rex-bin_tools 0.1.13 → 0.1.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/verify.yml +29 -0
- data/lib/rex/bin_tools/version.rb +1 -1
- data/lib/rex/elfscan/scanner.rb +4 -35
- data/lib/rex/machscan/scanner.rb +4 -35
- data/lib/rex/pescan/analyze.rb +3 -15
- data/lib/rex/pescan/scanner.rb +4 -35
- metadata +2 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 36f49cbee203b1c0d9b4c0d3bc94a1c25c2fb709ef8a542486391607784b578c
|
|
4
|
+
data.tar.gz: dd06eb800e062eb7165da6d9e548959f24f055482fe5a3fdee8e36726b4c5cd4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 68258b64360223c3860f4ce25be8852fa5e76f0ba205d0fca34c70d6bf92b7e23ceae5a322bf2d74e69485435c35aaed4bc51012569ab7000f020d23b3f3b539
|
|
7
|
+
data.tar.gz: 4398b9c1f3d8950d1026346971661cff0bffe0bec1ed83f74243898065cff910f40242029b37ace02da22c45d6ab1e924a4beeb17796da37e07312fb7c10ef10
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
name: Verify
|
|
2
|
+
|
|
3
|
+
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
|
|
4
|
+
permissions:
|
|
5
|
+
actions: none
|
|
6
|
+
checks: none
|
|
7
|
+
contents: none
|
|
8
|
+
deployments: none
|
|
9
|
+
id-token: none
|
|
10
|
+
issues: none
|
|
11
|
+
discussions: none
|
|
12
|
+
packages: none
|
|
13
|
+
pages: none
|
|
14
|
+
pull-requests: none
|
|
15
|
+
repository-projects: none
|
|
16
|
+
security-events: none
|
|
17
|
+
statuses: none
|
|
18
|
+
|
|
19
|
+
on:
|
|
20
|
+
push:
|
|
21
|
+
branches:
|
|
22
|
+
- '*'
|
|
23
|
+
pull_request:
|
|
24
|
+
branches:
|
|
25
|
+
- '*'
|
|
26
|
+
|
|
27
|
+
jobs:
|
|
28
|
+
build:
|
|
29
|
+
uses: rapid7/metasploit-framework/.github/workflows/shared_gem_verify.yml@master
|
data/lib/rex/elfscan/scanner.rb
CHANGED
|
@@ -75,18 +75,9 @@ class JmpRegScanner < Generic
|
|
|
75
75
|
regexstr += "\xff[#{calls}]|"
|
|
76
76
|
end
|
|
77
77
|
|
|
78
|
-
# Adapting to Regexp.new's New Signature in Ruby 3.3+
|
|
79
78
|
regexstr += "\xff[#{jmps}]|([#{pushs1}]|\xff[#{pushs2}])(\xc3|\xc2..))"
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
self.regex = if (major > 3) || (major == 3 && minor >= 3)
|
|
83
|
-
# For Ruby 3.3+: explicitly mark as binary pattern and use NOENCODING
|
|
84
|
-
binary_pattern = regexstr.b
|
|
85
|
-
Regexp.new(binary_pattern, Regexp::NOENCODING)
|
|
86
|
-
else
|
|
87
|
-
# For Ruby <= 3.2: use legacy three-argument syntax
|
|
88
|
-
Regexp.new(regexstr, nil, 'n')
|
|
89
|
-
end
|
|
79
|
+
|
|
80
|
+
self.regex = Regexp.new(regexstr, Regexp::NOENCODING)
|
|
90
81
|
end
|
|
91
82
|
|
|
92
83
|
# build a list for regex of the possible bytes, based on a base
|
|
@@ -165,18 +156,7 @@ class PopPopRetScanner < JmpRegScanner
|
|
|
165
156
|
|
|
166
157
|
def config(param)
|
|
167
158
|
pops = _build_byte_list(0x58, (0 .. 7).to_a - [4]) # we don't want pop esp's...
|
|
168
|
-
|
|
169
|
-
pattern = "[#{pops}][#{pops}](\xc3|\xc2..)"
|
|
170
|
-
# Choose initialization method based on Ruby version
|
|
171
|
-
major, minor, _patch = RUBY_VERSION.split('.').map(&:to_i)
|
|
172
|
-
self.regex = if (major > 3) || (major == 3 && minor >= 3)
|
|
173
|
-
# For Ruby 3.3+: explicitly mark as binary pattern and use NOENCODING
|
|
174
|
-
binary_pattern = pattern.b
|
|
175
|
-
Regexp.new(binary_pattern, Regexp::NOENCODING)
|
|
176
|
-
else
|
|
177
|
-
# For Ruby <= 3.2: use legacy three-argument syntax
|
|
178
|
-
Regexp.new(pattern, nil, 'n')
|
|
179
|
-
end
|
|
159
|
+
self.regex = Regexp.new("[#{pops}][#{pops}](\xc3|\xc2..)", Regexp::NOENCODING)
|
|
180
160
|
end
|
|
181
161
|
|
|
182
162
|
def scan_segment(program_header, param={})
|
|
@@ -211,18 +191,7 @@ end
|
|
|
211
191
|
class RegexScanner < JmpRegScanner
|
|
212
192
|
|
|
213
193
|
def config(param)
|
|
214
|
-
|
|
215
|
-
pattern = param['args']
|
|
216
|
-
# Choose initialization method based on Ruby version
|
|
217
|
-
major, minor, _patch = RUBY_VERSION.split('.').map(&:to_i)
|
|
218
|
-
self.regex = if (major > 3) || (major == 3 && minor >= 3)
|
|
219
|
-
# For Ruby 3.3+: explicitly mark as binary pattern and use NOENCODING
|
|
220
|
-
binary_pattern = pattern.b
|
|
221
|
-
Regexp.new(binary_pattern, Regexp::NOENCODING)
|
|
222
|
-
else
|
|
223
|
-
# For Ruby <= 3.2: use legacy three-argument syntax
|
|
224
|
-
Regexp.new(pattern, nil, 'n')
|
|
225
|
-
end
|
|
194
|
+
self.regex = Regexp.new(param['args'], Regexp::NOENCODING)
|
|
226
195
|
end
|
|
227
196
|
|
|
228
197
|
def scan_segment(program_header, param={})
|
data/lib/rex/machscan/scanner.rb
CHANGED
|
@@ -64,18 +64,9 @@ class JmpRegScanner < Generic
|
|
|
64
64
|
regexstr += "\xff[#{calls}]|"
|
|
65
65
|
end
|
|
66
66
|
|
|
67
|
-
# Adapting to Regexp.new's New Signature in Ruby 3.3+
|
|
68
67
|
regexstr += "\xff[#{jmps}]|([#{pushs1}]|\xff[#{pushs2}])(\xc3|\xc2..))"
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
self.regex = if (major > 3) || (major == 3 && minor >= 3)
|
|
72
|
-
# For Ruby 3.3+: explicitly mark as binary pattern and use NOENCODING
|
|
73
|
-
binary_pattern = regexstr.b
|
|
74
|
-
Regexp.new(binary_pattern, Regexp::NOENCODING)
|
|
75
|
-
else
|
|
76
|
-
# For Ruby <= 3.2: use legacy three-argument syntax
|
|
77
|
-
Regexp.new(regexstr, nil, 'n')
|
|
78
|
-
end
|
|
68
|
+
|
|
69
|
+
self.regex = Regexp.new(regexstr, Regexp::NOENCODING)
|
|
79
70
|
end
|
|
80
71
|
|
|
81
72
|
# build a list for regex of the possible bytes, based on a base
|
|
@@ -154,18 +145,7 @@ class PopPopRetScanner < JmpRegScanner
|
|
|
154
145
|
|
|
155
146
|
def config(param)
|
|
156
147
|
pops = _build_byte_list(0x58, (0 .. 7).to_a - [4]) # we don't want pop esp's...
|
|
157
|
-
|
|
158
|
-
pattern = "[#{pops}][#{pops}](\xc3|\xc2..)"
|
|
159
|
-
# Choose initialization method based on Ruby version
|
|
160
|
-
major, minor, _patch = RUBY_VERSION.split('.').map(&:to_i)
|
|
161
|
-
self.regex = if (major > 3) || (major == 3 && minor >= 3)
|
|
162
|
-
# For Ruby 3.3+: explicitly mark as binary pattern and use NOENCODING
|
|
163
|
-
binary_pattern = pattern.b
|
|
164
|
-
Regexp.new(binary_pattern, Regexp::NOENCODING)
|
|
165
|
-
else
|
|
166
|
-
# For Ruby <= 3.2: use legacy three-argument syntax
|
|
167
|
-
Regexp.new(pattern, nil, 'n')
|
|
168
|
-
end
|
|
148
|
+
self.regex = Regexp.new("[#{pops}][#{pops}](\xc3|\xc2..)", Regexp::NOENCODING)
|
|
169
149
|
end
|
|
170
150
|
|
|
171
151
|
def scan_segment(segment, param={})
|
|
@@ -201,18 +181,7 @@ end
|
|
|
201
181
|
class RegexScanner < JmpRegScanner
|
|
202
182
|
|
|
203
183
|
def config(param)
|
|
204
|
-
|
|
205
|
-
pattern = param['args']
|
|
206
|
-
# Choose initialization method based on Ruby version
|
|
207
|
-
major, minor, _patch = RUBY_VERSION.split('.').map(&:to_i)
|
|
208
|
-
self.regex = if (major > 3) || (major == 3 && minor >= 3)
|
|
209
|
-
# For Ruby 3.3+: explicitly mark as binary pattern and use NOENCODING
|
|
210
|
-
binary_pattern = pattern.b
|
|
211
|
-
Regexp.new(binary_pattern, Regexp::NOENCODING)
|
|
212
|
-
else
|
|
213
|
-
# For Ruby <= 3.2: use legacy three-argument syntax
|
|
214
|
-
Regexp.new(pattern, nil, 'n')
|
|
215
|
-
end
|
|
184
|
+
self.regex = Regexp.new(param['args'], Regexp::NOENCODING)
|
|
216
185
|
end
|
|
217
186
|
|
|
218
187
|
def scan_segment(segment, param={})
|
data/lib/rex/pescan/analyze.rb
CHANGED
|
@@ -59,21 +59,9 @@ module Analyze
|
|
|
59
59
|
|
|
60
60
|
@sigs.each_pair do |name, data|
|
|
61
61
|
begin
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
major, minor, _patch = RUBY_VERSION.split('.').map(&:to_i)
|
|
66
|
-
regex = if (major > 3) || (major == 3 && minor >= 3)
|
|
67
|
-
# For Ruby 3.3+: explicitly mark as binary pattern and use NOENCODING
|
|
68
|
-
binary_pattern = pattern.b
|
|
69
|
-
Regexp.new(binary_pattern, Regexp::NOENCODING)
|
|
70
|
-
else
|
|
71
|
-
# For Ruby <= 3.2: use legacy three-argument syntax
|
|
72
|
-
Regexp.new(pattern, nil, 'n')
|
|
73
|
-
end
|
|
74
|
-
if (buf.match(regex))
|
|
75
|
-
$stdout.puts param['file'] + ": " + name
|
|
76
|
-
end
|
|
62
|
+
if (buf.match(Regexp.new('^' + data[0], Regexp::NOENCODING)))
|
|
63
|
+
$stdout.puts param['file'] + ": " + name
|
|
64
|
+
end
|
|
77
65
|
rescue RegexpError
|
|
78
66
|
$stderr.puts "Invalid signature: #{name} #{data[0]}"
|
|
79
67
|
end
|
data/lib/rex/pescan/scanner.rb
CHANGED
|
@@ -80,18 +80,9 @@ module Scanner
|
|
|
80
80
|
regexstr += "\xff[#{calls}]|"
|
|
81
81
|
end
|
|
82
82
|
|
|
83
|
-
# Adapting to Regexp.new's New Signature in Ruby 3.3+
|
|
84
83
|
regexstr += "\xff[#{jmps}]|([#{pushs1}]|\xff[#{pushs2}])(\xc3|\xc2..))"
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
self.regex = if (major > 3) || (major == 3 && minor >= 3)
|
|
88
|
-
# For Ruby 3.3+: explicitly mark as binary pattern and use NOENCODING
|
|
89
|
-
binary_pattern = regexstr.b
|
|
90
|
-
Regexp.new(binary_pattern, Regexp::NOENCODING)
|
|
91
|
-
else
|
|
92
|
-
# For Ruby <= 3.2: use legacy three-argument syntax
|
|
93
|
-
Regexp.new(regexstr, nil, 'n')
|
|
94
|
-
end
|
|
84
|
+
|
|
85
|
+
self.regex = Regexp.new(regexstr, Regexp::NOENCODING)
|
|
95
86
|
end
|
|
96
87
|
|
|
97
88
|
# build a list for regex of the possible bytes, based on a base
|
|
@@ -170,18 +161,7 @@ module Scanner
|
|
|
170
161
|
|
|
171
162
|
def config(param)
|
|
172
163
|
pops = _build_byte_list(0x58, (0 .. 7).to_a - [4]) # we don't want pop esp's...
|
|
173
|
-
|
|
174
|
-
pattern = "[#{pops}][#{pops}](\xc3|\xc2..)"
|
|
175
|
-
# Choose initialization method based on Ruby version
|
|
176
|
-
major, minor, _patch = RUBY_VERSION.split('.').map(&:to_i)
|
|
177
|
-
self.regex = if (major > 3) || (major == 3 && minor >= 3)
|
|
178
|
-
# For Ruby 3.3+: explicitly mark as binary pattern and use NOENCODING
|
|
179
|
-
binary_pattern = pattern.b
|
|
180
|
-
Regexp.new(binary_pattern, Regexp::NOENCODING)
|
|
181
|
-
else
|
|
182
|
-
# For Ruby <= 3.2: use legacy three-argument syntax
|
|
183
|
-
Regexp.new(pattern, nil, 'n')
|
|
184
|
-
end
|
|
164
|
+
self.regex = Regexp.new("[#{pops}][#{pops}](\xc3|\xc2..)", Regexp::NOENCODING)
|
|
185
165
|
end
|
|
186
166
|
|
|
187
167
|
def scan_section(section, param={})
|
|
@@ -215,18 +195,7 @@ module Scanner
|
|
|
215
195
|
class RegexScanner < Generic
|
|
216
196
|
|
|
217
197
|
def config(param)
|
|
218
|
-
|
|
219
|
-
pattern = param['args']
|
|
220
|
-
# Choose initialization method based on Ruby version
|
|
221
|
-
major, minor, _patch = RUBY_VERSION.split('.').map(&:to_i)
|
|
222
|
-
self.regex = if (major > 3) || (major == 3 && minor >= 3)
|
|
223
|
-
# For Ruby 3.3+: explicitly mark as binary pattern and use NOENCODING
|
|
224
|
-
binary_pattern = pattern.b
|
|
225
|
-
Regexp.new(binary_pattern, Regexp::NOENCODING)
|
|
226
|
-
else
|
|
227
|
-
# For Ruby <= 3.2: use legacy three-argument syntax
|
|
228
|
-
Regexp.new(pattern, nil, 'n')
|
|
229
|
-
end
|
|
198
|
+
self.regex = Regexp.new(param['args'], Regexp::NOENCODING)
|
|
230
199
|
end
|
|
231
200
|
|
|
232
201
|
def scan_section(section, param={})
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rex-bin_tools
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.15
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Metasploit Hackers
|
|
@@ -120,6 +120,7 @@ executables:
|
|
|
120
120
|
extensions: []
|
|
121
121
|
extra_rdoc_files: []
|
|
122
122
|
files:
|
|
123
|
+
- ".github/workflows/verify.yml"
|
|
123
124
|
- ".gitignore"
|
|
124
125
|
- ".rspec"
|
|
125
126
|
- ".travis.yml"
|