RubyGems - librex - Versions diffs - 0.0.4 → 0.0.5 - Mend

librex 0.0.4 → 0.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (389) hide show

data/README.md +12 -0
data/lib/rex.rb +0 -0
data/lib/rex.rb.ts.rb +0 -0
data/lib/rex/LICENSE +0 -0
data/lib/rex/arch.rb +0 -0
data/lib/rex/arch/sparc.rb +0 -0
data/lib/rex/arch/sparc.rb.ut.rb +0 -0
data/lib/rex/arch/x86.rb +0 -0
data/lib/rex/arch/x86.rb.ut.rb +0 -0
data/lib/rex/assembly/nasm.rb +0 -0
data/lib/rex/assembly/nasm.rb.ut.rb +0 -0
data/lib/rex/codepage.map +0 -0
data/lib/rex/compat.rb +0 -0
data/lib/rex/constants.rb +0 -0
data/lib/rex/elfparsey.rb +0 -0
data/lib/rex/elfparsey/elf.rb +0 -0
data/lib/rex/elfparsey/elfbase.rb +2 -4
data/lib/rex/elfparsey/exceptions.rb +0 -0
data/lib/rex/elfscan.rb +0 -0
data/lib/rex/elfscan/scanner.rb +0 -0
data/lib/rex/elfscan/search.rb +10 -10
data/lib/rex/encoder/alpha2.rb +0 -0
data/lib/rex/encoder/alpha2/alpha_mixed.rb +0 -0
data/lib/rex/encoder/alpha2/alpha_upper.rb +0 -0
data/lib/rex/encoder/alpha2/generic.rb +0 -0
data/lib/rex/encoder/alpha2/unicode_mixed.rb +0 -0
data/lib/rex/encoder/alpha2/unicode_upper.rb +0 -0
data/lib/rex/encoder/ndr.rb +0 -0
data/lib/rex/encoder/ndr.rb.ut.rb +0 -0
data/lib/rex/encoder/nonalpha.rb +0 -0
data/lib/rex/encoder/nonupper.rb +0 -0
data/lib/rex/encoder/xdr.rb +0 -0
data/lib/rex/encoder/xdr.rb.ut.rb +0 -0
data/lib/rex/encoder/xor.rb +0 -0
data/lib/rex/encoder/xor/dword.rb +0 -0
data/lib/rex/encoder/xor/dword_additive.rb +0 -0
data/lib/rex/encoders/xor_dword.rb +0 -0
data/lib/rex/encoders/xor_dword_additive.rb +0 -0
data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +0 -0
data/lib/rex/encoding/xor.rb +0 -0
data/lib/rex/encoding/xor.rb.ts.rb +0 -0
data/lib/rex/encoding/xor/byte.rb +0 -0
data/lib/rex/encoding/xor/byte.rb.ut.rb +0 -0
data/lib/rex/encoding/xor/dword.rb +0 -0
data/lib/rex/encoding/xor/dword.rb.ut.rb +0 -0
data/lib/rex/encoding/xor/dword_additive.rb +0 -0
data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +0 -0
data/lib/rex/encoding/xor/exceptions.rb +0 -0
data/lib/rex/encoding/xor/generic.rb +0 -0
data/lib/rex/encoding/xor/generic.rb.ut.rb +0 -0
data/lib/rex/encoding/xor/qword.rb +0 -0
data/lib/rex/encoding/xor/word.rb +0 -0
data/lib/rex/encoding/xor/word.rb.ut.rb +0 -0
data/lib/rex/exceptions.rb +0 -0
data/lib/rex/exceptions.rb.ut.rb +0 -0
data/lib/rex/exploitation/cmdstager.rb +0 -0
data/lib/rex/exploitation/cmdstager/base.rb +6 -1
data/lib/rex/exploitation/cmdstager/debug_asm.rb +0 -0
data/lib/rex/exploitation/cmdstager/debug_write.rb +0 -0
data/lib/rex/exploitation/cmdstager/tftp.rb +8 -8
data/lib/rex/exploitation/cmdstager/vbs.rb +0 -0
data/lib/rex/exploitation/egghunter.rb +143 -36
data/lib/rex/exploitation/egghunter.rb.ut.rb +0 -0
data/lib/rex/exploitation/encryptjs.rb +0 -0
data/lib/rex/exploitation/heaplib.js.b64 +0 -0
data/lib/rex/exploitation/heaplib.rb +0 -0
data/lib/rex/exploitation/javascriptosdetect.rb +114 -15
data/lib/rex/exploitation/obfuscatejs.rb +0 -0
data/lib/rex/exploitation/omelet.rb +320 -0
data/lib/rex/exploitation/omelet.rb.ut.rb +13 -0
data/lib/rex/exploitation/opcodedb.rb +0 -0
data/lib/rex/exploitation/opcodedb.rb.ut.rb +0 -0
data/lib/rex/exploitation/seh.rb +0 -0
data/lib/rex/exploitation/seh.rb.ut.rb +0 -0
data/lib/rex/file.rb +1 -1
data/lib/rex/file.rb.ut.rb +0 -0
data/lib/rex/image_source.rb +0 -0
data/lib/rex/image_source/disk.rb +0 -0
data/lib/rex/image_source/image_source.rb +0 -0
data/lib/rex/image_source/memory.rb +0 -0
data/lib/rex/io/bidirectional_pipe.rb +0 -0
data/lib/rex/io/datagram_abstraction.rb +0 -0
data/lib/rex/io/stream.rb +1 -1
data/lib/rex/io/stream_abstraction.rb +0 -0
data/lib/rex/io/stream_server.rb +0 -0
data/lib/rex/job_container.rb +0 -1
data/lib/rex/logging.rb +0 -0
data/lib/rex/logging/log_dispatcher.rb +0 -0
data/lib/rex/logging/log_sink.rb +0 -0
data/lib/rex/logging/sinks/flatfile.rb +0 -0
data/lib/rex/logging/sinks/stderr.rb +0 -0
data/lib/rex/machparsey.rb +0 -0
data/lib/rex/machparsey/exceptions.rb +0 -0
data/lib/rex/machparsey/machbase.rb +0 -0
data/lib/rex/machscan.rb +0 -0
data/lib/rex/machscan/scanner.rb +0 -0
data/lib/rex/mime.rb +0 -0
data/lib/rex/mime/header.rb +0 -0
data/lib/rex/mime/message.rb +0 -0
data/lib/rex/mime/part.rb +0 -0
data/lib/rex/nop/opty2.rb +0 -0
data/lib/rex/nop/opty2.rb.ut.rb +0 -0
data/lib/rex/nop/opty2_tables.rb +0 -0
data/lib/rex/ole.rb +0 -0
data/lib/rex/ole/clsid.rb +0 -0
data/lib/rex/ole/difat.rb +0 -0
data/lib/rex/ole/directory.rb +0 -0
data/lib/rex/ole/direntry.rb +0 -0
data/lib/rex/ole/docs/dependencies.txt +8 -0
data/lib/rex/ole/docs/references.txt +1 -0
data/lib/rex/ole/fat.rb +0 -0
data/lib/rex/ole/header.rb +3 -3
data/lib/rex/ole/minifat.rb +0 -0
data/lib/rex/ole/storage.rb +4 -4
data/lib/rex/ole/stream.rb +0 -0
data/lib/rex/ole/substorage.rb +0 -0
data/lib/rex/ole/util.rb +0 -0
data/lib/rex/parser/arguments.rb +0 -0
data/lib/rex/parser/arguments.rb.ut.rb +0 -0
data/lib/rex/parser/ini.rb +0 -0
data/lib/rex/parser/ini.rb.ut.rb +0 -0
data/lib/rex/parser/nexpose_xml.rb +0 -0
data/lib/rex/parser/nmap_xml.rb +0 -0
data/lib/rex/payloads.rb +0 -0
data/lib/rex/payloads/win32.rb +0 -0
data/lib/rex/payloads/win32/common.rb +0 -0
data/lib/rex/payloads/win32/kernel.rb +0 -0
data/lib/rex/payloads/win32/kernel/common.rb +0 -0
data/lib/rex/payloads/win32/kernel/migration.rb +0 -0
data/lib/rex/payloads/win32/kernel/recovery.rb +0 -0
data/lib/rex/peparsey.rb +0 -0
data/lib/rex/peparsey/exceptions.rb +0 -0
data/lib/rex/peparsey/pe.rb +7 -1
data/lib/rex/peparsey/pe_memdump.rb +0 -0
data/lib/rex/peparsey/pebase.rb +27 -2
data/lib/rex/peparsey/section.rb +0 -0
data/lib/rex/pescan.rb +0 -0
data/lib/rex/pescan/analyze.rb +0 -0
data/lib/rex/pescan/scanner.rb +0 -0
data/lib/rex/pescan/search.rb +0 -0
data/lib/rex/platforms.rb +0 -0
data/lib/rex/platforms/windows.rb +0 -0
data/lib/rex/poly.rb +0 -0
data/lib/rex/poly/block.rb +0 -0
data/lib/rex/poly/register.rb +0 -0
data/lib/rex/poly/register/x86.rb +0 -0
data/lib/rex/post.rb +0 -0
data/lib/rex/post/dir.rb +0 -0
data/lib/rex/post/file.rb +0 -0
data/lib/rex/post/file_stat.rb +0 -0
data/lib/rex/post/gen.pl +0 -0
data/lib/rex/post/io.rb +0 -0
data/lib/rex/post/meterpreter.rb +0 -0
data/lib/rex/post/meterpreter/channel.rb +0 -0
data/lib/rex/post/meterpreter/channel_container.rb +0 -0
data/lib/rex/post/meterpreter/channels/pool.rb +0 -0
data/lib/rex/post/meterpreter/channels/pools/file.rb +0 -0
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +0 -0
data/lib/rex/post/meterpreter/channels/stream.rb +0 -0
data/lib/rex/post/meterpreter/client.rb +3 -0
data/lib/rex/post/meterpreter/client_core.rb +0 -0
data/lib/rex/post/meterpreter/dependencies.rb +0 -0
data/lib/rex/post/meterpreter/extension.rb +0 -0
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +0 -0
data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +0 -0
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +0 -0
data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +0 -0
data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +57 -0
data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +15 -0
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +0 -0
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +0 -0
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +0 -0
data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +0 -0
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +2 -1
data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +12 -10
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +31 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +0 -0
data/lib/rex/post/meterpreter/extensions/{railgun → stdapi/railgun}/api_constants.rb +38106 -38105
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +1804 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +96 -0
data/lib/rex/post/meterpreter/extensions/{railgun → stdapi/railgun/def}/def_kernel32.rb +3848 -3678
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +153 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +21 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +3169 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +599 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/model.rb +540 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +308 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +196 -0
data/lib/rex/post/meterpreter/extensions/{railgun → stdapi/railgun}/tlv.rb +6 -9
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +5 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +6 -0
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +0 -0
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +0 -0
data/lib/rex/post/meterpreter/object_aliases.rb +0 -0
data/lib/rex/post/meterpreter/packet.rb +23 -1
data/lib/rex/post/meterpreter/packet_dispatcher.rb +13 -2
data/lib/rex/post/meterpreter/packet_parser.rb +0 -0
data/lib/rex/post/meterpreter/packet_response_waiter.rb +17 -10
data/lib/rex/post/meterpreter/ui/console.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +12 -7
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +221 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +4 -3
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +56 -1
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +22 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +0 -0
data/lib/rex/post/permission.rb +0 -0
data/lib/rex/post/process.rb +0 -0
data/lib/rex/post/thread.rb +0 -0
data/lib/rex/post/ui.rb +0 -0
data/lib/rex/proto.rb +0 -0
data/lib/rex/proto.rb.ts.rb +0 -0
data/lib/rex/proto/dcerpc.rb +0 -0
data/lib/rex/proto/dcerpc.rb.ts.rb +0 -0
data/lib/rex/proto/dcerpc/client.rb +3 -1
data/lib/rex/proto/dcerpc/exceptions.rb +0 -0
data/lib/rex/proto/dcerpc/handle.rb +0 -0
data/lib/rex/proto/dcerpc/handle.rb.ut.rb +0 -0
data/lib/rex/proto/dcerpc/ndr.rb +0 -0
data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +0 -0
data/lib/rex/proto/dcerpc/packet.rb +0 -0
data/lib/rex/proto/dcerpc/packet.rb.ut.rb +0 -0
data/lib/rex/proto/dcerpc/response.rb.ut.rb +0 -0
data/lib/rex/proto/dcerpc/uuid.rb +0 -0
data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +0 -0
data/lib/rex/proto/dhcp.rb +7 -0
data/lib/rex/proto/dhcp/constants.rb +33 -0
data/lib/rex/proto/dhcp/server.rb +285 -0
data/lib/rex/proto/drda.rb +0 -0
data/lib/rex/proto/drda.rb.ts.rb +0 -0
data/lib/rex/proto/drda/constants.rb +0 -0
data/lib/rex/proto/drda/constants.rb.ut.rb +0 -0
data/lib/rex/proto/drda/packet.rb +0 -0
data/lib/rex/proto/drda/packet.rb.ut.rb +0 -0
data/lib/rex/proto/drda/utils.rb +0 -0
data/lib/rex/proto/drda/utils.rb.ut.rb +0 -0
data/lib/rex/proto/http.rb +0 -0
data/lib/rex/proto/http.rb.ts.rb +0 -0
data/lib/rex/proto/http/client.rb +27 -2
data/lib/rex/proto/http/client.rb.ut.rb +4 -2
data/lib/rex/proto/http/handler.rb +0 -0
data/lib/rex/proto/http/handler/erb.rb +0 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb +0 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +0 -0
data/lib/rex/proto/http/handler/proc.rb +6 -0
data/lib/rex/proto/http/handler/proc.rb.ut.rb +0 -0
data/lib/rex/proto/http/header.rb +0 -0
data/lib/rex/proto/http/header.rb.ut.rb +0 -0
data/lib/rex/proto/http/packet.rb +20 -19
data/lib/rex/proto/http/packet.rb.ut.rb +0 -0
data/lib/rex/proto/http/request.rb +0 -0
data/lib/rex/proto/http/request.rb.ut.rb +0 -0
data/lib/rex/proto/http/response.rb +0 -0
data/lib/rex/proto/http/response.rb.ut.rb +0 -0
data/lib/rex/proto/http/server.rb +5 -3
data/lib/rex/proto/http/server.rb.ut.rb +0 -0
data/lib/rex/proto/proxy/socks4a.rb +440 -0
data/lib/rex/proto/smb.rb +0 -0
data/lib/rex/proto/smb.rb.ts.rb +0 -0
data/lib/rex/proto/smb/client.rb +110 -61
data/lib/rex/proto/smb/client.rb.ut.rb +0 -0
data/lib/rex/proto/smb/constants.rb +5 -3
data/lib/rex/proto/smb/constants.rb.ut.rb +0 -0
data/lib/rex/proto/smb/crypt.rb +0 -0
data/lib/rex/proto/smb/crypt.rb.ut.rb +0 -0
data/lib/rex/proto/smb/exceptions.rb +0 -0
data/lib/rex/proto/smb/simpleclient.rb +0 -0
data/lib/rex/proto/smb/simpleclient.rb.ut.rb +0 -0
data/lib/rex/proto/smb/utils.rb +2 -0
data/lib/rex/proto/smb/utils.rb.ut.rb +0 -0
data/lib/rex/proto/sunrpc.rb +0 -0
data/lib/rex/proto/sunrpc/client.rb +0 -0
data/lib/rex/proto/tftp.rb +10 -1
data/lib/rex/proto/tftp/constants.rb +5 -3
data/lib/rex/proto/tftp/server.rb +79 -9
data/lib/rex/script.rb +0 -0
data/lib/rex/script/base.rb +0 -0
data/lib/rex/script/meterpreter.rb +0 -0
data/lib/rex/script/shell.rb +0 -0
data/lib/rex/service.rb +0 -0
data/lib/rex/service_manager.rb +0 -0
data/lib/rex/service_manager.rb.ut.rb +0 -0
data/lib/rex/services/local_relay.rb +0 -0
data/lib/rex/socket.rb +6 -4
data/lib/rex/socket.rb.ut.rb +0 -0
data/lib/rex/socket/comm.rb +0 -0
data/lib/rex/socket/comm/local.rb +0 -0
data/lib/rex/socket/comm/local.rb.ut.rb +0 -0
data/lib/rex/socket/ip.rb +0 -0
data/lib/rex/socket/parameters.rb +0 -0
data/lib/rex/socket/parameters.rb.ut.rb +0 -0
data/lib/rex/socket/range_walker.rb +0 -0
data/lib/rex/socket/range_walker.rb.ut.rb +0 -0
data/lib/rex/socket/ssl_tcp.rb +1 -1
data/lib/rex/socket/ssl_tcp.rb.ut.rb +0 -0
data/lib/rex/socket/ssl_tcp_server.rb +0 -0
data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +0 -0
data/lib/rex/socket/subnet_walker.rb +0 -0
data/lib/rex/socket/subnet_walker.rb.ut.rb +0 -0
data/lib/rex/socket/switch_board.rb.ut.rb +0 -0
data/lib/rex/socket/tcp.rb +0 -0
data/lib/rex/socket/tcp.rb.ut.rb +0 -0
data/lib/rex/socket/tcp_server.rb +0 -0
data/lib/rex/socket/tcp_server.rb.ut.rb +0 -0
data/lib/rex/socket/udp.rb +0 -0
data/lib/rex/socket/udp.rb.ut.rb +0 -0
data/lib/rex/struct2.rb +0 -0
data/lib/rex/struct2/c_struct.rb +0 -0
data/lib/rex/struct2/c_struct_template.rb +0 -0
data/lib/rex/struct2/constant.rb +0 -0
data/lib/rex/struct2/element.rb +0 -0
data/lib/rex/struct2/generic.rb +0 -0
data/lib/rex/struct2/restraint.rb +0 -0
data/lib/rex/struct2/s_string.rb +0 -0
data/lib/rex/struct2/s_struct.rb +0 -0
data/lib/rex/sync.rb +0 -0
data/lib/rex/sync/event.rb +0 -0
data/lib/rex/sync/read_write_lock.rb +0 -0
data/lib/rex/sync/ref.rb +0 -0
data/lib/rex/sync/thread_safe.rb +0 -0
data/lib/rex/test.rb +0 -0
data/lib/rex/text.rb +13 -3
data/lib/rex/text.rb.ut.rb +9 -4
data/lib/rex/time.rb +0 -0
data/lib/rex/transformer.rb +0 -0
data/lib/rex/transformer.rb.ut.rb +0 -0
data/lib/rex/ui.rb +0 -0
data/lib/rex/ui/interactive.rb +0 -0
data/lib/rex/ui/output.rb +0 -0
data/lib/rex/ui/output/none.rb +0 -0
data/lib/rex/ui/progress_tracker.rb +0 -0
data/lib/rex/ui/subscriber.rb +0 -0
data/lib/rex/ui/text/color.rb +0 -0
data/lib/rex/ui/text/color.rb.ut.rb +0 -0
data/lib/rex/ui/text/dispatcher_shell.rb +0 -0
data/lib/rex/ui/text/input.rb +0 -0
data/lib/rex/ui/text/input/buffer.rb +0 -0
data/lib/rex/ui/text/input/readline.rb +0 -0
data/lib/rex/ui/text/input/socket.rb +0 -0
data/lib/rex/ui/text/input/stdio.rb +0 -0
data/lib/rex/ui/text/irb_shell.rb +0 -0
data/lib/rex/ui/text/output.rb +0 -0
data/lib/rex/ui/text/output/buffer.rb +0 -0
data/lib/rex/ui/text/output/file.rb +0 -0
data/lib/rex/ui/text/output/socket.rb +0 -0
data/lib/rex/ui/text/output/stdio.rb +0 -0
data/lib/rex/ui/text/progress_tracker.rb +0 -0
data/lib/rex/ui/text/progress_tracker.rb.ut.rb +0 -0
data/lib/rex/ui/text/shell.rb +9 -6
data/lib/rex/ui/text/table.rb +5 -0
data/lib/rex/ui/text/table.rb.ut.rb +0 -0
data/lib/rex/zip.rb +0 -0
data/lib/rex/zip/archive.rb +29 -1
data/lib/rex/zip/blocks.rb +0 -0
data/lib/rex/zip/entry.rb +5 -1
metadata +369 -413
data/README +0 -8
data/lib/rex/post/meterpreter/extensions/railgun/api.rb +0 -9303
data/lib/rex/post/meterpreter/extensions/railgun/railgun.rb +0 -815
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/railgun.rb +0 -57

data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb ADDED

@@ -0,0 +1,308 @@
+# Copyright (c) 2010, patrickHVE@googlemail.com
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above copyright
+#       notice, this list of conditions and the following disclaimer in the
+#       documentation and/or other materials provided with the distribution.
+#     * The names of the author may not be used to endorse or promote products
+#       derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL patrickHVE@googlemail.com BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+require 'pp'
+require 'enumerator'
+require 'rex/post/meterpreter/extensions/stdapi/railgun/api_constants'
+require 'rex/post/meterpreter/extensions/stdapi/railgun/tlv'
+require 'rex/post/meterpreter/extensions/stdapi/railgun/model'
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Stdapi
+module Railgun
+# A easier way to call multiple functions in a single request
+class MultiCaller
+		include DLLHelper
+		def initialize( client, parent, win_consts )
+			@parent     = parent
+			@client     = client
+			@win_consts = win_consts
+			if( @client.platform =~ /x64/i )
+				@native = 'Q'
+			else
+				@native = 'V'
+			end
+		end
+		def call(functions)
+			request = Packet.create_request('stdapi_railgun_api_multi')
+			function_results = []
+			layouts          = []
+			functions.each do |f|
+				dll_name,funcname,args = f
+				dll_host = @parent.get_dll( dll_name )
+				if not dll_host
+					raise "DLL #{dll_name} has not been loaded"
+				end
+				function = dll_host.functions[funcname]
+				if not function
+					raise "DLL #{dll_name} function #{funcname} has not been defined"
+				end
+				raise "#{function.params.length} arguments expected. #{args.length} arguments provided." unless args.length == function.params.length
+				#puts "process_function_call(function.windows_name,#{PP.pp(args, "")})"
+				# We transmit the immediate stack and three heap-buffers:
+				# in, inout and out. The reason behind the separation is bandwidth.
+				# We don't want to transmit uninitialized data in or no-longer-needed data out.
+				# out-only-buffers that are ONLY transmitted on the way BACK
+				out_only_layout = {} # paramName => BufferItem
+				out_only_size_bytes = 0
+				#puts " assembling out-only buffer"
+				function.params.each_with_index do |param_desc, param_idx|
+					#puts " processing #{param_desc[1]}"
+					# Special case:
+					# The user can choose to supply a Null pointer instead of a buffer
+					# in this case we don't need space in any heap buffer
+					if param_desc[0][0,1] == 'P' # type is a pointer
+						if args[param_idx] == nil
+							next
+						end
+					end
+					# we care only about out-only buffers
+					if param_desc[2] == "out"
+						raise "error in param #{param_desc[1]}: Out-only buffers must be described by a number indicating their size in bytes " unless args[param_idx].class == Fixnum
+						buffer_size = args[param_idx]
+						# bump up the size for an x64 pointer
+						if( @native == 'Q' and buffer_size == 4 )
+							args[param_idx] = 8
+							buffer_size = args[param_idx]
+						end
+						if( @native == 'Q' )
+							raise "Please pass 8 for 'out' PDWORDS, since they require a buffer of size 8" unless buffer_size == 8
+						elsif( @native == 'V' )
+							raise "Please pass 4 for 'out' PDWORDS, since they require a buffer of size 4" unless buffer_size == 4
+						end
+						out_only_layout[param_desc[1]] = BufferItem.new(param_idx, out_only_size_bytes, buffer_size, param_desc[0])
+						out_only_size_bytes += buffer_size
+					end
+				end
+				tmp = assemble_buffer("in", function, args)
+				in_only_layout = tmp[0]
+				in_only_buffer = tmp[1]
+				tmp = assemble_buffer("inout", function, args)
+				inout_layout = tmp[0]
+				inout_buffer = tmp[1]
+				# now we build the stack
+				# every stack dword will be described by two dwords:
+				# first dword describes second dword:
+				#	0 - literal,
+				#	1 = relative to in-only buffer
+				#	2 = relative to out-only buffer
+				#	3 = relative to inout buffer
+				# (literal numbers and pointers to buffers we have created)
+				literal_pairs_blob = ""
+				#puts " assembling literal stack"
+				function.params.each_with_index do |param_desc, param_idx|
+					#puts "  processing (#{param_desc[0]}, #{param_desc[1]}, #{param_desc[2]})"
+					buffer = nil
+					# is it a pointer to a buffer on our stack
+					if ["PDWORD", "PWCHAR", "PCHAR", "PBLOB"].include? param_desc[0]
+						#puts "   pointer"
+						if args[param_idx] == nil # null pointer?
+							buffer = [0].pack(@native) # type: DWORD  (so the dll does not rebase it)
+							buffer += [0].pack(@native) # value: 0
+						elsif param_desc[2] == "in"
+							buffer = [1].pack(@native)
+							buffer += [in_only_layout[param_desc[1]].addr].pack(@native)
+						elsif param_desc[2] == "out"
+							buffer = [2].pack(@native)
+							buffer += [out_only_layout[param_desc[1]].addr].pack(@native)
+						elsif param_desc[2] == "inout"
+							buffer = [3].pack(@native)
+							buffer += [inout_layout[param_desc[1]].addr].pack(@native)
+						else
+							raise "unexpected direction"
+						end
+					else
+						#puts "   not a pointer"
+						# it's not a pointer
+						buffer = [0].pack(@native)
+						case param_desc[0]
+							when "LPVOID", "HANDLE"
+								num     = param_to_number(args[param_idx])
+								buffer += [num].pack(@native)
+							when "DWORD"
+								num     = param_to_number(args[param_idx])
+								buffer += [num % 4294967296].pack(@native)
+							when "WORD"
+								num     = param_to_number(args[param_idx])
+								buffer += [num % 65536].pack(@native)
+							when "BYTE"
+								num     = param_to_number(args[param_idx])
+								buffer += [num % 256].pack(@native)
+							when "BOOL"
+								case args[param_idx]
+									when true
+										buffer += [1].pack('V')
+									when false
+										buffer += [0].pack('V')
+									else
+										raise "param #{param_desc[1]}: true or false expected"
+								end
+							else
+								raise "unexpected type for param #{param_desc[1]}"
+						end
+					end
+					#puts "   adding pair to blob"
+					literal_pairs_blob += buffer
+					#puts "   buffer size %X" % buffer.length
+					#puts "   blob size so far: %X" % literal_pairs_blob.length
+				end
+				#puts "\n\nsending Stuff to meterpreter"
+				group = Rex::Post::Meterpreter::GroupTlv.new(TLV_TYPE_RAILGUN_MULTI_GROUP)
+				group.add_tlv(TLV_TYPE_RAILGUN_SIZE_OUT, out_only_size_bytes)
+				group.add_tlv(TLV_TYPE_RAILGUN_STACKBLOB, literal_pairs_blob)
+				group.add_tlv(TLV_TYPE_RAILGUN_BUFFERBLOB_IN, in_only_buffer)
+				group.add_tlv(TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT, inout_buffer)
+				group.add_tlv(TLV_TYPE_RAILGUN_DLLNAME, dll_name )
+				group.add_tlv(TLV_TYPE_RAILGUN_FUNCNAME, function.windows_name)
+				request.tlvs << group
+				layouts << [inout_layout, out_only_layout]
+			end
+			call_results = []
+			res = @client.send_request(request)
+			res.each(TLV_TYPE_RAILGUN_MULTI_GROUP) do |val|
+				call_results << val
+			end
+			functions.each do |f|
+				dll_name,funcname,args = f
+				dll_host = @parent.get_dll( dll_name )
+				function = dll_host.functions[funcname]
+				response = call_results.shift
+				inout_layout, out_only_layout = layouts.shift
+				rec_inout_buffers = response.get_tlv_value(TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT)
+				rec_out_only_buffers = response.get_tlv_value(TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT)
+				rec_return_value = response.get_tlv_value(TLV_TYPE_RAILGUN_BACK_RET)
+				rec_last_error = response.get_tlv_value(TLV_TYPE_RAILGUN_BACK_ERR)
+				# The hash the function returns
+				return_hash={"GetLastError" => rec_last_error}
+				#process return value
+				case function.return_type
+					when "LPVOID", "HANDLE"
+						if( @native == 'Q' )
+							return_hash["return"] = rec_return_value
+						else
+							return_hash["return"] = rec_return_value % 4294967296
+						end
+					when "DWORD"
+						return_hash["return"] = rec_return_value % 4294967296
+					when "WORD"
+						return_hash["return"] = rec_return_value % 65536
+					when "BYTE"
+						return_hash["return"] = rec_return_value % 256
+					when "BOOL"
+						return_hash["return"] = (rec_return_value != 0)
+					when "VOID"
+						return_hash["return"] = nil
+					else
+						raise "unexpected return type: #{function.return_type}"
+				end
+				#puts return_hash
+				#puts "out_only_layout:"
+				#puts out_only_layout
+				# process out-only buffers
+				#puts "processing out-only buffers:"
+				out_only_layout.each_pair do |param_name, buffer_item|
+					#puts "   #{param_name}"
+					buffer = rec_out_only_buffers[buffer_item.addr, buffer_item.length_in_bytes]
+					case buffer_item.datatype
+						when "PDWORD"
+							return_hash[param_name] = buffer.unpack('V')[0]
+						when "PCHAR"
+							return_hash[param_name] = asciiz_to_str(buffer)
+						when "PWCHAR"
+							return_hash[param_name] = uniz_to_str(buffer)
+						when "PBLOB"
+							return_hash[param_name] = buffer
+						else
+							raise "unexpected type in out-only buffer of #{param_name}: #{buffer_item.datatype}"
+					end
+				end
+				#puts return_hash
+				# process in-out buffers
+				#puts "processing in-out buffers:"
+				inout_layout.each_pair do |param_name, buffer_item|
+					#puts "   #{param_name}"
+					buffer = rec_inout_buffers[buffer_item.addr, buffer_item.length_in_bytes]
+					case buffer_item.datatype
+						when "PDWORD"
+							return_hash[param_name] = buffer.unpack('V')[0]
+						when "PCHAR"
+							return_hash[param_name] = asciiz_to_str(buffer)
+						when "PWCHAR"
+							return_hash[param_name] = uniz_to_str(buffer)
+						when "PBLOB"
+							return_hash[param_name] = buffer
+						else
+							raise "unexpected type in in-out-buffer of #{param_name}: #{buffer_item.datatype}"
+					end
+				end
+				#puts return_hash
+				#puts "finished"
+				function_results << return_hash
+			end
+			function_results
+		end
+		# process_multi_function_call
+	protected
+	attr_accessor :win_consts
+end # MultiCall
+end; end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb ADDED

@@ -0,0 +1,196 @@
+# Copyright (c) 2010, patrickHVE@googlemail.com
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above copyright
+#       notice, this list of conditions and the following disclaimer in the
+#       documentation and/or other materials provided with the distribution.
+#     * The names of the author may not be used to endorse or promote products
+#       derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL patrickHVE@googlemail.com BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# sf - Sept 2010 - Modified for x64 support and merged into the stdapi extension.
+#
+require 'pp'
+require 'enumerator'
+require 'rex/post/meterpreter/extensions/stdapi/railgun/api_constants'
+require 'rex/post/meterpreter/extensions/stdapi/railgun/tlv'
+require 'rex/post/meterpreter/extensions/stdapi/railgun/model'
+require 'rex/post/meterpreter/extensions/stdapi/railgun/multicall'
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Stdapi
+module Railgun
+#
+# The Railgun class to dynamically expose the Windows API.
+#
+class Railgun
+	def initialize( client )
+		@client = client
+		@dll    = ::Hash.new
+		@win_consts = WinConstManager.new()
+		@constants_loaded = false
+		# Load the multi-caller
+		@multicaller = MultiCaller.new( @client, self, @win_consts )
+	end
+	# read data from a memory address on the host (useful for working with LPVOID parameters)
+	def memread( address, length )
+		raise "Invalid parameters." if( not address or not length )
+		request = Packet.create_request( 'stdapi_railgun_memread' )
+		request.add_tlv( TLV_TYPE_RAILGUN_MEM_ADDRESS, address )
+		request.add_tlv( TLV_TYPE_RAILGUN_MEM_LENGTH, length )
+		response = client.send_request( request )
+		if( response.result == 0 )
+			return response.get_tlv_value( TLV_TYPE_RAILGUN_MEM_DATA )
+		end
+		return nil
+	end
+	# write data to a memory address on the host (useful for working with LPVOID parameters)
+	def memwrite( address, data, length )
+		raise "Invalid parameters." if( not address or not data or not length )
+		request = Packet.create_request( 'stdapi_railgun_memwrite' )
+		request.add_tlv( TLV_TYPE_RAILGUN_MEM_ADDRESS, address )
+		request.add_tlv( TLV_TYPE_RAILGUN_MEM_DATA, data )
+		request.add_tlv( TLV_TYPE_RAILGUN_MEM_LENGTH, length )
+		response = client.send_request( request )
+		if( response.result == 0 )
+			return true
+		end
+		return false
+	end
+	# adds a function to an existing DLL-definition
+	def add_function(dll_name, function_name, return_type, params, windows_name=nil)
+		raise "DLL #{dll_name} not found. Known DLLs: #{PP.pp(@dll.keys, "")}" unless @dll.has_key? dll_name
+		@dll[dll_name].add_function(function_name, return_type, params, windows_name)
+	end
+	# adds a function to an existing DLL-definition
+	# you can override the dll name if you want to include a path or the DLL name contains
+	# non-ruby-approved characters
+	def add_dll(dll_name, windows_name=nil)
+		raise "DLL #{dll_name} already exists. Existing DLLs: #{PP.pp(@dll.keys, "")}" unless not @dll.has_key? dll_name
+		if( windows_name == nil )
+			windows_name = dll_name
+		end
+		@dll[dll_name] = DLL.new(windows_name, @client, @win_consts)
+	end
+	def get_dll( dll_name )
+		# sf: we now lazy load the module definitions as needed to avoid the performance hit
+		#     to stdapi if we do it upon initilization (the user may never use railgun or else
+		#     require only a portion of the modules exposed by railgun so no need to pre load them)
+		if( not @dll.has_key?( dll_name ) )
+			# the constants are also lazy loaded the first time we call const() or any API function...
+			if( not @constants_loaded )
+				ApiConstants.add_constants( @win_consts )
+				@constants_loaded = true
+			end
+			case dll_name
+				when 'kernel32'
+					require 'rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32'
+					Def::Def_kernel32.add_imports(self)
+				when 'ntdll'
+					require 'rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll'
+					Def::Def_ntdll.add_imports(self)
+				when 'user32'
+					require 'rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32'
+					Def::Def_user32.add_imports(self)
+				when 'ws2_32'
+					require 'rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32'
+					Def::Def_ws2_32.add_imports(self)
+				when 'iphlpapi'
+					require 'rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi'
+					Def::Def_iphlpapi.add_imports(self)
+				when 'advapi32'
+					require 'rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32'
+					Def::Def_advapi32.add_imports(self)
+				when 'shell32'
+					require 'rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32'
+					Def::Def_shell32.add_imports(self)
+			end
+			if( @dll.has_key?( dll_name ) )
+				return @dll[dll_name]
+			end
+		else
+			return @dll[dll_name]
+		end
+		return nil
+	end
+	# we fake having members like user32 and kernel32.
+	# reason is that
+	#   ...user32.MessageBoxW()
+	# is prettier than
+	#   ...dlls["user32"].functions["MessageBoxW"]()
+	def method_missing(dll_symbol, *args)
+		dll_name = dll_symbol.to_s
+		self.get_dll( dll_name )
+		raise "DLL #{dll_name} not found. Known DLLs: #{PP.pp(@dll.keys, "")}" unless @dll.has_key? dll_name
+		return @dll[dll_name]
+	end
+	# Give the programmer access to constants
+	def const(str)
+		# the constants are also lazy loaded the first time we call const() or any API function...
+		if( not @constants_loaded )
+			ApiConstants.add_constants( @win_consts )
+			@constants_loaded = true
+		end
+		return @win_consts.parse(str)
+	end
+	# The multi-call shorthand ( ["kernel32", "ExitProcess", [0]] )
+	def multi(functions)
+		@multicaller.call(functions)
+	end
+	attr_accessor :client, :dll, :multicaller, :win_consts
+end
+end; end; end; end; end; end