librex 0.0.44 → 0.0.46

data/lib/rex/proto/tftp/server.rb

@@ -1,4 +1,4 @@
-# $Id: server.rb 11636 2011-01-25 02:24:37Z hdm $
+# $Id: server.rb 13551 2011-08-12 20:26:03Z scriptjunkie $
 require 'rex/socket'
 require 'rex/proto/tftp'
 
@@ -162,7 +162,7 @@ class Server
 
 		# Read the file contents, and register it as being served once
 		data = data = ::File.open(fn, "rb") { |fd| fd.read(fd.stat.size) }
-		register_file(fname, data, true)
+		register_file(fname, data)
 
 		# Return the last file in the array
 		return self.files[-1]

data/lib/rex/socket/range_walker.rb

@@ -162,6 +162,9 @@ class RangeWalker
 	# given RangeWalker 
 	#
 	def include_range?(range_walker)
+		return false if ((not @ranges) or @ranges.empty?)
+		return false if not range_walker.ranges
+
 		range_walker.ranges.all? do |start, stop|
 			ranges.any? do |self_start, self_stop|
 				r = (self_start..self_stop)

data/lib/rex/socket/ssl_tcp.rb

@@ -10,7 +10,7 @@ module Rex::Socket::SslTcp
 
 begin
 	@@loaded_openssl = false
-	
+
 	begin
 		require 'openssl'
 		@@loaded_openssl = true
@@ -62,64 +62,64 @@ begin
 			when 'SSL2'
 				version = :SSLv2
 			when 'SSL23'
-				version = :SSLv23				
+				version = :SSLv23
 			when 'TLS1'
 				version = :TLSv1
 			end
 		end
-		
+
 		# Build the SSL connection
 		self.sslctx  = OpenSSL::SSL::SSLContext.new(version)
-		
+
 		# Configure the SSL context
 		# TODO: Allow the user to specify the verify mode and callback
 		# Valid modes:
 		#  VERIFY_CLIENT_ONCE
-		#  VERIFY_FAIL_IF_NO_PEER_CERT 
+		#  VERIFY_FAIL_IF_NO_PEER_CERT
 		#  VERIFY_NONE
 		#  VERIFY_PEER
 		self.sslctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
 		self.sslctx.options = OpenSSL::SSL::OP_ALL
-		
+
 		# Set the verification callback
 		self.sslctx.verify_callback = Proc.new do |valid, store|
 			self.peer_verified = valid
 			true
 		end
-		
+
 		# Tie the context to a socket
 		self.sslsock = OpenSSL::SSL::SSLSocket.new(self, self.sslctx)
 
 		# XXX - enabling this causes infinite recursion, so disable for now
 		# self.sslsock.sync_close = true
 
-				
+
 		# Force a negotiation timeout
 		begin
-		Timeout.timeout(params.timeout) do 	
-			if not self.sslsock.respond_to?(:connect_nonblock)
+		Timeout.timeout(params.timeout) do
+			if not allow_nonblock?
 				self.sslsock.connect
 			else
 				begin
 					self.sslsock.connect_nonblock
-				
+
 				# Ruby 1.8.7 and 1.9.0/1.9.1 uses a standard Errno
 				rescue ::Errno::EAGAIN, ::Errno::EWOULDBLOCK
 						IO::select(nil, nil, nil, 0.10)
-						retry	
-				
-				# Ruby 1.9.2+ uses IO::WaitReadable/IO::WaitWritable			
+						retry
+
+				# Ruby 1.9.2+ uses IO::WaitReadable/IO::WaitWritable
 				rescue ::Exception => e
 					if ::IO.const_defined?('WaitReadable') and e.kind_of?(::IO::WaitReadable)
 						IO::select( [ self.sslsock ], nil, nil, 0.10 )
 						retry
 					end
-					
-					if ::IO.const_defined?('WaitWritable') and e.kind_of?(::IO::WaitWritable)						
+
+					if ::IO.const_defined?('WaitWritable') and e.kind_of?(::IO::WaitWritable)
 						IO::select( nil, [ self.sslsock ], nil, 0.10 )
 						retry
 					end
-					
+
 					raise e
 				end
 			end
@@ -140,7 +140,7 @@ begin
 	# Writes data over the SSL socket.
 	#
 	def write(buf, opts = {})
-		return sslsock.write(buf) if not self.sslsock.respond_to?(:write_nonblock)
+		return sslsock.write(buf) if not allow_nonblock?
 
 		total_sent   = 0
 		total_length = buf.length
@@ -162,7 +162,7 @@ begin
 
 		rescue ::IOError, ::Errno::EPIPE
 			return nil
-		
+
 		# Ruby 1.8.7 and 1.9.0/1.9.1 uses a standard Errno
 		rescue ::Errno::EAGAIN, ::Errno::EWOULDBLOCK
 			# Sleep for a half a second, or until we can write again
@@ -171,24 +171,24 @@ begin
 			block_size = 1024
 			# Try to write the data again
 			retry
-		
-		# Ruby 1.9.2+ uses IO::WaitReadable/IO::WaitWritable	
+
+		# Ruby 1.9.2+ uses IO::WaitReadable/IO::WaitWritable
 		rescue ::Exception => e
 			if ::IO.const_defined?('WaitReadable') and e.kind_of?(::IO::WaitReadable)
 				IO::select( [ self.sslsock ], nil, nil, retry_time )
 				retry
 			end
-					
-			if ::IO.const_defined?('WaitWritable') and e.kind_of?(::IO::WaitWritable)						
+
+			if ::IO.const_defined?('WaitWritable') and e.kind_of?(::IO::WaitWritable)
 				IO::select( nil, [ self.sslsock ], nil, retry_time )
 				retry
 			end
-			
+
 			# Another form of SSL error, this is always fatal
 			if e.kind_of?(::OpenSSL::SSL::SSLError)
 				return nil
 			end
-			
+
 			# Bubble the event up to the caller otherwise
 			raise e
 		end
@@ -199,8 +199,8 @@ begin
 	#
 	# Reads data from the SSL socket.
 	#
-	def read(length = nil, opts = {})	
-		if not self.sslsock.respond_to?(:read_nonblock)
+	def read(length = nil, opts = {})
+		if not allow_nonblock?
 			length = 16384 unless length
 			begin
 				return sslsock.sysread(length)
@@ -209,21 +209,21 @@ begin
 			end
 			return
 		end
-		
+
 
 		begin
-			while true 
-				s = Rex::ThreadSafe.select( [ self.sslsock ], nil, nil, 0.10 )	
+			while true
+				s = Rex::ThreadSafe.select( [ self.sslsock ], nil, nil, 0.10 )
 				if( s == nil || s[0] == nil )
 					next
-				end						
-				return sslsock.read_nonblock( length ) 				
+				end
+				return sslsock.read_nonblock( length )
 			end
-			
+
 		rescue ::IOError, ::Errno::EPIPE
 			return nil
 
-		# Ruby 1.8.7 and 1.9.0/1.9.1 uses a standard Errno	
+		# Ruby 1.8.7 and 1.9.0/1.9.1 uses a standard Errno
 		rescue ::Errno::EAGAIN, ::Errno::EWOULDBLOCK
 			# Sleep for a tenth a second, or until we can read again
 			Rex::ThreadSafe.select( [ self.sslsock ], nil, nil, 0.10 )
@@ -231,15 +231,15 @@ begin
 			block_size = 1024
 			# Try to write the data again
 			retry
-		
+
 		# Ruby 1.9.2+ uses IO::WaitReadable/IO::WaitWritable
 		rescue ::Exception => e
 			if ::IO.const_defined?('WaitReadable') and e.kind_of?(::IO::WaitReadable)
 				IO::select( [ self.sslsock ], nil, nil, 0.5 )
 				retry
 			end
-					
-			if ::IO.const_defined?('WaitWritable') and e.kind_of?(::IO::WaitWritable)						
+
+			if ::IO.const_defined?('WaitWritable') and e.kind_of?(::IO::WaitWritable)
 				IO::select( nil, [ self.sslsock ], nil, 0.5 )
 				retry
 			end
@@ -248,13 +248,13 @@ begin
 			if e.kind_of?(::OpenSSL::SSL::SSLError)
 				return nil
 			end
-				
+
 			raise e
 		end
 
 	end
 
-	
+
 	#
 	# Closes the SSL socket.
 	#
@@ -263,35 +263,35 @@ begin
 		super
 	end
 
-	# 
+	#
 	# Ignore shutdown requests
 	#
 	def shutdown(how=0)
 		# Calling shutdown() on an SSL socket can lead to bad things
 		# Cause of http://metasploit.com/dev/trac/ticket/102
 	end
-	
+
 	#
 	# Access to peer cert
 	#
 	def peer_cert
 		sslsock.peer_cert if sslsock
 	end
-	
+
 	#
 	# Access to peer cert chain
 	#
 	def peer_cert_chain
 		sslsock.peer_cert_chain if sslsock
 	end
-	
+
 	#
 	# Access to the current cipher
 	#
 	def cipher
 		sslsock.cipher if sslsock
 	end
-	
+
 	#
 	# Prevent a sysread from the bare socket
 	#
@@ -305,7 +305,20 @@ begin
 	def syswrite(*args)
 		raise RuntimeError, "Invalid syswrite() call on SSL socket"
 	end
-	
+
+	#
+	# This flag determines whether to use the non-blocking openssl
+	# API calls when they are available. This is still buggy on
+	# Linux/Mac OS X, but is required on Windows
+	#
+	def allow_nonblock?
+		avail = self.sslsock.respond_to?(:accept_nonblock)
+		if avail and Rex::Compat.is_windows
+			return true
+		end
+		false
+	end
+
 	attr_reader :peer_verified # :nodoc:
 	attr_accessor :sslsock, :sslctx # :nodoc:
 
@@ -322,3 +335,4 @@ end
 	end
 
 end
+

data/lib/rex/socket/ssl_tcp_server.rb

@@ -58,8 +58,7 @@ module Rex::Socket::SslTcpServer
 		begin
 			ssl = OpenSSL::SSL::SSLSocket.new(sock, self.sslctx)
 
-		
-			if not ssl.respond_to?(:accept_nonblock)	
+			if not allow_nonblock?(ssl)
 				ssl.accept
 			else
 				begin
@@ -70,22 +69,22 @@ module Rex::Socket::SslTcpServer
 						IO::select(nil, nil, nil, 0.10)
 						retry
 
-				# Ruby 1.9.2+ uses IO::WaitReadable/IO::WaitWritable			
+				# Ruby 1.9.2+ uses IO::WaitReadable/IO::WaitWritable
 				rescue ::Exception => e
 					if ::IO.const_defined?('WaitReadable') and e.kind_of?(::IO::WaitReadable)
 						IO::select( [ ssl ], nil, nil, 0.10 )
 						retry
 					end
-					
-					if ::IO.const_defined?('WaitWritable') and e.kind_of?(::IO::WaitWritable)						
+
+					if ::IO.const_defined?('WaitWritable') and e.kind_of?(::IO::WaitWritable)
 						IO::select( nil, [ ssl ], nil, 0.10 )
 						retry
 					end
-					
+
 					raise e
 				end
 			end
-			
+
 			sock.extend(Rex::Socket::SslTcp)
 			sock.sslsock = ssl
 			sock.sslctx  = self.sslctx
@@ -99,7 +98,7 @@ module Rex::Socket::SslTcpServer
 	end
 
 
-	# 
+	#
 	# Create a new ssl context.  If +ssl_cert+ is not given, generates a new
 	# key and a leaf certificate with random values.
 	#
@@ -155,6 +154,19 @@ module Rex::Socket::SslTcpServer
 		return ctx
 	end
 
+	#
+	# This flag determines whether to use the non-blocking openssl
+	# API calls when they are available. This is still buggy on
+	# Linux/Mac OS X, but is required on Windows
+	#
+	def allow_nonblock?(sock=self.sock)
+		avail = sock.respond_to?(:accept_nonblock)
+		if avail and Rex::Compat.is_windows
+			return true
+		end
+		false
+	end
+
 	attr_accessor :sslctx
 end
 

data/lib/rex/ui/text/input.rb

@@ -16,6 +16,7 @@ class Input
 	require 'rex/ui/text/input/stdio'
 	require 'rex/ui/text/input/readline'
 	require 'rex/ui/text/input/socket'
+	require 'rex/ui/text/input/buffer'
 	require 'rex/ui/text/color'
 
 	include Rex::Ui::Text::Color

metadata

@@ -1,31 +1,27 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: librex
-version: !ruby/object:Gem::Version 
+version: !ruby/object:Gem::Version
+  version: 0.0.46
   prerelease: 
-  version: 0.0.44
 platform: ruby
-authors: 
+authors:
 - Metasploit Development Team
 - Jacob Hammack
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2011-07-26 00:00:00 -05:00
-default_executable: 
+date: 2011-08-13 00:00:00.000000000Z
 dependencies: []
-
-description: Rex provides a variety of classes useful for security testing and exploit development. Based on SVN Revision 13354
-email: 
+description: Rex provides a variety of classes useful for security testing and exploit
+  development. Based on SVN Revision 13557
+email:
 - hdm@metasploit.com
 - jacob.hammack@hammackj.com
 executables: []
-
 extensions: []
-
-extra_rdoc_files: 
+extra_rdoc_files:
 - README.markdown
-files: 
+files:
 - Rakefile
 - README.markdown
 - lib/rex/arch/sparc.rb
@@ -157,6 +153,7 @@ files:
 - lib/rex/parser/arguments.rb
 - lib/rex/parser/arguments.rb.ut.rb
 - lib/rex/parser/burp_session_nokogiri.rb
+- lib/rex/parser/ci_nokogiri.rb
 - lib/rex/parser/foundstone_nokogiri.rb
 - lib/rex/parser/ini.rb
 - lib/rex/parser/ini.rb.ut.rb
@@ -215,6 +212,8 @@ files:
 - lib/rex/post/meterpreter/extensions/espia/tlv.rb
 - lib/rex/post/meterpreter/extensions/incognito/incognito.rb
 - lib/rex/post/meterpreter/extensions/incognito/tlv.rb
+- lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb
+- lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb
 - lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb
 - lib/rex/post/meterpreter/extensions/networkpug/tlv.rb
 - lib/rex/post/meterpreter/extensions/priv/fs.rb
@@ -358,6 +357,14 @@ files:
 - lib/rex/proto/http/server.rb.ut.rb
 - lib/rex/proto/http.rb
 - lib/rex/proto/http.rb.ts.rb
+- lib/rex/proto/iax2/call.rb
+- lib/rex/proto/iax2/client.rb
+- lib/rex/proto/iax2/codecs/alaw.rb
+- lib/rex/proto/iax2/codecs/g711.rb
+- lib/rex/proto/iax2/codecs/mulaw.rb
+- lib/rex/proto/iax2/codecs.rb
+- lib/rex/proto/iax2/constants.rb
+- lib/rex/proto/iax2.rb
 - lib/rex/proto/ntlm/base.rb
 - lib/rex/proto/ntlm/constants.rb
 - lib/rex/proto/ntlm/crypt.rb
@@ -485,33 +492,29 @@ files:
 - lib/rex/zip.rb
 - lib/rex.rb
 - lib/rex.rb.ts.rb
-has_rdoc: true
 homepage: http://www.metasploit.com/
-licenses: 
+licenses:
 - BSD
 post_install_message: 
 rdoc_options: []
-
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
       version: 1.8.7
-required_rubygems_version: !ruby/object:Gem::Requirement 
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      version: "0"
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
 rubyforge_project: 
-rubygems_version: 1.6.2
+rubygems_version: 1.8.6
 signing_key: 
 specification_version: 3
 summary: Ruby Exploitation Library
 test_files: []
-