rex-socket 0.1.28 → 0.1.32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/lib/rex/socket.rb +1 -1
- data/lib/rex/socket/parameters.rb +38 -7
- data/lib/rex/socket/range_walker.rb +3 -3
- data/lib/rex/socket/ssl.rb +11 -1
- data/lib/rex/socket/ssl_tcp.rb +3 -24
- data/lib/rex/socket/version.rb +1 -1
- metadata +2 -2
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e4459a7bb29271ef6914325cf3d6b0b11f94056a55286cc91d1060f0c7f7afbb
|
4
|
+
data.tar.gz: 04a369427c1462a168ceb6f252e7f6a2987f35ef9ec47a582a35976ef7c0340c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d848f4b6df65942a810b7f24488f45d859bc6bdd11189afd131235f0c9cab0824c1e66fc95f0edf06ac91cae1f0f9d50d9820177fabcace2bb6824bc9dc108c2
|
7
|
+
data.tar.gz: 8baa414c06a8b13282c74d0d55c5edd7e7dff43c7304d1604f476f78195b0d2514ac72b22679b01387a25f16c4bc382c97b3181d3b9b5fe1aecd1bafb566f3d7
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data.tar.gz.sig
CHANGED
Binary file
|
data/lib/rex/socket.rb
CHANGED
@@ -730,7 +730,7 @@ module Socket
|
|
730
730
|
# Wrapper around getsockname that stores the local address and local port values.
|
731
731
|
#
|
732
732
|
def getlocalname
|
733
|
-
if self.localhost
|
733
|
+
if [nil, '0.0.0.0', '::'].include?(self.localhost) && [nil, 0].include?(self.localport)
|
734
734
|
_, self.localhost, self.localport = getsockname
|
735
735
|
end
|
736
736
|
|
@@ -110,10 +110,7 @@ class Rex::Socket::Parameters
|
|
110
110
|
self.sslctx = hash['SSLContext']
|
111
111
|
end
|
112
112
|
|
113
|
-
|
114
|
-
if (hash['SSLVersion'] and supported_ssl_versions.include? hash['SSLVersion'])
|
115
|
-
self.ssl_version = hash['SSLVersion']
|
116
|
-
end
|
113
|
+
self.ssl_version = hash.fetch('SSLVersion', nil)
|
117
114
|
|
118
115
|
supported_ssl_verifiers = %W{CLIENT_ONCE FAIL_IF_NO_PEER_CERT NONE PEER}
|
119
116
|
if (hash['SSLVerifyMode'] and supported_ssl_verifiers.include? hash['SSLVerifyMode'])
|
@@ -195,7 +192,15 @@ class Rex::Socket::Parameters
|
|
195
192
|
end
|
196
193
|
|
197
194
|
# Whether to force IPv6 addressing
|
198
|
-
|
195
|
+
if hash['IPv6'].nil?
|
196
|
+
# if IPv6 isn't specified and at least one host is an IPv6 address and the
|
197
|
+
# other is either nil, a hostname or an IPv6 address, then use IPv6
|
198
|
+
self.v6 = (Rex::Socket.is_ipv6?(self.localhost) || Rex::Socket.is_ipv6?(self.peerhost)) && \
|
199
|
+
(self.localhost.nil? || !Rex::Socket.is_ipv4?(self.localhost)) && \
|
200
|
+
(self.peerhost.nil? || !Rex::Socket.is_ipv4?(self.peerhost))
|
201
|
+
else
|
202
|
+
self.v6 = hash['IPv6']
|
203
|
+
end
|
199
204
|
end
|
200
205
|
|
201
206
|
def merge(other)
|
@@ -297,7 +302,13 @@ class Rex::Socket::Parameters
|
|
297
302
|
# @return [String]
|
298
303
|
attr_writer :localhost
|
299
304
|
def localhost
|
300
|
-
@localhost
|
305
|
+
return @localhost if @localhost
|
306
|
+
|
307
|
+
if @v6 || (@peerhost && Rex::Socket.is_ipv6?(@peerhost))
|
308
|
+
'::'
|
309
|
+
else
|
310
|
+
'0.0.0.0'
|
311
|
+
end
|
301
312
|
end
|
302
313
|
|
303
314
|
# The local port. Equivalent to the LocalPort parameter hash key.
|
@@ -383,7 +394,27 @@ class Rex::Socket::Parameters
|
|
383
394
|
|
384
395
|
# What version of SSL to use (Auto, SSL2, SSL3, SSL23, TLS1)
|
385
396
|
# @return [String,Symbol]
|
386
|
-
|
397
|
+
attr_reader :ssl_version
|
398
|
+
def ssl_version=(version)
|
399
|
+
# Let the caller specify a particular SSL/TLS version
|
400
|
+
case version
|
401
|
+
when 'SSL2'
|
402
|
+
version = :SSLv2
|
403
|
+
# 'TLS' will be the new name for autonegotation with newer versions of OpenSSL
|
404
|
+
when 'SSL23', 'TLS', 'Auto'
|
405
|
+
version = :SSLv23
|
406
|
+
when 'SSL3'
|
407
|
+
version = :SSLv3
|
408
|
+
when 'TLS1','TLS1.0'
|
409
|
+
version = :TLSv1
|
410
|
+
when 'TLS1.1'
|
411
|
+
version = :TLSv1_1
|
412
|
+
when 'TLS1.2'
|
413
|
+
version = :TLSv1_2
|
414
|
+
end
|
415
|
+
|
416
|
+
@ssl_version = version
|
417
|
+
end
|
387
418
|
|
388
419
|
# What specific SSL Cipher(s) to use, may be a string containing the cipher
|
389
420
|
# name or an array of strings containing cipher names e.g.
|
@@ -134,7 +134,7 @@ class RangeWalker
|
|
134
134
|
#
|
135
135
|
# @return [Hash<Symbol, String>] The next host in the range
|
136
136
|
def next_host
|
137
|
-
return
|
137
|
+
return unless valid?
|
138
138
|
|
139
139
|
if (@curr_addr > @ranges[@curr_range_index].stop)
|
140
140
|
# Then we are at the end of this range. Grab the next one.
|
@@ -247,7 +247,7 @@ class RangeWalker
|
|
247
247
|
def expand_cidr(arg)
|
248
248
|
start,stop = Rex::Socket.cidr_crack(arg)
|
249
249
|
if !start or !stop
|
250
|
-
return
|
250
|
+
return
|
251
251
|
end
|
252
252
|
range = Range.new
|
253
253
|
range.start = Rex::Socket.addr_atoi(start)
|
@@ -399,7 +399,7 @@ class RangeWalker
|
|
399
399
|
return if !valid_cidr_chars?(arg)
|
400
400
|
|
401
401
|
ip_part, mask_part = arg.split("/")
|
402
|
-
return
|
402
|
+
return unless (0..32).include? mask_part.to_i
|
403
403
|
if ip_part =~ /^\d{1,3}(\.\d{1,3}){1,3}$/
|
404
404
|
return unless Rex::Socket.is_ipv4?(ip_part)
|
405
405
|
end
|
data/lib/rex/socket/ssl.rb
CHANGED
@@ -11,6 +11,9 @@ require 'openssl'
|
|
11
11
|
###
|
12
12
|
module Rex::Socket::Ssl
|
13
13
|
|
14
|
+
# Default to SSLv23 (automatically negotiate)
|
15
|
+
DEFAULT_SSL_VERSION = :SSLv23
|
16
|
+
|
14
17
|
module CertProvider
|
15
18
|
|
16
19
|
def self.ssl_generate_subject(cn: nil, org: nil, loc: nil, st: nil)
|
@@ -122,7 +125,14 @@ module Rex::Socket::Ssl
|
|
122
125
|
key, cert, chain = ssl_generate_certificate(cert_vars: {cn: params.ssl_cn})
|
123
126
|
end
|
124
127
|
|
125
|
-
|
128
|
+
version = params&.ssl_version || DEFAULT_SSL_VERSION
|
129
|
+
# Raise an error if no selected versions are supported
|
130
|
+
unless Rex::Socket::SslTcp.system_ssl_methods.include? version
|
131
|
+
raise ArgumentError,
|
132
|
+
"This version of Ruby does not support the requested SSL/TLS version #{version}"
|
133
|
+
end
|
134
|
+
|
135
|
+
ctx = OpenSSL::SSL::SSLContext.new(version)
|
126
136
|
ctx.key = key
|
127
137
|
ctx.cert = cert
|
128
138
|
ctx.extra_chain_cert = chain
|
data/lib/rex/socket/ssl_tcp.rb
CHANGED
@@ -65,35 +65,14 @@ begin
|
|
65
65
|
def initsock(params = nil)
|
66
66
|
super
|
67
67
|
|
68
|
-
|
69
|
-
version = :SSLv23
|
70
|
-
|
71
|
-
# Let the caller specify a particular SSL/TLS version
|
72
|
-
if params
|
73
|
-
case params.ssl_version
|
74
|
-
when 'SSL2', :SSLv2
|
75
|
-
version = :SSLv2
|
76
|
-
# 'TLS' will be the new name for autonegotation with newer versions of OpenSSL
|
77
|
-
when 'SSL23', :SSLv23, 'TLS', 'Auto'
|
78
|
-
version = :SSLv23
|
79
|
-
when 'SSL3', :SSLv3
|
80
|
-
version = :SSLv3
|
81
|
-
when 'TLS1','TLS1.0', :TLSv1
|
82
|
-
version = :TLSv1
|
83
|
-
when 'TLS1.1', :TLSv1_1
|
84
|
-
version = :TLSv1_1
|
85
|
-
when 'TLS1.2', :TLSv1_2
|
86
|
-
version = :TLSv1_2
|
87
|
-
end
|
88
|
-
end
|
89
|
-
|
68
|
+
version = params&.ssl_version || Rex::Socket::Ssl::DEFAULT_SSL_VERSION
|
90
69
|
# Raise an error if no selected versions are supported
|
91
70
|
unless Rex::Socket::SslTcp.system_ssl_methods.include? version
|
92
71
|
raise ArgumentError,
|
93
|
-
"This version of Ruby does not support the requested SSL/TLS version #{
|
72
|
+
"This version of Ruby does not support the requested SSL/TLS version #{version}"
|
94
73
|
end
|
95
74
|
|
96
|
-
# Try
|
75
|
+
# Try initializing the socket with this SSL/TLS version
|
97
76
|
# This will throw an exception if it fails
|
98
77
|
initsock_with_ssl_version(params, version)
|
99
78
|
|
data/lib/rex/socket/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rex-socket
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.32
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Metasploit Hackers
|
@@ -93,7 +93,7 @@ cert_chain:
|
|
93
93
|
EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
|
94
94
|
9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
|
95
95
|
-----END CERTIFICATE-----
|
96
|
-
date: 2021-
|
96
|
+
date: 2021-08-05 00:00:00.000000000 Z
|
97
97
|
dependencies:
|
98
98
|
- !ruby/object:Gem::Dependency
|
99
99
|
name: rake
|
metadata.gz.sig
CHANGED
Binary file
|