rex-ole 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- checksums.yaml.gz.sig +0 -0
- data/.gitignore +9 -0
- data/.rspec +2 -0
- data/.travis.yml +5 -0
- data/CODE_OF_CONDUCT.md +52 -0
- data/Gemfile +6 -0
- data/LICENSE +27 -0
- data/README.md +32 -0
- data/Rakefile +6 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/lib/rex/ole/clsid.rb +44 -0
- data/lib/rex/ole/difat.rb +138 -0
- data/lib/rex/ole/directory.rb +228 -0
- data/lib/rex/ole/direntry.rb +237 -0
- data/lib/rex/ole/docs/dependencies.txt +8 -0
- data/lib/rex/ole/docs/references.txt +1 -0
- data/lib/rex/ole/fat.rb +96 -0
- data/lib/rex/ole/header.rb +201 -0
- data/lib/rex/ole/minifat.rb +74 -0
- data/lib/rex/ole/propset.rb +141 -0
- data/lib/rex/ole/samples/create_ole.rb +27 -0
- data/lib/rex/ole/samples/dir.rb +35 -0
- data/lib/rex/ole/samples/dump_stream.rb +34 -0
- data/lib/rex/ole/samples/ole_info.rb +23 -0
- data/lib/rex/ole/storage.rb +392 -0
- data/lib/rex/ole/stream.rb +50 -0
- data/lib/rex/ole/substorage.rb +46 -0
- data/lib/rex/ole/util.rb +154 -0
- data/lib/rex/ole/version.rb +5 -0
- data/lib/rex/ole.rb +203 -0
- data/rex-ole.gemspec +26 -0
- data.tar.gz.sig +2 -0
- metadata +208 -0
- metadata.gz.sig +0 -0
@@ -0,0 +1,46 @@
|
|
1
|
+
# -*- coding: binary -*-
|
2
|
+
|
3
|
+
##
|
4
|
+
# Rex::OLE - an OLE implementation
|
5
|
+
# written in 2010 by Joshua J. Drake <jduck [at] metasploit.com>
|
6
|
+
##
|
7
|
+
|
8
|
+
module Rex
|
9
|
+
module OLE
|
10
|
+
|
11
|
+
class SubStorage < DirEntry
|
12
|
+
|
13
|
+
def initialize(stg)
|
14
|
+
super
|
15
|
+
|
16
|
+
@_mse = STGTY_STORAGE
|
17
|
+
end
|
18
|
+
|
19
|
+
|
20
|
+
def close
|
21
|
+
end
|
22
|
+
|
23
|
+
|
24
|
+
# stream handling stuff
|
25
|
+
def create_stream(name, mode=STGM_WRITE)
|
26
|
+
@stg.create_stream(name, mode, self)
|
27
|
+
end
|
28
|
+
|
29
|
+
def open_stream(name, mode=STGM_READ)
|
30
|
+
@stg.open_stream(name, mode, self)
|
31
|
+
end
|
32
|
+
|
33
|
+
|
34
|
+
# storage handling stuff
|
35
|
+
def create_storage(name, mode=STGM_WRITE)
|
36
|
+
@stg.create_storage(name, mode, self)
|
37
|
+
end
|
38
|
+
|
39
|
+
def open_storage(name, mode=STGM_WRITE)
|
40
|
+
@stg.open_storage(name, mode, self)
|
41
|
+
end
|
42
|
+
|
43
|
+
end
|
44
|
+
|
45
|
+
end
|
46
|
+
end
|
data/lib/rex/ole/util.rb
ADDED
@@ -0,0 +1,154 @@
|
|
1
|
+
# -*- coding: binary -*-
|
2
|
+
|
3
|
+
##
|
4
|
+
# Rex::OLE - an OLE implementation
|
5
|
+
# written in 2010 by Joshua J. Drake <jduck [at] metasploit.com>
|
6
|
+
##
|
7
|
+
|
8
|
+
module Rex
|
9
|
+
module OLE
|
10
|
+
|
11
|
+
class Util
|
12
|
+
|
13
|
+
def self.Hexify32array(arr)
|
14
|
+
ret = ""
|
15
|
+
arr.each { |dw|
|
16
|
+
ret << " " if ret.length > 0
|
17
|
+
ret << "0x%08x" % dw
|
18
|
+
}
|
19
|
+
ret
|
20
|
+
end
|
21
|
+
|
22
|
+
def self.Printable(buf)
|
23
|
+
ret = ""
|
24
|
+
buf.unpack('C*').each { |byte|
|
25
|
+
ch = byte.chr
|
26
|
+
if (byte < 0x20 || byte > 0x7e)
|
27
|
+
ret << "\\x" + ch.unpack('H*')[0]
|
28
|
+
else
|
29
|
+
ret << ch
|
30
|
+
end
|
31
|
+
}
|
32
|
+
ret
|
33
|
+
end
|
34
|
+
|
35
|
+
|
36
|
+
def self.set_endian(endian)
|
37
|
+
@endian = endian
|
38
|
+
end
|
39
|
+
|
40
|
+
def self.get64(buf, offset)
|
41
|
+
@endian = LITTLE_ENDIAN if not @endian
|
42
|
+
if (@endian == LITTLE_ENDIAN)
|
43
|
+
arr = buf[offset,8].unpack('VV')
|
44
|
+
return (arr[0] + (arr[1] << 32))
|
45
|
+
else
|
46
|
+
arr = buf[offset,8].unpack('NN')
|
47
|
+
return ((arr[0] << 32) + arr[1])
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
def self.pack64(value)
|
52
|
+
@endian = LITTLE_ENDIAN if not @endian
|
53
|
+
arr = []
|
54
|
+
arr << (value & 0xffffffff)
|
55
|
+
arr << (value >> 32)
|
56
|
+
if (@endian == LITTLE_ENDIAN)
|
57
|
+
arr.pack('VV')
|
58
|
+
else
|
59
|
+
arr.reverse.pack('NN')
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
def self.get32(buf, offset)
|
64
|
+
@endian = LITTLE_ENDIAN if not @endian
|
65
|
+
if (@endian == LITTLE_ENDIAN)
|
66
|
+
buf[offset,4].unpack('V')[0]
|
67
|
+
else
|
68
|
+
buf[offset,4].unpack('N')[0]
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
def self.pack32(value)
|
73
|
+
@endian = LITTLE_ENDIAN if not @endian
|
74
|
+
if (@endian == LITTLE_ENDIAN)
|
75
|
+
[value].pack('V')
|
76
|
+
else
|
77
|
+
[value].pack('N')
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
def self.get32array(buf)
|
82
|
+
@endian = LITTLE_ENDIAN if not @endian
|
83
|
+
if (@endian == LITTLE_ENDIAN)
|
84
|
+
buf.unpack('V*')
|
85
|
+
else
|
86
|
+
buf.unpack('N*')
|
87
|
+
end
|
88
|
+
end
|
89
|
+
|
90
|
+
def self.pack32array(arr)
|
91
|
+
@endian = LITTLE_ENDIAN if not @endian
|
92
|
+
if (@endian == LITTLE_ENDIAN)
|
93
|
+
arr.pack('V*')
|
94
|
+
else
|
95
|
+
arr.pack('N*')
|
96
|
+
end
|
97
|
+
end
|
98
|
+
|
99
|
+
def self.get16(buf, offset)
|
100
|
+
@endian = LITTLE_ENDIAN if not @endian
|
101
|
+
if (@endian == LITTLE_ENDIAN)
|
102
|
+
buf[offset,2].unpack('v')[0]
|
103
|
+
else
|
104
|
+
buf[offset,2].unpack('n')[0]
|
105
|
+
end
|
106
|
+
end
|
107
|
+
|
108
|
+
def self.pack16(value)
|
109
|
+
@endian = LITTLE_ENDIAN if not @endian
|
110
|
+
if (@endian == LITTLE_ENDIAN)
|
111
|
+
[value].pack('v')
|
112
|
+
else
|
113
|
+
[value].pack('n')
|
114
|
+
end
|
115
|
+
end
|
116
|
+
|
117
|
+
def self.get8(buf, offset)
|
118
|
+
buf[offset,1].unpack('C')[0]
|
119
|
+
end
|
120
|
+
|
121
|
+
def self.pack8(value)
|
122
|
+
[value].pack('C')
|
123
|
+
end
|
124
|
+
|
125
|
+
|
126
|
+
def self.getUnicodeString(buf)
|
127
|
+
buf = buf.unpack('v*').pack('C*')
|
128
|
+
if (idx = buf.index(0x00.chr))
|
129
|
+
buf.slice!(idx, buf.length)
|
130
|
+
end
|
131
|
+
buf
|
132
|
+
end
|
133
|
+
|
134
|
+
def self.putUnicodeString(buf)
|
135
|
+
buf = buf.unpack('C*').pack('v*')
|
136
|
+
if (buf.length < 0x40)
|
137
|
+
buf << "\x00" * (0x40 - buf.length)
|
138
|
+
end
|
139
|
+
buf
|
140
|
+
end
|
141
|
+
|
142
|
+
|
143
|
+
def self.name_is_valid(name)
|
144
|
+
return nil if (name.length > 31)
|
145
|
+
(0..0x1f).to_a.each { |x|
|
146
|
+
return nil if (name.include?(x.chr))
|
147
|
+
}
|
148
|
+
return true
|
149
|
+
end
|
150
|
+
|
151
|
+
end
|
152
|
+
|
153
|
+
end
|
154
|
+
end
|
data/lib/rex/ole.rb
ADDED
@@ -0,0 +1,203 @@
|
|
1
|
+
# -*- coding: binary -*-
|
2
|
+
|
3
|
+
##
|
4
|
+
# Rex::OLE - an OLE implementation
|
5
|
+
# written in 2010 by Joshua J. Drake <jduck [at] metasploit.com>
|
6
|
+
#
|
7
|
+
# License: MSF_LICENSE
|
8
|
+
#
|
9
|
+
#
|
10
|
+
# This module implements Object-Linking-and-Embedding otherwise known as
|
11
|
+
# Compound File Binary File Format or Windows Compound Binary File Format.
|
12
|
+
# OLE is the container format for modern Excel, Word, PowerPoint, and many
|
13
|
+
# other file formats.
|
14
|
+
#
|
15
|
+
# NOTE: This implementation is almost fully compliant with [MS-CFB] v1.1
|
16
|
+
#
|
17
|
+
#
|
18
|
+
# SUPPORTS:
|
19
|
+
#
|
20
|
+
# 1. R/W v3 OLE files (v4 may work, but wasn't tested)
|
21
|
+
# 2. RO double-indirect fat sectors
|
22
|
+
# 3. RO fat sectors (including those in double-indirect parts)
|
23
|
+
# 4. WO support for less than 109 fat sectors :)
|
24
|
+
# 5. R/W minifat sectors
|
25
|
+
# 6. R/W ministream
|
26
|
+
# 7. R/W normal streams
|
27
|
+
# 8. R/W substorages (including nesting)
|
28
|
+
# 9. full directory support (hierarchal and flattened access)
|
29
|
+
# 10. big and little endian files (although only little endian was tested)
|
30
|
+
# 11. PropertySet streams (except .to_s)
|
31
|
+
#
|
32
|
+
#
|
33
|
+
# TODO (in order of priority):
|
34
|
+
#
|
35
|
+
# 1. support deleting storages/streams
|
36
|
+
# 2. create copyto and other typical interface functions
|
37
|
+
# 3. support writing DIF sectors > 109
|
38
|
+
# - may lead to allocating more fat sectors :-/
|
39
|
+
# 4. properly support mode params for open_stream/open_storage/etc
|
40
|
+
# 5. optimize to prevent unecessary loading/writing
|
41
|
+
# 6. support non-committal editing (open, change, close w/o save)
|
42
|
+
# 7. support timestamps
|
43
|
+
# 8. provide interface to change paramters (endian, etc)
|
44
|
+
#
|
45
|
+
#
|
46
|
+
# TO INVESTIGATE:
|
47
|
+
#
|
48
|
+
# 1. moving storage interface functions into something used by both
|
49
|
+
# the main storage and substorages (unifying the code) (mixin?)
|
50
|
+
# 2. eliminating flattening the directory prior to writing it out
|
51
|
+
#
|
52
|
+
##
|
53
|
+
|
54
|
+
require 'rex/ole/version'
|
55
|
+
require 'rex/text'
|
56
|
+
|
57
|
+
module Rex
|
58
|
+
module OLE
|
59
|
+
|
60
|
+
# misc util
|
61
|
+
# NOTE: the v1.1 spec says that everything "MUST be stored in little-endian byte order"
|
62
|
+
BIG_ENDIAN = 0xfeff
|
63
|
+
LITTLE_ENDIAN = 0xfffe
|
64
|
+
# defines Util class
|
65
|
+
require 'rex/ole/util'
|
66
|
+
require 'rex/ole/clsid'
|
67
|
+
|
68
|
+
|
69
|
+
# constants for dealing with the header
|
70
|
+
HDR_SZ = 512
|
71
|
+
# signatures
|
72
|
+
SIG = "\xd0\xcf\x11\xe0\xa1\xb1\x1a\xe1"
|
73
|
+
SIG_BETA = "\x0e\x11\xfc\x0d\xd0\xcf\x11\xe0"
|
74
|
+
# defines Header class
|
75
|
+
require 'rex/ole/header'
|
76
|
+
|
77
|
+
|
78
|
+
# sector types
|
79
|
+
SECT_MAX = 0xfffffffa
|
80
|
+
SECT_DIF = 0xfffffffc
|
81
|
+
SECT_FAT = 0xfffffffd
|
82
|
+
SECT_END = 0xfffffffe
|
83
|
+
SECT_FREE = 0xffffffff
|
84
|
+
# defines DIFAT class
|
85
|
+
require 'rex/ole/difat'
|
86
|
+
# defines FAT class
|
87
|
+
require 'rex/ole/fat'
|
88
|
+
# defines MiniFAT class
|
89
|
+
require 'rex/ole/minifat'
|
90
|
+
|
91
|
+
|
92
|
+
# directory entries
|
93
|
+
DIRENTRY_SZ = 128
|
94
|
+
DIR_NOSTREAM = 0xffffffff
|
95
|
+
DIR_MAXREGSID = 0xfffffffa
|
96
|
+
# defines Directory class
|
97
|
+
require 'rex/ole/directory'
|
98
|
+
|
99
|
+
# types
|
100
|
+
STGTY_INVALID = 0
|
101
|
+
STGTY_STORAGE = 1
|
102
|
+
STGTY_STREAM = 2
|
103
|
+
STGTY_LOCKBYTES = 3
|
104
|
+
STGTY_PROPERTY = 4
|
105
|
+
STGTY_ROOT = 5
|
106
|
+
# for red/black tree
|
107
|
+
COLOR_RED = 0
|
108
|
+
COLOR_BLACK = 1
|
109
|
+
# defines DirEntry base class
|
110
|
+
require 'rex/ole/direntry'
|
111
|
+
|
112
|
+
|
113
|
+
# constants for storages
|
114
|
+
STGM_READ = 0
|
115
|
+
STGM_WRITE = 1
|
116
|
+
STGM_READWRITE = 2
|
117
|
+
# defines Storage class
|
118
|
+
require 'rex/ole/storage'
|
119
|
+
# defines SubStorage class
|
120
|
+
require 'rex/ole/substorage'
|
121
|
+
# defines Stream class
|
122
|
+
require 'rex/ole/stream'
|
123
|
+
|
124
|
+
|
125
|
+
# constants for property sets
|
126
|
+
# PropertyIds
|
127
|
+
PID_DICTIONARY = 0x00000000
|
128
|
+
PID_CODEPAGE = 0x00000001
|
129
|
+
PID_LOCALE = 0x80000000
|
130
|
+
PID_BEHAVIOR = 0x80000003
|
131
|
+
# Well-known PropertyIds
|
132
|
+
PIDSI_TITLE = 0x02
|
133
|
+
PIDSI_SUBJECT = 0x03
|
134
|
+
PIDSI_AUTHOR = 0x04
|
135
|
+
PIDSI_KEYWORDS = 0x05
|
136
|
+
PIDSI_COMMENTS = 0x06
|
137
|
+
PIDSI_TEMPLATE = 0x07
|
138
|
+
PIDSI_LASTAUTHOR = 0x08
|
139
|
+
PIDSI_REVNUMBER = 0x09
|
140
|
+
PIDSI_EDITTIME = 0x0a
|
141
|
+
PIDSI_LASTPRINTED = 0x0b
|
142
|
+
PIDSI_CREATE_DTM = 0x0c
|
143
|
+
PIDSI_LASTSAVE_DTM = 0x0d
|
144
|
+
PIDSI_PAGECOUNT = 0x0e
|
145
|
+
PIDSI_WORDCOUNT = 0x0f
|
146
|
+
PIDSI_CHARCOUNT = 0x10
|
147
|
+
PIDSI_THUMBNAIL = 0x11
|
148
|
+
PIDSI_APPNAME = 0x12
|
149
|
+
PIDSI_DOC_SECURITY = 0x13
|
150
|
+
# PropertyTypes
|
151
|
+
VT_EMPTY = 0x00
|
152
|
+
VT_NULL = 0x01
|
153
|
+
VT_I2 = 0x02
|
154
|
+
VT_I4 = 0x03
|
155
|
+
VT_R4 = 0x04
|
156
|
+
VT_R8 = 0x05
|
157
|
+
VT_CY = 0x06
|
158
|
+
VT_DATE = 0x07
|
159
|
+
VT_BSTR = 0x08
|
160
|
+
VT_ERROR = 0x0a
|
161
|
+
VT_BOOL = 0x0b
|
162
|
+
VT_VARIANT = 0x0c # used with VT_VECTOR
|
163
|
+
# 0xd
|
164
|
+
VT_DECIMAL = 0x0e
|
165
|
+
# 0xf
|
166
|
+
VT_I1 = 0x10
|
167
|
+
VT_UI1 = 0x11
|
168
|
+
VT_UI2 = 0x12
|
169
|
+
VT_UI4 = 0x13
|
170
|
+
VT_I8 = 0x14
|
171
|
+
VT_UI8 = 0x15
|
172
|
+
VT_INT = 0x16
|
173
|
+
VT_UINT = 0x17
|
174
|
+
VT_LPSTR = 0x1e
|
175
|
+
VT_LPWSTR = 0x1f
|
176
|
+
# 0x20-0x3f
|
177
|
+
VT_FILETIME = 0x40
|
178
|
+
VT_BLOB = 0x41
|
179
|
+
VT_STREAM = 0x42
|
180
|
+
VT_STORAGE = 0x43
|
181
|
+
VT_STREAMED_OBJ = 0x44
|
182
|
+
VT_STORED_OBJ = 0x45
|
183
|
+
VT_BLOB_OBJ = 0x46
|
184
|
+
VT_CF = 0x47 # Clipboard Format
|
185
|
+
VT_CLSID = 0x48
|
186
|
+
VT_VERSIONED_STREAM = 0x49
|
187
|
+
# Flags
|
188
|
+
VT_VECTOR = 0x1000
|
189
|
+
VT_ARRAY = 0x2000 # Requires OLE version >= 1
|
190
|
+
# Format IDs
|
191
|
+
FMTID_SummaryInformation = "\xe0\x85\x9f\xf2\xf9\x4f\x68\x10\xab\x91\x08\x00\x2b\x27\xb3\xd9"
|
192
|
+
FMTID_DocSummaryInformation = "\x02\xd5\xcd\xd5\x9c\x2e\x1b\x10\x93\x97\x08\x00\x2b\x2c\xf9\xae"
|
193
|
+
FMTID_UserDefinedProperties = "\x05\xd5\xcd\xd5\x9c\x2e\x1b\x10\x93\x97\x08\x00\x2b\x2c\xf9\xae"
|
194
|
+
FMTID_GlobalInfo = "\x00\x6f\x61\x56\x54\xc1\xce\x11\x85\x53\x00\xaa\x00\xa1\xf9\x5b"
|
195
|
+
FMTID_ImageContents = "\x00\x64\x61\x56\x54\xc1\xce\x11\x85\x53\x00\xaa\x00\xa1\xf9\x5b"
|
196
|
+
FMTID_ImageInfo = "\x00\x65\x61\x56\x54\xc1\xce\x11\x85\x53\x00\xaa\x00\xa1\xf9\x5b"
|
197
|
+
FMTID_PropertyBag = "\x01\x18\x00\x20\xe6\x5d\xd1\x11\x8e\x38\x00\xc0\x4f\xb9\x38\x6d"
|
198
|
+
# defines PropertySet class
|
199
|
+
require 'rex/ole/propset'
|
200
|
+
|
201
|
+
|
202
|
+
end
|
203
|
+
end
|
data/rex-ole.gemspec
ADDED
@@ -0,0 +1,26 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'rex/ole/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "rex-ole"
|
8
|
+
spec.version = Rex::OLE::VERSION
|
9
|
+
spec.authors = ["Pearce Barry"]
|
10
|
+
spec.email = ["pearce_barry@rapid7.com"]
|
11
|
+
|
12
|
+
spec.summary = %q{Rex Library for working with OLE}
|
13
|
+
spec.description = %q{Ruby Exploitation(Rex) library gem for reading/writing Object-Linking-and-Embedding (OLE) files and streams}
|
14
|
+
spec.homepage = "https://github.com/rapid7/rex-ole"
|
15
|
+
|
16
|
+
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
17
|
+
spec.bindir = "exe"
|
18
|
+
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
19
|
+
spec.require_paths = ["lib"]
|
20
|
+
|
21
|
+
spec.add_development_dependency "bundler", "~> 1.12"
|
22
|
+
spec.add_development_dependency "rake", "~> 10.0"
|
23
|
+
spec.add_development_dependency "rspec", "~> 3.0"
|
24
|
+
|
25
|
+
spec.add_runtime_dependency "rex-text"
|
26
|
+
end
|
data.tar.gz.sig
ADDED
metadata
ADDED
@@ -0,0 +1,208 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: rex-ole
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Pearce Barry
|
8
|
+
autorequire:
|
9
|
+
bindir: exe
|
10
|
+
cert_chain:
|
11
|
+
- |
|
12
|
+
-----BEGIN CERTIFICATE-----
|
13
|
+
MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
|
14
|
+
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
|
15
|
+
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
|
16
|
+
MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
|
17
|
+
YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
|
18
|
+
aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
|
19
|
+
jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
|
20
|
+
xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
|
21
|
+
1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
|
22
|
+
snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
|
23
|
+
U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
|
24
|
+
9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
|
25
|
+
BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
|
26
|
+
AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
|
27
|
+
yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
|
28
|
+
38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
|
29
|
+
AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
|
30
|
+
DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
|
31
|
+
HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
|
32
|
+
-----END CERTIFICATE-----
|
33
|
+
- |
|
34
|
+
-----BEGIN CERTIFICATE-----
|
35
|
+
MIIEKDCCAxCgAwIBAgILBAAAAAABL07hNVwwDQYJKoZIhvcNAQEFBQAwVzELMAkG
|
36
|
+
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
|
37
|
+
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xMTA0MTMxMDAw
|
38
|
+
MDBaFw0xOTA0MTMxMDAwMDBaMFExCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
|
39
|
+
YWxTaWduIG52LXNhMScwJQYDVQQDEx5HbG9iYWxTaWduIENvZGVTaWduaW5nIENB
|
40
|
+
IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyTxTnEL7XJnKr
|
41
|
+
NpfvU79ChF5Y0Yoo/ENGb34oRFALdV0A1zwKRJ4gaqT3RUo3YKNuPxL6bfq2RsNq
|
42
|
+
o7gMJygCVyjRUPdhOVW4w+ElhlI8vwUd17Oa+JokMUnVoqni05GrPjxz7/Yp8cg1
|
43
|
+
0DB7f06SpQaPh+LO9cFjZqwYaSrBXrta6G6V/zuAYp2Zx8cvZtX9YhqCVVrG+kB3
|
44
|
+
jskwPBvw8jW4bFmc/enWyrRAHvcEytFnqXTjpQhU2YM1O46MIwx1tt6GSp4aPgpQ
|
45
|
+
STic0qiQv5j6yIwrJxF+KvvO3qmuOJMi+qbs+1xhdsNE1swMfi9tBoCidEC7tx/0
|
46
|
+
O9dzVB/zAgMBAAGjgfowgfcwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYB
|
47
|
+
Af8CAQAwHQYDVR0OBBYEFAhu2Lacir/tPtfDdF3MgB+oL1B6MEcGA1UdIARAMD4w
|
48
|
+
PAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNv
|
49
|
+
bS9yZXBvc2l0b3J5LzAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmdsb2Jh
|
50
|
+
bHNpZ24ubmV0L3Jvb3QuY3JsMBMGA1UdJQQMMAoGCCsGAQUFBwMDMB8GA1UdIwQY
|
51
|
+
MBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMA0GCSqGSIb3DQEBBQUAA4IBAQAiXMXd
|
52
|
+
PfQLcNjj9efFjgkBu7GWNlxaB63HqERJUSV6rg2kGTuSnM+5Qia7O2yX58fOEW1o
|
53
|
+
kdqNbfFTTVQ4jGHzyIJ2ab6BMgsxw2zJniAKWC/wSP5+SAeq10NYlHNUBDGpeA07
|
54
|
+
jLBwwT1+170vKsPi9Y8MkNxrpci+aF5dbfh40r5JlR4VeAiR+zTIvoStvODG3Rjb
|
55
|
+
88rwe8IUPBi4A7qVPiEeP2Bpen9qA56NSvnwKCwwhF7sJnJCsW3LZMMSjNaES2dB
|
56
|
+
fLEDF3gJ462otpYtpH6AA0+I98FrWkYVzSwZi9hwnOUtSYhgcqikGVJwQ17a1kYD
|
57
|
+
sGgOJO9K9gslJO8k
|
58
|
+
-----END CERTIFICATE-----
|
59
|
+
- |
|
60
|
+
-----BEGIN CERTIFICATE-----
|
61
|
+
MIIEyjCCA7KgAwIBAgISESEyE8rNriS4+1dc8jOHEUL8MA0GCSqGSIb3DQEBBQUA
|
62
|
+
MFExCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMScwJQYD
|
63
|
+
VQQDEx5HbG9iYWxTaWduIENvZGVTaWduaW5nIENBIC0gRzIwHhcNMTMxMDExMTUx
|
64
|
+
NTM4WhcNMTYxMDExMTUxNTM4WjBgMQswCQYDVQQGEwJVUzEWMBQGA1UECBMNTWFz
|
65
|
+
c2FjaHVzZXR0czEPMA0GA1UEBxMGQm9zdG9uMRMwEQYDVQQKEwpSYXBpZDcgTExD
|
66
|
+
MRMwEQYDVQQDEwpSYXBpZDcgTExDMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
|
67
|
+
CgKCAQEAhD//7+739c69hssg0mD6CXgf2JkuWTcU81dgD7aKcoEPqU8e1FseBvDW
|
68
|
+
/Q5fNK2H2NgHV/Msn18zXuK0PkaJXqj/vDsuKB3Hq0BiR2AwyDdEw8K5MK5bgQc2
|
69
|
+
tmcVtEAejRoy1Uv5UyfaAYAxG6zsma3buV1fjnEAC3VouRg4+EX/f65H/a6srntK
|
70
|
+
5Etp3D71k2f0oUl8dOqOmSsRJQQ5zSs4ktDvpjAmsvzoA+1svceLYU95mvQsIw2T
|
71
|
+
edpmibGMwGw/HmgV+YWBgF5UGvax6zbC2i6DF2YHnDfkNb8/1MEIaxOTAbJTazTK
|
72
|
+
8laCQOyay6L1BNPQKjZBgOge8LZq1wIDAQABo4IBizCCAYcwDgYDVR0PAQH/BAQD
|
73
|
+
AgeAMEwGA1UdIARFMEMwQQYJKwYBBAGgMgEyMDQwMgYIKwYBBQUHAgEWJmh0dHBz
|
74
|
+
Oi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAkGA1UdEwQCMAAwEwYD
|
75
|
+
VR0lBAwwCgYIKwYBBQUHAwMwPgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2NybC5n
|
76
|
+
bG9iYWxzaWduLmNvbS9ncy9nc2NvZGVzaWduZzIuY3JsMIGGBggrBgEFBQcBAQR6
|
77
|
+
MHgwQAYIKwYBBQUHMAKGNGh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2Fj
|
78
|
+
ZXJ0L2dzY29kZXNpZ25nMi5jcnQwNAYIKwYBBQUHMAGGKGh0dHA6Ly9vY3NwMi5n
|
79
|
+
bG9iYWxzaWduLmNvbS9nc2NvZGVzaWduZzIwHQYDVR0OBBYEFE536JwFx9SpaEi3
|
80
|
+
w8pcq2GRFA5BMB8GA1UdIwQYMBaAFAhu2Lacir/tPtfDdF3MgB+oL1B6MA0GCSqG
|
81
|
+
SIb3DQEBBQUAA4IBAQAGpGXHtFLjTTivV+xQPwtZhfPuJ7f+VGTMSAAYWmfzyHXM
|
82
|
+
YMFYUWJzSFcuVR2YfxtbS45P7U5Qopd7jBQ0Ygk5h2a+B5nE4+UlhHj665d0zpYM
|
83
|
+
1eWndMaO6WBOYnqtNyi8Dqqc1foKZDNHEDggYhGso7OIBunup+N4sPL9PwQ3eYe6
|
84
|
+
mUu8z0E4GXYViaMPOFkqaYnoYgf2L+7L5zKYT4h/NE/P7kj7EbduHgy/v/aAIrNl
|
85
|
+
2SpuQH+SWteq3NXkAmFEEqvLJQ4sbptZt8OP8ghL3pVAvZNFmww/YVszSkShSzcg
|
86
|
+
QdihYCSEL2drS2cFd50jBeq71sxUtxbv82DUa2b+
|
87
|
+
-----END CERTIFICATE-----
|
88
|
+
date: 2016-07-21 00:00:00.000000000 Z
|
89
|
+
dependencies:
|
90
|
+
- !ruby/object:Gem::Dependency
|
91
|
+
name: bundler
|
92
|
+
requirement: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - "~>"
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '1.12'
|
97
|
+
type: :development
|
98
|
+
prerelease: false
|
99
|
+
version_requirements: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - "~>"
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '1.12'
|
104
|
+
- !ruby/object:Gem::Dependency
|
105
|
+
name: rake
|
106
|
+
requirement: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - "~>"
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '10.0'
|
111
|
+
type: :development
|
112
|
+
prerelease: false
|
113
|
+
version_requirements: !ruby/object:Gem::Requirement
|
114
|
+
requirements:
|
115
|
+
- - "~>"
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: '10.0'
|
118
|
+
- !ruby/object:Gem::Dependency
|
119
|
+
name: rspec
|
120
|
+
requirement: !ruby/object:Gem::Requirement
|
121
|
+
requirements:
|
122
|
+
- - "~>"
|
123
|
+
- !ruby/object:Gem::Version
|
124
|
+
version: '3.0'
|
125
|
+
type: :development
|
126
|
+
prerelease: false
|
127
|
+
version_requirements: !ruby/object:Gem::Requirement
|
128
|
+
requirements:
|
129
|
+
- - "~>"
|
130
|
+
- !ruby/object:Gem::Version
|
131
|
+
version: '3.0'
|
132
|
+
- !ruby/object:Gem::Dependency
|
133
|
+
name: rex-text
|
134
|
+
requirement: !ruby/object:Gem::Requirement
|
135
|
+
requirements:
|
136
|
+
- - ">="
|
137
|
+
- !ruby/object:Gem::Version
|
138
|
+
version: '0'
|
139
|
+
type: :runtime
|
140
|
+
prerelease: false
|
141
|
+
version_requirements: !ruby/object:Gem::Requirement
|
142
|
+
requirements:
|
143
|
+
- - ">="
|
144
|
+
- !ruby/object:Gem::Version
|
145
|
+
version: '0'
|
146
|
+
description: Ruby Exploitation(Rex) library gem for reading/writing Object-Linking-and-Embedding
|
147
|
+
(OLE) files and streams
|
148
|
+
email:
|
149
|
+
- pearce_barry@rapid7.com
|
150
|
+
executables: []
|
151
|
+
extensions: []
|
152
|
+
extra_rdoc_files: []
|
153
|
+
files:
|
154
|
+
- ".gitignore"
|
155
|
+
- ".rspec"
|
156
|
+
- ".travis.yml"
|
157
|
+
- CODE_OF_CONDUCT.md
|
158
|
+
- Gemfile
|
159
|
+
- LICENSE
|
160
|
+
- README.md
|
161
|
+
- Rakefile
|
162
|
+
- bin/console
|
163
|
+
- bin/setup
|
164
|
+
- lib/rex/ole.rb
|
165
|
+
- lib/rex/ole/clsid.rb
|
166
|
+
- lib/rex/ole/difat.rb
|
167
|
+
- lib/rex/ole/directory.rb
|
168
|
+
- lib/rex/ole/direntry.rb
|
169
|
+
- lib/rex/ole/docs/dependencies.txt
|
170
|
+
- lib/rex/ole/docs/references.txt
|
171
|
+
- lib/rex/ole/fat.rb
|
172
|
+
- lib/rex/ole/header.rb
|
173
|
+
- lib/rex/ole/minifat.rb
|
174
|
+
- lib/rex/ole/propset.rb
|
175
|
+
- lib/rex/ole/samples/create_ole.rb
|
176
|
+
- lib/rex/ole/samples/dir.rb
|
177
|
+
- lib/rex/ole/samples/dump_stream.rb
|
178
|
+
- lib/rex/ole/samples/ole_info.rb
|
179
|
+
- lib/rex/ole/storage.rb
|
180
|
+
- lib/rex/ole/stream.rb
|
181
|
+
- lib/rex/ole/substorage.rb
|
182
|
+
- lib/rex/ole/util.rb
|
183
|
+
- lib/rex/ole/version.rb
|
184
|
+
- rex-ole.gemspec
|
185
|
+
homepage: https://github.com/rapid7/rex-ole
|
186
|
+
licenses: []
|
187
|
+
metadata: {}
|
188
|
+
post_install_message:
|
189
|
+
rdoc_options: []
|
190
|
+
require_paths:
|
191
|
+
- lib
|
192
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
193
|
+
requirements:
|
194
|
+
- - ">="
|
195
|
+
- !ruby/object:Gem::Version
|
196
|
+
version: '0'
|
197
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
198
|
+
requirements:
|
199
|
+
- - ">="
|
200
|
+
- !ruby/object:Gem::Version
|
201
|
+
version: '0'
|
202
|
+
requirements: []
|
203
|
+
rubyforge_project:
|
204
|
+
rubygems_version: 2.4.8
|
205
|
+
signing_key:
|
206
|
+
specification_version: 4
|
207
|
+
summary: Rex Library for working with OLE
|
208
|
+
test_files: []
|
metadata.gz.sig
ADDED
Binary file
|