RubyGems - librex - Versions diffs - 0.0.65 → 0.0.66 - Mend

librex 0.0.65 → 0.0.66

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (482) hide show

data/README.markdown +1 -1
data/lib/rex/arch.rb +1 -0
data/lib/rex/arch/sparc.rb +16 -15
data/lib/rex/arch/sparc.rb.ut.rb +2 -1
data/lib/rex/arch/x86.rb +1 -0
data/lib/rex/arch/x86.rb.ut.rb +2 -1
data/lib/rex/assembly/nasm.rb +1 -0
data/lib/rex/assembly/nasm.rb.ut.rb +2 -1
data/lib/rex/compat.rb +13 -0
data/lib/rex/constants.rb +5 -4
data/lib/rex/elfparsey.rb +3 -2
data/lib/rex/elfparsey/elf.rb +2 -1
data/lib/rex/elfparsey/elfbase.rb +8 -7
data/lib/rex/elfparsey/exceptions.rb +3 -2
data/lib/rex/elfscan.rb +3 -2
data/lib/rex/elfscan/scanner.rb +2 -1
data/lib/rex/elfscan/search.rb +2 -1
data/lib/rex/encoder/alpha2.rb +2 -1
data/lib/rex/encoder/alpha2/alpha_mixed.rb +3 -2
data/lib/rex/encoder/alpha2/alpha_upper.rb +5 -4
data/lib/rex/encoder/alpha2/generic.rb +37 -60
data/lib/rex/encoder/alpha2/unicode_mixed.rb +4 -9
data/lib/rex/encoder/alpha2/unicode_upper.rb +4 -9
data/lib/rex/encoder/ndr.rb +1 -0
data/lib/rex/encoder/ndr.rb.ut.rb +2 -1
data/lib/rex/encoder/nonalpha.rb +1 -0
data/lib/rex/encoder/nonupper.rb +1 -0
data/lib/rex/encoder/xdr.rb +9 -8
data/lib/rex/encoder/xdr.rb.ut.rb +2 -1
data/lib/rex/encoder/xor.rb +1 -0
data/lib/rex/encoder/xor/dword.rb +2 -1
data/lib/rex/encoder/xor/dword_additive.rb +2 -1
data/lib/rex/encoders/xor_dword.rb +1 -0
data/lib/rex/encoders/xor_dword_additive.rb +2 -1
data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +2 -1
data/lib/rex/encoding/xor.rb +2 -1
data/lib/rex/encoding/xor.rb.ts.rb +2 -1
data/lib/rex/encoding/xor/byte.rb +2 -1
data/lib/rex/encoding/xor/byte.rb.ut.rb +2 -1
data/lib/rex/encoding/xor/dword.rb +2 -1
data/lib/rex/encoding/xor/dword.rb.ut.rb +2 -1
data/lib/rex/encoding/xor/dword_additive.rb +1 -0
data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +2 -1
data/lib/rex/encoding/xor/exceptions.rb +1 -0
data/lib/rex/encoding/xor/generic.rb +1 -0
data/lib/rex/encoding/xor/generic.rb.ut.rb +2 -1
data/lib/rex/encoding/xor/qword.rb +2 -1
data/lib/rex/encoding/xor/word.rb +2 -1
data/lib/rex/encoding/xor/word.rb.ut.rb +2 -1
data/lib/rex/exceptions.rb +1 -0
data/lib/rex/exceptions.rb.ut.rb +2 -1
data/lib/rex/exploitation/cmdstager.rb +2 -1
data/lib/rex/exploitation/cmdstager/base.rb +1 -0
data/lib/rex/exploitation/cmdstager/debug_asm.rb +2 -1
data/lib/rex/exploitation/cmdstager/debug_write.rb +2 -1
data/lib/rex/exploitation/cmdstager/tftp.rb +2 -1
data/lib/rex/exploitation/cmdstager/vbs.rb +2 -1
data/lib/rex/exploitation/egghunter.rb +12 -11
data/lib/rex/exploitation/egghunter.rb.ut.rb +2 -1
data/lib/rex/exploitation/encryptjs.rb +1 -0
data/lib/rex/exploitation/heaplib.rb +1 -0
data/lib/rex/exploitation/javascriptosdetect.js +1014 -0
data/lib/rex/exploitation/javascriptosdetect.rb +4 -857
data/lib/rex/exploitation/jsobfu.rb +2 -1
data/lib/rex/exploitation/obfuscatejs.rb +1 -0
data/lib/rex/exploitation/omelet.rb +1 -0
data/lib/rex/exploitation/omelet.rb.ut.rb +1 -0
data/lib/rex/exploitation/opcodedb.rb +12 -11
data/lib/rex/exploitation/opcodedb.rb.ut.rb +2 -1
data/lib/rex/exploitation/seh.rb +3 -2
data/lib/rex/exploitation/seh.rb.ut.rb +2 -1
data/lib/rex/file.rb +4 -3
data/lib/rex/file.rb.ut.rb +2 -1
data/lib/rex/image_source.rb +3 -2
data/lib/rex/image_source/disk.rb +3 -2
data/lib/rex/image_source/image_source.rb +3 -2
data/lib/rex/image_source/memory.rb +3 -2
data/lib/rex/io/bidirectional_pipe.rb +1 -0
data/lib/rex/io/datagram_abstraction.rb +2 -1
data/lib/rex/io/ring_buffer.rb +49 -44
data/lib/rex/io/ring_buffer.rb.ut.rb +4 -3
data/lib/rex/io/stream.rb +1 -0
data/lib/rex/io/stream_abstraction.rb +1 -0
data/lib/rex/io/stream_server.rb +1 -0
data/lib/rex/job_container.rb +1 -0
data/lib/rex/logging.rb +2 -1
data/lib/rex/logging/log_dispatcher.rb +5 -4
data/lib/rex/logging/log_sink.rb +2 -1
data/lib/rex/logging/sinks/flatfile.rb +4 -3
data/lib/rex/logging/sinks/stderr.rb +2 -1
data/lib/rex/machparsey.rb +2 -1
data/lib/rex/machparsey/exceptions.rb +2 -1
data/lib/rex/machparsey/mach.rb +20 -19
data/lib/rex/machparsey/machbase.rb +27 -26
data/lib/rex/machscan.rb +2 -1
data/lib/rex/machscan/scanner.rb +1 -0
data/lib/rex/mime.rb +2 -1
data/lib/rex/mime/header.rb +1 -0
data/lib/rex/mime/message.rb +4 -1
data/lib/rex/mime/part.rb +2 -1
data/lib/rex/nop/opty2.rb +2 -1
data/lib/rex/nop/opty2.rb.ut.rb +2 -1
data/lib/rex/nop/opty2_tables.rb +1 -0
data/lib/rex/ole.rb +3 -2
data/lib/rex/ole/clsid.rb +3 -2
data/lib/rex/ole/difat.rb +3 -2
data/lib/rex/ole/directory.rb +3 -2
data/lib/rex/ole/direntry.rb +3 -2
data/lib/rex/ole/fat.rb +3 -2
data/lib/rex/ole/header.rb +3 -2
data/lib/rex/ole/minifat.rb +3 -2
data/lib/rex/ole/propset.rb +4 -3
data/lib/rex/ole/samples/create_ole.rb +1 -0
data/lib/rex/ole/samples/dir.rb +1 -0
data/lib/rex/ole/samples/dump_stream.rb +1 -0
data/lib/rex/ole/samples/ole_info.rb +1 -0
data/lib/rex/ole/storage.rb +3 -2
data/lib/rex/ole/stream.rb +3 -2
data/lib/rex/ole/substorage.rb +3 -2
data/lib/rex/ole/util.rb +3 -2
data/lib/rex/parser/acunetix_nokogiri.rb +13 -12
data/lib/rex/parser/apple_backup_manifestdb.rb +20 -19
data/lib/rex/parser/appscan_nokogiri.rb +17 -16
data/lib/rex/parser/arguments.rb +2 -1
data/lib/rex/parser/arguments.rb.ut.rb +2 -1
data/lib/rex/parser/burp_session_nokogiri.rb +8 -7
data/lib/rex/parser/ci_nokogiri.rb +4 -3
data/lib/rex/parser/foundstone_nokogiri.rb +18 -17
data/lib/rex/parser/fusionvm_nokogiri.rb +109 -0
data/lib/rex/parser/ini.rb +1 -0
data/lib/rex/parser/ini.rb.ut.rb +2 -1
data/lib/rex/parser/ip360_aspl_xml.rb +1 -0
data/lib/rex/parser/ip360_xml.rb +4 -3
data/lib/rex/parser/mbsa_nokogiri.rb +8 -7
data/lib/rex/parser/nessus_xml.rb +3 -2
data/lib/rex/parser/netsparker_xml.rb +10 -9
data/lib/rex/parser/nexpose_raw_nokogiri.rb +372 -52
data/lib/rex/parser/nexpose_simple_nokogiri.rb +8 -7
data/lib/rex/parser/nexpose_xml.rb +1 -0
data/lib/rex/parser/nmap_nokogiri.rb +63 -33
data/lib/rex/parser/nmap_xml.rb +1 -0
data/lib/rex/parser/nokogiri_doc_mixin.rb +35 -15
data/lib/rex/parser/openvas_nokogiri.rb +172 -0
data/lib/rex/parser/retina_xml.rb +1 -0
data/lib/rex/parser/wapiti_nokogiri.rb +105 -0
data/lib/rex/payloads.rb +2 -1
data/lib/rex/payloads/win32.rb +2 -1
data/lib/rex/payloads/win32/common.rb +2 -1
data/lib/rex/payloads/win32/kernel.rb +2 -1
data/lib/rex/payloads/win32/kernel/common.rb +4 -3
data/lib/rex/payloads/win32/kernel/migration.rb +2 -1
data/lib/rex/payloads/win32/kernel/recovery.rb +2 -1
data/lib/rex/payloads/win32/kernel/stager.rb +21 -20
data/lib/rex/peparsey.rb +3 -2
data/lib/rex/peparsey/exceptions.rb +2 -1
data/lib/rex/peparsey/pe.rb +3 -2
data/lib/rex/peparsey/pe_memdump.rb +2 -1
data/lib/rex/peparsey/pebase.rb +2 -1
data/lib/rex/peparsey/section.rb +2 -1
data/lib/rex/pescan.rb +3 -2
data/lib/rex/pescan/analyze.rb +1 -0
data/lib/rex/pescan/scanner.rb +1 -0
data/lib/rex/pescan/search.rb +1 -0
data/lib/rex/platforms.rb +2 -1
data/lib/rex/platforms/windows.rb +2 -1
data/lib/rex/poly.rb +2 -1
data/lib/rex/poly/block.rb +16 -15
data/lib/rex/poly/register.rb +2 -1
data/lib/rex/poly/register/x86.rb +2 -1
data/lib/rex/post.rb +2 -2
data/lib/rex/post/dir.rb +2 -1
data/lib/rex/post/file.rb +1 -0
data/lib/rex/post/file_stat.rb +1 -0
data/lib/rex/post/io.rb +2 -1
data/lib/rex/post/meterpreter.rb +2 -1
data/lib/rex/post/meterpreter/channel.rb +1 -0
data/lib/rex/post/meterpreter/channel_container.rb +2 -1
data/lib/rex/post/meterpreter/channels/pool.rb +1 -0
data/lib/rex/post/meterpreter/channels/pools/file.rb +1 -0
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +3 -2
data/lib/rex/post/meterpreter/channels/stream.rb +1 -0
data/lib/rex/post/meterpreter/client.rb +23 -1
data/lib/rex/post/meterpreter/client_core.rb +10 -5
data/lib/rex/post/meterpreter/dependencies.rb +2 -1
data/lib/rex/post/meterpreter/extension.rb +2 -1
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +7 -6
data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +2 -1
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +5 -4
data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +2 -1
data/lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb +1 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb +1 -0
data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +7 -6
data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +1 -0
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +2 -1
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +2 -1
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +1 -0
data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +2 -1
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +28 -11
data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +6 -5
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +3 -2
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +2 -1
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +39 -5
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +75 -18
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +18 -6
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb +4 -1
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +12 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +7 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb.ut.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb.ut.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb +23 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb.ut.rb +29 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +10 -5
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb.ut.rb +9 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb +106 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb.ut.rb +128 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +27 -6
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb +21 -0
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +2 -1
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +43 -4
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +2 -1
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +1 -0
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +7 -0
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +14 -13
data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +1 -0
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +2 -1
data/lib/rex/post/meterpreter/object_aliases.rb +6 -5
data/lib/rex/post/meterpreter/packet.rb +26 -6
data/lib/rex/post/meterpreter/packet_dispatcher.rb +1 -0
data/lib/rex/post/meterpreter/packet_parser.rb +1 -0
data/lib/rex/post/meterpreter/packet_response_waiter.rb +1 -0
data/lib/rex/post/meterpreter/ui/console.rb +1 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +1 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +103 -28
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +1 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +1 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +1 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +3 -2
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +12 -11
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +2 -1
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +2 -1
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +53 -36
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +3 -2
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +87 -44
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +80 -18
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +77 -48
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +72 -41
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +24 -5
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +2 -1
data/lib/rex/post/permission.rb +2 -1
data/lib/rex/post/process.rb +2 -1
data/lib/rex/post/thread.rb +2 -1
data/lib/rex/post/ui.rb +2 -1
data/lib/rex/proto.rb +1 -0
data/lib/rex/proto.rb.ts.rb +2 -1
data/lib/rex/proto/dcerpc.rb +2 -1
data/lib/rex/proto/dcerpc.rb.ts.rb +2 -1
data/lib/rex/proto/dcerpc/client.rb +1 -0
data/lib/rex/proto/dcerpc/client.rb.ut.rb +1 -0
data/lib/rex/proto/dcerpc/exceptions.rb +2 -1
data/lib/rex/proto/dcerpc/handle.rb +1 -0
data/lib/rex/proto/dcerpc/handle.rb.ut.rb +2 -1
data/lib/rex/proto/dcerpc/ndr.rb +2 -1
data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +2 -1
data/lib/rex/proto/dcerpc/packet.rb +52 -45
data/lib/rex/proto/dcerpc/packet.rb.ut.rb +12 -11
data/lib/rex/proto/dcerpc/response.rb +1 -0
data/lib/rex/proto/dcerpc/response.rb.ut.rb +2 -1
data/lib/rex/proto/dcerpc/uuid.rb +13 -12
data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +2 -1
data/lib/rex/proto/dhcp.rb +2 -1
data/lib/rex/proto/dhcp/constants.rb +2 -1
data/lib/rex/proto/dhcp/server.rb +4 -3
data/lib/rex/proto/drda.rb +1 -0
data/lib/rex/proto/drda.rb.ts.rb +1 -0
data/lib/rex/proto/drda/constants.rb +1 -0
data/lib/rex/proto/drda/constants.rb.ut.rb +1 -0
data/lib/rex/proto/drda/packet.rb +11 -10
data/lib/rex/proto/drda/packet.rb.ut.rb +5 -4
data/lib/rex/proto/drda/utils.rb +4 -3
data/lib/rex/proto/drda/utils.rb.ut.rb +3 -2
data/lib/rex/proto/http.rb +2 -1
data/lib/rex/proto/http.rb.ts.rb +2 -1
data/lib/rex/proto/http/client.rb +29 -5
data/lib/rex/proto/http/client.rb.ut.rb +1 -0
data/lib/rex/proto/http/handler.rb +2 -1
data/lib/rex/proto/http/handler/erb.rb +5 -4
data/lib/rex/proto/http/handler/erb.rb.ut.rb +2 -1
data/lib/rex/proto/http/handler/proc.rb +1 -0
data/lib/rex/proto/http/handler/proc.rb.ut.rb +2 -1
data/lib/rex/proto/http/header.rb +3 -3
data/lib/rex/proto/http/header.rb.ut.rb +2 -1
data/lib/rex/proto/http/packet.rb +1 -0
data/lib/rex/proto/http/packet.rb.ut.rb +15 -14
data/lib/rex/proto/http/request.rb +23 -22
data/lib/rex/proto/http/request.rb.ut.rb +2 -1
data/lib/rex/proto/http/response.rb +6 -5
data/lib/rex/proto/http/response.rb.ut.rb +7 -6
data/lib/rex/proto/http/server.rb +1 -0
data/lib/rex/proto/http/server.rb.ut.rb +6 -5
data/lib/rex/proto/iax2.rb +1 -0
data/lib/rex/proto/iax2/call.rb +48 -47
data/lib/rex/proto/iax2/client.rb +23 -22
data/lib/rex/proto/iax2/codecs.rb +1 -0
data/lib/rex/proto/iax2/codecs/alaw.rb +1 -0
data/lib/rex/proto/iax2/codecs/g711.rb +4 -3
data/lib/rex/proto/iax2/codecs/mulaw.rb +1 -0
data/lib/rex/proto/iax2/constants.rb +1 -0
data/lib/rex/proto/natpmp.rb +11 -0
data/lib/rex/proto/natpmp/constants.rb +19 -0
data/lib/rex/proto/natpmp/packet.rb +45 -0
data/lib/rex/proto/ntlm.rb +1 -0
data/lib/rex/proto/ntlm.rb.ut.rb +1 -0
data/lib/rex/proto/ntlm/base.rb +38 -37
data/lib/rex/proto/ntlm/constants.rb +1 -0
data/lib/rex/proto/ntlm/crypt.rb +45 -44
data/lib/rex/proto/ntlm/exceptions.rb +1 -0
data/lib/rex/proto/ntlm/message.rb +30 -29
data/lib/rex/proto/ntlm/utils.rb +116 -115
data/lib/rex/proto/proxy/socks4a.rb +1 -0
data/lib/rex/proto/rfb.rb +1 -0
data/lib/rex/proto/rfb.rb.ut.rb +1 -0
data/lib/rex/proto/rfb/cipher.rb +1 -0
data/lib/rex/proto/rfb/client.rb +1 -0
data/lib/rex/proto/rfb/constants.rb +1 -0
data/lib/rex/proto/smb.rb +2 -1
data/lib/rex/proto/smb.rb.ts.rb +2 -1
data/lib/rex/proto/smb/client.rb +23 -22
data/lib/rex/proto/smb/client.rb.ut.rb +1 -0
data/lib/rex/proto/smb/constants.rb +1 -0
data/lib/rex/proto/smb/constants.rb.ut.rb +2 -1
data/lib/rex/proto/smb/crypt.rb +3 -2
data/lib/rex/proto/smb/evasions.rb +1 -0
data/lib/rex/proto/smb/exceptions.rb +6 -5
data/lib/rex/proto/smb/simpleclient.rb +1 -0
data/lib/rex/proto/smb/simpleclient.rb.ut.rb +1 -0
data/lib/rex/proto/smb/utils.rb +1 -0
data/lib/rex/proto/smb/utils.rb.ut.rb +2 -1
data/lib/rex/proto/sunrpc.rb +1 -0
data/lib/rex/proto/sunrpc/client.rb +1 -0
data/lib/rex/proto/tftp.rb +3 -1
data/lib/rex/proto/tftp/client.rb +344 -0
data/lib/rex/proto/tftp/constants.rb +2 -1
data/lib/rex/proto/tftp/server.rb +2 -1
data/lib/rex/proto/tftp/server.rb.ut.rb +3 -2
data/lib/rex/registry.rb +14 -0
data/lib/rex/registry/hive.rb +132 -0
data/lib/rex/registry/lfkey.rb +51 -0
data/lib/rex/registry/nodekey.rb +54 -0
data/lib/rex/registry/regf.rb +25 -0
data/lib/rex/registry/valuekey.rb +67 -0
data/lib/rex/registry/valuelist.rb +29 -0
data/lib/rex/ropbuilder.rb +2 -1
data/lib/rex/ropbuilder/rop.rb +3 -2
data/lib/rex/script.rb +1 -0
data/lib/rex/script/base.rb +1 -0
data/lib/rex/script/meterpreter.rb +1 -0
data/lib/rex/script/shell.rb +1 -0
data/lib/rex/service.rb +2 -1
data/lib/rex/service_manager.rb +6 -5
data/lib/rex/service_manager.rb.ut.rb +2 -1
data/lib/rex/services/local_relay.rb +1 -0
data/lib/rex/socket.rb +72 -36
data/lib/rex/socket.rb.ut.rb +1 -0
data/lib/rex/socket/comm.rb +1 -0
data/lib/rex/socket/comm/local.rb +60 -13
data/lib/rex/socket/comm/local.rb.ut.rb +2 -1
data/lib/rex/socket/ip.rb +1 -0
data/lib/rex/socket/parameters.rb +15 -14
data/lib/rex/socket/parameters.rb.ut.rb +2 -1
data/lib/rex/socket/range_walker.rb +71 -26
data/lib/rex/socket/range_walker.rb.ut.rb +2 -1
data/lib/rex/socket/ssl_tcp.rb +1 -0
data/lib/rex/socket/ssl_tcp.rb.ut.rb +2 -1
data/lib/rex/socket/ssl_tcp_server.rb +1 -0
data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +1 -0
data/lib/rex/socket/subnet_walker.rb +1 -0
data/lib/rex/socket/subnet_walker.rb.ut.rb +2 -1
data/lib/rex/socket/switch_board.rb +1 -0
data/lib/rex/socket/switch_board.rb.ut.rb +2 -1
data/lib/rex/socket/tcp.rb +4 -3
data/lib/rex/socket/tcp.rb.ut.rb +2 -1
data/lib/rex/socket/tcp_server.rb +1 -0
data/lib/rex/socket/tcp_server.rb.ut.rb +2 -1
data/lib/rex/socket/udp.rb +2 -1
data/lib/rex/socket/udp.rb.ut.rb +2 -1
data/lib/rex/struct2.rb +2 -1
data/lib/rex/struct2/c_struct.rb +2 -1
data/lib/rex/struct2/c_struct_template.rb +2 -1
data/lib/rex/struct2/constant.rb +2 -1
data/lib/rex/struct2/element.rb +2 -1
data/lib/rex/struct2/generic.rb +1 -0
data/lib/rex/struct2/restraint.rb +2 -1
data/lib/rex/struct2/s_string.rb +1 -0
data/lib/rex/struct2/s_struct.rb +1 -0
data/lib/rex/sync.rb +2 -1
data/lib/rex/sync/event.rb +1 -0
data/lib/rex/sync/read_write_lock.rb +1 -0
data/lib/rex/sync/ref.rb +2 -1
data/lib/rex/sync/thread_safe.rb +2 -1
data/lib/rex/test.rb +2 -1
data/lib/rex/text.rb +136 -19
data/lib/rex/text.rb.ut.rb +1 -0
data/lib/rex/thread_factory.rb +5 -4
data/lib/rex/time.rb +2 -1
data/lib/rex/transformer.rb +1 -0
data/lib/rex/transformer.rb.ut.rb +2 -1
data/lib/rex/ui.rb +2 -1
data/lib/rex/ui/interactive.rb +10 -9
data/lib/rex/ui/output.rb +1 -0
data/lib/rex/ui/output/none.rb +2 -1
data/lib/rex/ui/progress_tracker.rb +2 -1
data/lib/rex/ui/subscriber.rb +9 -8
data/lib/rex/ui/text/color.rb +1 -0
data/lib/rex/ui/text/color.rb.ut.rb +1 -0
data/lib/rex/ui/text/dispatcher_shell.rb +63 -23
data/lib/rex/ui/text/input.rb +1 -0
data/lib/rex/ui/text/input/buffer.rb +7 -6
data/lib/rex/ui/text/input/readline.rb +14 -13
data/lib/rex/ui/text/input/socket.rb +1 -0
data/lib/rex/ui/text/input/stdio.rb +2 -1
data/lib/rex/ui/text/irb_shell.rb +1 -0
data/lib/rex/ui/text/output.rb +1 -0
data/lib/rex/ui/text/output/buffer.rb +1 -0
data/lib/rex/ui/text/output/file.rb +1 -0
data/lib/rex/ui/text/output/socket.rb +1 -0
data/lib/rex/ui/text/output/stdio.rb +1 -0
data/lib/rex/ui/text/output/tee.rb +1 -0
data/lib/rex/ui/text/progress_tracker.rb +2 -1
data/lib/rex/ui/text/progress_tracker.rb.ut.rb +2 -1
data/lib/rex/ui/text/shell.rb +1 -0
data/lib/rex/ui/text/table.rb +20 -14
data/lib/rex/ui/text/table.rb.ut.rb +3 -2
data/lib/rex/zip.rb +1 -0
data/lib/rex/zip/archive.rb +2 -1
data/lib/rex/zip/blocks.rb +3 -2
data/lib/rex/zip/entry.rb +6 -7
data/lib/rex/zip/jar.rb +4 -3
data/lib/rex/zip/samples/comment.rb +1 -0
data/lib/rex/zip/samples/mkwar.rb +1 -0
data/lib/rex/zip/samples/mkzip.rb +1 -0
data/lib/rex/zip/samples/recursive.rb +1 -0
metadata +433 -435

data/lib/rex/parser/nexpose_simple_nokogiri.rb CHANGED

@@ -1,9 +1,10 @@
-require File.join(File.expand_path(File.dirname(__FILE__)),"nokogiri_doc_mixin")
+# -*- coding: binary -*-
+require "rex/parser/nokogiri_doc_mixin"
 module Rex
 	module Parser
-		# If Nokogiri is available, define Nexpose document class.
+		# If Nokogiri is available, define Nexpose document class.
 		load_nokogiri && class NexposeSimpleDocument < Nokogiri::XML::SAX::Document
 		include NokogiriDocMixin
@@ -81,7 +82,7 @@ module Rex
 		def report_vulns(host_object)
 			vuln_count = 0
 			block = @block
-			return unless host_object.kind_of? Msf::DBManager::Host
+			return unless host_object.kind_of? ::Mdm::Host
 			return unless @report_data[:vulns]
 			@report_data[:vulns].each do |vuln|
 				if vuln[:refs]
@@ -98,12 +99,12 @@ module Rex
 					:refs => vuln[:refs]
 				}
 				if vuln[:port] && vuln[:proto]
-					data[:port] = vuln[:port]
+					data[:port] = vuln[:port]
 					data[:proto] = vuln[:proto]
 				end
 				db_report(:vuln,data)
 			end
 		end
 		def collect_host_vuln_id
@@ -243,7 +244,7 @@ module Rex
 		end
 		def report_host_fingerprint(host_object)
-			return unless host_object.kind_of? ::Msf::DBManager::Host
+			return unless host_object.kind_of? ::Mdm::Host
 			return unless @report_data[:host_fingerprint].kind_of? Hash
 			@report_data[:host_fingerprint].reject! {|k,v| v.nil? || v.empty?}
 			return if @report_data[:host_fingerprint].empty?
@@ -312,7 +313,7 @@ module Rex
 		end
 		def report_services(host_object)
-			return unless host_object.kind_of? ::Msf::DBManager::Host
+			return unless host_object.kind_of? ::Mdm::Host
 			return unless @report_data[:ports]
 			return if @report_data[:ports].empty?
 			reported = []

data/lib/rex/parser/nexpose_xml.rb CHANGED

@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
 module Rex
 module Parser

data/lib/rex/parser/nmap_nokogiri.rb CHANGED

@@ -1,9 +1,10 @@
-require File.join(File.expand_path(File.dirname(__FILE__)),"nokogiri_doc_mixin")
+# -*- coding: binary -*-
+require "rex/parser/nokogiri_doc_mixin"
 module Rex
 	module Parser
-		# If Nokogiri is available, define Nmap document class.
+		# If Nokogiri is available, define Nmap document class.
 		load_nokogiri && class NmapDocument < Nokogiri::XML::SAX::Document
 		include NokogiriDocMixin
@@ -49,7 +50,7 @@ module Rex
 			when "hostname"
 				record_hostname(attrs)
 			when "port"
-				record_port(attrs)
+				record_port(attrs)
 			when "state"
 				record_port_state(attrs)
 			when "service"
@@ -73,16 +74,8 @@ module Rex
 				collect_os_data
 				@state[:os] = {}
 			when "port"
-				collect_port_data
+				collect_port_data
 				@state[:port] = {}
-			when "script"
-				if in_tag("host")
-					if in_tag("port")
-						@state[:portscripts] = {}
-					else
-						@state[:hostscripts] = {}
-					end
-				end
 			when "host" # Roll everything up now
 				collect_host_data
 				host_object = report_host &block
@@ -126,6 +119,7 @@ module Rex
 			return unless in_tag("os")
 			temp_hash = attr_hash(attrs)
 			if temp_hash["accuracy"].to_i == 100
+				@state[:os] ||= {}
 				@state[:os]["osmatch"] = temp_hash["name"]
 			end
 		end
@@ -151,21 +145,21 @@ module Rex
 			return unless in_tag("host")
 			return if in_tag("port")
 			temp_hash = attr_hash(attrs)
-			@state[:hostscripts] ||= {}
-			@state[:hostscripts].merge! temp_hash
-			temp_hash[:addresses] = @state[:addresses]
-			db.emit(:host_script,temp_hash,&block) if block
+			if temp_hash["id"] and temp_hash["output"]
+				@state[:scripts] ||= []
+				@state[:scripts] << { temp_hash["id"] => temp_hash["output"] }
+			end
 		end
 		def record_port_script(attrs)
 			return unless in_tag("host")
 			return unless in_tag("port")
 			temp_hash = attr_hash(attrs)
-			@state[:portscripts] ||= {}
-			@state[:portscripts].merge! temp_hash
-			temp_hash[:addresses] = @state[:addresses]
-			temp_hash[:port] = @state[:port]
-			db.emit(:port_script,temp_hash,&block) if block
+			if temp_hash["id"] and temp_hash["output"]
+				@state[:port][:scripts] ||= []
+				@state[:port][:scripts] << { temp_hash["id"] => temp_hash["output"] }
+			end
 		end
 		def record_port_service(attrs)
@@ -196,7 +190,7 @@ module Rex
 			return unless in_tag("host")
 			attrs.each do |k,v|
 				next unless k == "state"
-				@state[:host_alive] = (v == "up")
+				@state[:host_alive] = (v == "up")
 			end
 		end
@@ -234,12 +228,12 @@ module Rex
 		end
 		def collect_host_data
-			if @state[:host_alive]
+			if @state[:host_alive]
 				@report_data[:state] = Msf::HostState::Alive
 			else
 				@report_data[:state] = Msf::HostState::Dead
 			end
-			if @state[:addresses]
+			if @state[:addresses]
 				if @state[:addresses].has_key? "ipv4"
 					@report_data[:host] = @state[:addresses]["ipv4"]
 				elsif @state[:addresses].has_key? "ipv6"
@@ -258,6 +252,9 @@ module Rex
 			if @state[:trace] and @state[:trace].has_key?(:hops)
 				@report_data[:traceroute] = @state[:trace]
 			end
+			if @state[:scripts]
+				@report_data[:scripts] = @state[:scripts]
+			end
 		end
 		def collect_port_data
@@ -288,6 +285,8 @@ module Rex
 					extra[1] = v
 				when "extrainfo"
 					extra[2] = v
+				when :scripts
+					port_hash[:scripts] = v
 				end
 			end
 			port_hash[:info] = extra.compact.join(" ") unless extra.empty?
@@ -301,7 +300,7 @@ module Rex
 		end
 		def report_traceroute(host_object)
-			return unless host_object.kind_of? ::Msf::DBManager::Host
+			return unless host_object.kind_of? ::Mdm::Host
 			return unless @report_data[:traceroute]
 			tr_note = {
 				:workspace => host_object.workspace,
@@ -309,25 +308,25 @@ module Rex
 				:type => "host.nmap.traceroute",
 				:data => { 'port' => @report_data[:traceroute]["port"].to_i,
 					'proto' => @report_data[:traceroute]["proto"].to_s,
-					'hops' => @report_data[:traceroute][:hops] }
+					'hops' => @report_data[:traceroute][:hops] }
 			}
 			db_report(:note, tr_note)
 		end
 		def report_uptime(host_object)
-			return unless host_object.kind_of? ::Msf::DBManager::Host
+			return unless host_object.kind_of? ::Mdm::Host
 			return unless @report_data[:last_boot]
 			up_note = {
 				:workspace => host_object.workspace,
 				:host => host_object,
 				:type => "host.last_boot",
-				:data => { :time => @report_data[:last_boot] }
+				:data => { :time => @report_data[:last_boot] }
 			}
 			db_report(:note, up_note)
 		end
 		def report_fingerprint(host_object)
-			return unless host_object.kind_of? ::Msf::DBManager::Host
+			return unless host_object.kind_of? ::Mdm::Host
 			return unless @report_data[:os_fingerprint]
 			fp_note = @report_data[:os_fingerprint].merge(
 				{
@@ -339,20 +338,51 @@ module Rex
 		def report_host(&block)
 			if host_is_okay
-				host_object = db_report(:host, @report_data.merge(
-					:workspace => @args[:wspace] ) )
+				scripts = @report_data.delete(:scripts) || []
+				host_object = db_report(:host, @report_data.merge( :workspace => @args[:wspace] ) )
 				db.emit(:address,@report_data[:host],&block) if block
+				scripts.each do |script|
+					script.each_pair do |k,v|
+						ntype =
+						nse_note = {
+							:workspace => host_object.workspace,
+							:host => host_object,
+							:type => "nmap.nse.#{k}.host",
+							:data => { 'output' => v },
+							:update => :unique_data
+						}
+						db_report(:note, nse_note)
+					end
+				end
 				host_object
 			end
 		end
 		def report_services(host_object,&block)
-			return unless host_object.kind_of? ::Msf::DBManager::Host
+			return unless host_object.kind_of? ::Mdm::Host
 			return unless @report_data[:ports]
 			return if @report_data[:ports].empty?
 			reported = []
 			@report_data[:ports].each do |svc|
-				reported << db_report(:service, svc.merge(:host => host_object))
+				scripts = svc.delete(:scripts) || []
+				svc_obj = db_report(:service, svc.merge(:host => host_object))
+				scripts.each do |script|
+					script.each_pair do |k,v|
+						ntype =
+						nse_note = {
+							:workspace => host_object.workspace,
+							:host => host_object,
+							:service => svc_obj,
+							:type => "nmap.nse.#{k}." + (svc[:proto] || "tcp") +".#{svc[:port]}",
+							:data => { 'output' => v },
+							:update => :unique_data
+						}
+						db_report(:note, nse_note)
+					end
+				end
+				reported << svc_obj
 			end
 			reported
 		end

data/lib/rex/parser/nmap_xml.rb CHANGED

@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
 require 'rexml/document'

data/lib/rex/parser/nokogiri_doc_mixin.rb CHANGED

@@ -1,3 +1,4 @@
+# -*- coding: binary -*-
 module Rex
 	module Parser
@@ -49,6 +50,7 @@ module Parser
 			@state[:current_tag] = {}
 			@block = block if block
 			@report_data = {:wspace => args[:wspace]}
+			@nx_console_id = args[:nx_console_id]
 			super()
 		end
@@ -70,13 +72,26 @@ module Parser
 			return if ref_type.nil? || ref_type.empty? || ref_value.nil? || ref_value.empty?
 			ref_value = ref_value.strip
 			ref_type = ref_type.strip.upcase
 			ret = case ref_type
-				when "CVE"
+				when "CVE"
 					ref_value.gsub("CAN", "CVE")
-				when "MS"
-					"MSB-MS-#{ref_value}"
+				when "MS"
+					if ref_value =~ /^MS[0-9]/
+						"MSB-#{ref_value}"
+					else
+						"MSB-MS#{ref_value}"
+					end
 				when "URL", "BID"
 					"#{ref_type}-#{ref_value}"
+				when "APPLE"
+					ref_value
+				when "XF"
+					if ref_value =~ /\((\d+)\)$/
+						"#{ref_type}-#{$1}"
+					else
+						"#{ref_type}-#{ref_value}"
+					end
 				else # Handle others?
 					"#{ref_type}-#{ref_value}"
 				end
@@ -87,6 +102,7 @@ module Parser
 			return [] unless orig_refs
 			refs = []
 			orig_refs.each do |ref_hash|
 				ref_hash_sym = Hash[ref_hash.map {|k, v| [k.to_sym, v] }]
 				ref_type = ref_hash_sym[:source].to_s.strip.upcase
 				ref_value = ref_hash_sym[:value].to_s.strip
@@ -99,7 +115,7 @@ module Parser
 			@state[:current_tag].keys.include? tagname
 		end
-		# If there's an address, it's not on the blacklist,
+		# If there's an address, it's not on the blacklist,
 		# it has ports, and the port list isn't
 		# empty... it's okay.
 		def host_is_okay
@@ -120,7 +136,7 @@ module Parser
 		end
 		# Circumvent the unknown attribute logging by the various reporters. They
-		# seem to be there just for debugging anyway.
+		# seem to be there just for debugging anyway.
 		def db_report(table, data)
 			raise "Data should be a hash" unless data.kind_of? Hash
 			nonempty_data = data.reject {|k,v| v.nil?}
@@ -135,21 +151,25 @@ module Parser
 			just_the_facts.empty? ? return : db.send("report_#{table}", just_the_facts)
 		end
-		# XXX: It would be better to either have a single registry of acceptable
-		# keys if we're going to alert on bad ones, or to be more forgiving if
-		# the caller is this thing. There is basically no way to tell if
+		# XXX: It would be better to either have a single registry of acceptable
+		# keys if we're going to alert on bad ones, or to be more forgiving if
+		# the caller is this thing. There is basically no way to tell if
 		# report_host()'s tastes are going to change with this scheme.
 		def db_valid_attributes(table)
 			case table.to_s.to_sym
 			when :host
-				Msf::DBManager::Host.new.attribute_names.map {|x| x.to_sym} |
+				::Mdm::Host.new.attribute_names.map {|x| x.to_sym} |
 					[:host, :workspace]
 			when :service
-				Msf::DBManager::Service.new.attribute_names.map {|x| x.to_sym} |
+				::Mdm::Service.new.attribute_names.map {|x| x.to_sym} |
 					[:host, :host_name, :mac, :workspace]
 			when :vuln
-				Msf::DBManager::Vuln.new.attribute_names.map {|x| x.to_sym} |
-					[:host, :refs, :workspace, :port, :proto]
+				::Mdm::Vuln.new.attribute_names.map {|x| x.to_sym} |
+					[:host, :refs, :workspace, :port, :proto, :details, :exploited_at]
+			when :vuln_details
+				::Mdm::VulnDetails.new.attribute_names.map {|x| x.to_sym} | [ :key ]
+			when :host_details
+				::Mdm::HostDetails.new.attribute_names.map {|x| x.to_sym} | [ :key ]
 			when :note, :web_site, :web_page, :web_form, :web_vuln
 				# These guys don't complain
 				[:anything]
@@ -159,7 +179,7 @@ module Parser
 		end
 		# Nokogiri 1.4.4 (and presumably beyond) generates attrs as pairs,
-		# like [["value1","foo"],["value2","bar"]] (but not hashes for some
+		# like [["value1","foo"],["value2","bar"]] (but not hashes for some
 		# reason). 1.4.3.1 (and presumably 1.4.3.x and prior) generates attrs
 		# as a flat array of strings. We want array_pairs.
 		def normalize_attrs(attrs)
@@ -168,7 +188,7 @@ module Parser
 			when Array, NilClass
 				attr_pairs = attrs
 			when String
-				attrs.each_index {|i|
+				attrs.each_index {|i|
 					next if i % 2 == 0
 					attr_pairs << [attrs[i-1],attrs[i]]
 				}
@@ -199,7 +219,7 @@ module Parser
 			return unless @report_type_ok
 			unless @state[:current_tag].empty?
 				missing_ends = @state[:current_tag].keys.map {|x| "'#{x}'"}.join(", ")
-				msg = "Warning, the provided file is incomplete, and there may be missing\n"
+	l			msg = "Warning, the provided file is incomplete, and there may be missing\n"
 				msg << "data. The following tags were not closed: #{missing_ends}."
 				db.emit(:warning,msg,&block) if block
 			end

data/lib/rex/parser/openvas_nokogiri.rb ADDED

@@ -0,0 +1,172 @@
+# -*- coding: binary -*-
+require "rex/parser/nokogiri_doc_mixin"
+module Rex
+module Parser
+	# If Nokogiri is available, define OpenVAS document class.
+	load_nokogiri && class OpenVASDocument < Nokogiri::XML::SAX::Document
+	include NokogiriDocMixin
+	# ourselves with the @state variable, turning things on when we
+	# get here (and turning things off when we exit in end_element()).
+	def start_element(name=nil,attrs=[])
+		attrs = normalize_attrs(attrs)
+		block = @block
+		@state[:current_tag][name] = true
+		case name
+		when "host"
+			@state[:has_text] = true
+		end
+	end
+	# When we exit a tag, this is triggered.
+	def end_element(name=nil)
+		block = @block
+		case name
+		when "name"
+			return if not in_tag("result")
+			@state[:has_text] = true
+			@state[:vuln_name] = @text.strip if @text
+			@text = nil
+		when "description"
+			@state[:has_text] = true
+			@state[:vuln_desc] = @text.strip if @text
+			@text = nil
+		when "bid"
+			return if not in_tag("result")
+			return if not in_tag("nvt")
+			@state[:has_text] = true
+			@state[:bid] = @text.strip if @text
+			@text = nil
+		when "cve"
+			return if not in_tag("result")
+			return if not in_tag("nvt")
+			@state[:has_text] = true
+			@state[:cves] = @text.strip if @text
+			@text = nil
+		when "risk_factor"
+			return if not in_tag("result")
+			return if not in_tag("nvt")
+			#we do this to clean out the buffer so to speak
+			#if we don't set text to nil now, the text will show up later
+			@state[:has_text] = true
+			@text = nil
+		when "cvss_base"
+			return if not in_tag("result")
+			return if not in_tag("nvt")
+			@state[:has_text] = true
+			@text = nil
+		when "subnet"
+			@state[:has_text] = true
+			@text = nil
+		when "result"
+			return if not in_tag("results")
+			record_vuln
+		when "threat"
+			return if not in_tag("ports")
+			return if not in_tag("port")
+			@state[:has_text] = true
+			if not @text.index('(')
+				@state[:name] = nil
+				@state[:port] = nil
+				@state[:proto] = nil
+				@text = nil
+				return
+			end
+			@state[:name] = @text.split(' ')[0] if @text
+			@state[:port] = @text.split('(')[1].split('/')[0] if @text
+			@state[:proto] = @text.split('(')[1].split('/')[1].split(')')[0] if @text
+			@text = nil
+		when "host"
+			if in_tag('result')
+				@state[:has_text] = true
+				@state[:host] = @text.strip if @text
+				@text = nil
+			elsif in_tag('ports')
+				return if not in_tag('port')
+				@state[:has_text] = true
+				@state[:host] = @text.strip if @text
+				@text = nil
+			end
+		when "port"
+			if in_tag('result')
+				@state[:has_text] = true
+				if not @text.index('(')
+					@state[:proto] = nil
+					@state[:port] = nil
+					@text = nil
+					return
+				end
+				@state[:proto] = @text.split('(')[0].strip if @text
+				@state[:port] = @text.split('(')[1].split('/')[0].gsub(/\)/, '') if @text
+				@text = nil
+			elsif in_tag('ports')
+				record_service
+			end
+		when "name"
+			return if not in_tag("result")
+			@state[:has_text] = true
+			@text = nil
+		end
+		@state[:current_tag].delete name
+	end
+	def record_vuln
+		if (@state[:cves] and @state[:cves] == "NOCVE")  and (@state[:bid] and @state[:bid] == "NOBID")
+			return
+		end
+		if @state[:cves] and @state[:cves] != "NOCVE" and !@state[:cves].empty?
+			@state[:cves].split(',').each do |cve|
+				vuln_info = {}
+				vuln_info[:host] = @state[:host]
+				vuln_info[:refs] = normalize_references([{ :source => "CVE", :value => cve}])
+				vuln_info[:name] = @state[:vuln_name]
+				vuln_info[:info] = @state[:vuln_desc]
+				vuln_info[:port] = @state[:port]
+				vuln_info[:proto] = @state[:proto]
+				db_report(:vuln, vuln_info)
+			end
+		end
+		if @state[:bid] and @state[:bid] != "NOBID" and !@state[:bid].empty?
+			@state[:bid].split(',').each do |bid|
+				vuln_info = {}
+				vuln_info[:host] = @state[:host]
+				vuln_info[:refs] = normalize_references([{ :source => "BID", :value => bid}])
+				vuln_info[:name] = @state[:vuln_name]
+				vuln_info[:info] = @state[:vuln_desc]
+				vuln_info[:port] = @state[:port]
+				vuln_info[:proto] = @state[:proto]
+				db_report(:vuln, vuln_info)
+			end
+		end
+	end
+	def record_service
+		return if not @state[:name]
+		service_info = {}
+		service_info[:host] = @state[:host]
+		service_info[:name] = @state[:name]
+		service_info[:port] = @state[:port]
+		service_info[:proto] = @state[:proto]
+		db_report(:service, service_info)
+		host_info = {}
+		host_info[:host] = @state[:host]
+		db_report(:host, host_info)
+	end
+end
+end
+end