librex 0.0.65 → 0.0.66

Sign up to get free protection for your applications and to get access to all the features.
Files changed (482) hide show
  1. data/README.markdown +1 -1
  2. data/lib/rex/arch.rb +1 -0
  3. data/lib/rex/arch/sparc.rb +16 -15
  4. data/lib/rex/arch/sparc.rb.ut.rb +2 -1
  5. data/lib/rex/arch/x86.rb +1 -0
  6. data/lib/rex/arch/x86.rb.ut.rb +2 -1
  7. data/lib/rex/assembly/nasm.rb +1 -0
  8. data/lib/rex/assembly/nasm.rb.ut.rb +2 -1
  9. data/lib/rex/compat.rb +13 -0
  10. data/lib/rex/constants.rb +5 -4
  11. data/lib/rex/elfparsey.rb +3 -2
  12. data/lib/rex/elfparsey/elf.rb +2 -1
  13. data/lib/rex/elfparsey/elfbase.rb +8 -7
  14. data/lib/rex/elfparsey/exceptions.rb +3 -2
  15. data/lib/rex/elfscan.rb +3 -2
  16. data/lib/rex/elfscan/scanner.rb +2 -1
  17. data/lib/rex/elfscan/search.rb +2 -1
  18. data/lib/rex/encoder/alpha2.rb +2 -1
  19. data/lib/rex/encoder/alpha2/alpha_mixed.rb +3 -2
  20. data/lib/rex/encoder/alpha2/alpha_upper.rb +5 -4
  21. data/lib/rex/encoder/alpha2/generic.rb +37 -60
  22. data/lib/rex/encoder/alpha2/unicode_mixed.rb +4 -9
  23. data/lib/rex/encoder/alpha2/unicode_upper.rb +4 -9
  24. data/lib/rex/encoder/ndr.rb +1 -0
  25. data/lib/rex/encoder/ndr.rb.ut.rb +2 -1
  26. data/lib/rex/encoder/nonalpha.rb +1 -0
  27. data/lib/rex/encoder/nonupper.rb +1 -0
  28. data/lib/rex/encoder/xdr.rb +9 -8
  29. data/lib/rex/encoder/xdr.rb.ut.rb +2 -1
  30. data/lib/rex/encoder/xor.rb +1 -0
  31. data/lib/rex/encoder/xor/dword.rb +2 -1
  32. data/lib/rex/encoder/xor/dword_additive.rb +2 -1
  33. data/lib/rex/encoders/xor_dword.rb +1 -0
  34. data/lib/rex/encoders/xor_dword_additive.rb +2 -1
  35. data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +2 -1
  36. data/lib/rex/encoding/xor.rb +2 -1
  37. data/lib/rex/encoding/xor.rb.ts.rb +2 -1
  38. data/lib/rex/encoding/xor/byte.rb +2 -1
  39. data/lib/rex/encoding/xor/byte.rb.ut.rb +2 -1
  40. data/lib/rex/encoding/xor/dword.rb +2 -1
  41. data/lib/rex/encoding/xor/dword.rb.ut.rb +2 -1
  42. data/lib/rex/encoding/xor/dword_additive.rb +1 -0
  43. data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +2 -1
  44. data/lib/rex/encoding/xor/exceptions.rb +1 -0
  45. data/lib/rex/encoding/xor/generic.rb +1 -0
  46. data/lib/rex/encoding/xor/generic.rb.ut.rb +2 -1
  47. data/lib/rex/encoding/xor/qword.rb +2 -1
  48. data/lib/rex/encoding/xor/word.rb +2 -1
  49. data/lib/rex/encoding/xor/word.rb.ut.rb +2 -1
  50. data/lib/rex/exceptions.rb +1 -0
  51. data/lib/rex/exceptions.rb.ut.rb +2 -1
  52. data/lib/rex/exploitation/cmdstager.rb +2 -1
  53. data/lib/rex/exploitation/cmdstager/base.rb +1 -0
  54. data/lib/rex/exploitation/cmdstager/debug_asm.rb +2 -1
  55. data/lib/rex/exploitation/cmdstager/debug_write.rb +2 -1
  56. data/lib/rex/exploitation/cmdstager/tftp.rb +2 -1
  57. data/lib/rex/exploitation/cmdstager/vbs.rb +2 -1
  58. data/lib/rex/exploitation/egghunter.rb +12 -11
  59. data/lib/rex/exploitation/egghunter.rb.ut.rb +2 -1
  60. data/lib/rex/exploitation/encryptjs.rb +1 -0
  61. data/lib/rex/exploitation/heaplib.rb +1 -0
  62. data/lib/rex/exploitation/javascriptosdetect.js +1014 -0
  63. data/lib/rex/exploitation/javascriptosdetect.rb +4 -857
  64. data/lib/rex/exploitation/jsobfu.rb +2 -1
  65. data/lib/rex/exploitation/obfuscatejs.rb +1 -0
  66. data/lib/rex/exploitation/omelet.rb +1 -0
  67. data/lib/rex/exploitation/omelet.rb.ut.rb +1 -0
  68. data/lib/rex/exploitation/opcodedb.rb +12 -11
  69. data/lib/rex/exploitation/opcodedb.rb.ut.rb +2 -1
  70. data/lib/rex/exploitation/seh.rb +3 -2
  71. data/lib/rex/exploitation/seh.rb.ut.rb +2 -1
  72. data/lib/rex/file.rb +4 -3
  73. data/lib/rex/file.rb.ut.rb +2 -1
  74. data/lib/rex/image_source.rb +3 -2
  75. data/lib/rex/image_source/disk.rb +3 -2
  76. data/lib/rex/image_source/image_source.rb +3 -2
  77. data/lib/rex/image_source/memory.rb +3 -2
  78. data/lib/rex/io/bidirectional_pipe.rb +1 -0
  79. data/lib/rex/io/datagram_abstraction.rb +2 -1
  80. data/lib/rex/io/ring_buffer.rb +49 -44
  81. data/lib/rex/io/ring_buffer.rb.ut.rb +4 -3
  82. data/lib/rex/io/stream.rb +1 -0
  83. data/lib/rex/io/stream_abstraction.rb +1 -0
  84. data/lib/rex/io/stream_server.rb +1 -0
  85. data/lib/rex/job_container.rb +1 -0
  86. data/lib/rex/logging.rb +2 -1
  87. data/lib/rex/logging/log_dispatcher.rb +5 -4
  88. data/lib/rex/logging/log_sink.rb +2 -1
  89. data/lib/rex/logging/sinks/flatfile.rb +4 -3
  90. data/lib/rex/logging/sinks/stderr.rb +2 -1
  91. data/lib/rex/machparsey.rb +2 -1
  92. data/lib/rex/machparsey/exceptions.rb +2 -1
  93. data/lib/rex/machparsey/mach.rb +20 -19
  94. data/lib/rex/machparsey/machbase.rb +27 -26
  95. data/lib/rex/machscan.rb +2 -1
  96. data/lib/rex/machscan/scanner.rb +1 -0
  97. data/lib/rex/mime.rb +2 -1
  98. data/lib/rex/mime/header.rb +1 -0
  99. data/lib/rex/mime/message.rb +4 -1
  100. data/lib/rex/mime/part.rb +2 -1
  101. data/lib/rex/nop/opty2.rb +2 -1
  102. data/lib/rex/nop/opty2.rb.ut.rb +2 -1
  103. data/lib/rex/nop/opty2_tables.rb +1 -0
  104. data/lib/rex/ole.rb +3 -2
  105. data/lib/rex/ole/clsid.rb +3 -2
  106. data/lib/rex/ole/difat.rb +3 -2
  107. data/lib/rex/ole/directory.rb +3 -2
  108. data/lib/rex/ole/direntry.rb +3 -2
  109. data/lib/rex/ole/fat.rb +3 -2
  110. data/lib/rex/ole/header.rb +3 -2
  111. data/lib/rex/ole/minifat.rb +3 -2
  112. data/lib/rex/ole/propset.rb +4 -3
  113. data/lib/rex/ole/samples/create_ole.rb +1 -0
  114. data/lib/rex/ole/samples/dir.rb +1 -0
  115. data/lib/rex/ole/samples/dump_stream.rb +1 -0
  116. data/lib/rex/ole/samples/ole_info.rb +1 -0
  117. data/lib/rex/ole/storage.rb +3 -2
  118. data/lib/rex/ole/stream.rb +3 -2
  119. data/lib/rex/ole/substorage.rb +3 -2
  120. data/lib/rex/ole/util.rb +3 -2
  121. data/lib/rex/parser/acunetix_nokogiri.rb +13 -12
  122. data/lib/rex/parser/apple_backup_manifestdb.rb +20 -19
  123. data/lib/rex/parser/appscan_nokogiri.rb +17 -16
  124. data/lib/rex/parser/arguments.rb +2 -1
  125. data/lib/rex/parser/arguments.rb.ut.rb +2 -1
  126. data/lib/rex/parser/burp_session_nokogiri.rb +8 -7
  127. data/lib/rex/parser/ci_nokogiri.rb +4 -3
  128. data/lib/rex/parser/foundstone_nokogiri.rb +18 -17
  129. data/lib/rex/parser/fusionvm_nokogiri.rb +109 -0
  130. data/lib/rex/parser/ini.rb +1 -0
  131. data/lib/rex/parser/ini.rb.ut.rb +2 -1
  132. data/lib/rex/parser/ip360_aspl_xml.rb +1 -0
  133. data/lib/rex/parser/ip360_xml.rb +4 -3
  134. data/lib/rex/parser/mbsa_nokogiri.rb +8 -7
  135. data/lib/rex/parser/nessus_xml.rb +3 -2
  136. data/lib/rex/parser/netsparker_xml.rb +10 -9
  137. data/lib/rex/parser/nexpose_raw_nokogiri.rb +372 -52
  138. data/lib/rex/parser/nexpose_simple_nokogiri.rb +8 -7
  139. data/lib/rex/parser/nexpose_xml.rb +1 -0
  140. data/lib/rex/parser/nmap_nokogiri.rb +63 -33
  141. data/lib/rex/parser/nmap_xml.rb +1 -0
  142. data/lib/rex/parser/nokogiri_doc_mixin.rb +35 -15
  143. data/lib/rex/parser/openvas_nokogiri.rb +172 -0
  144. data/lib/rex/parser/retina_xml.rb +1 -0
  145. data/lib/rex/parser/wapiti_nokogiri.rb +105 -0
  146. data/lib/rex/payloads.rb +2 -1
  147. data/lib/rex/payloads/win32.rb +2 -1
  148. data/lib/rex/payloads/win32/common.rb +2 -1
  149. data/lib/rex/payloads/win32/kernel.rb +2 -1
  150. data/lib/rex/payloads/win32/kernel/common.rb +4 -3
  151. data/lib/rex/payloads/win32/kernel/migration.rb +2 -1
  152. data/lib/rex/payloads/win32/kernel/recovery.rb +2 -1
  153. data/lib/rex/payloads/win32/kernel/stager.rb +21 -20
  154. data/lib/rex/peparsey.rb +3 -2
  155. data/lib/rex/peparsey/exceptions.rb +2 -1
  156. data/lib/rex/peparsey/pe.rb +3 -2
  157. data/lib/rex/peparsey/pe_memdump.rb +2 -1
  158. data/lib/rex/peparsey/pebase.rb +2 -1
  159. data/lib/rex/peparsey/section.rb +2 -1
  160. data/lib/rex/pescan.rb +3 -2
  161. data/lib/rex/pescan/analyze.rb +1 -0
  162. data/lib/rex/pescan/scanner.rb +1 -0
  163. data/lib/rex/pescan/search.rb +1 -0
  164. data/lib/rex/platforms.rb +2 -1
  165. data/lib/rex/platforms/windows.rb +2 -1
  166. data/lib/rex/poly.rb +2 -1
  167. data/lib/rex/poly/block.rb +16 -15
  168. data/lib/rex/poly/register.rb +2 -1
  169. data/lib/rex/poly/register/x86.rb +2 -1
  170. data/lib/rex/post.rb +2 -2
  171. data/lib/rex/post/dir.rb +2 -1
  172. data/lib/rex/post/file.rb +1 -0
  173. data/lib/rex/post/file_stat.rb +1 -0
  174. data/lib/rex/post/io.rb +2 -1
  175. data/lib/rex/post/meterpreter.rb +2 -1
  176. data/lib/rex/post/meterpreter/channel.rb +1 -0
  177. data/lib/rex/post/meterpreter/channel_container.rb +2 -1
  178. data/lib/rex/post/meterpreter/channels/pool.rb +1 -0
  179. data/lib/rex/post/meterpreter/channels/pools/file.rb +1 -0
  180. data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +3 -2
  181. data/lib/rex/post/meterpreter/channels/stream.rb +1 -0
  182. data/lib/rex/post/meterpreter/client.rb +23 -1
  183. data/lib/rex/post/meterpreter/client_core.rb +10 -5
  184. data/lib/rex/post/meterpreter/dependencies.rb +2 -1
  185. data/lib/rex/post/meterpreter/extension.rb +2 -1
  186. data/lib/rex/post/meterpreter/extensions/espia/espia.rb +7 -6
  187. data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +2 -1
  188. data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +5 -4
  189. data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +2 -1
  190. data/lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb +1 -0
  191. data/lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb +1 -0
  192. data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +7 -6
  193. data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +1 -0
  194. data/lib/rex/post/meterpreter/extensions/priv/fs.rb +2 -1
  195. data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +2 -1
  196. data/lib/rex/post/meterpreter/extensions/priv/priv.rb +1 -0
  197. data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +2 -1
  198. data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +28 -11
  199. data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +1 -0
  200. data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +6 -5
  201. data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +1 -0
  202. data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +3 -2
  203. data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +1 -0
  204. data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +2 -1
  205. data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +39 -5
  206. data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +75 -18
  207. data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +18 -6
  208. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +1 -0
  209. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +1 -0
  210. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +1 -0
  211. data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +1 -0
  212. data/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb +4 -1
  213. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +1 -0
  214. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb +1 -0
  215. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +1 -0
  216. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb +1 -0
  217. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +1 -0
  218. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb +1 -0
  219. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +1 -0
  220. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +1 -0
  221. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +12 -0
  222. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +1 -0
  223. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +1 -0
  224. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +1 -0
  225. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb +1 -0
  226. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +7 -0
  227. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +1 -0
  228. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb.ut.rb +1 -0
  229. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +1 -0
  230. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb +1 -0
  231. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +1 -0
  232. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb +1 -0
  233. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb +1 -0
  234. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb.ut.rb +1 -0
  235. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb +1 -0
  236. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +1 -0
  237. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb +23 -0
  238. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb.ut.rb +29 -0
  239. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +10 -5
  240. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb.ut.rb +9 -0
  241. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb +1 -0
  242. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb +106 -0
  243. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb.ut.rb +128 -0
  244. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +1 -0
  245. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +27 -6
  246. data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb +21 -0
  247. data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +1 -0
  248. data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +1 -0
  249. data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +1 -0
  250. data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +1 -0
  251. data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +2 -1
  252. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +43 -4
  253. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +1 -0
  254. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +2 -1
  255. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +1 -0
  256. data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +1 -0
  257. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +1 -0
  258. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +1 -0
  259. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +1 -0
  260. data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb +1 -0
  261. data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +1 -0
  262. data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +7 -0
  263. data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +14 -13
  264. data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +1 -0
  265. data/lib/rex/post/meterpreter/inbound_packet_handler.rb +2 -1
  266. data/lib/rex/post/meterpreter/object_aliases.rb +6 -5
  267. data/lib/rex/post/meterpreter/packet.rb +26 -6
  268. data/lib/rex/post/meterpreter/packet_dispatcher.rb +1 -0
  269. data/lib/rex/post/meterpreter/packet_parser.rb +1 -0
  270. data/lib/rex/post/meterpreter/packet_response_waiter.rb +1 -0
  271. data/lib/rex/post/meterpreter/ui/console.rb +1 -0
  272. data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +1 -0
  273. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +103 -28
  274. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +1 -0
  275. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +1 -0
  276. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +1 -0
  277. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +3 -2
  278. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +12 -11
  279. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +2 -1
  280. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +2 -1
  281. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +53 -36
  282. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +3 -2
  283. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +87 -44
  284. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +80 -18
  285. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +77 -48
  286. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +72 -41
  287. data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +24 -5
  288. data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +2 -1
  289. data/lib/rex/post/permission.rb +2 -1
  290. data/lib/rex/post/process.rb +2 -1
  291. data/lib/rex/post/thread.rb +2 -1
  292. data/lib/rex/post/ui.rb +2 -1
  293. data/lib/rex/proto.rb +1 -0
  294. data/lib/rex/proto.rb.ts.rb +2 -1
  295. data/lib/rex/proto/dcerpc.rb +2 -1
  296. data/lib/rex/proto/dcerpc.rb.ts.rb +2 -1
  297. data/lib/rex/proto/dcerpc/client.rb +1 -0
  298. data/lib/rex/proto/dcerpc/client.rb.ut.rb +1 -0
  299. data/lib/rex/proto/dcerpc/exceptions.rb +2 -1
  300. data/lib/rex/proto/dcerpc/handle.rb +1 -0
  301. data/lib/rex/proto/dcerpc/handle.rb.ut.rb +2 -1
  302. data/lib/rex/proto/dcerpc/ndr.rb +2 -1
  303. data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +2 -1
  304. data/lib/rex/proto/dcerpc/packet.rb +52 -45
  305. data/lib/rex/proto/dcerpc/packet.rb.ut.rb +12 -11
  306. data/lib/rex/proto/dcerpc/response.rb +1 -0
  307. data/lib/rex/proto/dcerpc/response.rb.ut.rb +2 -1
  308. data/lib/rex/proto/dcerpc/uuid.rb +13 -12
  309. data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +2 -1
  310. data/lib/rex/proto/dhcp.rb +2 -1
  311. data/lib/rex/proto/dhcp/constants.rb +2 -1
  312. data/lib/rex/proto/dhcp/server.rb +4 -3
  313. data/lib/rex/proto/drda.rb +1 -0
  314. data/lib/rex/proto/drda.rb.ts.rb +1 -0
  315. data/lib/rex/proto/drda/constants.rb +1 -0
  316. data/lib/rex/proto/drda/constants.rb.ut.rb +1 -0
  317. data/lib/rex/proto/drda/packet.rb +11 -10
  318. data/lib/rex/proto/drda/packet.rb.ut.rb +5 -4
  319. data/lib/rex/proto/drda/utils.rb +4 -3
  320. data/lib/rex/proto/drda/utils.rb.ut.rb +3 -2
  321. data/lib/rex/proto/http.rb +2 -1
  322. data/lib/rex/proto/http.rb.ts.rb +2 -1
  323. data/lib/rex/proto/http/client.rb +29 -5
  324. data/lib/rex/proto/http/client.rb.ut.rb +1 -0
  325. data/lib/rex/proto/http/handler.rb +2 -1
  326. data/lib/rex/proto/http/handler/erb.rb +5 -4
  327. data/lib/rex/proto/http/handler/erb.rb.ut.rb +2 -1
  328. data/lib/rex/proto/http/handler/proc.rb +1 -0
  329. data/lib/rex/proto/http/handler/proc.rb.ut.rb +2 -1
  330. data/lib/rex/proto/http/header.rb +3 -3
  331. data/lib/rex/proto/http/header.rb.ut.rb +2 -1
  332. data/lib/rex/proto/http/packet.rb +1 -0
  333. data/lib/rex/proto/http/packet.rb.ut.rb +15 -14
  334. data/lib/rex/proto/http/request.rb +23 -22
  335. data/lib/rex/proto/http/request.rb.ut.rb +2 -1
  336. data/lib/rex/proto/http/response.rb +6 -5
  337. data/lib/rex/proto/http/response.rb.ut.rb +7 -6
  338. data/lib/rex/proto/http/server.rb +1 -0
  339. data/lib/rex/proto/http/server.rb.ut.rb +6 -5
  340. data/lib/rex/proto/iax2.rb +1 -0
  341. data/lib/rex/proto/iax2/call.rb +48 -47
  342. data/lib/rex/proto/iax2/client.rb +23 -22
  343. data/lib/rex/proto/iax2/codecs.rb +1 -0
  344. data/lib/rex/proto/iax2/codecs/alaw.rb +1 -0
  345. data/lib/rex/proto/iax2/codecs/g711.rb +4 -3
  346. data/lib/rex/proto/iax2/codecs/mulaw.rb +1 -0
  347. data/lib/rex/proto/iax2/constants.rb +1 -0
  348. data/lib/rex/proto/natpmp.rb +11 -0
  349. data/lib/rex/proto/natpmp/constants.rb +19 -0
  350. data/lib/rex/proto/natpmp/packet.rb +45 -0
  351. data/lib/rex/proto/ntlm.rb +1 -0
  352. data/lib/rex/proto/ntlm.rb.ut.rb +1 -0
  353. data/lib/rex/proto/ntlm/base.rb +38 -37
  354. data/lib/rex/proto/ntlm/constants.rb +1 -0
  355. data/lib/rex/proto/ntlm/crypt.rb +45 -44
  356. data/lib/rex/proto/ntlm/exceptions.rb +1 -0
  357. data/lib/rex/proto/ntlm/message.rb +30 -29
  358. data/lib/rex/proto/ntlm/utils.rb +116 -115
  359. data/lib/rex/proto/proxy/socks4a.rb +1 -0
  360. data/lib/rex/proto/rfb.rb +1 -0
  361. data/lib/rex/proto/rfb.rb.ut.rb +1 -0
  362. data/lib/rex/proto/rfb/cipher.rb +1 -0
  363. data/lib/rex/proto/rfb/client.rb +1 -0
  364. data/lib/rex/proto/rfb/constants.rb +1 -0
  365. data/lib/rex/proto/smb.rb +2 -1
  366. data/lib/rex/proto/smb.rb.ts.rb +2 -1
  367. data/lib/rex/proto/smb/client.rb +23 -22
  368. data/lib/rex/proto/smb/client.rb.ut.rb +1 -0
  369. data/lib/rex/proto/smb/constants.rb +1 -0
  370. data/lib/rex/proto/smb/constants.rb.ut.rb +2 -1
  371. data/lib/rex/proto/smb/crypt.rb +3 -2
  372. data/lib/rex/proto/smb/evasions.rb +1 -0
  373. data/lib/rex/proto/smb/exceptions.rb +6 -5
  374. data/lib/rex/proto/smb/simpleclient.rb +1 -0
  375. data/lib/rex/proto/smb/simpleclient.rb.ut.rb +1 -0
  376. data/lib/rex/proto/smb/utils.rb +1 -0
  377. data/lib/rex/proto/smb/utils.rb.ut.rb +2 -1
  378. data/lib/rex/proto/sunrpc.rb +1 -0
  379. data/lib/rex/proto/sunrpc/client.rb +1 -0
  380. data/lib/rex/proto/tftp.rb +3 -1
  381. data/lib/rex/proto/tftp/client.rb +344 -0
  382. data/lib/rex/proto/tftp/constants.rb +2 -1
  383. data/lib/rex/proto/tftp/server.rb +2 -1
  384. data/lib/rex/proto/tftp/server.rb.ut.rb +3 -2
  385. data/lib/rex/registry.rb +14 -0
  386. data/lib/rex/registry/hive.rb +132 -0
  387. data/lib/rex/registry/lfkey.rb +51 -0
  388. data/lib/rex/registry/nodekey.rb +54 -0
  389. data/lib/rex/registry/regf.rb +25 -0
  390. data/lib/rex/registry/valuekey.rb +67 -0
  391. data/lib/rex/registry/valuelist.rb +29 -0
  392. data/lib/rex/ropbuilder.rb +2 -1
  393. data/lib/rex/ropbuilder/rop.rb +3 -2
  394. data/lib/rex/script.rb +1 -0
  395. data/lib/rex/script/base.rb +1 -0
  396. data/lib/rex/script/meterpreter.rb +1 -0
  397. data/lib/rex/script/shell.rb +1 -0
  398. data/lib/rex/service.rb +2 -1
  399. data/lib/rex/service_manager.rb +6 -5
  400. data/lib/rex/service_manager.rb.ut.rb +2 -1
  401. data/lib/rex/services/local_relay.rb +1 -0
  402. data/lib/rex/socket.rb +72 -36
  403. data/lib/rex/socket.rb.ut.rb +1 -0
  404. data/lib/rex/socket/comm.rb +1 -0
  405. data/lib/rex/socket/comm/local.rb +60 -13
  406. data/lib/rex/socket/comm/local.rb.ut.rb +2 -1
  407. data/lib/rex/socket/ip.rb +1 -0
  408. data/lib/rex/socket/parameters.rb +15 -14
  409. data/lib/rex/socket/parameters.rb.ut.rb +2 -1
  410. data/lib/rex/socket/range_walker.rb +71 -26
  411. data/lib/rex/socket/range_walker.rb.ut.rb +2 -1
  412. data/lib/rex/socket/ssl_tcp.rb +1 -0
  413. data/lib/rex/socket/ssl_tcp.rb.ut.rb +2 -1
  414. data/lib/rex/socket/ssl_tcp_server.rb +1 -0
  415. data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +1 -0
  416. data/lib/rex/socket/subnet_walker.rb +1 -0
  417. data/lib/rex/socket/subnet_walker.rb.ut.rb +2 -1
  418. data/lib/rex/socket/switch_board.rb +1 -0
  419. data/lib/rex/socket/switch_board.rb.ut.rb +2 -1
  420. data/lib/rex/socket/tcp.rb +4 -3
  421. data/lib/rex/socket/tcp.rb.ut.rb +2 -1
  422. data/lib/rex/socket/tcp_server.rb +1 -0
  423. data/lib/rex/socket/tcp_server.rb.ut.rb +2 -1
  424. data/lib/rex/socket/udp.rb +2 -1
  425. data/lib/rex/socket/udp.rb.ut.rb +2 -1
  426. data/lib/rex/struct2.rb +2 -1
  427. data/lib/rex/struct2/c_struct.rb +2 -1
  428. data/lib/rex/struct2/c_struct_template.rb +2 -1
  429. data/lib/rex/struct2/constant.rb +2 -1
  430. data/lib/rex/struct2/element.rb +2 -1
  431. data/lib/rex/struct2/generic.rb +1 -0
  432. data/lib/rex/struct2/restraint.rb +2 -1
  433. data/lib/rex/struct2/s_string.rb +1 -0
  434. data/lib/rex/struct2/s_struct.rb +1 -0
  435. data/lib/rex/sync.rb +2 -1
  436. data/lib/rex/sync/event.rb +1 -0
  437. data/lib/rex/sync/read_write_lock.rb +1 -0
  438. data/lib/rex/sync/ref.rb +2 -1
  439. data/lib/rex/sync/thread_safe.rb +2 -1
  440. data/lib/rex/test.rb +2 -1
  441. data/lib/rex/text.rb +136 -19
  442. data/lib/rex/text.rb.ut.rb +1 -0
  443. data/lib/rex/thread_factory.rb +5 -4
  444. data/lib/rex/time.rb +2 -1
  445. data/lib/rex/transformer.rb +1 -0
  446. data/lib/rex/transformer.rb.ut.rb +2 -1
  447. data/lib/rex/ui.rb +2 -1
  448. data/lib/rex/ui/interactive.rb +10 -9
  449. data/lib/rex/ui/output.rb +1 -0
  450. data/lib/rex/ui/output/none.rb +2 -1
  451. data/lib/rex/ui/progress_tracker.rb +2 -1
  452. data/lib/rex/ui/subscriber.rb +9 -8
  453. data/lib/rex/ui/text/color.rb +1 -0
  454. data/lib/rex/ui/text/color.rb.ut.rb +1 -0
  455. data/lib/rex/ui/text/dispatcher_shell.rb +63 -23
  456. data/lib/rex/ui/text/input.rb +1 -0
  457. data/lib/rex/ui/text/input/buffer.rb +7 -6
  458. data/lib/rex/ui/text/input/readline.rb +14 -13
  459. data/lib/rex/ui/text/input/socket.rb +1 -0
  460. data/lib/rex/ui/text/input/stdio.rb +2 -1
  461. data/lib/rex/ui/text/irb_shell.rb +1 -0
  462. data/lib/rex/ui/text/output.rb +1 -0
  463. data/lib/rex/ui/text/output/buffer.rb +1 -0
  464. data/lib/rex/ui/text/output/file.rb +1 -0
  465. data/lib/rex/ui/text/output/socket.rb +1 -0
  466. data/lib/rex/ui/text/output/stdio.rb +1 -0
  467. data/lib/rex/ui/text/output/tee.rb +1 -0
  468. data/lib/rex/ui/text/progress_tracker.rb +2 -1
  469. data/lib/rex/ui/text/progress_tracker.rb.ut.rb +2 -1
  470. data/lib/rex/ui/text/shell.rb +1 -0
  471. data/lib/rex/ui/text/table.rb +20 -14
  472. data/lib/rex/ui/text/table.rb.ut.rb +3 -2
  473. data/lib/rex/zip.rb +1 -0
  474. data/lib/rex/zip/archive.rb +2 -1
  475. data/lib/rex/zip/blocks.rb +3 -2
  476. data/lib/rex/zip/entry.rb +6 -7
  477. data/lib/rex/zip/jar.rb +4 -3
  478. data/lib/rex/zip/samples/comment.rb +1 -0
  479. data/lib/rex/zip/samples/mkwar.rb +1 -0
  480. data/lib/rex/zip/samples/mkzip.rb +1 -0
  481. data/lib/rex/zip/samples/recursive.rb +1 -0
  482. metadata +433 -435
@@ -1,17 +1,18 @@
1
- require File.join(File.expand_path(File.dirname(__FILE__)),"nokogiri_doc_mixin")
1
+ # -*- coding: binary -*-
2
+ require "rex/parser/nokogiri_doc_mixin"
2
3
 
3
4
  module Rex
4
5
  module Parser
5
6
 
6
- # If Nokogiri is available, define AppScan document class.
7
+ # If Nokogiri is available, define AppScan document class.
7
8
  load_nokogiri && class AppscanDocument < Nokogiri::XML::SAX::Document
8
9
 
9
10
  include NokogiriDocMixin
10
11
 
11
12
  # The resolver prefers your local /etc/hosts (or windows equiv), but will
12
- # fall back to regular DNS. It retains a cache for the import to avoid
13
+ # fall back to regular DNS. It retains a cache for the import to avoid
13
14
  # spamming your network with DNS requests.
14
- attr_reader :resolv_cache
15
+ attr_reader :resolv_cache
15
16
 
16
17
  # If name resolution of the host fails out completely, you will not be
17
18
  # able to import that Scan task. Other scan tasks in the same report
@@ -43,7 +44,7 @@ module Rex
43
44
  when "Issue" # Wrap it up
44
45
  record_issue
45
46
  # Reset the state once we close an issue
46
- @state = @state.select do
47
+ @state = @state.select do
47
48
  |k| [:current_tag, :web_sites].include? k
48
49
  end
49
50
  when "Url" # Populates @state[:web_site]
@@ -59,7 +60,7 @@ module Rex
59
60
  when "OriginalHttpTraffic" # Request and response
60
61
  @state[:has_text] = false
61
62
  record_request_and_response
62
- report_service_info
63
+ report_service_info
63
64
  page_info = report_web_page(&block)
64
65
  if page_info
65
66
  form_info = report_web_form(page_info,&block)
@@ -80,11 +81,11 @@ module Rex
80
81
  return unless @state[:issue]["Noise"].to_s.downcase == "false"
81
82
  return unless @state[:issue][:vuln_param]
82
83
  web_vuln_info = {}
83
- web_vuln_info[:web_site] = form_info[:web_site]
84
- web_vuln_info[:path] = form_info[:path]
85
- web_vuln_info[:query] = form_info[:query]
86
- web_vuln_info[:method] = form_info[:method]
87
- web_vuln_info[:params] = form_info[:params]
84
+ web_vuln_info[:web_site] = form_info[:web_site]
85
+ web_vuln_info[:path] = form_info[:path]
86
+ web_vuln_info[:query] = form_info[:query]
87
+ web_vuln_info[:method] = form_info[:method]
88
+ web_vuln_info[:params] = form_info[:params]
88
89
  web_vuln_info[:pname] = @state[:issue][:vuln_param]
89
90
  web_vuln_info[:proof] = "" # TODO: pick this up from <Difference> maybe?
90
91
  web_vuln_info[:risk] = @state[:issue][:risk]
@@ -150,9 +151,9 @@ module Rex
150
151
  web_page_info[:query] = @state[:uri].query
151
152
  code = @state[:response_headers].cmd_string.split(/\s+/)[1]
152
153
  return unless code
153
- web_page_info[:code] = code
154
+ web_page_info[:code] = code
154
155
  parsed_headers = {}
155
- @state[:response_headers].each do |k,v|
156
+ @state[:response_headers].each do |k,v|
156
157
  parsed_headers[k.to_s.downcase] ||= []
157
158
  parsed_headers[k.to_s.downcase] << v
158
159
  end
@@ -181,7 +182,7 @@ module Rex
181
182
  :proto => service.proto,
182
183
  :info => banner
183
184
  }
184
- db_report(:service, service_info)
185
+ db_report(:service, service_info)
185
186
  end
186
187
 
187
188
  def record_request_and_response
@@ -200,7 +201,7 @@ module Rex
200
201
  request_body_text = nil
201
202
  end
202
203
  response_headers_text = split_traffic[1].to_s[content_length,split_traffic[1].to_s.size].lstrip
203
- request = request_headers_text
204
+ request = request_headers_text
204
205
  return unless(request && response_headers_text)
205
206
  response_body_text = split_traffic[2]
206
207
  req_header = Rex::Proto::Http::Packet::Header.new
@@ -318,7 +319,7 @@ module Rex
318
319
  return address
319
320
  end
320
321
 
321
- # Alias this
322
+ # Alias this
322
323
  def resolve_issue_url_address(uri)
323
324
  if uri.host
324
325
  address = resolve_address(uri.host)
@@ -1,3 +1,4 @@
1
+ # -*- coding: binary -*-
1
2
  require 'shellwords'
2
3
 
3
4
  module Rex
@@ -28,7 +29,7 @@ class Arguments
28
29
  self.fmt = fmt
29
30
  # I think reduce is a better name for this method, but it doesn't exist
30
31
  # before 1.8.7, so use the stupid inject instead.
31
- self.longest = fmt.keys.inject(0) { |max, str|
32
+ self.longest = fmt.keys.inject(0) { |max, str|
32
33
  max = ((max > str.length) ? max : str.length)
33
34
  }
34
35
  end
@@ -1,4 +1,5 @@
1
1
  #!/usr/bin/env ruby
2
+ # -*- coding: binary -*-
2
3
 
3
4
  $:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
4
5
 
@@ -64,4 +65,4 @@ class Rex::Parser::Arguments::UnitTest < Test::Unit::TestCase
64
65
  assert_equal(args[9], "yup")
65
66
  end
66
67
 
67
- end
68
+ end
@@ -1,9 +1,10 @@
1
- require File.join(File.expand_path(File.dirname(__FILE__)),"nokogiri_doc_mixin")
1
+ # -*- coding: binary -*-
2
+ require "rex/parser/nokogiri_doc_mixin"
2
3
 
3
4
  module Rex
4
5
  module Parser
5
6
 
6
- # If Nokogiri is available, define Burp Session document class.
7
+ # If Nokogiri is available, define Burp Session document class.
7
8
  #
8
9
  # Burp Session XML files actually provide a lot, but since it also
9
10
  # provides the originating url, we can pull most of the detail from
@@ -13,9 +14,9 @@ module Rex
13
14
  include NokogiriDocMixin
14
15
 
15
16
  # The resolver prefers your local /etc/hosts (or windows equiv), but will
16
- # fall back to regular DNS. It retains a cache for the import to avoid
17
+ # fall back to regular DNS. It retains a cache for the import to avoid
17
18
  # spamming your network with DNS requests.
18
- attr_reader :resolv_cache
19
+ attr_reader :resolv_cache
19
20
 
20
21
  # Since we try to resolve every time we hit a new web page, need to
21
22
  # hang on to our misses. Presume that it's a permanent enough failure
@@ -51,7 +52,7 @@ module Rex
51
52
  def end_element(name=nil)
52
53
  block = @block
53
54
  case name
54
- when "item" # Wrap up this item, but keep resolved web sites
55
+ when "item" # Wrap up this item, but keep resolved web sites
55
56
  collect_uri
56
57
  report_web_site(&block)
57
58
  handle_parse_warnings(&block)
@@ -247,7 +248,7 @@ module Rex
247
248
  return unless block
248
249
  @parse_warnings.each_with_index do |pwarn,i|
249
250
  unless @parse_warned.include? i
250
- db.emit(:warning, pwarn, &block)
251
+ db.emit(:warning, pwarn, &block)
251
252
  @parse_warned << i
252
253
  end
253
254
  end
@@ -267,7 +268,7 @@ module Rex
267
268
  return address
268
269
  end
269
270
 
270
- # Alias this
271
+ # Alias this
271
272
  def resolve_vhost_address(uri)
272
273
  if uri.host
273
274
  address = resolve_address(uri.host)
@@ -1,4 +1,5 @@
1
- require File.join(File.expand_path(File.dirname(__FILE__)),"nokogiri_doc_mixin")
1
+ # -*- coding: binary -*-
2
+ require "rex/parser/nokogiri_doc_mixin"
2
3
 
3
4
  require 'msf/core'
4
5
 
@@ -120,7 +121,7 @@ module Rex
120
121
  end
121
122
 
122
123
  def report_services(host_object)
123
- return unless host_object.kind_of? ::Msf::DBManager::Host
124
+ return unless host_object.kind_of? ::Mdm::Host
124
125
 
125
126
  snames = {}
126
127
  ( @state[:root]["services"] || {} ).each_pair do |sname, sinfo|
@@ -170,7 +171,7 @@ module Rex
170
171
  def report_vulns(host_object)
171
172
  vuln_count = 0
172
173
  block = @block
173
- return unless host_object.kind_of? Msf::DBManager::Host
174
+ return unless host_object.kind_of? ::Mdm::Host
174
175
  return unless @state[:root]["Vulnerabilities"]
175
176
  @state[:root]["Vulnerabilities"].each_pair do |cve, vinfo|
176
177
  vinfo.each_pair do |vname, vdesc|
@@ -1,9 +1,10 @@
1
- require File.join(File.expand_path(File.dirname(__FILE__)),"nokogiri_doc_mixin")
1
+ # -*- coding: binary -*-
2
+ require "rex/parser/nokogiri_doc_mixin"
2
3
 
3
4
  module Rex
4
5
  module Parser
5
6
 
6
- # If Nokogiri is available, define Template document class.
7
+ # If Nokogiri is available, define Template document class.
7
8
  load_nokogiri && class FoundstoneDocument < Nokogiri::XML::SAX::Document
8
9
 
9
10
  include NokogiriDocMixin
@@ -25,7 +26,7 @@ module Rex
25
26
  check_for_correct_report_type(attrs,&block)
26
27
  when "Host"
27
28
  record_host(attrs)
28
- when "Service"
29
+ when "Service"
29
30
  record_service(attrs)
30
31
  when "Port", "Protocol", "Banner"
31
32
  @state[:has_text] = true
@@ -54,7 +55,7 @@ module Rex
54
55
  end
55
56
  # Reset the state once we close a host
56
57
  @state.delete_if {|k| k != :current_tag}
57
- when "Port"
58
+ when "Port"
58
59
  @state[:has_text] = false
59
60
  collect_port
60
61
  when "Protocol"
@@ -77,10 +78,10 @@ module Rex
77
78
  @state[:current_tag].delete name
78
79
  end
79
80
 
80
- # Nothing technically stopping us from parsing this as well,
81
+ # Nothing technically stopping us from parsing this as well,
81
82
  # but saving this for later
82
83
  def check_for_correct_report_type(attrs,&block)
83
- report_type = attr_hash(attrs)["ReportType"]
84
+ report_type = attr_hash(attrs)["ReportType"]
84
85
  if report_type == "Network Inventory"
85
86
  @report_type_ok = true
86
87
  else
@@ -139,7 +140,7 @@ module Rex
139
140
  return unless in_tag("HostData")
140
141
  return unless in_tag("Host")
141
142
  @state[:vulns] ||= []
142
-
143
+
143
144
  @state[:vuln] = attr_hash(attrs) # id and VulnName
144
145
  end
145
146
 
@@ -183,7 +184,7 @@ module Rex
183
184
  return unless in_tag("ServicesFound")
184
185
  return unless in_tag("Host")
185
186
  return unless @state[:service][:port]
186
- @report_data[:ports] ||= []
187
+ @report_data[:ports] ||= []
187
188
  port_hash = {}
188
189
  port_hash[:port] = @state[:service][:port]
189
190
  port_hash[:proto] = @state[:service][:proto]
@@ -232,7 +233,7 @@ module Rex
232
233
 
233
234
  def report_services(host_object)
234
235
  return unless in_tag("HostData")
235
- return unless host_object.kind_of? Msf::DBManager::Host
236
+ return unless host_object.kind_of? ::Mdm::Host
236
237
  return unless @report_data[:ports]
237
238
  return if @report_data[:ports].empty?
238
239
  @report_data[:ports].each do |svc|
@@ -242,7 +243,7 @@ module Rex
242
243
 
243
244
  def report_vulns(host_object)
244
245
  return unless in_tag("HostData")
245
- return unless host_object.kind_of? Msf::DBManager::Host
246
+ return unless host_object.kind_of? ::Mdm::Host
246
247
  return unless @report_data[:vulns]
247
248
  return if @report_data[:vulns].empty?
248
249
  @report_data[:vulns].each do |vuln|
@@ -268,7 +269,7 @@ module Rex
268
269
  # Services where we only care about the first
269
270
  # line of the banner tag.
270
271
  def first_line_only?(service)
271
- svcs = %w{
272
+ svcs = %w{
272
273
  vnc ftp ftps smtp oracle-tns nntp ssh ntp
273
274
  }
274
275
  9.times {|i| svcs << "vnc-#{i}"}
@@ -276,11 +277,11 @@ module Rex
276
277
  end
277
278
 
278
279
  # Services where we need to do more processing
279
- # before handing the banner back.
280
+ # before handing the banner back.
280
281
  def needs_more_processing?(service)
281
- svcs = %w{
282
+ svcs = %w{
282
283
  microsoft-ds loc-srv http https sunrpc netbios-ns
283
- }
284
+ }
284
285
  svcs.include? service
285
286
  end
286
287
 
@@ -288,7 +289,7 @@ module Rex
288
289
  str.split("\n").first.to_s.strip
289
290
  end
290
291
 
291
- # XXX: Actually implement more of these
292
+ # XXX: Actually implement more of these
292
293
  def process_service(service,banner)
293
294
  meth = "process_service_#{service.gsub("-","_")}"
294
295
  if self.respond_to? meth
@@ -310,9 +311,9 @@ module Rex
310
311
  def process_service_microsoft_ds(banner)
311
312
  lm_regex = /Native LAN Manager/
312
313
  lm_banner = nil
313
- banner.each_line { |line|
314
+ banner.each_line { |line|
314
315
  if line[lm_regex]
315
- lm_banner = line
316
+ lm_banner = line
316
317
  break
317
318
  end
318
319
  }
@@ -0,0 +1,109 @@
1
+ # -*- coding: binary -*-
2
+ require "rex/parser/nokogiri_doc_mixin"
3
+
4
+ module Rex
5
+ module Parser
6
+
7
+ # If Nokogiri is available, define document class.
8
+ load_nokogiri && class FusionVMDocument < Nokogiri::XML::SAX::Document
9
+
10
+
11
+ include NokogiriDocMixin
12
+
13
+ def start_element(name=nil,attrs=[])
14
+ return nil if in_tag("JobOrder")
15
+ attrs = normalize_attrs(attrs)
16
+ attrs = attr_hash(attrs)
17
+ @state[:current_tag][name] = true
18
+ case name
19
+ when "IPAddress"
20
+ thost={}
21
+ return nil unless attrs["IPAddress"] and attrs["HostName"]
22
+ thost = {
23
+ :host => attrs["IPAddress"],
24
+ :name => attrs["HostName"],
25
+ :workspace => @args[:wspace]
26
+ }
27
+ thost[:host] = attrs["IPAddress"]
28
+ thost[:name] = attrs["HostName"]
29
+ @host = db_report(:host, thost)
30
+ when "OS"
31
+ @state[:has_text] = true
32
+ when "Port"
33
+ @service = {
34
+ :host => @host,
35
+ :port => attrs["Number"],
36
+ :state => "open"
37
+ }
38
+ when "Service"
39
+ @state[:has_text] = true
40
+ when "Protocol"
41
+ @state[:has_text] = true
42
+ when "Exposure"
43
+ @vuln = {
44
+ :host => @host,
45
+ :refs => []
46
+ }
47
+ when "Title"
48
+ @state[:has_text] = true
49
+ when "Description"
50
+ @state[:has_text] = true
51
+ when "CVE"
52
+ @state[:has_text] = true
53
+ when "References"
54
+ @state[:has_text] = true
55
+ end
56
+ end
57
+
58
+ def end_element(name=nil)
59
+ unless in_tag("JobOrder")
60
+ case name
61
+ when "OS"
62
+ unless @host.nil? or @text.blank?
63
+ tnote = {
64
+ :type => "host.os.fusionvm_fingerprint",
65
+ :data => { :os => @text.strip },
66
+ :host => @host,
67
+ :workspace => @args[:wspace]
68
+ }
69
+ db_report(:note, tnote)
70
+ @host.normalize_os
71
+ end
72
+ when "IPAdress"
73
+ @host = nil
74
+ when "Service"
75
+ @service[:name] = @text.strip
76
+ when "Protocol"
77
+ @service[:proto] = @text.strip.downcase
78
+ when "Port"
79
+ db_report(:service, @service)
80
+ when "Exposure"
81
+ db_report(:vuln, @vuln)
82
+ when "Title"
83
+ @vuln[:name] = @text.strip
84
+ when "Description"
85
+ @vuln[:info] = @text.strip
86
+ when "CVE"
87
+ @vuln[:refs] << "CVE-#{@text.strip}"
88
+ when "References"
89
+ unless @text.blank?
90
+ @text.split(' ').each do |ref|
91
+ next unless ref.start_with? "http"
92
+ if ref =~ /MS\d{2}-\d{3}/
93
+ @vuln[:refs] << "MSB-#{$&}"
94
+ else
95
+ @vuln[:refs] << "URL-#{ref.strip}"
96
+ end
97
+ end
98
+ end
99
+ end
100
+ end
101
+ @text = nil
102
+ @state[:current_tag].delete name
103
+ end
104
+
105
+
106
+
107
+ end
108
+ end
109
+ end
@@ -1,3 +1,4 @@
1
+ # -*- coding: binary -*-
1
2
  module Rex
2
3
  module Parser
3
4
 
@@ -1,4 +1,5 @@
1
1
  #!/usr/bin/env ruby
2
+ # -*- coding: binary -*-
2
3
 
3
4
  $:.unshift(File.join(File.dirname(__FILE__), '..', '..'))
4
5
 
@@ -26,4 +27,4 @@ END
26
27
  assert_equal(TestIni + "\n", ini.to_s)
27
28
  end
28
29
 
29
- end
30
+ end
@@ -1,3 +1,4 @@
1
+ # -*- coding: binary -*-
1
2
  require 'rexml/document'
2
3
  require 'rex/ui'
3
4