librex 0.0.13 → 0.0.15

Sign up to get free protection for your applications and to get access to all the features.
Files changed (435) hide show
  1. data/README.markdown +1 -1
  2. data/Rakefile +1 -0
  3. metadata +3 -435
  4. data/lib/rex/LICENSE +0 -29
  5. data/lib/rex/arch.rb +0 -103
  6. data/lib/rex/arch/sparc.rb +0 -75
  7. data/lib/rex/arch/sparc.rb.ut.rb +0 -18
  8. data/lib/rex/arch/x86.rb +0 -513
  9. data/lib/rex/arch/x86.rb.ut.rb +0 -93
  10. data/lib/rex/assembly/nasm.rb +0 -104
  11. data/lib/rex/assembly/nasm.rb.ut.rb +0 -22
  12. data/lib/rex/codepage.map +0 -104
  13. data/lib/rex/compat.rb +0 -311
  14. data/lib/rex/constants.rb +0 -113
  15. data/lib/rex/elfparsey.rb +0 -11
  16. data/lib/rex/elfparsey/elf.rb +0 -123
  17. data/lib/rex/elfparsey/elfbase.rb +0 -258
  18. data/lib/rex/elfparsey/exceptions.rb +0 -27
  19. data/lib/rex/elfscan.rb +0 -12
  20. data/lib/rex/elfscan/scanner.rb +0 -207
  21. data/lib/rex/elfscan/search.rb +0 -46
  22. data/lib/rex/encoder/alpha2.rb +0 -31
  23. data/lib/rex/encoder/alpha2/alpha_mixed.rb +0 -68
  24. data/lib/rex/encoder/alpha2/alpha_upper.rb +0 -79
  25. data/lib/rex/encoder/alpha2/generic.rb +0 -114
  26. data/lib/rex/encoder/alpha2/unicode_mixed.rb +0 -117
  27. data/lib/rex/encoder/alpha2/unicode_upper.rb +0 -129
  28. data/lib/rex/encoder/ndr.rb +0 -89
  29. data/lib/rex/encoder/ndr.rb.ut.rb +0 -44
  30. data/lib/rex/encoder/nonalpha.rb +0 -61
  31. data/lib/rex/encoder/nonupper.rb +0 -64
  32. data/lib/rex/encoder/xdr.rb +0 -106
  33. data/lib/rex/encoder/xdr.rb.ut.rb +0 -29
  34. data/lib/rex/encoder/xor.rb +0 -69
  35. data/lib/rex/encoder/xor/dword.rb +0 -13
  36. data/lib/rex/encoder/xor/dword_additive.rb +0 -13
  37. data/lib/rex/encoders/xor_dword.rb +0 -35
  38. data/lib/rex/encoders/xor_dword_additive.rb +0 -53
  39. data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +0 -12
  40. data/lib/rex/encoding/xor.rb +0 -20
  41. data/lib/rex/encoding/xor.rb.ts.rb +0 -14
  42. data/lib/rex/encoding/xor/byte.rb +0 -15
  43. data/lib/rex/encoding/xor/byte.rb.ut.rb +0 -21
  44. data/lib/rex/encoding/xor/dword.rb +0 -21
  45. data/lib/rex/encoding/xor/dword.rb.ut.rb +0 -15
  46. data/lib/rex/encoding/xor/dword_additive.rb +0 -92
  47. data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +0 -15
  48. data/lib/rex/encoding/xor/exceptions.rb +0 -17
  49. data/lib/rex/encoding/xor/generic.rb +0 -146
  50. data/lib/rex/encoding/xor/generic.rb.ut.rb +0 -120
  51. data/lib/rex/encoding/xor/qword.rb +0 -15
  52. data/lib/rex/encoding/xor/word.rb +0 -21
  53. data/lib/rex/encoding/xor/word.rb.ut.rb +0 -13
  54. data/lib/rex/exceptions.rb +0 -275
  55. data/lib/rex/exceptions.rb.ut.rb +0 -44
  56. data/lib/rex/exploitation/cmdstager.rb +0 -9
  57. data/lib/rex/exploitation/cmdstager/base.rb +0 -175
  58. data/lib/rex/exploitation/cmdstager/debug_asm.rb +0 -142
  59. data/lib/rex/exploitation/cmdstager/debug_write.rb +0 -136
  60. data/lib/rex/exploitation/cmdstager/tftp.rb +0 -63
  61. data/lib/rex/exploitation/cmdstager/vbs.rb +0 -128
  62. data/lib/rex/exploitation/egghunter.rb +0 -277
  63. data/lib/rex/exploitation/egghunter.rb.ut.rb +0 -25
  64. data/lib/rex/exploitation/encryptjs.rb +0 -77
  65. data/lib/rex/exploitation/heaplib.js.b64 +0 -331
  66. data/lib/rex/exploitation/heaplib.rb +0 -94
  67. data/lib/rex/exploitation/javascriptosdetect.rb +0 -897
  68. data/lib/rex/exploitation/obfuscatejs.rb +0 -335
  69. data/lib/rex/exploitation/omelet.rb +0 -320
  70. data/lib/rex/exploitation/omelet.rb.ut.rb +0 -13
  71. data/lib/rex/exploitation/opcodedb.rb +0 -818
  72. data/lib/rex/exploitation/opcodedb.rb.ut.rb +0 -279
  73. data/lib/rex/exploitation/seh.rb +0 -92
  74. data/lib/rex/exploitation/seh.rb.ut.rb +0 -19
  75. data/lib/rex/file.rb +0 -112
  76. data/lib/rex/file.rb.ut.rb +0 -16
  77. data/lib/rex/image_source.rb +0 -12
  78. data/lib/rex/image_source/disk.rb +0 -60
  79. data/lib/rex/image_source/image_source.rb +0 -46
  80. data/lib/rex/image_source/memory.rb +0 -37
  81. data/lib/rex/io/bidirectional_pipe.rb +0 -157
  82. data/lib/rex/io/datagram_abstraction.rb +0 -35
  83. data/lib/rex/io/stream.rb +0 -319
  84. data/lib/rex/io/stream_abstraction.rb +0 -197
  85. data/lib/rex/io/stream_server.rb +0 -211
  86. data/lib/rex/job_container.rb +0 -187
  87. data/lib/rex/logging.rb +0 -4
  88. data/lib/rex/logging/log_dispatcher.rb +0 -179
  89. data/lib/rex/logging/log_sink.rb +0 -42
  90. data/lib/rex/logging/sinks/flatfile.rb +0 -55
  91. data/lib/rex/logging/sinks/stderr.rb +0 -43
  92. data/lib/rex/machparsey.rb +0 -9
  93. data/lib/rex/machparsey/exceptions.rb +0 -34
  94. data/lib/rex/machparsey/mach.rb +0 -209
  95. data/lib/rex/machparsey/machbase.rb +0 -408
  96. data/lib/rex/machscan.rb +0 -9
  97. data/lib/rex/machscan/scanner.rb +0 -217
  98. data/lib/rex/mime.rb +0 -9
  99. data/lib/rex/mime/header.rb +0 -77
  100. data/lib/rex/mime/message.rb +0 -144
  101. data/lib/rex/mime/part.rb +0 -20
  102. data/lib/rex/nop/opty2.rb +0 -108
  103. data/lib/rex/nop/opty2.rb.ut.rb +0 -23
  104. data/lib/rex/nop/opty2_tables.rb +0 -300
  105. data/lib/rex/ole.rb +0 -205
  106. data/lib/rex/ole/clsid.rb +0 -47
  107. data/lib/rex/ole/difat.rb +0 -141
  108. data/lib/rex/ole/directory.rb +0 -231
  109. data/lib/rex/ole/direntry.rb +0 -240
  110. data/lib/rex/ole/docs/dependencies.txt +0 -8
  111. data/lib/rex/ole/docs/references.txt +0 -1
  112. data/lib/rex/ole/fat.rb +0 -99
  113. data/lib/rex/ole/header.rb +0 -204
  114. data/lib/rex/ole/minifat.rb +0 -77
  115. data/lib/rex/ole/propset.rb +0 -144
  116. data/lib/rex/ole/samples/create_ole.rb +0 -27
  117. data/lib/rex/ole/samples/dir.rb +0 -35
  118. data/lib/rex/ole/samples/dump_stream.rb +0 -34
  119. data/lib/rex/ole/samples/ole_info.rb +0 -23
  120. data/lib/rex/ole/storage.rb +0 -395
  121. data/lib/rex/ole/stream.rb +0 -53
  122. data/lib/rex/ole/substorage.rb +0 -49
  123. data/lib/rex/ole/util.rb +0 -157
  124. data/lib/rex/parser/arguments.rb +0 -97
  125. data/lib/rex/parser/arguments.rb.ut.rb +0 -67
  126. data/lib/rex/parser/ini.rb +0 -185
  127. data/lib/rex/parser/ini.rb.ut.rb +0 -29
  128. data/lib/rex/parser/ip360_aspl_xml.rb +0 -102
  129. data/lib/rex/parser/ip360_xml.rb +0 -93
  130. data/lib/rex/parser/nessus_xml.rb +0 -118
  131. data/lib/rex/parser/netsparker_xml.rb +0 -94
  132. data/lib/rex/parser/nexpose_xml.rb +0 -131
  133. data/lib/rex/parser/nmap_xml.rb +0 -121
  134. data/lib/rex/parser/retina_xml.rb +0 -109
  135. data/lib/rex/payloads.rb +0 -1
  136. data/lib/rex/payloads/win32.rb +0 -2
  137. data/lib/rex/payloads/win32/common.rb +0 -26
  138. data/lib/rex/payloads/win32/kernel.rb +0 -53
  139. data/lib/rex/payloads/win32/kernel/common.rb +0 -54
  140. data/lib/rex/payloads/win32/kernel/migration.rb +0 -12
  141. data/lib/rex/payloads/win32/kernel/recovery.rb +0 -50
  142. data/lib/rex/payloads/win32/kernel/stager.rb +0 -194
  143. data/lib/rex/peparsey.rb +0 -12
  144. data/lib/rex/peparsey/exceptions.rb +0 -32
  145. data/lib/rex/peparsey/pe.rb +0 -212
  146. data/lib/rex/peparsey/pe_memdump.rb +0 -63
  147. data/lib/rex/peparsey/pebase.rb +0 -1680
  148. data/lib/rex/peparsey/section.rb +0 -136
  149. data/lib/rex/pescan.rb +0 -13
  150. data/lib/rex/pescan/analyze.rb +0 -309
  151. data/lib/rex/pescan/scanner.rb +0 -206
  152. data/lib/rex/pescan/search.rb +0 -56
  153. data/lib/rex/platforms.rb +0 -1
  154. data/lib/rex/platforms/windows.rb +0 -51
  155. data/lib/rex/poly.rb +0 -132
  156. data/lib/rex/poly/block.rb +0 -477
  157. data/lib/rex/poly/register.rb +0 -100
  158. data/lib/rex/poly/register/x86.rb +0 -40
  159. data/lib/rex/post.rb +0 -8
  160. data/lib/rex/post/dir.rb +0 -51
  161. data/lib/rex/post/file.rb +0 -172
  162. data/lib/rex/post/file_stat.rb +0 -220
  163. data/lib/rex/post/gen.pl +0 -13
  164. data/lib/rex/post/io.rb +0 -182
  165. data/lib/rex/post/meterpreter.rb +0 -4
  166. data/lib/rex/post/meterpreter/channel.rb +0 -445
  167. data/lib/rex/post/meterpreter/channel_container.rb +0 -54
  168. data/lib/rex/post/meterpreter/channels/pool.rb +0 -160
  169. data/lib/rex/post/meterpreter/channels/pools/file.rb +0 -62
  170. data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +0 -103
  171. data/lib/rex/post/meterpreter/channels/stream.rb +0 -87
  172. data/lib/rex/post/meterpreter/client.rb +0 -364
  173. data/lib/rex/post/meterpreter/client_core.rb +0 -274
  174. data/lib/rex/post/meterpreter/dependencies.rb +0 -3
  175. data/lib/rex/post/meterpreter/extension.rb +0 -32
  176. data/lib/rex/post/meterpreter/extensions/espia/espia.rb +0 -58
  177. data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +0 -16
  178. data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +0 -94
  179. data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +0 -21
  180. data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +0 -57
  181. data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +0 -15
  182. data/lib/rex/post/meterpreter/extensions/priv/fs.rb +0 -118
  183. data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +0 -61
  184. data/lib/rex/post/meterpreter/extensions/priv/priv.rb +0 -111
  185. data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +0 -28
  186. data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +0 -101
  187. data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +0 -26
  188. data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +0 -333
  189. data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +0 -282
  190. data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +0 -266
  191. data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +0 -103
  192. data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +0 -48
  193. data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +0 -144
  194. data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +0 -73
  195. data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +0 -56
  196. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +0 -137
  197. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +0 -180
  198. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +0 -167
  199. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +0 -208
  200. data/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb +0 -6
  201. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +0 -38106
  202. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb +0 -31
  203. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +0 -47
  204. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb +0 -36
  205. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +0 -1818
  206. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +0 -96
  207. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +0 -3848
  208. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +0 -26
  209. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +0 -153
  210. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +0 -21
  211. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +0 -3169
  212. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +0 -599
  213. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +0 -318
  214. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +0 -100
  215. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb +0 -42
  216. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +0 -148
  217. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb +0 -127
  218. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +0 -309
  219. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +0 -204
  220. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb +0 -51
  221. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +0 -630
  222. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +0 -75
  223. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb +0 -103
  224. data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +0 -149
  225. data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +0 -97
  226. data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +0 -192
  227. data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +0 -41
  228. data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +0 -61
  229. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +0 -370
  230. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +0 -129
  231. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +0 -55
  232. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +0 -336
  233. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +0 -141
  234. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +0 -279
  235. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +0 -193
  236. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +0 -102
  237. data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +0 -180
  238. data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +0 -211
  239. data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +0 -227
  240. data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +0 -63
  241. data/lib/rex/post/meterpreter/inbound_packet_handler.rb +0 -30
  242. data/lib/rex/post/meterpreter/object_aliases.rb +0 -83
  243. data/lib/rex/post/meterpreter/packet.rb +0 -688
  244. data/lib/rex/post/meterpreter/packet_dispatcher.rb +0 -431
  245. data/lib/rex/post/meterpreter/packet_parser.rb +0 -94
  246. data/lib/rex/post/meterpreter/packet_response_waiter.rb +0 -83
  247. data/lib/rex/post/meterpreter/ui/console.rb +0 -137
  248. data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +0 -62
  249. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +0 -730
  250. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +0 -108
  251. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +0 -241
  252. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +0 -231
  253. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +0 -61
  254. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +0 -98
  255. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +0 -51
  256. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +0 -132
  257. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +0 -187
  258. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +0 -65
  259. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +0 -442
  260. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +0 -298
  261. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +0 -486
  262. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +0 -315
  263. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +0 -157
  264. data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +0 -95
  265. data/lib/rex/post/permission.rb +0 -26
  266. data/lib/rex/post/process.rb +0 -57
  267. data/lib/rex/post/thread.rb +0 -57
  268. data/lib/rex/post/ui.rb +0 -52
  269. data/lib/rex/proto.rb +0 -13
  270. data/lib/rex/proto.rb.ts.rb +0 -8
  271. data/lib/rex/proto/dcerpc.rb +0 -6
  272. data/lib/rex/proto/dcerpc.rb.ts.rb +0 -9
  273. data/lib/rex/proto/dcerpc/client.rb +0 -361
  274. data/lib/rex/proto/dcerpc/client.rb.ut.rb +0 -491
  275. data/lib/rex/proto/dcerpc/exceptions.rb +0 -150
  276. data/lib/rex/proto/dcerpc/handle.rb +0 -47
  277. data/lib/rex/proto/dcerpc/handle.rb.ut.rb +0 -85
  278. data/lib/rex/proto/dcerpc/ndr.rb +0 -72
  279. data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +0 -41
  280. data/lib/rex/proto/dcerpc/packet.rb +0 -253
  281. data/lib/rex/proto/dcerpc/packet.rb.ut.rb +0 -56
  282. data/lib/rex/proto/dcerpc/response.rb +0 -187
  283. data/lib/rex/proto/dcerpc/response.rb.ut.rb +0 -15
  284. data/lib/rex/proto/dcerpc/uuid.rb +0 -84
  285. data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +0 -46
  286. data/lib/rex/proto/dhcp.rb +0 -7
  287. data/lib/rex/proto/dhcp/constants.rb +0 -33
  288. data/lib/rex/proto/dhcp/server.rb +0 -292
  289. data/lib/rex/proto/drda.rb +0 -5
  290. data/lib/rex/proto/drda.rb.ts.rb +0 -17
  291. data/lib/rex/proto/drda/constants.rb +0 -49
  292. data/lib/rex/proto/drda/constants.rb.ut.rb +0 -23
  293. data/lib/rex/proto/drda/packet.rb +0 -252
  294. data/lib/rex/proto/drda/packet.rb.ut.rb +0 -109
  295. data/lib/rex/proto/drda/utils.rb +0 -123
  296. data/lib/rex/proto/drda/utils.rb.ut.rb +0 -84
  297. data/lib/rex/proto/http.rb +0 -5
  298. data/lib/rex/proto/http.rb.ts.rb +0 -12
  299. data/lib/rex/proto/http/client.rb +0 -821
  300. data/lib/rex/proto/http/client.rb.ut.rb +0 -95
  301. data/lib/rex/proto/http/handler.rb +0 -46
  302. data/lib/rex/proto/http/handler/erb.rb +0 -128
  303. data/lib/rex/proto/http/handler/erb.rb.ut.rb +0 -21
  304. data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +0 -1
  305. data/lib/rex/proto/http/handler/proc.rb +0 -60
  306. data/lib/rex/proto/http/handler/proc.rb.ut.rb +0 -24
  307. data/lib/rex/proto/http/header.rb +0 -161
  308. data/lib/rex/proto/http/header.rb.ut.rb +0 -46
  309. data/lib/rex/proto/http/packet.rb +0 -407
  310. data/lib/rex/proto/http/packet.rb.ut.rb +0 -165
  311. data/lib/rex/proto/http/request.rb +0 -356
  312. data/lib/rex/proto/http/request.rb.ut.rb +0 -214
  313. data/lib/rex/proto/http/response.rb +0 -90
  314. data/lib/rex/proto/http/response.rb.ut.rb +0 -149
  315. data/lib/rex/proto/http/server.rb +0 -369
  316. data/lib/rex/proto/http/server.rb.ut.rb +0 -79
  317. data/lib/rex/proto/ntlm.rb +0 -7
  318. data/lib/rex/proto/ntlm.rb.ut.rb +0 -177
  319. data/lib/rex/proto/ntlm/base.rb +0 -326
  320. data/lib/rex/proto/ntlm/constants.rb +0 -74
  321. data/lib/rex/proto/ntlm/crypt.rb +0 -415
  322. data/lib/rex/proto/ntlm/exceptions.rb +0 -9
  323. data/lib/rex/proto/ntlm/message.rb +0 -533
  324. data/lib/rex/proto/ntlm/utils.rb +0 -763
  325. data/lib/rex/proto/proxy/socks4a.rb +0 -440
  326. data/lib/rex/proto/rfb.rb +0 -19
  327. data/lib/rex/proto/rfb.rb.ut.rb +0 -37
  328. data/lib/rex/proto/rfb/cipher.rb +0 -84
  329. data/lib/rex/proto/rfb/client.rb +0 -207
  330. data/lib/rex/proto/rfb/constants.rb +0 -52
  331. data/lib/rex/proto/smb.rb +0 -7
  332. data/lib/rex/proto/smb.rb.ts.rb +0 -8
  333. data/lib/rex/proto/smb/client.rb +0 -1952
  334. data/lib/rex/proto/smb/client.rb.ut.rb +0 -223
  335. data/lib/rex/proto/smb/constants.rb +0 -1047
  336. data/lib/rex/proto/smb/constants.rb.ut.rb +0 -18
  337. data/lib/rex/proto/smb/crypt.rb +0 -36
  338. data/lib/rex/proto/smb/evasions.rb +0 -66
  339. data/lib/rex/proto/smb/exceptions.rb +0 -858
  340. data/lib/rex/proto/smb/simpleclient.rb +0 -306
  341. data/lib/rex/proto/smb/simpleclient.rb.ut.rb +0 -128
  342. data/lib/rex/proto/smb/utils.rb +0 -103
  343. data/lib/rex/proto/smb/utils.rb.ut.rb +0 -20
  344. data/lib/rex/proto/sunrpc.rb +0 -1
  345. data/lib/rex/proto/sunrpc/client.rb +0 -195
  346. data/lib/rex/proto/tftp.rb +0 -12
  347. data/lib/rex/proto/tftp/constants.rb +0 -39
  348. data/lib/rex/proto/tftp/server.rb +0 -497
  349. data/lib/rex/proto/tftp/server.rb.ut.rb +0 -28
  350. data/lib/rex/script.rb +0 -42
  351. data/lib/rex/script/base.rb +0 -59
  352. data/lib/rex/script/meterpreter.rb +0 -15
  353. data/lib/rex/script/shell.rb +0 -9
  354. data/lib/rex/service.rb +0 -48
  355. data/lib/rex/service_manager.rb +0 -141
  356. data/lib/rex/service_manager.rb.ut.rb +0 -32
  357. data/lib/rex/services/local_relay.rb +0 -423
  358. data/lib/rex/socket.rb +0 -684
  359. data/lib/rex/socket.rb.ut.rb +0 -107
  360. data/lib/rex/socket/comm.rb +0 -119
  361. data/lib/rex/socket/comm/local.rb +0 -412
  362. data/lib/rex/socket/comm/local.rb.ut.rb +0 -75
  363. data/lib/rex/socket/ip.rb +0 -130
  364. data/lib/rex/socket/parameters.rb +0 -345
  365. data/lib/rex/socket/parameters.rb.ut.rb +0 -51
  366. data/lib/rex/socket/range_walker.rb +0 -346
  367. data/lib/rex/socket/range_walker.rb.ut.rb +0 -55
  368. data/lib/rex/socket/ssl_tcp.rb +0 -184
  369. data/lib/rex/socket/ssl_tcp.rb.ut.rb +0 -39
  370. data/lib/rex/socket/ssl_tcp_server.rb +0 -122
  371. data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +0 -61
  372. data/lib/rex/socket/subnet_walker.rb +0 -75
  373. data/lib/rex/socket/subnet_walker.rb.ut.rb +0 -28
  374. data/lib/rex/socket/switch_board.rb +0 -278
  375. data/lib/rex/socket/switch_board.rb.ut.rb +0 -52
  376. data/lib/rex/socket/tcp.rb +0 -76
  377. data/lib/rex/socket/tcp.rb.ut.rb +0 -64
  378. data/lib/rex/socket/tcp_server.rb +0 -67
  379. data/lib/rex/socket/tcp_server.rb.ut.rb +0 -44
  380. data/lib/rex/socket/udp.rb +0 -164
  381. data/lib/rex/socket/udp.rb.ut.rb +0 -44
  382. data/lib/rex/struct2.rb +0 -5
  383. data/lib/rex/struct2/c_struct.rb +0 -181
  384. data/lib/rex/struct2/c_struct_template.rb +0 -39
  385. data/lib/rex/struct2/constant.rb +0 -26
  386. data/lib/rex/struct2/element.rb +0 -44
  387. data/lib/rex/struct2/generic.rb +0 -73
  388. data/lib/rex/struct2/restraint.rb +0 -54
  389. data/lib/rex/struct2/s_string.rb +0 -72
  390. data/lib/rex/struct2/s_struct.rb +0 -111
  391. data/lib/rex/sync.rb +0 -6
  392. data/lib/rex/sync/event.rb +0 -94
  393. data/lib/rex/sync/read_write_lock.rb +0 -176
  394. data/lib/rex/sync/ref.rb +0 -57
  395. data/lib/rex/sync/thread_safe.rb +0 -82
  396. data/lib/rex/test.rb +0 -35
  397. data/lib/rex/text.rb +0 -1149
  398. data/lib/rex/text.rb.ut.rb +0 -190
  399. data/lib/rex/thread_factory.rb +0 -42
  400. data/lib/rex/time.rb +0 -65
  401. data/lib/rex/transformer.rb +0 -115
  402. data/lib/rex/transformer.rb.ut.rb +0 -38
  403. data/lib/rex/ui.rb +0 -21
  404. data/lib/rex/ui/interactive.rb +0 -254
  405. data/lib/rex/ui/output.rb +0 -78
  406. data/lib/rex/ui/output/none.rb +0 -18
  407. data/lib/rex/ui/progress_tracker.rb +0 -96
  408. data/lib/rex/ui/subscriber.rb +0 -149
  409. data/lib/rex/ui/text/color.rb +0 -97
  410. data/lib/rex/ui/text/color.rb.ut.rb +0 -18
  411. data/lib/rex/ui/text/dispatcher_shell.rb +0 -467
  412. data/lib/rex/ui/text/input.rb +0 -117
  413. data/lib/rex/ui/text/input/buffer.rb +0 -75
  414. data/lib/rex/ui/text/input/readline.rb +0 -129
  415. data/lib/rex/ui/text/input/socket.rb +0 -95
  416. data/lib/rex/ui/text/input/stdio.rb +0 -45
  417. data/lib/rex/ui/text/irb_shell.rb +0 -57
  418. data/lib/rex/ui/text/output.rb +0 -80
  419. data/lib/rex/ui/text/output/buffer.rb +0 -61
  420. data/lib/rex/ui/text/output/file.rb +0 -43
  421. data/lib/rex/ui/text/output/socket.rb +0 -43
  422. data/lib/rex/ui/text/output/stdio.rb +0 -40
  423. data/lib/rex/ui/text/progress_tracker.rb +0 -56
  424. data/lib/rex/ui/text/progress_tracker.rb.ut.rb +0 -34
  425. data/lib/rex/ui/text/shell.rb +0 -328
  426. data/lib/rex/ui/text/table.rb +0 -279
  427. data/lib/rex/ui/text/table.rb.ut.rb +0 -55
  428. data/lib/rex/zip.rb +0 -93
  429. data/lib/rex/zip/archive.rb +0 -184
  430. data/lib/rex/zip/blocks.rb +0 -182
  431. data/lib/rex/zip/entry.rb +0 -104
  432. data/lib/rex/zip/samples/comment.rb +0 -32
  433. data/lib/rex/zip/samples/mkwar.rb +0 -138
  434. data/lib/rex/zip/samples/mkzip.rb +0 -19
  435. data/lib/rex/zip/samples/recursive.rb +0 -58
@@ -1,298 +0,0 @@
1
- require 'rex/post/meterpreter'
2
- require 'rex/service_manager'
3
-
4
- module Rex
5
- module Post
6
- module Meterpreter
7
- module Ui
8
-
9
- ###
10
- #
11
- # The networking portion of the standard API extension.
12
- #
13
- ###
14
- class Console::CommandDispatcher::Stdapi::Net
15
-
16
- Klass = Console::CommandDispatcher::Stdapi::Net
17
-
18
- include Console::CommandDispatcher
19
-
20
- #
21
- # This module is used to extend the meterpreter session
22
- # so that local port forwards can be tracked and cleaned
23
- # up when the meterpreter session goes away
24
- #
25
- module PortForwardTracker
26
- def cleanup
27
- super
28
-
29
- if pfservice
30
- pfservice.deref
31
- end
32
- end
33
-
34
- attr_accessor :pfservice
35
- end
36
-
37
- #
38
- # Options for the route command.
39
- #
40
- @@route_opts = Rex::Parser::Arguments.new(
41
- "-h" => [ false, "Help banner." ])
42
-
43
- #
44
- # Options for the portfwd command.
45
- #
46
- @@portfwd_opts = Rex::Parser::Arguments.new(
47
- "-h" => [ false, "Help banner." ],
48
- "-l" => [ true, "The local port to listen on." ],
49
- "-r" => [ true, "The remote host to connect to." ],
50
- "-p" => [ true, "The remote port to connect to." ],
51
- "-L" => [ true, "The local host to listen on (optional)." ])
52
-
53
- #
54
- # List of supported commands.
55
- #
56
- def commands
57
- {
58
- "ipconfig" => "Display interfaces",
59
- "route" => "View and modify the routing table",
60
- "portfwd" => "Forward a local port to a remote service",
61
- }
62
- end
63
-
64
- #
65
- # Name for this dispatcher.
66
- #
67
- def name
68
- "Stdapi: Networking"
69
- end
70
-
71
- #
72
- # Displays interfaces on the remote machine.
73
- #
74
- def cmd_ipconfig(*args)
75
- ifaces = client.net.config.interfaces
76
-
77
- if (ifaces.length == 0)
78
- print_line("No interfaces were found.")
79
- else
80
- client.net.config.each_interface { |iface|
81
- print("\n" + iface.pretty + "\n")
82
- }
83
- end
84
- end
85
-
86
- #
87
- # Displays or modifies the routing table on the remote machine.
88
- #
89
- def cmd_route(*args)
90
- # Default to list
91
- if (args.length == 0)
92
- args.unshift("list")
93
- end
94
-
95
- # Check to see if they specified -h
96
- @@route_opts.parse(args) { |opt, idx, val|
97
- case opt
98
- when "-h"
99
- print(
100
- "Usage: route [-h] command [args]\n\n" +
101
- "Display or modify the routing table on the remote machine.\n\n" +
102
- "Supported commands:\n\n" +
103
- " add [subnet] [netmask] [gateway]\n" +
104
- " delete [subnet] [netmask] [gateway]\n" +
105
- " list\n\n")
106
- return true
107
- end
108
- }
109
-
110
- cmd = args.shift
111
-
112
- # Process the commands
113
- case cmd
114
- when "list"
115
- routes = client.net.config.routes
116
-
117
- if (routes.length == 0)
118
- print_line("No routes were found.")
119
- else
120
- tbl = Rex::Ui::Text::Table.new(
121
- 'Header' => "Network routes",
122
- 'Indent' => 4,
123
- 'Columns' =>
124
- [
125
- "Subnet",
126
- "Netmask",
127
- "Gateway"
128
- ])
129
-
130
- routes.each { |route|
131
- tbl << [ route.subnet, route.netmask, route.gateway ]
132
- }
133
-
134
- print("\n" + tbl.to_s + "\n")
135
- end
136
- when "add"
137
- # Satisfy check to see that formatting is correct
138
- unless Rex::Socket::RangeWalker.new(args[0]).length == 1
139
- print_error "Invalid IP Address"
140
- return false
141
- end
142
-
143
- unless Rex::Socket::RangeWalker.new(args[1]).length == 1
144
- print_error "Invalid Subnet mask"
145
- return false
146
- end
147
-
148
- print_line("Creating route #{args[0]}/#{args[1]} -> #{args[2]}")
149
-
150
- client.net.config.add_route(*args)
151
- when "delete"
152
- # Satisfy check to see that formatting is correct
153
- unless Rex::Socket::RangeWalker.new(args[0]).length == 1
154
- print_error "Invalid IP Address"
155
- return false
156
- end
157
-
158
- unless Rex::Socket::RangeWalker.new(args[1]).length == 1
159
- print_error "Invalid Subnet mask"
160
- return false
161
- end
162
-
163
- print_line("Deleting route #{args[0]}/#{args[1]} -> #{args[2]}")
164
-
165
- client.net.config.remove_route(*args)
166
- else
167
- print_error("Unsupported command: #{cmd}")
168
- end
169
- end
170
-
171
- #
172
- # Starts and stops local port forwards to remote hosts on the target
173
- # network. This provides an elementary pivoting interface.
174
- #
175
- def cmd_portfwd(*args)
176
- args.unshift("list") if args.empty?
177
-
178
- # For clarity's sake.
179
- lport = nil
180
- lhost = nil
181
- rport = nil
182
- rhost = nil
183
-
184
- # Parse the options
185
- @@portfwd_opts.parse(args) { |opt, idx, val|
186
- case opt
187
- when "-h"
188
- cmd_portfwd_help
189
- return true
190
- when "-l"
191
- lport = val.to_i
192
- when "-L"
193
- lhost = val
194
- when "-p"
195
- rport = val.to_i
196
- when "-r"
197
- rhost = val
198
- end
199
- }
200
-
201
- # If we haven't extended the session, then do it now since we'll
202
- # need to track port forwards
203
- if client.kind_of?(PortForwardTracker) == false
204
- client.extend(PortForwardTracker)
205
- client.pfservice = Rex::ServiceManager.start(Rex::Services::LocalRelay)
206
- end
207
-
208
- # Build a local port forward in association with the channel
209
- service = client.pfservice
210
-
211
- # Process the command
212
- case args.shift
213
- when "list"
214
-
215
- cnt = 0
216
-
217
- # Enumerate each TCP relay
218
- service.each_tcp_relay { |lhost, lport, rhost, rport, opts|
219
- next if (opts['MeterpreterRelay'] == nil)
220
-
221
- print_line("#{cnt}: #{lhost}:#{lport} -> #{rhost}:#{rport}")
222
-
223
- cnt += 1
224
- }
225
-
226
- print_line
227
- print_line("#{cnt} total local port forwards.")
228
-
229
-
230
- when "add"
231
-
232
- # Validate parameters
233
- if (!lport or !rhost or !rport)
234
- print_error("You must supply a local port, remote host, and remote port.")
235
- return
236
- end
237
-
238
- # Start the local TCP relay in association with this stream
239
- service.start_tcp_relay(lport,
240
- 'LocalHost' => lhost,
241
- 'PeerHost' => rhost,
242
- 'PeerPort' => rport,
243
- 'MeterpreterRelay' => true,
244
- 'OnLocalConnection' => Proc.new { |relay, lfd|
245
- create_tcp_channel(relay)
246
- })
247
-
248
- print_status("Local TCP relay created: #{lhost || '0.0.0.0'}:#{lport} <-> #{rhost}:#{rport}")
249
-
250
- # Delete local port forwards
251
- when "delete"
252
-
253
- # No local port, no love.
254
- if (!lport)
255
- print_error("You must supply a local port.")
256
- return
257
- end
258
-
259
- # Stop the service
260
- if (service.stop_tcp_relay(lport, lhost))
261
- print_status("Successfully stopped TCP relay on #{lhost || '0.0.0.0'}:#{lport}")
262
- else
263
- print_error("Failed to stop TCP relay on #{lhost || '0.0.0.0'}:#{lport}")
264
- end
265
-
266
- else
267
- cmd_portfwd_help
268
- end
269
- end
270
-
271
- def cmd_portfwd_help
272
- print_line "Usage: portfwd [-h] [add / delete / list] [args]"
273
- print_line
274
- print @@portfwd_opts.usage
275
- end
276
-
277
- protected
278
-
279
- #
280
- # Creates a TCP channel using the supplied relay context.
281
- #
282
- def create_tcp_channel(relay)
283
- client.net.socket.create(
284
- Rex::Socket::Parameters.new(
285
- 'PeerHost' => relay.opts['PeerHost'],
286
- 'PeerPort' => relay.opts['PeerPort'],
287
- 'Proto' => 'tcp'
288
- )
289
- )
290
- end
291
-
292
- end
293
-
294
- end
295
- end
296
- end
297
- end
298
-
@@ -1,486 +0,0 @@
1
- require 'rex/post/meterpreter'
2
-
3
- module Rex
4
- module Post
5
- module Meterpreter
6
- module Ui
7
-
8
- ###
9
- #
10
- # The system level portion of the standard API extension.
11
- #
12
- ###
13
- class Console::CommandDispatcher::Stdapi::Sys
14
-
15
- Klass = Console::CommandDispatcher::Stdapi::Sys
16
-
17
- include Console::CommandDispatcher
18
-
19
- #
20
- # Options used by the 'execute' command.
21
- #
22
- @@execute_opts = Rex::Parser::Arguments.new(
23
- "-a" => [ true, "The arguments to pass to the command." ],
24
- "-c" => [ false, "Channelized I/O (required for interaction)." ],
25
- "-f" => [ true, "The executable command to run." ],
26
- "-h" => [ false, "Help menu." ],
27
- "-H" => [ false, "Create the process hidden from view." ],
28
- "-i" => [ false, "Interact with the process after creating it." ],
29
- "-m" => [ false, "Execute from memory." ],
30
- "-d" => [ true, "The 'dummy' executable to launch when using -m." ],
31
- "-t" => [ false, "Execute process with currently impersonated thread token"],
32
- "-k" => [ false, "Execute process on the meterpreters current desktop" ],
33
- "-s" => [ true, "Execute process in a given session as the session user" ])
34
-
35
- #
36
- # Options used by the 'reg' command.
37
- #
38
- @@reg_opts = Rex::Parser::Arguments.new(
39
- "-d" => [ true, "The data to store in the registry value." ],
40
- "-h" => [ true, "Help menu." ],
41
- "-k" => [ true, "The registry key path (E.g. HKLM\\Software\\Foo)." ],
42
- "-t" => [ true, "The registry value type (E.g. REG_SZ)." ],
43
- "-v" => [ true, "The registry value name (E.g. Stuff)." ])
44
-
45
- #
46
- # List of supported commands.
47
- #
48
- def commands
49
- {
50
- "clearev" => "Clear the event log",
51
- "execute" => "Execute a command",
52
- "getpid" => "Get the current process identifier",
53
- "getuid" => "Get the user that the server is running as",
54
- "getprivs" => "Get as many privileges as possible",
55
- "kill" => "Terminate a process",
56
- "ps" => "List running processes",
57
- "reboot" => "Reboots the remote computer",
58
- "reg" => "Modify and interact with the remote registry",
59
- "rev2self" => "Calls RevertToSelf() on the remote machine",
60
- "sysinfo" => "Gets information about the remote system, such as OS",
61
- "shell" => "Drop into a system command shell",
62
- "shutdown" => "Shuts down the remote computer",
63
- "steal_token" => "Attempts to steal an impersonation token from the target process",
64
- "drop_token" => "Relinquishes any active impersonation token.",
65
- }
66
- end
67
-
68
- #
69
- # Name for this dispatcher.
70
- #
71
- def name
72
- "Stdapi: System"
73
- end
74
-
75
- #
76
- # Executes a command with some options.
77
- #
78
- def cmd_execute(*args)
79
- if (args.length == 0)
80
- args.unshift("-h")
81
- end
82
-
83
- session = nil
84
- interact = false
85
- desktop = false
86
- channelized = nil
87
- hidden = nil
88
- from_mem = false
89
- dummy_exec = "cmd"
90
- cmd_args = nil
91
- cmd_exec = nil
92
- use_thread_token = false
93
-
94
- @@execute_opts.parse(args) { |opt, idx, val|
95
- case opt
96
- when "-a"
97
- cmd_args = val
98
- when "-c"
99
- channelized = true
100
- when "-f"
101
- cmd_exec = val
102
- when "-H"
103
- hidden = true
104
- when "-m"
105
- from_mem = true
106
- when "-d"
107
- dummy_exec = val
108
- when "-k"
109
- desktop = true
110
- when "-h"
111
- print(
112
- "Usage: execute -f file [options]\n\n" +
113
- "Executes a command on the remote machine.\n" +
114
- @@execute_opts.usage)
115
- return true
116
- when "-i"
117
- channelized = true
118
- interact = true
119
- when "-t"
120
- use_thread_token = true
121
- when "-s"
122
- session = val.to_i
123
- end
124
- }
125
-
126
- # Did we at least get an executable?
127
- if (cmd_exec == nil)
128
- print_error("You must specify an executable file with -f")
129
- return true
130
- end
131
-
132
- # Execute it
133
- p = client.sys.process.execute(cmd_exec, cmd_args,
134
- 'Channelized' => channelized,
135
- 'Desktop' => desktop,
136
- 'Session' => session,
137
- 'Hidden' => hidden,
138
- 'InMemory' => (from_mem) ? dummy_exec : nil,
139
- 'UseThreadToken' => use_thread_token)
140
-
141
- print_line("Process #{p.pid} created.")
142
- print_line("Channel #{p.channel.cid} created.") if (p.channel)
143
-
144
- if (interact and p.channel)
145
- shell.interact_with_channel(p.channel)
146
- end
147
- end
148
-
149
-
150
- #
151
- # Drop into a system shell as specified by %COMSPEC%
152
- #
153
- def cmd_shell(*args)
154
- path = client.fs.file.expand_path("%COMSPEC%")
155
- path = (path and not path.empty?) ? path : "cmd.exe"
156
- cmd_execute("-f", path, "-c", "-H", "-i", "-t")
157
- end
158
-
159
-
160
- #
161
- # Gets the process identifier that meterpreter is running in on the remote
162
- # machine.
163
- #
164
- def cmd_getpid(*args)
165
- print_line("Current pid: #{client.sys.process.getpid}")
166
-
167
- return true
168
- end
169
-
170
- #
171
- # Displays the user that the server is running as.
172
- #
173
- def cmd_getuid(*args)
174
- print_line("Server username: #{client.sys.config.getuid}")
175
- end
176
-
177
- #
178
- # Clears the event log
179
- #
180
- def cmd_clearev(*args)
181
-
182
- logs = ['Application', 'System', 'Security']
183
- logs << args
184
- logs.flatten!
185
-
186
- logs.each do |name|
187
- log = client.sys.eventlog.open(name)
188
- print_status("Wiping #{log.length} records from #{name}...")
189
- log.clear
190
- end
191
- end
192
-
193
- #
194
- # Kills one or more processes.
195
- #
196
- def cmd_kill(*args)
197
- if (args.length == 0)
198
- print_line(
199
- "Usage: kill pid1 pid2 pid3 ...\n\n" +
200
- "Terminate one or more processes.")
201
- return true
202
- end
203
-
204
- print_line("Killing: #{args.join(", ")}")
205
-
206
- client.sys.process.kill(*(args.map { |x| x.to_i }))
207
-
208
- return true
209
- end
210
-
211
- #
212
- # Lists running processes.
213
- #
214
- def cmd_ps(*args)
215
- processes = client.sys.process.get_processes
216
- tbl = Rex::Ui::Text::Table.new(
217
- 'Header' => "Process list",
218
- 'Indent' => 1,
219
- 'Columns' =>
220
- [
221
- "PID",
222
- "Name",
223
- "Arch",
224
- "Session",
225
- "User",
226
- "Path"
227
- ])
228
-
229
- processes.each { |ent|
230
-
231
- session = ent['session'] == 0xFFFFFFFF ? '' : ent['session'].to_s
232
- arch = ent['arch']
233
-
234
- # for display and consistency with payload naming we switch the internal 'x86_64' value to display 'x64'
235
- if( arch == ARCH_X86_64 )
236
- arch = "x64"
237
- end
238
-
239
- tbl << [ ent['pid'].to_s, ent['name'], arch, session, ent['user'], ent['path'] ]
240
- }
241
-
242
- if (processes.length == 0)
243
- print_line("No running processes were found.")
244
- else
245
- print("\n" + tbl.to_s + "\n")
246
- end
247
-
248
- return true
249
- end
250
-
251
- #
252
- # Reboots the remote computer.
253
- #
254
- def cmd_reboot(*args)
255
- print_line("Rebooting...")
256
-
257
- client.sys.power.reboot
258
- end
259
-
260
- #
261
- # Modifies and otherwise interacts with the registry on the remote computer
262
- # by allowing the client to enumerate, open, modify, and delete registry
263
- # keys and values.
264
- #
265
- def cmd_reg(*args)
266
- # Extract the command, if any
267
- cmd = args.shift
268
-
269
- if (args.length == 0)
270
- args.unshift("-h")
271
- end
272
-
273
- # Initiailze vars
274
- key = nil
275
- value = nil
276
- data = nil
277
- type = nil
278
-
279
- @@reg_opts.parse(args) { |opt, idx, val|
280
- case opt
281
- when "-h"
282
- print_line(
283
- "Usage: reg [command] [options]\n\n" +
284
- "Interact with the target machine's registry.\n" +
285
- @@reg_opts.usage +
286
- "COMMANDS:\n\n" +
287
- " enumkey Enumerate the supplied registry key [-k <key>]\n" +
288
- " createkey Create the supplied registry key [-k <key>]\n" +
289
- " deletekey Delete the supplied registry key [-k <key>]\n" +
290
- " queryclass Queries the class of the supplied key [-k <key>]\n" +
291
- " setval Set a registry value [-k <key> -v <val> -d <data>]\n" +
292
- " deleteval Delete the supplied registry value [-k <key> -v <val>]\n" +
293
- " queryval Queries the data contents of a value [-k <key> -v <val>]\n\n")
294
- return false
295
- when "-k"
296
- key = val
297
- when "-v"
298
- value = val
299
- when "-t"
300
- type = val
301
- when "-d"
302
- data = val
303
- end
304
- }
305
-
306
- # All commands require a key.
307
- if (key == nil)
308
- print_error("You must specify a key path (-k)")
309
- return false
310
- end
311
-
312
- # Split the key into its parts
313
- root_key, base_key = client.sys.registry.splitkey(key)
314
-
315
- begin
316
- # Rock it
317
- case cmd
318
- when "enumkey"
319
- open_key = client.sys.registry.open_key(root_key, base_key)
320
-
321
- print_line(
322
- "Enumerating: #{key}\n")
323
-
324
- keys = open_key.enum_key
325
- vals = open_key.enum_value
326
-
327
- if (keys.length > 0)
328
- print_line(" Keys (#{keys.length}):\n")
329
-
330
- keys.each { |subkey|
331
- print_line("\t#{subkey}")
332
- }
333
-
334
- print_line
335
- end
336
-
337
- if (vals.length > 0)
338
- print_line(" Values (#{vals.length}):\n")
339
-
340
- vals.each { |val|
341
- print_line("\t#{val.name}")
342
- }
343
-
344
- print_line
345
- end
346
-
347
- if (vals.length == 0 and keys.length == 0)
348
- print_line("No children.")
349
- end
350
-
351
- when "createkey"
352
- open_key = client.sys.registry.create_key(root_key, base_key)
353
-
354
- print_line("Successfully created key: #{key}")
355
-
356
- when "deletekey"
357
- client.sys.registry.delete_key(root_key, base_key)
358
-
359
- print_line("Successfully deleted key: #{key}")
360
-
361
- when "setval"
362
- if (value == nil or data == nil)
363
- print_error("You must specify both a value name and data (-v, -d).")
364
- return false
365
- end
366
-
367
- type = "REG_SZ" if (type == nil)
368
-
369
- open_key = client.sys.registry.open_key(root_key, base_key, KEY_WRITE)
370
-
371
- open_key.set_value(value, client.sys.registry.type2str(type), data)
372
-
373
- print_line("Successful set #{value}.")
374
-
375
- when "deleteval"
376
- if (value == nil)
377
- print_error("You must specify a value name (-v).")
378
- return false
379
- end
380
-
381
- open_key = client.sys.registry.open_key(root_key, base_key, KEY_WRITE)
382
-
383
- open_key.delete_value(value)
384
-
385
- print_line("Successfully deleted #{value}.")
386
-
387
- when "queryval"
388
- if (value == nil)
389
- print_error("You must specify a value name (-v).")
390
- return false
391
- end
392
-
393
- open_key = client.sys.registry.open_key(root_key, base_key, KEY_READ)
394
-
395
- v = open_key.query_value(value)
396
-
397
- print(
398
- "Key: #{key}\n" +
399
- "Name: #{v.name}\n" +
400
- "Type: #{v.type_to_s}\n" +
401
- "Data: #{v.data}\n")
402
-
403
- when "queryclass"
404
- open_key = client.sys.registry.open_key(root_key, base_key, KEY_READ)
405
-
406
- data = open_key.query_class
407
-
408
- print("Data: #{data}\n")
409
- else
410
- print_error("Invalid command supplied: #{cmd}")
411
- end
412
- ensure
413
- open_key.close if (open_key)
414
- end
415
- end
416
-
417
- #
418
- # Calls RevertToSelf() on the remote machine.
419
- #
420
- def cmd_rev2self(*args)
421
- client.sys.config.revert_to_self
422
- end
423
-
424
- #
425
- # Obtains as many privileges as possible on the target machine.
426
- #
427
- def cmd_getprivs(*args)
428
- print_line("=" * 60)
429
- print_line("Enabled Process Privileges")
430
- print_line("=" * 60)
431
- client.sys.config.getprivs.each do |priv|
432
- print_line(" #{priv}")
433
- end
434
- print_line("")
435
- end
436
-
437
- #
438
- # Tries to steal the primary token from the target process.
439
- #
440
- def cmd_steal_token(*args)
441
- if(args.length != 1 or args[0] == "-h")
442
- print_error("Usage: steal_token [pid]")
443
- return
444
- end
445
- print_line("Stolen token with username: " + client.sys.config.steal_token(args[0]))
446
- end
447
-
448
- #
449
- # Drops any assumed token.
450
- #
451
- def cmd_drop_token(*args)
452
- print_line("Relinquished token, now running as: " + client.sys.config.drop_token())
453
- end
454
-
455
- #
456
- # Displays information about the remote system.
457
- #
458
- def cmd_sysinfo(*args)
459
- info = client.sys.config.sysinfo
460
- width = "Meterpreter".length
461
- info.keys.each { |k| width = k.length if k.length > width and info[k] }
462
-
463
- info.each_pair do |key, value|
464
- print_line("#{key.ljust(width+1)}: #{value}") if value
465
- end
466
- print_line("#{"Meterpreter".ljust(width+1)}: #{client.platform}")
467
-
468
- return true
469
- end
470
-
471
- #
472
- # Shuts down the remote computer.
473
- #
474
- def cmd_shutdown(*args)
475
- print_line("Shutting down...")
476
-
477
- client.sys.power.shutdown
478
- end
479
-
480
- end
481
-
482
- end
483
- end
484
- end
485
- end
486
-