RubyGems - librex - Versions diffs - 0.0.5 → 0.0.6 - Mend

librex 0.0.5 → 0.0.6

Files changed (68) hide show

data/README.md +1 -1
data/Rakefile +13 -0
data/lib/rex.rb +4 -1
data/lib/rex/assembly/nasm.rb +4 -0
data/lib/rex/compat.rb +31 -1
data/lib/rex/encoder/alpha2/generic.rb +11 -10
data/lib/rex/exceptions.rb +1 -1
data/lib/rex/exploitation/egghunter.rb +27 -0
data/lib/rex/file.rb +13 -0
data/lib/rex/io/stream.rb +9 -1
data/lib/rex/io/stream_abstraction.rb +18 -7
data/lib/rex/io/stream_server.rb +2 -2
data/lib/rex/job_container.rb +1 -1
data/lib/rex/mime/message.rb +5 -4
data/lib/rex/ole.rb +83 -6
data/lib/rex/ole/propset.rb +144 -0
data/lib/rex/parser/ip360_aspl_xml.rb +102 -0
data/lib/rex/parser/ip360_xml.rb +93 -0
data/lib/rex/parser/nessus_xml.rb +118 -0
data/lib/rex/parser/netsparker_xml.rb +94 -0
data/lib/rex/parser/retina_xml.rb +109 -0
data/lib/rex/post/meterpreter/channel.rb +15 -8
data/lib/rex/post/meterpreter/client.rb +32 -3
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +1 -1
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +14 -5
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +1 -1
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +3 -3
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +1 -1
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +1 -1
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +5 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +16 -8
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +16 -7
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +1 -1
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +15 -4
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +13 -7
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +20 -0
data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +63 -0
data/lib/rex/post/meterpreter/packet_dispatcher.rb +18 -7
data/lib/rex/post/meterpreter/packet_response_waiter.rb +10 -17
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +1 -1
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +16 -6
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +4 -5
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +2 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +4 -2
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +157 -0
data/lib/rex/proto/dhcp/server.rb +8 -4
data/lib/rex/proto/http/client.rb +19 -45
data/lib/rex/proto/http/packet.rb +8 -5
data/lib/rex/proto/http/response.rb +8 -3
data/lib/rex/proto/http/server.rb +1 -1
data/lib/rex/proto/proxy/socks4a.rb +4 -4
data/lib/rex/proto/rfb.rb +19 -0
data/lib/rex/proto/rfb.rb.ut.rb +37 -0
data/lib/rex/proto/rfb/cipher.rb +78 -0
data/lib/rex/proto/rfb/client.rb +207 -0
data/lib/rex/proto/rfb/constants.rb +52 -0
data/lib/rex/proto/tftp/server.rb +20 -17
data/lib/rex/services/local_relay.rb +1 -1
data/lib/rex/socket.rb +69 -10
data/lib/rex/socket/comm/local.rb +7 -4
data/lib/rex/socket/range_walker.rb +14 -1
data/lib/rex/text.rb +28 -3
data/lib/rex/text.rb.ut.rb +14 -0
data/lib/rex/thread_factory.rb +42 -0
data/lib/rex/ui/text/input/buffer.rb +1 -1
data/lib/rex/zip/archive.rb +74 -9
data/lib/rex/zip/entry.rb +6 -1
metadata +22 -7

data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb CHANGED

@@ -22,7 +22,7 @@ module Sys
 ###
 class EventLog
-	class <<self
+	class << self
 		attr_accessor :client
 	end
@@ -60,6 +60,11 @@ class EventLog
 	def initialize(hand)
 		self.client = self.class.client
 		self.handle = hand
+		ObjectSpace.define_finalizer( self, self.class.finalize(self.client, self.handle) )
+	end
+	def self.finalize(client,handle)
+		proc { self.close(client,handle) }
 	end
 	#
@@ -169,16 +174,19 @@ class EventLog
 	end
 	#
-	# Return the record number of the oldest event (not necessarily 1).
+	# Close the event log
 	#
-	def close
+	def self.close(client, handle)
 		request = Packet.create_request('stdapi_sys_eventlog_close')
-		request.add_tlv(TLV_TYPE_EVENT_HANDLE, self.handle);
-		response = client.send_request(request)
+		request.add_tlv(TLV_TYPE_EVENT_HANDLE, handle);
+		response = client.send_request(request, nil)
 		return nil
 	end
+	# Instance method
+	def close
+		self.class.close(self.client, self.handle)
+	end
 end
-end end end end end end
+end end end end end end

data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb CHANGED

@@ -284,8 +284,14 @@ class Process < Rex::Post::Process
 				'memory' => Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessSubsystem::Memory.new(self),
 				'thread' => Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessSubsystem::Thread.new(self),
 			})
+		ObjectSpace.define_finalizer( self, self.class.finalize(self.client, self.handle) )
 	end
+	def self.finalize(client,handle)
+		proc { self.close(client,handle) }
+	end
 	#
 	# Returns the executable name of the process.
 	#
@@ -303,20 +309,23 @@ class Process < Rex::Post::Process
 	#
 	# Closes the handle to the process that was opened.
 	#
-	def close
+	def self.close(client, handle)
 		request = Packet.create_request('stdapi_sys_process_close')
 		request.add_tlv(TLV_TYPE_HANDLE, handle)
-		response = client.send_request(request)
+		response = client.send_request(request, nil)
 		handle = nil;
 		return true
 	end
+	#
+	# Instance method
+	#
+	def close(handle=self.handle)
+		self.class.close(self.client, handle)
+	end
 	#
-	# Block untill this process terminates on the remote side.
+	# Block until this process terminates on the remote side.
 	# By default we choose not to allow a packet responce timeout to
 	# occur as we may be waiting indefinatly for the process to terminate.
 	#

data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb CHANGED

@@ -126,4 +126,4 @@ protected
 end
-end; end; end; end; end; end; end
+end; end; end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb CHANGED

@@ -29,6 +29,12 @@ class RegistryKey
 		self.base_key = base_key
 		self.perm     = perm
 		self.hkey     = hkey
+		ObjectSpace.define_finalizer( self, self.class.finalize(self.client, self.hkey) )
+	end
+	def self.finalize(client,hkey)
+		proc { self.close(client,hkey) }
 	end
 	##
@@ -99,12 +105,17 @@ class RegistryKey
 	# Closes the open key.  This must be called if the registry
 	# key was opened.
 	#
-	def close()
-		if (self.hkey != nil)
-			return self.client.sys.registry.close_key(hkey)
+	def self.close(client, hkey)
+		if hkey != nil
+			return client.sys.registry.close_key(hkey)
 		end
-		return false
+		return false
+	end
+	# Instance method for the same
+	def close()
+		self.class.close(self.client, self.hkey)
 	end
 	##

data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb CHANGED

@@ -34,6 +34,11 @@ class Thread < Rex::Post::Thread
 		self.process = process
 		self.handle  = handle
 		self.tid     = tid
+		ObjectSpace.define_finalizer( self, self.class.finalize(self.process.client, self.handle) )
+	end
+	def self.finalize(client,handle)
+		proc { self.close(client,handle) }
 	end
 	##
@@ -153,17 +158,18 @@ class Thread < Rex::Post::Thread
 	#
 	# Closes the thread handle.
 	#
-	def close
+	def self.close(client, handle)
 		request = Packet.create_request('stdapi_sys_process_thread_close')
 		request.add_tlv(TLV_TYPE_THREAD_HANDLE, handle)
-		process.client.send_request(request)
+		client.send_request(request, nil)
 		handle = nil
 		return true
 	end
+	# Instance method
+	def close
+		self.class.close(self.process.client, self.handle)
+	end
 	attr_reader :process, :handle, :tid # :nodoc:
 protected
@@ -171,4 +177,4 @@ protected
 end
-end; end; end; end; end; end
+end; end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb CHANGED

@@ -187,5 +187,25 @@ TLV_TYPE_EVENT_DATA         = TLV_META_TYPE_RAW     | 4013
 TLV_TYPE_POWER_FLAGS        = TLV_META_TYPE_UINT    | 4100
 TLV_TYPE_POWER_REASON       = TLV_META_TYPE_UINT    | 4101
+##
+#
+# Webcam
+#
+##
+TLV_TYPE_WEBCAM_IMAGE       = TLV_META_TYPE_RAW     | (TLV_EXTENSIONS + 1)
+TLV_TYPE_WEBCAM_INTERFACE_ID= TLV_META_TYPE_UINT    | (TLV_EXTENSIONS + 2)
+TLV_TYPE_WEBCAM_QUALITY     = TLV_META_TYPE_UINT    | (TLV_EXTENSIONS + 3)
+TLV_TYPE_WEBCAM_NAME        = TLV_META_TYPE_STRING  | (TLV_EXTENSIONS + 4)
+##
+#
+# Audio
+#
+##
+TLV_TYPE_AUDIO_DURATION     = TLV_META_TYPE_UINT    | (TLV_EXTENSIONS + 1)
+TLV_TYPE_AUDIO_DATA         = TLV_META_TYPE_RAW     | (TLV_EXTENSIONS + 2)
 end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb ADDED

@@ -0,0 +1,63 @@
+#!/usr/bin/env ruby
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Stdapi
+module Webcam
+###
+#
+# This meterpreter extension can list and capture from webcams and/or microphone
+#
+###
+class Webcam
+	def initialize(client)
+		@client = client
+	end
+	def webcam_list
+		response = client.send_request(Packet.create_request('webcam_list'))
+		names = []
+		response.get_tlvs( TLV_TYPE_WEBCAM_NAME ).each{ |tlv|
+			names << tlv.value
+		}
+		names
+	end
+	# Starts recording video from video source of index #{cam}
+	def webcam_start(cam)
+		request = Packet.create_request('webcam_start')
+		request.add_tlv(TLV_TYPE_WEBCAM_INTERFACE_ID, cam)
+		client.send_request(request)
+		true
+	end
+	def webcam_get_frame(quality)
+		request = Packet.create_request('webcam_get_frame')
+		request.add_tlv(TLV_TYPE_WEBCAM_QUALITY, quality)
+		response = client.send_request(request)
+		response.get_tlv( TLV_TYPE_WEBCAM_IMAGE ).value
+	end
+	def webcam_stop
+		client.send_request( Packet.create_request( 'webcam_stop' )  )
+		true
+	end
+	# Record from default audio source for #{duration} seconds;
+	# returns a low-quality wav file
+	def record_mic(duration)
+		request = Packet.create_request('webcam_audio_record')
+		request.add_tlv(TLV_TYPE_AUDIO_DURATION, duration)
+		response = client.send_request(request)
+		response.get_tlv( TLV_TYPE_AUDIO_DATA ).value
+	end
+	attr_accessor :client
+end
+end; end; end; end; end; end

data/lib/rex/post/meterpreter/packet_dispatcher.rb CHANGED

@@ -14,9 +14,10 @@ module Meterpreter
 #
 ###
 class RequestError < ArgumentError
-	def initialize(method, result)
+	def initialize(method, einfo, ecode=nil)
 		@method = method
-		@result = result
+		@result = einfo
+		@code   = ecode || einfo
 	end
 	def to_s
@@ -26,8 +27,11 @@ class RequestError < ArgumentError
 	# The method that failed.
 	attr_reader :method
-	# The error result that occurred, typically a windows error code.
+	# The error result that occurred, typically a windows error message.
 	attr_reader :result
+	# The error result that occurred, typically a windows error code.
+	attr_reader :code
 end
 ###
@@ -38,7 +42,7 @@ end
 ###
 module PacketDispatcher
-	PacketTimeout = 30
+	PacketTimeout = 600
 	##
 	#
@@ -79,12 +83,19 @@ module PacketDispatcher
 	# Sends a packet and waits for a timeout for the given time interval.
 	#
 	def send_request(packet, t = self.response_timeout)
+		if not t
+			send_packet(packet)
+			return nil
+		end
 		response = send_packet_wait_response(packet, t)
 		if (response == nil)
 			raise TimeoutError.new("Send timed out")
 		elsif (response.result != 0)
-			e = RequestError.new(packet.method, response.result)
+			einfo = lookup_error(response.result)
+			e = RequestError.new(packet.method, einfo, response.result)
 			e.set_backtrace(caller)
@@ -139,7 +150,7 @@ module PacketDispatcher
 		self.alive = true
 		# Spawn a thread for receiving packets
-		self.receiver_thread = ::Thread.new do
+		self.receiver_thread = Rex::ThreadFactory.spawn("MeterpreterReceiver", false) do
 			while (self.alive)
 				begin
 					rv = Rex::ThreadSafe.select([ self.sock.fd ], nil, nil, 0.25)
@@ -191,7 +202,7 @@ module PacketDispatcher
 		end
 		# Spawn a new thread that monitors the socket
-		self.dispatcher_thread = ::Thread.new do
+		self.dispatcher_thread = Rex::ThreadFactory.spawn("MeterpreterDispatcher", false) do
 			begin
 			# Whether we're finished or not is determined by the receiver
 			# thread above.

data/lib/rex/post/meterpreter/packet_response_waiter.rb CHANGED

@@ -27,19 +27,7 @@ class PacketResponseWaiter
 			self.completion_routine = completion_routine
 			self.completion_param   = completion_param
 		else
-			self.done    = false
-			self.wthread = initialize_waiter_thread
-		end
-	end
-	#
-	# Create an idle thread we can wait on
-	#
-	def initialize_waiter_thread
-		::Thread.new do
-			while (! self.done)
-				::IO.select(nil,nil,nil,5.0)
-			end
+			self.done  = false
 		end
 	end
@@ -61,7 +49,6 @@ class PacketResponseWaiter
 			self.completion_routine.call(response, self.completion_param)
 		else
 			self.done = true
-			self.wthread.kill
 		end
 	end
@@ -71,10 +58,16 @@ class PacketResponseWaiter
 	#
 	def wait(interval)
 		if( interval and interval == -1 )
-			self.wthread.join
+			while(not self.done)
+				::IO.select(nil, nil, nil, 0.1)
+			end
 		else
 			begin
-				Timeout.timeout(interval) { self.wthread.join }
+				Timeout.timeout(interval) {
+					while(not self.done)
+						::IO.select(nil, nil, nil, 0.1)
+					end
+				}
 			rescue Timeout::Error
 				self.response = nil
 			end
@@ -82,7 +75,7 @@ class PacketResponseWaiter
 		return self.response
 	end
-	attr_accessor :rid, :done, :response, :wthread # :nodoc:
+	attr_accessor :rid, :done, :response # :nodoc:
 	attr_accessor :completion_routine, :completion_param # :nodoc:
 end

data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb CHANGED

@@ -389,7 +389,7 @@ class Console::CommandDispatcher::Core
 		self.bgjob_id += 1
 		# Get the script name
-		self.bgjobs[jid] = ::Thread.new(jid,args) do |myjid,xargs|
+		self.bgjobs[jid] = Rex::ThreadFactory.spawn("MeterpreterBGRun(#{args[0]})-#{jid}", false, jid, args) do |myjid,xargs|
 			::Thread.current[:args] = xargs.dup
 			begin
 				# the rest of the arguments get passed in through the binding

data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb CHANGED

@@ -177,7 +177,7 @@ class Console::CommandDispatcher::NetworkPug
 		response, @channel = client.networkpug.networkpug_start(interface, filter)
 		if(@channel)
-			@thread_stuff = ::Thread.new {
+			@thread_stuff = Rex::ThreadFactory.spawn("MeterpreterNetworkPUGReceiver", false) {
 				proxy_packets()
 			}
@@ -194,17 +194,27 @@ class Console::CommandDispatcher::NetworkPug
 			return
 		end
+		client.networkpug.networkpug_stop(interface)
+		#print_line("client.networkpug.networkpug_stop returned")
 		if(@thread_stuff)
-			::Thread.kill(@thread_stuff)
-			::Thread.join(@thread_stuff)
+			# print_line("killing thread")
+			@thread_stuff.kill
-			@thread_stuff = nil
+			#print_line("joining thread")
+			#@thread_stuff.join
+			# meterpreter dies if i try to join.. not sure why.
-			@channel.close
+			@thread_stuff = nil
+			#print_line("closing tapdev")
 			@tapdev.close
+			#print_line("closing channel")
+			#@channel.close
 		end
-		client.networkpug.networkpug_stop(interface)
 		print_status("Packet slinging stopped on #{interface}")
 		return true
 	end