RubyGems - librex - Versions diffs - 0.0.68 → 0.0.70 - Mend

librex 0.0.68 → 0.0.70

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (528) hide show

checksums.yaml +15 -0
data/README.markdown +1 -1
data/Rakefile +18 -16
data/lib/rex.rb +14 -10
data/lib/rex/LICENSE +2 -2
data/lib/rex/arch.rb +76 -76
data/lib/rex/arch/sparc.rb +57 -58
data/lib/rex/arch/x86.rb +506 -496
data/lib/rex/assembly/nasm.rb +83 -84
data/lib/rex/compat.rb +228 -173
data/lib/rex/constants.rb +47 -37
data/lib/rex/elfparsey.rb +0 -3
data/lib/rex/elfparsey/elf.rb +107 -110
data/lib/rex/elfparsey/elfbase.rb +244 -247
data/lib/rex/elfparsey/exceptions.rb +0 -3
data/lib/rex/elfscan.rb +0 -3
data/lib/rex/elfscan/scanner.rb +184 -166
data/lib/rex/elfscan/search.rb +35 -38
data/lib/rex/encoder/alpha2.rb +1 -2
data/lib/rex/encoder/alpha2/alpha_mixed.rb +52 -53
data/lib/rex/encoder/alpha2/alpha_upper.rb +62 -63
data/lib/rex/encoder/alpha2/generic.rb +77 -78
data/lib/rex/encoder/alpha2/unicode_mixed.rb +101 -97
data/lib/rex/encoder/alpha2/unicode_upper.rb +106 -107
data/lib/rex/encoder/bloxor/bloxor.rb +326 -0
data/lib/rex/encoder/ndr.rb +68 -68
data/lib/rex/encoder/nonalpha.rb +50 -51
data/lib/rex/encoder/nonupper.rb +50 -51
data/lib/rex/encoder/xdr.rb +78 -78
data/lib/rex/encoder/xor.rb +52 -53
data/lib/rex/encoder/xor/dword.rb +1 -2
data/lib/rex/encoder/xor/dword_additive.rb +1 -2
data/lib/rex/encoders/xor_dword.rb +17 -18
data/lib/rex/encoders/xor_dword_additive.rb +35 -36
data/lib/rex/encoding/xor.rb +0 -1
data/lib/rex/encoding/xor/byte.rb +3 -4
data/lib/rex/encoding/xor/dword.rb +3 -4
data/lib/rex/encoding/xor/dword_additive.rb +72 -73
data/lib/rex/encoding/xor/exceptions.rb +2 -3
data/lib/rex/encoding/xor/generic.rb +129 -130
data/lib/rex/encoding/xor/qword.rb +3 -4
data/lib/rex/encoding/xor/word.rb +3 -4
data/lib/rex/exceptions.rb +100 -101
data/lib/rex/exploitation/cmdstager.rb +3 -3
data/lib/rex/exploitation/cmdstager/base.rb +170 -156
data/lib/rex/exploitation/cmdstager/bourne.rb +105 -0
data/lib/rex/exploitation/cmdstager/debug_asm.rb +110 -113
data/lib/rex/exploitation/cmdstager/debug_write.rb +106 -109
data/lib/rex/exploitation/cmdstager/echo.rb +164 -0
data/lib/rex/exploitation/cmdstager/printf.rb +122 -0
data/lib/rex/exploitation/cmdstager/tftp.rb +34 -27
data/lib/rex/exploitation/cmdstager/vbs.rb +95 -98
data/lib/rex/exploitation/egghunter.rb +359 -346
data/lib/rex/exploitation/encryptjs.rb +60 -60
data/lib/rex/exploitation/heaplib.rb +76 -76
data/lib/rex/exploitation/js.rb +6 -0
data/lib/rex/exploitation/js/detect.rb +69 -0
data/lib/rex/exploitation/js/memory.rb +81 -0
data/lib/rex/exploitation/js/network.rb +84 -0
data/lib/rex/exploitation/js/utils.rb +33 -0
data/lib/rex/exploitation/jsobfu.rb +448 -424
data/lib/rex/exploitation/obfuscatejs.rb +301 -301
data/lib/rex/exploitation/omelet.rb +257 -257
data/lib/rex/exploitation/opcodedb.rb +699 -699
data/lib/rex/exploitation/ropdb.rb +189 -0
data/lib/rex/exploitation/seh.rb +68 -68
data/lib/rex/file.rb +96 -49
data/lib/rex/image_source.rb +0 -3
data/lib/rex/image_source/disk.rb +45 -48
data/lib/rex/image_source/image_source.rb +33 -36
data/lib/rex/image_source/memory.rb +17 -20
data/lib/rex/io/bidirectional_pipe.rb +118 -115
data/lib/rex/io/datagram_abstraction.rb +13 -14
data/lib/rex/io/ring_buffer.rb +273 -273
data/lib/rex/io/stream.rb +284 -284
data/lib/rex/io/stream_abstraction.rb +183 -181
data/lib/rex/io/stream_server.rb +193 -193
data/lib/rex/job_container.rb +167 -167
data/lib/rex/logging.rb +0 -1
data/lib/rex/logging/log_dispatcher.rb +113 -113
data/lib/rex/logging/log_sink.rb +17 -17
data/lib/rex/logging/sinks/flatfile.rb +36 -36
data/lib/rex/logging/sinks/stderr.rb +27 -27
data/lib/rex/mac_oui.rb +16572 -16571
data/lib/rex/machparsey.rb +0 -1
data/lib/rex/machparsey/exceptions.rb +0 -1
data/lib/rex/machparsey/mach.rb +160 -161
data/lib/rex/machparsey/machbase.rb +367 -368
data/lib/rex/machscan.rb +0 -1
data/lib/rex/machscan/scanner.rb +175 -176
data/lib/rex/mime/encoding.rb +17 -0
data/lib/rex/mime/header.rb +58 -58
data/lib/rex/mime/message.rb +140 -137
data/lib/rex/mime/part.rb +41 -12
data/lib/rex/nop/opty2.rb +90 -90
data/lib/rex/nop/opty2_tables.rb +273 -273
data/lib/rex/ole.rb +0 -4
data/lib/rex/ole/clsid.rb +26 -30
data/lib/rex/ole/difat.rb +121 -125
data/lib/rex/ole/directory.rb +205 -209
data/lib/rex/ole/direntry.rb +217 -221
data/lib/rex/ole/fat.rb +79 -83
data/lib/rex/ole/header.rb +178 -182
data/lib/rex/ole/minifat.rb +49 -53
data/lib/rex/ole/propset.rb +113 -117
data/lib/rex/ole/samples/create_ole.rb +8 -9
data/lib/rex/ole/samples/dir.rb +10 -11
data/lib/rex/ole/samples/dump_stream.rb +14 -15
data/lib/rex/ole/samples/ole_info.rb +5 -6
data/lib/rex/ole/storage.rb +372 -376
data/lib/rex/ole/stream.rb +33 -37
data/lib/rex/ole/substorage.rb +20 -24
data/lib/rex/ole/util.rb +137 -141
data/lib/rex/parser/acunetix_nokogiri.rb +398 -398
data/lib/rex/parser/apple_backup_manifestdb.rb +116 -116
data/lib/rex/parser/appscan_nokogiri.rb +359 -359
data/lib/rex/parser/arguments.rb +88 -88
data/lib/rex/parser/burp_session_nokogiri.rb +258 -258
data/lib/rex/parser/ci_nokogiri.rb +184 -184
data/lib/rex/parser/foundstone_nokogiri.rb +334 -333
data/lib/rex/parser/fusionvm_nokogiri.rb +94 -94
data/lib/rex/parser/ini.rb +167 -167
data/lib/rex/parser/ip360_aspl_xml.rb +84 -84
data/lib/rex/parser/ip360_xml.rb +77 -77
data/lib/rex/parser/mbsa_nokogiri.rb +224 -224
data/lib/rex/parser/nessus_xml.rb +100 -100
data/lib/rex/parser/netsparker_xml.rb +89 -75
data/lib/rex/parser/nexpose_raw_nokogiri.rb +677 -677
data/lib/rex/parser/nexpose_simple_nokogiri.rb +322 -322
data/lib/rex/parser/nexpose_xml.rb +105 -105
data/lib/rex/parser/nmap_nokogiri.rb +386 -386
data/lib/rex/parser/nmap_xml.rb +116 -116
data/lib/rex/parser/nokogiri_doc_mixin.rb +223 -221
data/lib/rex/parser/openvas_nokogiri.rb +162 -162
data/lib/rex/parser/outpost24_nokogiri.rb +239 -0
data/lib/rex/parser/retina_xml.rb +90 -90
data/lib/rex/parser/unattend.rb +171 -0
data/lib/rex/parser/wapiti_nokogiri.rb +89 -89
data/lib/rex/payloads/win32/common.rb +14 -14
data/lib/rex/payloads/win32/kernel.rb +36 -36
data/lib/rex/payloads/win32/kernel/common.rb +32 -32
data/lib/rex/payloads/win32/kernel/recovery.rb +27 -27
data/lib/rex/payloads/win32/kernel/stager.rb +170 -170
data/lib/rex/peparsey.rb +0 -3
data/lib/rex/peparsey/exceptions.rb +0 -3
data/lib/rex/peparsey/pe.rb +196 -199
data/lib/rex/peparsey/pe_memdump.rb +35 -38
data/lib/rex/peparsey/pebase.rb +1633 -1652
data/lib/rex/peparsey/section.rb +115 -124
data/lib/rex/pescan.rb +0 -3
data/lib/rex/pescan/analyze.rb +351 -351
data/lib/rex/pescan/scanner.rb +182 -182
data/lib/rex/pescan/search.rb +59 -59
data/lib/rex/platforms/windows.rb +37 -37
data/lib/rex/poly.rb +111 -110
data/lib/rex/poly/block.rb +419 -417
data/lib/rex/poly/machine.rb +12 -0
data/lib/rex/poly/machine/machine.rb +829 -0
data/lib/rex/poly/machine/x86.rb +508 -0
data/lib/rex/poly/register.rb +70 -70
data/lib/rex/poly/register/x86.rb +22 -22
data/lib/rex/post.rb +0 -1
data/lib/rex/post/dir.rb +35 -36
data/lib/rex/post/file.rb +140 -141
data/lib/rex/post/file_stat.rb +198 -199
data/lib/rex/post/io.rb +167 -168
data/lib/rex/post/meterpreter.rb +1 -1
data/lib/rex/post/meterpreter/channel.rb +389 -390
data/lib/rex/post/meterpreter/channel_container.rb +33 -34
data/lib/rex/post/meterpreter/channels/pool.rb +129 -130
data/lib/rex/post/meterpreter/channels/pools/file.rb +35 -36
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +72 -73
data/lib/rex/post/meterpreter/channels/stream.rb +62 -63
data/lib/rex/post/meterpreter/client.rb +442 -436
data/lib/rex/post/meterpreter/client_core.rb +326 -310
data/lib/rex/post/meterpreter/dependencies.rb +0 -1
data/lib/rex/post/meterpreter/extension.rb +12 -13
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +35 -36
data/lib/rex/post/meterpreter/extensions/extapi/adsi/adsi.rb +71 -0
data/lib/rex/post/meterpreter/extensions/extapi/clipboard/clipboard.rb +169 -0
data/lib/rex/post/meterpreter/extensions/extapi/extapi.rb +45 -0
data/lib/rex/post/meterpreter/extensions/extapi/service/service.rb +104 -0
data/lib/rex/post/meterpreter/extensions/extapi/tlv.rb +77 -0
data/lib/rex/post/meterpreter/extensions/extapi/window/window.rb +56 -0
data/lib/rex/post/meterpreter/extensions/extapi/wmi/wmi.rb +75 -0
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +70 -71
data/lib/rex/post/meterpreter/extensions/kiwi/kiwi.rb +361 -0
data/lib/rex/post/meterpreter/extensions/kiwi/tlv.rb +76 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/dhcp/dhcp.rb +78 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb +22 -78
data/lib/rex/post/meterpreter/extensions/lanattacks/tftp/tftp.rb +49 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb +4 -4
data/lib/rex/post/meterpreter/extensions/mimikatz/mimikatz.rb +128 -0
data/lib/rex/post/meterpreter/extensions/mimikatz/tlv.rb +16 -0
data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +38 -39
data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +1 -1
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +95 -96
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +39 -40
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +80 -85
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +94 -95
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +207 -147
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +258 -259
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +366 -301
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +72 -73
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +24 -25
data/lib/rex/post/meterpreter/extensions/stdapi/net/arp.rb +59 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +227 -149
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +107 -108
data/lib/rex/post/meterpreter/extensions/stdapi/net/netstat.rb +97 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/resolve.rb +106 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +41 -42
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +102 -101
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +151 -152
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +142 -142
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +185 -185
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +38118 -38117
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +7 -7
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +2086 -2084
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb +15 -15
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +80 -80
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +3835 -3833
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +84 -28
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +151 -137
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +15 -6
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +3155 -3155
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_version.rb +41 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb +70 -70
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wldap32.rb +128 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +596 -596
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +310 -301
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +71 -61
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +100 -100
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb +14 -14
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb +488 -488
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +273 -264
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb +5 -5
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +240 -238
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb +17 -15
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb +61 -61
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +654 -635
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +49 -49
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +103 -102
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +98 -68
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +165 -166
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +16 -17
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +34 -36
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +363 -364
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +102 -103
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +28 -29
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +303 -304
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +113 -114
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +260 -261
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +165 -166
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +69 -70
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb +160 -161
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +143 -144
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +29 -12
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +230 -231
data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +181 -44
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +12 -13
data/lib/rex/post/meterpreter/object_aliases.rb +56 -57
data/lib/rex/post/meterpreter/packet.rb +591 -592
data/lib/rex/post/meterpreter/packet_dispatcher.rb +506 -496
data/lib/rex/post/meterpreter/packet_parser.rb +72 -73
data/lib/rex/post/meterpreter/packet_response_waiter.rb +56 -57
data/lib/rex/post/meterpreter/ui/console.rb +112 -112
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +53 -53
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +911 -854
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +86 -86
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi.rb +65 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/adsi.rb +198 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/clipboard.rb +444 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/service.rb +199 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/window.rb +118 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/wmi.rb +108 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +220 -220
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/kiwi.rb +509 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks.rb +60 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks/dhcp.rb +254 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks/tftp.rb +159 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/mimikatz.rb +182 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +173 -173
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +40 -40
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +75 -77
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +30 -30
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +105 -105
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +182 -182
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +37 -37
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +504 -482
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +401 -330
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +883 -581
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +296 -299
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +320 -153
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +78 -78
data/lib/rex/post/permission.rb +0 -1
data/lib/rex/post/process.rb +39 -40
data/lib/rex/post/thread.rb +41 -42
data/lib/rex/post/ui.rb +35 -36
data/lib/rex/proto/addp.rb +218 -0
data/lib/rex/proto/dcerpc/client.rb +344 -344
data/lib/rex/proto/dcerpc/exceptions.rb +128 -128
data/lib/rex/proto/dcerpc/handle.rb +32 -32
data/lib/rex/proto/dcerpc/ndr.rb +56 -56
data/lib/rex/proto/dcerpc/packet.rb +249 -245
data/lib/rex/proto/dcerpc/response.rb +170 -170
data/lib/rex/proto/dcerpc/uuid.rb +65 -65
data/lib/rex/proto/dcerpc/wdscp.rb +3 -0
data/lib/rex/proto/dcerpc/wdscp/constants.rb +89 -0
data/lib/rex/proto/dcerpc/wdscp/packet.rb +94 -0
data/lib/rex/proto/dhcp.rb +0 -1
data/lib/rex/proto/dhcp/constants.rb +0 -1
data/lib/rex/proto/dhcp/server.rb +303 -304
data/lib/rex/proto/drda/constants.rb +1 -1
data/lib/rex/proto/drda/packet.rb +186 -186
data/lib/rex/proto/drda/utils.rb +104 -104
data/lib/rex/proto/http.rb +1 -0
data/lib/rex/proto/http/client.rb +692 -820
data/lib/rex/proto/http/client_request.rb +472 -0
data/lib/rex/proto/http/handler.rb +25 -25
data/lib/rex/proto/http/handler/erb.rb +104 -104
data/lib/rex/proto/http/handler/proc.rb +37 -37
data/lib/rex/proto/http/header.rb +149 -149
data/lib/rex/proto/http/packet.rb +388 -382
data/lib/rex/proto/http/request.rb +332 -335
data/lib/rex/proto/http/response.rb +132 -72
data/lib/rex/proto/http/server.rb +348 -338
data/lib/rex/proto/iax2/call.rb +310 -310
data/lib/rex/proto/iax2/client.rb +197 -197
data/lib/rex/proto/iax2/codecs/alaw.rb +4 -4
data/lib/rex/proto/iax2/codecs/mulaw.rb +4 -4
data/lib/rex/proto/ipmi.rb +57 -0
data/lib/rex/proto/ipmi/channel_auth_reply.rb +88 -0
data/lib/rex/proto/ipmi/open_session_reply.rb +35 -0
data/lib/rex/proto/ipmi/rakp2.rb +35 -0
data/lib/rex/proto/ipmi/utils.rb +125 -0
data/lib/rex/proto/natpmp.rb +1 -5
data/lib/rex/proto/natpmp/constants.rb +4 -4
data/lib/rex/proto/natpmp/packet.rb +25 -25
data/lib/rex/proto/ntlm/base.rb +271 -271
data/lib/rex/proto/ntlm/constants.rb +61 -61
data/lib/rex/proto/ntlm/crypt.rb +348 -352
data/lib/rex/proto/ntlm/exceptions.rb +3 -3
data/lib/rex/proto/ntlm/message.rb +468 -471
data/lib/rex/proto/ntlm/utils.rb +746 -746
data/lib/rex/proto/pjl.rb +30 -0
data/lib/rex/proto/pjl/client.rb +162 -0
data/lib/rex/proto/proxy/socks4a.rb +440 -440
data/lib/rex/proto/rfb.rb +1 -8
data/lib/rex/proto/rfb/cipher.rb +46 -49
data/lib/rex/proto/rfb/client.rb +179 -182
data/lib/rex/proto/rfb/constants.rb +18 -21
data/lib/rex/proto/smb/client.rb +1954 -1843
data/lib/rex/proto/smb/constants.rb +533 -516
data/lib/rex/proto/smb/crypt.rb +21 -21
data/lib/rex/proto/smb/evasions.rb +43 -43
data/lib/rex/proto/smb/exceptions.rb +791 -791
data/lib/rex/proto/smb/simpleclient.rb +142 -286
data/lib/rex/proto/smb/simpleclient/open_file.rb +106 -0
data/lib/rex/proto/smb/simpleclient/open_pipe.rb +57 -0
data/lib/rex/proto/smb/utils.rb +81 -81
data/lib/rex/proto/sunrpc/client.rb +158 -158
data/lib/rex/proto/tftp.rb +0 -1
data/lib/rex/proto/tftp/client.rb +289 -289
data/lib/rex/proto/tftp/constants.rb +9 -10
data/lib/rex/proto/tftp/server.rb +466 -467
data/lib/rex/random_identifier_generator.rb +176 -0
data/lib/rex/registry.rb +1 -1
data/lib/rex/registry/hive.rb +88 -88
data/lib/rex/registry/lfkey.rb +25 -25
data/lib/rex/registry/nodekey.rb +30 -30
data/lib/rex/registry/regf.rb +10 -10
data/lib/rex/registry/valuekey.rb +43 -43
data/lib/rex/registry/valuelist.rb +13 -13
data/lib/rex/ropbuilder/rop.rb +254 -253
data/lib/rex/script.rb +21 -22
data/lib/rex/script/base.rb +51 -50
data/lib/rex/script/meterpreter.rb +2 -2
data/lib/rex/service.rb +24 -24
data/lib/rex/service_manager.rb +132 -132
data/lib/rex/services/local_relay.rb +398 -398
data/lib/rex/socket.rb +758 -763
data/lib/rex/socket/comm.rb +95 -95
data/lib/rex/socket/comm/local.rb +507 -440
data/lib/rex/socket/ip.rb +118 -118
data/lib/rex/socket/parameters.rb +351 -350
data/lib/rex/socket/range_walker.rb +445 -368
data/lib/rex/socket/ssl_tcp.rb +323 -317
data/lib/rex/socket/ssl_tcp_server.rb +173 -158
data/lib/rex/socket/subnet_walker.rb +48 -48
data/lib/rex/socket/switch_board.rb +259 -259
data/lib/rex/socket/tcp.rb +58 -56
data/lib/rex/socket/tcp_server.rb +42 -42
data/lib/rex/socket/udp.rb +152 -152
data/lib/rex/sslscan/result.rb +200 -0
data/lib/rex/sslscan/scanner.rb +205 -0
data/lib/rex/struct2.rb +0 -1
data/lib/rex/struct2/c_struct.rb +162 -163
data/lib/rex/struct2/c_struct_template.rb +21 -22
data/lib/rex/struct2/constant.rb +6 -7
data/lib/rex/struct2/element.rb +30 -31
data/lib/rex/struct2/generic.rb +60 -61
data/lib/rex/struct2/restraint.rb +40 -41
data/lib/rex/struct2/s_string.rb +60 -61
data/lib/rex/struct2/s_struct.rb +97 -98
data/lib/rex/sync.rb +0 -1
data/lib/rex/sync/event.rb +62 -72
data/lib/rex/sync/read_write_lock.rb +149 -149
data/lib/rex/sync/ref.rb +42 -42
data/lib/rex/sync/thread_safe.rb +59 -59
data/lib/rex/text.rb +1803 -1315
data/lib/rex/thread_factory.rb +25 -25
data/lib/rex/time.rb +44 -44
data/lib/rex/transformer.rb +91 -91
data/lib/rex/ui/interactive.rb +265 -265
data/lib/rex/ui/output.rb +66 -60
data/lib/rex/ui/progress_tracker.rb +79 -79
data/lib/rex/ui/subscriber.rb +144 -134
data/lib/rex/ui/text/color.rb +76 -76
data/lib/rex/ui/text/dispatcher_shell.rb +512 -505
data/lib/rex/ui/text/input.rb +96 -96
data/lib/rex/ui/text/input/buffer.rb +58 -58
data/lib/rex/ui/text/input/readline.rb +114 -114
data/lib/rex/ui/text/input/socket.rb +77 -77
data/lib/rex/ui/text/input/stdio.rb +24 -24
data/lib/rex/ui/text/irb_shell.rb +45 -41
data/lib/rex/ui/text/output.rb +64 -60
data/lib/rex/ui/text/output/buffer.rb +42 -42
data/lib/rex/ui/text/output/buffer/stdout.rb +25 -0
data/lib/rex/ui/text/output/file.rb +24 -24
data/lib/rex/ui/text/output/socket.rb +24 -24
data/lib/rex/ui/text/output/stdio.rb +29 -29
data/lib/rex/ui/text/output/tee.rb +36 -36
data/lib/rex/ui/text/progress_tracker.rb +37 -37
data/lib/rex/ui/text/shell.rb +371 -361
data/lib/rex/ui/text/table.rb +320 -284
data/lib/rex/zip.rb +0 -1
data/lib/rex/zip/archive.rb +115 -94
data/lib/rex/zip/blocks.rb +101 -100
data/lib/rex/zip/entry.rb +108 -99
data/lib/rex/zip/jar.rb +261 -206
data/lib/rex/zip/samples/comment.rb +1 -2
data/lib/rex/zip/samples/mkwar.rb +12 -13
data/lib/rex/zip/samples/mkzip.rb +1 -2
data/lib/rex/zip/samples/recursive.rb +29 -30
metadata +424 -446
data/lib/rex/arch/sparc.rb.ut.rb +0 -19
data/lib/rex/arch/x86.rb.ut.rb +0 -94
data/lib/rex/assembly/nasm.rb.ut.rb +0 -23
data/lib/rex/encoder/ndr.rb.ut.rb +0 -45
data/lib/rex/encoder/xdr.rb.ut.rb +0 -30
data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +0 -13
data/lib/rex/encoding/xor.rb.ts.rb +0 -15
data/lib/rex/encoding/xor/byte.rb.ut.rb +0 -22
data/lib/rex/encoding/xor/dword.rb.ut.rb +0 -16
data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +0 -16
data/lib/rex/encoding/xor/generic.rb.ut.rb +0 -121
data/lib/rex/encoding/xor/word.rb.ut.rb +0 -14
data/lib/rex/exceptions.rb.ut.rb +0 -45
data/lib/rex/exploitation/egghunter.rb.ut.rb +0 -28
data/lib/rex/exploitation/javascriptosdetect.js +0 -1014
data/lib/rex/exploitation/javascriptosdetect.rb +0 -43
data/lib/rex/exploitation/omelet.rb.ut.rb +0 -27
data/lib/rex/exploitation/opcodedb.rb.ut.rb +0 -280
data/lib/rex/exploitation/seh.rb.ut.rb +0 -20
data/lib/rex/file.rb.ut.rb +0 -17
data/lib/rex/io/ring_buffer.rb.ut.rb +0 -135
data/lib/rex/nop/opty2.rb.ut.rb +0 -24
data/lib/rex/parser/arguments.rb.ut.rb +0 -68
data/lib/rex/parser/ini.rb.ut.rb +0 -30
data/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb +0 -18
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb +0 -39
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb +0 -37
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb.ut.rb +0 -52
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb +0 -43
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb +0 -128
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb.ut.rb +0 -64
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb.ut.rb +0 -29
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb.ut.rb +0 -155
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb.ut.rb +0 -128
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb +0 -124
data/lib/rex/proto.rb.ts.rb +0 -9
data/lib/rex/proto/dcerpc.rb.ts.rb +0 -10
data/lib/rex/proto/dcerpc/client.rb.ut.rb +0 -492
data/lib/rex/proto/dcerpc/handle.rb.ut.rb +0 -86
data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +0 -42
data/lib/rex/proto/dcerpc/packet.rb.ut.rb +0 -57
data/lib/rex/proto/dcerpc/response.rb.ut.rb +0 -16
data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +0 -47
data/lib/rex/proto/drda.rb.ts.rb +0 -18
data/lib/rex/proto/drda/constants.rb.ut.rb +0 -24
data/lib/rex/proto/drda/packet.rb.ut.rb +0 -110
data/lib/rex/proto/drda/utils.rb.ut.rb +0 -85
data/lib/rex/proto/http.rb.ts.rb +0 -13
data/lib/rex/proto/http/client.rb.ut.rb +0 -96
data/lib/rex/proto/http/handler/erb.rb.ut.rb +0 -22
data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +0 -1
data/lib/rex/proto/http/handler/proc.rb.ut.rb +0 -25
data/lib/rex/proto/http/header.rb.ut.rb +0 -47
data/lib/rex/proto/http/packet.rb.ut.rb +0 -166
data/lib/rex/proto/http/request.rb.ut.rb +0 -215
data/lib/rex/proto/http/response.rb.ut.rb +0 -150
data/lib/rex/proto/http/server.rb.ut.rb +0 -80
data/lib/rex/proto/ntlm.rb.ut.rb +0 -181
data/lib/rex/proto/rfb.rb.ut.rb +0 -40
data/lib/rex/proto/smb.rb.ts.rb +0 -9
data/lib/rex/proto/smb/client.rb.ut.rb +0 -224
data/lib/rex/proto/smb/constants.rb.ut.rb +0 -19
data/lib/rex/proto/smb/simpleclient.rb.ut.rb +0 -129
data/lib/rex/proto/smb/utils.rb.ut.rb +0 -21
data/lib/rex/proto/tftp/server.rb.ut.rb +0 -29
data/lib/rex/service_manager.rb.ut.rb +0 -33
data/lib/rex/socket.rb.ut.rb +0 -108
data/lib/rex/socket/comm/local.rb.ut.rb +0 -76
data/lib/rex/socket/parameters.rb.ut.rb +0 -52
data/lib/rex/socket/range_walker.rb.ut.rb +0 -56
data/lib/rex/socket/ssl_tcp.rb.ut.rb +0 -40
data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +0 -62
data/lib/rex/socket/subnet_walker.rb.ut.rb +0 -29
data/lib/rex/socket/switch_board.rb.ut.rb +0 -53
data/lib/rex/socket/tcp.rb.ut.rb +0 -65
data/lib/rex/socket/tcp_server.rb.ut.rb +0 -45
data/lib/rex/socket/udp.rb.ut.rb +0 -45
data/lib/rex/test.rb +0 -36
data/lib/rex/text.rb.ut.rb +0 -193
data/lib/rex/transformer.rb.ut.rb +0 -39
data/lib/rex/ui/text/color.rb.ut.rb +0 -19
data/lib/rex/ui/text/progress_tracker.rb.ut.rb +0 -35
data/lib/rex/ui/text/table.rb.ut.rb +0 -56

data/lib/rex/socket/range_walker.rb CHANGED

@@ -13,380 +13,457 @@ module Socket
 # show-stoppingly inefficient when storing a bunch of non-consecutive
 # addresses, which should be a somewhat unusual case.
 #
+# @example
+#   r = RangeWalker.new("10.1,3.1-7.1-255")
+#   r.include?("10.3.7.255") #=> true
+#   r.length #=> 3570
+#   r.each do |addr|
+#     # do something with the address
+#   end
 ###
 class RangeWalker
-	#
-	# Initializes a walker instance using the supplied range
-	#
-	def initialize(parseme)
-		if parseme.is_a? RangeWalker
-			@ranges = parseme.ranges.dup
-		else
-			@ranges = parse(parseme)
-		end
-		reset
-	end
-	#
-	# Calls the instance method
-	#
-	# This is basically only useful for determining if a range can be parsed
-	#
-	def self.parse(parseme)
-		self.new.parse(parseme)
-	end
-	#
-	# Turn a human-readable range string into ranges we can step through one address at a time.
-	#
-	# Allow the following formats:
-	#	"a.b.c.d e.f.g.h"
-	#	"a.b.c.d, e.f.g.h"
-	# where each chunk is CIDR notation, (e.g. '10.1.1.0/24') or a range in nmap format (see expand_nmap)
-	#
-	# OR this format
-	#	"a.b.c.d-e.f.g.h"
-	# where a.b.c.d and e.f.g.h are single IPs and the second must be
-	# bigger than the first.
-	#
-	def parse(parseme)
-		return nil if not parseme
-		ranges = []
-		parseme.split(', ').map{ |a| a.split(' ') }.flatten.each { |arg|
-			opts = {}
-			# Handle IPv6 first (support ranges, but not CIDR)
-			if arg.include?(":")
-				addrs = arg.split('-', 2)
-				# Handle a single address
-				if addrs.length == 1
-					addr, scope_id = addrs[0].split('%')
-					opts[:scope_id] = scope_id if scope_id
-					return false unless Rex::Socket.is_ipv6?(addr)
-					addr = Rex::Socket.addr_atoi(addr)
-					ranges.push [addr, addr, true, opts]
-					next
-				end
-				addr1, scope_id = addrs[0].split('%')
-				opts[:scope_id] = scope_id if scope_id
-				addr2, scope_id = addrs[0].split('%')
-				( opts[:scope_id] ||= scope_id ) if scope_id
-				return false if not (Rex::Socket.is_ipv6?(addr1) and Rex::Socket.is_ipv6?(addr2))
-				# Handle IPv6 ranges in the form of 2001::1-2001::10
-				addr1 = Rex::Socket.addr_atoi(addr1)
-				addr2 = Rex::Socket.addr_atoi(addr2)
-				ranges.push [addr1, addr2, true, opts]
-				next
-			# Handle IPv4 CIDR
-			elsif arg.include?("/")
-				# Then it's CIDR notation and needs special case
-				return false if arg =~ /[,-]/ # Improper CIDR notation (can't mix with 1,3 or 1-3 style IP ranges)
-				return false if arg.scan("/").size > 1 # ..but there are too many slashes
-				ip_part,mask_part = arg.split("/")
-				return false if ip_part.nil? or ip_part.empty? or mask_part.nil? or mask_part.empty?
-				return false if mask_part !~ /^[0-9]{1,2}$/ # Illegal mask -- numerals only
-				return false if mask_part.to_i > 32 # This too -- between 0 and 32.
-				begin
-					Rex::Socket.addr_atoi(ip_part) # This allows for "www.metasploit.com/24" which is fun.
-				rescue Resolv::ResolvError
-					return false # Can't resolve the ip_part, so bail.
-				end
-				expanded = expand_cidr(arg)
-				if expanded
-					ranges.push(expanded)
-				else
-					return false
-				end
-			# Handle hostnames
-			elsif arg =~ /[^-0-9,.*]/
-				# Then it's a domain name and we should send it on to addr_atoi
-				# unmolested to force a DNS lookup.
-				Rex::Socket.addr_atoi_list(arg).each { |addr| ranges.push [addr, addr, false, opts] }
-			# Handle IPv4 ranges
-			elsif arg =~ /^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})-([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/
-				# Then it's in the format of 1.2.3.4-5.6.7.8
-				# Note, this will /not/ deal with DNS names, or the fancy/obscure 10...1-10...2
-				begin
-					addrs = [Rex::Socket.addr_atoi($1), Rex::Socket.addr_atoi($2)]
-					return false if addrs[0] > addrs[1] # The end is greater than the beginning.
-					ranges.push [addrs[0], addrs[1], false, opts]
-				rescue Resolv::ResolvError # Something's broken, forget it.
-					return false
-				end
-			else
-				# Returns an array of ranges
-				expanded = expand_nmap(arg)
-				if expanded
-					expanded.each { |r| ranges.push(r) }
-				end
-			end
-		}
-		# Remove any duplicate ranges
-		ranges = ranges.uniq
-		return ranges
-	end
-	#
-	# Resets the subnet walker back to its original state.
-	#
-	def reset
-		return false if not valid?
-		@curr_range = 0
-		@curr_addr = @ranges[0][0]
-		@length = 0
-		@ranges.each { |r| @length += r[1] - r[0] + 1 }
-	end
-	#
-	# Returns the next IP address.
-	#
-	def next_ip
-		return false if not valid?
-		if (@curr_addr > @ranges[@curr_range][1])
-			if (@curr_range >= @ranges.length - 1)
-				return nil
-			end
-			@curr_range += 1
-			@curr_addr = @ranges[@curr_range][0]
-		end
-		addr = Rex::Socket.addr_itoa(@curr_addr, @ranges[@curr_range][2])
-		if @ranges[@curr_range][3][:scope_id]
-			addr = addr + '%' + @ranges[@curr_range][3][:scope_id]
-		end
-		@curr_addr += 1
-		return addr
-	end
-	def valid?
-		(@ranges and not @ranges.empty?)
-	end
-	#
-	# Returns true if the argument is an ip address that falls within any of
-	# the stored ranges.
-	#
-	def include?(addr)
-		return false if not @ranges
-		if (addr.is_a? String)
-			addr = Rex::Socket.addr_atoi(addr)
-		end
-		@ranges.map { |r|
-			if r[0] <= addr and addr <= r[1]
-				return true
-			end
-		}
-		return false
-	end
-	#
-	# Returns true if this RangeWalker includes all of the addresses in the
-	# given RangeWalker
-	#
-	def include_range?(range_walker)
-		return false if ((not @ranges) or @ranges.empty?)
-		return false if not range_walker.ranges
-		range_walker.ranges.all? do |start, stop|
-			ranges.any? do |self_start, self_stop|
-				r = (self_start..self_stop)
-				r.include?(start) and r.include?(stop)
-			end
-		end
-	end
-	#
-	# Calls the given block with each address. This is basically a wrapper for
-	# #next_ip
-	#
-	def each(&block)
-		while (ip = next_ip)
-			block.call(ip)
-		end
-	end
-	#
-	# Returns an array with one element, a Range defined by the given CIDR
-	# block.
-	#
-	def expand_cidr(arg)
-		start,stop = Rex::Socket.cidr_crack(arg)
-		if !start or !stop
-			return false
-		end
-		range = Range.new
-		range.start = Rex::Socket.addr_atoi(start)
-		range.stop = Rex::Socket.addr_atoi(stop)
-		range.ipv6 = (arg.include?(":"))
-		range.options = {}
-		return range
-	end
-	#
-	# Expands an nmap-style host range x.x.x.x where x can be simply "*" which
-	# means 0-255 or any combination and repitition of:
-	#    i,n
-	#    n-m
-	#    i,n-m
-	#    n-m,i
-	# ensuring that n is never greater than m.
-	#
-	# non-unique elements will be removed
-	#  e.g.:
-	#    10.1.1.1-3,2-2,2 =>  ["10.1.1.1", "10.1.1.2", "10.1.1.3"]
-	#    10.1.1.1-3,7 =>  ["10.1.1.1", "10.1.1.2", "10.1.1.3", "10.1.1.7"]
-	#
-	# Returns an array of Ranges
-	#
-	def expand_nmap(arg)
-		# Can't really do anything with IPv6
-		return false if arg.include?(":")
-		# nmap calls these errors, but it's hard to catch them with our
-		# splitting below, so short-cut them here
-		return false if arg.include?(",-") or arg.include?("-,")
-		bytes = []
-		sections = arg.split('.')
-		if sections.length != 4
-			# Too many or not enough dots
-			return false
-		end
-		sections.each { |section|
-			if section.empty?
-				# pretty sure this is an unintentional artifact of the C
-				# functions that turn strings into ints, but it sort of makes
-				# sense, so why not
-				#   "10...1" => "10.0.0.1"
-				section = "0"
-			end
-			if section == "*"
-				# I think this ought to be 1-254, but this is how nmap does it.
-				section = "0-255"
-			elsif section.include?("*")
-				return false
-			end
-			# Break down the sections into ranges like so
-			# "1-3,5-7" => ["1-3", "5-7"]
-			ranges = section.split(',', -1)
-			sets = []
-			ranges.each { |r|
-				bounds = []
-				if r.include?('-')
-					# Then it's an actual range, break it down into start,stop
-					# pairs:
-					#   "1-3" => [ 1, 3 ]
-					# if the lower bound is empty, start at 0
-					# if the upper bound is empty, stop at 255
-					#
-					bounds = r.split('-', -1)
-					return false if (bounds.length > 2)
-					bounds[0] = 0   if bounds[0].nil? or bounds[0].empty?
-					bounds[1] = 255 if bounds[1].nil? or bounds[1].empty?
-					bounds.map!{|b| b.to_i}
-					return false if bounds[0] > bounds[1]
-				else
-					# Then it's a single value
-					bounds[0] = r.to_i
-				end
-				return false if bounds[0] > 255 or (bounds[1] and bounds[1] > 255)
-				return false if bounds[1] and bounds[0] > bounds[1]
-				if bounds[1]
-					bounds[0].upto(bounds[1]) do |i|
-						sets.push(i)
-					end
-				elsif bounds[0]
-					sets.push(bounds[0])
-				end
-			}
-			bytes.push(sets.sort.uniq)
-		}
-		#
-		# Combinitorically squish all of the quads together into a big list of
-		# ip addresses, stored as ints
-		#
-		# e.g.:
-		#  [[1],[1],[1,2],[1,2]]
-		#  =>
-		#  [atoi("1.1.1.1"),atoi("1.1.1.2"),atoi("1.1.2.1"),atoi("1.1.2.2")]
-		addrs = []
-		for a in bytes[0]
-			for b in bytes[1]
-				for c in bytes[2]
-					for d in bytes[3]
-						ip = (a << 24) + (b << 16) + (c << 8) + d
-						addrs.push ip
-					end
-				end
-			end
-		end
-		addrs.sort!
-		addrs.uniq!
-		rng = Range.new
-		rng.ipv6 = false
-		rng.options = {}
-		rng.start = addrs[0]
-		ranges = []
-		1.upto(addrs.length - 1) do |idx|
-			if addrs[idx - 1] + 1 == addrs[idx]
-				# Then this address is contained in the current range
-				next
-			else
-				# Then this address is the upper bound for the current range
-				rng.stop = addrs[idx - 1]
-				ranges.push(rng.dup)
-				rng.start = addrs[idx]
-			end
-		end
-		rng.stop = addrs[addrs.length - 1]
-		ranges.push(rng.dup)
-		return ranges
-	end
-	#
-	# The total number of IPs within the range
-	#
-	attr_reader :length
-	# for backwards compatibility
-	alias :num_ips :length
-	attr_reader :ranges
+  # The total number of IPs within the range
+  #
+  # @return [Fixnum]
+  attr_reader :length
+  # for backwards compatibility
+  alias :num_ips :length
+  # A list of the {Range ranges} held in this RangeWalker
+  # @return [Array]
+  attr_reader :ranges
+  # Initializes a walker instance using the supplied range
+  #
+  # @param parseme [RangeWalker,String]
+  def initialize(parseme)
+    if parseme.is_a? RangeWalker
+      @ranges = parseme.ranges.dup
+    else
+      @ranges = parse(parseme)
+    end
+    reset
+  end
+  #
+  # Calls the instance method
+  #
+  # This is basically only useful for determining if a range can be parsed
+  #
+  # @return (see #parse)
+  def self.parse(parseme)
+    self.new.parse(parseme)
+  end
+  #
+  # Turn a human-readable range string into ranges we can step through one address at a time.
+  #
+  # Allow the following formats:
+  #   "a.b.c.d e.f.g.h"
+  #   "a.b.c.d, e.f.g.h"
+  # where each chunk is CIDR notation, (e.g. '10.1.1.0/24') or a range in nmap format (see {#expand_nmap})
+  #
+  # OR this format
+  #   "a.b.c.d-e.f.g.h"
+  # where a.b.c.d and e.f.g.h are single IPs and the second must be
+  # bigger than the first.
+  #
+  # @param parseme [String]
+  # @return [self]
+  # @return [false] if +parseme+ cannot be parsed
+  def parse(parseme)
+    return nil if not parseme
+    ranges = []
+    parseme.split(', ').map{ |a| a.split(' ') }.flatten.each do |arg|
+      opts = {}
+      # Handle IPv6 first (support ranges, but not CIDR)
+      if arg.include?(":")
+        addrs = arg.split('-', 2)
+        # Handle a single address
+        if addrs.length == 1
+          addr, scope_id = addrs[0].split('%')
+          opts[:scope_id] = scope_id if scope_id
+          opts[:ipv6] = true
+          return false unless Rex::Socket.is_ipv6?(addr)
+          addr = Rex::Socket.addr_atoi(addr)
+          ranges.push(Range.new(addr, addr, opts))
+          next
+        end
+        addr1, scope_id = addrs[0].split('%')
+        opts[:scope_id] = scope_id if scope_id
+        addr2, scope_id = addrs[0].split('%')
+        ( opts[:scope_id] ||= scope_id ) if scope_id
+        # Both have to be IPv6 for this to work
+        return false unless (Rex::Socket.is_ipv6?(addr1) && Rex::Socket.is_ipv6?(addr2))
+        # Handle IPv6 ranges in the form of 2001::1-2001::10
+        addr1 = Rex::Socket.addr_atoi(addr1)
+        addr2 = Rex::Socket.addr_atoi(addr2)
+        ranges.push(Range.new(addr1, addr2, opts))
+        next
+      # Handle IPv4 CIDR
+      elsif arg.include?("/")
+        # Then it's CIDR notation and needs special case
+        return false if arg =~ /[,-]/ # Improper CIDR notation (can't mix with 1,3 or 1-3 style IP ranges)
+        return false if arg.scan("/").size > 1 # ..but there are too many slashes
+        ip_part,mask_part = arg.split("/")
+        return false if ip_part.nil? or ip_part.empty? or mask_part.nil? or mask_part.empty?
+        return false if mask_part !~ /^[0-9]{1,2}$/ # Illegal mask -- numerals only
+        return false if mask_part.to_i > 32 # This too -- between 0 and 32.
+        if ip_part =~ /^\d{1,3}(\.\d{1,3}){1,3}$/
+          return false unless ip_part =~ Rex::Socket::MATCH_IPV4
+        end
+        begin
+          Rex::Socket.getaddress(ip_part) # This allows for "www.metasploit.com/24" which is fun.
+        rescue Resolv::ResolvError, ::SocketError, Errno::ENOENT
+          return false # Can't resolve the ip_part, so bail.
+        end
+        expanded = expand_cidr(arg)
+        if expanded
+          ranges.push(expanded)
+        else
+          return false
+        end
+      # Handle hostnames
+      elsif arg =~ /[^-0-9,.*]/
+        # Then it's a domain name and we should send it on to addr_atoi
+        # unmolested to force a DNS lookup.
+        begin
+          ranges += Rex::Socket.addr_atoi_list(arg).map { |a| Range.new(a, a, opts) }
+        rescue Resolv::ResolvError, ::SocketError, Errno::ENOENT
+          return false
+        end
+      # Handle IPv4 ranges
+      elsif arg =~ /^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})-([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/
+        # Then it's in the format of 1.2.3.4-5.6.7.8
+        # Note, this will /not/ deal with DNS names, or the fancy/obscure 10...1-10...2
+        begin
+          start, stop = Rex::Socket.addr_atoi($1), Rex::Socket.addr_atoi($2)
+          return false if start > stop # The end is greater than the beginning.
+          ranges.push(Range.new(start, stop, opts))
+        rescue Resolv::ResolvError, ::SocketError, Errno::ENOENT
+          return false
+        end
+      else
+        # Returns an array of ranges
+        expanded = expand_nmap(arg)
+        if expanded
+          expanded.each { |r| ranges.push(r) }
+        end
+      end
+    end
+    # Remove any duplicate ranges
+    ranges = ranges.uniq
+    return ranges
+  end
+  #
+  # Resets the subnet walker back to its original state.
+  #
+  # @return [self]
+  def reset
+    return false if not valid?
+    @curr_range_index = 0
+    @curr_addr = @ranges.first.start
+    @length = 0
+    @ranges.each { |r| @length += r.length }
+    self
+  end
+  # Returns the next IP address.
+  #
+  # @return [String] The next address in the range
+  def next_ip
+    return false if not valid?
+    if (@curr_addr > @ranges[@curr_range_index].stop)
+      # Then we are at the end of this range. Grab the next one.
+      # Bail if there are no more ranges
+      return nil if (@ranges[@curr_range_index+1].nil?)
+      @curr_range_index += 1
+      @curr_addr = @ranges[@curr_range_index].start
+    end
+    addr = Rex::Socket.addr_itoa(@curr_addr, @ranges[@curr_range_index].ipv6?)
+    if @ranges[@curr_range_index].options[:scope_id]
+      addr = addr + '%' + @ranges[@curr_range_index].options[:scope_id]
+    end
+    @curr_addr += 1
+    return addr
+  end
+  alias :next :next_ip
+  # Whether this RangeWalker's ranges are valid
+  def valid?
+    (@ranges && !@ranges.empty?)
+  end
+  # Returns true if the argument is an ip address that falls within any of
+  # the stored ranges.
+  #
+  # @return [true] if this RangeWalker contains +addr+
+  # @return [false] if not
+  def include?(addr)
+    return false if not @ranges
+    if (addr.is_a? String)
+      addr = Rex::Socket.addr_atoi(addr)
+    end
+    @ranges.map { |r|
+      if addr.between?(r.start, r.stop)
+        return true
+      end
+    }
+    return false
+  end
+  #
+  # Returns true if this RangeWalker includes *all* of the addresses in the
+  # given RangeWalker
+  #
+  # @param other [RangeWalker]
+  def include_range?(other)
+    return false if (!@ranges || @ranges.empty?)
+    return false if !other.ranges || other.ranges.empty?
+    # Check that all the ranges in +other+ fall within at least one of
+    # our ranges.
+    other.ranges.all? do |other_range|
+      ranges.any? do |range|
+        other_range.start.between?(range.start, range.stop) && other_range.stop.between?(range.start, range.stop)
+      end
+    end
+  end
+  #
+  # Calls the given block with each address. This is basically a wrapper for
+  # {#next_ip}
+  #
+  # @return [self]
+  def each(&block)
+    while (ip = next_ip)
+      block.call(ip)
+    end
+    reset
+    self
+  end
+  #
+  # Returns an Array with one element, a {Range} defined by the given CIDR
+  # block.
+  #
+  # @see Rex::Socket.cidr_crack
+  # @param arg [String] A CIDR range
+  # @return [Range]
+  # @return [false] if +arg+ is not valid CIDR notation
+  def expand_cidr(arg)
+    start,stop = Rex::Socket.cidr_crack(arg)
+    if !start or !stop
+      return false
+    end
+    range = Range.new
+    range.start = Rex::Socket.addr_atoi(start)
+    range.stop = Rex::Socket.addr_atoi(stop)
+    range.options = { :ipv6 => (arg.include?(":")) }
+    return range
+  end
+  #
+  # Expands an nmap-style host range x.x.x.x where x can be simply "*" which
+  # means 0-255 or any combination and repitition of:
+  #    i,n
+  #    n-m
+  #    i,n-m
+  #    n-m,i
+  # ensuring that n is never greater than m.
+  #
+  # non-unique elements will be removed
+  #  e.g.:
+  #    10.1.1.1-3,2-2,2 =>  ["10.1.1.1", "10.1.1.2", "10.1.1.3"]
+  #    10.1.1.1-3,7 =>  ["10.1.1.1", "10.1.1.2", "10.1.1.3", "10.1.1.7"]
+  #
+  # Returns an array of Ranges
+  #
+  def expand_nmap(arg)
+    # Can't really do anything with IPv6
+    return false if arg.include?(":")
+    # nmap calls these errors, but it's hard to catch them with our
+    # splitting below, so short-cut them here
+    return false if arg.include?(",-") or arg.include?("-,")
+    bytes = []
+    sections = arg.split('.')
+    if sections.length != 4
+      # Too many or not enough dots
+      return false
+    end
+    sections.each { |section|
+      if section.empty?
+        # pretty sure this is an unintentional artifact of the C
+        # functions that turn strings into ints, but it sort of makes
+        # sense, so why not
+        #   "10...1" => "10.0.0.1"
+        section = "0"
+      end
+      if section == "*"
+        # I think this ought to be 1-254, but this is how nmap does it.
+        section = "0-255"
+      elsif section.include?("*")
+        return false
+      end
+      # Break down the sections into ranges like so
+      # "1-3,5-7" => ["1-3", "5-7"]
+      ranges = section.split(',', -1)
+      sets = []
+      ranges.each { |r|
+        bounds = []
+        if r.include?('-')
+          # Then it's an actual range, break it down into start,stop
+          # pairs:
+          #   "1-3" => [ 1, 3 ]
+          # if the lower bound is empty, start at 0
+          # if the upper bound is empty, stop at 255
+          #
+          bounds = r.split('-', -1)
+          return false if (bounds.length > 2)
+          bounds[0] = 0   if bounds[0].nil? or bounds[0].empty?
+          bounds[1] = 255 if bounds[1].nil? or bounds[1].empty?
+          bounds.map!{|b| b.to_i}
+          return false if bounds[0] > bounds[1]
+        else
+          # Then it's a single value
+          bounds[0] = r.to_i
+        end
+        return false if bounds[0] > 255 or (bounds[1] and bounds[1] > 255)
+        return false if bounds[1] and bounds[0] > bounds[1]
+        if bounds[1]
+          bounds[0].upto(bounds[1]) do |i|
+            sets.push(i)
+          end
+        elsif bounds[0]
+          sets.push(bounds[0])
+        end
+      }
+      bytes.push(sets.sort.uniq)
+    }
+    #
+    # Combinitorically squish all of the quads together into a big list of
+    # ip addresses, stored as ints
+    #
+    # e.g.:
+    #  [[1],[1],[1,2],[1,2]]
+    #  =>
+    #  [atoi("1.1.1.1"),atoi("1.1.1.2"),atoi("1.1.2.1"),atoi("1.1.2.2")]
+    addrs = []
+    for a in bytes[0]
+      for b in bytes[1]
+        for c in bytes[2]
+          for d in bytes[3]
+            ip = (a << 24) + (b << 16) + (c << 8) + d
+            addrs.push ip
+          end
+        end
+      end
+    end
+    addrs.sort!
+    addrs.uniq!
+    rng = Range.new
+    rng.options = { :ipv6 => false }
+    rng.start = addrs[0]
+    ranges = []
+    1.upto(addrs.length - 1) do |idx|
+      if addrs[idx - 1] + 1 == addrs[idx]
+        # Then this address is contained in the current range
+        next
+      else
+        # Then this address is the upper bound for the current range
+        rng.stop = addrs[idx - 1]
+        ranges.push(rng.dup)
+        rng.start = addrs[idx]
+      end
+    end
+    rng.stop = addrs[addrs.length - 1]
+    ranges.push(rng.dup)
+    return ranges
+  end
 end
-class Range < Array # :nodoc: all
-	def start; self[0]; end
-	def stop;  self[1]; end
-	def ipv6;  self[2]; end
-	def options; self[3]; end
-	def start=(val); self[0] = val; end
-	def stop=(val);  self[1] = val; end
-	def ipv6=(val);  self[2] = val; end
-	def options=(val); self[3] = val; end
+# A range of IP addresses
+class Range
+  #@!attribute start
+  #   The first address in this range, as a number
+  #   @return [Fixnum]
+  attr_accessor :start
+  #@!attribute stop
+  #   The last address in this range, as a number
+  #   @return [Fixnum]
+  attr_accessor :stop
+  #@!attribute options
+  #   @return [Hash]
+  attr_accessor :options
+  # @param start [Fixnum]
+  # @param stop  [Fixnum]
+  # @param options [Hash] Recognized keys are:
+  #   * +:ipv6+
+  #   * +:scope_id+
+  def initialize(start=nil, stop=nil, options=nil)
+    @start = start
+    @stop = stop
+    @options = options
+  end
+  # Compare attributes with +other+
+  # @param other [Range]
+  # @return [Boolean]
+  def ==(other)
+    (other.start == start && other.stop == stop && other.ipv6? == ipv6? && other.options == options)
+  end
+  # The number of addresses in this Range
+  # @return [Fixnum]
+  def length
+    stop - start + 1
+  end
+  alias :count :length
+  # Whether this Range contains IPv6 or IPv4 addresses
+  # @return [Boolean]
+  def ipv6?
+    options[:ipv6]
+  end
 end
 end