RubyGems - librex - Versions diffs - 0.0.68 → 0.0.70 - Mend

librex 0.0.68 → 0.0.70

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (528) hide show

checksums.yaml +15 -0
data/README.markdown +1 -1
data/Rakefile +18 -16
data/lib/rex.rb +14 -10
data/lib/rex/LICENSE +2 -2
data/lib/rex/arch.rb +76 -76
data/lib/rex/arch/sparc.rb +57 -58
data/lib/rex/arch/x86.rb +506 -496
data/lib/rex/assembly/nasm.rb +83 -84
data/lib/rex/compat.rb +228 -173
data/lib/rex/constants.rb +47 -37
data/lib/rex/elfparsey.rb +0 -3
data/lib/rex/elfparsey/elf.rb +107 -110
data/lib/rex/elfparsey/elfbase.rb +244 -247
data/lib/rex/elfparsey/exceptions.rb +0 -3
data/lib/rex/elfscan.rb +0 -3
data/lib/rex/elfscan/scanner.rb +184 -166
data/lib/rex/elfscan/search.rb +35 -38
data/lib/rex/encoder/alpha2.rb +1 -2
data/lib/rex/encoder/alpha2/alpha_mixed.rb +52 -53
data/lib/rex/encoder/alpha2/alpha_upper.rb +62 -63
data/lib/rex/encoder/alpha2/generic.rb +77 -78
data/lib/rex/encoder/alpha2/unicode_mixed.rb +101 -97
data/lib/rex/encoder/alpha2/unicode_upper.rb +106 -107
data/lib/rex/encoder/bloxor/bloxor.rb +326 -0
data/lib/rex/encoder/ndr.rb +68 -68
data/lib/rex/encoder/nonalpha.rb +50 -51
data/lib/rex/encoder/nonupper.rb +50 -51
data/lib/rex/encoder/xdr.rb +78 -78
data/lib/rex/encoder/xor.rb +52 -53
data/lib/rex/encoder/xor/dword.rb +1 -2
data/lib/rex/encoder/xor/dword_additive.rb +1 -2
data/lib/rex/encoders/xor_dword.rb +17 -18
data/lib/rex/encoders/xor_dword_additive.rb +35 -36
data/lib/rex/encoding/xor.rb +0 -1
data/lib/rex/encoding/xor/byte.rb +3 -4
data/lib/rex/encoding/xor/dword.rb +3 -4
data/lib/rex/encoding/xor/dword_additive.rb +72 -73
data/lib/rex/encoding/xor/exceptions.rb +2 -3
data/lib/rex/encoding/xor/generic.rb +129 -130
data/lib/rex/encoding/xor/qword.rb +3 -4
data/lib/rex/encoding/xor/word.rb +3 -4
data/lib/rex/exceptions.rb +100 -101
data/lib/rex/exploitation/cmdstager.rb +3 -3
data/lib/rex/exploitation/cmdstager/base.rb +170 -156
data/lib/rex/exploitation/cmdstager/bourne.rb +105 -0
data/lib/rex/exploitation/cmdstager/debug_asm.rb +110 -113
data/lib/rex/exploitation/cmdstager/debug_write.rb +106 -109
data/lib/rex/exploitation/cmdstager/echo.rb +164 -0
data/lib/rex/exploitation/cmdstager/printf.rb +122 -0
data/lib/rex/exploitation/cmdstager/tftp.rb +34 -27
data/lib/rex/exploitation/cmdstager/vbs.rb +95 -98
data/lib/rex/exploitation/egghunter.rb +359 -346
data/lib/rex/exploitation/encryptjs.rb +60 -60
data/lib/rex/exploitation/heaplib.rb +76 -76
data/lib/rex/exploitation/js.rb +6 -0
data/lib/rex/exploitation/js/detect.rb +69 -0
data/lib/rex/exploitation/js/memory.rb +81 -0
data/lib/rex/exploitation/js/network.rb +84 -0
data/lib/rex/exploitation/js/utils.rb +33 -0
data/lib/rex/exploitation/jsobfu.rb +448 -424
data/lib/rex/exploitation/obfuscatejs.rb +301 -301
data/lib/rex/exploitation/omelet.rb +257 -257
data/lib/rex/exploitation/opcodedb.rb +699 -699
data/lib/rex/exploitation/ropdb.rb +189 -0
data/lib/rex/exploitation/seh.rb +68 -68
data/lib/rex/file.rb +96 -49
data/lib/rex/image_source.rb +0 -3
data/lib/rex/image_source/disk.rb +45 -48
data/lib/rex/image_source/image_source.rb +33 -36
data/lib/rex/image_source/memory.rb +17 -20
data/lib/rex/io/bidirectional_pipe.rb +118 -115
data/lib/rex/io/datagram_abstraction.rb +13 -14
data/lib/rex/io/ring_buffer.rb +273 -273
data/lib/rex/io/stream.rb +284 -284
data/lib/rex/io/stream_abstraction.rb +183 -181
data/lib/rex/io/stream_server.rb +193 -193
data/lib/rex/job_container.rb +167 -167
data/lib/rex/logging.rb +0 -1
data/lib/rex/logging/log_dispatcher.rb +113 -113
data/lib/rex/logging/log_sink.rb +17 -17
data/lib/rex/logging/sinks/flatfile.rb +36 -36
data/lib/rex/logging/sinks/stderr.rb +27 -27
data/lib/rex/mac_oui.rb +16572 -16571
data/lib/rex/machparsey.rb +0 -1
data/lib/rex/machparsey/exceptions.rb +0 -1
data/lib/rex/machparsey/mach.rb +160 -161
data/lib/rex/machparsey/machbase.rb +367 -368
data/lib/rex/machscan.rb +0 -1
data/lib/rex/machscan/scanner.rb +175 -176
data/lib/rex/mime/encoding.rb +17 -0
data/lib/rex/mime/header.rb +58 -58
data/lib/rex/mime/message.rb +140 -137
data/lib/rex/mime/part.rb +41 -12
data/lib/rex/nop/opty2.rb +90 -90
data/lib/rex/nop/opty2_tables.rb +273 -273
data/lib/rex/ole.rb +0 -4
data/lib/rex/ole/clsid.rb +26 -30
data/lib/rex/ole/difat.rb +121 -125
data/lib/rex/ole/directory.rb +205 -209
data/lib/rex/ole/direntry.rb +217 -221
data/lib/rex/ole/fat.rb +79 -83
data/lib/rex/ole/header.rb +178 -182
data/lib/rex/ole/minifat.rb +49 -53
data/lib/rex/ole/propset.rb +113 -117
data/lib/rex/ole/samples/create_ole.rb +8 -9
data/lib/rex/ole/samples/dir.rb +10 -11
data/lib/rex/ole/samples/dump_stream.rb +14 -15
data/lib/rex/ole/samples/ole_info.rb +5 -6
data/lib/rex/ole/storage.rb +372 -376
data/lib/rex/ole/stream.rb +33 -37
data/lib/rex/ole/substorage.rb +20 -24
data/lib/rex/ole/util.rb +137 -141
data/lib/rex/parser/acunetix_nokogiri.rb +398 -398
data/lib/rex/parser/apple_backup_manifestdb.rb +116 -116
data/lib/rex/parser/appscan_nokogiri.rb +359 -359
data/lib/rex/parser/arguments.rb +88 -88
data/lib/rex/parser/burp_session_nokogiri.rb +258 -258
data/lib/rex/parser/ci_nokogiri.rb +184 -184
data/lib/rex/parser/foundstone_nokogiri.rb +334 -333
data/lib/rex/parser/fusionvm_nokogiri.rb +94 -94
data/lib/rex/parser/ini.rb +167 -167
data/lib/rex/parser/ip360_aspl_xml.rb +84 -84
data/lib/rex/parser/ip360_xml.rb +77 -77
data/lib/rex/parser/mbsa_nokogiri.rb +224 -224
data/lib/rex/parser/nessus_xml.rb +100 -100
data/lib/rex/parser/netsparker_xml.rb +89 -75
data/lib/rex/parser/nexpose_raw_nokogiri.rb +677 -677
data/lib/rex/parser/nexpose_simple_nokogiri.rb +322 -322
data/lib/rex/parser/nexpose_xml.rb +105 -105
data/lib/rex/parser/nmap_nokogiri.rb +386 -386
data/lib/rex/parser/nmap_xml.rb +116 -116
data/lib/rex/parser/nokogiri_doc_mixin.rb +223 -221
data/lib/rex/parser/openvas_nokogiri.rb +162 -162
data/lib/rex/parser/outpost24_nokogiri.rb +239 -0
data/lib/rex/parser/retina_xml.rb +90 -90
data/lib/rex/parser/unattend.rb +171 -0
data/lib/rex/parser/wapiti_nokogiri.rb +89 -89
data/lib/rex/payloads/win32/common.rb +14 -14
data/lib/rex/payloads/win32/kernel.rb +36 -36
data/lib/rex/payloads/win32/kernel/common.rb +32 -32
data/lib/rex/payloads/win32/kernel/recovery.rb +27 -27
data/lib/rex/payloads/win32/kernel/stager.rb +170 -170
data/lib/rex/peparsey.rb +0 -3
data/lib/rex/peparsey/exceptions.rb +0 -3
data/lib/rex/peparsey/pe.rb +196 -199
data/lib/rex/peparsey/pe_memdump.rb +35 -38
data/lib/rex/peparsey/pebase.rb +1633 -1652
data/lib/rex/peparsey/section.rb +115 -124
data/lib/rex/pescan.rb +0 -3
data/lib/rex/pescan/analyze.rb +351 -351
data/lib/rex/pescan/scanner.rb +182 -182
data/lib/rex/pescan/search.rb +59 -59
data/lib/rex/platforms/windows.rb +37 -37
data/lib/rex/poly.rb +111 -110
data/lib/rex/poly/block.rb +419 -417
data/lib/rex/poly/machine.rb +12 -0
data/lib/rex/poly/machine/machine.rb +829 -0
data/lib/rex/poly/machine/x86.rb +508 -0
data/lib/rex/poly/register.rb +70 -70
data/lib/rex/poly/register/x86.rb +22 -22
data/lib/rex/post.rb +0 -1
data/lib/rex/post/dir.rb +35 -36
data/lib/rex/post/file.rb +140 -141
data/lib/rex/post/file_stat.rb +198 -199
data/lib/rex/post/io.rb +167 -168
data/lib/rex/post/meterpreter.rb +1 -1
data/lib/rex/post/meterpreter/channel.rb +389 -390
data/lib/rex/post/meterpreter/channel_container.rb +33 -34
data/lib/rex/post/meterpreter/channels/pool.rb +129 -130
data/lib/rex/post/meterpreter/channels/pools/file.rb +35 -36
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +72 -73
data/lib/rex/post/meterpreter/channels/stream.rb +62 -63
data/lib/rex/post/meterpreter/client.rb +442 -436
data/lib/rex/post/meterpreter/client_core.rb +326 -310
data/lib/rex/post/meterpreter/dependencies.rb +0 -1
data/lib/rex/post/meterpreter/extension.rb +12 -13
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +35 -36
data/lib/rex/post/meterpreter/extensions/extapi/adsi/adsi.rb +71 -0
data/lib/rex/post/meterpreter/extensions/extapi/clipboard/clipboard.rb +169 -0
data/lib/rex/post/meterpreter/extensions/extapi/extapi.rb +45 -0
data/lib/rex/post/meterpreter/extensions/extapi/service/service.rb +104 -0
data/lib/rex/post/meterpreter/extensions/extapi/tlv.rb +77 -0
data/lib/rex/post/meterpreter/extensions/extapi/window/window.rb +56 -0
data/lib/rex/post/meterpreter/extensions/extapi/wmi/wmi.rb +75 -0
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +70 -71
data/lib/rex/post/meterpreter/extensions/kiwi/kiwi.rb +361 -0
data/lib/rex/post/meterpreter/extensions/kiwi/tlv.rb +76 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/dhcp/dhcp.rb +78 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb +22 -78
data/lib/rex/post/meterpreter/extensions/lanattacks/tftp/tftp.rb +49 -0
data/lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb +4 -4
data/lib/rex/post/meterpreter/extensions/mimikatz/mimikatz.rb +128 -0
data/lib/rex/post/meterpreter/extensions/mimikatz/tlv.rb +16 -0
data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +38 -39
data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +1 -1
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +95 -96
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +39 -40
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +80 -85
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +94 -95
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +207 -147
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +258 -259
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +366 -301
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +72 -73
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +24 -25
data/lib/rex/post/meterpreter/extensions/stdapi/net/arp.rb +59 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +227 -149
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +107 -108
data/lib/rex/post/meterpreter/extensions/stdapi/net/netstat.rb +97 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/resolve.rb +106 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +41 -42
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +102 -101
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +151 -152
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +142 -142
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +185 -185
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +38118 -38117
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +7 -7
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +2086 -2084
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_crypt32.rb +15 -15
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +80 -80
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +3835 -3833
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +84 -28
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +151 -137
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +15 -6
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +3155 -3155
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_version.rb +41 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wlanapi.rb +70 -70
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_wldap32.rb +128 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +596 -596
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +310 -301
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +71 -61
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +100 -100
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb +14 -14
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb +488 -488
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +273 -264
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb +5 -5
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +240 -238
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb +17 -15
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb +61 -61
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +654 -635
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +49 -49
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +103 -102
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +98 -68
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +165 -166
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +16 -17
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +34 -36
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +363 -364
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +102 -103
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +28 -29
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +303 -304
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +113 -114
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +260 -261
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +165 -166
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +69 -70
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb +160 -161
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +143 -144
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +29 -12
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +230 -231
data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +181 -44
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +12 -13
data/lib/rex/post/meterpreter/object_aliases.rb +56 -57
data/lib/rex/post/meterpreter/packet.rb +591 -592
data/lib/rex/post/meterpreter/packet_dispatcher.rb +506 -496
data/lib/rex/post/meterpreter/packet_parser.rb +72 -73
data/lib/rex/post/meterpreter/packet_response_waiter.rb +56 -57
data/lib/rex/post/meterpreter/ui/console.rb +112 -112
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +53 -53
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +911 -854
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +86 -86
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi.rb +65 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/adsi.rb +198 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/clipboard.rb +444 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/service.rb +199 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/window.rb +118 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/wmi.rb +108 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +220 -220
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/kiwi.rb +509 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks.rb +60 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks/dhcp.rb +254 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks/tftp.rb +159 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/mimikatz.rb +182 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +173 -173
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +40 -40
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +75 -77
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +30 -30
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +105 -105
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +182 -182
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +37 -37
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +504 -482
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +401 -330
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +883 -581
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +296 -299
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +320 -153
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +78 -78
data/lib/rex/post/permission.rb +0 -1
data/lib/rex/post/process.rb +39 -40
data/lib/rex/post/thread.rb +41 -42
data/lib/rex/post/ui.rb +35 -36
data/lib/rex/proto/addp.rb +218 -0
data/lib/rex/proto/dcerpc/client.rb +344 -344
data/lib/rex/proto/dcerpc/exceptions.rb +128 -128
data/lib/rex/proto/dcerpc/handle.rb +32 -32
data/lib/rex/proto/dcerpc/ndr.rb +56 -56
data/lib/rex/proto/dcerpc/packet.rb +249 -245
data/lib/rex/proto/dcerpc/response.rb +170 -170
data/lib/rex/proto/dcerpc/uuid.rb +65 -65
data/lib/rex/proto/dcerpc/wdscp.rb +3 -0
data/lib/rex/proto/dcerpc/wdscp/constants.rb +89 -0
data/lib/rex/proto/dcerpc/wdscp/packet.rb +94 -0
data/lib/rex/proto/dhcp.rb +0 -1
data/lib/rex/proto/dhcp/constants.rb +0 -1
data/lib/rex/proto/dhcp/server.rb +303 -304
data/lib/rex/proto/drda/constants.rb +1 -1
data/lib/rex/proto/drda/packet.rb +186 -186
data/lib/rex/proto/drda/utils.rb +104 -104
data/lib/rex/proto/http.rb +1 -0
data/lib/rex/proto/http/client.rb +692 -820
data/lib/rex/proto/http/client_request.rb +472 -0
data/lib/rex/proto/http/handler.rb +25 -25
data/lib/rex/proto/http/handler/erb.rb +104 -104
data/lib/rex/proto/http/handler/proc.rb +37 -37
data/lib/rex/proto/http/header.rb +149 -149
data/lib/rex/proto/http/packet.rb +388 -382
data/lib/rex/proto/http/request.rb +332 -335
data/lib/rex/proto/http/response.rb +132 -72
data/lib/rex/proto/http/server.rb +348 -338
data/lib/rex/proto/iax2/call.rb +310 -310
data/lib/rex/proto/iax2/client.rb +197 -197
data/lib/rex/proto/iax2/codecs/alaw.rb +4 -4
data/lib/rex/proto/iax2/codecs/mulaw.rb +4 -4
data/lib/rex/proto/ipmi.rb +57 -0
data/lib/rex/proto/ipmi/channel_auth_reply.rb +88 -0
data/lib/rex/proto/ipmi/open_session_reply.rb +35 -0
data/lib/rex/proto/ipmi/rakp2.rb +35 -0
data/lib/rex/proto/ipmi/utils.rb +125 -0
data/lib/rex/proto/natpmp.rb +1 -5
data/lib/rex/proto/natpmp/constants.rb +4 -4
data/lib/rex/proto/natpmp/packet.rb +25 -25
data/lib/rex/proto/ntlm/base.rb +271 -271
data/lib/rex/proto/ntlm/constants.rb +61 -61
data/lib/rex/proto/ntlm/crypt.rb +348 -352
data/lib/rex/proto/ntlm/exceptions.rb +3 -3
data/lib/rex/proto/ntlm/message.rb +468 -471
data/lib/rex/proto/ntlm/utils.rb +746 -746
data/lib/rex/proto/pjl.rb +30 -0
data/lib/rex/proto/pjl/client.rb +162 -0
data/lib/rex/proto/proxy/socks4a.rb +440 -440
data/lib/rex/proto/rfb.rb +1 -8
data/lib/rex/proto/rfb/cipher.rb +46 -49
data/lib/rex/proto/rfb/client.rb +179 -182
data/lib/rex/proto/rfb/constants.rb +18 -21
data/lib/rex/proto/smb/client.rb +1954 -1843
data/lib/rex/proto/smb/constants.rb +533 -516
data/lib/rex/proto/smb/crypt.rb +21 -21
data/lib/rex/proto/smb/evasions.rb +43 -43
data/lib/rex/proto/smb/exceptions.rb +791 -791
data/lib/rex/proto/smb/simpleclient.rb +142 -286
data/lib/rex/proto/smb/simpleclient/open_file.rb +106 -0
data/lib/rex/proto/smb/simpleclient/open_pipe.rb +57 -0
data/lib/rex/proto/smb/utils.rb +81 -81
data/lib/rex/proto/sunrpc/client.rb +158 -158
data/lib/rex/proto/tftp.rb +0 -1
data/lib/rex/proto/tftp/client.rb +289 -289
data/lib/rex/proto/tftp/constants.rb +9 -10
data/lib/rex/proto/tftp/server.rb +466 -467
data/lib/rex/random_identifier_generator.rb +176 -0
data/lib/rex/registry.rb +1 -1
data/lib/rex/registry/hive.rb +88 -88
data/lib/rex/registry/lfkey.rb +25 -25
data/lib/rex/registry/nodekey.rb +30 -30
data/lib/rex/registry/regf.rb +10 -10
data/lib/rex/registry/valuekey.rb +43 -43
data/lib/rex/registry/valuelist.rb +13 -13
data/lib/rex/ropbuilder/rop.rb +254 -253
data/lib/rex/script.rb +21 -22
data/lib/rex/script/base.rb +51 -50
data/lib/rex/script/meterpreter.rb +2 -2
data/lib/rex/service.rb +24 -24
data/lib/rex/service_manager.rb +132 -132
data/lib/rex/services/local_relay.rb +398 -398
data/lib/rex/socket.rb +758 -763
data/lib/rex/socket/comm.rb +95 -95
data/lib/rex/socket/comm/local.rb +507 -440
data/lib/rex/socket/ip.rb +118 -118
data/lib/rex/socket/parameters.rb +351 -350
data/lib/rex/socket/range_walker.rb +445 -368
data/lib/rex/socket/ssl_tcp.rb +323 -317
data/lib/rex/socket/ssl_tcp_server.rb +173 -158
data/lib/rex/socket/subnet_walker.rb +48 -48
data/lib/rex/socket/switch_board.rb +259 -259
data/lib/rex/socket/tcp.rb +58 -56
data/lib/rex/socket/tcp_server.rb +42 -42
data/lib/rex/socket/udp.rb +152 -152
data/lib/rex/sslscan/result.rb +200 -0
data/lib/rex/sslscan/scanner.rb +205 -0
data/lib/rex/struct2.rb +0 -1
data/lib/rex/struct2/c_struct.rb +162 -163
data/lib/rex/struct2/c_struct_template.rb +21 -22
data/lib/rex/struct2/constant.rb +6 -7
data/lib/rex/struct2/element.rb +30 -31
data/lib/rex/struct2/generic.rb +60 -61
data/lib/rex/struct2/restraint.rb +40 -41
data/lib/rex/struct2/s_string.rb +60 -61
data/lib/rex/struct2/s_struct.rb +97 -98
data/lib/rex/sync.rb +0 -1
data/lib/rex/sync/event.rb +62 -72
data/lib/rex/sync/read_write_lock.rb +149 -149
data/lib/rex/sync/ref.rb +42 -42
data/lib/rex/sync/thread_safe.rb +59 -59
data/lib/rex/text.rb +1803 -1315
data/lib/rex/thread_factory.rb +25 -25
data/lib/rex/time.rb +44 -44
data/lib/rex/transformer.rb +91 -91
data/lib/rex/ui/interactive.rb +265 -265
data/lib/rex/ui/output.rb +66 -60
data/lib/rex/ui/progress_tracker.rb +79 -79
data/lib/rex/ui/subscriber.rb +144 -134
data/lib/rex/ui/text/color.rb +76 -76
data/lib/rex/ui/text/dispatcher_shell.rb +512 -505
data/lib/rex/ui/text/input.rb +96 -96
data/lib/rex/ui/text/input/buffer.rb +58 -58
data/lib/rex/ui/text/input/readline.rb +114 -114
data/lib/rex/ui/text/input/socket.rb +77 -77
data/lib/rex/ui/text/input/stdio.rb +24 -24
data/lib/rex/ui/text/irb_shell.rb +45 -41
data/lib/rex/ui/text/output.rb +64 -60
data/lib/rex/ui/text/output/buffer.rb +42 -42
data/lib/rex/ui/text/output/buffer/stdout.rb +25 -0
data/lib/rex/ui/text/output/file.rb +24 -24
data/lib/rex/ui/text/output/socket.rb +24 -24
data/lib/rex/ui/text/output/stdio.rb +29 -29
data/lib/rex/ui/text/output/tee.rb +36 -36
data/lib/rex/ui/text/progress_tracker.rb +37 -37
data/lib/rex/ui/text/shell.rb +371 -361
data/lib/rex/ui/text/table.rb +320 -284
data/lib/rex/zip.rb +0 -1
data/lib/rex/zip/archive.rb +115 -94
data/lib/rex/zip/blocks.rb +101 -100
data/lib/rex/zip/entry.rb +108 -99
data/lib/rex/zip/jar.rb +261 -206
data/lib/rex/zip/samples/comment.rb +1 -2
data/lib/rex/zip/samples/mkwar.rb +12 -13
data/lib/rex/zip/samples/mkzip.rb +1 -2
data/lib/rex/zip/samples/recursive.rb +29 -30
metadata +424 -446
data/lib/rex/arch/sparc.rb.ut.rb +0 -19
data/lib/rex/arch/x86.rb.ut.rb +0 -94
data/lib/rex/assembly/nasm.rb.ut.rb +0 -23
data/lib/rex/encoder/ndr.rb.ut.rb +0 -45
data/lib/rex/encoder/xdr.rb.ut.rb +0 -30
data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +0 -13
data/lib/rex/encoding/xor.rb.ts.rb +0 -15
data/lib/rex/encoding/xor/byte.rb.ut.rb +0 -22
data/lib/rex/encoding/xor/dword.rb.ut.rb +0 -16
data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +0 -16
data/lib/rex/encoding/xor/generic.rb.ut.rb +0 -121
data/lib/rex/encoding/xor/word.rb.ut.rb +0 -14
data/lib/rex/exceptions.rb.ut.rb +0 -45
data/lib/rex/exploitation/egghunter.rb.ut.rb +0 -28
data/lib/rex/exploitation/javascriptosdetect.js +0 -1014
data/lib/rex/exploitation/javascriptosdetect.rb +0 -43
data/lib/rex/exploitation/omelet.rb.ut.rb +0 -27
data/lib/rex/exploitation/opcodedb.rb.ut.rb +0 -280
data/lib/rex/exploitation/seh.rb.ut.rb +0 -20
data/lib/rex/file.rb.ut.rb +0 -17
data/lib/rex/io/ring_buffer.rb.ut.rb +0 -135
data/lib/rex/nop/opty2.rb.ut.rb +0 -24
data/lib/rex/parser/arguments.rb.ut.rb +0 -68
data/lib/rex/parser/ini.rb.ut.rb +0 -30
data/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb +0 -18
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb +0 -39
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb +0 -37
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb.ut.rb +0 -52
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb +0 -43
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb +0 -128
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb.ut.rb +0 -64
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb.ut.rb +0 -29
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb.ut.rb +0 -155
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb.ut.rb +0 -128
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb +0 -124
data/lib/rex/proto.rb.ts.rb +0 -9
data/lib/rex/proto/dcerpc.rb.ts.rb +0 -10
data/lib/rex/proto/dcerpc/client.rb.ut.rb +0 -492
data/lib/rex/proto/dcerpc/handle.rb.ut.rb +0 -86
data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +0 -42
data/lib/rex/proto/dcerpc/packet.rb.ut.rb +0 -57
data/lib/rex/proto/dcerpc/response.rb.ut.rb +0 -16
data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +0 -47
data/lib/rex/proto/drda.rb.ts.rb +0 -18
data/lib/rex/proto/drda/constants.rb.ut.rb +0 -24
data/lib/rex/proto/drda/packet.rb.ut.rb +0 -110
data/lib/rex/proto/drda/utils.rb.ut.rb +0 -85
data/lib/rex/proto/http.rb.ts.rb +0 -13
data/lib/rex/proto/http/client.rb.ut.rb +0 -96
data/lib/rex/proto/http/handler/erb.rb.ut.rb +0 -22
data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +0 -1
data/lib/rex/proto/http/handler/proc.rb.ut.rb +0 -25
data/lib/rex/proto/http/header.rb.ut.rb +0 -47
data/lib/rex/proto/http/packet.rb.ut.rb +0 -166
data/lib/rex/proto/http/request.rb.ut.rb +0 -215
data/lib/rex/proto/http/response.rb.ut.rb +0 -150
data/lib/rex/proto/http/server.rb.ut.rb +0 -80
data/lib/rex/proto/ntlm.rb.ut.rb +0 -181
data/lib/rex/proto/rfb.rb.ut.rb +0 -40
data/lib/rex/proto/smb.rb.ts.rb +0 -9
data/lib/rex/proto/smb/client.rb.ut.rb +0 -224
data/lib/rex/proto/smb/constants.rb.ut.rb +0 -19
data/lib/rex/proto/smb/simpleclient.rb.ut.rb +0 -129
data/lib/rex/proto/smb/utils.rb.ut.rb +0 -21
data/lib/rex/proto/tftp/server.rb.ut.rb +0 -29
data/lib/rex/service_manager.rb.ut.rb +0 -33
data/lib/rex/socket.rb.ut.rb +0 -108
data/lib/rex/socket/comm/local.rb.ut.rb +0 -76
data/lib/rex/socket/parameters.rb.ut.rb +0 -52
data/lib/rex/socket/range_walker.rb.ut.rb +0 -56
data/lib/rex/socket/ssl_tcp.rb.ut.rb +0 -40
data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +0 -62
data/lib/rex/socket/subnet_walker.rb.ut.rb +0 -29
data/lib/rex/socket/switch_board.rb.ut.rb +0 -53
data/lib/rex/socket/tcp.rb.ut.rb +0 -65
data/lib/rex/socket/tcp_server.rb.ut.rb +0 -45
data/lib/rex/socket/udp.rb.ut.rb +0 -45
data/lib/rex/test.rb +0 -36
data/lib/rex/text.rb.ut.rb +0 -193
data/lib/rex/transformer.rb.ut.rb +0 -39
data/lib/rex/ui/text/color.rb.ut.rb +0 -19
data/lib/rex/ui/text/progress_tracker.rb.ut.rb +0 -35
data/lib/rex/ui/text/table.rb.ut.rb +0 -56

data/lib/rex/post/meterpreter/packet_dispatcher.rb CHANGED

@@ -1,4 +1,3 @@
-#!/usr/bin/env ruby
 # -*- coding: binary -*-
 require 'rex/post/meterpreter/packet_response_waiter'
@@ -15,24 +14,24 @@ module Meterpreter
 #
 ###
 class RequestError < ArgumentError
-	def initialize(method, einfo, ecode=nil)
-		@method = method
-		@result = einfo
-		@code   = ecode || einfo
-	end
+  def initialize(method, einfo, ecode=nil)
+    @method = method
+    @result = einfo
+    @code   = ecode || einfo
+  end
-	def to_s
-		"#{@method}: Operation failed: #{@result}"
-	end
+  def to_s
+    "#{@method}: Operation failed: #{@result}"
+  end
-	# The method that failed.
-	attr_reader :method
+  # The method that failed.
+  attr_reader :method
-	# The error result that occurred, typically a windows error message.
-	attr_reader :result
+  # The error result that occurred, typically a windows error message.
+  attr_reader :result
-	# The error result that occurred, typically a windows error code.
-	attr_reader :code
+  # The error result that occurred, typically a windows error code.
+  attr_reader :code
 end
 ###
@@ -43,490 +42,501 @@ end
 ###
 module PacketDispatcher
-	PacketTimeout = 600
-	##
-	#
-	# Synchronization
-	#
-	##
-	attr_accessor :comm_mutex
-	##
-	#
-	#
-	# Passive Dispatching
-	#
-	##
-	attr_accessor :passive_service, :send_queue, :recv_queue
-	def initialize_passive_dispatcher
-		self.send_queue = []
-		self.recv_queue = []
-		self.waiters    = []
-		self.alive      = true
-		self.passive_service = self.passive_dispatcher
-		self.passive_service.remove_resource("/" + self.conn_id  + "/")
-		self.passive_service.add_resource("/" + self.conn_id + "/",
-			'Proc'             => Proc.new { |cli, req| on_passive_request(cli, req) },
-			'VirtualDirectory' => true
-		)
-	end
-	def shutdown_passive_dispatcher
-		return if not self.passive_service
-		self.passive_service.remove_resource("/" + self.conn_id  + "/")
-		self.alive      = false
-		self.send_queue = []
-		self.recv_queue = []
-		self.waiters    = []
-		self.passive_service = nil
-	end
-	def on_passive_request(cli, req)
-		begin
-		resp = Rex::Proto::Http::Response.new(200, "OK")
-		resp['Content-Type'] = 'application/octet-stream'
-		resp['Connection']   = 'close'
-		# If the first 4 bytes are "RECV", return the oldest packet from the outbound queue
-		if req.body[0,4] == "RECV"
-			rpkt = send_queue.pop
-			resp.body = rpkt || ''
-			begin
-				cli.send_response(resp)
-			rescue ::Exception => e
-				send_queue.unshift(rpkt) if rpkt
-				elog("Exception sending a reply to the reader request: #{cli.inspect} #{e.class} #{e} #{e.backtrace}")
-			end
-		else
-			resp.body = ""
-			if req.body and req.body.length > 0
-				packet = Packet.new(0)
-				packet.from_r(req.body)
-				dispatch_inbound_packet(packet)
-			end
-			cli.send_response(resp)
-		end
-		# Force a closure for older WinInet implementations
-		self.passive_service.close_client( cli )
-		rescue ::Exception => e
-			elog("Exception handling request: #{cli.inspect} #{req.inspect} #{e.class} #{e} #{e.backtrace}")
-		end
-	end
-	##
-	#
-	# Transmission
-	#
-	##
-	#
-	# Sends a packet without waiting for a response.
-	#
-	def send_packet(packet, completion_routine = nil, completion_param = nil)
-		if (completion_routine)
-			add_response_waiter(packet, completion_routine, completion_param)
-		end
-		bytes = 0
-		raw   = packet.to_r
-		err   = nil
-		# Short-circuit send when using a passive dispatcher
-		if self.passive_service
-			send_queue.push(raw)
-			return raw.size # Lie!
-		end
-		if (raw)
-			# This mutex is used to lock out new commands during an
-			# active migration.
-			self.comm_mutex.synchronize do
-				begin
-					bytes = self.sock.write(raw)
-				rescue ::Exception => e
-					err = e
-				end
-			end
-			if bytes.to_i == 0
-				# Mark the session itself as dead
-				self.alive = false
-				# Indicate that the dispatcher should shut down too
-				@finish = true
-				# Reraise the error to the top-level caller
-				raise err if err
-			end
-		end
-		return bytes
-	end
-	#
-	# Sends a packet and waits for a timeout for the given time interval.
-	#
-	def send_request(packet, t = self.response_timeout)
-		if not t
-			send_packet(packet)
-			return nil
-		end
-		response = send_packet_wait_response(packet, t)
-		if (response == nil)
-			raise TimeoutError.new("Send timed out")
-		elsif (response.result != 0)
-			einfo = lookup_error(response.result)
-			e = RequestError.new(packet.method, einfo, response.result)
-			e.set_backtrace(caller)
-			raise e
-		end
-		return response
-	end
-	#
-	# Transmits a packet and waits for a response.
-	#
-	def send_packet_wait_response(packet, t)
-		# First, add the waiter association for the supplied packet
-		waiter = add_response_waiter(packet)
-		# Transmit the packet
-		if (send_packet(packet).to_i <= 0)
-			# Remove the waiter if we failed to send the packet.
-			remove_response_waiter(waiter)
-			return nil
-		end
-		# Wait for the supplied time interval
-		waiter.wait(t)
-		# Remove the waiter from the list of waiters in case it wasn't
-		# removed
-		remove_response_waiter(waiter)
-		# Return the response packet, if any
-		return waiter.response
-	end
-	##
-	#
-	# Reception
-	#
-	##
-	#
-	# Monitors the PacketDispatcher's sock for data in its own
-	# thread context and parsers all inbound packets.
-	#
-	def monitor_socket
-		# Skip if we are using a passive dispatcher
-		return if self.passive_service
-		self.comm_mutex = ::Mutex.new
-		self.waiters = []
-		@pqueue = []
-		@finish = false
-		@last_recvd = Time.now
-		@ping_sent = false
-		self.alive = true
-		# Spawn a thread for receiving packets
-		self.receiver_thread = Rex::ThreadFactory.spawn("MeterpreterReceiver", false) do
-			while (self.alive)
-				begin
-					rv = Rex::ThreadSafe.select([ self.sock.fd ], nil, nil, 0.25)
-					ping_time = 60
-					# If there's nothing to read, and it's been awhile since we
-					# saw a packet, we need to send a ping.  We wait
-					# ping_time*2 seconds before deciding a session is dead.
-					if (not rv and self.send_keepalives and Time.now - @last_recvd > ping_time)
-						# If the queue is empty and we've already sent a
-						# keepalive without getting a reply, then this
-						# session is hosed, and we should give up on it.
-						if @ping_sent and @pqueue.empty? and (Time.now - @last_recvd > ping_time * 2)
-							dlog("No response to ping, session #{self.sid} is dead", LEV_3)
-							self.alive = false
-							@finish = true
-							break
-						end
-						# Let the packet queue processor finish up before
-						# we send a ping.
-						if not @ping_sent and @pqueue.empty?
-							# Our 'ping' is actually just a check for eof on
-							# channel id 0.  This method has no side effects
-							# and always returns an answer (regardless of the
-							# existence of chan 0), which is all that's
-							# needed for a liveness check.  The answer itself
-							# is unimportant and is ignored.
-							pkt = Packet.create_request('core_channel_eof')
-							pkt.add_tlv(TLV_TYPE_CHANNEL_ID, 0)
-							waiter = Proc.new { |response, param|
-									@ping_sent = false
-									@last_recvd = Time.now
-								}
-							send_packet(pkt, waiter)
-							@ping_sent = true
-						end
-						next
-					end
-					next if not rv
-					packet = receive_packet
-					@pqueue << packet if packet
-					@last_recvd = Time.now
-				rescue ::Exception
-					dlog("Exception caught in monitor_socket: #{$!}", 'meterpreter', LEV_1)
-					@finish = true
-					self.alive = false
-					break
-				end
-			end
-		end
-		# Spawn a new thread that monitors the socket
-		self.dispatcher_thread = Rex::ThreadFactory.spawn("MeterpreterDispatcher", false) do
-			begin
-			# Whether we're finished or not is determined by the receiver
-			# thread above.
-			while(not @finish)
-				if(@pqueue.empty?)
-					::IO.select(nil, nil, nil, 0.10)
-					next
-				end
-				incomplete = []
-				backlog    = []
-				while(@pqueue.length > 0)
-					backlog << @pqueue.shift
-				end
-				#
-				# Prioritize message processing here
-				# 1. Close should always be processed at the end
-				# 2. Command responses always before channel data
-				#
-				tmp_command = []
-				tmp_channel = []
-				tmp_close   = []
-				backlog.each do |pkt|
-					if(pkt.response?)
-						tmp_command << pkt
-						next
-					end
-					if(pkt.method == "core_channel_close")
-						tmp_close << pkt
-						next
-					end
-					tmp_channel << pkt
-				end
-				backlog = []
-				backlog.push(*tmp_command)
-				backlog.push(*tmp_channel)
-				backlog.push(*tmp_close)
-				#
-				# Process the message queue
-				#
-				backlog.each do |pkt|
-					begin
-					if ! dispatch_inbound_packet(pkt)
-						# Only requeue packets newer than the timeout
-						if (::Time.now.to_i - pkt.created_at.to_i < PacketTimeout)
-							incomplete << pkt
-						end
-					end
-					rescue ::Exception => e
-						dlog("Dispatching exception with packet #{pkt}: #{e} #{e.backtrace}", 'meterpreter', LEV_1)
-					end
-				end
-				@pqueue.unshift(*incomplete)
-				if(@pqueue.length > 100)
-					dlog("Backlog has grown to over 100 in monitor_socket, dropping older packets: #{@pqueue[0 .. 25].map{|x| x.inspect}.join(" - ")}", 'meterpreter', LEV_1)
-					@pqueue = @pqueue[25 .. 100]
-				end
-			end
-			rescue ::Exception => e
-				dlog("Exception caught in monitor_socket dispatcher: #{e.class} #{e} #{e.backtrace}", 'meterpreter', LEV_1)
-			ensure
-				self.receiver_thread.kill if self.receiver_thread
-			end
-		end
-	end
-	#
-	# Parses data from the dispatcher's sock and returns a Packet context
-	# once a full packet has been received.
-	#
-	def receive_packet
-		return parser.recv(self.sock)
-	end
-	#
-	# Stop the monitor
-	#
-	def monitor_stop
-		if(self.receiver_thread)
-			self.receiver_thread.kill
-			self.receiver_thread = nil
-		end
-		if(self.dispatcher_thread)
-			self.dispatcher_thread.kill
-			self.dispatcher_thread = nil
-		end
-	end
-	##
-	#
-	# Waiter registration
-	#
-	##
-	#
-	# Adds a waiter association with the supplied request packet.
-	#
-	def add_response_waiter(request, completion_routine = nil, completion_param = nil)
-		waiter = PacketResponseWaiter.new(request.rid, completion_routine, completion_param)
-		self.waiters << waiter
-		return waiter
-	end
-	#
-	# Notifies a whomever is waiting for a the supplied response,
-	# if anyone.
-	#
-	def notify_response_waiter(response)
-		self.waiters.each() { |waiter|
-			if (waiter.waiting_for?(response))
-				waiter.notify(response)
-				remove_response_waiter(waiter)
-				break
-			end
-		}
-	end
-	#
-	# Removes a waiter from the list of waiters.
-	#
-	def remove_response_waiter(waiter)
-		self.waiters.delete(waiter)
-	end
-	##
-	#
-	# Dispatching
-	#
-	##
-	#
-	# Initializes the inbound handlers.
-	#
-	def initialize_inbound_handlers
-		@inbound_handlers = []
-	end
-	#
-	# Dispatches and processes an inbound packet.  If the packet is a
-	# response that has an associated waiter, the waiter is notified.
-	# Otherwise, the packet is passed onto any registered dispatch
-	# handlers until one returns success.
-	#
-	def dispatch_inbound_packet(packet, client = nil)
-		handled = false
-		# If no client context was provided, return self as PacketDispatcher
-		# is a mixin for the Client instance
-		if (client == nil)
-			client = self
-		end
-		# If the packet is a response, try to notify any potential
-		# waiters
-		if ((resp = packet.response?))
-			if (notify_response_waiter(packet))
-				return true
-			end
-		end
-		# Enumerate all of the inbound packet handlers until one handles
-		# the packet
-		@inbound_handlers.each { |handler|
-			handled = nil
-			begin
-			if ! resp
-				handled = handler.request_handler(client, packet)
-			else
-				handled = handler.response_handler(client, packet)
-			end
-			rescue ::Exception => e
-				dlog("Exception caught in dispatch_inbound_packet: handler=#{handler} #{e.class} #{e} #{e.backtrace}", 'meterpreter', LEV_1)
-				return true
-			end
-			if (handled)
-				break
-			end
-		}
-		return handled
-	end
-	#
-	# Registers an inbound packet handler that implements the
-	# InboundPacketHandler interface.
-	#
-	def register_inbound_handler(handler)
-		@inbound_handlers << handler
-	end
-	#
-	# Deregisters a previously registered inbound packet handler.
-	#
-	def deregister_inbound_handler(handler)
-		@inbound_handlers.delete(handler)
-	end
+  PacketTimeout = 600
+  ##
+  #
+  # Synchronization
+  #
+  ##
+  attr_accessor :comm_mutex
+  ##
+  #
+  #
+  # Passive Dispatching
+  #
+  ##
+  attr_accessor :passive_service, :send_queue, :recv_queue
+  def initialize_passive_dispatcher
+    self.send_queue = []
+    self.recv_queue = []
+    self.waiters    = []
+    self.alive      = true
+    self.passive_service = self.passive_dispatcher
+    self.passive_service.remove_resource("/" + self.conn_id  + "/")
+    self.passive_service.add_resource("/" + self.conn_id + "/",
+      'Proc'             => Proc.new { |cli, req| on_passive_request(cli, req) },
+      'VirtualDirectory' => true
+    )
+  end
+  def shutdown_passive_dispatcher
+    return if not self.passive_service
+    self.passive_service.remove_resource("/" + self.conn_id  + "/")
+    self.alive      = false
+    self.send_queue = []
+    self.recv_queue = []
+    self.waiters    = []
+    self.passive_service = nil
+  end
+  def on_passive_request(cli, req)
+    begin
+    resp = Rex::Proto::Http::Response.new(200, "OK")
+    resp['Content-Type'] = 'application/octet-stream'
+    resp['Connection']   = 'close'
+    # If the first 4 bytes are "RECV", return the oldest packet from the outbound queue
+    if req.body[0,4] == "RECV"
+      rpkt = send_queue.pop
+      resp.body = rpkt || ''
+      begin
+        cli.send_response(resp)
+      rescue ::Exception => e
+        send_queue.unshift(rpkt) if rpkt
+        elog("Exception sending a reply to the reader request: #{cli.inspect} #{e.class} #{e} #{e.backtrace}")
+      end
+    else
+      resp.body = ""
+      if req.body and req.body.length > 0
+        packet = Packet.new(0)
+        packet.from_r(req.body)
+        dispatch_inbound_packet(packet)
+      end
+      cli.send_response(resp)
+    end
+    # Force a closure for older WinInet implementations
+    self.passive_service.close_client( cli )
+    rescue ::Exception => e
+      elog("Exception handling request: #{cli.inspect} #{req.inspect} #{e.class} #{e} #{e.backtrace}")
+    end
+  end
+  ##
+  #
+  # Transmission
+  #
+  ##
+  #
+  # Sends a packet without waiting for a response.
+  #
+  def send_packet(packet, completion_routine = nil, completion_param = nil)
+    if (completion_routine)
+      add_response_waiter(packet, completion_routine, completion_param)
+    end
+    bytes = 0
+    raw   = packet.to_r
+    err   = nil
+    # Short-circuit send when using a passive dispatcher
+    if self.passive_service
+      send_queue.push(raw)
+      return raw.size # Lie!
+    end
+    if (raw)
+      # This mutex is used to lock out new commands during an
+      # active migration.
+      self.comm_mutex.synchronize do
+        begin
+          bytes = self.sock.write(raw)
+        rescue ::Exception => e
+          err = e
+        end
+      end
+      if bytes.to_i == 0
+        # Mark the session itself as dead
+        self.alive = false
+        # Indicate that the dispatcher should shut down too
+        @finish = true
+        # Reraise the error to the top-level caller
+        raise err if err
+      end
+    end
+    return bytes
+  end
+  #
+  # Sends a packet and waits for a timeout for the given time interval.
+  #
+  def send_request(packet, t = self.response_timeout)
+    if not t
+      send_packet(packet)
+      return nil
+    end
+    response = send_packet_wait_response(packet, t)
+    if (response == nil)
+      raise TimeoutError.new("Send timed out")
+    elsif (response.result != 0)
+      einfo = lookup_error(response.result)
+      e = RequestError.new(packet.method, einfo, response.result)
+      e.set_backtrace(caller)
+      raise e
+    end
+    return response
+  end
+  #
+  # Transmits a packet and waits for a response.
+  #
+  def send_packet_wait_response(packet, t)
+    # First, add the waiter association for the supplied packet
+    waiter = add_response_waiter(packet)
+    # Transmit the packet
+    if (send_packet(packet).to_i <= 0)
+      # Remove the waiter if we failed to send the packet.
+      remove_response_waiter(waiter)
+      return nil
+    end
+    # Wait for the supplied time interval
+    waiter.wait(t)
+    # Remove the waiter from the list of waiters in case it wasn't
+    # removed
+    remove_response_waiter(waiter)
+    # Return the response packet, if any
+    return waiter.response
+  end
+  ##
+  #
+  # Reception
+  #
+  ##
+  #
+  # Monitors the PacketDispatcher's sock for data in its own
+  # thread context and parsers all inbound packets.
+  #
+  def monitor_socket
+    # Skip if we are using a passive dispatcher
+    return if self.passive_service
+    self.comm_mutex = ::Mutex.new
+    self.waiters = []
+    @pqueue = []
+    @finish = false
+    @last_recvd = Time.now
+    @ping_sent = false
+    self.alive = true
+    # Spawn a thread for receiving packets
+    self.receiver_thread = Rex::ThreadFactory.spawn("MeterpreterReceiver", false) do
+      while (self.alive)
+        begin
+          rv = Rex::ThreadSafe.select([ self.sock.fd ], nil, nil, 0.25)
+          ping_time = 60
+          # If there's nothing to read, and it's been awhile since we
+          # saw a packet, we need to send a ping.  We wait
+          # ping_time*2 seconds before deciding a session is dead.
+          if (not rv and self.send_keepalives and Time.now - @last_recvd > ping_time)
+            # If the queue is empty and we've already sent a
+            # keepalive without getting a reply, then this
+            # session is hosed, and we should give up on it.
+            if @ping_sent and @pqueue.empty? and (Time.now - @last_recvd > ping_time * 2)
+              dlog("No response to ping, session #{self.sid} is dead", LEV_3)
+              self.alive = false
+              @finish = true
+              break
+            end
+            # Let the packet queue processor finish up before
+            # we send a ping.
+            if not @ping_sent and @pqueue.empty?
+              # Our 'ping' is actually just a check for eof on
+              # channel id 0.  This method has no side effects
+              # and always returns an answer (regardless of the
+              # existence of chan 0), which is all that's
+              # needed for a liveness check.  The answer itself
+              # is unimportant and is ignored.
+              pkt = Packet.create_request('core_channel_eof')
+              pkt.add_tlv(TLV_TYPE_CHANNEL_ID, 0)
+              waiter = Proc.new { |response, param|
+                  @ping_sent = false
+                  @last_recvd = Time.now
+                }
+              send_packet(pkt, waiter)
+              @ping_sent = true
+            end
+            next
+          end
+          next if not rv
+          packet = receive_packet
+          @pqueue << packet if packet
+          @last_recvd = Time.now
+        rescue ::Exception
+          dlog("Exception caught in monitor_socket: #{$!}", 'meterpreter', LEV_1)
+          @finish = true
+          self.alive = false
+          break
+        end
+      end
+    end
+    # Spawn a new thread that monitors the socket
+    self.dispatcher_thread = Rex::ThreadFactory.spawn("MeterpreterDispatcher", false) do
+      begin
+      # Whether we're finished or not is determined by the receiver
+      # thread above.
+      while(not @finish)
+        if(@pqueue.empty?)
+          ::IO.select(nil, nil, nil, 0.10)
+          next
+        end
+        incomplete = []
+        backlog    = []
+        while(@pqueue.length > 0)
+          backlog << @pqueue.shift
+        end
+        #
+        # Prioritize message processing here
+        # 1. Close should always be processed at the end
+        # 2. Command responses always before channel data
+        #
+        tmp_command = []
+        tmp_channel = []
+        tmp_close   = []
+        backlog.each do |pkt|
+          if(pkt.response?)
+            tmp_command << pkt
+            next
+          end
+          if(pkt.method == "core_channel_close")
+            tmp_close << pkt
+            next
+          end
+          tmp_channel << pkt
+        end
+        backlog = []
+        backlog.push(*tmp_command)
+        backlog.push(*tmp_channel)
+        backlog.push(*tmp_close)
+        #
+        # Process the message queue
+        #
+        backlog.each do |pkt|
+          begin
+          if ! dispatch_inbound_packet(pkt)
+            # Only requeue packets newer than the timeout
+            if (::Time.now.to_i - pkt.created_at.to_i < PacketTimeout)
+              incomplete << pkt
+            end
+          end
+          rescue ::Exception => e
+            dlog("Dispatching exception with packet #{pkt}: #{e} #{e.backtrace}", 'meterpreter', LEV_1)
+          end
+        end
+        # If the backlog and incomplete arrays are the same, it means
+        # dispatch_inbound_packet wasn't able to handle any of the
+        # packets. When that's the case, we can get into a situation
+        # where @pqueue is not empty and, since nothing else bounds this
+        # loop, we spin CPU trying to handle packets that can't be
+        # handled. Sleep here to treat that situation as though the
+        # queue is empty.
+        if (backlog.length > 0 && backlog.length == incomplete.length)
+          ::IO.select(nil, nil, nil, 0.10)
+        end
+        @pqueue.unshift(*incomplete)
+        if(@pqueue.length > 100)
+          dlog("Backlog has grown to over 100 in monitor_socket, dropping older packets: #{@pqueue[0 .. 25].map{|x| x.inspect}.join(" - ")}", 'meterpreter', LEV_1)
+          @pqueue = @pqueue[25 .. 100]
+        end
+      end
+      rescue ::Exception => e
+        dlog("Exception caught in monitor_socket dispatcher: #{e.class} #{e} #{e.backtrace}", 'meterpreter', LEV_1)
+      ensure
+        self.receiver_thread.kill if self.receiver_thread
+      end
+    end
+  end
+  #
+  # Parses data from the dispatcher's sock and returns a Packet context
+  # once a full packet has been received.
+  #
+  def receive_packet
+    return parser.recv(self.sock)
+  end
+  #
+  # Stop the monitor
+  #
+  def monitor_stop
+    if(self.receiver_thread)
+      self.receiver_thread.kill
+      self.receiver_thread = nil
+    end
+    if(self.dispatcher_thread)
+      self.dispatcher_thread.kill
+      self.dispatcher_thread = nil
+    end
+  end
+  ##
+  #
+  # Waiter registration
+  #
+  ##
+  #
+  # Adds a waiter association with the supplied request packet.
+  #
+  def add_response_waiter(request, completion_routine = nil, completion_param = nil)
+    waiter = PacketResponseWaiter.new(request.rid, completion_routine, completion_param)
+    self.waiters << waiter
+    return waiter
+  end
+  #
+  # Notifies a whomever is waiting for a the supplied response,
+  # if anyone.
+  #
+  def notify_response_waiter(response)
+    self.waiters.each() { |waiter|
+      if (waiter.waiting_for?(response))
+        waiter.notify(response)
+        remove_response_waiter(waiter)
+        break
+      end
+    }
+  end
+  #
+  # Removes a waiter from the list of waiters.
+  #
+  def remove_response_waiter(waiter)
+    self.waiters.delete(waiter)
+  end
+  ##
+  #
+  # Dispatching
+  #
+  ##
+  #
+  # Initializes the inbound handlers.
+  #
+  def initialize_inbound_handlers
+    @inbound_handlers = []
+  end
+  #
+  # Dispatches and processes an inbound packet.  If the packet is a
+  # response that has an associated waiter, the waiter is notified.
+  # Otherwise, the packet is passed onto any registered dispatch
+  # handlers until one returns success.
+  #
+  def dispatch_inbound_packet(packet, client = nil)
+    handled = false
+    # If no client context was provided, return self as PacketDispatcher
+    # is a mixin for the Client instance
+    if (client == nil)
+      client = self
+    end
+    # If the packet is a response, try to notify any potential
+    # waiters
+    if ((resp = packet.response?))
+      if (notify_response_waiter(packet))
+        return true
+      end
+    end
+    # Enumerate all of the inbound packet handlers until one handles
+    # the packet
+    @inbound_handlers.each { |handler|
+      handled = nil
+      begin
+      if ! resp
+        handled = handler.request_handler(client, packet)
+      else
+        handled = handler.response_handler(client, packet)
+      end
+      rescue ::Exception => e
+        dlog("Exception caught in dispatch_inbound_packet: handler=#{handler} #{e.class} #{e} #{e.backtrace}", 'meterpreter', LEV_1)
+        return true
+      end
+      if (handled)
+        break
+      end
+    }
+    return handled
+  end
+  #
+  # Registers an inbound packet handler that implements the
+  # InboundPacketHandler interface.
+  #
+  def register_inbound_handler(handler)
+    @inbound_handlers << handler
+  end
+  #
+  # Deregisters a previously registered inbound packet handler.
+  #
+  def deregister_inbound_handler(handler)
+    @inbound_handlers.delete(handler)
+  end
 protected
-	attr_accessor :receiver_thread # :nodoc:
-	attr_accessor :dispatcher_thread # :nodoc:
-	attr_accessor :waiters # :nodoc:
+  attr_accessor :receiver_thread # :nodoc:
+  attr_accessor :dispatcher_thread # :nodoc:
+  attr_accessor :waiters # :nodoc:
 end
 end; end; end