psrp 0.0.1

data/LICENSE

@@ -0,0 +1,202 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

data/README.md

@@ -0,0 +1,16 @@
+# PowerShell Remote Protocol (PSRP) for Ruby
+
+This is a library the leverages the work done in WinRM for Ruby
+
+Currently limited to Secure NTLM negotiation. Hopefully this work will be able to get merged into that library and we can just use that gem instead.
+
+## Install
+` gem install -r psrp`
+
+## Example
+```ruby
+require 'psrp'
+endpoint = 'http://192.168.142.231:5985/wsman'
+psrp = PSRP::PSRPService.new(endpoint, :user => 'some-user', :pass => 'somepassword')
+puts psrp.run_ps('systeminfo')
+```

data/lib/psrp.rb

@@ -0,0 +1,175 @@
+# encoding: UTF-8
+#
+# Copyright 2016 Sam Oluwalana <soluwalana@gmail.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'date'
+require 'logging'
+require 'httpclient'
+require 'builder'
+require 'gyoku'
+require 'base64'
+require 'nori'
+require 'rexml/document'
+require 'securerandom'
+require 'thread'
+require 'cgi'
+
+require_relative 'version'
+require_relative 'transport'
+
+require_relative 'wsmv/commands/init_runspace_pool'
+require_relative 'wsmv/commands/create_pipeline'
+require_relative 'wsmv/commands/close_shell'
+require_relative 'wsmv/commands/send_data'
+require_relative 'wsmv/command_output_processor'
+
+
+module PSRP
+
+  class PSRPService
+
+    DEFAULT_TIMEOUT = 60
+    DEFAULT_MAX_ENV_SIZE = 153600
+    DEFAULT_LOCALE = 'en-US'
+
+    def initialize(endpoint, opts = {})
+      @session_opts = {
+        endpoint: endpoint,
+        max_envelope_size: DEFAULT_MAX_ENV_SIZE,
+        session_id: SecureRandom.uuid.to_s.upcase,
+        operation_timeout: DEFAULT_TIMEOUT,
+        locale: DEFAULT_LOCALE
+      }
+
+      @logger = Logging.logger[self]
+      @logger.level = opts[:log_level] || :debug
+      @logger.add_appenders(Logging.appenders.stdout)
+      @opts = opts
+
+      @xfer = HTTP::Negotiate.new(endpoint, @opts[:user], @opts[:pass], @opts)
+    end
+
+    def run_ps(command, shell_opts = {})
+                  
+      @logger.debug("[WinRM] opening remote runspacepool on #{@session_opts[:endpoint]}")
+      msg = PSRP::WSMV::InitRunspacePool.new(@session_opts)
+
+      resp_doc = @xfer.send_request(msg.build)
+      
+      generated_shell_id = msg.shell_id
+
+      shell_id = REXML::XPath.first(resp_doc, "//*[@Name='ShellId']").text
+      @logger.debug("[WinRM] remote runspace #{shell_id} is open on #{@session_opts[:endpoint]}")
+
+
+      # spec says:
+      # The client sends a wxf:Receive message (section 3.1.5.3.7) to the server to start receiving data from 
+      # the server. After each received wxf:ReceiveResponse message (section 3.2.5.3.8), the client sends another 
+      # wxf:Receive message until the RunspacePool transitions to a Closed or Broken state.
+            
+      out_processor = PSRP::WSMV::CommandOutputProcessor.new(@session_opts, @xfer)         
+      
+      out_processor.command_output(shell_id, nil)
+      return nil if out_processor.command_done?
+
+      while true
+        out_processor.command_output(shell_id, nil, true)
+        if out_processor.command_done?
+          break
+        end
+
+        runspace_open = false
+        
+        # check to make sure the runspace is opened
+        out_processor.defragmented.each do |msg_id, msg|
+          if msg[:message_type] == PSRP::Message::MESSAGE_TYPES[:RUNSPACEPOOL_STATE]
+            xml = REXML::Document.new(msg[:data])
+            REXML::XPath.match(xml, "//*[@N='RunspaceState']").each do |n|
+              runspace_open = (n.text == '2')
+            end
+          end
+        end
+        
+        if runspace_open
+          @logger.debug('Opened the runspace, sending command')
+            
+          command_id = SecureRandom.uuid.to_s.upcase
+          pipeline = PSRP::MessageEncoder.new(generated_shell_id, command_id, :CREATE_PIPELINE, {command: CGI.escapeHTML(command)})
+
+          msg = PSRP::WSMV::CreatePipeline.new(@session_opts, shell_id, pipeline.fragments[0])
+          resp_doc = @xfer.send_request(msg.build)
+
+          command_id = REXML::XPath.first(resp_doc, "//#{PSRP::WSMV::NS_WIN_SHELL}:CommandId").text
+
+          # Send remaining fragments, if any
+          if pipeline.fragments.length > 1
+            for i in 1..(pipeline.fragments.length - 1)
+              msg = PSRP::WSMV::SendData.new(@session_opts, shell_id, command_id, pipeline.fragments[i])
+              resp_doc = @xfer.send_request(msg.build)
+            end
+          end
+
+          @logger.debug("Command Sent, waiting on responses")
+          out_processor.command_output(shell_id, command_id, true)
+          if out_processor.input_required?
+            raise PSRPError.new('This Tool Does Not Support Accepting Runtime Input')
+          end
+          
+          # retrieve all of the data from the command
+          while true  
+            out_processor.command_output(shell_id, command_id)
+            if out_processor.input_required?
+              raise PSRPError.new('This Tool Does Not Support Accepting Runtime Input')
+            end
+            if out_processor.command_done?
+              break
+            end
+          end 
+
+          @logger.debug("Closing shell")
+          msg = PSRP::WSMV::CloseShell.new(@session_opts, shell_id)
+          resp_doc = @xfer.send_request(msg.build)
+          
+          # Deal with fragmented return values
+          datas = out_processor.defragmented
+
+          # Deal With Errors
+          # But not really doing it well
+          # PSRP - 2.2.3.15 ErrorRecord
+          if out_processor.has_error?
+            datas.each do |msg_id, msg|
+              if msg[:message_type] == PSRP::Message::MESSAGE_TYPES[:ERROR_RECORD]
+                raise PSRPError.new(msg[:data])
+              end
+            end
+          end
+
+          data = ''
+          out_processor.defragmented.each do |msg_id, msg|
+            xml = REXML::Document.new(msg[:data])
+            # TODO: do better deserialization based on MS-PSRP 2.2.5 
+            # Right now this only returns String primitives and String Extended Primitives
+            REXML::XPath.match(xml, "/S|/Obj/S").each do |n|
+              next if n.text.nil? || n.text.empty?
+              data += n.text + "\n"
+            end
+          end
+          return data
+        end
+      end
+    end
+  end
+end
+

data/lib/response_handler.rb

@@ -0,0 +1,134 @@
+# encoding: UTF-8
+#
+# Copyright 2014 Shawn Neal <sneal@sneal.net>
+# Copyright 2016 Sam Oluwalana <soluwalana@gmail.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+require 'rexml/document'
+
+module PSRP
+
+  # WinRM base class for errors
+  class PSRPError < StandardError; end
+
+  # Authorization Error
+  class AuthorizationError < PSRPError; end
+
+  # A Fault returned in the SOAP response. The XML node is a WSManFault
+  class WSManFault < PSRPError
+    attr_reader :fault_code
+    attr_reader :fault_description
+
+    def initialize(fault_description, fault_code)
+      @fault_description = fault_description
+      @fault_code = fault_code
+      super("[WSMAN ERROR CODE: #{fault_code}]: #{fault_description}")
+    end
+  end
+
+  # A Fault returned in the SOAP response. The XML node is a MSFT_WmiError
+  class WMIError < PSRPError
+    attr_reader :error_code
+    attr_reader :error
+
+    def initialize(error, error_code)
+      @error = error
+      @error_code = error_code
+      super("[WMI ERROR CODE: #{error_code}]: #{error}")
+    end
+  end
+
+  # non-200 response without a SOAP fault
+  class HTTPTransportError < PSRPError
+    attr_reader :status_code
+
+    def initialize(msg, status_code)
+      @status_code = status_code
+      super(msg + " (#{status_code}).")
+    end
+  end
+
+  # Handles the raw WinRM HTTP response. Returns the body as an XML doc
+  # or raises the appropriate WinRM error if the response is an error.
+  class ResponseHandler
+    # @param [String] The raw unparsed response body, if any
+    # @param [Integer] The HTTP response status code
+    def initialize(response_body, status_code)
+      @response_body = response_body
+      @status_code = status_code
+    end
+
+    # Processes the response from the WinRM service and either returns an XML
+    # doc or raises an appropriate error.
+    #
+    # @returns [REXML::Document] The parsed response body
+    def parse_to_xml
+      raise_if_error
+      response_xml
+    end
+
+    private
+
+    def response_xml
+      @response_xml ||= REXML::Document.new(@response_body)
+    rescue REXML::ParseException => e
+      puts @response_body
+      raise PSRP::HTTPTransportError.new(
+        "Unable to parse WinRM response: #{e.message}", @status_code)
+    end
+
+    def raise_if_error
+      return if @status_code == 200
+      raise_if_auth_error
+      raise_if_wsman_fault
+      raise_if_wmi_error
+      raise_transport_error
+    end
+
+    def raise_if_auth_error
+      fail AuthorizationError if @status_code == 401
+    end
+
+    def raise_if_wsman_fault
+      soap_errors = REXML::XPath.match(
+        response_xml,
+        "//#{PSRP::WSMV::NS_SOAP_ENV}:Body/#{PSRP::WSMV::NS_SOAP_ENV}:Fault/*")
+      return if soap_errors.empty?
+      fault = REXML::XPath.first(
+        soap_errors,
+        "//#{PSRP::WSMV::NS_WSMAN_FAULT}:WSManFault")
+      fail PSRP::WSManFault.new(fault.to_s, fault.attributes['Code']) unless fault.nil?
+    end
+
+    def raise_if_wmi_error
+      soap_errors = REXML::XPath.match(
+        response_xml,
+        "//#{PSRP::WSMV::NS_SOAP_ENV}:Body/#{PSRP::WSMV::NS_SOAP_ENV}:Fault/*")
+      return if soap_errors.empty?
+
+      error = REXML::XPath.first(
+        soap_errors,
+        "//#{PSRP::WSMV::NS_WSMAN_MSFT}:MSFT_WmiError")
+      return if error.nil?
+
+      error_code = REXML::XPath.first(
+        error,
+        "//#{PSRP::WSMV::NS_WSMAN_MSFT}:error_Code").text
+      fail PSRP::WMIError.new(error.to_s, error_code)
+    end
+
+    def raise_transport_error
+      fail PSRP::HTTPTransportError.new('Bad HTTP response returned from server', @status_code)
+    end
+  end
+end