RubyGems - rex-ole - Versions diffs - 0.1.0 - Mend

rex-ole 0.1.0

Files changed (36) hide show

checksums.yaml +7 -0
checksums.yaml.gz.sig +0 -0
data/.gitignore +9 -0
data/.rspec +2 -0
data/.travis.yml +5 -0
data/CODE_OF_CONDUCT.md +52 -0
data/Gemfile +6 -0
data/LICENSE +27 -0
data/README.md +32 -0
data/Rakefile +6 -0
data/bin/console +14 -0
data/bin/setup +8 -0
data/lib/rex/ole/clsid.rb +44 -0
data/lib/rex/ole/difat.rb +138 -0
data/lib/rex/ole/directory.rb +228 -0
data/lib/rex/ole/direntry.rb +237 -0
data/lib/rex/ole/docs/dependencies.txt +8 -0
data/lib/rex/ole/docs/references.txt +1 -0
data/lib/rex/ole/fat.rb +96 -0
data/lib/rex/ole/header.rb +201 -0
data/lib/rex/ole/minifat.rb +74 -0
data/lib/rex/ole/propset.rb +141 -0
data/lib/rex/ole/samples/create_ole.rb +27 -0
data/lib/rex/ole/samples/dir.rb +35 -0
data/lib/rex/ole/samples/dump_stream.rb +34 -0
data/lib/rex/ole/samples/ole_info.rb +23 -0
data/lib/rex/ole/storage.rb +392 -0
data/lib/rex/ole/stream.rb +50 -0
data/lib/rex/ole/substorage.rb +46 -0
data/lib/rex/ole/util.rb +154 -0
data/lib/rex/ole/version.rb +5 -0
data/lib/rex/ole.rb +203 -0
data/rex-ole.gemspec +26 -0
data.tar.gz.sig +2 -0
metadata +208 -0
metadata.gz.sig +0 -0

data/lib/rex/ole/substorage.rb ADDED Viewed

@@ -0,0 +1,46 @@
+# -*- coding: binary -*-
+##
+# Rex::OLE - an OLE implementation
+# written in 2010 by Joshua J. Drake <jduck [at] metasploit.com>
+##
+module Rex
+module OLE
+class SubStorage < DirEntry
+  def initialize(stg)
+    super
+    @_mse = STGTY_STORAGE
+  end
+  def close
+  end
+  # stream handling stuff
+  def create_stream(name, mode=STGM_WRITE)
+    @stg.create_stream(name, mode, self)
+  end
+  def open_stream(name, mode=STGM_READ)
+    @stg.open_stream(name, mode, self)
+  end
+  # storage handling stuff
+  def create_storage(name, mode=STGM_WRITE)
+    @stg.create_storage(name, mode, self)
+  end
+  def open_storage(name, mode=STGM_WRITE)
+    @stg.open_storage(name, mode, self)
+  end
+end
+end
+end

data/lib/rex/ole/util.rb ADDED Viewed

@@ -0,0 +1,154 @@
+# -*- coding: binary -*-
+##
+# Rex::OLE - an OLE implementation
+# written in 2010 by Joshua J. Drake <jduck [at] metasploit.com>
+##
+module Rex
+module OLE
+class Util
+  def self.Hexify32array(arr)
+    ret = ""
+    arr.each { |dw|
+      ret << " " if ret.length > 0
+      ret << "0x%08x" % dw
+    }
+    ret
+  end
+  def self.Printable(buf)
+    ret = ""
+    buf.unpack('C*').each { |byte|
+      ch = byte.chr
+      if (byte < 0x20 || byte > 0x7e)
+        ret << "\\x" + ch.unpack('H*')[0]
+      else
+        ret << ch
+      end
+    }
+    ret
+  end
+  def self.set_endian(endian)
+    @endian = endian
+  end
+  def self.get64(buf, offset)
+    @endian = LITTLE_ENDIAN if not @endian
+    if (@endian == LITTLE_ENDIAN)
+      arr = buf[offset,8].unpack('VV')
+      return (arr[0] + (arr[1] << 32))
+    else
+      arr = buf[offset,8].unpack('NN')
+      return ((arr[0] << 32) + arr[1])
+    end
+  end
+  def self.pack64(value)
+    @endian = LITTLE_ENDIAN if not @endian
+    arr = []
+    arr << (value & 0xffffffff)
+    arr << (value >> 32)
+    if (@endian == LITTLE_ENDIAN)
+      arr.pack('VV')
+    else
+      arr.reverse.pack('NN')
+    end
+  end
+  def self.get32(buf, offset)
+    @endian = LITTLE_ENDIAN if not @endian
+    if (@endian == LITTLE_ENDIAN)
+      buf[offset,4].unpack('V')[0]
+    else
+      buf[offset,4].unpack('N')[0]
+    end
+  end
+  def self.pack32(value)
+    @endian = LITTLE_ENDIAN if not @endian
+    if (@endian == LITTLE_ENDIAN)
+      [value].pack('V')
+    else
+      [value].pack('N')
+    end
+  end
+  def self.get32array(buf)
+    @endian = LITTLE_ENDIAN if not @endian
+    if (@endian == LITTLE_ENDIAN)
+      buf.unpack('V*')
+    else
+      buf.unpack('N*')
+    end
+  end
+  def self.pack32array(arr)
+    @endian = LITTLE_ENDIAN if not @endian
+    if (@endian == LITTLE_ENDIAN)
+      arr.pack('V*')
+    else
+      arr.pack('N*')
+    end
+  end
+  def self.get16(buf, offset)
+    @endian = LITTLE_ENDIAN if not @endian
+    if (@endian == LITTLE_ENDIAN)
+      buf[offset,2].unpack('v')[0]
+    else
+      buf[offset,2].unpack('n')[0]
+    end
+  end
+  def self.pack16(value)
+    @endian = LITTLE_ENDIAN if not @endian
+    if (@endian == LITTLE_ENDIAN)
+      [value].pack('v')
+    else
+      [value].pack('n')
+    end
+  end
+  def self.get8(buf, offset)
+    buf[offset,1].unpack('C')[0]
+  end
+  def self.pack8(value)
+    [value].pack('C')
+  end
+  def self.getUnicodeString(buf)
+    buf = buf.unpack('v*').pack('C*')
+    if (idx = buf.index(0x00.chr))
+      buf.slice!(idx, buf.length)
+    end
+    buf
+  end
+  def self.putUnicodeString(buf)
+    buf = buf.unpack('C*').pack('v*')
+    if (buf.length < 0x40)
+      buf << "\x00" * (0x40 - buf.length)
+    end
+    buf
+  end
+  def self.name_is_valid(name)
+    return nil if (name.length > 31)
+    (0..0x1f).to_a.each { |x|
+      return nil if (name.include?(x.chr))
+    }
+    return true
+  end
+end
+end
+end

data/lib/rex/ole/version.rb ADDED Viewed

@@ -0,0 +1,5 @@
+module Rex
+  module OLE
+    VERSION = "0.1.0"
+  end
+end

data/lib/rex/ole.rb ADDED Viewed

@@ -0,0 +1,203 @@
+# -*- coding: binary -*-
+##
+# Rex::OLE - an OLE implementation
+# written in 2010 by Joshua J. Drake <jduck [at] metasploit.com>
+#
+# License: MSF_LICENSE
+#
+#
+# This module implements Object-Linking-and-Embedding otherwise known as
+# Compound File Binary File Format or Windows Compound Binary File Format.
+# OLE is the container format for modern Excel, Word, PowerPoint, and many
+# other file formats.
+#
+# NOTE: This implementation is almost fully compliant with [MS-CFB] v1.1
+#
+#
+# SUPPORTS:
+#
+#  1. R/W v3 OLE files (v4 may work, but wasn't tested)
+#  2. RO double-indirect fat sectors
+#  3. RO fat sectors (including those in double-indirect parts)
+#  4. WO support for less than 109 fat sectors :)
+#  5. R/W minifat sectors
+#  6. R/W ministream
+#  7. R/W normal streams
+#  8. R/W substorages (including nesting)
+#  9. full directory support (hierarchal and flattened access)
+# 10. big and little endian files (although only little endian was tested)
+# 11. PropertySet streams (except .to_s)
+#
+#
+# TODO (in order of priority):
+#
+#  1. support deleting storages/streams
+#  2. create copyto and other typical interface functions
+#  3. support writing DIF sectors > 109
+#     - may lead to allocating more fat sectors :-/
+#  4. properly support mode params for open_stream/open_storage/etc
+#  5. optimize to prevent unecessary loading/writing
+#  6. support non-committal editing (open, change, close w/o save)
+#  7. support timestamps
+#  8. provide interface to change paramters (endian, etc)
+#
+#
+# TO INVESTIGATE:
+#
+#  1. moving storage interface functions into something used by both
+#     the main storage and substorages (unifying the code) (mixin?)
+#  2. eliminating flattening the directory prior to writing it out
+#
+##
+require 'rex/ole/version'
+require 'rex/text'
+module Rex
+module OLE
+# misc util
+# NOTE: the v1.1 spec says that everything "MUST be stored in little-endian byte order"
+BIG_ENDIAN     = 0xfeff
+LITTLE_ENDIAN  = 0xfffe
+# defines Util class
+require 'rex/ole/util'
+require 'rex/ole/clsid'
+# constants for dealing with the header
+HDR_SZ  = 512
+# signatures
+SIG       = "\xd0\xcf\x11\xe0\xa1\xb1\x1a\xe1"
+SIG_BETA  = "\x0e\x11\xfc\x0d\xd0\xcf\x11\xe0"
+# defines Header class
+require 'rex/ole/header'
+# sector types
+SECT_MAX   = 0xfffffffa
+SECT_DIF   = 0xfffffffc
+SECT_FAT   = 0xfffffffd
+SECT_END   = 0xfffffffe
+SECT_FREE  = 0xffffffff
+# defines DIFAT class
+require 'rex/ole/difat'
+# defines FAT class
+require 'rex/ole/fat'
+# defines MiniFAT class
+require 'rex/ole/minifat'
+# directory entries
+DIRENTRY_SZ      = 128
+DIR_NOSTREAM     = 0xffffffff
+DIR_MAXREGSID    = 0xfffffffa
+# defines Directory class
+require 'rex/ole/directory'
+# types
+STGTY_INVALID    = 0
+STGTY_STORAGE    = 1
+STGTY_STREAM     = 2
+STGTY_LOCKBYTES  = 3
+STGTY_PROPERTY   = 4
+STGTY_ROOT       = 5
+# for red/black tree
+COLOR_RED   = 0
+COLOR_BLACK = 1
+# defines DirEntry base class
+require 'rex/ole/direntry'
+# constants for storages
+STGM_READ       = 0
+STGM_WRITE      = 1
+STGM_READWRITE  = 2
+# defines Storage class
+require 'rex/ole/storage'
+# defines SubStorage class
+require 'rex/ole/substorage'
+# defines Stream class
+require 'rex/ole/stream'
+# constants for property sets
+# PropertyIds
+PID_DICTIONARY  = 0x00000000
+PID_CODEPAGE    = 0x00000001
+PID_LOCALE      = 0x80000000
+PID_BEHAVIOR    = 0x80000003
+# Well-known PropertyIds
+PIDSI_TITLE        = 0x02
+PIDSI_SUBJECT      = 0x03
+PIDSI_AUTHOR       = 0x04
+PIDSI_KEYWORDS     = 0x05
+PIDSI_COMMENTS     = 0x06
+PIDSI_TEMPLATE     = 0x07
+PIDSI_LASTAUTHOR   = 0x08
+PIDSI_REVNUMBER    = 0x09
+PIDSI_EDITTIME     = 0x0a
+PIDSI_LASTPRINTED  = 0x0b
+PIDSI_CREATE_DTM   = 0x0c
+PIDSI_LASTSAVE_DTM = 0x0d
+PIDSI_PAGECOUNT    = 0x0e
+PIDSI_WORDCOUNT    = 0x0f
+PIDSI_CHARCOUNT    = 0x10
+PIDSI_THUMBNAIL    = 0x11
+PIDSI_APPNAME      = 0x12
+PIDSI_DOC_SECURITY = 0x13
+# PropertyTypes
+VT_EMPTY        = 0x00
+VT_NULL         = 0x01
+VT_I2           = 0x02
+VT_I4           = 0x03
+VT_R4           = 0x04
+VT_R8           = 0x05
+VT_CY           = 0x06
+VT_DATE         = 0x07
+VT_BSTR         = 0x08
+VT_ERROR        = 0x0a
+VT_BOOL         = 0x0b
+VT_VARIANT      = 0x0c # used with VT_VECTOR
+# 0xd
+VT_DECIMAL      = 0x0e
+# 0xf
+VT_I1           = 0x10
+VT_UI1          = 0x11
+VT_UI2          = 0x12
+VT_UI4          = 0x13
+VT_I8           = 0x14
+VT_UI8          = 0x15
+VT_INT          = 0x16
+VT_UINT         = 0x17
+VT_LPSTR        = 0x1e
+VT_LPWSTR       = 0x1f
+# 0x20-0x3f
+VT_FILETIME     = 0x40
+VT_BLOB         = 0x41
+VT_STREAM       = 0x42
+VT_STORAGE      = 0x43
+VT_STREAMED_OBJ = 0x44
+VT_STORED_OBJ   = 0x45
+VT_BLOB_OBJ     = 0x46
+VT_CF           = 0x47 # Clipboard Format
+VT_CLSID        = 0x48
+VT_VERSIONED_STREAM = 0x49
+# Flags
+VT_VECTOR       = 0x1000
+VT_ARRAY        = 0x2000 # Requires OLE version >= 1
+# Format IDs
+FMTID_SummaryInformation    = "\xe0\x85\x9f\xf2\xf9\x4f\x68\x10\xab\x91\x08\x00\x2b\x27\xb3\xd9"
+FMTID_DocSummaryInformation = "\x02\xd5\xcd\xd5\x9c\x2e\x1b\x10\x93\x97\x08\x00\x2b\x2c\xf9\xae"
+FMTID_UserDefinedProperties = "\x05\xd5\xcd\xd5\x9c\x2e\x1b\x10\x93\x97\x08\x00\x2b\x2c\xf9\xae"
+FMTID_GlobalInfo            = "\x00\x6f\x61\x56\x54\xc1\xce\x11\x85\x53\x00\xaa\x00\xa1\xf9\x5b"
+FMTID_ImageContents         = "\x00\x64\x61\x56\x54\xc1\xce\x11\x85\x53\x00\xaa\x00\xa1\xf9\x5b"
+FMTID_ImageInfo             = "\x00\x65\x61\x56\x54\xc1\xce\x11\x85\x53\x00\xaa\x00\xa1\xf9\x5b"
+FMTID_PropertyBag           = "\x01\x18\x00\x20\xe6\x5d\xd1\x11\x8e\x38\x00\xc0\x4f\xb9\x38\x6d"
+# defines PropertySet class
+require 'rex/ole/propset'
+end
+end

data/rex-ole.gemspec ADDED Viewed

@@ -0,0 +1,26 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'rex/ole/version'
+Gem::Specification.new do |spec|
+  spec.name          = "rex-ole"
+  spec.version       = Rex::OLE::VERSION
+  spec.authors       = ["Pearce Barry"]
+  spec.email         = ["pearce_barry@rapid7.com"]
+  spec.summary       = %q{Rex Library for working with OLE}
+  spec.description   = %q{Ruby Exploitation(Rex) library gem for reading/writing Object-Linking-and-Embedding (OLE) files and streams}
+  spec.homepage      = "https://github.com/rapid7/rex-ole"
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+  spec.add_development_dependency "bundler", "~> 1.12"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+  spec.add_runtime_dependency "rex-text"
+end

data.tar.gz.sig ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ �(e��pBd/Sw'�_��B9dZ�bj�1�r�=2��7W��
2	+ �8��o]��?��fK�]vӾ~A~t�>�*��nj�fDie@8��P�Ғ�J��x`��;�o6Ů��a��(A��Q�ɀm��fo!o��iW�5ѽ�ǖk��9P<�AKv�6u�e�ރ0��0"��޽~��\|�߹�9�㪼9�\|7՗t$ӝ�jQpW�rm�<\|y=IҴ44�J��@(

metadata ADDED Viewed

@@ -0,0 +1,208 @@
+--- !ruby/object:Gem::Specification
+name: rex-ole
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Pearce Barry
+autorequire:
+bindir: exe
+cert_chain:
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+  A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+  b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
+  MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+  YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
+  aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
+  jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
+  xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
+  1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
+  snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
+  U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
+  9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
+  BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
+  AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
+  yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
+  38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
+  AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
+  DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
+  HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
+  -----END CERTIFICATE-----
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIEKDCCAxCgAwIBAgILBAAAAAABL07hNVwwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+  A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+  b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xMTA0MTMxMDAw
+  MDBaFw0xOTA0MTMxMDAwMDBaMFExCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+  YWxTaWduIG52LXNhMScwJQYDVQQDEx5HbG9iYWxTaWduIENvZGVTaWduaW5nIENB
+  IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyTxTnEL7XJnKr
+  NpfvU79ChF5Y0Yoo/ENGb34oRFALdV0A1zwKRJ4gaqT3RUo3YKNuPxL6bfq2RsNq
+  o7gMJygCVyjRUPdhOVW4w+ElhlI8vwUd17Oa+JokMUnVoqni05GrPjxz7/Yp8cg1
+  0DB7f06SpQaPh+LO9cFjZqwYaSrBXrta6G6V/zuAYp2Zx8cvZtX9YhqCVVrG+kB3
+  jskwPBvw8jW4bFmc/enWyrRAHvcEytFnqXTjpQhU2YM1O46MIwx1tt6GSp4aPgpQ
+  STic0qiQv5j6yIwrJxF+KvvO3qmuOJMi+qbs+1xhdsNE1swMfi9tBoCidEC7tx/0
+  O9dzVB/zAgMBAAGjgfowgfcwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYB
+  Af8CAQAwHQYDVR0OBBYEFAhu2Lacir/tPtfDdF3MgB+oL1B6MEcGA1UdIARAMD4w
+  PAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNv
+  bS9yZXBvc2l0b3J5LzAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmdsb2Jh
+  bHNpZ24ubmV0L3Jvb3QuY3JsMBMGA1UdJQQMMAoGCCsGAQUFBwMDMB8GA1UdIwQY
+  MBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMA0GCSqGSIb3DQEBBQUAA4IBAQAiXMXd
+  PfQLcNjj9efFjgkBu7GWNlxaB63HqERJUSV6rg2kGTuSnM+5Qia7O2yX58fOEW1o
+  kdqNbfFTTVQ4jGHzyIJ2ab6BMgsxw2zJniAKWC/wSP5+SAeq10NYlHNUBDGpeA07
+  jLBwwT1+170vKsPi9Y8MkNxrpci+aF5dbfh40r5JlR4VeAiR+zTIvoStvODG3Rjb
+  88rwe8IUPBi4A7qVPiEeP2Bpen9qA56NSvnwKCwwhF7sJnJCsW3LZMMSjNaES2dB
+  fLEDF3gJ462otpYtpH6AA0+I98FrWkYVzSwZi9hwnOUtSYhgcqikGVJwQ17a1kYD
+  sGgOJO9K9gslJO8k
+  -----END CERTIFICATE-----
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIEyjCCA7KgAwIBAgISESEyE8rNriS4+1dc8jOHEUL8MA0GCSqGSIb3DQEBBQUA
+  MFExCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMScwJQYD
+  VQQDEx5HbG9iYWxTaWduIENvZGVTaWduaW5nIENBIC0gRzIwHhcNMTMxMDExMTUx
+  NTM4WhcNMTYxMDExMTUxNTM4WjBgMQswCQYDVQQGEwJVUzEWMBQGA1UECBMNTWFz
+  c2FjaHVzZXR0czEPMA0GA1UEBxMGQm9zdG9uMRMwEQYDVQQKEwpSYXBpZDcgTExD
+  MRMwEQYDVQQDEwpSYXBpZDcgTExDMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+  CgKCAQEAhD//7+739c69hssg0mD6CXgf2JkuWTcU81dgD7aKcoEPqU8e1FseBvDW
+  /Q5fNK2H2NgHV/Msn18zXuK0PkaJXqj/vDsuKB3Hq0BiR2AwyDdEw8K5MK5bgQc2
+  tmcVtEAejRoy1Uv5UyfaAYAxG6zsma3buV1fjnEAC3VouRg4+EX/f65H/a6srntK
+  5Etp3D71k2f0oUl8dOqOmSsRJQQ5zSs4ktDvpjAmsvzoA+1svceLYU95mvQsIw2T
+  edpmibGMwGw/HmgV+YWBgF5UGvax6zbC2i6DF2YHnDfkNb8/1MEIaxOTAbJTazTK
+  8laCQOyay6L1BNPQKjZBgOge8LZq1wIDAQABo4IBizCCAYcwDgYDVR0PAQH/BAQD
+  AgeAMEwGA1UdIARFMEMwQQYJKwYBBAGgMgEyMDQwMgYIKwYBBQUHAgEWJmh0dHBz
+  Oi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAkGA1UdEwQCMAAwEwYD
+  VR0lBAwwCgYIKwYBBQUHAwMwPgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2NybC5n
+  bG9iYWxzaWduLmNvbS9ncy9nc2NvZGVzaWduZzIuY3JsMIGGBggrBgEFBQcBAQR6
+  MHgwQAYIKwYBBQUHMAKGNGh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2Fj
+  ZXJ0L2dzY29kZXNpZ25nMi5jcnQwNAYIKwYBBQUHMAGGKGh0dHA6Ly9vY3NwMi5n
+  bG9iYWxzaWduLmNvbS9nc2NvZGVzaWduZzIwHQYDVR0OBBYEFE536JwFx9SpaEi3
+  w8pcq2GRFA5BMB8GA1UdIwQYMBaAFAhu2Lacir/tPtfDdF3MgB+oL1B6MA0GCSqG
+  SIb3DQEBBQUAA4IBAQAGpGXHtFLjTTivV+xQPwtZhfPuJ7f+VGTMSAAYWmfzyHXM
+  YMFYUWJzSFcuVR2YfxtbS45P7U5Qopd7jBQ0Ygk5h2a+B5nE4+UlhHj665d0zpYM
+  1eWndMaO6WBOYnqtNyi8Dqqc1foKZDNHEDggYhGso7OIBunup+N4sPL9PwQ3eYe6
+  mUu8z0E4GXYViaMPOFkqaYnoYgf2L+7L5zKYT4h/NE/P7kj7EbduHgy/v/aAIrNl
+  2SpuQH+SWteq3NXkAmFEEqvLJQ4sbptZt8OP8ghL3pVAvZNFmww/YVszSkShSzcg
+  QdihYCSEL2drS2cFd50jBeq71sxUtxbv82DUa2b+
+  -----END CERTIFICATE-----
+date: 2016-07-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.12'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.12'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rex-text
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Ruby Exploitation(Rex) library gem for reading/writing Object-Linking-and-Embedding
+  (OLE) files and streams
+email:
+- pearce_barry@rapid7.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- CODE_OF_CONDUCT.md
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- lib/rex/ole.rb
+- lib/rex/ole/clsid.rb
+- lib/rex/ole/difat.rb
+- lib/rex/ole/directory.rb
+- lib/rex/ole/direntry.rb
+- lib/rex/ole/docs/dependencies.txt
+- lib/rex/ole/docs/references.txt
+- lib/rex/ole/fat.rb
+- lib/rex/ole/header.rb
+- lib/rex/ole/minifat.rb
+- lib/rex/ole/propset.rb
+- lib/rex/ole/samples/create_ole.rb
+- lib/rex/ole/samples/dir.rb
+- lib/rex/ole/samples/dump_stream.rb
+- lib/rex/ole/samples/ole_info.rb
+- lib/rex/ole/storage.rb
+- lib/rex/ole/stream.rb
+- lib/rex/ole/substorage.rb
+- lib/rex/ole/util.rb
+- lib/rex/ole/version.rb
+- rex-ole.gemspec
+homepage: https://github.com/rapid7/rex-ole
+licenses: []
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.8
+signing_key:
+specification_version: 4
+summary: Rex Library for working with OLE
+test_files: []

metadata.gz.sig ADDED Viewed

Binary file