librex 0.0.65 → 0.0.66

Sign up to get free protection for your applications and to get access to all the features.
Files changed (482) hide show
  1. data/README.markdown +1 -1
  2. data/lib/rex/arch.rb +1 -0
  3. data/lib/rex/arch/sparc.rb +16 -15
  4. data/lib/rex/arch/sparc.rb.ut.rb +2 -1
  5. data/lib/rex/arch/x86.rb +1 -0
  6. data/lib/rex/arch/x86.rb.ut.rb +2 -1
  7. data/lib/rex/assembly/nasm.rb +1 -0
  8. data/lib/rex/assembly/nasm.rb.ut.rb +2 -1
  9. data/lib/rex/compat.rb +13 -0
  10. data/lib/rex/constants.rb +5 -4
  11. data/lib/rex/elfparsey.rb +3 -2
  12. data/lib/rex/elfparsey/elf.rb +2 -1
  13. data/lib/rex/elfparsey/elfbase.rb +8 -7
  14. data/lib/rex/elfparsey/exceptions.rb +3 -2
  15. data/lib/rex/elfscan.rb +3 -2
  16. data/lib/rex/elfscan/scanner.rb +2 -1
  17. data/lib/rex/elfscan/search.rb +2 -1
  18. data/lib/rex/encoder/alpha2.rb +2 -1
  19. data/lib/rex/encoder/alpha2/alpha_mixed.rb +3 -2
  20. data/lib/rex/encoder/alpha2/alpha_upper.rb +5 -4
  21. data/lib/rex/encoder/alpha2/generic.rb +37 -60
  22. data/lib/rex/encoder/alpha2/unicode_mixed.rb +4 -9
  23. data/lib/rex/encoder/alpha2/unicode_upper.rb +4 -9
  24. data/lib/rex/encoder/ndr.rb +1 -0
  25. data/lib/rex/encoder/ndr.rb.ut.rb +2 -1
  26. data/lib/rex/encoder/nonalpha.rb +1 -0
  27. data/lib/rex/encoder/nonupper.rb +1 -0
  28. data/lib/rex/encoder/xdr.rb +9 -8
  29. data/lib/rex/encoder/xdr.rb.ut.rb +2 -1
  30. data/lib/rex/encoder/xor.rb +1 -0
  31. data/lib/rex/encoder/xor/dword.rb +2 -1
  32. data/lib/rex/encoder/xor/dword_additive.rb +2 -1
  33. data/lib/rex/encoders/xor_dword.rb +1 -0
  34. data/lib/rex/encoders/xor_dword_additive.rb +2 -1
  35. data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +2 -1
  36. data/lib/rex/encoding/xor.rb +2 -1
  37. data/lib/rex/encoding/xor.rb.ts.rb +2 -1
  38. data/lib/rex/encoding/xor/byte.rb +2 -1
  39. data/lib/rex/encoding/xor/byte.rb.ut.rb +2 -1
  40. data/lib/rex/encoding/xor/dword.rb +2 -1
  41. data/lib/rex/encoding/xor/dword.rb.ut.rb +2 -1
  42. data/lib/rex/encoding/xor/dword_additive.rb +1 -0
  43. data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +2 -1
  44. data/lib/rex/encoding/xor/exceptions.rb +1 -0
  45. data/lib/rex/encoding/xor/generic.rb +1 -0
  46. data/lib/rex/encoding/xor/generic.rb.ut.rb +2 -1
  47. data/lib/rex/encoding/xor/qword.rb +2 -1
  48. data/lib/rex/encoding/xor/word.rb +2 -1
  49. data/lib/rex/encoding/xor/word.rb.ut.rb +2 -1
  50. data/lib/rex/exceptions.rb +1 -0
  51. data/lib/rex/exceptions.rb.ut.rb +2 -1
  52. data/lib/rex/exploitation/cmdstager.rb +2 -1
  53. data/lib/rex/exploitation/cmdstager/base.rb +1 -0
  54. data/lib/rex/exploitation/cmdstager/debug_asm.rb +2 -1
  55. data/lib/rex/exploitation/cmdstager/debug_write.rb +2 -1
  56. data/lib/rex/exploitation/cmdstager/tftp.rb +2 -1
  57. data/lib/rex/exploitation/cmdstager/vbs.rb +2 -1
  58. data/lib/rex/exploitation/egghunter.rb +12 -11
  59. data/lib/rex/exploitation/egghunter.rb.ut.rb +2 -1
  60. data/lib/rex/exploitation/encryptjs.rb +1 -0
  61. data/lib/rex/exploitation/heaplib.rb +1 -0
  62. data/lib/rex/exploitation/javascriptosdetect.js +1014 -0
  63. data/lib/rex/exploitation/javascriptosdetect.rb +4 -857
  64. data/lib/rex/exploitation/jsobfu.rb +2 -1
  65. data/lib/rex/exploitation/obfuscatejs.rb +1 -0
  66. data/lib/rex/exploitation/omelet.rb +1 -0
  67. data/lib/rex/exploitation/omelet.rb.ut.rb +1 -0
  68. data/lib/rex/exploitation/opcodedb.rb +12 -11
  69. data/lib/rex/exploitation/opcodedb.rb.ut.rb +2 -1
  70. data/lib/rex/exploitation/seh.rb +3 -2
  71. data/lib/rex/exploitation/seh.rb.ut.rb +2 -1
  72. data/lib/rex/file.rb +4 -3
  73. data/lib/rex/file.rb.ut.rb +2 -1
  74. data/lib/rex/image_source.rb +3 -2
  75. data/lib/rex/image_source/disk.rb +3 -2
  76. data/lib/rex/image_source/image_source.rb +3 -2
  77. data/lib/rex/image_source/memory.rb +3 -2
  78. data/lib/rex/io/bidirectional_pipe.rb +1 -0
  79. data/lib/rex/io/datagram_abstraction.rb +2 -1
  80. data/lib/rex/io/ring_buffer.rb +49 -44
  81. data/lib/rex/io/ring_buffer.rb.ut.rb +4 -3
  82. data/lib/rex/io/stream.rb +1 -0
  83. data/lib/rex/io/stream_abstraction.rb +1 -0
  84. data/lib/rex/io/stream_server.rb +1 -0
  85. data/lib/rex/job_container.rb +1 -0
  86. data/lib/rex/logging.rb +2 -1
  87. data/lib/rex/logging/log_dispatcher.rb +5 -4
  88. data/lib/rex/logging/log_sink.rb +2 -1
  89. data/lib/rex/logging/sinks/flatfile.rb +4 -3
  90. data/lib/rex/logging/sinks/stderr.rb +2 -1
  91. data/lib/rex/machparsey.rb +2 -1
  92. data/lib/rex/machparsey/exceptions.rb +2 -1
  93. data/lib/rex/machparsey/mach.rb +20 -19
  94. data/lib/rex/machparsey/machbase.rb +27 -26
  95. data/lib/rex/machscan.rb +2 -1
  96. data/lib/rex/machscan/scanner.rb +1 -0
  97. data/lib/rex/mime.rb +2 -1
  98. data/lib/rex/mime/header.rb +1 -0
  99. data/lib/rex/mime/message.rb +4 -1
  100. data/lib/rex/mime/part.rb +2 -1
  101. data/lib/rex/nop/opty2.rb +2 -1
  102. data/lib/rex/nop/opty2.rb.ut.rb +2 -1
  103. data/lib/rex/nop/opty2_tables.rb +1 -0
  104. data/lib/rex/ole.rb +3 -2
  105. data/lib/rex/ole/clsid.rb +3 -2
  106. data/lib/rex/ole/difat.rb +3 -2
  107. data/lib/rex/ole/directory.rb +3 -2
  108. data/lib/rex/ole/direntry.rb +3 -2
  109. data/lib/rex/ole/fat.rb +3 -2
  110. data/lib/rex/ole/header.rb +3 -2
  111. data/lib/rex/ole/minifat.rb +3 -2
  112. data/lib/rex/ole/propset.rb +4 -3
  113. data/lib/rex/ole/samples/create_ole.rb +1 -0
  114. data/lib/rex/ole/samples/dir.rb +1 -0
  115. data/lib/rex/ole/samples/dump_stream.rb +1 -0
  116. data/lib/rex/ole/samples/ole_info.rb +1 -0
  117. data/lib/rex/ole/storage.rb +3 -2
  118. data/lib/rex/ole/stream.rb +3 -2
  119. data/lib/rex/ole/substorage.rb +3 -2
  120. data/lib/rex/ole/util.rb +3 -2
  121. data/lib/rex/parser/acunetix_nokogiri.rb +13 -12
  122. data/lib/rex/parser/apple_backup_manifestdb.rb +20 -19
  123. data/lib/rex/parser/appscan_nokogiri.rb +17 -16
  124. data/lib/rex/parser/arguments.rb +2 -1
  125. data/lib/rex/parser/arguments.rb.ut.rb +2 -1
  126. data/lib/rex/parser/burp_session_nokogiri.rb +8 -7
  127. data/lib/rex/parser/ci_nokogiri.rb +4 -3
  128. data/lib/rex/parser/foundstone_nokogiri.rb +18 -17
  129. data/lib/rex/parser/fusionvm_nokogiri.rb +109 -0
  130. data/lib/rex/parser/ini.rb +1 -0
  131. data/lib/rex/parser/ini.rb.ut.rb +2 -1
  132. data/lib/rex/parser/ip360_aspl_xml.rb +1 -0
  133. data/lib/rex/parser/ip360_xml.rb +4 -3
  134. data/lib/rex/parser/mbsa_nokogiri.rb +8 -7
  135. data/lib/rex/parser/nessus_xml.rb +3 -2
  136. data/lib/rex/parser/netsparker_xml.rb +10 -9
  137. data/lib/rex/parser/nexpose_raw_nokogiri.rb +372 -52
  138. data/lib/rex/parser/nexpose_simple_nokogiri.rb +8 -7
  139. data/lib/rex/parser/nexpose_xml.rb +1 -0
  140. data/lib/rex/parser/nmap_nokogiri.rb +63 -33
  141. data/lib/rex/parser/nmap_xml.rb +1 -0
  142. data/lib/rex/parser/nokogiri_doc_mixin.rb +35 -15
  143. data/lib/rex/parser/openvas_nokogiri.rb +172 -0
  144. data/lib/rex/parser/retina_xml.rb +1 -0
  145. data/lib/rex/parser/wapiti_nokogiri.rb +105 -0
  146. data/lib/rex/payloads.rb +2 -1
  147. data/lib/rex/payloads/win32.rb +2 -1
  148. data/lib/rex/payloads/win32/common.rb +2 -1
  149. data/lib/rex/payloads/win32/kernel.rb +2 -1
  150. data/lib/rex/payloads/win32/kernel/common.rb +4 -3
  151. data/lib/rex/payloads/win32/kernel/migration.rb +2 -1
  152. data/lib/rex/payloads/win32/kernel/recovery.rb +2 -1
  153. data/lib/rex/payloads/win32/kernel/stager.rb +21 -20
  154. data/lib/rex/peparsey.rb +3 -2
  155. data/lib/rex/peparsey/exceptions.rb +2 -1
  156. data/lib/rex/peparsey/pe.rb +3 -2
  157. data/lib/rex/peparsey/pe_memdump.rb +2 -1
  158. data/lib/rex/peparsey/pebase.rb +2 -1
  159. data/lib/rex/peparsey/section.rb +2 -1
  160. data/lib/rex/pescan.rb +3 -2
  161. data/lib/rex/pescan/analyze.rb +1 -0
  162. data/lib/rex/pescan/scanner.rb +1 -0
  163. data/lib/rex/pescan/search.rb +1 -0
  164. data/lib/rex/platforms.rb +2 -1
  165. data/lib/rex/platforms/windows.rb +2 -1
  166. data/lib/rex/poly.rb +2 -1
  167. data/lib/rex/poly/block.rb +16 -15
  168. data/lib/rex/poly/register.rb +2 -1
  169. data/lib/rex/poly/register/x86.rb +2 -1
  170. data/lib/rex/post.rb +2 -2
  171. data/lib/rex/post/dir.rb +2 -1
  172. data/lib/rex/post/file.rb +1 -0
  173. data/lib/rex/post/file_stat.rb +1 -0
  174. data/lib/rex/post/io.rb +2 -1
  175. data/lib/rex/post/meterpreter.rb +2 -1
  176. data/lib/rex/post/meterpreter/channel.rb +1 -0
  177. data/lib/rex/post/meterpreter/channel_container.rb +2 -1
  178. data/lib/rex/post/meterpreter/channels/pool.rb +1 -0
  179. data/lib/rex/post/meterpreter/channels/pools/file.rb +1 -0
  180. data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +3 -2
  181. data/lib/rex/post/meterpreter/channels/stream.rb +1 -0
  182. data/lib/rex/post/meterpreter/client.rb +23 -1
  183. data/lib/rex/post/meterpreter/client_core.rb +10 -5
  184. data/lib/rex/post/meterpreter/dependencies.rb +2 -1
  185. data/lib/rex/post/meterpreter/extension.rb +2 -1
  186. data/lib/rex/post/meterpreter/extensions/espia/espia.rb +7 -6
  187. data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +2 -1
  188. data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +5 -4
  189. data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +2 -1
  190. data/lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb +1 -0
  191. data/lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb +1 -0
  192. data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +7 -6
  193. data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +1 -0
  194. data/lib/rex/post/meterpreter/extensions/priv/fs.rb +2 -1
  195. data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +2 -1
  196. data/lib/rex/post/meterpreter/extensions/priv/priv.rb +1 -0
  197. data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +2 -1
  198. data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +28 -11
  199. data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +1 -0
  200. data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +6 -5
  201. data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +1 -0
  202. data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +3 -2
  203. data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +1 -0
  204. data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +2 -1
  205. data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +39 -5
  206. data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +75 -18
  207. data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +18 -6
  208. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +1 -0
  209. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +1 -0
  210. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +1 -0
  211. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +1 -0
  212. data/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb +4 -1
  213. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +1 -0
  214. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb +1 -0
  215. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +1 -0
  216. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb +1 -0
  217. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +1 -0
  218. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb +1 -0
  219. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +1 -0
  220. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +1 -0
  221. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +12 -0
  222. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +1 -0
  223. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +1 -0
  224. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +1 -0
  225. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb +1 -0
  226. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +7 -0
  227. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +1 -0
  228. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb.ut.rb +1 -0
  229. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +1 -0
  230. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb +1 -0
  231. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +1 -0
  232. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb +1 -0
  233. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb +1 -0
  234. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb.ut.rb +1 -0
  235. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb +1 -0
  236. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +1 -0
  237. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb +23 -0
  238. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb.ut.rb +29 -0
  239. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +10 -5
  240. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb.ut.rb +9 -0
  241. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb +1 -0
  242. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb +106 -0
  243. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb.ut.rb +128 -0
  244. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +1 -0
  245. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +27 -6
  246. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb +21 -0
  247. data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +1 -0
  248. data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +1 -0
  249. data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +1 -0
  250. data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +1 -0
  251. data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +2 -1
  252. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +43 -4
  253. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +1 -0
  254. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +2 -1
  255. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +1 -0
  256. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +1 -0
  257. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +1 -0
  258. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +1 -0
  259. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +1 -0
  260. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb +1 -0
  261. data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +1 -0
  262. data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +7 -0
  263. data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +14 -13
  264. data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +1 -0
  265. data/lib/rex/post/meterpreter/inbound_packet_handler.rb +2 -1
  266. data/lib/rex/post/meterpreter/object_aliases.rb +6 -5
  267. data/lib/rex/post/meterpreter/packet.rb +26 -6
  268. data/lib/rex/post/meterpreter/packet_dispatcher.rb +1 -0
  269. data/lib/rex/post/meterpreter/packet_parser.rb +1 -0
  270. data/lib/rex/post/meterpreter/packet_response_waiter.rb +1 -0
  271. data/lib/rex/post/meterpreter/ui/console.rb +1 -0
  272. data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +1 -0
  273. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +103 -28
  274. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +1 -0
  275. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +1 -0
  276. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +1 -0
  277. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +3 -2
  278. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +12 -11
  279. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +2 -1
  280. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +2 -1
  281. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +53 -36
  282. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +3 -2
  283. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +87 -44
  284. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +80 -18
  285. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +77 -48
  286. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +72 -41
  287. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +24 -5
  288. data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +2 -1
  289. data/lib/rex/post/permission.rb +2 -1
  290. data/lib/rex/post/process.rb +2 -1
  291. data/lib/rex/post/thread.rb +2 -1
  292. data/lib/rex/post/ui.rb +2 -1
  293. data/lib/rex/proto.rb +1 -0
  294. data/lib/rex/proto.rb.ts.rb +2 -1
  295. data/lib/rex/proto/dcerpc.rb +2 -1
  296. data/lib/rex/proto/dcerpc.rb.ts.rb +2 -1
  297. data/lib/rex/proto/dcerpc/client.rb +1 -0
  298. data/lib/rex/proto/dcerpc/client.rb.ut.rb +1 -0
  299. data/lib/rex/proto/dcerpc/exceptions.rb +2 -1
  300. data/lib/rex/proto/dcerpc/handle.rb +1 -0
  301. data/lib/rex/proto/dcerpc/handle.rb.ut.rb +2 -1
  302. data/lib/rex/proto/dcerpc/ndr.rb +2 -1
  303. data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +2 -1
  304. data/lib/rex/proto/dcerpc/packet.rb +52 -45
  305. data/lib/rex/proto/dcerpc/packet.rb.ut.rb +12 -11
  306. data/lib/rex/proto/dcerpc/response.rb +1 -0
  307. data/lib/rex/proto/dcerpc/response.rb.ut.rb +2 -1
  308. data/lib/rex/proto/dcerpc/uuid.rb +13 -12
  309. data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +2 -1
  310. data/lib/rex/proto/dhcp.rb +2 -1
  311. data/lib/rex/proto/dhcp/constants.rb +2 -1
  312. data/lib/rex/proto/dhcp/server.rb +4 -3
  313. data/lib/rex/proto/drda.rb +1 -0
  314. data/lib/rex/proto/drda.rb.ts.rb +1 -0
  315. data/lib/rex/proto/drda/constants.rb +1 -0
  316. data/lib/rex/proto/drda/constants.rb.ut.rb +1 -0
  317. data/lib/rex/proto/drda/packet.rb +11 -10
  318. data/lib/rex/proto/drda/packet.rb.ut.rb +5 -4
  319. data/lib/rex/proto/drda/utils.rb +4 -3
  320. data/lib/rex/proto/drda/utils.rb.ut.rb +3 -2
  321. data/lib/rex/proto/http.rb +2 -1
  322. data/lib/rex/proto/http.rb.ts.rb +2 -1
  323. data/lib/rex/proto/http/client.rb +29 -5
  324. data/lib/rex/proto/http/client.rb.ut.rb +1 -0
  325. data/lib/rex/proto/http/handler.rb +2 -1
  326. data/lib/rex/proto/http/handler/erb.rb +5 -4
  327. data/lib/rex/proto/http/handler/erb.rb.ut.rb +2 -1
  328. data/lib/rex/proto/http/handler/proc.rb +1 -0
  329. data/lib/rex/proto/http/handler/proc.rb.ut.rb +2 -1
  330. data/lib/rex/proto/http/header.rb +3 -3
  331. data/lib/rex/proto/http/header.rb.ut.rb +2 -1
  332. data/lib/rex/proto/http/packet.rb +1 -0
  333. data/lib/rex/proto/http/packet.rb.ut.rb +15 -14
  334. data/lib/rex/proto/http/request.rb +23 -22
  335. data/lib/rex/proto/http/request.rb.ut.rb +2 -1
  336. data/lib/rex/proto/http/response.rb +6 -5
  337. data/lib/rex/proto/http/response.rb.ut.rb +7 -6
  338. data/lib/rex/proto/http/server.rb +1 -0
  339. data/lib/rex/proto/http/server.rb.ut.rb +6 -5
  340. data/lib/rex/proto/iax2.rb +1 -0
  341. data/lib/rex/proto/iax2/call.rb +48 -47
  342. data/lib/rex/proto/iax2/client.rb +23 -22
  343. data/lib/rex/proto/iax2/codecs.rb +1 -0
  344. data/lib/rex/proto/iax2/codecs/alaw.rb +1 -0
  345. data/lib/rex/proto/iax2/codecs/g711.rb +4 -3
  346. data/lib/rex/proto/iax2/codecs/mulaw.rb +1 -0
  347. data/lib/rex/proto/iax2/constants.rb +1 -0
  348. data/lib/rex/proto/natpmp.rb +11 -0
  349. data/lib/rex/proto/natpmp/constants.rb +19 -0
  350. data/lib/rex/proto/natpmp/packet.rb +45 -0
  351. data/lib/rex/proto/ntlm.rb +1 -0
  352. data/lib/rex/proto/ntlm.rb.ut.rb +1 -0
  353. data/lib/rex/proto/ntlm/base.rb +38 -37
  354. data/lib/rex/proto/ntlm/constants.rb +1 -0
  355. data/lib/rex/proto/ntlm/crypt.rb +45 -44
  356. data/lib/rex/proto/ntlm/exceptions.rb +1 -0
  357. data/lib/rex/proto/ntlm/message.rb +30 -29
  358. data/lib/rex/proto/ntlm/utils.rb +116 -115
  359. data/lib/rex/proto/proxy/socks4a.rb +1 -0
  360. data/lib/rex/proto/rfb.rb +1 -0
  361. data/lib/rex/proto/rfb.rb.ut.rb +1 -0
  362. data/lib/rex/proto/rfb/cipher.rb +1 -0
  363. data/lib/rex/proto/rfb/client.rb +1 -0
  364. data/lib/rex/proto/rfb/constants.rb +1 -0
  365. data/lib/rex/proto/smb.rb +2 -1
  366. data/lib/rex/proto/smb.rb.ts.rb +2 -1
  367. data/lib/rex/proto/smb/client.rb +23 -22
  368. data/lib/rex/proto/smb/client.rb.ut.rb +1 -0
  369. data/lib/rex/proto/smb/constants.rb +1 -0
  370. data/lib/rex/proto/smb/constants.rb.ut.rb +2 -1
  371. data/lib/rex/proto/smb/crypt.rb +3 -2
  372. data/lib/rex/proto/smb/evasions.rb +1 -0
  373. data/lib/rex/proto/smb/exceptions.rb +6 -5
  374. data/lib/rex/proto/smb/simpleclient.rb +1 -0
  375. data/lib/rex/proto/smb/simpleclient.rb.ut.rb +1 -0
  376. data/lib/rex/proto/smb/utils.rb +1 -0
  377. data/lib/rex/proto/smb/utils.rb.ut.rb +2 -1
  378. data/lib/rex/proto/sunrpc.rb +1 -0
  379. data/lib/rex/proto/sunrpc/client.rb +1 -0
  380. data/lib/rex/proto/tftp.rb +3 -1
  381. data/lib/rex/proto/tftp/client.rb +344 -0
  382. data/lib/rex/proto/tftp/constants.rb +2 -1
  383. data/lib/rex/proto/tftp/server.rb +2 -1
  384. data/lib/rex/proto/tftp/server.rb.ut.rb +3 -2
  385. data/lib/rex/registry.rb +14 -0
  386. data/lib/rex/registry/hive.rb +132 -0
  387. data/lib/rex/registry/lfkey.rb +51 -0
  388. data/lib/rex/registry/nodekey.rb +54 -0
  389. data/lib/rex/registry/regf.rb +25 -0
  390. data/lib/rex/registry/valuekey.rb +67 -0
  391. data/lib/rex/registry/valuelist.rb +29 -0
  392. data/lib/rex/ropbuilder.rb +2 -1
  393. data/lib/rex/ropbuilder/rop.rb +3 -2
  394. data/lib/rex/script.rb +1 -0
  395. data/lib/rex/script/base.rb +1 -0
  396. data/lib/rex/script/meterpreter.rb +1 -0
  397. data/lib/rex/script/shell.rb +1 -0
  398. data/lib/rex/service.rb +2 -1
  399. data/lib/rex/service_manager.rb +6 -5
  400. data/lib/rex/service_manager.rb.ut.rb +2 -1
  401. data/lib/rex/services/local_relay.rb +1 -0
  402. data/lib/rex/socket.rb +72 -36
  403. data/lib/rex/socket.rb.ut.rb +1 -0
  404. data/lib/rex/socket/comm.rb +1 -0
  405. data/lib/rex/socket/comm/local.rb +60 -13
  406. data/lib/rex/socket/comm/local.rb.ut.rb +2 -1
  407. data/lib/rex/socket/ip.rb +1 -0
  408. data/lib/rex/socket/parameters.rb +15 -14
  409. data/lib/rex/socket/parameters.rb.ut.rb +2 -1
  410. data/lib/rex/socket/range_walker.rb +71 -26
  411. data/lib/rex/socket/range_walker.rb.ut.rb +2 -1
  412. data/lib/rex/socket/ssl_tcp.rb +1 -0
  413. data/lib/rex/socket/ssl_tcp.rb.ut.rb +2 -1
  414. data/lib/rex/socket/ssl_tcp_server.rb +1 -0
  415. data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +1 -0
  416. data/lib/rex/socket/subnet_walker.rb +1 -0
  417. data/lib/rex/socket/subnet_walker.rb.ut.rb +2 -1
  418. data/lib/rex/socket/switch_board.rb +1 -0
  419. data/lib/rex/socket/switch_board.rb.ut.rb +2 -1
  420. data/lib/rex/socket/tcp.rb +4 -3
  421. data/lib/rex/socket/tcp.rb.ut.rb +2 -1
  422. data/lib/rex/socket/tcp_server.rb +1 -0
  423. data/lib/rex/socket/tcp_server.rb.ut.rb +2 -1
  424. data/lib/rex/socket/udp.rb +2 -1
  425. data/lib/rex/socket/udp.rb.ut.rb +2 -1
  426. data/lib/rex/struct2.rb +2 -1
  427. data/lib/rex/struct2/c_struct.rb +2 -1
  428. data/lib/rex/struct2/c_struct_template.rb +2 -1
  429. data/lib/rex/struct2/constant.rb +2 -1
  430. data/lib/rex/struct2/element.rb +2 -1
  431. data/lib/rex/struct2/generic.rb +1 -0
  432. data/lib/rex/struct2/restraint.rb +2 -1
  433. data/lib/rex/struct2/s_string.rb +1 -0
  434. data/lib/rex/struct2/s_struct.rb +1 -0
  435. data/lib/rex/sync.rb +2 -1
  436. data/lib/rex/sync/event.rb +1 -0
  437. data/lib/rex/sync/read_write_lock.rb +1 -0
  438. data/lib/rex/sync/ref.rb +2 -1
  439. data/lib/rex/sync/thread_safe.rb +2 -1
  440. data/lib/rex/test.rb +2 -1
  441. data/lib/rex/text.rb +136 -19
  442. data/lib/rex/text.rb.ut.rb +1 -0
  443. data/lib/rex/thread_factory.rb +5 -4
  444. data/lib/rex/time.rb +2 -1
  445. data/lib/rex/transformer.rb +1 -0
  446. data/lib/rex/transformer.rb.ut.rb +2 -1
  447. data/lib/rex/ui.rb +2 -1
  448. data/lib/rex/ui/interactive.rb +10 -9
  449. data/lib/rex/ui/output.rb +1 -0
  450. data/lib/rex/ui/output/none.rb +2 -1
  451. data/lib/rex/ui/progress_tracker.rb +2 -1
  452. data/lib/rex/ui/subscriber.rb +9 -8
  453. data/lib/rex/ui/text/color.rb +1 -0
  454. data/lib/rex/ui/text/color.rb.ut.rb +1 -0
  455. data/lib/rex/ui/text/dispatcher_shell.rb +63 -23
  456. data/lib/rex/ui/text/input.rb +1 -0
  457. data/lib/rex/ui/text/input/buffer.rb +7 -6
  458. data/lib/rex/ui/text/input/readline.rb +14 -13
  459. data/lib/rex/ui/text/input/socket.rb +1 -0
  460. data/lib/rex/ui/text/input/stdio.rb +2 -1
  461. data/lib/rex/ui/text/irb_shell.rb +1 -0
  462. data/lib/rex/ui/text/output.rb +1 -0
  463. data/lib/rex/ui/text/output/buffer.rb +1 -0
  464. data/lib/rex/ui/text/output/file.rb +1 -0
  465. data/lib/rex/ui/text/output/socket.rb +1 -0
  466. data/lib/rex/ui/text/output/stdio.rb +1 -0
  467. data/lib/rex/ui/text/output/tee.rb +1 -0
  468. data/lib/rex/ui/text/progress_tracker.rb +2 -1
  469. data/lib/rex/ui/text/progress_tracker.rb.ut.rb +2 -1
  470. data/lib/rex/ui/text/shell.rb +1 -0
  471. data/lib/rex/ui/text/table.rb +20 -14
  472. data/lib/rex/ui/text/table.rb.ut.rb +3 -2
  473. data/lib/rex/zip.rb +1 -0
  474. data/lib/rex/zip/archive.rb +2 -1
  475. data/lib/rex/zip/blocks.rb +3 -2
  476. data/lib/rex/zip/entry.rb +6 -7
  477. data/lib/rex/zip/jar.rb +4 -3
  478. data/lib/rex/zip/samples/comment.rb +1 -0
  479. data/lib/rex/zip/samples/mkwar.rb +1 -0
  480. data/lib/rex/zip/samples/mkzip.rb +1 -0
  481. data/lib/rex/zip/samples/recursive.rb +1 -0
  482. metadata +433 -435
@@ -1,3 +1,4 @@
1
+ # -*- coding: binary -*-
1
2
  module Rex
2
3
  module Proto
3
4
  module IAX2
@@ -1,8 +1,9 @@
1
+ # -*- coding: binary -*-
1
2
  module Rex
2
3
  module Proto
3
4
  module IAX2
4
5
  module Codecs
5
- class G711
6
+ class G711
6
7
 
7
8
  =begin
8
9
 
@@ -31,7 +32,7 @@ class G711
31
32
  * implied warranty.
32
33
  */
33
34
 
34
- =end
35
+ =end
35
36
 
36
37
  LOOKUP_ALAW2LIN16 = [
37
38
  -5504, -5248, -6016, -5760, -4480, -4224, -4992,
@@ -2167,7 +2168,7 @@ LOOKUP_LIN2ULAW = [
2167
2168
  0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
2168
2169
  0x80, 0x80, 0x80, 0x80
2169
2170
  ]
2170
-
2171
+
2171
2172
  end
2172
2173
  end
2173
2174
  end
@@ -1,3 +1,4 @@
1
+ # -*- coding: binary -*-
1
2
  module Rex
2
3
  module Proto
3
4
  module IAX2
@@ -1,3 +1,4 @@
1
+ # -*- coding: binary -*-
1
2
  module Rex
2
3
  module Proto
3
4
  module IAX2
@@ -0,0 +1,11 @@
1
+ # -*- coding: binary -*-
2
+ ##
3
+ #
4
+ # NAT-PMP protocol support
5
+ #
6
+ # by Jon Hart <jhart@spoofed.org>
7
+ #
8
+ ##
9
+
10
+ require 'rex/proto/natpmp/constants'
11
+ require 'rex/proto/natpmp/packet'
@@ -0,0 +1,19 @@
1
+ # -*- coding: binary -*-
2
+ ##
3
+ #
4
+ # NAT-PMP constants
5
+ #
6
+ # by Jon Hart <jhart@spoofed.org>
7
+ #
8
+ ##
9
+
10
+ module Rex
11
+ module Proto
12
+ module NATPMP
13
+ DefaultPort = 5351
14
+ Version = 0
15
+ TCP = 2
16
+ UDP = 1
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,45 @@
1
+ # -*- coding: binary -*-
2
+ ##
3
+ #
4
+ # NAT-PMP protocol support
5
+ #
6
+ # by Jon Hart <jhart@spoofed.org>
7
+ #
8
+ ##
9
+
10
+ module Rex
11
+ module Proto
12
+ module NATPMP
13
+
14
+ # Return a NAT-PMP request to get the external address.
15
+ def self.external_address_request
16
+ [ 0, 0 ].pack('nn')
17
+ end
18
+
19
+ # Parse a NAT-PMP external address response +resp+.
20
+ # Returns the decoded parts of the response as an array.
21
+ def self.parse_external_address_response(resp)
22
+ (ver, op, result, epoch, addr) = resp.unpack("CCSLN")
23
+ [ ver, op, result, epoch, Rex::Socket::addr_itoa(addr) ]
24
+ end
25
+
26
+ # Return a NAT-PMP request to map remote port +rport+/+protocol+ to local port +lport+ for +lifetime+ ms
27
+ def self.map_port_request(lport, rport, protocol, lifetime)
28
+ [ Rex::Proto::NATPMP::Version, # version
29
+ protocol, # opcode, which is now the protocol we are asking to forward
30
+ 0, # reserved
31
+ lport,
32
+ rport,
33
+ lifetime
34
+ ].pack("ccnnnN")
35
+ end
36
+
37
+ # Parse a NAT-PMP mapping response +resp+.
38
+ # Returns the decoded parts as an array.
39
+ def self.parse_map_port_response(resp)
40
+ resp.unpack("CCSLnnN")
41
+ end
42
+ end
43
+
44
+ end
45
+ end
@@ -1,3 +1,4 @@
1
+ # -*- coding: binary -*-
1
2
  require 'rex/proto/ntlm/constants'
2
3
  require 'rex/proto/ntlm/exceptions'
3
4
  require 'rex/proto/ntlm/crypt'
@@ -1,4 +1,5 @@
1
1
  #!/usr/bin/env ruby
2
+ # -*- coding: binary -*-
2
3
 
3
4
  $:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
4
5
 
@@ -1,3 +1,4 @@
1
+ # -*- coding: binary -*-
1
2
  #
2
3
  # An NTLM Authentication Library for Ruby
3
4
  #
@@ -6,7 +7,7 @@
6
7
  # http://jp.rubyist.net/magazine/?0013-CodeReview
7
8
  # -------------------------------------------------------------
8
9
  # Copyright (c) 2005,2006 yrock
9
- #
10
+ #
10
11
  # This program is free software.
11
12
  # You can distribute/modify this program under the terms of the
12
13
  # Ruby License.
@@ -18,8 +19,8 @@
18
19
  # -------------------------------------------------------------
19
20
  #
20
21
  # All protocol information used to write this code stems from
21
- # "The NTLM Authentication Protocol" by Eric Glass. The author
22
- # would thank to him for this tremendous work and making it
22
+ # "The NTLM Authentication Protocol" by Eric Glass. The author
23
+ # would thank to him for this tremendous work and making it
23
24
  # available on the net.
24
25
  # http://davenport.sourceforge.net/ntlm.html
25
26
  # -------------------------------------------------------------
@@ -28,7 +29,7 @@
28
29
  # Permission to use, copy, modify, and distribute this document
29
30
  # for any purpose and without any fee is hereby granted,
30
31
  # provided that the above copyright notice and this list of
31
- # conditions appear in all copies.
32
+ # conditions appear in all copies.
32
33
  # -------------------------------------------------------------
33
34
  #
34
35
  # The author also looked Mozilla-Firefox-1.0.7 source code,
@@ -37,7 +38,7 @@
37
38
  # "http://x2a.org/websvn/filedetails.php?
38
39
  # repname=libntlm-ruby&path=%2Ftrunk%2Fntlm.rb&sc=1"
39
40
  # The latter has a minor bug in its separate_keys function.
40
- # The third key has to begin from the 14th character of the
41
+ # The third key has to begin from the 14th character of the
41
42
  # input string instead of 13th:)
42
43
  #--
43
44
  # $Id: ntlm.rb 11678 2011-01-30 19:26:35Z hdm $
@@ -54,26 +55,26 @@ class Base
54
55
 
55
56
  CONST = Rex::Proto::NTLM::Constants
56
57
 
57
- # base classes for primitives
58
- class Field
59
- attr_accessor :active, :value
58
+ # base classes for primitives
59
+ class Field
60
+ attr_accessor :active, :value
60
61
 
61
62
  def initialize(opts)
62
63
  @value = opts[:value]
63
64
  @active = opts[:active].nil? ? true : opts[:active]
64
65
  end
65
-
66
+
66
67
  def size
67
68
  @active ? @size : 0
68
69
  end
69
70
  end
70
-
71
+
71
72
  class String < Field
72
73
  def initialize(opts)
73
74
  super(opts)
74
75
  @size = opts[:size]
75
76
  end
76
-
77
+
77
78
  def parse(str, offset=0)
78
79
  if @active and str.size >= offset + @size
79
80
  @value = str[offset, @size]
@@ -82,7 +83,7 @@ CONST = Rex::Proto::NTLM::Constants
82
83
  0
83
84
  end
84
85
  end
85
-
86
+
86
87
  def serialize
87
88
  if @active
88
89
  @value
@@ -90,7 +91,7 @@ CONST = Rex::Proto::NTLM::Constants
90
91
  ""
91
92
  end
92
93
  end
93
-
94
+
94
95
  def value=(val)
95
96
  @value = val
96
97
  @size = @value.nil? ? 0 : @value.size
@@ -109,10 +110,10 @@ CONST = Rex::Proto::NTLM::Constants
109
110
  @value = str[offset, @size].unpack("v")[0]
110
111
  @size
111
112
  else
112
- 0
113
+ 0
113
114
  end
114
115
  end
115
-
116
+
116
117
  def serialize
117
118
  [@value].pack("v")
118
119
  end
@@ -153,7 +154,7 @@ CONST = Rex::Proto::NTLM::Constants
153
154
  0
154
155
  end
155
156
  end
156
-
157
+
157
158
  def serialize
158
159
  [@value & 0x00000000ffffffff, @value >> 32].pack("V2") if @active
159
160
  end
@@ -173,11 +174,11 @@ CONST = Rex::Proto::NTLM::Constants
173
174
  c.module_eval(&block)
174
175
  c
175
176
  end
176
-
177
+
177
178
  def string(name, opts)
178
179
  add_field(name, String, opts)
179
180
  end
180
-
181
+
181
182
  def int16LE(name, opts)
182
183
  add_field(name, Int16LE, opts)
183
184
  end
@@ -189,7 +190,7 @@ CONST = Rex::Proto::NTLM::Constants
189
190
  def int64LE(name, opts)
190
191
  add_field(name, Int64LE, opts)
191
192
  end
192
-
193
+
193
194
  def security_buffer(name, opts)
194
195
  add_field(name, SecurityBuffer, opts)
195
196
  end
@@ -197,7 +198,7 @@ CONST = Rex::Proto::NTLM::Constants
197
198
  def prototypes
198
199
  @proto
199
200
  end
200
-
201
+
201
202
  def names
202
203
  @proto.map{|n, t, o| n}
203
204
  end
@@ -205,39 +206,39 @@ CONST = Rex::Proto::NTLM::Constants
205
206
  def types
206
207
  @proto.map{|n, t, o| t}
207
208
  end
208
-
209
+
209
210
  def opts
210
211
  @proto.map{|n, t, o| o}
211
212
  end
212
-
213
+
213
214
  private
214
-
215
+
215
216
  def add_field(name, type, opts)
216
217
  (@proto ||= []).push [name, type, opts]
217
218
  define_accessor name
218
219
  end
219
-
220
+
220
221
  def define_accessor(name)
221
222
  module_eval(<<-End, __FILE__, __LINE__ + 1)
222
223
  def #{name}
223
224
  self['#{name}'].value
224
225
  end
225
-
226
+
226
227
  def #{name}=(val)
227
228
  self['#{name}'].value = val
228
229
  end
229
230
  End
230
- end
231
+ end
231
232
  end #self
232
-
233
+
233
234
  def initialize
234
235
  @alist = self.class.prototypes.map{ |n, t, o| [n, t.new(o)] }
235
236
  end
236
-
237
+
237
238
  def serialize
238
239
  @alist.map{|n, f| f.serialize }.join
239
240
  end
240
-
241
+
241
242
  def parse(str, offset=0)
242
243
  @alist.inject(offset){|cur, a| cur += a[1].parse(str, cur)}
243
244
  end
@@ -251,17 +252,17 @@ CONST = Rex::Proto::NTLM::Constants
251
252
  raise ArgumentError, "no such field: #{name}" unless a
252
253
  a[1]
253
254
  end
254
-
255
+
255
256
  def []=(name, val)
256
257
  a = @alist.assoc(name.to_s.intern)
257
258
  raise ArgumentError, "no such field: #{name}" unless a
258
259
  a[1] = val
259
260
  end
260
-
261
+
261
262
  def enable(name)
262
263
  self[name].active = true
263
264
  end
264
-
265
+
265
266
  def disable(name)
266
267
  self[name].active = false
267
268
  end
@@ -292,7 +293,7 @@ CONST = Rex::Proto::NTLM::Constants
292
293
  @active = opts[:active].nil? ? true : opts[:active]
293
294
  @size = 8
294
295
  end
295
-
296
+
296
297
  def parse(str, offset=0)
297
298
  if @active and str.size >= offset + @size
298
299
  super(str, offset)
@@ -302,20 +303,20 @@ CONST = Rex::Proto::NTLM::Constants
302
303
  0
303
304
  end
304
305
  end
305
-
306
+
306
307
  def serialize
307
308
  super if @active
308
309
  end
309
-
310
+
310
311
  def value
311
312
  @value
312
313
  end
313
-
314
+
314
315
  def value=(val)
315
316
  @value = val
316
317
  self.length = self.allocated = val.size
317
318
  end
318
-
319
+
319
320
  def data_size
320
321
  @active ? @value.size : 0
321
322
  end
@@ -1,3 +1,4 @@
1
+ # -*- coding: binary -*-
1
2
  module Rex
2
3
  module Proto
3
4
  module NTLM
@@ -1,3 +1,4 @@
1
+ # -*- coding: binary -*-
1
2
  #
2
3
  # An NTLM Authentication Library for Ruby
3
4
  #
@@ -6,7 +7,7 @@
6
7
  # http://jp.rubyist.net/magazine/?0013-CodeReview
7
8
  # -------------------------------------------------------------
8
9
  # Copyright (c) 2005,2006 yrock
9
- #
10
+ #
10
11
  # This program is free software.
11
12
  # You can distribute/modify this program under the terms of the
12
13
  # Ruby License.
@@ -21,8 +22,8 @@
21
22
  # -------------------------------------------------------------
22
23
  #
23
24
  # All protocol information used to write this code stems from
24
- # "The NTLM Authentication Protocol" by Eric Glass. The author
25
- # would thank to him for this tremendous work and making it
25
+ # "The NTLM Authentication Protocol" by Eric Glass. The author
26
+ # would thank to him for this tremendous work and making it
26
27
  # available on the net.
27
28
  # http://davenport.sourceforge.net/ntlm.html
28
29
  # -------------------------------------------------------------
@@ -31,7 +32,7 @@
31
32
  # Permission to use, copy, modify, and distribute this document
32
33
  # for any purpose and without any fee is hereby granted,
33
34
  # provided that the above copyright notice and this list of
34
- # conditions appear in all copies.
35
+ # conditions appear in all copies.
35
36
  # -------------------------------------------------------------
36
37
  #
37
38
  # The author also looked Mozilla-Firefox-1.0.7 source code,
@@ -40,7 +41,7 @@
40
41
  # "http://x2a.org/websvn/filedetails.php?
41
42
  # repname=libntlm-ruby&path=%2Ftrunk%2Fntlm.rb&sc=1"
42
43
  # The latter has a minor bug in its separate_keys function.
43
- # The third key has to begin from the 14th character of the
44
+ # The third key has to begin from the 14th character of the
44
45
  # input string instead of 13th:)
45
46
  #--
46
47
  # $Id: ntlm.rb 11678 2011-01-30 19:26:35Z hdm $
@@ -59,7 +60,7 @@ CONST = Rex::Proto::NTLM::Constants
59
60
  BASE = Rex::Proto::NTLM::Base
60
61
 
61
62
  @@loaded_openssl = false
62
-
63
+
63
64
  begin
64
65
  require 'openssl'
65
66
  require 'openssl/digest'
@@ -70,7 +71,7 @@ BASE = Rex::Proto::NTLM::Base
70
71
  def self.gen_keys(str)
71
72
  str.scan(/.{7}/).map{ |key| des_56_to_64(key) }
72
73
  end
73
-
74
+
74
75
  def self.des_56_to_64(ckey56s)
75
76
  ckey64 = []
76
77
  ckey56 = ckey56s.unpack('C*')
@@ -84,7 +85,7 @@ BASE = Rex::Proto::NTLM::Base
84
85
  ckey64[7] = (ckey56[6] << 1) & 0xFF
85
86
  ckey64.pack('C*')
86
87
  end
87
-
88
+
88
89
  def self.apply_des(plain, keys)
89
90
  raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
90
91
  dec = OpenSSL::Cipher::DES.new
@@ -93,13 +94,13 @@ BASE = Rex::Proto::NTLM::Base
93
94
  dec.encrypt.update(plain)
94
95
  end
95
96
  end
96
-
97
+
97
98
  def self.lm_hash(password, half = false)
98
99
  size = half ? 7 : 14
99
100
  keys = gen_keys(password.upcase.ljust(size, "\0"))
100
101
  apply_des(CONST::LM_MAGIC, keys).join
101
- end
102
-
102
+ end
103
+
103
104
  def self.ntlm_hash(password, opt = {})
104
105
  raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
105
106
  pwd = password.dup
@@ -108,16 +109,16 @@ BASE = Rex::Proto::NTLM::Base
108
109
  end
109
110
  OpenSSL::Digest::MD4.digest(pwd)
110
111
  end
111
-
112
+
112
113
  # This hash is used for lmv2/ntlmv2 response calculation
113
114
  def self.ntlmv2_hash(user, password, domain, opt={})
114
115
  raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
115
-
116
+
116
117
  if opt[:pass_is_hash]
117
118
  ntlmhash = password
118
119
  else
119
120
  ntlmhash = ntlm_hash(password, opt)
120
- end
121
+ end
121
122
  # With Win 7 and maybe other OSs we sometimes get the domain not uppercased
122
123
  userdomain = user.upcase + domain
123
124
  unless opt[:unicode]
@@ -141,13 +142,13 @@ BASE = Rex::Proto::NTLM::Base
141
142
  end
142
143
 
143
144
  # Synonym of lm_response for old compatibility with lib/rex/proto/smb/crypt
144
- def self.lanman_des(password, challenge)
145
+ def self.lanman_des(password, challenge)
145
146
  lm_response({
146
147
  :lm_hash => self.lm_hash(password),
147
148
  :challenge => challenge
148
149
  })
149
150
  end
150
-
151
+
151
152
  def self.ntlm_response(arg)
152
153
  hash = arg[:ntlm_hash]
153
154
  chal = arg[:challenge]
@@ -159,14 +160,14 @@ BASE = Rex::Proto::NTLM::Base
159
160
  #synonym of ntlm_response for old compatibility with lib/rex/proto/smb/crypt
160
161
  def self.ntlm_md4(password, challenge)
161
162
  ntlm_response({
162
- :ntlm_hash => self.ntlm_hash(password),
163
+ :ntlm_hash => self.ntlm_hash(password),
163
164
  :challenge => challenge
164
165
  })
165
166
  end
166
167
 
167
168
  def self.ntlmv2_response(arg, opt = {})
168
169
  raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
169
-
170
+
170
171
  key, chal = arg[:ntlmv2_hash], arg[:challenge]
171
172
  if not (key and chal)
172
173
  raise ArgumentError , 'ntlmv2_hash and challenge are mandatory'
@@ -174,10 +175,10 @@ BASE = Rex::Proto::NTLM::Base
174
175
 
175
176
  chal = BASE::pack_int64le(chal) if chal.is_a?(::Integer)
176
177
  bb = nil
177
-
178
+
178
179
  if opt[:nt_client_challenge]
179
180
  if opt[:nt_client_challenge].to_s.length <= 8
180
- raise ArgumentError,"nt_client_challenge is not in a correct format "
181
+ raise ArgumentError,"nt_client_challenge is not in a correct format "
181
182
  end
182
183
  bb = opt[:nt_client_challenge]
183
184
  else
@@ -199,25 +200,25 @@ BASE = Rex::Proto::NTLM::Base
199
200
  blob.timestamp = ts
200
201
  blob.challenge = cc
201
202
  blob.target_info = ti
202
-
203
+
203
204
  bb = blob.serialize
204
205
  end
205
206
 
206
207
  OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + bb) + bb
207
208
  end
208
-
209
+
209
210
  def self.lmv2_response(arg, opt = {})
210
211
  raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
211
212
  key = arg[:ntlmv2_hash]
212
213
  chal = arg[:challenge]
213
-
214
+
214
215
  chal = BASE::pack_int64le(chal) if chal.is_a?(::Integer)
215
216
  cc = opt[:client_challenge] || rand(CONST::MAX64)
216
217
  cc = BASE::pack_int64le(cc) if cc.is_a?(::Integer)
217
218
 
218
219
  OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + cc) + cc
219
220
  end
220
-
221
+
221
222
  def self.ntlm2_session(arg, opt = {})
222
223
  raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
223
224
  passwd_hash,chal = arg[:ntlm_hash],arg[:challenge]
@@ -234,43 +235,43 @@ BASE = Rex::Proto::NTLM::Base
234
235
  [cc.ljust(24, "\0"), response]
235
236
  end
236
237
 
237
- #this function will check if the net lm response provided correspond to en empty password
238
+ #this function will check if the net lm response provided correspond to en empty password
238
239
  def self.is_hash_from_empty_pwd?(arg)
239
240
  hash_type = arg[:type]
240
- raise ArgumentError,"arg[:type] is mandatory" if not hash_type
241
+ raise ArgumentError,"arg[:type] is mandatory" if not hash_type
241
242
  raise ArgumentError,"arg[:type] must be lm or ntlm" if not hash_type =~ /^((lm)|(ntlm))$/
242
243
 
243
244
  ntlm_ver = arg[:ntlm_ver]
244
245
  raise ArgumentError,"arg[:ntlm_ver] is mandatory" if not ntlm_ver
245
-
246
+
246
247
  hash = arg[:hash]
247
248
  raise ArgumentError,"arg[:hash] is mandatory" if not hash
248
249
 
249
- srv_chall = arg[:srv_challenge]
250
- raise ArgumentError,"arg[:srv_challenge] is mandatory" if not srv_chall
250
+ srv_chall = arg[:srv_challenge]
251
+ raise ArgumentError,"arg[:srv_challenge] is mandatory" if not srv_chall
251
252
  raise ArgumentError,"Server challenge length must be exactly 8 bytes" if srv_chall.length != 8
252
253
 
253
254
  #calculate responses for empty pwd
254
255
  case ntlm_ver
255
- when CONST::NTLM_V1_RESPONSE
256
+ when CONST::NTLM_V1_RESPONSE
256
257
  if hash.length != 24
257
258
  raise ArgumentError,"hash length must be exactly 24 bytes "
258
259
  end
259
260
  case hash_type
260
- when 'lm'
261
+ when 'lm'
261
262
  arglm = { :lm_hash => self.lm_hash(''),
262
263
  :challenge => srv_chall}
263
264
  calculatedhash = self.lm_response(arglm)
264
265
  when 'ntlm'
265
- argntlm = { :ntlm_hash => self.ntlm_hash(''),
266
+ argntlm = { :ntlm_hash => self.ntlm_hash(''),
266
267
  :challenge => srv_chall }
267
268
  calculatedhash = self.ntlm_response(argntlm)
268
269
  end
269
270
  when CONST::NTLM_V2_RESPONSE
270
271
  raise ArgumentError,"hash length must be exactly 16 bytes " if hash.length != 16
271
- cli_chall = arg[:cli_challenge]
272
+ cli_chall = arg[:cli_challenge]
272
273
  raise ArgumentError,"arg[:cli_challenge] is mandatory in this case" if not cli_chall
273
- user = arg[:user]
274
+ user = arg[:user]
274
275
  raise ArgumentError,"arg[:user] is mandatory in this case" if not user
275
276
  domain = arg[:domain]
276
277
  raise ArgumentError,"arg[:domain] is mandatory in this case" if not domain
@@ -291,14 +292,14 @@ BASE = Rex::Proto::NTLM::Base
291
292
  end
292
293
  when CONST::NTLM_2_SESSION_RESPONSE
293
294
  raise ArgumentError,"hash length must be exactly 16 bytes " if hash.length != 24
294
- cli_chall = arg[:cli_challenge]
295
+ cli_chall = arg[:cli_challenge]
295
296
  raise ArgumentError,"arg[:cli_challenge] is mandatory in this case" if not cli_chall
296
297
  raise ArgumentError,"Client challenge length must be exactly 8 bytes " if cli_chall.length != 8
297
298
  case hash_type
298
299
  when 'lm'
299
300
  raise ArgumentError, "ntlm2_session is incompatible with lm"
300
301
  when 'ntlm'
301
- argntlm = { :ntlm_hash => self.ntlm_hash(''),
302
+ argntlm = { :ntlm_hash => self.ntlm_hash(''),
302
303
  :challenge => srv_chall }
303
304
  optntlm = { :client_challenge => cli_chall}
304
305
  end
@@ -314,7 +315,7 @@ BASE = Rex::Proto::NTLM::Base
314
315
  #
315
316
  # Signing method added for metasploit project
316
317
  #
317
-
318
+
318
319
  # Used when only the LMv1 response is provided (i.e., with Win9x clients)
319
320
  def self.lmv1_user_session_key(pass, opt = {})
320
321
  if opt[:pass_is_hash]
@@ -324,7 +325,7 @@ BASE = Rex::Proto::NTLM::Base
324
325
  end
325
326
  usk.ljust(16,"\x00")
326
327
  end
327
-
328
+
328
329
  # This variant is used when the client sends the NTLMv1 response
329
330
  def self.ntlmv1_user_session_key(pass, opt = {})
330
331
  raise RuntimeError, "No OpenSSL support" if not @@loaded_openssl
@@ -379,7 +380,7 @@ BASE = Rex::Proto::NTLM::Base
379
380
  cipher = OpenSSL::Cipher::Cipher.new('rc4')
380
381
  cipher.encrypt
381
382
  cipher.key = user_session_key
382
- cipher.update(session_key)
383
+ cipher.update(session_key)
383
384
  end
384
385
 
385
386
  def self.decrypt_sessionkey(encrypted_session_key, user_session_key)
@@ -387,24 +388,24 @@ BASE = Rex::Proto::NTLM::Base
387
388
  cipher = OpenSSL::Cipher::Cipher.new('rc4')
388
389
  cipher.decrypt
389
390
  cipher.key = user_session_key
390
- cipher.update(encrypted_session_key)
391
+ cipher.update(encrypted_session_key)
391
392
  end
392
393
 
393
394
  def self.make_weak_sessionkey(session_key,key_size,lanman_key = false)
394
395
  case key_size
395
396
  when 40
396
397
  if lanman_key
397
- return session_key[0,5] + "\xe5\x38\xb0"
398
+ return session_key[0,5] + "\xe5\x38\xb0"
398
399
  else
399
- return session_key[0,5]
400
+ return session_key[0,5]
400
401
  end
401
402
  when 56
402
403
  if lanman_key
403
404
  return session_key[0,7] + "\xa0"
404
405
  else
405
- return session_key[0,7]
406
+ return session_key[0,7]
406
407
  end
407
- else #128
408
+ else #128
408
409
  return session_key[0,16]
409
410
  end
410
411
  end