librex 0.0.65 → 0.0.66

Sign up to get free protection for your applications and to get access to all the features.
Files changed (482) hide show
  1. data/README.markdown +1 -1
  2. data/lib/rex/arch.rb +1 -0
  3. data/lib/rex/arch/sparc.rb +16 -15
  4. data/lib/rex/arch/sparc.rb.ut.rb +2 -1
  5. data/lib/rex/arch/x86.rb +1 -0
  6. data/lib/rex/arch/x86.rb.ut.rb +2 -1
  7. data/lib/rex/assembly/nasm.rb +1 -0
  8. data/lib/rex/assembly/nasm.rb.ut.rb +2 -1
  9. data/lib/rex/compat.rb +13 -0
  10. data/lib/rex/constants.rb +5 -4
  11. data/lib/rex/elfparsey.rb +3 -2
  12. data/lib/rex/elfparsey/elf.rb +2 -1
  13. data/lib/rex/elfparsey/elfbase.rb +8 -7
  14. data/lib/rex/elfparsey/exceptions.rb +3 -2
  15. data/lib/rex/elfscan.rb +3 -2
  16. data/lib/rex/elfscan/scanner.rb +2 -1
  17. data/lib/rex/elfscan/search.rb +2 -1
  18. data/lib/rex/encoder/alpha2.rb +2 -1
  19. data/lib/rex/encoder/alpha2/alpha_mixed.rb +3 -2
  20. data/lib/rex/encoder/alpha2/alpha_upper.rb +5 -4
  21. data/lib/rex/encoder/alpha2/generic.rb +37 -60
  22. data/lib/rex/encoder/alpha2/unicode_mixed.rb +4 -9
  23. data/lib/rex/encoder/alpha2/unicode_upper.rb +4 -9
  24. data/lib/rex/encoder/ndr.rb +1 -0
  25. data/lib/rex/encoder/ndr.rb.ut.rb +2 -1
  26. data/lib/rex/encoder/nonalpha.rb +1 -0
  27. data/lib/rex/encoder/nonupper.rb +1 -0
  28. data/lib/rex/encoder/xdr.rb +9 -8
  29. data/lib/rex/encoder/xdr.rb.ut.rb +2 -1
  30. data/lib/rex/encoder/xor.rb +1 -0
  31. data/lib/rex/encoder/xor/dword.rb +2 -1
  32. data/lib/rex/encoder/xor/dword_additive.rb +2 -1
  33. data/lib/rex/encoders/xor_dword.rb +1 -0
  34. data/lib/rex/encoders/xor_dword_additive.rb +2 -1
  35. data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +2 -1
  36. data/lib/rex/encoding/xor.rb +2 -1
  37. data/lib/rex/encoding/xor.rb.ts.rb +2 -1
  38. data/lib/rex/encoding/xor/byte.rb +2 -1
  39. data/lib/rex/encoding/xor/byte.rb.ut.rb +2 -1
  40. data/lib/rex/encoding/xor/dword.rb +2 -1
  41. data/lib/rex/encoding/xor/dword.rb.ut.rb +2 -1
  42. data/lib/rex/encoding/xor/dword_additive.rb +1 -0
  43. data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +2 -1
  44. data/lib/rex/encoding/xor/exceptions.rb +1 -0
  45. data/lib/rex/encoding/xor/generic.rb +1 -0
  46. data/lib/rex/encoding/xor/generic.rb.ut.rb +2 -1
  47. data/lib/rex/encoding/xor/qword.rb +2 -1
  48. data/lib/rex/encoding/xor/word.rb +2 -1
  49. data/lib/rex/encoding/xor/word.rb.ut.rb +2 -1
  50. data/lib/rex/exceptions.rb +1 -0
  51. data/lib/rex/exceptions.rb.ut.rb +2 -1
  52. data/lib/rex/exploitation/cmdstager.rb +2 -1
  53. data/lib/rex/exploitation/cmdstager/base.rb +1 -0
  54. data/lib/rex/exploitation/cmdstager/debug_asm.rb +2 -1
  55. data/lib/rex/exploitation/cmdstager/debug_write.rb +2 -1
  56. data/lib/rex/exploitation/cmdstager/tftp.rb +2 -1
  57. data/lib/rex/exploitation/cmdstager/vbs.rb +2 -1
  58. data/lib/rex/exploitation/egghunter.rb +12 -11
  59. data/lib/rex/exploitation/egghunter.rb.ut.rb +2 -1
  60. data/lib/rex/exploitation/encryptjs.rb +1 -0
  61. data/lib/rex/exploitation/heaplib.rb +1 -0
  62. data/lib/rex/exploitation/javascriptosdetect.js +1014 -0
  63. data/lib/rex/exploitation/javascriptosdetect.rb +4 -857
  64. data/lib/rex/exploitation/jsobfu.rb +2 -1
  65. data/lib/rex/exploitation/obfuscatejs.rb +1 -0
  66. data/lib/rex/exploitation/omelet.rb +1 -0
  67. data/lib/rex/exploitation/omelet.rb.ut.rb +1 -0
  68. data/lib/rex/exploitation/opcodedb.rb +12 -11
  69. data/lib/rex/exploitation/opcodedb.rb.ut.rb +2 -1
  70. data/lib/rex/exploitation/seh.rb +3 -2
  71. data/lib/rex/exploitation/seh.rb.ut.rb +2 -1
  72. data/lib/rex/file.rb +4 -3
  73. data/lib/rex/file.rb.ut.rb +2 -1
  74. data/lib/rex/image_source.rb +3 -2
  75. data/lib/rex/image_source/disk.rb +3 -2
  76. data/lib/rex/image_source/image_source.rb +3 -2
  77. data/lib/rex/image_source/memory.rb +3 -2
  78. data/lib/rex/io/bidirectional_pipe.rb +1 -0
  79. data/lib/rex/io/datagram_abstraction.rb +2 -1
  80. data/lib/rex/io/ring_buffer.rb +49 -44
  81. data/lib/rex/io/ring_buffer.rb.ut.rb +4 -3
  82. data/lib/rex/io/stream.rb +1 -0
  83. data/lib/rex/io/stream_abstraction.rb +1 -0
  84. data/lib/rex/io/stream_server.rb +1 -0
  85. data/lib/rex/job_container.rb +1 -0
  86. data/lib/rex/logging.rb +2 -1
  87. data/lib/rex/logging/log_dispatcher.rb +5 -4
  88. data/lib/rex/logging/log_sink.rb +2 -1
  89. data/lib/rex/logging/sinks/flatfile.rb +4 -3
  90. data/lib/rex/logging/sinks/stderr.rb +2 -1
  91. data/lib/rex/machparsey.rb +2 -1
  92. data/lib/rex/machparsey/exceptions.rb +2 -1
  93. data/lib/rex/machparsey/mach.rb +20 -19
  94. data/lib/rex/machparsey/machbase.rb +27 -26
  95. data/lib/rex/machscan.rb +2 -1
  96. data/lib/rex/machscan/scanner.rb +1 -0
  97. data/lib/rex/mime.rb +2 -1
  98. data/lib/rex/mime/header.rb +1 -0
  99. data/lib/rex/mime/message.rb +4 -1
  100. data/lib/rex/mime/part.rb +2 -1
  101. data/lib/rex/nop/opty2.rb +2 -1
  102. data/lib/rex/nop/opty2.rb.ut.rb +2 -1
  103. data/lib/rex/nop/opty2_tables.rb +1 -0
  104. data/lib/rex/ole.rb +3 -2
  105. data/lib/rex/ole/clsid.rb +3 -2
  106. data/lib/rex/ole/difat.rb +3 -2
  107. data/lib/rex/ole/directory.rb +3 -2
  108. data/lib/rex/ole/direntry.rb +3 -2
  109. data/lib/rex/ole/fat.rb +3 -2
  110. data/lib/rex/ole/header.rb +3 -2
  111. data/lib/rex/ole/minifat.rb +3 -2
  112. data/lib/rex/ole/propset.rb +4 -3
  113. data/lib/rex/ole/samples/create_ole.rb +1 -0
  114. data/lib/rex/ole/samples/dir.rb +1 -0
  115. data/lib/rex/ole/samples/dump_stream.rb +1 -0
  116. data/lib/rex/ole/samples/ole_info.rb +1 -0
  117. data/lib/rex/ole/storage.rb +3 -2
  118. data/lib/rex/ole/stream.rb +3 -2
  119. data/lib/rex/ole/substorage.rb +3 -2
  120. data/lib/rex/ole/util.rb +3 -2
  121. data/lib/rex/parser/acunetix_nokogiri.rb +13 -12
  122. data/lib/rex/parser/apple_backup_manifestdb.rb +20 -19
  123. data/lib/rex/parser/appscan_nokogiri.rb +17 -16
  124. data/lib/rex/parser/arguments.rb +2 -1
  125. data/lib/rex/parser/arguments.rb.ut.rb +2 -1
  126. data/lib/rex/parser/burp_session_nokogiri.rb +8 -7
  127. data/lib/rex/parser/ci_nokogiri.rb +4 -3
  128. data/lib/rex/parser/foundstone_nokogiri.rb +18 -17
  129. data/lib/rex/parser/fusionvm_nokogiri.rb +109 -0
  130. data/lib/rex/parser/ini.rb +1 -0
  131. data/lib/rex/parser/ini.rb.ut.rb +2 -1
  132. data/lib/rex/parser/ip360_aspl_xml.rb +1 -0
  133. data/lib/rex/parser/ip360_xml.rb +4 -3
  134. data/lib/rex/parser/mbsa_nokogiri.rb +8 -7
  135. data/lib/rex/parser/nessus_xml.rb +3 -2
  136. data/lib/rex/parser/netsparker_xml.rb +10 -9
  137. data/lib/rex/parser/nexpose_raw_nokogiri.rb +372 -52
  138. data/lib/rex/parser/nexpose_simple_nokogiri.rb +8 -7
  139. data/lib/rex/parser/nexpose_xml.rb +1 -0
  140. data/lib/rex/parser/nmap_nokogiri.rb +63 -33
  141. data/lib/rex/parser/nmap_xml.rb +1 -0
  142. data/lib/rex/parser/nokogiri_doc_mixin.rb +35 -15
  143. data/lib/rex/parser/openvas_nokogiri.rb +172 -0
  144. data/lib/rex/parser/retina_xml.rb +1 -0
  145. data/lib/rex/parser/wapiti_nokogiri.rb +105 -0
  146. data/lib/rex/payloads.rb +2 -1
  147. data/lib/rex/payloads/win32.rb +2 -1
  148. data/lib/rex/payloads/win32/common.rb +2 -1
  149. data/lib/rex/payloads/win32/kernel.rb +2 -1
  150. data/lib/rex/payloads/win32/kernel/common.rb +4 -3
  151. data/lib/rex/payloads/win32/kernel/migration.rb +2 -1
  152. data/lib/rex/payloads/win32/kernel/recovery.rb +2 -1
  153. data/lib/rex/payloads/win32/kernel/stager.rb +21 -20
  154. data/lib/rex/peparsey.rb +3 -2
  155. data/lib/rex/peparsey/exceptions.rb +2 -1
  156. data/lib/rex/peparsey/pe.rb +3 -2
  157. data/lib/rex/peparsey/pe_memdump.rb +2 -1
  158. data/lib/rex/peparsey/pebase.rb +2 -1
  159. data/lib/rex/peparsey/section.rb +2 -1
  160. data/lib/rex/pescan.rb +3 -2
  161. data/lib/rex/pescan/analyze.rb +1 -0
  162. data/lib/rex/pescan/scanner.rb +1 -0
  163. data/lib/rex/pescan/search.rb +1 -0
  164. data/lib/rex/platforms.rb +2 -1
  165. data/lib/rex/platforms/windows.rb +2 -1
  166. data/lib/rex/poly.rb +2 -1
  167. data/lib/rex/poly/block.rb +16 -15
  168. data/lib/rex/poly/register.rb +2 -1
  169. data/lib/rex/poly/register/x86.rb +2 -1
  170. data/lib/rex/post.rb +2 -2
  171. data/lib/rex/post/dir.rb +2 -1
  172. data/lib/rex/post/file.rb +1 -0
  173. data/lib/rex/post/file_stat.rb +1 -0
  174. data/lib/rex/post/io.rb +2 -1
  175. data/lib/rex/post/meterpreter.rb +2 -1
  176. data/lib/rex/post/meterpreter/channel.rb +1 -0
  177. data/lib/rex/post/meterpreter/channel_container.rb +2 -1
  178. data/lib/rex/post/meterpreter/channels/pool.rb +1 -0
  179. data/lib/rex/post/meterpreter/channels/pools/file.rb +1 -0
  180. data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +3 -2
  181. data/lib/rex/post/meterpreter/channels/stream.rb +1 -0
  182. data/lib/rex/post/meterpreter/client.rb +23 -1
  183. data/lib/rex/post/meterpreter/client_core.rb +10 -5
  184. data/lib/rex/post/meterpreter/dependencies.rb +2 -1
  185. data/lib/rex/post/meterpreter/extension.rb +2 -1
  186. data/lib/rex/post/meterpreter/extensions/espia/espia.rb +7 -6
  187. data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +2 -1
  188. data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +5 -4
  189. data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +2 -1
  190. data/lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb +1 -0
  191. data/lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb +1 -0
  192. data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +7 -6
  193. data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +1 -0
  194. data/lib/rex/post/meterpreter/extensions/priv/fs.rb +2 -1
  195. data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +2 -1
  196. data/lib/rex/post/meterpreter/extensions/priv/priv.rb +1 -0
  197. data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +2 -1
  198. data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +28 -11
  199. data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +1 -0
  200. data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +6 -5
  201. data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +1 -0
  202. data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +3 -2
  203. data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +1 -0
  204. data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +2 -1
  205. data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +39 -5
  206. data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +75 -18
  207. data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +18 -6
  208. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +1 -0
  209. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +1 -0
  210. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +1 -0
  211. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +1 -0
  212. data/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb +4 -1
  213. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +1 -0
  214. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb +1 -0
  215. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +1 -0
  216. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb +1 -0
  217. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +1 -0
  218. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb +1 -0
  219. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +1 -0
  220. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +1 -0
  221. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +12 -0
  222. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +1 -0
  223. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +1 -0
  224. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +1 -0
  225. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb +1 -0
  226. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +7 -0
  227. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +1 -0
  228. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb.ut.rb +1 -0
  229. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +1 -0
  230. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb +1 -0
  231. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +1 -0
  232. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb +1 -0
  233. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb +1 -0
  234. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb.ut.rb +1 -0
  235. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb +1 -0
  236. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +1 -0
  237. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb +23 -0
  238. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb.ut.rb +29 -0
  239. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +10 -5
  240. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb.ut.rb +9 -0
  241. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb +1 -0
  242. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb +106 -0
  243. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb.ut.rb +128 -0
  244. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +1 -0
  245. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +27 -6
  246. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb +21 -0
  247. data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +1 -0
  248. data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +1 -0
  249. data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +1 -0
  250. data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +1 -0
  251. data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +2 -1
  252. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +43 -4
  253. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +1 -0
  254. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +2 -1
  255. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +1 -0
  256. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +1 -0
  257. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +1 -0
  258. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +1 -0
  259. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +1 -0
  260. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb +1 -0
  261. data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +1 -0
  262. data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +7 -0
  263. data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +14 -13
  264. data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +1 -0
  265. data/lib/rex/post/meterpreter/inbound_packet_handler.rb +2 -1
  266. data/lib/rex/post/meterpreter/object_aliases.rb +6 -5
  267. data/lib/rex/post/meterpreter/packet.rb +26 -6
  268. data/lib/rex/post/meterpreter/packet_dispatcher.rb +1 -0
  269. data/lib/rex/post/meterpreter/packet_parser.rb +1 -0
  270. data/lib/rex/post/meterpreter/packet_response_waiter.rb +1 -0
  271. data/lib/rex/post/meterpreter/ui/console.rb +1 -0
  272. data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +1 -0
  273. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +103 -28
  274. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +1 -0
  275. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +1 -0
  276. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +1 -0
  277. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +3 -2
  278. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +12 -11
  279. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +2 -1
  280. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +2 -1
  281. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +53 -36
  282. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +3 -2
  283. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +87 -44
  284. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +80 -18
  285. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +77 -48
  286. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +72 -41
  287. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +24 -5
  288. data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +2 -1
  289. data/lib/rex/post/permission.rb +2 -1
  290. data/lib/rex/post/process.rb +2 -1
  291. data/lib/rex/post/thread.rb +2 -1
  292. data/lib/rex/post/ui.rb +2 -1
  293. data/lib/rex/proto.rb +1 -0
  294. data/lib/rex/proto.rb.ts.rb +2 -1
  295. data/lib/rex/proto/dcerpc.rb +2 -1
  296. data/lib/rex/proto/dcerpc.rb.ts.rb +2 -1
  297. data/lib/rex/proto/dcerpc/client.rb +1 -0
  298. data/lib/rex/proto/dcerpc/client.rb.ut.rb +1 -0
  299. data/lib/rex/proto/dcerpc/exceptions.rb +2 -1
  300. data/lib/rex/proto/dcerpc/handle.rb +1 -0
  301. data/lib/rex/proto/dcerpc/handle.rb.ut.rb +2 -1
  302. data/lib/rex/proto/dcerpc/ndr.rb +2 -1
  303. data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +2 -1
  304. data/lib/rex/proto/dcerpc/packet.rb +52 -45
  305. data/lib/rex/proto/dcerpc/packet.rb.ut.rb +12 -11
  306. data/lib/rex/proto/dcerpc/response.rb +1 -0
  307. data/lib/rex/proto/dcerpc/response.rb.ut.rb +2 -1
  308. data/lib/rex/proto/dcerpc/uuid.rb +13 -12
  309. data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +2 -1
  310. data/lib/rex/proto/dhcp.rb +2 -1
  311. data/lib/rex/proto/dhcp/constants.rb +2 -1
  312. data/lib/rex/proto/dhcp/server.rb +4 -3
  313. data/lib/rex/proto/drda.rb +1 -0
  314. data/lib/rex/proto/drda.rb.ts.rb +1 -0
  315. data/lib/rex/proto/drda/constants.rb +1 -0
  316. data/lib/rex/proto/drda/constants.rb.ut.rb +1 -0
  317. data/lib/rex/proto/drda/packet.rb +11 -10
  318. data/lib/rex/proto/drda/packet.rb.ut.rb +5 -4
  319. data/lib/rex/proto/drda/utils.rb +4 -3
  320. data/lib/rex/proto/drda/utils.rb.ut.rb +3 -2
  321. data/lib/rex/proto/http.rb +2 -1
  322. data/lib/rex/proto/http.rb.ts.rb +2 -1
  323. data/lib/rex/proto/http/client.rb +29 -5
  324. data/lib/rex/proto/http/client.rb.ut.rb +1 -0
  325. data/lib/rex/proto/http/handler.rb +2 -1
  326. data/lib/rex/proto/http/handler/erb.rb +5 -4
  327. data/lib/rex/proto/http/handler/erb.rb.ut.rb +2 -1
  328. data/lib/rex/proto/http/handler/proc.rb +1 -0
  329. data/lib/rex/proto/http/handler/proc.rb.ut.rb +2 -1
  330. data/lib/rex/proto/http/header.rb +3 -3
  331. data/lib/rex/proto/http/header.rb.ut.rb +2 -1
  332. data/lib/rex/proto/http/packet.rb +1 -0
  333. data/lib/rex/proto/http/packet.rb.ut.rb +15 -14
  334. data/lib/rex/proto/http/request.rb +23 -22
  335. data/lib/rex/proto/http/request.rb.ut.rb +2 -1
  336. data/lib/rex/proto/http/response.rb +6 -5
  337. data/lib/rex/proto/http/response.rb.ut.rb +7 -6
  338. data/lib/rex/proto/http/server.rb +1 -0
  339. data/lib/rex/proto/http/server.rb.ut.rb +6 -5
  340. data/lib/rex/proto/iax2.rb +1 -0
  341. data/lib/rex/proto/iax2/call.rb +48 -47
  342. data/lib/rex/proto/iax2/client.rb +23 -22
  343. data/lib/rex/proto/iax2/codecs.rb +1 -0
  344. data/lib/rex/proto/iax2/codecs/alaw.rb +1 -0
  345. data/lib/rex/proto/iax2/codecs/g711.rb +4 -3
  346. data/lib/rex/proto/iax2/codecs/mulaw.rb +1 -0
  347. data/lib/rex/proto/iax2/constants.rb +1 -0
  348. data/lib/rex/proto/natpmp.rb +11 -0
  349. data/lib/rex/proto/natpmp/constants.rb +19 -0
  350. data/lib/rex/proto/natpmp/packet.rb +45 -0
  351. data/lib/rex/proto/ntlm.rb +1 -0
  352. data/lib/rex/proto/ntlm.rb.ut.rb +1 -0
  353. data/lib/rex/proto/ntlm/base.rb +38 -37
  354. data/lib/rex/proto/ntlm/constants.rb +1 -0
  355. data/lib/rex/proto/ntlm/crypt.rb +45 -44
  356. data/lib/rex/proto/ntlm/exceptions.rb +1 -0
  357. data/lib/rex/proto/ntlm/message.rb +30 -29
  358. data/lib/rex/proto/ntlm/utils.rb +116 -115
  359. data/lib/rex/proto/proxy/socks4a.rb +1 -0
  360. data/lib/rex/proto/rfb.rb +1 -0
  361. data/lib/rex/proto/rfb.rb.ut.rb +1 -0
  362. data/lib/rex/proto/rfb/cipher.rb +1 -0
  363. data/lib/rex/proto/rfb/client.rb +1 -0
  364. data/lib/rex/proto/rfb/constants.rb +1 -0
  365. data/lib/rex/proto/smb.rb +2 -1
  366. data/lib/rex/proto/smb.rb.ts.rb +2 -1
  367. data/lib/rex/proto/smb/client.rb +23 -22
  368. data/lib/rex/proto/smb/client.rb.ut.rb +1 -0
  369. data/lib/rex/proto/smb/constants.rb +1 -0
  370. data/lib/rex/proto/smb/constants.rb.ut.rb +2 -1
  371. data/lib/rex/proto/smb/crypt.rb +3 -2
  372. data/lib/rex/proto/smb/evasions.rb +1 -0
  373. data/lib/rex/proto/smb/exceptions.rb +6 -5
  374. data/lib/rex/proto/smb/simpleclient.rb +1 -0
  375. data/lib/rex/proto/smb/simpleclient.rb.ut.rb +1 -0
  376. data/lib/rex/proto/smb/utils.rb +1 -0
  377. data/lib/rex/proto/smb/utils.rb.ut.rb +2 -1
  378. data/lib/rex/proto/sunrpc.rb +1 -0
  379. data/lib/rex/proto/sunrpc/client.rb +1 -0
  380. data/lib/rex/proto/tftp.rb +3 -1
  381. data/lib/rex/proto/tftp/client.rb +344 -0
  382. data/lib/rex/proto/tftp/constants.rb +2 -1
  383. data/lib/rex/proto/tftp/server.rb +2 -1
  384. data/lib/rex/proto/tftp/server.rb.ut.rb +3 -2
  385. data/lib/rex/registry.rb +14 -0
  386. data/lib/rex/registry/hive.rb +132 -0
  387. data/lib/rex/registry/lfkey.rb +51 -0
  388. data/lib/rex/registry/nodekey.rb +54 -0
  389. data/lib/rex/registry/regf.rb +25 -0
  390. data/lib/rex/registry/valuekey.rb +67 -0
  391. data/lib/rex/registry/valuelist.rb +29 -0
  392. data/lib/rex/ropbuilder.rb +2 -1
  393. data/lib/rex/ropbuilder/rop.rb +3 -2
  394. data/lib/rex/script.rb +1 -0
  395. data/lib/rex/script/base.rb +1 -0
  396. data/lib/rex/script/meterpreter.rb +1 -0
  397. data/lib/rex/script/shell.rb +1 -0
  398. data/lib/rex/service.rb +2 -1
  399. data/lib/rex/service_manager.rb +6 -5
  400. data/lib/rex/service_manager.rb.ut.rb +2 -1
  401. data/lib/rex/services/local_relay.rb +1 -0
  402. data/lib/rex/socket.rb +72 -36
  403. data/lib/rex/socket.rb.ut.rb +1 -0
  404. data/lib/rex/socket/comm.rb +1 -0
  405. data/lib/rex/socket/comm/local.rb +60 -13
  406. data/lib/rex/socket/comm/local.rb.ut.rb +2 -1
  407. data/lib/rex/socket/ip.rb +1 -0
  408. data/lib/rex/socket/parameters.rb +15 -14
  409. data/lib/rex/socket/parameters.rb.ut.rb +2 -1
  410. data/lib/rex/socket/range_walker.rb +71 -26
  411. data/lib/rex/socket/range_walker.rb.ut.rb +2 -1
  412. data/lib/rex/socket/ssl_tcp.rb +1 -0
  413. data/lib/rex/socket/ssl_tcp.rb.ut.rb +2 -1
  414. data/lib/rex/socket/ssl_tcp_server.rb +1 -0
  415. data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +1 -0
  416. data/lib/rex/socket/subnet_walker.rb +1 -0
  417. data/lib/rex/socket/subnet_walker.rb.ut.rb +2 -1
  418. data/lib/rex/socket/switch_board.rb +1 -0
  419. data/lib/rex/socket/switch_board.rb.ut.rb +2 -1
  420. data/lib/rex/socket/tcp.rb +4 -3
  421. data/lib/rex/socket/tcp.rb.ut.rb +2 -1
  422. data/lib/rex/socket/tcp_server.rb +1 -0
  423. data/lib/rex/socket/tcp_server.rb.ut.rb +2 -1
  424. data/lib/rex/socket/udp.rb +2 -1
  425. data/lib/rex/socket/udp.rb.ut.rb +2 -1
  426. data/lib/rex/struct2.rb +2 -1
  427. data/lib/rex/struct2/c_struct.rb +2 -1
  428. data/lib/rex/struct2/c_struct_template.rb +2 -1
  429. data/lib/rex/struct2/constant.rb +2 -1
  430. data/lib/rex/struct2/element.rb +2 -1
  431. data/lib/rex/struct2/generic.rb +1 -0
  432. data/lib/rex/struct2/restraint.rb +2 -1
  433. data/lib/rex/struct2/s_string.rb +1 -0
  434. data/lib/rex/struct2/s_struct.rb +1 -0
  435. data/lib/rex/sync.rb +2 -1
  436. data/lib/rex/sync/event.rb +1 -0
  437. data/lib/rex/sync/read_write_lock.rb +1 -0
  438. data/lib/rex/sync/ref.rb +2 -1
  439. data/lib/rex/sync/thread_safe.rb +2 -1
  440. data/lib/rex/test.rb +2 -1
  441. data/lib/rex/text.rb +136 -19
  442. data/lib/rex/text.rb.ut.rb +1 -0
  443. data/lib/rex/thread_factory.rb +5 -4
  444. data/lib/rex/time.rb +2 -1
  445. data/lib/rex/transformer.rb +1 -0
  446. data/lib/rex/transformer.rb.ut.rb +2 -1
  447. data/lib/rex/ui.rb +2 -1
  448. data/lib/rex/ui/interactive.rb +10 -9
  449. data/lib/rex/ui/output.rb +1 -0
  450. data/lib/rex/ui/output/none.rb +2 -1
  451. data/lib/rex/ui/progress_tracker.rb +2 -1
  452. data/lib/rex/ui/subscriber.rb +9 -8
  453. data/lib/rex/ui/text/color.rb +1 -0
  454. data/lib/rex/ui/text/color.rb.ut.rb +1 -0
  455. data/lib/rex/ui/text/dispatcher_shell.rb +63 -23
  456. data/lib/rex/ui/text/input.rb +1 -0
  457. data/lib/rex/ui/text/input/buffer.rb +7 -6
  458. data/lib/rex/ui/text/input/readline.rb +14 -13
  459. data/lib/rex/ui/text/input/socket.rb +1 -0
  460. data/lib/rex/ui/text/input/stdio.rb +2 -1
  461. data/lib/rex/ui/text/irb_shell.rb +1 -0
  462. data/lib/rex/ui/text/output.rb +1 -0
  463. data/lib/rex/ui/text/output/buffer.rb +1 -0
  464. data/lib/rex/ui/text/output/file.rb +1 -0
  465. data/lib/rex/ui/text/output/socket.rb +1 -0
  466. data/lib/rex/ui/text/output/stdio.rb +1 -0
  467. data/lib/rex/ui/text/output/tee.rb +1 -0
  468. data/lib/rex/ui/text/progress_tracker.rb +2 -1
  469. data/lib/rex/ui/text/progress_tracker.rb.ut.rb +2 -1
  470. data/lib/rex/ui/text/shell.rb +1 -0
  471. data/lib/rex/ui/text/table.rb +20 -14
  472. data/lib/rex/ui/text/table.rb.ut.rb +3 -2
  473. data/lib/rex/zip.rb +1 -0
  474. data/lib/rex/zip/archive.rb +2 -1
  475. data/lib/rex/zip/blocks.rb +3 -2
  476. data/lib/rex/zip/entry.rb +6 -7
  477. data/lib/rex/zip/jar.rb +4 -3
  478. data/lib/rex/zip/samples/comment.rb +1 -0
  479. data/lib/rex/zip/samples/mkwar.rb +1 -0
  480. data/lib/rex/zip/samples/mkzip.rb +1 -0
  481. data/lib/rex/zip/samples/recursive.rb +1 -0
  482. metadata +433 -435
@@ -1,9 +1,10 @@
1
- require File.join(File.expand_path(File.dirname(__FILE__)),"nokogiri_doc_mixin")
1
+ # -*- coding: binary -*-
2
+ require "rex/parser/nokogiri_doc_mixin"
2
3
 
3
4
  module Rex
4
5
  module Parser
5
6
 
6
- # If Nokogiri is available, define Nexpose document class.
7
+ # If Nokogiri is available, define Nexpose document class.
7
8
  load_nokogiri && class NexposeSimpleDocument < Nokogiri::XML::SAX::Document
8
9
 
9
10
  include NokogiriDocMixin
@@ -81,7 +82,7 @@ module Rex
81
82
  def report_vulns(host_object)
82
83
  vuln_count = 0
83
84
  block = @block
84
- return unless host_object.kind_of? Msf::DBManager::Host
85
+ return unless host_object.kind_of? ::Mdm::Host
85
86
  return unless @report_data[:vulns]
86
87
  @report_data[:vulns].each do |vuln|
87
88
  if vuln[:refs]
@@ -98,12 +99,12 @@ module Rex
98
99
  :refs => vuln[:refs]
99
100
  }
100
101
  if vuln[:port] && vuln[:proto]
101
- data[:port] = vuln[:port]
102
+ data[:port] = vuln[:port]
102
103
  data[:proto] = vuln[:proto]
103
104
  end
104
105
  db_report(:vuln,data)
105
106
  end
106
-
107
+
107
108
  end
108
109
 
109
110
  def collect_host_vuln_id
@@ -243,7 +244,7 @@ module Rex
243
244
  end
244
245
 
245
246
  def report_host_fingerprint(host_object)
246
- return unless host_object.kind_of? ::Msf::DBManager::Host
247
+ return unless host_object.kind_of? ::Mdm::Host
247
248
  return unless @report_data[:host_fingerprint].kind_of? Hash
248
249
  @report_data[:host_fingerprint].reject! {|k,v| v.nil? || v.empty?}
249
250
  return if @report_data[:host_fingerprint].empty?
@@ -312,7 +313,7 @@ module Rex
312
313
  end
313
314
 
314
315
  def report_services(host_object)
315
- return unless host_object.kind_of? ::Msf::DBManager::Host
316
+ return unless host_object.kind_of? ::Mdm::Host
316
317
  return unless @report_data[:ports]
317
318
  return if @report_data[:ports].empty?
318
319
  reported = []
@@ -1,3 +1,4 @@
1
+ # -*- coding: binary -*-
1
2
  module Rex
2
3
  module Parser
3
4
 
@@ -1,9 +1,10 @@
1
- require File.join(File.expand_path(File.dirname(__FILE__)),"nokogiri_doc_mixin")
1
+ # -*- coding: binary -*-
2
+ require "rex/parser/nokogiri_doc_mixin"
2
3
 
3
4
  module Rex
4
5
  module Parser
5
6
 
6
- # If Nokogiri is available, define Nmap document class.
7
+ # If Nokogiri is available, define Nmap document class.
7
8
  load_nokogiri && class NmapDocument < Nokogiri::XML::SAX::Document
8
9
 
9
10
  include NokogiriDocMixin
@@ -49,7 +50,7 @@ module Rex
49
50
  when "hostname"
50
51
  record_hostname(attrs)
51
52
  when "port"
52
- record_port(attrs)
53
+ record_port(attrs)
53
54
  when "state"
54
55
  record_port_state(attrs)
55
56
  when "service"
@@ -73,16 +74,8 @@ module Rex
73
74
  collect_os_data
74
75
  @state[:os] = {}
75
76
  when "port"
76
- collect_port_data
77
+ collect_port_data
77
78
  @state[:port] = {}
78
- when "script"
79
- if in_tag("host")
80
- if in_tag("port")
81
- @state[:portscripts] = {}
82
- else
83
- @state[:hostscripts] = {}
84
- end
85
- end
86
79
  when "host" # Roll everything up now
87
80
  collect_host_data
88
81
  host_object = report_host &block
@@ -126,6 +119,7 @@ module Rex
126
119
  return unless in_tag("os")
127
120
  temp_hash = attr_hash(attrs)
128
121
  if temp_hash["accuracy"].to_i == 100
122
+ @state[:os] ||= {}
129
123
  @state[:os]["osmatch"] = temp_hash["name"]
130
124
  end
131
125
  end
@@ -151,21 +145,21 @@ module Rex
151
145
  return unless in_tag("host")
152
146
  return if in_tag("port")
153
147
  temp_hash = attr_hash(attrs)
154
- @state[:hostscripts] ||= {}
155
- @state[:hostscripts].merge! temp_hash
156
- temp_hash[:addresses] = @state[:addresses]
157
- db.emit(:host_script,temp_hash,&block) if block
148
+
149
+ if temp_hash["id"] and temp_hash["output"]
150
+ @state[:scripts] ||= []
151
+ @state[:scripts] << { temp_hash["id"] => temp_hash["output"] }
152
+ end
158
153
  end
159
154
 
160
155
  def record_port_script(attrs)
161
156
  return unless in_tag("host")
162
157
  return unless in_tag("port")
163
158
  temp_hash = attr_hash(attrs)
164
- @state[:portscripts] ||= {}
165
- @state[:portscripts].merge! temp_hash
166
- temp_hash[:addresses] = @state[:addresses]
167
- temp_hash[:port] = @state[:port]
168
- db.emit(:port_script,temp_hash,&block) if block
159
+ if temp_hash["id"] and temp_hash["output"]
160
+ @state[:port][:scripts] ||= []
161
+ @state[:port][:scripts] << { temp_hash["id"] => temp_hash["output"] }
162
+ end
169
163
  end
170
164
 
171
165
  def record_port_service(attrs)
@@ -196,7 +190,7 @@ module Rex
196
190
  return unless in_tag("host")
197
191
  attrs.each do |k,v|
198
192
  next unless k == "state"
199
- @state[:host_alive] = (v == "up")
193
+ @state[:host_alive] = (v == "up")
200
194
  end
201
195
  end
202
196
 
@@ -234,12 +228,12 @@ module Rex
234
228
  end
235
229
 
236
230
  def collect_host_data
237
- if @state[:host_alive]
231
+ if @state[:host_alive]
238
232
  @report_data[:state] = Msf::HostState::Alive
239
233
  else
240
234
  @report_data[:state] = Msf::HostState::Dead
241
235
  end
242
- if @state[:addresses]
236
+ if @state[:addresses]
243
237
  if @state[:addresses].has_key? "ipv4"
244
238
  @report_data[:host] = @state[:addresses]["ipv4"]
245
239
  elsif @state[:addresses].has_key? "ipv6"
@@ -258,6 +252,9 @@ module Rex
258
252
  if @state[:trace] and @state[:trace].has_key?(:hops)
259
253
  @report_data[:traceroute] = @state[:trace]
260
254
  end
255
+ if @state[:scripts]
256
+ @report_data[:scripts] = @state[:scripts]
257
+ end
261
258
  end
262
259
 
263
260
  def collect_port_data
@@ -288,6 +285,8 @@ module Rex
288
285
  extra[1] = v
289
286
  when "extrainfo"
290
287
  extra[2] = v
288
+ when :scripts
289
+ port_hash[:scripts] = v
291
290
  end
292
291
  end
293
292
  port_hash[:info] = extra.compact.join(" ") unless extra.empty?
@@ -301,7 +300,7 @@ module Rex
301
300
  end
302
301
 
303
302
  def report_traceroute(host_object)
304
- return unless host_object.kind_of? ::Msf::DBManager::Host
303
+ return unless host_object.kind_of? ::Mdm::Host
305
304
  return unless @report_data[:traceroute]
306
305
  tr_note = {
307
306
  :workspace => host_object.workspace,
@@ -309,25 +308,25 @@ module Rex
309
308
  :type => "host.nmap.traceroute",
310
309
  :data => { 'port' => @report_data[:traceroute]["port"].to_i,
311
310
  'proto' => @report_data[:traceroute]["proto"].to_s,
312
- 'hops' => @report_data[:traceroute][:hops] }
311
+ 'hops' => @report_data[:traceroute][:hops] }
313
312
  }
314
313
  db_report(:note, tr_note)
315
314
  end
316
315
 
317
316
  def report_uptime(host_object)
318
- return unless host_object.kind_of? ::Msf::DBManager::Host
317
+ return unless host_object.kind_of? ::Mdm::Host
319
318
  return unless @report_data[:last_boot]
320
319
  up_note = {
321
320
  :workspace => host_object.workspace,
322
321
  :host => host_object,
323
322
  :type => "host.last_boot",
324
- :data => { :time => @report_data[:last_boot] }
323
+ :data => { :time => @report_data[:last_boot] }
325
324
  }
326
325
  db_report(:note, up_note)
327
326
  end
328
327
 
329
328
  def report_fingerprint(host_object)
330
- return unless host_object.kind_of? ::Msf::DBManager::Host
329
+ return unless host_object.kind_of? ::Mdm::Host
331
330
  return unless @report_data[:os_fingerprint]
332
331
  fp_note = @report_data[:os_fingerprint].merge(
333
332
  {
@@ -339,20 +338,51 @@ module Rex
339
338
 
340
339
  def report_host(&block)
341
340
  if host_is_okay
342
- host_object = db_report(:host, @report_data.merge(
343
- :workspace => @args[:wspace] ) )
341
+ scripts = @report_data.delete(:scripts) || []
342
+ host_object = db_report(:host, @report_data.merge( :workspace => @args[:wspace] ) )
344
343
  db.emit(:address,@report_data[:host],&block) if block
344
+
345
+ scripts.each do |script|
346
+ script.each_pair do |k,v|
347
+ ntype =
348
+ nse_note = {
349
+ :workspace => host_object.workspace,
350
+ :host => host_object,
351
+ :type => "nmap.nse.#{k}.host",
352
+ :data => { 'output' => v },
353
+ :update => :unique_data
354
+ }
355
+ db_report(:note, nse_note)
356
+ end
357
+ end
358
+
345
359
  host_object
346
360
  end
347
361
  end
348
362
 
349
363
  def report_services(host_object,&block)
350
- return unless host_object.kind_of? ::Msf::DBManager::Host
364
+ return unless host_object.kind_of? ::Mdm::Host
351
365
  return unless @report_data[:ports]
352
366
  return if @report_data[:ports].empty?
353
367
  reported = []
354
368
  @report_data[:ports].each do |svc|
355
- reported << db_report(:service, svc.merge(:host => host_object))
369
+ scripts = svc.delete(:scripts) || []
370
+ svc_obj = db_report(:service, svc.merge(:host => host_object))
371
+ scripts.each do |script|
372
+ script.each_pair do |k,v|
373
+ ntype =
374
+ nse_note = {
375
+ :workspace => host_object.workspace,
376
+ :host => host_object,
377
+ :service => svc_obj,
378
+ :type => "nmap.nse.#{k}." + (svc[:proto] || "tcp") +".#{svc[:port]}",
379
+ :data => { 'output' => v },
380
+ :update => :unique_data
381
+ }
382
+ db_report(:note, nse_note)
383
+ end
384
+ end
385
+ reported << svc_obj
356
386
  end
357
387
  reported
358
388
  end
@@ -1,3 +1,4 @@
1
+ # -*- coding: binary -*-
1
2
 
2
3
  require 'rexml/document'
3
4
 
@@ -1,3 +1,4 @@
1
+ # -*- coding: binary -*-
1
2
  module Rex
2
3
  module Parser
3
4
 
@@ -49,6 +50,7 @@ module Parser
49
50
  @state[:current_tag] = {}
50
51
  @block = block if block
51
52
  @report_data = {:wspace => args[:wspace]}
53
+ @nx_console_id = args[:nx_console_id]
52
54
  super()
53
55
  end
54
56
 
@@ -70,13 +72,26 @@ module Parser
70
72
  return if ref_type.nil? || ref_type.empty? || ref_value.nil? || ref_value.empty?
71
73
  ref_value = ref_value.strip
72
74
  ref_type = ref_type.strip.upcase
75
+
73
76
  ret = case ref_type
74
- when "CVE"
77
+ when "CVE"
75
78
  ref_value.gsub("CAN", "CVE")
76
- when "MS"
77
- "MSB-MS-#{ref_value}"
79
+ when "MS"
80
+ if ref_value =~ /^MS[0-9]/
81
+ "MSB-#{ref_value}"
82
+ else
83
+ "MSB-MS#{ref_value}"
84
+ end
78
85
  when "URL", "BID"
79
86
  "#{ref_type}-#{ref_value}"
87
+ when "APPLE"
88
+ ref_value
89
+ when "XF"
90
+ if ref_value =~ /\((\d+)\)$/
91
+ "#{ref_type}-#{$1}"
92
+ else
93
+ "#{ref_type}-#{ref_value}"
94
+ end
80
95
  else # Handle others?
81
96
  "#{ref_type}-#{ref_value}"
82
97
  end
@@ -87,6 +102,7 @@ module Parser
87
102
  return [] unless orig_refs
88
103
  refs = []
89
104
  orig_refs.each do |ref_hash|
105
+
90
106
  ref_hash_sym = Hash[ref_hash.map {|k, v| [k.to_sym, v] }]
91
107
  ref_type = ref_hash_sym[:source].to_s.strip.upcase
92
108
  ref_value = ref_hash_sym[:value].to_s.strip
@@ -99,7 +115,7 @@ module Parser
99
115
  @state[:current_tag].keys.include? tagname
100
116
  end
101
117
 
102
- # If there's an address, it's not on the blacklist,
118
+ # If there's an address, it's not on the blacklist,
103
119
  # it has ports, and the port list isn't
104
120
  # empty... it's okay.
105
121
  def host_is_okay
@@ -120,7 +136,7 @@ module Parser
120
136
  end
121
137
 
122
138
  # Circumvent the unknown attribute logging by the various reporters. They
123
- # seem to be there just for debugging anyway.
139
+ # seem to be there just for debugging anyway.
124
140
  def db_report(table, data)
125
141
  raise "Data should be a hash" unless data.kind_of? Hash
126
142
  nonempty_data = data.reject {|k,v| v.nil?}
@@ -135,21 +151,25 @@ module Parser
135
151
  just_the_facts.empty? ? return : db.send("report_#{table}", just_the_facts)
136
152
  end
137
153
 
138
- # XXX: It would be better to either have a single registry of acceptable
139
- # keys if we're going to alert on bad ones, or to be more forgiving if
140
- # the caller is this thing. There is basically no way to tell if
154
+ # XXX: It would be better to either have a single registry of acceptable
155
+ # keys if we're going to alert on bad ones, or to be more forgiving if
156
+ # the caller is this thing. There is basically no way to tell if
141
157
  # report_host()'s tastes are going to change with this scheme.
142
158
  def db_valid_attributes(table)
143
159
  case table.to_s.to_sym
144
160
  when :host
145
- Msf::DBManager::Host.new.attribute_names.map {|x| x.to_sym} |
161
+ ::Mdm::Host.new.attribute_names.map {|x| x.to_sym} |
146
162
  [:host, :workspace]
147
163
  when :service
148
- Msf::DBManager::Service.new.attribute_names.map {|x| x.to_sym} |
164
+ ::Mdm::Service.new.attribute_names.map {|x| x.to_sym} |
149
165
  [:host, :host_name, :mac, :workspace]
150
166
  when :vuln
151
- Msf::DBManager::Vuln.new.attribute_names.map {|x| x.to_sym} |
152
- [:host, :refs, :workspace, :port, :proto]
167
+ ::Mdm::Vuln.new.attribute_names.map {|x| x.to_sym} |
168
+ [:host, :refs, :workspace, :port, :proto, :details, :exploited_at]
169
+ when :vuln_details
170
+ ::Mdm::VulnDetails.new.attribute_names.map {|x| x.to_sym} | [ :key ]
171
+ when :host_details
172
+ ::Mdm::HostDetails.new.attribute_names.map {|x| x.to_sym} | [ :key ]
153
173
  when :note, :web_site, :web_page, :web_form, :web_vuln
154
174
  # These guys don't complain
155
175
  [:anything]
@@ -159,7 +179,7 @@ module Parser
159
179
  end
160
180
 
161
181
  # Nokogiri 1.4.4 (and presumably beyond) generates attrs as pairs,
162
- # like [["value1","foo"],["value2","bar"]] (but not hashes for some
182
+ # like [["value1","foo"],["value2","bar"]] (but not hashes for some
163
183
  # reason). 1.4.3.1 (and presumably 1.4.3.x and prior) generates attrs
164
184
  # as a flat array of strings. We want array_pairs.
165
185
  def normalize_attrs(attrs)
@@ -168,7 +188,7 @@ module Parser
168
188
  when Array, NilClass
169
189
  attr_pairs = attrs
170
190
  when String
171
- attrs.each_index {|i|
191
+ attrs.each_index {|i|
172
192
  next if i % 2 == 0
173
193
  attr_pairs << [attrs[i-1],attrs[i]]
174
194
  }
@@ -199,7 +219,7 @@ module Parser
199
219
  return unless @report_type_ok
200
220
  unless @state[:current_tag].empty?
201
221
  missing_ends = @state[:current_tag].keys.map {|x| "'#{x}'"}.join(", ")
202
- msg = "Warning, the provided file is incomplete, and there may be missing\n"
222
+ l msg = "Warning, the provided file is incomplete, and there may be missing\n"
203
223
  msg << "data. The following tags were not closed: #{missing_ends}."
204
224
  db.emit(:warning,msg,&block) if block
205
225
  end
@@ -0,0 +1,172 @@
1
+ # -*- coding: binary -*-
2
+ require "rex/parser/nokogiri_doc_mixin"
3
+
4
+ module Rex
5
+ module Parser
6
+
7
+ # If Nokogiri is available, define OpenVAS document class.
8
+ load_nokogiri && class OpenVASDocument < Nokogiri::XML::SAX::Document
9
+
10
+ include NokogiriDocMixin
11
+
12
+ # ourselves with the @state variable, turning things on when we
13
+ # get here (and turning things off when we exit in end_element()).
14
+ def start_element(name=nil,attrs=[])
15
+ attrs = normalize_attrs(attrs)
16
+ block = @block
17
+ @state[:current_tag][name] = true
18
+ case name
19
+ when "host"
20
+ @state[:has_text] = true
21
+ end
22
+ end
23
+
24
+ # When we exit a tag, this is triggered.
25
+ def end_element(name=nil)
26
+ block = @block
27
+ case name
28
+ when "name"
29
+ return if not in_tag("result")
30
+ @state[:has_text] = true
31
+ @state[:vuln_name] = @text.strip if @text
32
+ @text = nil
33
+ when "description"
34
+ @state[:has_text] = true
35
+ @state[:vuln_desc] = @text.strip if @text
36
+ @text = nil
37
+ when "bid"
38
+ return if not in_tag("result")
39
+ return if not in_tag("nvt")
40
+ @state[:has_text] = true
41
+ @state[:bid] = @text.strip if @text
42
+ @text = nil
43
+ when "cve"
44
+ return if not in_tag("result")
45
+ return if not in_tag("nvt")
46
+ @state[:has_text] = true
47
+ @state[:cves] = @text.strip if @text
48
+ @text = nil
49
+ when "risk_factor"
50
+ return if not in_tag("result")
51
+ return if not in_tag("nvt")
52
+
53
+ #we do this to clean out the buffer so to speak
54
+ #if we don't set text to nil now, the text will show up later
55
+ @state[:has_text] = true
56
+ @text = nil
57
+ when "cvss_base"
58
+ return if not in_tag("result")
59
+ return if not in_tag("nvt")
60
+ @state[:has_text] = true
61
+ @text = nil
62
+ when "subnet"
63
+ @state[:has_text] = true
64
+ @text = nil
65
+ when "result"
66
+ return if not in_tag("results")
67
+ record_vuln
68
+ when "threat"
69
+ return if not in_tag("ports")
70
+ return if not in_tag("port")
71
+ @state[:has_text] = true
72
+
73
+ if not @text.index('(')
74
+ @state[:name] = nil
75
+ @state[:port] = nil
76
+ @state[:proto] = nil
77
+ @text = nil
78
+ return
79
+ end
80
+
81
+ @state[:name] = @text.split(' ')[0] if @text
82
+ @state[:port] = @text.split('(')[1].split('/')[0] if @text
83
+ @state[:proto] = @text.split('(')[1].split('/')[1].split(')')[0] if @text
84
+
85
+ @text = nil
86
+ when "host"
87
+ if in_tag('result')
88
+ @state[:has_text] = true
89
+ @state[:host] = @text.strip if @text
90
+ @text = nil
91
+ elsif in_tag('ports')
92
+ return if not in_tag('port')
93
+ @state[:has_text] = true
94
+ @state[:host] = @text.strip if @text
95
+ @text = nil
96
+ end
97
+ when "port"
98
+ if in_tag('result')
99
+ @state[:has_text] = true
100
+ if not @text.index('(')
101
+ @state[:proto] = nil
102
+ @state[:port] = nil
103
+ @text = nil
104
+ return
105
+ end
106
+ @state[:proto] = @text.split('(')[0].strip if @text
107
+ @state[:port] = @text.split('(')[1].split('/')[0].gsub(/\)/, '') if @text
108
+ @text = nil
109
+ elsif in_tag('ports')
110
+ record_service
111
+ end
112
+ when "name"
113
+ return if not in_tag("result")
114
+ @state[:has_text] = true
115
+ @text = nil
116
+ end
117
+ @state[:current_tag].delete name
118
+ end
119
+
120
+ def record_vuln
121
+ if (@state[:cves] and @state[:cves] == "NOCVE") and (@state[:bid] and @state[:bid] == "NOBID")
122
+ return
123
+ end
124
+
125
+ if @state[:cves] and @state[:cves] != "NOCVE" and !@state[:cves].empty?
126
+ @state[:cves].split(',').each do |cve|
127
+ vuln_info = {}
128
+ vuln_info[:host] = @state[:host]
129
+ vuln_info[:refs] = normalize_references([{ :source => "CVE", :value => cve}])
130
+ vuln_info[:name] = @state[:vuln_name]
131
+ vuln_info[:info] = @state[:vuln_desc]
132
+ vuln_info[:port] = @state[:port]
133
+ vuln_info[:proto] = @state[:proto]
134
+
135
+ db_report(:vuln, vuln_info)
136
+ end
137
+ end
138
+ if @state[:bid] and @state[:bid] != "NOBID" and !@state[:bid].empty?
139
+ @state[:bid].split(',').each do |bid|
140
+ vuln_info = {}
141
+ vuln_info[:host] = @state[:host]
142
+ vuln_info[:refs] = normalize_references([{ :source => "BID", :value => bid}])
143
+ vuln_info[:name] = @state[:vuln_name]
144
+ vuln_info[:info] = @state[:vuln_desc]
145
+ vuln_info[:port] = @state[:port]
146
+ vuln_info[:proto] = @state[:proto]
147
+
148
+ db_report(:vuln, vuln_info)
149
+ end
150
+ end
151
+ end
152
+
153
+ def record_service
154
+ return if not @state[:name]
155
+
156
+ service_info = {}
157
+ service_info[:host] = @state[:host]
158
+ service_info[:name] = @state[:name]
159
+ service_info[:port] = @state[:port]
160
+ service_info[:proto] = @state[:proto]
161
+
162
+ db_report(:service, service_info)
163
+
164
+ host_info = {}
165
+ host_info[:host] = @state[:host]
166
+
167
+ db_report(:host, host_info)
168
+ end
169
+ end
170
+ end
171
+ end
172
+