
+		assert_equal("GET /foo HTTP/1.0\r\n", h.cmd_string, 'set method')
+		h.uri = '/bar'
+		assert_equal("GET /bar HTTP/1.0\r\n", h.cmd_string, 'set uri')
+		h.proto = '1.2'
+		assert_equal("GET /bar HTTP/1.2\r\n", h.cmd_string, 'set proto')
+	end
+	def junk_request
+		h = Klass.new
+		h.from_s("GET /foo/bar.html HTTP/1.0\r\n" + "Foo: Bar\r\n\r\n")
+		return h
+	end
+	def test_junk_slashes
+		srand(0)
+		h = junk_request
+		assert_equal('GET', h.method, 'method')
+		assert_equal('1.0', h.proto, 'proto')
+		assert_equal('Bar', h['Foo'], 'header')
+		assert_equal('/foo/bar.html', h.uri, 'uri')
+		h = junk_request
+		h.junk_directories = 1
+		assert_equal('/D/../DnJT/../kXG/../Y/../BmnXu/../foo/lZ/../J/../zQzFP/../S/../Yxzd/../bar.html', h.uri, 'junk directories')
+		h = junk_request
+		h.junk_slashes = 1
+		assert_equal('/foo//bar.html', h.uri, 'junk slashes')
+		h = junk_request
+		h.junk_self_referring_directories = 1
+		assert_equal('/././foo/././bar.html', h.uri, 'junk referring directories')
+		h = junk_request
+		h.junk_param_start = 1
+		assert_equal('/%3fgf=XjLyc/../foo/bar.html', h.uri, 'junk start of params')
+		h = junk_request
+		h.junk_end_of_uri = 1
+		assert_equal('/%20HTTP/1.0%0d%0a/../../foo/bar.html', h.uri, 'junk end of URI')
+	end
+	def test_params
+		srand(0)
+		h = junk_request
+		assert_equal('/foo/bar.html', h.uri, 'uri')
+		h.uri_parts['QueryString']['B'] = 'a'
+		assert_equal('/foo/bar.html?B=a', h.uri, 'uri with param')
+		h.uri_parts['QueryString']['B'] = ['a','b']
+		assert_equal('/foo/bar.html?B=a&B=b', h.uri, 'uri with a param with multiple values')
+		h.uri_parts['QueryString']['B'] = '='
+		assert_equal('/foo/bar.html?B=%3d', h.uri, 'uri with a param that requires escaping')
+		assert_equal(
+    		"GET /foo/bar.html?B=%3d HTTP/1.0\r\n" +
+    		"Foo: Bar\r\n" +
+    		"Content-Length: 0\r\n" +
+			"\r\n", h.to_s, 'GET to_s'
+		)
+		h.method = 'POST'
+		assert_equal(
+    		"POST /foo/bar.html HTTP/1.0\r\n" +
+    		"Foo: Bar\r\n" +
+    		"Content-Length: 5\r\n" +
+			"\r\n" +
+			'B=%3d',
+			h.to_s, 'POST to_s'
+		)
+		h.body = 'FOO'
+		assert_equal(
+    		"POST /foo/bar.html HTTP/1.0\r\n" +
+    		"Foo: Bar\r\n" +
+    		"Content-Length: 3\r\n" +
+			"\r\n" +
+			'FOO',
+			h.to_s, 'POST to_s, with hardcoded body'
+		)
+	end
+	def test_junk_params
+		srand(0)
+		h = junk_request
+		h.junk_params = 1
+		h.uri_parts['QueryString']['a'] = 'b'
+		h.uri_parts['QueryString']['c'] = 'd'
+		assert_equal("GET /foo/bar.html?eZUhlXbdhzzW=HpxJATk&UwDqBU=EQwvK&oebrfUGJbvjTMSxKih=MkBx&nYkjF=DiohcEa&tzJFh=eIUHDVbs&a=b&UHTfAFbreJT=VlcIruAo&mZKziXgT=z&hsytpEdbRjC=tPkpE&yNetXi=JaaW&PiazmuQvoAKLNHeGt=ePpmrS&c=d&BpCycOlbkfdyudyhMgpQCIzKwabBAFYiP=ulrTYGUG&zGCccmlFtJkNVfRjtzIZVtlWQZulBFGMa=OIHtFvqDKybZDOS&ERFeYDFokx=YhShOxHruwhRdMugizXZuyrpuAMJSEHDwMltwtSzxHaxudDKUqBUQqycaXwC&JCspZkaEpKM=hlnghajZyYSUecISZYnqcYSDsTtAKDGbjGTiyymUrAktp&hMPhXMF=BKGGmmLyVyyzCMdJzIFrBrPMvMVSZNecspVGkwoaeFP HTTP/1.0\r\nFoo: Bar\r\nContent-Length: 0\r\n\r\n", h.to_s, 'junk params (GET)')
+		h.method = 'POST'
+		assert_equal("POST /foo/bar.html HTTP/1.0\r\nFoo: Bar\r\nContent-Length: 591\r\n\r\nxfgwQgKMdA=WTFkTkFc&axTMmHQdAXPKDDQwJ=lwRJs&PmOhEQkHXbuHWieQbvv=LXO&eaiRjHtwlENl=rIgR&kBdFQmoWeT=UqKDW&a=b&dpoRzoqedheulYQ=ndBX&AXlvaZZGYPlpR=w&uFTvWtLLhHawHvgk=XVC&KFmmkBkFFmjYx=yJExY&CTDNLNkRaGviVUqRlZV=kEviLihu&c=d&LhZhftGZYtmzQXaDaudCF=HPOjnHzmzdxLDNYEzWdmLOSZsDlHdOLJLQnBScAVYJISLczRPDqYVcVOvBMLZn&atiBQBQhhsmoINqT=gXEfWAlfPTPzMtKpQGVeDQABygrSSWPPcHbYYMNSOOUHsrbsPXLNdfu&EcBxxXQpawCvRUmAGsWPKio=VigqsjpnbwKERDleXdmeLCdHzJXAwRozVeaPwRKRDnJ&DHQiEakGgRlbzOWfIdcfiRcvQIsHMgUrLd=AUtcNlvnyEuMlwEpkQSleujwAxJyhwxMGzkjmkeyTmsjO&zRDdbDhzbkVnqKdxdYyQAkiNBCCTMenVNx=zMxABkKqgcCcBNTvRkHGJPSdqSCdRjT",h.to_s, 'junk params (POST)')
+		h.method = 'SEARCH'
+		assert_equal("SEARCH /foo/bar.html HTTP/1.0\r\nFoo: Bar\r\nContent-Length: 522\r\n\r\nMjtCUDRsmqKl=vbEzWljeH&YvPKTNnlnSHYg=ovkqQaoQ&geUXPsTibtiRXbNwXeF=nhxicBEVIy&jwjZFB=HBBH&kNsybgrTitkQwq=rDITuAUgir&a=b&YCHsLzcfBQ=SOV&vFhqCboTPHsdjhwxQYFz=RtgW&mJFMqQ=EZ&tRdGcKFkkUyyWKreOzw=BoHFPpgXO&dzZEAaU=YREgxR&c=d&kfeJswjgOXgcrh=usIlCRPDVwydlWSHxaEtZazvTOSgbkmUsDSNzxfhSMvbniHetQBYQtb&yYwMEwzuoO=KbOmNEWPdOqZLfbWurUCZAfuGSWuZNMlTfcTooZvdcqKURAnmiBwWt&xWncBVCgyGmjkXzSmZuPxbVBJzRLADk=TvFUEpQQFgWDIcpKmcfsLibxH&mFJYMohOtPEW=CHtIFnPPpZWZZTdJLjanSIBjyxuKKYfrbNOFXqnxlmLrYRVeSZdlxoxqf&LOgBBkZMIyMY=DKHcOIujjRXMtHvuneTqtyBr", h.to_s, 'junk params (SEARCH)')
+	end
+	def test_junk_pipelining
+		srand(0)
+		h = Klass.new
+		h.from_s("GET /foo HTTP/1.0\r\n" + "Foo: Bar\r\n\r\n")
+		h.junk_pipeline = 1
+		assert_equal("GET / HTTP/1.1\r\nConnection: Keep-Alive\r\n\r\nGET /foo HTTP/1.0\r\nFoo: Bar\r\nContent-Length: 0\r\nConnection: Closed\r\n\r\n", h.to_s, 'pipeline')
+	end
+	def test_junk_all
+        srand(0)
+        h = junk_request
+        h.junk_slashes = 1
+        h.junk_directories = 1
+        h.junk_self_referring_directories = 1
+		h.junk_end_of_uri = 1
+		h.junk_param_start = 1
+        seen = {}
+		expect = [
+			{"//"=>145, "/./"=>35, "param"=>1, "http"=>1, "/w/../"=>3},
+			{"//"=>149, "/./"=>35, "param"=>1, "http"=>1, "/w/../"=>3},
+			{"//"=>130, "/./"=>30, "param"=>1, "http"=>1, "/w/../"=>2},
+			{"//"=>165, "/./"=>40, "param"=>1, "http"=>1, "/w/../"=>4},
+			{"//"=>145, "/./"=>35, "param"=>1, "http"=>1, "/w/../"=>3},
+		]
+		i = 0
+        5.times {
+            str = h.uri.dup
+            assert_not_equal('/foo/bar.html', str, 'all the junk')
+            assert_nil(seen[str], 'all the junk, not a dup rand')
+            seen[str] = 1
+			seen = { '/./' => 0, '//' => 0, '/w/../' => 0, 'http' => 0, 'param' => 0}
+			matched = 1
+			while matched == 1
+				# p str
+				if str.sub!(/\/%20HTTP\/1.0%0d%0a\/\.\.\/\.\.\//, '/')
+					seen['http'] += 1;
+				elsif str.sub!(/\/%3f\w+=\w+\/\.\.\//i, '/')
+					seen['param'] += 1;
+				elsif str.sub!(/\/\w+\/\.\.\//, '/')
+					seen['/./'] += 1;
+				elsif str.sub!(/\/\//, '/')
+					seen['//'] += 1;
+				elsif str.sub!(/\/.\//, '/')
+					seen['/w/../'] += 1;
+				else
+					matched = 0
+				end
+			end
+			assert_equal('/foo/bar.html', str, 'normalized')
+			assert_equal(expect[i], seen, 'expected counts')
+			i += 1
+        }
+    end
+	def test_normalize
+		h = junk_request
+		h.uri = '/foo/..////./././asdf/././//../bar.html'
+		assert_equal('/bar.html', h.uri, 'normalize on set')
+	end
+end