librex 0.0.63 → 0.0.65

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (50) hide show
  1. data/README.markdown +1 -1
  2. data/lib/rex/assembly/nasm.rb +4 -4
  3. data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +4 -4
  4. data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +2 -2
  5. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +1 -1
  6. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +27 -27
  7. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +2 -2
  8. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +1 -1
  9. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb +3 -3
  10. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +19 -15
  11. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb +1 -1
  12. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +1 -1
  13. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +680 -680
  14. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +1 -1
  15. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +1 -1
  16. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +1 -1
  17. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +2 -2
  18. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb +12 -12
  19. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +1 -1
  20. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +3 -3
  21. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb.ut.rb +1 -1
  22. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +6 -6
  23. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb +2 -2
  24. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +4 -4
  25. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb +7 -7
  26. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb +2 -2
  27. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb.ut.rb +1 -1
  28. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb +5 -5
  29. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +6 -6
  30. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +20 -20
  31. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb.ut.rb +5 -5
  32. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +15 -15
  33. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +2 -2
  34. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb +5 -5
  35. data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +3 -3
  36. data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +3 -3
  37. data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +6 -6
  38. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +10 -10
  39. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +2 -2
  40. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +3 -3
  41. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +2 -2
  42. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb +3 -3
  43. data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +6 -6
  44. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +10 -5
  45. data/lib/rex/proto/smb/constants.rb +1 -1
  46. data/lib/rex/socket.rb +24 -7
  47. data/lib/rex/text.rb +15 -1
  48. data/lib/rex/text.rb.ut.rb +2 -0
  49. data/lib/rex/ui/text/output/stdio.rb +5 -1
  50. metadata +5 -5
@@ -150,12 +150,17 @@ class Console::CommandDispatcher::Stdapi::Sys
150
150
 
151
151
 
152
152
  #
153
- # Drop into a system shell as specified by %COMSPEC%
154
- #
153
+ # Drop into a system shell as specified by %COMSPEC% or
154
+ # as appropriate for the host.
155
155
  def cmd_shell(*args)
156
- path = client.fs.file.expand_path("%COMSPEC%")
157
- path = (path and not path.empty?) ? path : "cmd.exe"
158
- cmd_execute("-f", path, "-c", "-H", "-i", "-t")
156
+ if client.platform =~/win/
157
+ path = client.fs.file.expand_path("%COMSPEC%")
158
+ path = (path and not path.empty?) ? path : "cmd.exe"
159
+ cmd_execute("-f", path, "-c", "-H", "-i", "-t")
160
+ else
161
+ path = client.fs.file.expand_path("/bin/bash")
162
+ cmd_execute("-f", path, "-c", "-i")
163
+ end
159
164
  end
160
165
 
161
166
 
@@ -732,8 +732,8 @@ SMB_NTTRANS_HDR_PKT = Rex::Struct2::CStructTemplate.new(
732
732
  [ 'uint32v', 'DataCount', 0 ],
733
733
  [ 'uint32v', 'DataOffset', 0 ],
734
734
  [ 'uint8', 'SetupCount', 0 ],
735
- [ 'string', 'SetupData', nil, '' ],
736
735
  [ 'uint16v', 'Subcommand', 0 ],
736
+ [ 'string', 'SetupData', nil, '' ],
737
737
  [ 'uint16v', 'ByteCount', 0 ],
738
738
  [ 'string', 'Payload', nil, '' ]
739
739
  ).create_restraints(
@@ -73,6 +73,17 @@ module Socket
73
73
  def self.create_ip(opts = {})
74
74
  return create_param(Rex::Socket::Parameters.from_hash(opts.merge('Proto' => 'ip')))
75
75
  end
76
+
77
+
78
+ #
79
+ # Common Regular Expressions
80
+ #
81
+
82
+ MATCH_IPV6 = /^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$/
83
+
84
+ MATCH_IPV4 = /^\s*(?:(?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2}))\s*$/
85
+
86
+ MATCH_IPV4_PRIVATE = /^\s*(?:10\.|192\.168|172.(?:1[6-9]|2[0-9]|3[01])\.|169\.254)/
76
87
 
77
88
  ##
78
89
  #
@@ -108,6 +119,8 @@ module Socket
108
119
  # Determine whether this is an IPv4 address
109
120
  #
110
121
  def self.is_ipv4?(addr)
122
+ return false if addr =~ MATCH_IPV6
123
+ return true if addr =~ MATCH_IPV4
111
124
  res = Rex::Socket.getaddress(addr)
112
125
  res.match(/:/) ? false : true
113
126
  end
@@ -116,19 +129,23 @@ module Socket
116
129
  # Determine whether this is an IPv6 address
117
130
  #
118
131
  def self.is_ipv6?(addr)
132
+ return true if addr =~ MATCH_IPV6
133
+ return false if addr =~ MATCH_IPV4
119
134
  res = Rex::Socket.getaddress(addr)
120
135
  res.match(/:/) ? true : false
121
136
  end
122
137
 
123
138
  #
124
- # Checks to see if the supplied address is a dotted quad.
139
+ # Checks to see if the supplied address is in "dotted" form
125
140
  #
126
141
  def self.dotted_ip?(addr)
127
- # Assume anything with a colon is IPv6
128
- return true if (support_ipv6? and addr =~ /:/)
129
-
130
- # Otherwise assume this is IPv4
131
- (addr =~ /^(?:(?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2}))$/) ? true : false
142
+ # Match IPv6
143
+ return true if (support_ipv6? and addr =~ MATCH_IPV6)
144
+
145
+ # Match IPv4
146
+ return true if (addr =~ MATCH_IPV4)
147
+
148
+ false
132
149
  end
133
150
 
134
151
  #
@@ -137,7 +154,7 @@ module Socket
137
154
  #
138
155
  def self.is_internal?(addr)
139
156
  if self.dotted_ip?(addr)
140
- addr =~ /^(?:10\.|192\.168|172.(?:1[6-9]|2[0-9]|3[01])\.|169\.254)/
157
+ addr =~ MATCH_IPV4_PRIVATE
141
158
  else
142
159
  false
143
160
  end
@@ -94,6 +94,13 @@ module Text
94
94
  return hexify(str, wrap, '"', '" .', "my $#{name} = \n", '";')
95
95
  end
96
96
 
97
+ #
98
+ # Converts a raw string into a Bash buffer
99
+ #
100
+ def self.to_bash(str, wrap = DefaultWrap, name = "buf")
101
+ return hexify(str, wrap, '$\'', '\'\\', "export #{name}=\\\n", '\'')
102
+ end
103
+
97
104
  #
98
105
  # Converts a raw string into a java byte array
99
106
  #
@@ -124,6 +131,13 @@ module Text
124
131
  return wordwrap(str, 0, wrap, '', '# ')
125
132
  end
126
133
 
134
+ #
135
+ # Creates a Bash-style comment
136
+ #
137
+ def self.to_bash_comment(str, wrap = DefaultWrap)
138
+ return wordwrap(str, 0, wrap, '', '# ')
139
+ end
140
+
127
141
  #
128
142
  # Returns the raw string
129
143
  #
@@ -829,7 +843,7 @@ module Text
829
843
 
830
844
  # Return stupid uses
831
845
  return "" if length.to_i < 1
832
- return sets[0][0] * length if sets.size == 1 and sets[0].size == 1
846
+ return sets[0][0].chr * length if sets.size == 1 and sets[0].size == 1
833
847
 
834
848
  sets.length.times { offsets << 0 }
835
849
 
@@ -158,6 +158,7 @@ class Rex::Text::UnitTest < Test::Unit::TestCase
158
158
 
159
159
  assert_equal("buf = \n\"\\x01\\x02\\xff\\x00\"\n", Rex::Text.to_ruby(str), 'to_ruby')
160
160
  assert_equal("my $buf = \n\"\\x01\\x02\\xff\\x00\";\n", Rex::Text.to_perl(str), 'to_perl')
161
+ assert_equal("export buf=\\\n$'\\x01\\x02\\xff\\x00\'\n", Rex::Text.to_bash(str), 'to_bash')
161
162
  assert_equal("unsigned char buf[] = \n\"\\x01\\x02\\xff\\x00\";\n", Rex::Text.to_c(str), 'to_c')
162
163
 
163
164
  # 0 -> 20
@@ -165,6 +166,7 @@ class Rex::Text::UnitTest < Test::Unit::TestCase
165
166
 
166
167
  assert_equal("buf = \n\"\\x00\\x01\\x02\\x03\" +\n\"\\x04\\x05\\x06\\x07\" +\n\"\\x08\\x09\\x0a\\x0b\" +\n\"\\x0c\\x0d\\x0e\\x0f\" +\n\"\\x10\\x11\\x12\\x13\"\n", Rex::Text.to_ruby(str, 20), 'to_ruby with wrap')
167
168
  assert_equal("my $buf = \n\"\\x00\\x01\\x02\\x03\" .\n\"\\x04\\x05\\x06\\x07\" .\n\"\\x08\\x09\\x0a\\x0b\" .\n\"\\x0c\\x0d\\x0e\\x0f\" .\n\"\\x10\\x11\\x12\\x13\";\n", Rex::Text.to_perl(str, 20), 'to_perl with wrap')
169
+ assert_equal("export buf=\\\n$'\\x00\\x01\\x02\\x03\'\\\n$'\\x04\\x05\\x06\\x07\'\\\n$'\\x08\\x09\\x0a\\x0b'\\\n$'\\x0c\\x0d\\x0e\\x0f'\\\n$'\\x10\\x11\\x12\\x13\'\n", Rex::Text.to_bash(str, 20), 'to_bash with wrap')
168
170
  assert_equal("unsigned char buf[] = \n\"\\x00\\x01\\x02\\x03\\x04\"\n\"\\x05\\x06\\x07\\x08\\x09\"\n\"\\x0a\\x0b\\x0c\\x0d\\x0e\"\n\"\\x0f\\x10\\x11\\x12\\x13\";\n", Rex::Text.to_c(str, 20, "buf"), 'to_c with wrap')
169
171
  assert_equal("\\x0a", Rex::Text.to_hex("\n"), 'to_hex newline')
170
172
 
@@ -1,5 +1,9 @@
1
1
  require 'rex/ui'
2
- require 'windows_console_color_support'
2
+
3
+ begin
4
+ require 'windows_console_color_support'
5
+ rescue ::LoadError
6
+ end
3
7
 
4
8
  module Rex
5
9
  module Ui
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: librex
3
3
  version: !ruby/object:Gem::Version
4
- hash: 97
4
+ hash: 157
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 0
9
- - 63
10
- version: 0.0.63
9
+ - 65
10
+ version: 0.0.65
11
11
  platform: ruby
12
12
  authors:
13
13
  - HD Moore
@@ -16,11 +16,11 @@ autorequire:
16
16
  bindir: bin
17
17
  cert_chain: []
18
18
 
19
- date: 2011-11-08 00:00:00 -06:00
19
+ date: 2011-12-02 00:00:00 -06:00
20
20
  default_executable:
21
21
  dependencies: []
22
22
 
23
- description: Rex provides a variety of classes useful for security testing and exploit development. Based on SVN Revision 14187
23
+ description: Rex provides a variety of classes useful for security testing and exploit development. Based on SVN Revision 14335
24
24
  email:
25
25
  - hd_moore@rapid7.com
26
26
  - jacob.hammack@hammackj.com