rex 2.0.4 → 2.0.5

data/lib/rex/java/serialization/model/new_object.rb

@@ -0,0 +1,223 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Java
+    module Serialization
+      module Model
+        # This class provides a NewObject (Java Object) representation
+        class NewObject < Element
+
+          include Rex::Java::Serialization::Model::Contents
+
+          # @!attribute class_desc
+          #   @return [Rex::Java::Serialization::Model::ClassDesc] The description of the object
+          attr_accessor :class_desc
+          # @!attribute class_data
+          #   @return [Array] The data of the object
+          attr_accessor :class_data
+
+          # @param stream [Rex::Java::Serialization::Model::Stream] the stream where it belongs to
+          def initialize(stream = nil)
+            super(stream)
+            self.class_desc = nil
+            self.class_data = []
+          end
+
+          # Deserializes a Rex::Java::Serialization::Model::NewObject
+          #
+          # @param io [IO] the io to read from
+          # @return [self] if deserialization succeeds
+          # @raise [RuntimeError] if deserialization doesn't succeed
+          def decode(io)
+            self.class_desc = ClassDesc.decode(io, stream)
+            stream.add_reference(self) unless stream.nil?
+
+            if class_desc.description.class == NewClassDesc
+              self.class_data = decode_class_data(io, class_desc.description)
+            elsif class_desc.description.class == Reference
+              ref = class_desc.description.handle - BASE_WIRE_HANDLE
+              self.class_data = decode_class_data(io, stream.references[ref])
+            end
+
+            self
+          end
+
+          # Serializes the Rex::Java::Serialization::Model::NewObject
+          #
+          # @return [String] if serialization succeeds
+          # @raise [RuntimeError] if serialization doesn't succeed
+          def encode
+            unless class_desc.class == ClassDesc
+              raise ::RuntimeError, 'Failed to serialize NewObject'
+            end
+
+            encoded = ''
+            encoded << class_desc.encode
+
+            class_data.each do |value|
+              if value.class == Array
+                encoded << encode_value(value)
+              else
+                encoded << encode_content(value)
+              end
+            end
+
+            encoded
+          end
+
+          # Creates a print-friendly string representation
+          #
+          # @return [String]
+          def to_s
+            str  = ''
+            if class_desc.description.class == NewClassDesc
+              str << class_desc.description.class_name.to_s
+            elsif class_desc.description.class == Reference
+              str << (class_desc.description.handle - BASE_WIRE_HANDLE).to_s(16)
+            end
+
+            str << ' => { '
+            data = class_data.collect { |data| data.to_s }
+            str << data.join(', ')
+            str << ' }'
+          end
+
+          private
+
+          # Deserializes the class_data for a class_desc and its super classes
+          #
+          # @param io [IO] the io to read from
+          # @param my_class_desc [Rex::Java::Serialization::Model::NewClassDesc] the class description whose data is being extracted
+          # @return [Array] class_data values if deserialization succeeds
+          # @raise [RuntimeError] if deserialization doesn't succeed
+          def decode_class_data(io, my_class_desc)
+            values = []
+
+            unless my_class_desc.super_class.description.class == NullReference
+              values += decode_class_data(io, my_class_desc.super_class.description)
+            end
+
+            values += decode_class_fields(io, my_class_desc)
+
+            values
+          end
+
+          # Deserializes the fields data for a class_desc
+          #
+          # @param io [IO] the io to read from
+          # @param my_class_desc [Rex::Java::Serialization::Model::NewClassDesc] the class description whose data is being extracted
+          # @return [Array] class_data values if deserialization succeeds
+          # @raise [RuntimeError] if deserialization doesn't succeed
+          def decode_class_fields(io, my_class_desc)
+            values = []
+
+            my_class_desc.fields.each do |field|
+              if field.is_primitive?
+                values << decode_value(io, field.type)
+              else
+                content =  decode_content(io, stream)
+                values << content
+              end
+            end
+
+            values
+          end
+
+          # Deserializes a class_data value
+          #
+          # @param io [IO] the io to read from
+          # @param type [String] the type of the value to deserialize
+          # @return [Array(String, <Fixnum, Float>)] type and value if deserialization succeeds
+          # @raise [RuntimeError] if deserialization fails
+          def decode_value(io, type)
+            value = []
+
+            case type
+            when 'byte'
+              value_raw = io.read(1)
+              raise ::RuntimeError, 'Failed to deserialize NewArray value' if value_raw.nil?
+              value.push('byte', value_raw.unpack('c')[0])
+            when 'char'
+              value_raw = io.read(2)
+              unless value_raw && value_raw.length == 2
+                raise ::RuntimeError, 'Failed to deserialize NewArray value'
+              end
+              value.push('char', value_raw.unpack('s>')[0])
+            when 'double'
+              value_raw = io.read(8)
+              unless value_raw && value_raw.length == 8
+                raise ::RuntimeError, 'Failed to deserialize NewArray value'
+              end
+              value.push('double', value = value_raw.unpack('G')[0])
+            when 'float'
+              value_raw = io.read(4)
+              unless value_raw && value_raw.length == 4
+                raise ::RuntimeError, 'Failed to deserialize NewArray value'
+              end
+              value.push('float', value_raw.unpack('g')[0])
+            when 'int'
+              value_raw = io.read(4)
+              unless value_raw && value_raw.length == 4
+                raise ::RuntimeError, 'Failed to deserialize NewArray value'
+              end
+              value.push('int', value_raw.unpack('l>')[0])
+            when 'long'
+              value_raw = io.read(8)
+              unless value_raw && value_raw.length == 8
+                raise ::RuntimeError, 'Failed to deserialize NewArray value'
+              end
+              value.push('long', value_raw.unpack('q>')[0])
+            when 'short'
+              value_raw = io.read(2)
+              unless value_raw && value_raw.length == 2
+                raise ::RuntimeError, 'Failed to deserialize NewArray value'
+              end
+              value.push('short', value_raw.unpack('s>')[0])
+            when 'boolean'
+              value_raw = io.read(1)
+              raise ::RuntimeError, 'Failed to deserialize NewArray value' if value_raw.nil?
+              value.push('boolean', value_raw.unpack('c')[0])
+            else
+              raise ::RuntimeError, 'Unsupported NewArray type'
+            end
+
+            value
+          end
+
+          # Serializes an class_data value
+          #
+          # @param value [Array] the type and value to serialize
+          # @return [String] the serialized value
+          # @raise [RuntimeError] if serialization fails
+          def encode_value(value)
+            res = ''
+
+            case value[0]
+            when 'byte'
+              res = [value[1]].pack('c')
+            when 'char'
+              res = [value[1]].pack('s>')
+            when 'double'
+              res = [value[1]].pack('G')
+            when 'float'
+              res = [value[1]].pack('g')
+            when 'int'
+              res = [value[1]].pack('l>')
+            when 'long'
+              res = [value[1]].pack('q>')
+            when 'short'
+              res = [value[1]].pack('s>')
+            when 'boolean'
+              res = [value[1]].pack('c')
+            else
+              raise ::RuntimeError, 'Unsupported NewArray type'
+            end
+
+            res
+          end
+
+        end
+      end
+    end
+  end
+end

data/lib/rex/java/serialization/model/null_reference.rb

@@ -0,0 +1,12 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Java
+    module Serialization
+      module Model
+        class NullReference < Element
+        end
+      end
+    end
+  end
+end

data/lib/rex/java/serialization/model/reference.rb

@@ -0,0 +1,61 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Java
+    module Serialization
+      module Model
+        # This class provides a Java Reference representation.
+        class Reference < Element
+
+          # @!attribute contents
+          #   @return [Fixnum] The stream handle being referenced
+          attr_accessor :handle
+
+          # @param stream [Rex::Java::Serialization::Model::Stream] the stream where it belongs to
+          def initialize(stream = nil)
+            super(stream)
+            self.handle = 0
+          end
+
+          # Deserializes a Rex::Java::Serialization::Model::Reference
+          #
+          # @param io [IO] the io to read from
+          # @return [self] if deserialization succeeds
+          # @raise [RuntimeError] if deserialization doesn't succeed
+          def decode(io)
+            handle_raw = io.read(4)
+            unless handle_raw && handle_raw.length == 4
+              raise ::RuntimeError, 'Failed to unserialize Reference'
+            end
+
+            self.handle = handle_raw.unpack('N')[0]
+
+            self
+          end
+
+          # Serializes the Rex::Java::Serialization::Model::Reference
+          #
+          # @return [String] if serialization succeeds
+          # @raise [RuntimeError] if serialization doesn't succeed
+          def encode
+            if handle < BASE_WIRE_HANDLE
+              raise ::RuntimeError, 'Failed to serialize Reference'
+            end
+
+            encoded = ''
+            encoded << [handle].pack('N')
+
+            encoded
+          end
+
+          # Creates a print-friendly string representation
+          #
+          # @return [String]
+          def to_s
+            "0x#{handle.to_s(16)}"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rex/java/serialization/model/reset.rb

@@ -0,0 +1,12 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Java
+    module Serialization
+      module Model
+        class Reset < Element
+        end
+      end
+    end
+  end
+end

data/lib/rex/java/serialization/model/stream.rb

@@ -0,0 +1,123 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Java
+    module Serialization
+      module Model
+        # This class provides a Java Stream representation
+        class Stream < Element
+
+          include Rex::Java::Serialization::Model::Contents
+
+          # @!attribute magic
+          #   @return [Fixnum] The stream signature
+          attr_accessor :magic
+          # @!attribute version
+          #   @return [Fixnum] The stream version
+          attr_accessor :version
+          # @!attribute contents
+          #   @return [Array] The stream contents
+          attr_accessor :contents
+          # @!attribute references
+          #   @return [Array] The stream objects to be referenced through handles
+          attr_accessor :references
+
+          def initialize(stream = nil)
+            super(nil)
+            self.magic = STREAM_MAGIC
+            self.version = STREAM_VERSION
+            self.contents = []
+            self.references = []
+          end
+
+          # Deserializes a Rex::Java::Serialization::Model::Stream
+          #
+          # @param io [IO] the io to read from
+          # @return [self] if deserialization succeeds
+          # @raise [RuntimeError] if deserialization doesn't succeed
+          def decode(io)
+            self.magic = decode_magic(io)
+            self.version = decode_version(io)
+
+            until io.eof?
+              content = decode_content(io, self)
+              self.contents << content
+            end
+
+            self
+          end
+
+          # Serializes the Rex::Java::Serialization::Model::Stream
+          #
+          # @return [String] if serialization succeeds
+          # @raise [RuntimeError] if serialization doesn't succeed
+          def encode
+            encoded = ''
+            encoded << [magic].pack('n')
+            encoded << [version].pack('n')
+            contents.each do |content|
+              encoded << encode_content(content)
+            end
+            encoded
+          end
+
+          # Adds an element to the references array
+          #
+          # @param io [Rex::Java::Serialization::Model::Element] the object to save as reference dst
+          def add_reference(ref)
+            self.references.push(ref)
+          end
+
+          # Creates a print-friendly string representation
+          #
+          # @return [String]
+          def to_s
+            str = "@magic: 0x#{magic.to_s(16)}\n"
+            str << "@version: #{version}\n"
+            str << "@contents: [\n"
+            contents.each do |content|
+              str << "  #{print_content(content)}\n"
+            end
+            str << "]\n"
+            str << "@references: [\n"
+            references.each do |ref|
+                str << "  [#{(references.index(ref) + BASE_WIRE_HANDLE).to_s(16)}] #{print_content(ref)}\n"
+            end
+            str << "]\n"
+          end
+
+          private
+
+          # Deserializes the magic stream value
+          #
+          # @param io [IO] the io to read from
+          # @return [String] if deserialization succeeds
+          # @raise [RuntimeError] if deserialization doesn't succeed
+          def decode_magic(io)
+            magic = io.read(2)
+
+            unless magic && magic.length == 2 && magic.unpack('n')[0] == STREAM_MAGIC
+              raise ::RuntimeError, 'Failed to unserialize Stream'
+            end
+
+            STREAM_MAGIC
+          end
+
+          # Deserializes the version stream
+          #
+          # @param io [IO] the io to read from
+          # @return [Fixnum] if deserialization succeeds
+          # @raise [RuntimeError] if deserialization doesn't succeed
+          def decode_version(io)
+            version = io.read(2)
+            unless version && version.unpack('n')[0] == STREAM_VERSION
+              raise ::RuntimeError, 'Failed to unserialize Stream'
+            end
+
+            STREAM_VERSION
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rex/java/serialization/model/utf.rb

@@ -0,0 +1,69 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Java
+    module Serialization
+      module Model
+        # This class provides a Utf string representation
+        class Utf < Element
+
+          # @!attribute length
+          #   @return [Integer] the length of the string
+          attr_accessor :length
+          # @!attribute contents
+          #   @return [String] the contents of the string
+          attr_accessor :contents
+
+          # @param stream [Rex::Java::Serialization::Model::Stream] the stream where it belongs to
+          # @param contents [String] the contents of the utf string
+          def initialize(stream = nil, contents = '')
+            super(stream)
+            self.contents = contents
+            self.length = contents.length
+          end
+
+          # Deserializes a Rex::Java::Serialization::Model::Utf
+          #
+          # @param io [IO] the io to read from
+          # @return [self] if deserialization succeeds
+          # @raise [RuntimeError] if deserialization doesn't succeed
+          def decode(io)
+            raw_length = io.read(2)
+            if raw_length.nil? || raw_length.length != 2
+              raise ::RuntimeError, 'Failed to unserialize Utf'
+            end
+            self.length = raw_length.unpack('n')[0]
+
+            if length == 0
+              self.contents = ''
+            else
+              self.contents = io.read(length)
+              if contents.nil? || contents.length != length
+                raise ::RuntimeError, 'Failed to unserialize Utf'
+              end
+            end
+
+            self
+          end
+
+          # Serializes the Rex::Java::Serialization::Model::Utf
+          #
+          # @return [String]
+          def encode
+            encoded = [length].pack('n')
+            encoded << contents
+
+            encoded
+          end
+
+          # Creates a print-friendly string representation
+          #
+          # @return [String]
+          def to_s
+            contents
+          end
+        end
+      end
+    end
+  end
+end