librex 0.0.6 → 0.0.7

data/lib/rex/proto/tftp/server.rb

@@ -1,4 +1,4 @@
-# $Id: server.rb 11454 2010-12-30 16:37:58Z hdm $
+# $Id: server.rb 11636 2011-01-25 02:24:37Z hdm $
 require 'rex/socket'
 require 'rex/proto/tftp'
 
@@ -194,7 +194,7 @@ protected
 		if @output_dir
 			fn = tr[:file][:name].split(File::SEPARATOR)[-1]
 			if fn
-				fn = ::File.join(@output_dir, fn)
+				fn = ::File.join(@output_dir, Rex::FileUtils.clean_path(fn))
 				::File.open(fn, "wb") { |fd|
 					fd.write(tr[:file][:data])
 				}

data/lib/rex/script/base.rb

@@ -35,8 +35,8 @@ class Base
 		raise Rex::Script::Completed
 	end
 
-	def run(args)
-		self.args = args
+	def run(args=[])
+		self.args = args = args.flatten
 		begin
 			eval(::File.read(self.path, ::File.size(self.path)), binding )
 		rescue ::Interrupt

data/lib/rex/socket.rb

@@ -131,6 +131,18 @@ module Socket
 		(addr =~ /^(?:(?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2}))$/) ? true : false
 	end
 
+	#
+	# Return true if +addr+ is within the ranges specified in RFC1918, or
+	# RFC5735/RFC3927
+	#
+	def self.is_internal?(addr)
+		if self.dotted_ip?(addr)
+			addr =~ /^(?:10\.|192\.168|172.(?:1[6-9]|2[0-9]|3[01])\.|169\.254)/
+		else
+			false
+		end
+	end
+
 	#
 	# Wrapper for Resolv.getaddress that takes special care to see if the
 	# supplied address is already a dotted quad, for instance.  This is

data/lib/rex/socket.rb.ut.rb

@@ -42,25 +42,35 @@ class Rex::Socket::UnitTest < Test::Unit::TestCase
 	end
 
 	def test_to_sockaddr
-		assert_equal("\x00" * 16, Rex::Socket.to_sockaddr(nil, 0, 0), "null sockaddr")
-		assert_equal([2].pack('s') + "\x00\x16" + "\x00" * 12, Rex::Socket.to_sockaddr(nil, 22), "default addr, port 22 sockaddr")
-		assert_equal([2].pack('s') + "\x00\x16\x01\x02\x03\x04" + "\x00" * 8, Rex::Socket.to_sockaddr("1.2.3.4", 22), "1.2.3.4 addr, port 22 sockaddr")
+		assert_equal(([2] + [0]*14).pack("sC*"), Rex::Socket.to_sockaddr(0, 0), "null sockaddr")
+=begin
+# This is platform dependent, pain to test
+		if (Rex::Socket.support_ipv6?)
+			# Use the constant for AF_INET6 since it is different per platform
+			# (10 on linux and 28 on BSD)
+			inaddr_any_sockaddr = ([::Socket::AF_INET6, 22] + [0]*24).pack('sSC*')
+		else
+			inaddr_any_sockaddr = ([2, 22] + [0]*12).pack('snC*')
+		end
+=end
+		assert_equal(([2, 0x16, 1, 2, 3, 4] + [0]*8).pack('snC*'), Rex::Socket.to_sockaddr("1.2.3.4", 22), "1.2.3.4 addr, port 22 sockaddr")
 	end
 
 	def test_from_sockaddr
-		af, host, port = Rex::Socket.from_sockaddr("\x00" * 16)
-		assert_equal(0, af, "zero af")
+		# 1.9.1 raises ArgumentError if we don't have an af == AF_INET or AF_INET6
+		af, host, port = Rex::Socket.from_sockaddr(([2, 0] + [0]*12).pack('snC*'))
+		assert_equal(2, af, "af = 2")
 		assert_equal('0.0.0.0', host, "zero host")
 		assert_equal(0, port, "zero port")
 
-		af, host, port = Rex::Socket.from_sockaddr([2].pack('s') + "\x00\x16" + "\x00" * 12)
+		af, host, port = Rex::Socket.from_sockaddr(([2, 22]+[0]*12).pack('snC*'))
 		assert_equal(2, af, "af = 2")
-		assert_equal('0.0.0.0', host, "zero host")
 		assert_equal(22, port, "port = 22")
+		assert_equal('0.0.0.0', host, "zero host")
 
-		af, host, port = Rex::Socket.from_sockaddr([2].pack('s') + "\x00\x16\x01\x02\x03\x04" + "\x00" * 8)
+		af, host, port = Rex::Socket.from_sockaddr(([2, 22, 1, 2, 3, 4] + [0]*8).pack('snC*') )
 		assert_equal(2, af, "af = 2")
-		assert_equal('1.2.3.4', host, "zero host")
+		assert_equal('1.2.3.4', host, "host = '1.2.3.4'")
 		assert_equal(22, port, "port = 22")
 	end
 
@@ -83,4 +93,15 @@ class Rex::Socket::UnitTest < Test::Unit::TestCase
 		assert_equal("255.255.0.0", Rex::Socket.bit2netmask(16))
 	end
 
-end
+	def test_is_internal
+		assert( ! Rex::Socket.is_internal?("1.2.3.4"))
+		assert( ! Rex::Socket.is_internal?("172.15.3.4"))
+		assert( ! Rex::Socket.is_internal?("172.32.3.4"))
+		assert(Rex::Socket.is_internal?("10.2.3.4"))
+		assert(Rex::Socket.is_internal?("192.168.3.4"))
+		16.upto(31) do |octet|
+			assert(Rex::Socket.is_internal?("172.#{octet}.3.4"))
+		end
+	end
+
+end

data/lib/rex/socket/ssl_tcp_server.rb.ut.rb

@@ -5,17 +5,23 @@ $:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
 require 'test/unit'
 require 'rex/socket/ssl_tcp_server'
 require 'rex/socket/ssl_tcp'
+require 'rex/text'
 
 class Rex::Socket::SslTcpServer::UnitTest < Test::Unit::TestCase
 
 	# XXX.  The client data is sent & decrypted just fine.  The server data is not.  the client thread just spins.  BAH.
+	#
+	# As of 2011-03-04, works fine on 1.8.6-p399, 1.8.7-p330, 1.9.1-p378
+	#
 	def test_tcp_server
-		return;
+		#return;
 
 		serv_port = 65433
 		c = nil
 
 		threads = []
+
+		# Server thread
 		threads << Thread.new() {
 			serv = Rex::Socket.create_tcp_server('LocalPort' => serv_port, 'SSL' => true)
 			assert_kind_of(Rex::Socket::SslTcpServer, serv, "type => ssl")
@@ -24,12 +30,16 @@ class Rex::Socket::SslTcpServer::UnitTest < Test::Unit::TestCase
 			s = serv.accept
 			assert_equal("client_data\n", s.get_once(), "s: get_once")
 			assert_equal(3, s.write("Yo\n"), "s: put Yo")
-			assert(s.methods.include?('<<'))
-			assert(s.methods.include?('>>'))
-			assert(s.methods.include?('has_read_data?'))
+			# Make sure methods are Strings for 1.9 compat (which returns
+			# symbols)
+			meths = s.methods.map {|m| m.to_s}
+			assert(meths.include?("<<"), "Has <<")
+			assert(meths.include?(">>"), "Has >>")
+			assert(meths.include?("has_read_data?"), "Has has_read_data?")
 			serv.close
 		}
 
+		# Client thread
 		threads << Thread.new() {
 			sleep(2)
 			assert_nothing_raised {
@@ -48,4 +58,4 @@ class Rex::Socket::SslTcpServer::UnitTest < Test::Unit::TestCase
 		threads.each { |aThread|  aThread.join }
 	end
 
-end
+end

data/lib/rex/text.rb

@@ -237,7 +237,7 @@ module Text
 	#
 	def self.to_hex_ascii(str, prefix = "\\x", count = 1, suffix=nil)
 		raise ::RuntimeError, "unable to chunk into #{count} byte chunks" if ((str.length % count) > 0)
-		return str.unpack('H*')[0].gsub(Regexp.new(".{#{count * 2}}", nil, 'n')) { |s| 
+		return str.unpack('H*')[0].gsub(Regexp.new(".{#{count * 2}}", nil, 'n')) { |s|
 			(0x20..0x7e) === s.to_i(16) ? s.to_i(16).chr : prefix + s + suffix.to_s
 		}
 	end
@@ -414,6 +414,33 @@ module Text
 		end
 	end
 
+	#
+	# Converts a unicode string to standard ASCII text.
+	#
+	def self.to_ascii(str='', type = 'utf-16le', mode = '', size = '')
+		return '' if not str
+		case type
+		when 'utf-16le'
+			return str.unpack('v*').pack('C*')
+		when 'utf-16be'
+			return str.unpack('n*').pack('C*')
+		when 'utf-32le'
+			return str.unpack('V*').pack('C*')
+		when 'utf-32be'
+			return str.unpack('N*').pack('C*')
+		when 'utf-7'
+			raise TypeError, 'invalid utf type, not yet implemented'
+		when 'utf-8'
+			raise TypeError, 'invalid utf type, not yet implemented'
+		when 'uhwtfms' # suggested name from HD :P
+			raise TypeError, 'invalid utf type, not yet implemented'
+		when 'uhwtfms-half' # suggested name from HD :P
+			raise TypeError, 'invalid utf type, not yet implemented'
+		else
+			raise TypeError, 'invalid utf type'
+		end
+	end
+
 	#
 	# Encode a string in a manor useful for HTTP URIs and URI Parameters.
 	#
@@ -795,7 +822,7 @@ module Text
 		sets.size.times { counter << 0}
 		0.upto(len-1) do |i|
 			setnum = i % sets.size
-			
+
 			puts counter.inspect
 		end
 
@@ -891,7 +918,8 @@ module Text
 		raise RuntimeError, "Invalid gzip compression level" if (level < 1 or level > 9)
 
 		s = ""
-		gz = Zlib::GzipWriter.new(StringIO.new(s), level)
+		s.force_encoding('ASCII-8BIT') if s.respond_to?(:encoding)
+		gz = Zlib::GzipWriter.new(StringIO.new(s, 'wb'), level)
 		gz << str
 		gz.close
 		return s
@@ -904,7 +932,8 @@ module Text
 		raise RuntimeError, "Gzip support is not present." if (!zlib_present?)
 
 		s = ""
-		gz = Zlib::GzipReader.new(StringIO.new(str))
+		s.force_encoding('ASCII-8BIT') if s.respond_to?(:encoding)
+		gz = Zlib::GzipReader.new(StringIO.new(str, 'rb'))
 		s << gz.read
 		gz.close
 		return s
@@ -1034,6 +1063,28 @@ module Text
 		[bits.join].pack("B32").unpack("N")[0]
 	end
 
+	#
+	# Split a string by n charachter into an array
+	#
+	def self.split_to_a(str, n)
+		if n > 0
+			s = str.dup
+			until s.empty?
+				(ret ||= []).push s.slice!(0, n)
+			end
+		else
+			ret = str
+		end
+       		ret
+	end
+
+	#
+	#Pack a value as 64 bit litle endian; does not exist for Array.pack
+	#
+	def self.pack_int64le(val)
+		[val & 0x00000000ffffffff, val >> 32].pack("V2")
+	end
+	
 
 protected
 

data/lib/rex/ui/output.rb

@@ -17,8 +17,6 @@ class Output
 	# Text-based output
 	require 'rex/ui/text/output'
 
-	attr_accessor :on_print_proc
-
 	#
 	# Prints an error message.
 	#

data/lib/rex/ui/text/dispatcher_shell.rb

@@ -1,4 +1,5 @@
 require 'rex/ui'
+require 'pp'
 
 module Rex
 module Ui
@@ -79,11 +80,75 @@ module DispatcherShell
 			shell.update_prompt(prompt)
 		end
 
+		#
+		# Displays the help banner.  With no arguments, this is just a list of
+		# all commands grouped by dispatcher.  Otherwise, tries to use a method
+		# named cmd_#{+cmd+}_help for the first dispatcher that has a command
+		# named +cmd+.
+		#
+		def cmd_help(cmd=nil, *ignored)
+			if cmd
+				help_found = false
+				cmd_found = false
+				shell.dispatcher_stack.each do |dispatcher|
+					next unless dispatcher.respond_to?(:commands)
+					next if (dispatcher.commands.nil?)
+					next if (dispatcher.commands.length == 0)
+
+					if dispatcher.respond_to?("cmd_#{cmd}")
+						cmd_found = true
+						break unless dispatcher.respond_to? "cmd_#{cmd}_help"
+						dispatcher.send("cmd_#{cmd}_help")
+						help_found = true
+						break
+					end
+				end
+				print_error("No help for #{cmd}, try -h") if cmd_found and not help_found
+				print_error("No such command") if not cmd_found
+			else
+				print(shell.help_to_s)
+			end
+		end
+
+		#
+		# Tab completion for the help command
+		#
+		# By default just returns a list of all commands in all dispatchers.
+		#
+		def cmd_help_tabs(str, words)
+			return [] if words.length > 1
+
+			tabs = []
+			shell.dispatcher_stack.each { |dispatcher|
+				tabs += dispatcher.commands.keys
+			}
+			return tabs
+		end
+
+		alias cmd_? cmd_help
+
+
 		#
 		# No tab completion items by default
 		#
 		attr_accessor :shell, :tab_complete_items
 
+		#
+		# Provide a generic tab completion for file names.
+		#
+		# If the only completion is a directory, this descends into that directory
+		# and continues completions with filenames contained within.
+		#
+		def tab_complete_filenames(str, words)
+			matches = ::Readline::FILENAME_COMPLETION_PROC.call(str)
+			if matches and matches.length == 1 and File.directory?(matches[0])
+				dir = matches[0]
+				dir += File::SEPARATOR if dir[-1,1] != File::SEPARATOR
+				matches = ::Readline::FILENAME_COMPLETION_PROC.call(dir) 
+			end
+			matches
+		end
+
 	end
 
 	#
@@ -91,8 +156,6 @@ module DispatcherShell
 	#
 	include Shell
 
-	attr_accessor :on_command_proc
-
 	#
 	# Initialize the dispatcher shell.
 	#
@@ -148,20 +211,22 @@ module DispatcherShell
 		
 			# If no command is set and it supports commands, add them all
 			if (tab_words.empty? and dispatcher.respond_to?('commands'))
-				items.concat(dispatcher.commands.to_a.map { |x| x[0] })
+				items.concat(dispatcher.commands.keys)
 			end
 
 			# If the dispatcher exports a tab completion function, use it
 			if(dispatcher.respond_to?('tab_complete_helper'))
 				res = dispatcher.tab_complete_helper(str, tab_words)
+			else
+				res = tab_complete_helper(dispatcher, str, tab_words)
+			end
 
-				if (res.nil?)
-					# A nil response indicates no optional arguments
-					return [''] if items.empty?
-				else
-					# Otherwise we add the completion items to the list
-					items.concat(res)
-				end
+			if (res.nil?)
+				# A nil response indicates no optional arguments
+				return [''] if items.empty?
+			else
+				# Otherwise we add the completion items to the list
+				items.concat(res)
 			end
 		}
 
@@ -184,6 +249,26 @@ module DispatcherShell
 		}
 	end
 
+	#
+	# Provide command-specific tab completion
+	#
+	def tab_complete_helper(dispatcher, str, words)
+		items = []
+
+		tabs_meth = "cmd_#{words[0]}_tabs"
+		# Is the user trying to tab complete one of our commands?
+		if (dispatcher.commands.include?(words[0]) and dispatcher.respond_to?(tabs_meth))
+			res = dispatcher.send(tabs_meth, str, words)
+			return [] if res.nil?
+			items.concat(res)
+		else
+			# Avoid the default completion list for known commands
+			return []
+		end
+
+		return items
+	end
+
 	#
 	# Run a single command line.
 	#

data/lib/rex/ui/text/output/buffer.rb

@@ -28,10 +28,6 @@ class Output::Buffer < Rex::Ui::Text::Output
 	def print_raw(msg = '')
 		self.buf += msg || ''
 
-		if self.on_print_proc
-			self.on_print_proc.call(msg)
-		end
-
 		msg
 	end
 

data/lib/rex/ui/text/shell.rb

@@ -204,6 +204,7 @@ module Shell
 	def print_error(msg='')
 		return if (output.nil?)
 
+		self.on_print_proc.call(msg) if self.on_print_proc
 		# Errors are not subject to disabled output
 		log_output(output.print_error(msg))
 	end
@@ -214,6 +215,7 @@ module Shell
 	def print_status(msg='')
 		return if (disable_output == true)
 
+		self.on_print_proc.call(msg) if self.on_print_proc
 		log_output(output.print_status(msg))
 	end
 
@@ -223,6 +225,7 @@ module Shell
 	def print_good(msg='')
 		return if (disable_output == true)
 
+		self.on_print_proc.call(msg) if self.on_print_proc
 		log_output(output.print_good(msg))
 	end
 
@@ -232,6 +235,7 @@ module Shell
 	def print_line(msg='')
 		return if (disable_output == true)
 
+		self.on_print_proc.call(msg) if self.on_print_proc
 		log_output(output.print_line(msg))
 	end
 
@@ -240,6 +244,7 @@ module Shell
 	#
 	def print(msg='')
 		return if (disable_output == true)
+		self.on_print_proc.call(msg) if self.on_print_proc
 		log_output(output.print(msg))
 	end
 
@@ -256,6 +261,9 @@ module Shell
 	#
 	attr_reader   :output
 
+	attr_accessor :on_command_proc
+	attr_accessor :on_print_proc
+
 protected
 
 	#