rex 2.0.5 → 2.0.7

data/lib/rex/proto/rmi/model/output_header.rb

@@ -0,0 +1,86 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Proto
+    module Rmi
+      module Model
+        # This class provides a representation of an RMI output stream header
+        class OutputHeader < Element
+
+          # @!attribute signature
+          #   @return [String] the Java RMI header signature
+          attr_accessor :signature
+          # @!attribute version
+          #   @return [Fixnum] the Java RMI version
+          attr_accessor :version
+          # @!attribute protocol
+          #   @return [Fixnum] the protocol where the the messages are wrapped within
+          attr_accessor :protocol
+
+          private
+
+          # Reads the signature from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [String]
+          # @raise [RuntimeError] if fails to decode signature
+          def decode_signature(io)
+            signature = read_string(io, 4)
+            unless signature == SIGNATURE
+              raise ::RuntimeError, 'Failed to decode OutputHeader signature'
+            end
+
+            signature
+          end
+
+          # Reads the version from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [Fixnum]
+          def decode_version(io)
+            version = read_short(io)
+
+            version
+          end
+
+          # Reads the protocol from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [Fixnum]
+          # @raise [RuntimeError] if fails to decode the protocol
+          def decode_protocol(io)
+            valid_protocols = [STREAM_PROTOCOL, SINGLE_OP_PROTOCOL, MULTIPLEX_PROTOCOL]
+            protocol = read_byte(io)
+
+            unless valid_protocols.include?(protocol)
+              raise ::RuntimeError, 'Failed to decode OutputHeader protocol'
+            end
+
+            protocol
+          end
+
+          # Encodes the signature field
+          #
+          # @return [String]
+          def encode_signature
+            signature
+          end
+
+          # Encodes the version field
+          #
+          # @return [String]
+          def encode_version
+            [version].pack('n')
+          end
+
+          # Encodes the protocol field
+          #
+          # @return [String]
+          def encode_protocol
+            [protocol].pack('C')
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rex/proto/rmi/model/ping.rb

@@ -0,0 +1,41 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Proto
+    module Rmi
+      module Model
+        # This class provides a representation of an RMI Ping stream. A Ping is a message for testing
+        # livereness of a remote virtual machine.
+        class Ping < Element
+
+          # @!attribute stream_id
+          #   @return [Fixnum] the input stream id
+          attr_accessor :stream_id
+
+          private
+
+          # Reads the stream id from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [String]
+          # @raise [RuntimeError] if fails to decode stream id
+          def decode_stream_id(io)
+            stream_id = read_byte(io)
+            unless stream_id == PING_MESSAGE
+              raise ::RuntimeError, 'Failed to decode Ping stream id'
+            end
+
+            stream_id
+          end
+
+          # Encodes the stream_id field
+          #
+          # @return [String]
+          def encode_stream_id
+            [stream_id].pack('C')
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rex/proto/rmi/model/ping_ack.rb

@@ -0,0 +1,41 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Proto
+    module Rmi
+      module Model
+        # This class provides a representation of an RMI PingAck stream. A PingAck is the acknowledgement
+        # for a Ping message.
+        class PingAck < Element
+
+          # @!attribute stream_id
+          #   @return [Fixnum] the input stream id
+          attr_accessor :stream_id
+
+          private
+
+          # Reads the stream id from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [String]
+          # @raise [RuntimeError] if fails to decode stream id
+          def decode_stream_id(io)
+            stream_id = read_byte(io)
+            unless stream_id == PING_ACK
+              raise ::RuntimeError, 'Failed to decode PingAck stream id'
+            end
+
+            stream_id
+          end
+
+          # Encodes the stream_id field
+          #
+          # @return [String]
+          def encode_stream_id
+            [stream_id].pack('C')
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rex/proto/rmi/model/protocol_ack.rb

@@ -0,0 +1,100 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Proto
+    module Rmi
+      module Model
+        # This class provides a representation of an RMI protocol ack input stream
+        class ProtocolAck < Element
+
+          # @!attribute stream_id
+          #   @return [Fixnum] the input stream id
+          attr_accessor :stream_id
+          # @!attribute length
+          #   @return [Fixnum] the end point address length
+          attr_accessor :length
+          # @!attribute address
+          #   @return [String] the end point address
+          attr_accessor :address
+          # @!attribute port
+          #   @return [Fixnum] the end point port
+          attr_accessor :port
+
+          private
+
+          # Reads the stream id from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [String]
+          # @raise [RuntimeError] if fails to decode stream id
+          def decode_stream_id(io)
+            stream_id = read_byte(io)
+            unless stream_id == PROTOCOL_ACK
+              raise ::RuntimeError, 'Failed to decode ProtocolAck stream id'
+            end
+
+            stream_id
+          end
+
+          # Reads the end point identifier address length from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [Fixnum]
+          def decode_length(io)
+            length = read_short(io)
+
+            length
+          end
+
+          # Reads the end point address from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [String]
+          def decode_address(io)
+            version = read_string(io, length)
+
+            version
+          end
+
+          # Reads the end point port from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [Fixnum]
+          def decode_port(io)
+            port = read_int(io)
+
+            port
+          end
+
+          # Encodes the stream_id field
+          #
+          # @return [String]
+          def encode_stream_id
+            [stream_id].pack('C')
+          end
+
+          # Encodes the length field
+          #
+          # @return [String]
+          def encode_length
+            [length].pack('n')
+          end
+
+          # Encodes the address field
+          #
+          # @return [String]
+          def encode_address
+            address
+          end
+
+          # Encodes the port field
+          #
+          # @return [String]
+          def encode_port
+            [port].pack('N')
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rex/proto/rmi/model/return_data.rb

@@ -0,0 +1,60 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Proto
+    module Rmi
+      module Model
+        # This class provides a representation of an RMI return data stream
+        class ReturnData < Element
+
+          # @!attribute stream_id
+          #   @return [Fixnum] the stream id
+          attr_accessor :stream_id
+          # @!attribute return value
+          #   @return [Rex::Java::Serialization::Model::Stream] the serialized return data
+          attr_accessor :return_value
+
+          private
+
+          # Reads the stream id from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [String]
+          # @raise [RuntimeError] if fails to decode the stream id
+          def decode_stream_id(io)
+            stream_id = read_byte(io)
+            unless stream_id == RETURN_DATA
+              raise ::RuntimeError, 'Failed to decode ReturnData stream id'
+            end
+
+            stream_id
+          end
+
+          # Reads and deserializes the return value from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [Rex::Java::Serialization::Model::Stream]
+          def decode_return_value(io)
+            return_value = Rex::Java::Serialization::Model::Stream.decode(io)
+
+            return_value
+          end
+
+          # Encodes the stream_id field
+          #
+          # @return [String]
+          def encode_stream_id
+            [stream_id].pack('C')
+          end
+
+          # Encodes the return_value field
+          #
+          # @return [String]
+          def encode_return_value
+            return_value.encode
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rex/socket.rb

@@ -732,7 +732,15 @@ module Socket
   # Return peer connection information.
   #
   def getpeername
-    return Socket.from_sockaddr(super)
+    peer_name = nil
+    begin
+      peer_name = Socket.from_sockaddr(super)
+    rescue ::Errno::EINVAL => e
+      # Ruby's getpeername method may call rb_sys_fail("getpeername(2)")
+      elog("#{e.message} (#{e.class})#{e.backtrace * "\n"}\n", 'core', LEV_3)
+    end
+
+    return peer_name
   end
 
   #

data/lib/rex/socket/tcp_server.rb

@@ -56,6 +56,9 @@ module  Rex::Socket::TcpServer
 
       pn = t.getpeername
 
+      # We hit a "getpeername(2)" from Ruby
+      return nil unless pn
+
       t.peerhost = pn[1]
       t.peerport = pn[2]
     end

data/lib/rex/ui/text/dispatcher_shell.rb

@@ -105,7 +105,7 @@ module DispatcherShell
       print_error "The #{cmd} command is DEPRECATED"
       if cmd == "db_autopwn"
         print_error "See http://r-7.co/xY65Zr instead"
-      elsif method and self.respond_to?("cmd_#{method}")
+      elsif method and self.respond_to?("cmd_#{method}", true)
         print_error "Use #{method} instead"
         self.send("cmd_#{method}", *args)
       end
@@ -116,7 +116,7 @@ module DispatcherShell
       print_error "The #{cmd} command is DEPRECATED"
       if cmd == "db_autopwn"
         print_error "See http://r-7.co/xY65Zr instead"
-      elsif method and self.respond_to?("cmd_#{method}_help")
+      elsif method and self.respond_to?("cmd_#{method}_help", true)
         print_error "Use 'help #{method}' instead"
         self.send("cmd_#{method}_help")
       end
@@ -150,9 +150,9 @@ module DispatcherShell
           next if (dispatcher.commands.nil?)
           next if (dispatcher.commands.length == 0)
 
-          if dispatcher.respond_to?("cmd_#{cmd}")
+          if dispatcher.respond_to?("cmd_#{cmd}", true)
             cmd_found = true
-            break unless dispatcher.respond_to? "cmd_#{cmd}_help"
+            break unless dispatcher.respond_to?("cmd_#{cmd}_help", true)
             dispatcher.send("cmd_#{cmd}_help")
             help_found = true
             break

data/lib/rex/ui/text/output/tee.rb

@@ -44,6 +44,8 @@ class Output::Tee < Rex::Ui::Text::Output
     msg
   end
 
+  alias :write :print_raw
+
   def close
     self.fd.close if self.fd
     self.fd = nil

data/rex.gemspec

@@ -1,7 +1,7 @@
 # encoding: utf-8
 
 APP_NAME = "rex"
-VERSION  = "2.0.5"
+VERSION  = "2.0.7"
 
 Gem::Specification.new do |s|
   s.name                  = APP_NAME

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rex
 version: !ruby/object:Gem::Version
-  version: 2.0.5
+  version: 2.0.7
 platform: ruby
 authors:
 - HD Moore
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-12-22 00:00:00.000000000 Z
+date: 2015-02-19 00:00:00.000000000 Z
 dependencies: []
 description: Rex provides a variety of classes useful for security testing and exploit
   development.
@@ -110,6 +110,7 @@ files:
 - lib/rex/io/stream_server.rb
 - lib/rex/java.rb
 - lib/rex/java/serialization.rb
+- lib/rex/java/serialization/builder.rb
 - lib/rex/java/serialization/model.rb
 - lib/rex/java/serialization/model/annotation.rb
 - lib/rex/java/serialization/model/block_data.rb
@@ -175,6 +176,7 @@ files:
 - lib/rex/parser/burp_session_nokogiri.rb
 - lib/rex/parser/ci_nokogiri.rb
 - lib/rex/parser/foundstone_nokogiri.rb
+- lib/rex/parser/fs/ntfs.rb
 - lib/rex/parser/fusionvm_nokogiri.rb
 - lib/rex/parser/group_policy_preferences.rb
 - lib/rex/parser/ini.rb
@@ -370,6 +372,9 @@ files:
 - lib/rex/post/thread.rb
 - lib/rex/post/ui.rb
 - lib/rex/proto.rb
+- lib/rex/proto/acpp.rb
+- lib/rex/proto/acpp/client.rb
+- lib/rex/proto/acpp/message.rb
 - lib/rex/proto/addp.rb
 - lib/rex/proto/dcerpc.rb
 - lib/rex/proto/dcerpc/client.rb
@@ -422,6 +427,44 @@ files:
 - lib/rex/proto/kademlia/ping.rb
 - lib/rex/proto/kademlia/pong.rb
 - lib/rex/proto/kademlia/util.rb
+- lib/rex/proto/kerberos.rb
+- lib/rex/proto/kerberos/client.rb
+- lib/rex/proto/kerberos/credential_cache.rb
+- lib/rex/proto/kerberos/credential_cache/cache.rb
+- lib/rex/proto/kerberos/credential_cache/credential.rb
+- lib/rex/proto/kerberos/credential_cache/element.rb
+- lib/rex/proto/kerberos/credential_cache/key_block.rb
+- lib/rex/proto/kerberos/credential_cache/principal.rb
+- lib/rex/proto/kerberos/credential_cache/time.rb
+- lib/rex/proto/kerberos/crypto.rb
+- lib/rex/proto/kerberos/crypto/rc4_hmac.rb
+- lib/rex/proto/kerberos/crypto/rsa_md5.rb
+- lib/rex/proto/kerberos/model.rb
+- lib/rex/proto/kerberos/model/ap_req.rb
+- lib/rex/proto/kerberos/model/authenticator.rb
+- lib/rex/proto/kerberos/model/authorization_data.rb
+- lib/rex/proto/kerberos/model/checksum.rb
+- lib/rex/proto/kerberos/model/element.rb
+- lib/rex/proto/kerberos/model/enc_kdc_response.rb
+- lib/rex/proto/kerberos/model/encrypted_data.rb
+- lib/rex/proto/kerberos/model/encryption_key.rb
+- lib/rex/proto/kerberos/model/kdc_request.rb
+- lib/rex/proto/kerberos/model/kdc_request_body.rb
+- lib/rex/proto/kerberos/model/kdc_response.rb
+- lib/rex/proto/kerberos/model/krb_error.rb
+- lib/rex/proto/kerberos/model/last_request.rb
+- lib/rex/proto/kerberos/model/pre_auth_data.rb
+- lib/rex/proto/kerberos/model/pre_auth_enc_time_stamp.rb
+- lib/rex/proto/kerberos/model/pre_auth_pac_request.rb
+- lib/rex/proto/kerberos/model/principal_name.rb
+- lib/rex/proto/kerberos/model/ticket.rb
+- lib/rex/proto/kerberos/pac.rb
+- lib/rex/proto/kerberos/pac/client_info.rb
+- lib/rex/proto/kerberos/pac/element.rb
+- lib/rex/proto/kerberos/pac/logon_info.rb
+- lib/rex/proto/kerberos/pac/priv_svr_checksum.rb
+- lib/rex/proto/kerberos/pac/server_checksum.rb
+- lib/rex/proto/kerberos/pac/type.rb
 - lib/rex/proto/natpmp.rb
 - lib/rex/proto/natpmp/constants.rb
 - lib/rex/proto/natpmp/packet.rb
@@ -444,6 +487,17 @@ files:
 - lib/rex/proto/rfb/cipher.rb
 - lib/rex/proto/rfb/client.rb
 - lib/rex/proto/rfb/constants.rb
+- lib/rex/proto/rmi.rb
+- lib/rex/proto/rmi/model.rb
+- lib/rex/proto/rmi/model/call.rb
+- lib/rex/proto/rmi/model/continuation.rb
+- lib/rex/proto/rmi/model/dgc_ack.rb
+- lib/rex/proto/rmi/model/element.rb
+- lib/rex/proto/rmi/model/output_header.rb
+- lib/rex/proto/rmi/model/ping.rb
+- lib/rex/proto/rmi/model/ping_ack.rb
+- lib/rex/proto/rmi/model/protocol_ack.rb
+- lib/rex/proto/rmi/model/return_data.rb
 - lib/rex/proto/sip.rb
 - lib/rex/proto/sip/response.rb
 - lib/rex/proto/smb.rb