librex 0.0.63 → 0.0.65
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.markdown +1 -1
- data/lib/rex/assembly/nasm.rb +4 -4
- data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +4 -4
- data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +2 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +1 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +27 -27
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +2 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +1 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb +3 -3
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +19 -15
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb +1 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +1 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +680 -680
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +1 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +1 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +1 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +2 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb +12 -12
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +1 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +3 -3
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb.ut.rb +1 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +6 -6
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb +2 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +4 -4
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb +7 -7
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb +2 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb.ut.rb +1 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb +5 -5
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +6 -6
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +20 -20
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb.ut.rb +5 -5
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +15 -15
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +2 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb +5 -5
- data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +3 -3
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +3 -3
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +6 -6
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +10 -10
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +2 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +3 -3
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +2 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb +3 -3
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +6 -6
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +10 -5
- data/lib/rex/proto/smb/constants.rb +1 -1
- data/lib/rex/socket.rb +24 -7
- data/lib/rex/text.rb +15 -1
- data/lib/rex/text.rb.ut.rb +2 -0
- data/lib/rex/ui/text/output/stdio.rb +5 -1
- metadata +5 -5
@@ -150,12 +150,17 @@ class Console::CommandDispatcher::Stdapi::Sys
|
|
150
150
|
|
151
151
|
|
152
152
|
#
|
153
|
-
# Drop into a system shell as specified by %COMSPEC%
|
154
|
-
#
|
153
|
+
# Drop into a system shell as specified by %COMSPEC% or
|
154
|
+
# as appropriate for the host.
|
155
155
|
def cmd_shell(*args)
|
156
|
-
|
157
|
-
|
158
|
-
|
156
|
+
if client.platform =~/win/
|
157
|
+
path = client.fs.file.expand_path("%COMSPEC%")
|
158
|
+
path = (path and not path.empty?) ? path : "cmd.exe"
|
159
|
+
cmd_execute("-f", path, "-c", "-H", "-i", "-t")
|
160
|
+
else
|
161
|
+
path = client.fs.file.expand_path("/bin/bash")
|
162
|
+
cmd_execute("-f", path, "-c", "-i")
|
163
|
+
end
|
159
164
|
end
|
160
165
|
|
161
166
|
|
@@ -732,8 +732,8 @@ SMB_NTTRANS_HDR_PKT = Rex::Struct2::CStructTemplate.new(
|
|
732
732
|
[ 'uint32v', 'DataCount', 0 ],
|
733
733
|
[ 'uint32v', 'DataOffset', 0 ],
|
734
734
|
[ 'uint8', 'SetupCount', 0 ],
|
735
|
-
[ 'string', 'SetupData', nil, '' ],
|
736
735
|
[ 'uint16v', 'Subcommand', 0 ],
|
736
|
+
[ 'string', 'SetupData', nil, '' ],
|
737
737
|
[ 'uint16v', 'ByteCount', 0 ],
|
738
738
|
[ 'string', 'Payload', nil, '' ]
|
739
739
|
).create_restraints(
|
data/lib/rex/socket.rb
CHANGED
@@ -73,6 +73,17 @@ module Socket
|
|
73
73
|
def self.create_ip(opts = {})
|
74
74
|
return create_param(Rex::Socket::Parameters.from_hash(opts.merge('Proto' => 'ip')))
|
75
75
|
end
|
76
|
+
|
77
|
+
|
78
|
+
#
|
79
|
+
# Common Regular Expressions
|
80
|
+
#
|
81
|
+
|
82
|
+
MATCH_IPV6 = /^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$/
|
83
|
+
|
84
|
+
MATCH_IPV4 = /^\s*(?:(?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})[.](?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2}))\s*$/
|
85
|
+
|
86
|
+
MATCH_IPV4_PRIVATE = /^\s*(?:10\.|192\.168|172.(?:1[6-9]|2[0-9]|3[01])\.|169\.254)/
|
76
87
|
|
77
88
|
##
|
78
89
|
#
|
@@ -108,6 +119,8 @@ module Socket
|
|
108
119
|
# Determine whether this is an IPv4 address
|
109
120
|
#
|
110
121
|
def self.is_ipv4?(addr)
|
122
|
+
return false if addr =~ MATCH_IPV6
|
123
|
+
return true if addr =~ MATCH_IPV4
|
111
124
|
res = Rex::Socket.getaddress(addr)
|
112
125
|
res.match(/:/) ? false : true
|
113
126
|
end
|
@@ -116,19 +129,23 @@ module Socket
|
|
116
129
|
# Determine whether this is an IPv6 address
|
117
130
|
#
|
118
131
|
def self.is_ipv6?(addr)
|
132
|
+
return true if addr =~ MATCH_IPV6
|
133
|
+
return false if addr =~ MATCH_IPV4
|
119
134
|
res = Rex::Socket.getaddress(addr)
|
120
135
|
res.match(/:/) ? true : false
|
121
136
|
end
|
122
137
|
|
123
138
|
#
|
124
|
-
# Checks to see if the supplied address is
|
139
|
+
# Checks to see if the supplied address is in "dotted" form
|
125
140
|
#
|
126
141
|
def self.dotted_ip?(addr)
|
127
|
-
#
|
128
|
-
return true if (support_ipv6? and addr =~
|
129
|
-
|
130
|
-
#
|
131
|
-
(addr =~
|
142
|
+
# Match IPv6
|
143
|
+
return true if (support_ipv6? and addr =~ MATCH_IPV6)
|
144
|
+
|
145
|
+
# Match IPv4
|
146
|
+
return true if (addr =~ MATCH_IPV4)
|
147
|
+
|
148
|
+
false
|
132
149
|
end
|
133
150
|
|
134
151
|
#
|
@@ -137,7 +154,7 @@ module Socket
|
|
137
154
|
#
|
138
155
|
def self.is_internal?(addr)
|
139
156
|
if self.dotted_ip?(addr)
|
140
|
-
addr =~
|
157
|
+
addr =~ MATCH_IPV4_PRIVATE
|
141
158
|
else
|
142
159
|
false
|
143
160
|
end
|
data/lib/rex/text.rb
CHANGED
@@ -94,6 +94,13 @@ module Text
|
|
94
94
|
return hexify(str, wrap, '"', '" .', "my $#{name} = \n", '";')
|
95
95
|
end
|
96
96
|
|
97
|
+
#
|
98
|
+
# Converts a raw string into a Bash buffer
|
99
|
+
#
|
100
|
+
def self.to_bash(str, wrap = DefaultWrap, name = "buf")
|
101
|
+
return hexify(str, wrap, '$\'', '\'\\', "export #{name}=\\\n", '\'')
|
102
|
+
end
|
103
|
+
|
97
104
|
#
|
98
105
|
# Converts a raw string into a java byte array
|
99
106
|
#
|
@@ -124,6 +131,13 @@ module Text
|
|
124
131
|
return wordwrap(str, 0, wrap, '', '# ')
|
125
132
|
end
|
126
133
|
|
134
|
+
#
|
135
|
+
# Creates a Bash-style comment
|
136
|
+
#
|
137
|
+
def self.to_bash_comment(str, wrap = DefaultWrap)
|
138
|
+
return wordwrap(str, 0, wrap, '', '# ')
|
139
|
+
end
|
140
|
+
|
127
141
|
#
|
128
142
|
# Returns the raw string
|
129
143
|
#
|
@@ -829,7 +843,7 @@ module Text
|
|
829
843
|
|
830
844
|
# Return stupid uses
|
831
845
|
return "" if length.to_i < 1
|
832
|
-
return sets[0][0] * length if sets.size == 1 and sets[0].size == 1
|
846
|
+
return sets[0][0].chr * length if sets.size == 1 and sets[0].size == 1
|
833
847
|
|
834
848
|
sets.length.times { offsets << 0 }
|
835
849
|
|
data/lib/rex/text.rb.ut.rb
CHANGED
@@ -158,6 +158,7 @@ class Rex::Text::UnitTest < Test::Unit::TestCase
|
|
158
158
|
|
159
159
|
assert_equal("buf = \n\"\\x01\\x02\\xff\\x00\"\n", Rex::Text.to_ruby(str), 'to_ruby')
|
160
160
|
assert_equal("my $buf = \n\"\\x01\\x02\\xff\\x00\";\n", Rex::Text.to_perl(str), 'to_perl')
|
161
|
+
assert_equal("export buf=\\\n$'\\x01\\x02\\xff\\x00\'\n", Rex::Text.to_bash(str), 'to_bash')
|
161
162
|
assert_equal("unsigned char buf[] = \n\"\\x01\\x02\\xff\\x00\";\n", Rex::Text.to_c(str), 'to_c')
|
162
163
|
|
163
164
|
# 0 -> 20
|
@@ -165,6 +166,7 @@ class Rex::Text::UnitTest < Test::Unit::TestCase
|
|
165
166
|
|
166
167
|
assert_equal("buf = \n\"\\x00\\x01\\x02\\x03\" +\n\"\\x04\\x05\\x06\\x07\" +\n\"\\x08\\x09\\x0a\\x0b\" +\n\"\\x0c\\x0d\\x0e\\x0f\" +\n\"\\x10\\x11\\x12\\x13\"\n", Rex::Text.to_ruby(str, 20), 'to_ruby with wrap')
|
167
168
|
assert_equal("my $buf = \n\"\\x00\\x01\\x02\\x03\" .\n\"\\x04\\x05\\x06\\x07\" .\n\"\\x08\\x09\\x0a\\x0b\" .\n\"\\x0c\\x0d\\x0e\\x0f\" .\n\"\\x10\\x11\\x12\\x13\";\n", Rex::Text.to_perl(str, 20), 'to_perl with wrap')
|
169
|
+
assert_equal("export buf=\\\n$'\\x00\\x01\\x02\\x03\'\\\n$'\\x04\\x05\\x06\\x07\'\\\n$'\\x08\\x09\\x0a\\x0b'\\\n$'\\x0c\\x0d\\x0e\\x0f'\\\n$'\\x10\\x11\\x12\\x13\'\n", Rex::Text.to_bash(str, 20), 'to_bash with wrap')
|
168
170
|
assert_equal("unsigned char buf[] = \n\"\\x00\\x01\\x02\\x03\\x04\"\n\"\\x05\\x06\\x07\\x08\\x09\"\n\"\\x0a\\x0b\\x0c\\x0d\\x0e\"\n\"\\x0f\\x10\\x11\\x12\\x13\";\n", Rex::Text.to_c(str, 20, "buf"), 'to_c with wrap')
|
169
171
|
assert_equal("\\x0a", Rex::Text.to_hex("\n"), 'to_hex newline')
|
170
172
|
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: librex
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 157
|
5
5
|
prerelease:
|
6
6
|
segments:
|
7
7
|
- 0
|
8
8
|
- 0
|
9
|
-
-
|
10
|
-
version: 0.0.
|
9
|
+
- 65
|
10
|
+
version: 0.0.65
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- HD Moore
|
@@ -16,11 +16,11 @@ autorequire:
|
|
16
16
|
bindir: bin
|
17
17
|
cert_chain: []
|
18
18
|
|
19
|
-
date: 2011-
|
19
|
+
date: 2011-12-02 00:00:00 -06:00
|
20
20
|
default_executable:
|
21
21
|
dependencies: []
|
22
22
|
|
23
|
-
description: Rex provides a variety of classes useful for security testing and exploit development. Based on SVN Revision
|
23
|
+
description: Rex provides a variety of classes useful for security testing and exploit development. Based on SVN Revision 14335
|
24
24
|
email:
|
25
25
|
- hd_moore@rapid7.com
|
26
26
|
- jacob.hammack@hammackj.com
|