librex 0.0.65 → 0.0.66
Sign up to get free protection for your applications and to get access to all the features.
- data/README.markdown +1 -1
- data/lib/rex/arch.rb +1 -0
- data/lib/rex/arch/sparc.rb +16 -15
- data/lib/rex/arch/sparc.rb.ut.rb +2 -1
- data/lib/rex/arch/x86.rb +1 -0
- data/lib/rex/arch/x86.rb.ut.rb +2 -1
- data/lib/rex/assembly/nasm.rb +1 -0
- data/lib/rex/assembly/nasm.rb.ut.rb +2 -1
- data/lib/rex/compat.rb +13 -0
- data/lib/rex/constants.rb +5 -4
- data/lib/rex/elfparsey.rb +3 -2
- data/lib/rex/elfparsey/elf.rb +2 -1
- data/lib/rex/elfparsey/elfbase.rb +8 -7
- data/lib/rex/elfparsey/exceptions.rb +3 -2
- data/lib/rex/elfscan.rb +3 -2
- data/lib/rex/elfscan/scanner.rb +2 -1
- data/lib/rex/elfscan/search.rb +2 -1
- data/lib/rex/encoder/alpha2.rb +2 -1
- data/lib/rex/encoder/alpha2/alpha_mixed.rb +3 -2
- data/lib/rex/encoder/alpha2/alpha_upper.rb +5 -4
- data/lib/rex/encoder/alpha2/generic.rb +37 -60
- data/lib/rex/encoder/alpha2/unicode_mixed.rb +4 -9
- data/lib/rex/encoder/alpha2/unicode_upper.rb +4 -9
- data/lib/rex/encoder/ndr.rb +1 -0
- data/lib/rex/encoder/ndr.rb.ut.rb +2 -1
- data/lib/rex/encoder/nonalpha.rb +1 -0
- data/lib/rex/encoder/nonupper.rb +1 -0
- data/lib/rex/encoder/xdr.rb +9 -8
- data/lib/rex/encoder/xdr.rb.ut.rb +2 -1
- data/lib/rex/encoder/xor.rb +1 -0
- data/lib/rex/encoder/xor/dword.rb +2 -1
- data/lib/rex/encoder/xor/dword_additive.rb +2 -1
- data/lib/rex/encoders/xor_dword.rb +1 -0
- data/lib/rex/encoders/xor_dword_additive.rb +2 -1
- data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +2 -1
- data/lib/rex/encoding/xor.rb +2 -1
- data/lib/rex/encoding/xor.rb.ts.rb +2 -1
- data/lib/rex/encoding/xor/byte.rb +2 -1
- data/lib/rex/encoding/xor/byte.rb.ut.rb +2 -1
- data/lib/rex/encoding/xor/dword.rb +2 -1
- data/lib/rex/encoding/xor/dword.rb.ut.rb +2 -1
- data/lib/rex/encoding/xor/dword_additive.rb +1 -0
- data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +2 -1
- data/lib/rex/encoding/xor/exceptions.rb +1 -0
- data/lib/rex/encoding/xor/generic.rb +1 -0
- data/lib/rex/encoding/xor/generic.rb.ut.rb +2 -1
- data/lib/rex/encoding/xor/qword.rb +2 -1
- data/lib/rex/encoding/xor/word.rb +2 -1
- data/lib/rex/encoding/xor/word.rb.ut.rb +2 -1
- data/lib/rex/exceptions.rb +1 -0
- data/lib/rex/exceptions.rb.ut.rb +2 -1
- data/lib/rex/exploitation/cmdstager.rb +2 -1
- data/lib/rex/exploitation/cmdstager/base.rb +1 -0
- data/lib/rex/exploitation/cmdstager/debug_asm.rb +2 -1
- data/lib/rex/exploitation/cmdstager/debug_write.rb +2 -1
- data/lib/rex/exploitation/cmdstager/tftp.rb +2 -1
- data/lib/rex/exploitation/cmdstager/vbs.rb +2 -1
- data/lib/rex/exploitation/egghunter.rb +12 -11
- data/lib/rex/exploitation/egghunter.rb.ut.rb +2 -1
- data/lib/rex/exploitation/encryptjs.rb +1 -0
- data/lib/rex/exploitation/heaplib.rb +1 -0
- data/lib/rex/exploitation/javascriptosdetect.js +1014 -0
- data/lib/rex/exploitation/javascriptosdetect.rb +4 -857
- data/lib/rex/exploitation/jsobfu.rb +2 -1
- data/lib/rex/exploitation/obfuscatejs.rb +1 -0
- data/lib/rex/exploitation/omelet.rb +1 -0
- data/lib/rex/exploitation/omelet.rb.ut.rb +1 -0
- data/lib/rex/exploitation/opcodedb.rb +12 -11
- data/lib/rex/exploitation/opcodedb.rb.ut.rb +2 -1
- data/lib/rex/exploitation/seh.rb +3 -2
- data/lib/rex/exploitation/seh.rb.ut.rb +2 -1
- data/lib/rex/file.rb +4 -3
- data/lib/rex/file.rb.ut.rb +2 -1
- data/lib/rex/image_source.rb +3 -2
- data/lib/rex/image_source/disk.rb +3 -2
- data/lib/rex/image_source/image_source.rb +3 -2
- data/lib/rex/image_source/memory.rb +3 -2
- data/lib/rex/io/bidirectional_pipe.rb +1 -0
- data/lib/rex/io/datagram_abstraction.rb +2 -1
- data/lib/rex/io/ring_buffer.rb +49 -44
- data/lib/rex/io/ring_buffer.rb.ut.rb +4 -3
- data/lib/rex/io/stream.rb +1 -0
- data/lib/rex/io/stream_abstraction.rb +1 -0
- data/lib/rex/io/stream_server.rb +1 -0
- data/lib/rex/job_container.rb +1 -0
- data/lib/rex/logging.rb +2 -1
- data/lib/rex/logging/log_dispatcher.rb +5 -4
- data/lib/rex/logging/log_sink.rb +2 -1
- data/lib/rex/logging/sinks/flatfile.rb +4 -3
- data/lib/rex/logging/sinks/stderr.rb +2 -1
- data/lib/rex/machparsey.rb +2 -1
- data/lib/rex/machparsey/exceptions.rb +2 -1
- data/lib/rex/machparsey/mach.rb +20 -19
- data/lib/rex/machparsey/machbase.rb +27 -26
- data/lib/rex/machscan.rb +2 -1
- data/lib/rex/machscan/scanner.rb +1 -0
- data/lib/rex/mime.rb +2 -1
- data/lib/rex/mime/header.rb +1 -0
- data/lib/rex/mime/message.rb +4 -1
- data/lib/rex/mime/part.rb +2 -1
- data/lib/rex/nop/opty2.rb +2 -1
- data/lib/rex/nop/opty2.rb.ut.rb +2 -1
- data/lib/rex/nop/opty2_tables.rb +1 -0
- data/lib/rex/ole.rb +3 -2
- data/lib/rex/ole/clsid.rb +3 -2
- data/lib/rex/ole/difat.rb +3 -2
- data/lib/rex/ole/directory.rb +3 -2
- data/lib/rex/ole/direntry.rb +3 -2
- data/lib/rex/ole/fat.rb +3 -2
- data/lib/rex/ole/header.rb +3 -2
- data/lib/rex/ole/minifat.rb +3 -2
- data/lib/rex/ole/propset.rb +4 -3
- data/lib/rex/ole/samples/create_ole.rb +1 -0
- data/lib/rex/ole/samples/dir.rb +1 -0
- data/lib/rex/ole/samples/dump_stream.rb +1 -0
- data/lib/rex/ole/samples/ole_info.rb +1 -0
- data/lib/rex/ole/storage.rb +3 -2
- data/lib/rex/ole/stream.rb +3 -2
- data/lib/rex/ole/substorage.rb +3 -2
- data/lib/rex/ole/util.rb +3 -2
- data/lib/rex/parser/acunetix_nokogiri.rb +13 -12
- data/lib/rex/parser/apple_backup_manifestdb.rb +20 -19
- data/lib/rex/parser/appscan_nokogiri.rb +17 -16
- data/lib/rex/parser/arguments.rb +2 -1
- data/lib/rex/parser/arguments.rb.ut.rb +2 -1
- data/lib/rex/parser/burp_session_nokogiri.rb +8 -7
- data/lib/rex/parser/ci_nokogiri.rb +4 -3
- data/lib/rex/parser/foundstone_nokogiri.rb +18 -17
- data/lib/rex/parser/fusionvm_nokogiri.rb +109 -0
- data/lib/rex/parser/ini.rb +1 -0
- data/lib/rex/parser/ini.rb.ut.rb +2 -1
- data/lib/rex/parser/ip360_aspl_xml.rb +1 -0
- data/lib/rex/parser/ip360_xml.rb +4 -3
- data/lib/rex/parser/mbsa_nokogiri.rb +8 -7
- data/lib/rex/parser/nessus_xml.rb +3 -2
- data/lib/rex/parser/netsparker_xml.rb +10 -9
- data/lib/rex/parser/nexpose_raw_nokogiri.rb +372 -52
- data/lib/rex/parser/nexpose_simple_nokogiri.rb +8 -7
- data/lib/rex/parser/nexpose_xml.rb +1 -0
- data/lib/rex/parser/nmap_nokogiri.rb +63 -33
- data/lib/rex/parser/nmap_xml.rb +1 -0
- data/lib/rex/parser/nokogiri_doc_mixin.rb +35 -15
- data/lib/rex/parser/openvas_nokogiri.rb +172 -0
- data/lib/rex/parser/retina_xml.rb +1 -0
- data/lib/rex/parser/wapiti_nokogiri.rb +105 -0
- data/lib/rex/payloads.rb +2 -1
- data/lib/rex/payloads/win32.rb +2 -1
- data/lib/rex/payloads/win32/common.rb +2 -1
- data/lib/rex/payloads/win32/kernel.rb +2 -1
- data/lib/rex/payloads/win32/kernel/common.rb +4 -3
- data/lib/rex/payloads/win32/kernel/migration.rb +2 -1
- data/lib/rex/payloads/win32/kernel/recovery.rb +2 -1
- data/lib/rex/payloads/win32/kernel/stager.rb +21 -20
- data/lib/rex/peparsey.rb +3 -2
- data/lib/rex/peparsey/exceptions.rb +2 -1
- data/lib/rex/peparsey/pe.rb +3 -2
- data/lib/rex/peparsey/pe_memdump.rb +2 -1
- data/lib/rex/peparsey/pebase.rb +2 -1
- data/lib/rex/peparsey/section.rb +2 -1
- data/lib/rex/pescan.rb +3 -2
- data/lib/rex/pescan/analyze.rb +1 -0
- data/lib/rex/pescan/scanner.rb +1 -0
- data/lib/rex/pescan/search.rb +1 -0
- data/lib/rex/platforms.rb +2 -1
- data/lib/rex/platforms/windows.rb +2 -1
- data/lib/rex/poly.rb +2 -1
- data/lib/rex/poly/block.rb +16 -15
- data/lib/rex/poly/register.rb +2 -1
- data/lib/rex/poly/register/x86.rb +2 -1
- data/lib/rex/post.rb +2 -2
- data/lib/rex/post/dir.rb +2 -1
- data/lib/rex/post/file.rb +1 -0
- data/lib/rex/post/file_stat.rb +1 -0
- data/lib/rex/post/io.rb +2 -1
- data/lib/rex/post/meterpreter.rb +2 -1
- data/lib/rex/post/meterpreter/channel.rb +1 -0
- data/lib/rex/post/meterpreter/channel_container.rb +2 -1
- data/lib/rex/post/meterpreter/channels/pool.rb +1 -0
- data/lib/rex/post/meterpreter/channels/pools/file.rb +1 -0
- data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +3 -2
- data/lib/rex/post/meterpreter/channels/stream.rb +1 -0
- data/lib/rex/post/meterpreter/client.rb +23 -1
- data/lib/rex/post/meterpreter/client_core.rb +10 -5
- data/lib/rex/post/meterpreter/dependencies.rb +2 -1
- data/lib/rex/post/meterpreter/extension.rb +2 -1
- data/lib/rex/post/meterpreter/extensions/espia/espia.rb +7 -6
- data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +2 -1
- data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +5 -4
- data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +2 -1
- data/lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +7 -6
- data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/priv/fs.rb +2 -1
- data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +2 -1
- data/lib/rex/post/meterpreter/extensions/priv/priv.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +2 -1
- data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +28 -11
- data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +6 -5
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +3 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +2 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +39 -5
- data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +75 -18
- data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +18 -6
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb +4 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +12 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +7 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb.ut.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb.ut.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb +23 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb.ut.rb +29 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +10 -5
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb.ut.rb +9 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb +106 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb.ut.rb +128 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +27 -6
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb +21 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +2 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +43 -4
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +2 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +1 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +7 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +14 -13
- data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +1 -0
- data/lib/rex/post/meterpreter/inbound_packet_handler.rb +2 -1
- data/lib/rex/post/meterpreter/object_aliases.rb +6 -5
- data/lib/rex/post/meterpreter/packet.rb +26 -6
- data/lib/rex/post/meterpreter/packet_dispatcher.rb +1 -0
- data/lib/rex/post/meterpreter/packet_parser.rb +1 -0
- data/lib/rex/post/meterpreter/packet_response_waiter.rb +1 -0
- data/lib/rex/post/meterpreter/ui/console.rb +1 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +1 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +103 -28
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +1 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +1 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +1 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +3 -2
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +12 -11
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +2 -1
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +2 -1
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +53 -36
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +3 -2
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +87 -44
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +80 -18
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +77 -48
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +72 -41
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +24 -5
- data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +2 -1
- data/lib/rex/post/permission.rb +2 -1
- data/lib/rex/post/process.rb +2 -1
- data/lib/rex/post/thread.rb +2 -1
- data/lib/rex/post/ui.rb +2 -1
- data/lib/rex/proto.rb +1 -0
- data/lib/rex/proto.rb.ts.rb +2 -1
- data/lib/rex/proto/dcerpc.rb +2 -1
- data/lib/rex/proto/dcerpc.rb.ts.rb +2 -1
- data/lib/rex/proto/dcerpc/client.rb +1 -0
- data/lib/rex/proto/dcerpc/client.rb.ut.rb +1 -0
- data/lib/rex/proto/dcerpc/exceptions.rb +2 -1
- data/lib/rex/proto/dcerpc/handle.rb +1 -0
- data/lib/rex/proto/dcerpc/handle.rb.ut.rb +2 -1
- data/lib/rex/proto/dcerpc/ndr.rb +2 -1
- data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +2 -1
- data/lib/rex/proto/dcerpc/packet.rb +52 -45
- data/lib/rex/proto/dcerpc/packet.rb.ut.rb +12 -11
- data/lib/rex/proto/dcerpc/response.rb +1 -0
- data/lib/rex/proto/dcerpc/response.rb.ut.rb +2 -1
- data/lib/rex/proto/dcerpc/uuid.rb +13 -12
- data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +2 -1
- data/lib/rex/proto/dhcp.rb +2 -1
- data/lib/rex/proto/dhcp/constants.rb +2 -1
- data/lib/rex/proto/dhcp/server.rb +4 -3
- data/lib/rex/proto/drda.rb +1 -0
- data/lib/rex/proto/drda.rb.ts.rb +1 -0
- data/lib/rex/proto/drda/constants.rb +1 -0
- data/lib/rex/proto/drda/constants.rb.ut.rb +1 -0
- data/lib/rex/proto/drda/packet.rb +11 -10
- data/lib/rex/proto/drda/packet.rb.ut.rb +5 -4
- data/lib/rex/proto/drda/utils.rb +4 -3
- data/lib/rex/proto/drda/utils.rb.ut.rb +3 -2
- data/lib/rex/proto/http.rb +2 -1
- data/lib/rex/proto/http.rb.ts.rb +2 -1
- data/lib/rex/proto/http/client.rb +29 -5
- data/lib/rex/proto/http/client.rb.ut.rb +1 -0
- data/lib/rex/proto/http/handler.rb +2 -1
- data/lib/rex/proto/http/handler/erb.rb +5 -4
- data/lib/rex/proto/http/handler/erb.rb.ut.rb +2 -1
- data/lib/rex/proto/http/handler/proc.rb +1 -0
- data/lib/rex/proto/http/handler/proc.rb.ut.rb +2 -1
- data/lib/rex/proto/http/header.rb +3 -3
- data/lib/rex/proto/http/header.rb.ut.rb +2 -1
- data/lib/rex/proto/http/packet.rb +1 -0
- data/lib/rex/proto/http/packet.rb.ut.rb +15 -14
- data/lib/rex/proto/http/request.rb +23 -22
- data/lib/rex/proto/http/request.rb.ut.rb +2 -1
- data/lib/rex/proto/http/response.rb +6 -5
- data/lib/rex/proto/http/response.rb.ut.rb +7 -6
- data/lib/rex/proto/http/server.rb +1 -0
- data/lib/rex/proto/http/server.rb.ut.rb +6 -5
- data/lib/rex/proto/iax2.rb +1 -0
- data/lib/rex/proto/iax2/call.rb +48 -47
- data/lib/rex/proto/iax2/client.rb +23 -22
- data/lib/rex/proto/iax2/codecs.rb +1 -0
- data/lib/rex/proto/iax2/codecs/alaw.rb +1 -0
- data/lib/rex/proto/iax2/codecs/g711.rb +4 -3
- data/lib/rex/proto/iax2/codecs/mulaw.rb +1 -0
- data/lib/rex/proto/iax2/constants.rb +1 -0
- data/lib/rex/proto/natpmp.rb +11 -0
- data/lib/rex/proto/natpmp/constants.rb +19 -0
- data/lib/rex/proto/natpmp/packet.rb +45 -0
- data/lib/rex/proto/ntlm.rb +1 -0
- data/lib/rex/proto/ntlm.rb.ut.rb +1 -0
- data/lib/rex/proto/ntlm/base.rb +38 -37
- data/lib/rex/proto/ntlm/constants.rb +1 -0
- data/lib/rex/proto/ntlm/crypt.rb +45 -44
- data/lib/rex/proto/ntlm/exceptions.rb +1 -0
- data/lib/rex/proto/ntlm/message.rb +30 -29
- data/lib/rex/proto/ntlm/utils.rb +116 -115
- data/lib/rex/proto/proxy/socks4a.rb +1 -0
- data/lib/rex/proto/rfb.rb +1 -0
- data/lib/rex/proto/rfb.rb.ut.rb +1 -0
- data/lib/rex/proto/rfb/cipher.rb +1 -0
- data/lib/rex/proto/rfb/client.rb +1 -0
- data/lib/rex/proto/rfb/constants.rb +1 -0
- data/lib/rex/proto/smb.rb +2 -1
- data/lib/rex/proto/smb.rb.ts.rb +2 -1
- data/lib/rex/proto/smb/client.rb +23 -22
- data/lib/rex/proto/smb/client.rb.ut.rb +1 -0
- data/lib/rex/proto/smb/constants.rb +1 -0
- data/lib/rex/proto/smb/constants.rb.ut.rb +2 -1
- data/lib/rex/proto/smb/crypt.rb +3 -2
- data/lib/rex/proto/smb/evasions.rb +1 -0
- data/lib/rex/proto/smb/exceptions.rb +6 -5
- data/lib/rex/proto/smb/simpleclient.rb +1 -0
- data/lib/rex/proto/smb/simpleclient.rb.ut.rb +1 -0
- data/lib/rex/proto/smb/utils.rb +1 -0
- data/lib/rex/proto/smb/utils.rb.ut.rb +2 -1
- data/lib/rex/proto/sunrpc.rb +1 -0
- data/lib/rex/proto/sunrpc/client.rb +1 -0
- data/lib/rex/proto/tftp.rb +3 -1
- data/lib/rex/proto/tftp/client.rb +344 -0
- data/lib/rex/proto/tftp/constants.rb +2 -1
- data/lib/rex/proto/tftp/server.rb +2 -1
- data/lib/rex/proto/tftp/server.rb.ut.rb +3 -2
- data/lib/rex/registry.rb +14 -0
- data/lib/rex/registry/hive.rb +132 -0
- data/lib/rex/registry/lfkey.rb +51 -0
- data/lib/rex/registry/nodekey.rb +54 -0
- data/lib/rex/registry/regf.rb +25 -0
- data/lib/rex/registry/valuekey.rb +67 -0
- data/lib/rex/registry/valuelist.rb +29 -0
- data/lib/rex/ropbuilder.rb +2 -1
- data/lib/rex/ropbuilder/rop.rb +3 -2
- data/lib/rex/script.rb +1 -0
- data/lib/rex/script/base.rb +1 -0
- data/lib/rex/script/meterpreter.rb +1 -0
- data/lib/rex/script/shell.rb +1 -0
- data/lib/rex/service.rb +2 -1
- data/lib/rex/service_manager.rb +6 -5
- data/lib/rex/service_manager.rb.ut.rb +2 -1
- data/lib/rex/services/local_relay.rb +1 -0
- data/lib/rex/socket.rb +72 -36
- data/lib/rex/socket.rb.ut.rb +1 -0
- data/lib/rex/socket/comm.rb +1 -0
- data/lib/rex/socket/comm/local.rb +60 -13
- data/lib/rex/socket/comm/local.rb.ut.rb +2 -1
- data/lib/rex/socket/ip.rb +1 -0
- data/lib/rex/socket/parameters.rb +15 -14
- data/lib/rex/socket/parameters.rb.ut.rb +2 -1
- data/lib/rex/socket/range_walker.rb +71 -26
- data/lib/rex/socket/range_walker.rb.ut.rb +2 -1
- data/lib/rex/socket/ssl_tcp.rb +1 -0
- data/lib/rex/socket/ssl_tcp.rb.ut.rb +2 -1
- data/lib/rex/socket/ssl_tcp_server.rb +1 -0
- data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +1 -0
- data/lib/rex/socket/subnet_walker.rb +1 -0
- data/lib/rex/socket/subnet_walker.rb.ut.rb +2 -1
- data/lib/rex/socket/switch_board.rb +1 -0
- data/lib/rex/socket/switch_board.rb.ut.rb +2 -1
- data/lib/rex/socket/tcp.rb +4 -3
- data/lib/rex/socket/tcp.rb.ut.rb +2 -1
- data/lib/rex/socket/tcp_server.rb +1 -0
- data/lib/rex/socket/tcp_server.rb.ut.rb +2 -1
- data/lib/rex/socket/udp.rb +2 -1
- data/lib/rex/socket/udp.rb.ut.rb +2 -1
- data/lib/rex/struct2.rb +2 -1
- data/lib/rex/struct2/c_struct.rb +2 -1
- data/lib/rex/struct2/c_struct_template.rb +2 -1
- data/lib/rex/struct2/constant.rb +2 -1
- data/lib/rex/struct2/element.rb +2 -1
- data/lib/rex/struct2/generic.rb +1 -0
- data/lib/rex/struct2/restraint.rb +2 -1
- data/lib/rex/struct2/s_string.rb +1 -0
- data/lib/rex/struct2/s_struct.rb +1 -0
- data/lib/rex/sync.rb +2 -1
- data/lib/rex/sync/event.rb +1 -0
- data/lib/rex/sync/read_write_lock.rb +1 -0
- data/lib/rex/sync/ref.rb +2 -1
- data/lib/rex/sync/thread_safe.rb +2 -1
- data/lib/rex/test.rb +2 -1
- data/lib/rex/text.rb +136 -19
- data/lib/rex/text.rb.ut.rb +1 -0
- data/lib/rex/thread_factory.rb +5 -4
- data/lib/rex/time.rb +2 -1
- data/lib/rex/transformer.rb +1 -0
- data/lib/rex/transformer.rb.ut.rb +2 -1
- data/lib/rex/ui.rb +2 -1
- data/lib/rex/ui/interactive.rb +10 -9
- data/lib/rex/ui/output.rb +1 -0
- data/lib/rex/ui/output/none.rb +2 -1
- data/lib/rex/ui/progress_tracker.rb +2 -1
- data/lib/rex/ui/subscriber.rb +9 -8
- data/lib/rex/ui/text/color.rb +1 -0
- data/lib/rex/ui/text/color.rb.ut.rb +1 -0
- data/lib/rex/ui/text/dispatcher_shell.rb +63 -23
- data/lib/rex/ui/text/input.rb +1 -0
- data/lib/rex/ui/text/input/buffer.rb +7 -6
- data/lib/rex/ui/text/input/readline.rb +14 -13
- data/lib/rex/ui/text/input/socket.rb +1 -0
- data/lib/rex/ui/text/input/stdio.rb +2 -1
- data/lib/rex/ui/text/irb_shell.rb +1 -0
- data/lib/rex/ui/text/output.rb +1 -0
- data/lib/rex/ui/text/output/buffer.rb +1 -0
- data/lib/rex/ui/text/output/file.rb +1 -0
- data/lib/rex/ui/text/output/socket.rb +1 -0
- data/lib/rex/ui/text/output/stdio.rb +1 -0
- data/lib/rex/ui/text/output/tee.rb +1 -0
- data/lib/rex/ui/text/progress_tracker.rb +2 -1
- data/lib/rex/ui/text/progress_tracker.rb.ut.rb +2 -1
- data/lib/rex/ui/text/shell.rb +1 -0
- data/lib/rex/ui/text/table.rb +20 -14
- data/lib/rex/ui/text/table.rb.ut.rb +3 -2
- data/lib/rex/zip.rb +1 -0
- data/lib/rex/zip/archive.rb +2 -1
- data/lib/rex/zip/blocks.rb +3 -2
- data/lib/rex/zip/entry.rb +6 -7
- data/lib/rex/zip/jar.rb +4 -3
- data/lib/rex/zip/samples/comment.rb +1 -0
- data/lib/rex/zip/samples/mkwar.rb +1 -0
- data/lib/rex/zip/samples/mkzip.rb +1 -0
- data/lib/rex/zip/samples/recursive.rb +1 -0
- metadata +433 -435
@@ -1,3 +1,4 @@
|
|
1
|
+
# -*- coding: binary -*-
|
1
2
|
require 'rex/post/meterpreter'
|
2
3
|
|
3
4
|
module Rex
|
@@ -20,11 +21,29 @@ class Console::CommandDispatcher::Stdapi::Webcam
|
|
20
21
|
# List of supported commands.
|
21
22
|
#
|
22
23
|
def commands
|
23
|
-
{
|
24
|
+
all = {
|
24
25
|
"webcam_list" => "List webcams",
|
25
26
|
"webcam_snap" => "Take a snapshot from the specified webcam",
|
26
27
|
"record_mic" => "Record audio from the default microphone for X seconds"
|
27
28
|
}
|
29
|
+
reqs = {
|
30
|
+
"webcam_list" => [ "webcam_list" ],
|
31
|
+
"webcam_snap" => [ "webcam_start", "webcam_get_frame", "webcam_stop" ],
|
32
|
+
"record_mic" => [ "webcam_record_audio" ],
|
33
|
+
}
|
34
|
+
|
35
|
+
all.delete_if do |cmd, desc|
|
36
|
+
del = false
|
37
|
+
reqs[cmd].each do |req|
|
38
|
+
next if client.commands.include? req
|
39
|
+
del = true
|
40
|
+
break
|
41
|
+
end
|
42
|
+
|
43
|
+
del
|
44
|
+
end
|
45
|
+
|
46
|
+
all
|
28
47
|
end
|
29
48
|
|
30
49
|
#
|
@@ -36,7 +55,7 @@ class Console::CommandDispatcher::Stdapi::Webcam
|
|
36
55
|
|
37
56
|
def cmd_webcam_list
|
38
57
|
begin
|
39
|
-
client.webcam.webcam_list.each_with_index { |name, indx|
|
58
|
+
client.webcam.webcam_list.each_with_index { |name, indx|
|
40
59
|
print_line("#{indx + 1}: #{name}")
|
41
60
|
}
|
42
61
|
return true
|
@@ -51,7 +70,7 @@ class Console::CommandDispatcher::Stdapi::Webcam
|
|
51
70
|
quality = 50
|
52
71
|
view = true
|
53
72
|
index = 1
|
54
|
-
wc_list = []
|
73
|
+
wc_list = []
|
55
74
|
|
56
75
|
webcam_snap_opts = Rex::Parser::Arguments.new(
|
57
76
|
"-h" => [ false, "Help Banner" ],
|
@@ -78,7 +97,7 @@ class Console::CommandDispatcher::Stdapi::Webcam
|
|
78
97
|
view = false if ( val =~ /^(f|n|0)/i )
|
79
98
|
end
|
80
99
|
}
|
81
|
-
begin
|
100
|
+
begin
|
82
101
|
wc_list << client.webcam.webcam_list
|
83
102
|
rescue
|
84
103
|
end
|
@@ -108,7 +127,7 @@ class Console::CommandDispatcher::Stdapi::Webcam
|
|
108
127
|
def cmd_record_mic(*args)
|
109
128
|
path = Rex::Text.rand_text_alpha(8) + ".wav"
|
110
129
|
play = true
|
111
|
-
duration = 1
|
130
|
+
duration = 1
|
112
131
|
|
113
132
|
record_mic_opts = Rex::Parser::Arguments.new(
|
114
133
|
"-h" => [ false, "Help Banner" ],
|
@@ -1,3 +1,4 @@
|
|
1
|
+
# -*- coding: binary -*-
|
1
2
|
module Rex
|
2
3
|
module Post
|
3
4
|
module Meterpreter
|
@@ -35,7 +36,7 @@ module Console::InteractiveChannel
|
|
35
36
|
# Called when an interrupt is sent.
|
36
37
|
#
|
37
38
|
def _interrupt
|
38
|
-
prompt_yesno("Terminate channel #{self.cid}?")
|
39
|
+
prompt_yesno("Terminate channel #{self.cid}?")
|
39
40
|
end
|
40
41
|
|
41
42
|
#
|
data/lib/rex/post/permission.rb
CHANGED
@@ -1,4 +1,5 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
|
+
# -*- coding: binary -*-
|
2
3
|
|
3
4
|
# Generic page protection flags
|
4
5
|
PROT_NONE = 0
|
@@ -23,4 +24,4 @@ PROCESS_ALL = 0xffffffff
|
|
23
24
|
THREAD_READ = (1 << 0)
|
24
25
|
THREAD_WRITE = (1 << 1)
|
25
26
|
THREAD_EXECUTE = (1 << 2)
|
26
|
-
THREAD_ALL = 0xffffffff
|
27
|
+
THREAD_ALL = 0xffffffff
|
data/lib/rex/post/process.rb
CHANGED
data/lib/rex/post/thread.rb
CHANGED
data/lib/rex/post/ui.rb
CHANGED
data/lib/rex/proto.rb
CHANGED
data/lib/rex/proto.rb.ts.rb
CHANGED
data/lib/rex/proto/dcerpc.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
|
+
# -*- coding: binary -*-
|
1
2
|
require 'rex/proto/dcerpc/uuid'
|
2
3
|
require 'rex/proto/dcerpc/response'
|
3
4
|
require 'rex/proto/dcerpc/client'
|
4
5
|
require 'rex/proto/dcerpc/packet'
|
5
6
|
require 'rex/proto/dcerpc/handle'
|
6
|
-
require 'rex/proto/dcerpc/ndr'
|
7
|
+
require 'rex/proto/dcerpc/ndr'
|
@@ -1,4 +1,5 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
|
+
# -*- coding: binary -*-
|
2
3
|
|
3
4
|
require 'rex/test'
|
4
5
|
require 'rex/proto/dcerpc/uuid.rb.ut'
|
@@ -6,4 +7,4 @@ require 'rex/proto/dcerpc/response.rb.ut'
|
|
6
7
|
require 'rex/proto/dcerpc/packet.rb.ut'
|
7
8
|
# require 'rex/proto/dcerpc/ndr.rb.ut'
|
8
9
|
require 'rex/proto/dcerpc/handle.rb.ut'
|
9
|
-
require 'rex/proto/dcerpc/client.rb.ut'
|
10
|
+
require 'rex/proto/dcerpc/client.rb.ut'
|
@@ -1,4 +1,5 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
|
+
# -*- coding: binary -*-
|
2
3
|
|
3
4
|
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
|
4
5
|
|
@@ -82,4 +83,4 @@ class Rex::Proto::DCERPC::Handle::UnitTest < Test::Unit::TestCase
|
|
82
83
|
handle = '6bffd098-a112-3610-9833-46c3f87e345a:1.0@ncacn_ip_tcp:10.4.10.10[80'
|
83
84
|
assert_raise(Rex::ArgumentError, 'invalid handle (parser)') { Klass.parse(handle) }
|
84
85
|
end
|
85
|
-
end
|
86
|
+
end
|
data/lib/rex/proto/dcerpc/ndr.rb
CHANGED
@@ -1,4 +1,5 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
|
+
# -*- coding: binary -*-
|
2
3
|
|
3
4
|
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
|
4
5
|
|
@@ -38,4 +39,4 @@ class Rex::Proto::DCERPC::NDR::UnitTest < Test::Unit::TestCase
|
|
38
39
|
assert_equal(16, Klass.UnicodeConformantVaryingStringPreBuilt('aa' + "\x00\x00").length, 'UniConformantVaryingStringPreBuilt length')
|
39
40
|
end
|
40
41
|
|
41
|
-
end
|
42
|
+
end
|
@@ -1,3 +1,4 @@
|
|
1
|
+
# -*- coding: binary -*-
|
1
2
|
module Rex
|
2
3
|
module Proto
|
3
4
|
module DCERPC
|
@@ -6,18 +7,18 @@ class Packet
|
|
6
7
|
require 'rex/proto/dcerpc/uuid'
|
7
8
|
require 'rex/proto/dcerpc/response'
|
8
9
|
require 'rex/text'
|
9
|
-
|
10
|
+
|
10
11
|
UUID = Rex::Proto::DCERPC::UUID
|
11
12
|
|
12
13
|
# Create a standard DCERPC BIND request packet
|
13
|
-
def self.make_bind(uuid, vers)
|
14
|
-
|
14
|
+
def self.make_bind(uuid, vers)
|
15
|
+
|
15
16
|
# Process the version strings ("1.0", 1.0, "1", 1)
|
16
17
|
bind_vers_maj, bind_vers_min = UUID.vers_to_nums(vers)
|
17
18
|
xfer_vers_maj, xfer_vers_min = UUID.vers_to_nums(UUID.xfer_syntax_vers)
|
18
19
|
|
19
20
|
# Create the bind request packet
|
20
|
-
buff =
|
21
|
+
buff =
|
21
22
|
[
|
22
23
|
5, # major version 5
|
23
24
|
0, # minor version 0
|
@@ -38,30 +39,32 @@ require 'rex/text'
|
|
38
39
|
bind_vers_min, # interface minor version
|
39
40
|
UUID.xfer_syntax_uuid, # transfer syntax
|
40
41
|
xfer_vers_maj, # syntax major version
|
41
|
-
xfer_vers_min, # syntax minor version
|
42
|
+
xfer_vers_min, # syntax minor version
|
42
43
|
].pack('CCCCNvvVvvVVvvA16vvA16vv')
|
43
|
-
|
44
|
+
|
44
45
|
return buff, 0
|
45
46
|
end
|
46
47
|
|
47
48
|
# Create an obfuscated DCERPC BIND request packet
|
48
49
|
def self.make_bind_fake_multi(uuid, vers, bind_head=0, bind_tail=0)
|
49
50
|
|
51
|
+
bind_head = bind_head.to_i
|
52
|
+
bind_tail = bind_tail.to_i
|
50
53
|
bind_head = rand(6)+10 if bind_head == 0
|
51
54
|
bind_tail = rand(4)+1 if bind_head == 0
|
52
55
|
|
53
56
|
u = Rex::Proto::DCERPC::UUID
|
54
|
-
|
57
|
+
|
55
58
|
# Process the version strings ("1.0", 1.0, "1", 1)
|
56
59
|
bind_vers_maj, bind_vers_min = UUID.vers_to_nums(vers)
|
57
60
|
xfer_vers_maj, xfer_vers_min = UUID.vers_to_nums(UUID.xfer_syntax_vers)
|
58
|
-
|
61
|
+
|
59
62
|
bind_total = bind_head + bind_tail + 1
|
60
63
|
bind_size = (bind_total * 44) + 28
|
61
64
|
real_ctx, ctx = 0, 0
|
62
65
|
|
63
66
|
# Create the header of the bind request
|
64
|
-
data =
|
67
|
+
data =
|
65
68
|
[
|
66
69
|
5, # major version 5
|
67
70
|
0, # minor version 0
|
@@ -76,61 +79,61 @@ require 'rex/text'
|
|
76
79
|
0, # assoc group
|
77
80
|
bind_total, # num ctx items
|
78
81
|
].pack('CCCCNvvVvvVV')
|
79
|
-
|
82
|
+
|
80
83
|
# Generate the fake UUIDs prior to the real one
|
81
84
|
1.upto(bind_head) do ||
|
82
85
|
# Generate some random UUID and versions
|
83
86
|
rand_uuid = Rex::Text.rand_text(16)
|
84
|
-
rand_imaj = rand(6)
|
87
|
+
rand_imaj = rand(6)
|
85
88
|
rand_imin = rand(4)
|
86
|
-
|
87
|
-
data +=
|
89
|
+
|
90
|
+
data +=
|
88
91
|
[
|
89
92
|
ctx, # context id
|
90
|
-
1, # num trans items
|
93
|
+
1, # num trans items
|
91
94
|
rand_uuid, # interface uuid
|
92
95
|
rand_imaj, # interface major version
|
93
96
|
rand_imin, # interface minor version
|
94
97
|
UUID.xfer_syntax_uuid, # transfer syntax
|
95
98
|
xfer_vers_maj, # syntax major version
|
96
|
-
xfer_vers_min, # syntax minor version
|
99
|
+
xfer_vers_min, # syntax minor version
|
97
100
|
].pack('vvA16vvA16vv')
|
98
101
|
ctx += 1
|
99
102
|
end
|
100
|
-
|
103
|
+
|
101
104
|
# Stuff the real UUID onto the end of the buffer
|
102
105
|
real_ctx = ctx;
|
103
|
-
data +=
|
106
|
+
data +=
|
104
107
|
[
|
105
108
|
ctx, # context id
|
106
|
-
1, # num trans items
|
109
|
+
1, # num trans items
|
107
110
|
UUID.uuid_pack(uuid), # interface uuid
|
108
111
|
bind_vers_maj, # interface major version
|
109
112
|
bind_vers_min, # interface minor version
|
110
113
|
UUID.xfer_syntax_uuid, # transfer syntax
|
111
114
|
xfer_vers_maj, # syntax major version
|
112
|
-
xfer_vers_min, # syntax minor version
|
115
|
+
xfer_vers_min, # syntax minor version
|
113
116
|
].pack('vvA16vvA16vv')
|
114
117
|
ctx += 1
|
115
|
-
|
116
|
-
|
118
|
+
|
119
|
+
|
117
120
|
# Generate the fake UUIDs after the real one
|
118
121
|
1.upto(bind_tail) do ||
|
119
122
|
# Generate some random UUID and versions
|
120
123
|
rand_uuid = Rex::Text.rand_text(16)
|
121
|
-
rand_imaj = rand(6)
|
124
|
+
rand_imaj = rand(6)
|
122
125
|
rand_imin = rand(4)
|
123
|
-
|
124
|
-
data +=
|
126
|
+
|
127
|
+
data +=
|
125
128
|
[
|
126
129
|
ctx, # context id
|
127
|
-
1, # num trans items
|
130
|
+
1, # num trans items
|
128
131
|
rand_uuid, # interface uuid
|
129
132
|
rand_imaj, # interface major version
|
130
133
|
rand_imin, # interface minor version
|
131
134
|
UUID.xfer_syntax_uuid, # transfer syntax
|
132
135
|
xfer_vers_maj, # syntax major version
|
133
|
-
xfer_vers_min, # syntax minor version
|
136
|
+
xfer_vers_min, # syntax minor version
|
134
137
|
].pack('vvA16vvA16vv')
|
135
138
|
ctx += 1
|
136
139
|
end
|
@@ -138,16 +141,16 @@ require 'rex/text'
|
|
138
141
|
# Return both the bind packet and the real context_id
|
139
142
|
return data, real_ctx
|
140
143
|
end
|
141
|
-
|
144
|
+
|
142
145
|
# Create a standard DCERPC ALTER_CONTEXT request packet
|
143
|
-
def self.make_alter_context(uuid, vers)
|
146
|
+
def self.make_alter_context(uuid, vers)
|
144
147
|
u = Rex::Proto::DCERPC::UUID
|
145
|
-
|
148
|
+
|
146
149
|
# Process the version strings ("1.0", 1.0, "1", 1)
|
147
150
|
bind_vers_maj, bind_vers_min = UUID.vers_to_nums(vers)
|
148
151
|
xfer_vers_maj, xfer_vers_min = UUID.vers_to_nums(UUID.xfer_syntax_vers)
|
149
152
|
|
150
|
-
buff =
|
153
|
+
buff =
|
151
154
|
[
|
152
155
|
5, # major version 5
|
153
156
|
0, # minor version 0
|
@@ -168,14 +171,18 @@ require 'rex/text'
|
|
168
171
|
bind_vers_min, # interface minor version
|
169
172
|
UUID.xfer_syntax_uuid, # transfer syntax
|
170
173
|
xfer_vers_maj, # syntax major version
|
171
|
-
xfer_vers_min, # syntax minor version
|
174
|
+
xfer_vers_min, # syntax minor version
|
172
175
|
].pack('CCCCNvvVvvVVvvA16vvA16vv')
|
173
176
|
end
|
174
|
-
|
177
|
+
|
175
178
|
|
176
179
|
# Used to create a piece of a DCERPC REQUEST packet
|
177
180
|
def self.make_request_chunk(flags=3, opnum=0, data="", ctx=0, object_id = '')
|
178
181
|
|
182
|
+
flags = flags.to_i
|
183
|
+
opnum = opnum.to_i
|
184
|
+
ctx = ctx.to_i
|
185
|
+
|
179
186
|
dlen = data.length
|
180
187
|
flen = dlen + 24
|
181
188
|
|
@@ -189,7 +196,7 @@ require 'rex/text'
|
|
189
196
|
object_str = UUID.uuid_pack(object_id)
|
190
197
|
end
|
191
198
|
|
192
|
-
buff =
|
199
|
+
buff =
|
193
200
|
[
|
194
201
|
5, # major version 5
|
195
202
|
0, # minor version 0
|
@@ -203,30 +210,30 @@ require 'rex/text'
|
|
203
210
|
ctx, # context id
|
204
211
|
opnum, # operation number
|
205
212
|
].pack('CCCCNvvVVvv') + object_str + data
|
206
|
-
end
|
213
|
+
end
|
207
214
|
|
208
215
|
# Used to create standard DCERPC REQUEST packet(s)
|
209
216
|
def self.make_request(opnum=0, data="", size=data.length, ctx=0, object_id = '')
|
210
217
|
|
211
|
-
|
212
|
-
|
213
|
-
|
218
|
+
opnum = opnum.to_i
|
219
|
+
size = [4000, size.to_i].min
|
220
|
+
ctx = ctx.to_i
|
214
221
|
|
215
222
|
chunks, frags = [], []
|
216
223
|
ptr = 0
|
217
|
-
|
224
|
+
|
218
225
|
# Break the request into fragments of 'size' bytes
|
219
226
|
while ptr < data.length
|
220
227
|
chunks.push( data[ ptr, size ] )
|
221
228
|
ptr += size
|
222
229
|
end
|
223
|
-
|
230
|
+
|
224
231
|
# Process requests with no stub data
|
225
232
|
if chunks.length == 0
|
226
233
|
frags.push( make_request_chunk(3, opnum, '', ctx, object_id) )
|
227
234
|
return frags
|
228
235
|
end
|
229
|
-
|
236
|
+
|
230
237
|
# Process requests with only one fragment
|
231
238
|
if chunks.length == 1
|
232
239
|
frags.push( make_request_chunk(3, opnum, chunks[0], ctx, object_id) )
|
@@ -235,19 +242,19 @@ require 'rex/text'
|
|
235
242
|
|
236
243
|
# Create the first fragment of the request
|
237
244
|
frags.push( make_request_chunk(1, opnum, chunks.shift, ctx, object_id) )
|
238
|
-
|
245
|
+
|
239
246
|
# Create all of the middle fragments
|
240
247
|
while chunks.length != 1
|
241
248
|
frags.push( make_request_chunk(0, opnum, chunks.shift, ctx, object_id) )
|
242
249
|
end
|
243
|
-
|
250
|
+
|
244
251
|
# Create the last fragment of the request
|
245
252
|
frags.push( make_request_chunk(2, opnum, chunks.shift, ctx, object_id) )
|
246
253
|
|
247
254
|
return frags
|
248
|
-
end
|
249
|
-
|
255
|
+
end
|
256
|
+
|
257
|
+
end
|
250
258
|
end
|
251
259
|
end
|
252
260
|
end
|
253
|
-
end
|