RubyGems - librex - Versions diffs - 0.0.20 → 0.0.21 - Mend

librex 0.0.20 → 0.0.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (435) hide show

data/Rakefile +1 -0
data/lib/rex/LICENSE +29 -0
data/lib/rex/arch.rb +103 -0
data/lib/rex/arch/sparc.rb +75 -0
data/lib/rex/arch/sparc.rb.ut.rb +18 -0
data/lib/rex/arch/x86.rb +513 -0
data/lib/rex/arch/x86.rb.ut.rb +93 -0
data/lib/rex/assembly/nasm.rb +104 -0
data/lib/rex/assembly/nasm.rb.ut.rb +22 -0
data/lib/rex/codepage.map +104 -0
data/lib/rex/compat.rb +311 -0
data/lib/rex/constants.rb +113 -0
data/lib/rex/elfparsey.rb +11 -0
data/lib/rex/elfparsey/elf.rb +123 -0
data/lib/rex/elfparsey/elfbase.rb +258 -0
data/lib/rex/elfparsey/exceptions.rb +27 -0
data/lib/rex/elfscan.rb +12 -0
data/lib/rex/elfscan/scanner.rb +207 -0
data/lib/rex/elfscan/search.rb +46 -0
data/lib/rex/encoder/alpha2.rb +31 -0
data/lib/rex/encoder/alpha2/alpha_mixed.rb +68 -0
data/lib/rex/encoder/alpha2/alpha_upper.rb +79 -0
data/lib/rex/encoder/alpha2/generic.rb +114 -0
data/lib/rex/encoder/alpha2/unicode_mixed.rb +117 -0
data/lib/rex/encoder/alpha2/unicode_upper.rb +129 -0
data/lib/rex/encoder/ndr.rb +89 -0
data/lib/rex/encoder/ndr.rb.ut.rb +44 -0
data/lib/rex/encoder/nonalpha.rb +61 -0
data/lib/rex/encoder/nonupper.rb +64 -0
data/lib/rex/encoder/xdr.rb +106 -0
data/lib/rex/encoder/xdr.rb.ut.rb +29 -0
data/lib/rex/encoder/xor.rb +69 -0
data/lib/rex/encoder/xor/dword.rb +13 -0
data/lib/rex/encoder/xor/dword_additive.rb +13 -0
data/lib/rex/encoders/xor_dword.rb +35 -0
data/lib/rex/encoders/xor_dword_additive.rb +53 -0
data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +12 -0
data/lib/rex/encoding/xor.rb +20 -0
data/lib/rex/encoding/xor.rb.ts.rb +14 -0
data/lib/rex/encoding/xor/byte.rb +15 -0
data/lib/rex/encoding/xor/byte.rb.ut.rb +21 -0
data/lib/rex/encoding/xor/dword.rb +21 -0
data/lib/rex/encoding/xor/dword.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/dword_additive.rb +92 -0
data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +15 -0
data/lib/rex/encoding/xor/exceptions.rb +17 -0
data/lib/rex/encoding/xor/generic.rb +146 -0
data/lib/rex/encoding/xor/generic.rb.ut.rb +120 -0
data/lib/rex/encoding/xor/qword.rb +15 -0
data/lib/rex/encoding/xor/word.rb +21 -0
data/lib/rex/encoding/xor/word.rb.ut.rb +13 -0
data/lib/rex/exceptions.rb +275 -0
data/lib/rex/exceptions.rb.ut.rb +44 -0
data/lib/rex/exploitation/cmdstager.rb +9 -0
data/lib/rex/exploitation/cmdstager/base.rb +175 -0
data/lib/rex/exploitation/cmdstager/debug_asm.rb +142 -0
data/lib/rex/exploitation/cmdstager/debug_write.rb +136 -0
data/lib/rex/exploitation/cmdstager/tftp.rb +63 -0
data/lib/rex/exploitation/cmdstager/vbs.rb +128 -0
data/lib/rex/exploitation/egghunter.rb +277 -0
data/lib/rex/exploitation/egghunter.rb.ut.rb +25 -0
data/lib/rex/exploitation/encryptjs.rb +77 -0
data/lib/rex/exploitation/heaplib.js.b64 +331 -0
data/lib/rex/exploitation/heaplib.rb +94 -0
data/lib/rex/exploitation/javascriptosdetect.rb +897 -0
data/lib/rex/exploitation/obfuscatejs.rb +335 -0
data/lib/rex/exploitation/omelet.rb +320 -0
data/lib/rex/exploitation/omelet.rb.ut.rb +13 -0
data/lib/rex/exploitation/opcodedb.rb +818 -0
data/lib/rex/exploitation/opcodedb.rb.ut.rb +279 -0
data/lib/rex/exploitation/seh.rb +92 -0
data/lib/rex/exploitation/seh.rb.ut.rb +19 -0
data/lib/rex/file.rb +112 -0
data/lib/rex/file.rb.ut.rb +16 -0
data/lib/rex/image_source.rb +12 -0
data/lib/rex/image_source/disk.rb +60 -0
data/lib/rex/image_source/image_source.rb +46 -0
data/lib/rex/image_source/memory.rb +37 -0
data/lib/rex/io/bidirectional_pipe.rb +157 -0
data/lib/rex/io/datagram_abstraction.rb +35 -0
data/lib/rex/io/ring_buffer.rb +364 -0
data/lib/rex/io/stream.rb +319 -0
data/lib/rex/io/stream_abstraction.rb +197 -0
data/lib/rex/io/stream_server.rb +211 -0
data/lib/rex/job_container.rb +187 -0
data/lib/rex/logging.rb +4 -0
data/lib/rex/logging/log_dispatcher.rb +179 -0
data/lib/rex/logging/log_sink.rb +42 -0
data/lib/rex/logging/sinks/flatfile.rb +55 -0
data/lib/rex/logging/sinks/stderr.rb +43 -0
data/lib/rex/machparsey.rb +9 -0
data/lib/rex/machparsey/exceptions.rb +34 -0
data/lib/rex/machparsey/mach.rb +209 -0
data/lib/rex/machparsey/machbase.rb +408 -0
data/lib/rex/machscan.rb +9 -0
data/lib/rex/machscan/scanner.rb +217 -0
data/lib/rex/mime.rb +9 -0
data/lib/rex/mime/header.rb +77 -0
data/lib/rex/mime/message.rb +144 -0
data/lib/rex/mime/part.rb +20 -0
data/lib/rex/nop/opty2.rb +108 -0
data/lib/rex/nop/opty2.rb.ut.rb +23 -0
data/lib/rex/nop/opty2_tables.rb +300 -0
data/lib/rex/ole.rb +205 -0
data/lib/rex/ole/clsid.rb +47 -0
data/lib/rex/ole/difat.rb +141 -0
data/lib/rex/ole/directory.rb +231 -0
data/lib/rex/ole/direntry.rb +240 -0
data/lib/rex/ole/docs/dependencies.txt +8 -0
data/lib/rex/ole/docs/references.txt +1 -0
data/lib/rex/ole/fat.rb +99 -0
data/lib/rex/ole/header.rb +204 -0
data/lib/rex/ole/minifat.rb +77 -0
data/lib/rex/ole/propset.rb +144 -0
data/lib/rex/ole/samples/create_ole.rb +27 -0
data/lib/rex/ole/samples/dir.rb +35 -0
data/lib/rex/ole/samples/dump_stream.rb +34 -0
data/lib/rex/ole/samples/ole_info.rb +23 -0
data/lib/rex/ole/storage.rb +395 -0
data/lib/rex/ole/stream.rb +53 -0
data/lib/rex/ole/substorage.rb +49 -0
data/lib/rex/ole/util.rb +157 -0
data/lib/rex/parser/arguments.rb +97 -0
data/lib/rex/parser/arguments.rb.ut.rb +67 -0
data/lib/rex/parser/ini.rb +185 -0
data/lib/rex/parser/ini.rb.ut.rb +29 -0
data/lib/rex/parser/ip360_aspl_xml.rb +102 -0
data/lib/rex/parser/ip360_xml.rb +97 -0
data/lib/rex/parser/nessus_xml.rb +118 -0
data/lib/rex/parser/netsparker_xml.rb +94 -0
data/lib/rex/parser/nexpose_xml.rb +136 -0
data/lib/rex/parser/nmap_xml.rb +137 -0
data/lib/rex/parser/retina_xml.rb +109 -0
data/lib/rex/payloads.rb +1 -0
data/lib/rex/payloads/win32.rb +2 -0
data/lib/rex/payloads/win32/common.rb +26 -0
data/lib/rex/payloads/win32/kernel.rb +53 -0
data/lib/rex/payloads/win32/kernel/common.rb +54 -0
data/lib/rex/payloads/win32/kernel/migration.rb +12 -0
data/lib/rex/payloads/win32/kernel/recovery.rb +50 -0
data/lib/rex/payloads/win32/kernel/stager.rb +194 -0
data/lib/rex/peparsey.rb +12 -0
data/lib/rex/peparsey/exceptions.rb +32 -0
data/lib/rex/peparsey/pe.rb +212 -0
data/lib/rex/peparsey/pe_memdump.rb +63 -0
data/lib/rex/peparsey/pebase.rb +1680 -0
data/lib/rex/peparsey/section.rb +136 -0
data/lib/rex/pescan.rb +13 -0
data/lib/rex/pescan/analyze.rb +309 -0
data/lib/rex/pescan/scanner.rb +206 -0
data/lib/rex/pescan/search.rb +56 -0
data/lib/rex/platforms.rb +1 -0
data/lib/rex/platforms/windows.rb +51 -0
data/lib/rex/poly.rb +132 -0
data/lib/rex/poly/block.rb +477 -0
data/lib/rex/poly/register.rb +100 -0
data/lib/rex/poly/register/x86.rb +40 -0
data/lib/rex/post.rb +8 -0
data/lib/rex/post/dir.rb +51 -0
data/lib/rex/post/file.rb +172 -0
data/lib/rex/post/file_stat.rb +220 -0
data/lib/rex/post/gen.pl +13 -0
data/lib/rex/post/io.rb +182 -0
data/lib/rex/post/meterpreter.rb +4 -0
data/lib/rex/post/meterpreter/channel.rb +445 -0
data/lib/rex/post/meterpreter/channel_container.rb +54 -0
data/lib/rex/post/meterpreter/channels/pool.rb +160 -0
data/lib/rex/post/meterpreter/channels/pools/file.rb +62 -0
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +103 -0
data/lib/rex/post/meterpreter/channels/stream.rb +87 -0
data/lib/rex/post/meterpreter/client.rb +364 -0
data/lib/rex/post/meterpreter/client_core.rb +274 -0
data/lib/rex/post/meterpreter/dependencies.rb +3 -0
data/lib/rex/post/meterpreter/extension.rb +32 -0
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +58 -0
data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +16 -0
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +94 -0
data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +21 -0
data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +57 -0
data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +15 -0
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +118 -0
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +61 -0
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +111 -0
data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +28 -0
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +101 -0
data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +26 -0
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +333 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +282 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +266 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +103 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +48 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +144 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +73 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +56 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +137 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +180 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +167 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +208 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb +6 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +38106 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb +31 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +47 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb +36 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +1818 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +96 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +3848 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +26 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +153 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +21 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +3169 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +599 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +318 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +100 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb +42 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +148 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb +127 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +309 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +204 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb +51 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +630 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +75 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb +103 -0
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +149 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +97 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +192 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +41 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +61 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +370 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +129 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +55 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +336 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +141 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +279 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +193 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +102 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +180 -0
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +211 -0
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +227 -0
data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +63 -0
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +30 -0
data/lib/rex/post/meterpreter/object_aliases.rb +83 -0
data/lib/rex/post/meterpreter/packet.rb +688 -0
data/lib/rex/post/meterpreter/packet_dispatcher.rb +431 -0
data/lib/rex/post/meterpreter/packet_parser.rb +94 -0
data/lib/rex/post/meterpreter/packet_response_waiter.rb +83 -0
data/lib/rex/post/meterpreter/ui/console.rb +137 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +62 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +730 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +108 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +241 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +231 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +61 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +98 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +51 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +132 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +187 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +65 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +442 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +298 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +486 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +315 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +157 -0
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +95 -0
data/lib/rex/post/permission.rb +26 -0
data/lib/rex/post/process.rb +57 -0
data/lib/rex/post/thread.rb +57 -0
data/lib/rex/post/ui.rb +52 -0
data/lib/rex/proto.rb +13 -0
data/lib/rex/proto.rb.ts.rb +8 -0
data/lib/rex/proto/dcerpc.rb +6 -0
data/lib/rex/proto/dcerpc.rb.ts.rb +9 -0
data/lib/rex/proto/dcerpc/client.rb +361 -0
data/lib/rex/proto/dcerpc/client.rb.ut.rb +491 -0
data/lib/rex/proto/dcerpc/exceptions.rb +150 -0
data/lib/rex/proto/dcerpc/handle.rb +47 -0
data/lib/rex/proto/dcerpc/handle.rb.ut.rb +85 -0
data/lib/rex/proto/dcerpc/ndr.rb +72 -0
data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +41 -0
data/lib/rex/proto/dcerpc/packet.rb +253 -0
data/lib/rex/proto/dcerpc/packet.rb.ut.rb +56 -0
data/lib/rex/proto/dcerpc/response.rb +187 -0
data/lib/rex/proto/dcerpc/response.rb.ut.rb +15 -0
data/lib/rex/proto/dcerpc/uuid.rb +84 -0
data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +46 -0
data/lib/rex/proto/dhcp.rb +7 -0
data/lib/rex/proto/dhcp/constants.rb +33 -0
data/lib/rex/proto/dhcp/server.rb +292 -0
data/lib/rex/proto/drda.rb +5 -0
data/lib/rex/proto/drda.rb.ts.rb +17 -0
data/lib/rex/proto/drda/constants.rb +49 -0
data/lib/rex/proto/drda/constants.rb.ut.rb +23 -0
data/lib/rex/proto/drda/packet.rb +252 -0
data/lib/rex/proto/drda/packet.rb.ut.rb +109 -0
data/lib/rex/proto/drda/utils.rb +123 -0
data/lib/rex/proto/drda/utils.rb.ut.rb +84 -0
data/lib/rex/proto/http.rb +5 -0
data/lib/rex/proto/http.rb.ts.rb +12 -0
data/lib/rex/proto/http/client.rb +821 -0
data/lib/rex/proto/http/client.rb.ut.rb +95 -0
data/lib/rex/proto/http/handler.rb +46 -0
data/lib/rex/proto/http/handler/erb.rb +128 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb +21 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +1 -0
data/lib/rex/proto/http/handler/proc.rb +60 -0
data/lib/rex/proto/http/handler/proc.rb.ut.rb +24 -0
data/lib/rex/proto/http/header.rb +161 -0
data/lib/rex/proto/http/header.rb.ut.rb +46 -0
data/lib/rex/proto/http/packet.rb +407 -0
data/lib/rex/proto/http/packet.rb.ut.rb +165 -0
data/lib/rex/proto/http/request.rb +356 -0
data/lib/rex/proto/http/request.rb.ut.rb +214 -0
data/lib/rex/proto/http/response.rb +90 -0
data/lib/rex/proto/http/response.rb.ut.rb +149 -0
data/lib/rex/proto/http/server.rb +369 -0
data/lib/rex/proto/http/server.rb.ut.rb +79 -0
data/lib/rex/proto/ntlm.rb +7 -0
data/lib/rex/proto/ntlm.rb.ut.rb +177 -0
data/lib/rex/proto/ntlm/base.rb +326 -0
data/lib/rex/proto/ntlm/constants.rb +74 -0
data/lib/rex/proto/ntlm/crypt.rb +415 -0
data/lib/rex/proto/ntlm/exceptions.rb +16 -0
data/lib/rex/proto/ntlm/message.rb +536 -0
data/lib/rex/proto/ntlm/utils.rb +764 -0
data/lib/rex/proto/proxy/socks4a.rb +440 -0
data/lib/rex/proto/rfb.rb +19 -0
data/lib/rex/proto/rfb.rb.ut.rb +37 -0
data/lib/rex/proto/rfb/cipher.rb +84 -0
data/lib/rex/proto/rfb/client.rb +207 -0
data/lib/rex/proto/rfb/constants.rb +52 -0
data/lib/rex/proto/smb.rb +7 -0
data/lib/rex/proto/smb.rb.ts.rb +8 -0
data/lib/rex/proto/smb/client.rb +1952 -0
data/lib/rex/proto/smb/client.rb.ut.rb +223 -0
data/lib/rex/proto/smb/constants.rb +1047 -0
data/lib/rex/proto/smb/constants.rb.ut.rb +18 -0
data/lib/rex/proto/smb/crypt.rb +36 -0
data/lib/rex/proto/smb/evasions.rb +66 -0
data/lib/rex/proto/smb/exceptions.rb +858 -0
data/lib/rex/proto/smb/simpleclient.rb +306 -0
data/lib/rex/proto/smb/simpleclient.rb.ut.rb +128 -0
data/lib/rex/proto/smb/utils.rb +103 -0
data/lib/rex/proto/smb/utils.rb.ut.rb +20 -0
data/lib/rex/proto/sunrpc.rb +1 -0
data/lib/rex/proto/sunrpc/client.rb +195 -0
data/lib/rex/proto/tftp.rb +12 -0
data/lib/rex/proto/tftp/constants.rb +39 -0
data/lib/rex/proto/tftp/server.rb +497 -0
data/lib/rex/proto/tftp/server.rb.ut.rb +28 -0
data/lib/rex/script.rb +42 -0
data/lib/rex/script/base.rb +59 -0
data/lib/rex/script/meterpreter.rb +15 -0
data/lib/rex/script/shell.rb +9 -0
data/lib/rex/service.rb +48 -0
data/lib/rex/service_manager.rb +141 -0
data/lib/rex/service_manager.rb.ut.rb +32 -0
data/lib/rex/services/local_relay.rb +423 -0
data/lib/rex/socket.rb +684 -0
data/lib/rex/socket.rb.ut.rb +107 -0
data/lib/rex/socket/comm.rb +119 -0
data/lib/rex/socket/comm/local.rb +412 -0
data/lib/rex/socket/comm/local.rb.ut.rb +75 -0
data/lib/rex/socket/ip.rb +130 -0
data/lib/rex/socket/parameters.rb +345 -0
data/lib/rex/socket/parameters.rb.ut.rb +51 -0
data/lib/rex/socket/range_walker.rb +346 -0
data/lib/rex/socket/range_walker.rb.ut.rb +55 -0
data/lib/rex/socket/ssl_tcp.rb +184 -0
data/lib/rex/socket/ssl_tcp.rb.ut.rb +39 -0
data/lib/rex/socket/ssl_tcp_server.rb +122 -0
data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +61 -0
data/lib/rex/socket/subnet_walker.rb +75 -0
data/lib/rex/socket/subnet_walker.rb.ut.rb +28 -0
data/lib/rex/socket/switch_board.rb +278 -0
data/lib/rex/socket/switch_board.rb.ut.rb +52 -0
data/lib/rex/socket/tcp.rb +76 -0
data/lib/rex/socket/tcp.rb.ut.rb +64 -0
data/lib/rex/socket/tcp_server.rb +66 -0
data/lib/rex/socket/tcp_server.rb.ut.rb +44 -0
data/lib/rex/socket/udp.rb +164 -0
data/lib/rex/socket/udp.rb.ut.rb +44 -0
data/lib/rex/struct2.rb +5 -0
data/lib/rex/struct2/c_struct.rb +181 -0
data/lib/rex/struct2/c_struct_template.rb +39 -0
data/lib/rex/struct2/constant.rb +26 -0
data/lib/rex/struct2/element.rb +44 -0
data/lib/rex/struct2/generic.rb +73 -0
data/lib/rex/struct2/restraint.rb +54 -0
data/lib/rex/struct2/s_string.rb +72 -0
data/lib/rex/struct2/s_struct.rb +111 -0
data/lib/rex/sync.rb +6 -0
data/lib/rex/sync/event.rb +94 -0
data/lib/rex/sync/read_write_lock.rb +176 -0
data/lib/rex/sync/ref.rb +57 -0
data/lib/rex/sync/thread_safe.rb +82 -0
data/lib/rex/test.rb +35 -0
data/lib/rex/text.rb +1163 -0
data/lib/rex/text.rb.ut.rb +190 -0
data/lib/rex/thread_factory.rb +42 -0
data/lib/rex/time.rb +65 -0
data/lib/rex/transformer.rb +115 -0
data/lib/rex/transformer.rb.ut.rb +38 -0
data/lib/rex/ui.rb +21 -0
data/lib/rex/ui/interactive.rb +298 -0
data/lib/rex/ui/output.rb +78 -0
data/lib/rex/ui/output/none.rb +18 -0
data/lib/rex/ui/progress_tracker.rb +96 -0
data/lib/rex/ui/subscriber.rb +149 -0
data/lib/rex/ui/text/color.rb +97 -0
data/lib/rex/ui/text/color.rb.ut.rb +18 -0
data/lib/rex/ui/text/dispatcher_shell.rb +467 -0
data/lib/rex/ui/text/input.rb +117 -0
data/lib/rex/ui/text/input/buffer.rb +75 -0
data/lib/rex/ui/text/input/readline.rb +129 -0
data/lib/rex/ui/text/input/socket.rb +95 -0
data/lib/rex/ui/text/input/stdio.rb +45 -0
data/lib/rex/ui/text/irb_shell.rb +57 -0
data/lib/rex/ui/text/output.rb +80 -0
data/lib/rex/ui/text/output/buffer.rb +61 -0
data/lib/rex/ui/text/output/file.rb +43 -0
data/lib/rex/ui/text/output/socket.rb +43 -0
data/lib/rex/ui/text/output/stdio.rb +40 -0
data/lib/rex/ui/text/progress_tracker.rb +56 -0
data/lib/rex/ui/text/progress_tracker.rb.ut.rb +34 -0
data/lib/rex/ui/text/shell.rb +328 -0
data/lib/rex/ui/text/table.rb +279 -0
data/lib/rex/ui/text/table.rb.ut.rb +55 -0
data/lib/rex/zip.rb +93 -0
data/lib/rex/zip/archive.rb +184 -0
data/lib/rex/zip/blocks.rb +182 -0
data/lib/rex/zip/entry.rb +104 -0
data/lib/rex/zip/samples/comment.rb +32 -0
data/lib/rex/zip/samples/mkwar.rb +138 -0
data/lib/rex/zip/samples/mkzip.rb +19 -0
data/lib/rex/zip/samples/recursive.rb +58 -0
metadata +434 -1

data/lib/rex/proto/ntlm/constants.rb ADDED

@@ -0,0 +1,74 @@
+module Rex
+module Proto
+module NTLM
+class Constants
+	SSP_SIGN = "NTLMSSP\0"
+	BLOB_SIGN = 0x00000101
+	LM_MAGIC = "KGS!@\#$%"
+	TIME_OFFSET = 11644473600
+	MAX64 = 0xffffffffffffffff
+	FLAGS = {
+	:UNICODE              => 0x00000001,
+	:OEM                  => 0x00000002,
+	:REQUEST_TARGET       => 0x00000004,
+	#:UNKNOWN              => 0x00000008,
+	:SIGN                 => 0x00000010,
+	:SEAL                 => 0x00000020,
+	#:UNKNOWN              => 0x00000040,
+	:NETWARE              => 0x00000100,
+	:NTLM                 => 0x00000200,
+	#:UNKNOWN              => 0x00000400,
+	#:UNKNOWN              => 0x00000800,
+	:DOMAIN_SUPPLIED      => 0x00001000,
+	:WORKSTATION_SUPPLIED => 0x00002000,
+	:LOCAL_CALL           => 0x00004000,
+	:ALWAYS_SIGN          => 0x00008000,
+	:TARGET_TYPE_DOMAIN   => 0x00010000,
+	:TARGET_INFO          => 0x00800000,
+	:NTLM2_KEY            => 0x00080000,
+	:KEY128               => 0x20000000,
+	:KEY56                => 0x80000000
+	}
+	FLAG_KEYS = FLAGS.keys.sort{|a, b| FLAGS[a] <=> FLAGS[b] }
+	DEFAULT_FLAGS = {
+	:TYPE1 => FLAGS[:UNICODE] | FLAGS[:OEM] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY],
+	:TYPE2 => FLAGS[:UNICODE],
+	:TYPE3 => FLAGS[:UNICODE] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY]
+	}
+	# NTLM Response Type
+	NTLM_V1_RESPONSE =		1
+	NTLM_V2_RESPONSE =		2
+	NTLM_2_SESSION_RESPONSE = 	3
+	#the same flags but merged from lib/rex/proto/smb/constants and keeped for compatibility
+	# NTLMSSP Message Flags
+	NEGOTIATE_UNICODE     = 0x00000001  # Only set if Type 1 contains it - this or oem, not both
+	NEGOTIATE_OEM         = 0x00000002  # Only set if Type 1 contains it - this or unicode, not both
+	REQUEST_TARGET        = 0x00000004  # If set in Type 1, must return domain or server
+	NEGOTIATE_SIGN        = 0x00000010  # Session signature required
+	NEGOTIATE_SEAL        = 0x00000020  # Session seal required
+	NEGOTIATE_LMKEY       = 0x00000080  # LM Session Key should be used for signing and sealing
+	NEGOTIATE_NTLM        = 0x00000200  # NTLM auth is supported
+	NEGOTIATE_ANONYMOUS   = 0x00000800  # Anonymous context used
+	NEGOTIATE_DOMAIN      = 0x00001000  # Sent in Type1, client gives domain info
+	NEGOTIATE_WORKSTATION = 0x00002000  # Sent in Type1, client gives workstation info
+	NEGOTIATE_LOCAL_CALL  = 0x00004000  # Server and client are on same machine
+	NEGOTIATE_ALWAYS_SIGN = 0x00008000  # Add signatures to packets
+	TARGET_TYPE_DOMAIN    = 0x00010000  # If REQUEST_TARGET, we're adding the domain name
+	TARGET_TYPE_SERVER    = 0x00020000  # If REQUEST_TARGET, we're adding the server name
+	TARGET_TYPE_SHARE     = 0x00040000  # Supposed to denote "a share" but for a webserver?
+	NEGOTIATE_NTLM2_KEY   = 0x00080000  # NTLMv2 Signature and Key exchanges
+	NEGOTIATE_TARGET_INFO = 0x00800000  # Server set when sending Target Information Block
+	NEGOTIATE_128         = 0x20000000  # 128-bit encryption supported
+	NEGOTIATE_KEY_EXCH    = 0x40000000  # Client will supply encrypted master key in Session Key field of Type3 msg
+	NEGOTIATE_56          = 0x80000000  # 56-bit encryption supported
+end
+end
+end
+end

data/lib/rex/proto/ntlm/crypt.rb ADDED

@@ -0,0 +1,415 @@
+#
+# An NTLM Authentication Library for Ruby
+#
+# This code is a derivative of "dbf2.rb" written by yrock
+# and Minero Aoki. You can find original code here:
+# http://jp.rubyist.net/magazine/?0013-CodeReview
+# -------------------------------------------------------------
+# Copyright (c) 2005,2006 yrock
+#
+# This program is free software.
+# You can distribute/modify this program under the terms of the
+# Ruby License.
+#
+# 2011-03-08 improved through a code merge with Metasploit's SMB::Crypt
+# -------------------------------------------------------------
+#
+# 2011-02-23 refactored and improved by Alexandre Maloteaux for Metasploit Project
+# -------------------------------------------------------------
+#
+# 2006-02-11 refactored by Minero Aoki
+# -------------------------------------------------------------
+#
+# All protocol information used to write this code stems from
+# "The NTLM Authentication Protocol" by Eric Glass. The author
+# would thank to him for this tremendous work and making it
+# available on the net.
+# http://davenport.sourceforge.net/ntlm.html
+# -------------------------------------------------------------
+# Copyright (c) 2003 Eric Glass
+#
+# Permission to use, copy, modify, and distribute this document
+# for any purpose and without any fee is hereby granted,
+# provided that the above copyright notice and this list of
+# conditions appear in all copies.
+# -------------------------------------------------------------
+#
+# The author also looked Mozilla-Firefox-1.0.7 source code,
+# namely, security/manager/ssl/src/nsNTLMAuthModule.cpp and
+# Jonathan Bastien-Filiatrault's libntlm-ruby.
+# "http://x2a.org/websvn/filedetails.php?
+# repname=libntlm-ruby&path=%2Ftrunk%2Fntlm.rb&sc=1"
+# The latter has a minor bug in its separate_keys function.
+# The third key has to begin from the 14th character of the
+# input string instead of 13th:)
+#--
+# $Id: ntlm.rb 11678 2011-01-30 19:26:35Z hdm $
+#++
+require 'rex/proto/ntlm/constants'
+require 'rex/proto/ntlm/base'
+module Rex
+module Proto
+module NTLM
+class Crypt
+CONST = Rex::Proto::NTLM::Constants
+BASE = Rex::Proto::NTLM::Base
+	@@loaded_openssl = false
+	begin
+		require 'openssl'
+		require 'openssl/digest'
+		@@loaded_openssl = true
+	rescue ::Exception
+	end
+	def self.gen_keys(str)
+		str.scan(/.{7}/).map{ |key| des_56_to_64(key) }
+	end
+	def self.des_56_to_64(ckey56s)
+		ckey64 = []
+		ckey56 = ckey56s.unpack('C*')
+		ckey64[0] = ckey56[0]
+		ckey64[1] = ((ckey56[0] << 7) & 0xFF) | (ckey56[1] >> 1)
+		ckey64[2] = ((ckey56[1] << 6) & 0xFF) | (ckey56[2] >> 2)
+		ckey64[3] = ((ckey56[2] << 5) & 0xFF) | (ckey56[3] >> 3)
+		ckey64[4] = ((ckey56[3] << 4) & 0xFF) | (ckey56[4] >> 4)
+		ckey64[5] = ((ckey56[4] << 3) & 0xFF) | (ckey56[5] >> 5)
+		ckey64[6] = ((ckey56[5] << 2) & 0xFF) | (ckey56[6] >> 6)
+		ckey64[7] =  (ckey56[6] << 1) & 0xFF
+		ckey64.pack('C*')
+	end
+	def self.apply_des(plain, keys)
+		raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+		dec = OpenSSL::Cipher::DES.new
+		keys.map do |k|
+			dec.key = k
+			dec.encrypt.update(plain)
+		end
+	end
+	def self.lm_hash(password, half = false)
+		size = half ? 7 : 14
+		keys = gen_keys(password.upcase.ljust(size, "\0"))
+		apply_des(CONST::LM_MAGIC, keys).join
+	end
+	def self.ntlm_hash(password, opt = {})
+		raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+		pwd = password.dup
+		unless opt[:unicode]
+			pwd = Rex::Text.to_unicode(pwd)
+		end
+		OpenSSL::Digest::MD4.digest(pwd)
+	end
+	# This hash is used for lmv2/ntlmv2 response calculation
+	def self.ntlmv2_hash(user, password, domain, opt={})
+		raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+		if opt[:pass_is_hash]
+			ntlmhash = password
+		else
+			ntlmhash = ntlm_hash(password, opt)
+		end
+		# With Win 7 and maybe other OSs we sometimes get the domain not uppercased
+		userdomain = user.upcase  + domain
+		unless opt[:unicode]
+			userdomain = Rex::Text.to_unicode(userdomain)
+		end
+		OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmhash, userdomain)
+	end
+	# Create the LANMAN response
+	def self.lm_response(arg, half = false)
+		begin
+			hash = arg[:lm_hash]
+			chal = arg[:challenge]
+		rescue
+			raise ArgumentError
+		end
+		chal = BASE::pack_int64le(chal) if chal.is_a?(Integer)
+		if half then size = 7 else  size = 21 end
+		keys = gen_keys hash.ljust(size, "\0")
+		apply_des(chal, keys).join
+	end
+	# Synonym of lm_response for old compatibility with lib/rex/proto/smb/crypt
+	def self.lanman_des(password, challenge)
+		lm_response({
+			:lm_hash => self.lm_hash(password),
+			:challenge => challenge
+		})
+	end
+	def self.ntlm_response(arg)
+		hash = arg[:ntlm_hash]
+		chal = arg[:challenge]
+		chal = BASE::pack_int64le(chal) if chal.is_a?(::Integer)
+		keys = gen_keys(hash.ljust(21, "\0"))
+		apply_des(chal, keys).join
+	end
+	#synonym of ntlm_response for old compatibility with lib/rex/proto/smb/crypt
+	def self.ntlm_md4(password, challenge)
+		ntlm_response({
+			:ntlm_hash =>  self.ntlm_hash(password),
+			:challenge => challenge
+		})
+	end
+	def self.ntlmv2_response(arg, opt = {})
+		raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+		key, chal = arg[:ntlmv2_hash], arg[:challenge]
+		if not (key and chal)
+			raise ArgumentError , 'ntlmv2_hash and challenge are mandatory'
+		end
+		chal = BASE::pack_int64le(chal) if chal.is_a?(::Integer)
+		bb   = nil
+		if opt[:nt_client_challenge]
+			if opt[:nt_client_challenge].to_s.length <= 8
+				raise ArgumentError,"nt_client_challenge is not in a correct format "
+			end
+			bb = opt[:nt_client_challenge]
+		else
+			if not arg[:target_info]
+				raise ArgumentError, "target_info is mandatory in this case"
+			end
+			ti = arg[:target_info]
+			cc = opt[:client_challenge] || rand(CONST::MAX64)
+			cc = BASE::pack_int64le(cc) if cc.is_a?(::Integer)
+			ts = opt[:timestamp] || Time.now.to_i
+			# Convert the unix timestamp to windows format
+			#   epoch -> milsec from Jan 1, 1601
+			ts = 10000000 * (ts + CONST::TIME_OFFSET)
+			blob = BASE::Blob.new
+			blob.timestamp = ts
+			blob.challenge = cc
+			blob.target_info = ti
+			bb = blob.serialize
+		end
+		OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + bb) + bb
+	end
+	def self.lmv2_response(arg, opt = {})
+		raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+		key = arg[:ntlmv2_hash]
+		chal = arg[:challenge]
+		chal = BASE::pack_int64le(chal) if chal.is_a?(::Integer)
+		cc   = opt[:client_challenge] || rand(CONST::MAX64)
+		cc   = BASE::pack_int64le(cc) if cc.is_a?(::Integer)
+		OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + cc) + cc
+	end
+	def self.ntlm2_session(arg, opt = {})
+		raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+		passwd_hash,chal = arg[:ntlm_hash],arg[:challenge]
+		if not (passwd_hash and chal)
+			raise RuntimeError, "ntlm_hash and challenge are required"
+		end
+		cc = opt[:client_challenge] || rand(CONST::MAX64)
+		cc = BASE::pack_int64le(cc) if cc.is_a?(Integer)
+		keys = gen_keys(passwd_hash.ljust(21, "\0"))
+		session_hash = OpenSSL::Digest::MD5.digest(chal + cc)[0,8]
+		response = apply_des(session_hash, keys).join
+		[cc.ljust(24, "\0"), response]
+	end
+	#this function will check if the net lm response provided correspond to en empty password
+	def self.is_hash_from_empty_pwd?(arg)
+		hash_type = arg[:type]
+		raise ArgumentError,"arg[:type] is mandatory" if not hash_type
+		raise ArgumentError,"arg[:type] must be lm or ntlm" if not hash_type  =~ /^((lm)|(ntlm))$/
+		ntlm_ver = arg[:ntlm_ver]
+		raise ArgumentError,"arg[:ntlm_ver] is mandatory" if not ntlm_ver
+		hash = arg[:hash]
+		raise ArgumentError,"arg[:hash] is mandatory" if not hash
+		srv_chall = arg[:srv_challenge]
+		raise ArgumentError,"arg[:srv_challenge] is mandatory" if not srv_chall
+		raise ArgumentError,"Server challenge length must be exactly 8 bytes" if srv_chall.length != 8
+		#calculate responses for empty pwd
+		case ntlm_ver
+		when CONST::NTLM_V1_RESPONSE
+			if hash.length != 24
+				raise ArgumentError,"hash length must be exactly 24 bytes "
+			end
+			case hash_type
+			when 'lm'
+				arglm = { 	:lm_hash => self.lm_hash(''),
+						:challenge => srv_chall}
+				calculatedhash = self.lm_response(arglm)
+			when 'ntlm'
+				argntlm = { 	:ntlm_hash =>  self.ntlm_hash(''),
+						:challenge => srv_chall }
+				calculatedhash = self.ntlm_response(argntlm)
+			end
+		when CONST::NTLM_V2_RESPONSE
+			raise ArgumentError,"hash length must be exactly 16 bytes " if hash.length != 16
+			cli_chall = arg[:cli_challenge]
+			raise ArgumentError,"arg[:cli_challenge] is mandatory in this case" if not cli_chall
+			user = arg[:user]
+			raise ArgumentError,"arg[:user] is mandatory in this case" if not user
+			domain = arg[:domain]
+			raise ArgumentError,"arg[:domain] is mandatory in this case" if not domain
+			case hash_type
+			when 'lm'
+				raise ArgumentError,"Client challenge length must be exactly 8 bytes " if cli_chall.length != 8
+				arglm = {	:ntlmv2_hash =>  self.ntlmv2_hash(user,'', domain),
+						:challenge => srv_chall }
+				optlm = {	:client_challenge => cli_chall}
+				calculatedhash = self.lmv2_response(arglm, optlm)[0,16]
+			when 'ntlm'
+				raise ArgumentError,"Client challenge length must be bigger then 8 bytes " if cli_chall.length <= 8
+				argntlm = { 	:ntlmv2_hash =>  self.ntlmv2_hash(user, '', domain),
+						:challenge => srv_chall }
+				optntlm = { 	:nt_client_challenge => cli_chall}
+				calculatedhash = self.ntlmv2_response(argntlm,optntlm)[0,16]
+			end
+		when CONST::NTLM_2_SESSION_RESPONSE
+			raise ArgumentError,"hash length must be exactly 16 bytes " if hash.length != 24
+			cli_chall = arg[:cli_challenge]
+			raise ArgumentError,"arg[:cli_challenge] is mandatory in this case" if not cli_chall
+			raise ArgumentError,"Client challenge length must be exactly 8 bytes " if cli_chall.length != 8
+			case hash_type
+			when 'lm'
+				raise ArgumentError, "ntlm2_session is incompatible with lm"
+			when 'ntlm'
+				argntlm = { 	:ntlm_hash =>  self.ntlm_hash(''),
+						:challenge => srv_chall }
+				optntlm = {	:client_challenge => cli_chall}
+			end
+			calculatedhash = self.ntlm2_session(argntlm,optntlm).join[24,24]
+		else
+			raise ArgumentError,"ntlm_ver is of unknow type"
+		end
+		hash == calculatedhash
+	end
+	#
+	# Signing method added for metasploit project
+	#
+	# Used when only the LMv1 response is provided (i.e., with Win9x clients)
+	def self.lmv1_user_session_key(pass, opt = {})
+		if opt[:pass_is_hash]
+			usk = pass[0,8]
+		else
+			usk = self.lm_hash(pass.upcase[0,7],true)
+		end
+		usk.ljust(16,"\x00")
+	end
+	# This variant is used when the client sends the NTLMv1 response
+	def self.ntlmv1_user_session_key(pass, opt = {})
+		raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+		if opt[:pass_is_hash]
+			usk = pass
+		else
+			usk = self.ntlm_hash(pass)
+		end
+		OpenSSL::Digest::MD4.digest(usk)
+	end
+	# Used when NTLMv1 authentication is employed with NTLM2 session security
+	def self.ntlm2_session_user_session_key(pass, srv_chall, cli_chall, opt = {})
+		raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+		ntlm_key = self.ntlmv1_user_session_key(pass, opt )
+		session_chal = srv_chall + cli_chall
+		OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlm_key, session_chal)
+	end
+	# Used when the LMv2 response is sent
+	def self.lmv2_user_session_key(user, pass, domain, srv_chall, cli_chall, opt = {})
+		raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+		ntlmv2_key = self.ntlmv2_hash(user, pass, domain, opt)
+		hash1 = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmv2_key, srv_chall + cli_chall)
+		OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmv2_key, hash1)
+	end
+	# Used when the NTLMv2 response is sent
+	class << self; alias_method :ntlmv2_user_session_key, :lmv2_user_session_key; end
+	# Used when LanMan Key flag is set
+	def self.lanman_session_key(pass, srvchall, opt = {})
+		if opt[:pass_is_hash]
+			halfhash = pass[0,8]
+		else
+			halfhash = lm_hash(pass.upcase[0,7],true)
+		end
+		plain = self.lm_response({
+			:lm_hash => halfhash[0,7],
+			:challenge => srvchall
+		}, true )
+		key = halfhash  + ["bdbdbdbdbdbd"].pack("H*")
+        keys = self.gen_keys(key)
+       	apply_des(plain, keys).join
+	end
+	def self.encrypt_sessionkey(session_key, user_session_key)
+		raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+		cipher = OpenSSL::Cipher::Cipher.new('rc4')
+		cipher.encrypt
+		cipher.key = user_session_key
+		cipher.update(session_key)
+	end
+	def self.decrypt_sessionkey(encrypted_session_key, user_session_key)
+		raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
+		cipher = OpenSSL::Cipher::Cipher.new('rc4')
+		cipher.decrypt
+		cipher.key = user_session_key
+		cipher.update(encrypted_session_key)
+	end
+	def self.make_weak_sessionkey(session_key,key_size,lanman_key = false)
+		case key_size
+		when 40
+			if lanman_key
+				return session_key[0,5] + "\xe5\x38\xb0"
+			else
+				return session_key[0,5]
+			end
+		when 56
+			if lanman_key
+				return session_key[0,7]  + "\xa0"
+			else
+				return session_key[0,7]
+			end
+		else #128
+			return session_key[0,16]
+		end
+	end
+end
+end
+end
+end