librex 0.0.44 → 0.0.46
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.markdown +1 -1
- data/lib/rex/compat.rb +1 -1
- data/lib/rex/exceptions.rb +5 -5
- data/lib/rex/parser/ci_nokogiri.rb +192 -0
- data/lib/rex/parser/nexpose_raw_nokogiri.rb +4 -1
- data/lib/rex/parser/nexpose_simple_nokogiri.rb +4 -1
- data/lib/rex/pescan/analyze.rb +1 -1
- data/lib/rex/post/meterpreter/client.rb +2 -1
- data/lib/rex/post/meterpreter/client_core.rb +11 -2
- data/lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb +84 -0
- data/lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb +16 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb +368 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +18 -1
- data/lib/rex/proto.rb +1 -0
- data/lib/rex/proto/http/client.rb +3 -1
- data/lib/rex/proto/iax2.rb +1 -0
- data/lib/rex/proto/iax2/call.rb +320 -0
- data/lib/rex/proto/iax2/client.rb +217 -0
- data/lib/rex/proto/iax2/codecs.rb +4 -0
- data/lib/rex/proto/iax2/codecs/alaw.rb +15 -0
- data/lib/rex/proto/iax2/codecs/g711.rb +2175 -0
- data/lib/rex/proto/iax2/codecs/mulaw.rb +16 -0
- data/lib/rex/proto/iax2/constants.rb +261 -0
- data/lib/rex/proto/proxy/socks4a.rb +49 -48
- data/lib/rex/proto/tftp/server.rb +2 -2
- data/lib/rex/socket/range_walker.rb +3 -0
- data/lib/rex/socket/ssl_tcp.rb +59 -45
- data/lib/rex/socket/ssl_tcp_server.rb +20 -8
- data/lib/rex/ui/text/input.rb +1 -0
- metadata +33 -30
|
@@ -0,0 +1,261 @@
|
|
|
1
|
+
module Rex
|
|
2
|
+
module Proto
|
|
3
|
+
module IAX2
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
IAX2_DEFAULT_PORT = 4569
|
|
7
|
+
|
|
8
|
+
|
|
9
|
+
IAX_TYPE_VOICE = 2
|
|
10
|
+
IAX_TYPE_CONTROL = 4
|
|
11
|
+
IAX_TYPE_IAX = 6
|
|
12
|
+
IAX_TYPE_DTMF_BEGIN = 1
|
|
13
|
+
IAX_TYPE_DTMF_END = 12
|
|
14
|
+
|
|
15
|
+
IAX_CTRL_HANGUP = 1
|
|
16
|
+
IAX_CTRL_RINGING = 3
|
|
17
|
+
IAX_CTRL_ANSWER = 4
|
|
18
|
+
IAX_CTRL_BUSY = 5
|
|
19
|
+
IAX_CTRL_PROGRESS = 14
|
|
20
|
+
IAX_CTRL_PROCEED = 15
|
|
21
|
+
|
|
22
|
+
=begin
|
|
23
|
+
+-------------+---------------+-------------------------------------+
|
|
24
|
+
| VALUE | Name | Description |
|
|
25
|
+
+-------------+---------------+-------------------------------------+
|
|
26
|
+
| 0x01 | Hangup | The call has been hungup at the |
|
|
27
|
+
| | | remote end |
|
|
28
|
+
| | | |
|
|
29
|
+
| 0x02 | Reserved | Reserved for future use |
|
|
30
|
+
| | | |
|
|
31
|
+
| 0x03 | Ringing | Remote end is ringing (ring-back) |
|
|
32
|
+
| | | |
|
|
33
|
+
| 0x04 | Answer | Remote end has answered |
|
|
34
|
+
| | | |
|
|
35
|
+
| 0x05 | Busy | Remote end is busy |
|
|
36
|
+
| | | |
|
|
37
|
+
| 0x06 | Reserved | Reserved for future use |
|
|
38
|
+
| | | |
|
|
39
|
+
| 0x07 | Reserved | Reserved for future use |
|
|
40
|
+
| | | |
|
|
41
|
+
| 0x08 | Congestion | The call is congested |
|
|
42
|
+
| | | |
|
|
43
|
+
| 0x09 | Flash Hook | Flash hook |
|
|
44
|
+
| | | |
|
|
45
|
+
| 0x0a | Reserved | Reserved for future use |
|
|
46
|
+
| | | |
|
|
47
|
+
| 0x0b | Option | Device-specific options are being |
|
|
48
|
+
| | | transmitted |
|
|
49
|
+
| | | |
|
|
50
|
+
| 0x0c | Key Radio | Key Radio |
|
|
51
|
+
| | | |
|
|
52
|
+
| 0x0d | Unkey Radio | Unkey Radio |
|
|
53
|
+
| | | |
|
|
54
|
+
| 0x0e | Call Progress | Call is in progress |
|
|
55
|
+
| | | |
|
|
56
|
+
| 0x0f | Call | Call is proceeding |
|
|
57
|
+
| | Proceeding | |
|
|
58
|
+
| | | |
|
|
59
|
+
| 0x10 | Hold | Call is placed on hold |
|
|
60
|
+
| | | |
|
|
61
|
+
| 0x11 | Unhold | Call is taken off hold |
|
|
62
|
+
+-------------+---------------+-------------------------------------+
|
|
63
|
+
=end
|
|
64
|
+
|
|
65
|
+
|
|
66
|
+
IAX_SUBTYPE_NEW = 1
|
|
67
|
+
IAX_SUBTYPE_PING = 2
|
|
68
|
+
IAX_SUBTYPE_PONG = 3
|
|
69
|
+
IAX_SUBTYPE_ANSWER = 4
|
|
70
|
+
IAX_SUBTYPE_ACK = 4
|
|
71
|
+
IAX_SUBTYPE_HANGUP = 5
|
|
72
|
+
IAX_SUBTYPE_REJECT = 6
|
|
73
|
+
IAX_SUBTYPE_ACCEPT = 7
|
|
74
|
+
IAX_SUBTYPE_AUTHREQ = 8
|
|
75
|
+
IAX_SUBTYPE_AUTHREP = 9
|
|
76
|
+
IAX_SUBTYPE_INVAL = 10
|
|
77
|
+
IAX_SUBTYPE_LAGRQ = 11
|
|
78
|
+
IAX_SUBTYPE_LAGRP = 12
|
|
79
|
+
IAX_SUBTYPE_REGREQ = 13
|
|
80
|
+
IAX_SUBTYPE_REGAUTH = 14
|
|
81
|
+
IAX_SUBTYPE_REGACK = 15
|
|
82
|
+
IAX_SUBTYPE_REGREJ = 16
|
|
83
|
+
IAX_SUBTYPE_REGREL = 17
|
|
84
|
+
IAX_SUBTYPE_VNAK = 18
|
|
85
|
+
|
|
86
|
+
=begin
|
|
87
|
+
+------+-----------+-----------------------------------------+
|
|
88
|
+
| Hex | Name | Description |
|
|
89
|
+
+------+-----------+-----------------------------------------+
|
|
90
|
+
| 0x01 | NEW | Initiate a new call |
|
|
91
|
+
| | | |
|
|
92
|
+
| 0x02 | PING | Ping request |
|
|
93
|
+
| | | |
|
|
94
|
+
| 0x03 | PONG | Ping or poke reply |
|
|
95
|
+
| | | |
|
|
96
|
+
| 0x04 | ACK | Explicit acknowledgment |
|
|
97
|
+
| | | |
|
|
98
|
+
| 0x05 | HANGUP | Initiate call tear-down |
|
|
99
|
+
| | | |
|
|
100
|
+
| 0x06 | REJECT | Reject a call |
|
|
101
|
+
| | | |
|
|
102
|
+
| 0x07 | ACCEPT | Accept a call |
|
|
103
|
+
| | | |
|
|
104
|
+
| 0x08 | AUTHREQ | Authentication request |
|
|
105
|
+
| | | |
|
|
106
|
+
| 0x09 | AUTHREP | Authentication reply |
|
|
107
|
+
| | | |
|
|
108
|
+
| 0x0a | INVAL | Invalid message |
|
|
109
|
+
| | | |
|
|
110
|
+
| 0x0b | LAGRQ | Lag request |
|
|
111
|
+
| | | |
|
|
112
|
+
| 0x0c | LAGRP | Lag reply |
|
|
113
|
+
| | | |
|
|
114
|
+
| 0x0d | REGREQ | Registration request |
|
|
115
|
+
| | | |
|
|
116
|
+
| 0x0e | REGAUTH | Registration authentication |
|
|
117
|
+
| | | |
|
|
118
|
+
| 0x0f | REGACK | Registration acknowledgement |
|
|
119
|
+
| | | |
|
|
120
|
+
| 0x10 | REGREJ | Registration reject |
|
|
121
|
+
| | | |
|
|
122
|
+
| 0x11 | REGREL | Registration release |
|
|
123
|
+
| | | |
|
|
124
|
+
| 0x12 | VNAK | Video/Voice retransmit request |
|
|
125
|
+
| | | |
|
|
126
|
+
| 0x13 | DPREQ | Dialplan request |
|
|
127
|
+
| | | |
|
|
128
|
+
| 0x14 | DPREP | Dialplan reply |
|
|
129
|
+
| | | |
|
|
130
|
+
| 0x15 | DIAL | Dial |
|
|
131
|
+
| | | |
|
|
132
|
+
| 0x16 | TXREQ | Transfer request |
|
|
133
|
+
| | | |
|
|
134
|
+
| 0x17 | TXCNT | Transfer connect |
|
|
135
|
+
| | | |
|
|
136
|
+
| 0x18 | TXACC | Transfer accept |
|
|
137
|
+
| | | |
|
|
138
|
+
| 0x19 | TXREADY | Transfer ready |
|
|
139
|
+
| | | |
|
|
140
|
+
| 0x1a | TXREL | Transfer release |
|
|
141
|
+
| | | |
|
|
142
|
+
| 0x1b | TXREJ | Transfer reject |
|
|
143
|
+
| | | |
|
|
144
|
+
| 0x1c | QUELCH | Halt audio/video [media] transmission |
|
|
145
|
+
| | | |
|
|
146
|
+
| 0x1d | UNQUELCH | Resume audio/video [media] transmission |
|
|
147
|
+
| | | |
|
|
148
|
+
| 0x1e | POKE | Poke request |
|
|
149
|
+
| | | |
|
|
150
|
+
| 0x1f | Reserved | Reserved for future use |
|
|
151
|
+
| | | |
|
|
152
|
+
| 0x20 | MWI | Message waiting indication |
|
|
153
|
+
| | | |
|
|
154
|
+
| 0x21 | UNSUPPORT | Unsupported message |
|
|
155
|
+
| | | |
|
|
156
|
+
| 0x22 | TRANSFER | Remote transfer request |
|
|
157
|
+
| | | |
|
|
158
|
+
| 0x23 | Reserved | Reserved for future use |
|
|
159
|
+
| | | |
|
|
160
|
+
| 0x24 | Reserved | Reserved for future use |
|
|
161
|
+
| | | |
|
|
162
|
+
| 0x25 | Reserved | Reserved for future use |
|
|
163
|
+
+------+-----------+-----------------------------------------+
|
|
164
|
+
=end
|
|
165
|
+
|
|
166
|
+
IAX_IE_CALLED_NUMBER = 1
|
|
167
|
+
IAX_IE_CALLING_NUMBER = 2
|
|
168
|
+
IAX_IE_AUTH_METHODS = 3
|
|
169
|
+
IAX_IE_CALLING_NAME = 4
|
|
170
|
+
IAX_IE_USERNAME = 6
|
|
171
|
+
IAX_IE_DESIRED_CODEC = 9
|
|
172
|
+
IAX_IE_ORIGINAL_DID = 10
|
|
173
|
+
IAX_IE_ACTUAL_CODECS = 8
|
|
174
|
+
IAX_IE_PROTO_VERSION = 11
|
|
175
|
+
IAX_IE_REG_REFRESH = 19
|
|
176
|
+
IAX_IE_CHALLENGE_DATA = 15
|
|
177
|
+
IAX_IE_CHALLENGE_RESP = 16
|
|
178
|
+
IAX_IE_APPARENT_ADDR = 18
|
|
179
|
+
IAX_IE_REGREJ_CAUSE = 22
|
|
180
|
+
IAX_IE_HANGUP_CAUSE = 42
|
|
181
|
+
|
|
182
|
+
=begin
|
|
183
|
+
+------+----------------+-------------------------------------------+
|
|
184
|
+
| HEX | NAME | DESCRIPTION |
|
|
185
|
+
+------+----------------+-------------------------------------------+
|
|
186
|
+
| HEX | NAME | DESCRIPTION |
|
|
187
|
+
| 0x01 | CALLED NUMBER | Number/extension being called |
|
|
188
|
+
| 0x02 | CALLING NUMBER | Calling number |
|
|
189
|
+
| 0x03 | CALLING ANI | Calling number ANI for billing |
|
|
190
|
+
| 0x04 | CALLING NAME | Name of caller |
|
|
191
|
+
| 0x05 | CALLED CONTEXT | Context for number |
|
|
192
|
+
| 0x06 | USERNAME | Username (peer or user) for |
|
|
193
|
+
| | | authentication |
|
|
194
|
+
| 0x07 | PASSWORD | Password for authentication |
|
|
195
|
+
| 0x08 | CAPABILITY | Actual CODEC capability |
|
|
196
|
+
| 0x09 | FORMAT | Desired CODEC format |
|
|
197
|
+
| 0x0a | LANGUAGE | Desired language |
|
|
198
|
+
| 0x0b | VERSION | Protocol version |
|
|
199
|
+
| 0x0c | ADSICPE | CPE ADSI capability |
|
|
200
|
+
| 0x0d | DNID | Originally dialed DNID |
|
|
201
|
+
| 0x0e | AUTHMETHODS | Authentication method(s) |
|
|
202
|
+
| 0x0f | CHALLENGE | Challenge data for MD5/RSA |
|
|
203
|
+
| 0x10 | MD5 RESULT | MD5 challenge result |
|
|
204
|
+
| 0x11 | RSA RESULT | RSA challenge result |
|
|
205
|
+
| 0x12 | APPARENT ADDR | Apparent address of peer |
|
|
206
|
+
| 0x13 | REFRESH | When to refresh registration |
|
|
207
|
+
| 0x14 | DPSTATUS | Dialplan status |
|
|
208
|
+
| 0x15 | CALLNO | Call number of peer |
|
|
209
|
+
| 0x16 | CAUSE | Cause |
|
|
210
|
+
| 0x17 | IAX UNKNOWN | Unknown IAX command |
|
|
211
|
+
| 0x18 | MSGCOUNT | How many messages waiting |
|
|
212
|
+
| 0x19 | AUTOANSWER | Request auto-answering |
|
|
213
|
+
| 0x1a | MUSICONHOLD | Request musiconhold with QUELCH |
|
|
214
|
+
| 0x1b | TRANSFERID | Transfer Request Identifier |
|
|
215
|
+
| 0x1c | RDNIS | Referring DNIS |
|
|
216
|
+
| 0x1d | Reserved | Reserved for future use |
|
|
217
|
+
| 0x1e | Reserved | Reserved for future use |
|
|
218
|
+
| 0x1f | DATETIME | Date/Time |
|
|
219
|
+
| 0x20 | Reserved | Reserved for future use |
|
|
220
|
+
| 0x21 | Reserved | Reserved for future use |
|
|
221
|
+
| 0x22 | Reserved | Reserved for future use |
|
|
222
|
+
| 0x23 | Reserved | Reserved for future use |
|
|
223
|
+
| 0x24 | Reserved | Reserved for future use |
|
|
224
|
+
| 0x25 | Reserved | Reserved for future use |
|
|
225
|
+
| 0x26 | CALLINGPRES | Calling presentation |
|
|
226
|
+
| 0x27 | CALLINGTON | Calling type of number |
|
|
227
|
+
| 0x28 | CALLINGTNS | Calling transit network select |
|
|
228
|
+
| 0x29 | SAMPLINGRATE | Supported sampling rates |
|
|
229
|
+
| 0x2a | CAUSECODE | Hangup cause |
|
|
230
|
+
| 0x2b | ENCRYPTION | Encryption format |
|
|
231
|
+
| 0x2c | ENCKEY | Reserved for future Use |
|
|
232
|
+
| 0x2d | CODEC PREFS | CODEC Negotiation |
|
|
233
|
+
| 0x2e | RR JITTER | Received jitter, as in RFC 3550 |
|
|
234
|
+
| 0x2f | RR LOSS | Received loss, as in RFC 3550 |
|
|
235
|
+
| 0x30 | RR PKTS | Received frames |
|
|
236
|
+
| 0x31 | RR DELAY | Max playout delay for received frames in |
|
|
237
|
+
| | | ms |
|
|
238
|
+
| 0x32 | RR DROPPED | Dropped frames (presumably by jitter |
|
|
239
|
+
| | | buffer) |
|
|
240
|
+
| 0x33 | RR OOO | Frames received Out of Order |
|
|
241
|
+
| 0x34 | OSPTOKEN | OSP Token Block |
|
|
242
|
+
+------+----------------+-------------------------------------------+
|
|
243
|
+
=end
|
|
244
|
+
|
|
245
|
+
|
|
246
|
+
# Codecs
|
|
247
|
+
IAX_CODEC_G711_MULAW = 0x00000004
|
|
248
|
+
IAX_CODEC_G711_ALAW = 0x00000008
|
|
249
|
+
IAX_CODEC_LINEAR_PCM = 0x00000040
|
|
250
|
+
|
|
251
|
+
# Supported
|
|
252
|
+
IAX_SUPPORTED_CODECS = IAX_CODEC_G711_MULAW | IAX_CODEC_G711_ALAW | IAX_CODEC_LINEAR_PCM
|
|
253
|
+
|
|
254
|
+
# Default timings
|
|
255
|
+
IAX_DEFAULT_REG_REFRESH = 60
|
|
256
|
+
IAX_DEFAULT_TIMEOUT = 10
|
|
257
|
+
|
|
258
|
+
|
|
259
|
+
end
|
|
260
|
+
end
|
|
261
|
+
end
|
|
@@ -8,36 +8,36 @@ require 'rex/socket'
|
|
|
8
8
|
module Rex
|
|
9
9
|
module Proto
|
|
10
10
|
module Proxy
|
|
11
|
-
|
|
12
|
-
#
|
|
11
|
+
|
|
12
|
+
#
|
|
13
13
|
# A Socks4a proxy server.
|
|
14
|
-
#
|
|
14
|
+
#
|
|
15
15
|
class Socks4a
|
|
16
16
|
|
|
17
17
|
#
|
|
18
18
|
# A client connected to the Socks4a server.
|
|
19
19
|
#
|
|
20
20
|
class Client
|
|
21
|
-
|
|
21
|
+
|
|
22
22
|
REQUEST_VERSION = 4
|
|
23
23
|
REPLY_VERSION = 0
|
|
24
|
-
|
|
24
|
+
|
|
25
25
|
COMMAND_CONNECT = 1
|
|
26
26
|
COMMAND_BIND = 2
|
|
27
|
-
|
|
27
|
+
|
|
28
28
|
REQUEST_GRANTED = 90
|
|
29
29
|
REQUEST_REJECT_FAILED = 91
|
|
30
30
|
REQUEST_REJECT_CONNECT = 92
|
|
31
31
|
REQUEST_REJECT_USERID = 93
|
|
32
|
-
|
|
32
|
+
|
|
33
33
|
HOST = 1
|
|
34
34
|
PORT = 2
|
|
35
|
-
|
|
35
|
+
|
|
36
36
|
#
|
|
37
37
|
# A Socks4a packet.
|
|
38
38
|
#
|
|
39
39
|
class Packet
|
|
40
|
-
|
|
40
|
+
|
|
41
41
|
def initialize
|
|
42
42
|
@version = REQUEST_VERSION
|
|
43
43
|
@command = 0
|
|
@@ -45,11 +45,11 @@ class Socks4a
|
|
|
45
45
|
@dest_ip = '0.0.0.0'
|
|
46
46
|
@userid = ''
|
|
47
47
|
end
|
|
48
|
-
|
|
48
|
+
|
|
49
49
|
#
|
|
50
50
|
# A helper function to recv in a Socks4a packet byte by byte.
|
|
51
51
|
#
|
|
52
|
-
# sf: we could just call raw = sock.get_once but some clients
|
|
52
|
+
# sf: we could just call raw = sock.get_once but some clients
|
|
53
53
|
# seem to need reading this byte by byte instead.
|
|
54
54
|
#
|
|
55
55
|
def Packet.recv( sock, timeout=30 )
|
|
@@ -78,16 +78,16 @@ class Socks4a
|
|
|
78
78
|
packet = Packet.new
|
|
79
79
|
packet.from_r( raw ) ? packet : nil
|
|
80
80
|
end
|
|
81
|
-
|
|
81
|
+
|
|
82
82
|
#
|
|
83
83
|
# Pack a packet into raw bytes for transmitting on the wire.
|
|
84
|
-
#
|
|
84
|
+
#
|
|
85
85
|
def to_r
|
|
86
86
|
raw = [ @version, @command, @dest_port, Rex::Socket.addr_atoi( @dest_ip ) ].pack( 'CCnN' )
|
|
87
87
|
return raw if( @userid.empty? )
|
|
88
88
|
return raw + [ @userid ].pack( 'Z*' )
|
|
89
89
|
end
|
|
90
|
-
|
|
90
|
+
|
|
91
91
|
#
|
|
92
92
|
# Unpack a raw packet into its components.
|
|
93
93
|
#
|
|
@@ -112,19 +112,19 @@ class Socks4a
|
|
|
112
112
|
end
|
|
113
113
|
return true
|
|
114
114
|
end
|
|
115
|
-
|
|
115
|
+
|
|
116
116
|
def is_connect?
|
|
117
117
|
@command == COMMAND_CONNECT ? true : false
|
|
118
118
|
end
|
|
119
|
-
|
|
119
|
+
|
|
120
120
|
def is_bind?
|
|
121
121
|
@command == COMMAND_BIND ? true : false
|
|
122
122
|
end
|
|
123
|
-
|
|
123
|
+
|
|
124
124
|
attr_accessor :version, :command, :dest_port, :dest_ip, :userid
|
|
125
|
-
|
|
125
|
+
|
|
126
126
|
protected
|
|
127
|
-
|
|
127
|
+
|
|
128
128
|
#
|
|
129
129
|
# Resolve the given hostname into a dotted IP address.
|
|
130
130
|
#
|
|
@@ -138,9 +138,9 @@ class Socks4a
|
|
|
138
138
|
end
|
|
139
139
|
return nil
|
|
140
140
|
end
|
|
141
|
-
|
|
141
|
+
|
|
142
142
|
#
|
|
143
|
-
# As per the Socks4a spec, check to see if the provided dest_ip is 0.0.0.XX
|
|
143
|
+
# As per the Socks4a spec, check to see if the provided dest_ip is 0.0.0.XX
|
|
144
144
|
# which indicates after the @userid field contains a hostname to resolve.
|
|
145
145
|
#
|
|
146
146
|
def is_hostname?
|
|
@@ -152,7 +152,7 @@ class Socks4a
|
|
|
152
152
|
end
|
|
153
153
|
|
|
154
154
|
end
|
|
155
|
-
|
|
155
|
+
|
|
156
156
|
#
|
|
157
157
|
# A mixin for a socket to perform a relay to another socket.
|
|
158
158
|
#
|
|
@@ -169,7 +169,7 @@ class Socks4a
|
|
|
169
169
|
loop do
|
|
170
170
|
closed = false
|
|
171
171
|
buf = nil
|
|
172
|
-
|
|
172
|
+
|
|
173
173
|
begin
|
|
174
174
|
s = Rex::ThreadSafe.select( [ @relay_sock ], nil, nil, 0.2 )
|
|
175
175
|
if( s == nil || s[0] == nil )
|
|
@@ -178,7 +178,7 @@ class Socks4a
|
|
|
178
178
|
rescue
|
|
179
179
|
closed = true
|
|
180
180
|
end
|
|
181
|
-
|
|
181
|
+
|
|
182
182
|
if( closed == false )
|
|
183
183
|
begin
|
|
184
184
|
buf = @relay_sock.sysread( 32768 )
|
|
@@ -187,7 +187,7 @@ class Socks4a
|
|
|
187
187
|
closed = true
|
|
188
188
|
end
|
|
189
189
|
end
|
|
190
|
-
|
|
190
|
+
|
|
191
191
|
if( closed == false )
|
|
192
192
|
total_sent = 0
|
|
193
193
|
total_length = buf.length
|
|
@@ -204,18 +204,18 @@ class Socks4a
|
|
|
204
204
|
end
|
|
205
205
|
end
|
|
206
206
|
end
|
|
207
|
-
|
|
207
|
+
|
|
208
208
|
if( closed )
|
|
209
209
|
@relay_client.stop
|
|
210
210
|
::Thread.exit
|
|
211
211
|
end
|
|
212
212
|
end
|
|
213
213
|
end
|
|
214
|
-
|
|
214
|
+
|
|
215
215
|
end
|
|
216
|
-
|
|
216
|
+
|
|
217
217
|
end
|
|
218
|
-
|
|
218
|
+
|
|
219
219
|
#
|
|
220
220
|
# Create a new client connected to the server.
|
|
221
221
|
#
|
|
@@ -243,12 +243,12 @@ class Socks4a
|
|
|
243
243
|
# handle socks4a conenct requests
|
|
244
244
|
if( request.is_connect? )
|
|
245
245
|
# perform the connection request
|
|
246
|
-
params = {
|
|
246
|
+
params = {
|
|
247
247
|
'PeerHost' => request.dest_ip,
|
|
248
248
|
'PeerPort' => request.dest_port,
|
|
249
249
|
}
|
|
250
250
|
params['Context'] = @server.opts['Context'] if @server.opts.has_key?('Context')
|
|
251
|
-
|
|
251
|
+
|
|
252
252
|
@rsock = Rex::Socket::Tcp.create( params )
|
|
253
253
|
# and send back success to the client
|
|
254
254
|
response = Packet.new
|
|
@@ -258,7 +258,7 @@ class Socks4a
|
|
|
258
258
|
# handle socks4a bind requests
|
|
259
259
|
elsif( request.is_bind? )
|
|
260
260
|
# create a server socket for this request
|
|
261
|
-
params = {
|
|
261
|
+
params = {
|
|
262
262
|
'LocalHost' => '0.0.0.0',
|
|
263
263
|
'LocalPort' => 0,
|
|
264
264
|
}
|
|
@@ -286,7 +286,7 @@ class Socks4a
|
|
|
286
286
|
raise "Got connection from an invalid peer." if( rpeer[HOST] != request.dest_ip )
|
|
287
287
|
# send back the client connect success to the client
|
|
288
288
|
#
|
|
289
|
-
# sf: according to the spec we send this response back to the client, however
|
|
289
|
+
# sf: according to the spec we send this response back to the client, however
|
|
290
290
|
# I have seen some clients who bawk if they get this second response.
|
|
291
291
|
#
|
|
292
292
|
response = Packet.new
|
|
@@ -319,33 +319,33 @@ class Socks4a
|
|
|
319
319
|
end
|
|
320
320
|
end
|
|
321
321
|
end
|
|
322
|
-
|
|
322
|
+
|
|
323
323
|
#
|
|
324
324
|
# Stop handling the client connection.
|
|
325
325
|
#
|
|
326
326
|
def stop
|
|
327
327
|
@mutex.synchronize do
|
|
328
328
|
if( not @closed )
|
|
329
|
-
|
|
329
|
+
|
|
330
330
|
begin
|
|
331
331
|
@lsock.close if @lsock
|
|
332
332
|
rescue
|
|
333
333
|
end
|
|
334
|
-
|
|
334
|
+
|
|
335
335
|
begin
|
|
336
336
|
@rsock.close if @rsock
|
|
337
337
|
rescue
|
|
338
338
|
end
|
|
339
|
-
|
|
339
|
+
|
|
340
340
|
@client_thread.kill if( @client_thread and @client_thread.alive? )
|
|
341
|
-
|
|
341
|
+
|
|
342
342
|
@server.remove_client( self )
|
|
343
|
-
|
|
343
|
+
|
|
344
344
|
@closed = true
|
|
345
345
|
end
|
|
346
346
|
end
|
|
347
347
|
end
|
|
348
|
-
|
|
348
|
+
|
|
349
349
|
end
|
|
350
350
|
|
|
351
351
|
#
|
|
@@ -366,7 +366,7 @@ class Socks4a
|
|
|
366
366
|
def is_running?
|
|
367
367
|
return @running
|
|
368
368
|
end
|
|
369
|
-
|
|
369
|
+
|
|
370
370
|
#
|
|
371
371
|
# Start the Socks4a server.
|
|
372
372
|
#
|
|
@@ -395,14 +395,14 @@ class Socks4a
|
|
|
395
395
|
end
|
|
396
396
|
return true
|
|
397
397
|
end
|
|
398
|
-
|
|
398
|
+
|
|
399
399
|
#
|
|
400
400
|
# Block while the server is running.
|
|
401
401
|
#
|
|
402
402
|
def join
|
|
403
|
-
@server_thread.join
|
|
403
|
+
@server_thread.join if @server_thread
|
|
404
404
|
end
|
|
405
|
-
|
|
405
|
+
|
|
406
406
|
#
|
|
407
407
|
# Stop the Socks4a server.
|
|
408
408
|
#
|
|
@@ -423,17 +423,18 @@ class Socks4a
|
|
|
423
423
|
end
|
|
424
424
|
return !@running
|
|
425
425
|
end
|
|
426
|
-
|
|
426
|
+
|
|
427
427
|
def add_client( client )
|
|
428
428
|
@clients << client
|
|
429
429
|
end
|
|
430
|
-
|
|
430
|
+
|
|
431
431
|
def remove_client( client )
|
|
432
432
|
@clients.delete( client )
|
|
433
433
|
end
|
|
434
|
-
|
|
434
|
+
|
|
435
435
|
attr_reader :opts
|
|
436
|
-
|
|
436
|
+
|
|
437
437
|
end
|
|
438
438
|
|
|
439
439
|
end; end; end
|
|
440
|
+
|