librex 0.0.7 → 0.0.12

data/{README.md → README.markdown}

@@ -3,8 +3,7 @@
 A non-official re-packaging of the Rex library as a gem for easy of usage of the Metasploit REX framework in a non Metasploit application. I received permission from HDM to create this package.
 
 Currently based on:
-SVN Revision: 11930
+SVN Revision: 11938
 
 # Credits
 The Metasploit development team <http://www.metasploit.com>
-

data/Rakefile

@@ -1,6 +1,6 @@
-$LOAD_PATH.unshift File.expand_path("../lib", __FILE__)
+# encoding: utf-8
  
-task :build do
+task :build => :update do
   system "gem build librex.gemspec"
 end
  
@@ -12,7 +12,7 @@ task :clean do
 	system "rm *.gem"
 end
 
-task :update_rex do
+task :update do
 	puts "[*] Removing old rex code"
 	system "git rm lib/rex.rb"
 	system "git rm lib/rex.rb.ts.rb"
@@ -32,8 +32,54 @@ task :update_rex do
 	system "mv /tmp/msftmp/lib/rex/ lib/"
 	system "find . -iname '.svn' -exec rm -rf {} \\;"
 	system "git add lib/"
-	system "git commit -m \"Updated for Revision #{rev[1]}\""
-	
+
 	puts "[*] Cleaning up tmp files"	
 	system "rm -rf /tmp/msftmp"
+	
+	puts "[*] Updating librex.gemspec with new Version and Revision Number"
+	File.open("librex.gemspec.1", "w+") do |output|
+		File.open("librex.gemspec", "r") do |input|
+			while (line = input.gets)
+				
+				if line =~ /^VERSION = (.*)$/
+					version = $1.chop.gsub("\"",'').split(".")
+					version[2] = version[2].to_i + 1
+					version = version.join(".")
+					
+					puts "#{version}"
+						
+					line = "VERSION = \"#{version}\"\n"
+				elsif line =~ /^REVISION = (.*)$/
+					line = "REVISION = \"#{rev[1]}\"\n"
+				else
+					line = line
+				end
+			
+				output.write line
+			end
+		end
+	end
+	
+	system "mv librex.gemspec.1 librex.gemspec"
+	
+	puts "[*] Updating README.markdown with new Revision Number"
+	File.open("README.markdown.1", "w+") do |output|
+		File.open("README.markdown", "r") do |input|
+			while (line = input.gets)						
+				if line =~ /^SVN Revision: (.*)$/
+					line = "SVN Revision: #{rev[1]}\n"
+				else
+					line = line
+				end
+			
+				output.write line
+			end
+		end
+	end
+	
+	system "mv README.markdown.1 README.markdown"
+	
+	system "git commit -a -m \"Updated for Revision #{rev[1]}\""
+	puts "Commiting and Pushing Updates for Revision #{rev[1]}"
+	system "git push"
 end

data/lib/rex/proto/ntlm/crypt.rb

@@ -117,8 +117,7 @@ BASE = Rex::Proto::NTLM::Base
 			ntlmhash = password
 		else
 			ntlmhash = ntlm_hash(password, opt)
-		end
-		
+		end	
 		# With Win 7 and maybe other OSs we sometimes get the domain not uppercased
 		userdomain = user.upcase  + domain
 		unless opt[:unicode]
@@ -172,12 +171,12 @@ BASE = Rex::Proto::NTLM::Base
 		if not (key and chal)
 			raise ArgumentError , 'ntlmv2_hash and challenge are mandatory'
 		end
-		
+
 		chal = BASE::pack_int64le(chal) if chal.is_a?(::Integer)
 		bb   = nil
 		
 		if opt[:nt_client_challenge]
-			if opt[:nt_client_challenge].to_s.length <= 24
+			if opt[:nt_client_challenge].to_s.length <= 8
 				raise ArgumentError,"nt_client_challenge is not in a correct format " 
 			end
 			bb = opt[:nt_client_challenge]
@@ -205,7 +204,6 @@ BASE = Rex::Proto::NTLM::Base
 		end
 
 		OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + bb) + bb
-
 	end
       
 	def self.lmv2_response(arg, opt = {})
@@ -236,6 +234,83 @@ BASE = Rex::Proto::NTLM::Base
 		[cc.ljust(24, "\0"), response]
 	end
 
+	#this function will check if the net lm response provided correspond to en empty password 
+	def self.is_hash_from_empty_pwd?(arg)
+		hash_type = arg[:type]
+		raise ArgumentError,"arg[:type] is mandatory" if not hash_type 
+		raise ArgumentError,"arg[:type] must be lm or ntlm" if not hash_type  =~ /^((lm)|(ntlm))$/
+
+		ntlm_ver = arg[:ntlm_ver]
+		raise ArgumentError,"arg[:ntlm_ver] is mandatory" if not ntlm_ver
+ 
+		hash = arg[:hash]
+		raise ArgumentError,"arg[:hash] is mandatory" if not hash
+
+		srv_chall = arg[:srv_challenge] 
+		raise ArgumentError,"arg[:srv_challenge] is mandatory" if not srv_chall		
+		raise ArgumentError,"Server challenge length must be exactly 8 bytes" if srv_chall.length != 8
+
+		#calculate responses for empty pwd
+		case ntlm_ver
+		when CONST::NTLM_V1_RESPONSE 
+			if hash.length != 24
+				raise ArgumentError,"hash length must be exactly 24 bytes "
+			end
+			case hash_type
+			when 'lm'	
+				arglm = { 	:lm_hash => self.lm_hash(''),
+						:challenge => srv_chall}
+				calculatedhash = self.lm_response(arglm)
+			when 'ntlm'
+				argntlm = { 	:ntlm_hash =>  self.ntlm_hash(''), 
+						:challenge => srv_chall }
+				calculatedhash = self.ntlm_response(argntlm)
+			end
+		when CONST::NTLM_V2_RESPONSE
+			raise ArgumentError,"hash length must be exactly 16 bytes " if hash.length != 16
+			cli_chall = arg[:cli_challenge] 
+			raise ArgumentError,"arg[:cli_challenge] is mandatory in this case" if not cli_chall
+			user = arg[:user] 
+			raise ArgumentError,"arg[:user] is mandatory in this case" if not user
+			domain = arg[:domain]
+			raise ArgumentError,"arg[:domain] is mandatory in this case" if not domain
+
+			case hash_type
+			when 'lm'
+				raise ArgumentError,"Client challenge length must be exactly 8 bytes " if cli_chall.length != 8
+				arglm = {	:ntlmv2_hash =>  self.ntlmv2_hash(user,'', domain),
+						:challenge => srv_chall }
+				optlm = {	:client_challenge => cli_chall}
+				calculatedhash = self.lmv2_response(arglm, optlm)[0,16]
+			when 'ntlm'
+				raise ArgumentError,"Client challenge length must be bigger then 8 bytes " if cli_chall.length <= 8
+				argntlm = { 	:ntlmv2_hash =>  self.ntlmv2_hash(user, '', domain),
+						:challenge => srv_chall }
+				optntlm = { 	:nt_client_challenge => cli_chall}
+				calculatedhash = self.ntlmv2_response(argntlm,optntlm)[0,16]
+			end
+		when CONST::NTLM_2_SESSION_RESPONSE
+			raise ArgumentError,"hash length must be exactly 16 bytes " if hash.length != 24
+			cli_chall = arg[:cli_challenge] 
+			raise ArgumentError,"arg[:cli_challenge] is mandatory in this case" if not cli_chall
+			raise ArgumentError,"Client challenge length must be exactly 8 bytes " if cli_chall.length != 8
+			case hash_type
+			when 'lm'
+				raise ArgumentError, "ntlm2_session is incompatible with lm"
+			when 'ntlm'
+				argntlm = { 	:ntlm_hash =>  self.ntlm_hash(''), 
+						:challenge => srv_chall }
+				optntlm = {	:client_challenge => cli_chall}
+			end
+			calculatedhash = self.ntlm2_session(argntlm,optntlm).join[24,24]
+		else
+			raise ArgumentError,"ntlm_ver is of unknow type"
+		end
+		hash == calculatedhash
+	end
+
+
+
 	#
 	# Signing method added for metasploit project
 	#

metadata

@@ -2,7 +2,7 @@
 name: librex
 version: !ruby/object:Gem::Version 
   prerelease: 
-  version: 0.0.7
+  version: 0.0.12
 platform: ruby
 authors: 
 - Metasploit Development Team
@@ -11,11 +11,11 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-03-10 00:00:00 -06:00
+date: 2011-03-11 00:00:00 -06:00
 default_executable: 
 dependencies: []
 
-description: Rex provides a variety of classes useful for security testing and exploit development. Based on svn revision 11930
+description: Rex provides a variety of classes useful for security testing and exploit development. Based on SVN Revision 11938
 email: 
 - hdm@metasploit.com
 - jacob.hammack@hammackj.com
@@ -24,10 +24,10 @@ executables: []
 extensions: []
 
 extra_rdoc_files: 
-- README.md
+- README.markdown
 files: 
 - Rakefile
-- README.md
+- README.markdown
 - lib/rex/arch/sparc.rb
 - lib/rex/arch/sparc.rb.ut.rb
 - lib/rex/arch/x86.rb
@@ -454,8 +454,8 @@ files:
 - lib/rex.rb.ts.rb
 has_rdoc: true
 homepage: http://www.metasploit.com/
-licenses: []
-
+licenses: 
+- BSD
 post_install_message: 
 rdoc_options: []
 
@@ -479,6 +479,6 @@ rubyforge_project:
 rubygems_version: 1.6.2
 signing_key: 
 specification_version: 3
-summary: Ruby Exploitation library
+summary: Ruby Exploitation Library
 test_files: []