RubyGems - librex - Versions diffs - 0.0.5 → 0.0.6 - Mend

librex 0.0.5 → 0.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (68) hide show

data/README.md +1 -1
data/Rakefile +13 -0
data/lib/rex.rb +4 -1
data/lib/rex/assembly/nasm.rb +4 -0
data/lib/rex/compat.rb +31 -1
data/lib/rex/encoder/alpha2/generic.rb +11 -10
data/lib/rex/exceptions.rb +1 -1
data/lib/rex/exploitation/egghunter.rb +27 -0
data/lib/rex/file.rb +13 -0
data/lib/rex/io/stream.rb +9 -1
data/lib/rex/io/stream_abstraction.rb +18 -7
data/lib/rex/io/stream_server.rb +2 -2
data/lib/rex/job_container.rb +1 -1
data/lib/rex/mime/message.rb +5 -4
data/lib/rex/ole.rb +83 -6
data/lib/rex/ole/propset.rb +144 -0
data/lib/rex/parser/ip360_aspl_xml.rb +102 -0
data/lib/rex/parser/ip360_xml.rb +93 -0
data/lib/rex/parser/nessus_xml.rb +118 -0
data/lib/rex/parser/netsparker_xml.rb +94 -0
data/lib/rex/parser/retina_xml.rb +109 -0
data/lib/rex/post/meterpreter/channel.rb +15 -8
data/lib/rex/post/meterpreter/client.rb +32 -3
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +1 -1
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +14 -5
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +1 -1
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +3 -3
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +1 -1
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +1 -1
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +5 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +16 -8
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +16 -7
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +1 -1
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +15 -4
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +13 -7
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +20 -0
data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +63 -0
data/lib/rex/post/meterpreter/packet_dispatcher.rb +18 -7
data/lib/rex/post/meterpreter/packet_response_waiter.rb +10 -17
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +1 -1
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +16 -6
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +4 -5
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +2 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +4 -2
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +157 -0
data/lib/rex/proto/dhcp/server.rb +8 -4
data/lib/rex/proto/http/client.rb +19 -45
data/lib/rex/proto/http/packet.rb +8 -5
data/lib/rex/proto/http/response.rb +8 -3
data/lib/rex/proto/http/server.rb +1 -1
data/lib/rex/proto/proxy/socks4a.rb +4 -4
data/lib/rex/proto/rfb.rb +19 -0
data/lib/rex/proto/rfb.rb.ut.rb +37 -0
data/lib/rex/proto/rfb/cipher.rb +78 -0
data/lib/rex/proto/rfb/client.rb +207 -0
data/lib/rex/proto/rfb/constants.rb +52 -0
data/lib/rex/proto/tftp/server.rb +20 -17
data/lib/rex/services/local_relay.rb +1 -1
data/lib/rex/socket.rb +69 -10
data/lib/rex/socket/comm/local.rb +7 -4
data/lib/rex/socket/range_walker.rb +14 -1
data/lib/rex/text.rb +28 -3
data/lib/rex/text.rb.ut.rb +14 -0
data/lib/rex/thread_factory.rb +42 -0
data/lib/rex/ui/text/input/buffer.rb +1 -1
data/lib/rex/zip/archive.rb +74 -9
data/lib/rex/zip/entry.rb +6 -1
metadata +22 -7

data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb CHANGED

@@ -22,7 +22,7 @@ module Sys
 ###
 class EventLog
-	class <<self
+	class << self
 		attr_accessor :client
 	end
@@ -60,6 +60,11 @@ class EventLog
 	def initialize(hand)
 		self.client = self.class.client
 		self.handle = hand
+		ObjectSpace.define_finalizer( self, self.class.finalize(self.client, self.handle) )
+	end
+	def self.finalize(client,handle)
+		proc { self.close(client,handle) }
 	end
 	#
@@ -169,16 +174,19 @@ class EventLog
 	end
 	#
-	# Return the record number of the oldest event (not necessarily 1).
+	# Close the event log
 	#
-	def close
+	def self.close(client, handle)
 		request = Packet.create_request('stdapi_sys_eventlog_close')
-		request.add_tlv(TLV_TYPE_EVENT_HANDLE, self.handle);
-		response = client.send_request(request)
+		request.add_tlv(TLV_TYPE_EVENT_HANDLE, handle);
+		response = client.send_request(request, nil)
 		return nil
 	end
+	# Instance method
+	def close
+		self.class.close(self.client, self.handle)
+	end
 end
-end end end end end end
+end end end end end end

data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb CHANGED

@@ -284,8 +284,14 @@ class Process < Rex::Post::Process
 				'memory' => Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessSubsystem::Memory.new(self),
 				'thread' => Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessSubsystem::Thread.new(self),
 			})
+		ObjectSpace.define_finalizer( self, self.class.finalize(self.client, self.handle) )
 	end
+	def self.finalize(client,handle)
+		proc { self.close(client,handle) }
+	end
 	#
 	# Returns the executable name of the process.
 	#
@@ -303,20 +309,23 @@ class Process < Rex::Post::Process
 	#
 	# Closes the handle to the process that was opened.
 	#
-	def close
+	def self.close(client, handle)
 		request = Packet.create_request('stdapi_sys_process_close')
 		request.add_tlv(TLV_TYPE_HANDLE, handle)
-		response = client.send_request(request)
+		response = client.send_request(request, nil)
 		handle = nil;
 		return true
 	end
+	#
+	# Instance method
+	#
+	def close(handle=self.handle)
+		self.class.close(self.client, handle)
+	end
 	#
-	# Block untill this process terminates on the remote side.
+	# Block until this process terminates on the remote side.
 	# By default we choose not to allow a packet responce timeout to
 	# occur as we may be waiting indefinatly for the process to terminate.
 	#

data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb CHANGED

@@ -126,4 +126,4 @@ protected
 end
-end; end; end; end; end; end; end
+end; end; end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb CHANGED

@@ -29,6 +29,12 @@ class RegistryKey
 		self.base_key = base_key
 		self.perm     = perm
 		self.hkey     = hkey
+		ObjectSpace.define_finalizer( self, self.class.finalize(self.client, self.hkey) )
+	end
+	def self.finalize(client,hkey)
+		proc { self.close(client,hkey) }
 	end
 	##
@@ -99,12 +105,17 @@ class RegistryKey
 	# Closes the open key.  This must be called if the registry
 	# key was opened.
 	#
-	def close()
-		if (self.hkey != nil)
-			return self.client.sys.registry.close_key(hkey)
+	def self.close(client, hkey)
+		if hkey != nil
+			return client.sys.registry.close_key(hkey)
 		end
-		return false
+		return false
+	end
+	# Instance method for the same
+	def close()
+		self.class.close(self.client, self.hkey)
 	end
 	##

data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb CHANGED

@@ -34,6 +34,11 @@ class Thread < Rex::Post::Thread
 		self.process = process
 		self.handle  = handle
 		self.tid     = tid
+		ObjectSpace.define_finalizer( self, self.class.finalize(self.process.client, self.handle) )
+	end
+	def self.finalize(client,handle)
+		proc { self.close(client,handle) }
 	end
 	##
@@ -153,17 +158,18 @@ class Thread < Rex::Post::Thread
 	#
 	# Closes the thread handle.
 	#
-	def close
+	def self.close(client, handle)
 		request = Packet.create_request('stdapi_sys_process_thread_close')
 		request.add_tlv(TLV_TYPE_THREAD_HANDLE, handle)
-		process.client.send_request(request)
+		client.send_request(request, nil)
 		handle = nil
 		return true
 	end
+	# Instance method
+	def close
+		self.class.close(self.process.client, self.handle)
+	end
 	attr_reader :process, :handle, :tid # :nodoc:
 protected
@@ -171,4 +177,4 @@ protected
 end
-end; end; end; end; end; end
+end; end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb CHANGED

@@ -187,5 +187,25 @@ TLV_TYPE_EVENT_DATA         = TLV_META_TYPE_RAW     | 4013
 TLV_TYPE_POWER_FLAGS        = TLV_META_TYPE_UINT    | 4100
 TLV_TYPE_POWER_REASON       = TLV_META_TYPE_UINT    | 4101
+##
+#
+# Webcam
+#
+##
+TLV_TYPE_WEBCAM_IMAGE       = TLV_META_TYPE_RAW     | (TLV_EXTENSIONS + 1)
+TLV_TYPE_WEBCAM_INTERFACE_ID= TLV_META_TYPE_UINT    | (TLV_EXTENSIONS + 2)
+TLV_TYPE_WEBCAM_QUALITY     = TLV_META_TYPE_UINT    | (TLV_EXTENSIONS + 3)
+TLV_TYPE_WEBCAM_NAME        = TLV_META_TYPE_STRING  | (TLV_EXTENSIONS + 4)
+##
+#
+# Audio
+#
+##
+TLV_TYPE_AUDIO_DURATION     = TLV_META_TYPE_UINT    | (TLV_EXTENSIONS + 1)
+TLV_TYPE_AUDIO_DATA         = TLV_META_TYPE_RAW     | (TLV_EXTENSIONS + 2)
 end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb ADDED

@@ -0,0 +1,63 @@
+#!/usr/bin/env ruby
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Stdapi
+module Webcam
+###
+#
+# This meterpreter extension can list and capture from webcams and/or microphone
+#
+###
+class Webcam
+	def initialize(client)
+		@client = client
+	end
+	def webcam_list
+		response = client.send_request(Packet.create_request('webcam_list'))
+		names = []
+		response.get_tlvs( TLV_TYPE_WEBCAM_NAME ).each{ |tlv|
+			names << tlv.value
+		}
+		names
+	end
+	# Starts recording video from video source of index #{cam}
+	def webcam_start(cam)
+		request = Packet.create_request('webcam_start')
+		request.add_tlv(TLV_TYPE_WEBCAM_INTERFACE_ID, cam)
+		client.send_request(request)
+		true
+	end
+	def webcam_get_frame(quality)
+		request = Packet.create_request('webcam_get_frame')
+		request.add_tlv(TLV_TYPE_WEBCAM_QUALITY, quality)
+		response = client.send_request(request)
+		response.get_tlv( TLV_TYPE_WEBCAM_IMAGE ).value
+	end
+	def webcam_stop
+		client.send_request( Packet.create_request( 'webcam_stop' )  )
+		true
+	end
+	# Record from default audio source for #{duration} seconds;
+	# returns a low-quality wav file
+	def record_mic(duration)
+		request = Packet.create_request('webcam_audio_record')
+		request.add_tlv(TLV_TYPE_AUDIO_DURATION, duration)
+		response = client.send_request(request)
+		response.get_tlv( TLV_TYPE_AUDIO_DATA ).value
+	end
+	attr_accessor :client
+end
+end; end; end; end; end; end

data/lib/rex/post/meterpreter/packet_dispatcher.rb CHANGED

@@ -14,9 +14,10 @@ module Meterpreter
 #
 ###
 class RequestError < ArgumentError
-	def initialize(method, result)
+	def initialize(method, einfo, ecode=nil)
 		@method = method
-		@result = result
+		@result = einfo
+		@code   = ecode || einfo
 	end
 	def to_s
@@ -26,8 +27,11 @@ class RequestError < ArgumentError
 	# The method that failed.
 	attr_reader :method
-	# The error result that occurred, typically a windows error code.
+	# The error result that occurred, typically a windows error message.
 	attr_reader :result
+	# The error result that occurred, typically a windows error code.
+	attr_reader :code
 end
 ###
@@ -38,7 +42,7 @@ end
 ###
 module PacketDispatcher
-	PacketTimeout = 30
+	PacketTimeout = 600
 	##
 	#
@@ -79,12 +83,19 @@ module PacketDispatcher
 	# Sends a packet and waits for a timeout for the given time interval.
 	#
 	def send_request(packet, t = self.response_timeout)
+		if not t
+			send_packet(packet)
+			return nil
+		end
 		response = send_packet_wait_response(packet, t)
 		if (response == nil)
 			raise TimeoutError.new("Send timed out")
 		elsif (response.result != 0)
-			e = RequestError.new(packet.method, response.result)
+			einfo = lookup_error(response.result)
+			e = RequestError.new(packet.method, einfo, response.result)
 			e.set_backtrace(caller)
@@ -139,7 +150,7 @@ module PacketDispatcher
 		self.alive = true
 		# Spawn a thread for receiving packets
-		self.receiver_thread = ::Thread.new do
+		self.receiver_thread = Rex::ThreadFactory.spawn("MeterpreterReceiver", false) do
 			while (self.alive)
 				begin
 					rv = Rex::ThreadSafe.select([ self.sock.fd ], nil, nil, 0.25)
@@ -191,7 +202,7 @@ module PacketDispatcher
 		end
 		# Spawn a new thread that monitors the socket
-		self.dispatcher_thread = ::Thread.new do
+		self.dispatcher_thread = Rex::ThreadFactory.spawn("MeterpreterDispatcher", false) do
 			begin
 			# Whether we're finished or not is determined by the receiver
 			# thread above.

data/lib/rex/post/meterpreter/packet_response_waiter.rb CHANGED

@@ -27,19 +27,7 @@ class PacketResponseWaiter
 			self.completion_routine = completion_routine
 			self.completion_param   = completion_param
 		else
-			self.done    = false
-			self.wthread = initialize_waiter_thread
-		end
-	end
-	#
-	# Create an idle thread we can wait on
-	#
-	def initialize_waiter_thread
-		::Thread.new do
-			while (! self.done)
-				::IO.select(nil,nil,nil,5.0)
-			end
+			self.done  = false
 		end
 	end
@@ -61,7 +49,6 @@ class PacketResponseWaiter
 			self.completion_routine.call(response, self.completion_param)
 		else
 			self.done = true
-			self.wthread.kill
 		end
 	end
@@ -71,10 +58,16 @@ class PacketResponseWaiter
 	#
 	def wait(interval)
 		if( interval and interval == -1 )
-			self.wthread.join
+			while(not self.done)
+				::IO.select(nil, nil, nil, 0.1)
+			end
 		else
 			begin
-				Timeout.timeout(interval) { self.wthread.join }
+				Timeout.timeout(interval) {
+					while(not self.done)
+						::IO.select(nil, nil, nil, 0.1)
+					end
+				}
 			rescue Timeout::Error
 				self.response = nil
 			end
@@ -82,7 +75,7 @@ class PacketResponseWaiter
 		return self.response
 	end
-	attr_accessor :rid, :done, :response, :wthread # :nodoc:
+	attr_accessor :rid, :done, :response # :nodoc:
 	attr_accessor :completion_routine, :completion_param # :nodoc:
 end

data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb CHANGED

@@ -389,7 +389,7 @@ class Console::CommandDispatcher::Core
 		self.bgjob_id += 1
 		# Get the script name
-		self.bgjobs[jid] = ::Thread.new(jid,args) do |myjid,xargs|
+		self.bgjobs[jid] = Rex::ThreadFactory.spawn("MeterpreterBGRun(#{args[0]})-#{jid}", false, jid, args) do |myjid,xargs|
 			::Thread.current[:args] = xargs.dup
 			begin
 				# the rest of the arguments get passed in through the binding

data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb CHANGED

@@ -177,7 +177,7 @@ class Console::CommandDispatcher::NetworkPug
 		response, @channel = client.networkpug.networkpug_start(interface, filter)
 		if(@channel)
-			@thread_stuff = ::Thread.new {
+			@thread_stuff = Rex::ThreadFactory.spawn("MeterpreterNetworkPUGReceiver", false) {
 				proxy_packets()
 			}
@@ -194,17 +194,27 @@ class Console::CommandDispatcher::NetworkPug
 			return
 		end
+		client.networkpug.networkpug_stop(interface)
+		#print_line("client.networkpug.networkpug_stop returned")
 		if(@thread_stuff)
-			::Thread.kill(@thread_stuff)
-			::Thread.join(@thread_stuff)
+			# print_line("killing thread")
+			@thread_stuff.kill
-			@thread_stuff = nil
+			#print_line("joining thread")
+			#@thread_stuff.join
+			# meterpreter dies if i try to join.. not sure why.
-			@channel.close
+			@thread_stuff = nil
+			#print_line("closing tapdev")
 			@tapdev.close
+			#print_line("closing channel")
+			#@channel.close
 		end
-		client.networkpug.networkpug_stop(interface)
 		print_status("Packet slinging stopped on #{interface}")
 		return true
 	end