rex 2.0.8 → 2.0.9

data/lib/rex/proto/rmi/model/dgc_ack.rb

@@ -22,11 +22,11 @@ module Rex
           #
           # @param io [IO] the IO to read from
           # @return [String]
-          # @raise [RuntimeError] if fails to decode stream id
+          # @raise [Rex::Proto::Rmi::DecodeError] if fails to decode stream id
           def decode_stream_id(io)
             stream_id = read_byte(io)
             unless stream_id == DGC_ACK_MESSAGE
-              raise ::RuntimeError, 'Failed to decode DgcAck stream id'
+              raise Rex::Proto::Rmi::DecodeError, 'Failed to decode DgcAck stream id'
             end
 
             stream_id

data/lib/rex/proto/rmi/model/element.rb

@@ -83,42 +83,57 @@ module Rex
           #
           # @param io [IO] the IO to read from
           # @return [Fixnum]
-          # @raise [RuntimeError] if the byte can't be read from io
+          # @raise [Rex::Proto::Rmi::DecodeError] if the byte can't be read from io
           def read_byte(io)
             raw = io.read(1)
-            raise ::RuntimeError, 'Failed to read byte' unless raw
+            raise Rex::Proto::Rmi::DecodeError, 'Failed to read byte' unless raw
 
-            raw.unpack('C')[0]
+            raw.unpack('c')[0]
           end
 
           # Reads a two bytes short from an IO
           #
           # @param io [IO] the IO to read from
           # @return [Fixnum]
-          # @raise [RuntimeError] if the short can't be read from io
+          # @raise [Rex::Proto::Rmi::DecodeError] if the short can't be read from io
           def read_short(io)
             raw = io.read(2)
 
             unless raw && raw.length == 2
-              raise ::RuntimeError, 'Failed to read short'
+              raise Rex::Proto::Rmi::DecodeError, 'Failed to read short'
             end
 
-            raw.unpack('n')[0]
+            raw.unpack('s>')[0]
           end
 
           # Reads a four bytes int from an IO
           #
           # @param io [IO] the IO to read from
           # @return [Fixnum]
-          # @raise [RuntimeError] if the int can't be read from io
+          # @raise [Rex::Proto::Rmi::DecodeError] if the int can't be read from io
           def read_int(io)
             raw = io.read(4)
 
             unless raw && raw.length == 4
-              raise ::RuntimeError, 'Failed to read short'
+              raise Rex::Proto::Rmi::DecodeError, 'Failed to read int'
             end
 
-            raw.unpack('N')[0]
+            raw.unpack('l>')[0]
+          end
+
+          # Reads a 8 bytes long from an IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [Fixnum]
+          # @raise [Rex::Proto::Rmi::DecodeError] if the long can't be read from io
+          def read_long(io)
+            raw = io.read(8)
+
+            unless raw && raw.length == 8
+              raise Rex::Proto::Rmi::DecodeError, 'Failed to read long'
+            end
+
+            raw.unpack('q>')[0]
           end
 
           # Reads an string from an IO
@@ -126,12 +141,12 @@ module Rex
           # @param io [IO] the IO to read from
           # @param length [Fixnum] the string length
           # @return [String]
-          # @raise [RuntimeError] if the string can't be read from io
+          # @raise [Rex::Proto::Rmi::DecodeError] if the string can't be read from io
           def read_string(io, length)
             raw = io.read(length)
 
             unless raw && raw.length == length
-              raise ::RuntimeError, 'Failed to read string'
+              raise Rex::Proto::Rmi::DecodeError, 'Failed to read string'
             end
 
             raw

data/lib/rex/proto/rmi/model/output_header.rb

@@ -23,11 +23,11 @@ module Rex
           #
           # @param io [IO] the IO to read from
           # @return [String]
-          # @raise [RuntimeError] if fails to decode signature
+          # @raise [Rex::Proto::Rmi::DecodeError] if fails to decode signature
           def decode_signature(io)
             signature = read_string(io, 4)
             unless signature == SIGNATURE
-              raise ::RuntimeError, 'Failed to decode OutputHeader signature'
+              raise Rex::Proto::Rmi::DecodeError, 'Failed to decode OutputHeader signature'
             end
 
             signature
@@ -47,13 +47,13 @@ module Rex
           #
           # @param io [IO] the IO to read from
           # @return [Fixnum]
-          # @raise [RuntimeError] if fails to decode the protocol
+          # @raise [Rex::Proto::Rmi::DecodeError] if fails to decode the protocol
           def decode_protocol(io)
             valid_protocols = [STREAM_PROTOCOL, SINGLE_OP_PROTOCOL, MULTIPLEX_PROTOCOL]
             protocol = read_byte(io)
 
             unless valid_protocols.include?(protocol)
-              raise ::RuntimeError, 'Failed to decode OutputHeader protocol'
+              raise Rex::Proto::Rmi::DecodeError, 'Failed to decode OutputHeader protocol'
             end
 
             protocol

data/lib/rex/proto/rmi/model/ping.rb

@@ -18,11 +18,11 @@ module Rex
           #
           # @param io [IO] the IO to read from
           # @return [String]
-          # @raise [RuntimeError] if fails to decode stream id
+          # @raise [Rex::Proto::Rmi::DecodeError] if fails to decode stream id
           def decode_stream_id(io)
             stream_id = read_byte(io)
             unless stream_id == PING_MESSAGE
-              raise ::RuntimeError, 'Failed to decode Ping stream id'
+              raise Rex::Proto::Rmi::DecodeError, 'Failed to decode Ping stream id'
             end
 
             stream_id

data/lib/rex/proto/rmi/model/ping_ack.rb

@@ -18,11 +18,11 @@ module Rex
           #
           # @param io [IO] the IO to read from
           # @return [String]
-          # @raise [RuntimeError] if fails to decode stream id
+          # @raise [Rex::Proto::Rmi::DecodeError] if fails to decode stream id
           def decode_stream_id(io)
             stream_id = read_byte(io)
             unless stream_id == PING_ACK
-              raise ::RuntimeError, 'Failed to decode PingAck stream id'
+              raise Rex::Proto::Rmi::DecodeError, 'Failed to decode PingAck stream id'
             end
 
             stream_id

data/lib/rex/proto/rmi/model/protocol_ack.rb

@@ -26,11 +26,11 @@ module Rex
           #
           # @param io [IO] the IO to read from
           # @return [String]
-          # @raise [RuntimeError] if fails to decode stream id
+          # @raise [Rex::Proto::Rmi::DecodeError] if fails to decode stream id
           def decode_stream_id(io)
             stream_id = read_byte(io)
             unless stream_id == PROTOCOL_ACK
-              raise ::RuntimeError, 'Failed to decode ProtocolAck stream id'
+              raise Rex::Proto::Rmi::DecodeError, 'Failed to decode ProtocolAck stream id'
             end
 
             stream_id

data/lib/rex/proto/rmi/model/return_data.rb

@@ -11,7 +11,7 @@ module Rex
           #   @return [Fixnum] the stream id
           attr_accessor :stream_id
           # @!attribute return value
-          #   @return [Rex::Java::Serialization::Model::Stream] the serialized return data
+          #   @return [Rex::Proto::Rmi::Model::ReturnValue] the return value
           attr_accessor :return_value
 
           private
@@ -20,11 +20,11 @@ module Rex
           #
           # @param io [IO] the IO to read from
           # @return [String]
-          # @raise [RuntimeError] if fails to decode the stream id
+          # @raise [Rex::Proto::Rmi::DecodeError] if fails to decode the stream id
           def decode_stream_id(io)
             stream_id = read_byte(io)
             unless stream_id == RETURN_DATA
-              raise ::RuntimeError, 'Failed to decode ReturnData stream id'
+              raise Rex::Proto::Rmi::DecodeError, 'Failed to decode ReturnData stream id'
             end
 
             stream_id
@@ -33,9 +33,9 @@ module Rex
           # Reads and deserializes the return value from the IO
           #
           # @param io [IO] the IO to read from
-          # @return [Rex::Java::Serialization::Model::Stream]
+          # @return [Rex::Proto::Rmi::Model::ReturnValue]
           def decode_return_value(io)
-            return_value = Rex::Java::Serialization::Model::Stream.decode(io)
+            return_value = Rex::Proto::Rmi::Model::ReturnValue.decode(io)
 
             return_value
           end

data/lib/rex/proto/rmi/model/return_value.rb

@@ -0,0 +1,124 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Proto
+    module Rmi
+      module Model
+        # This class provides a representation of an RMI return value
+        class ReturnValue < Element
+
+          # @!attribute code
+          #   @return [Fixnum] the return code
+          attr_accessor :code
+          # @!attribute uid
+          #   @return [Rex::Proto::Rmi::Model::UniqueIdentifier] unique identifier of the returned value
+          attr_accessor :uid
+          # @!attribute value
+          #   @return [Array] the returned exception or value according to code
+          attr_accessor :value
+
+          # Encodes the Rex::Proto::Rmi::Model::ReturnValue into an String.
+          #
+          # @return [String]
+          def encode
+            stream = Rex::Java::Serialization::Model::Stream.new
+            block_data = Rex::Java::Serialization::Model::BlockData.new(nil, encode_code + encode_uid)
+
+            stream.contents << block_data
+            value.each do |v|
+              stream.contents << v
+            end
+
+            stream.encode
+          end
+
+          # Decodes the Rex::Proto::Rmi::Model::ReturnValue from the input.
+          #
+          # @param io [IO] the IO to read from
+          # @return [Rex::Proto::Rmi::Model::ReturnValue]
+          def decode(io)
+            stream = Rex::Java::Serialization::Model::Stream.decode(io)
+
+            block_data = stream.contents[0]
+            block_data_io = StringIO.new(block_data.contents, 'rb')
+
+            self.code = decode_code(block_data_io)
+            self.uid = decode_uid(block_data_io)
+            self.value = []
+
+            stream.contents[1..stream.contents.length - 1].each do |content|
+              self.value << content
+            end
+
+            self
+          end
+
+          # Answers if the ReturnValue is an exception
+          #
+          # @return [Boolean]
+          def is_exception?
+            code == RETURN_EXCEPTION
+          end
+
+          # The object/exception class of the returned value
+          #
+          # @return [String, NilClass] the returned value class, nil it cannot be retrieved
+          def get_class_name
+            unless value[0] && value[0].is_a?(Rex::Java::Serialization::Model::NewObject)
+              return nil
+            end
+
+            case value[0].class_desc.description
+            when Rex::Java::Serialization::Model::NewClassDesc
+              return value[0].class_desc.description.class_name.contents
+            when Rex::Java::Serialization::Model::ProxyClassDesc
+              return value[0].class_desc.description.interfaces[0].contents
+            else
+              return nil
+            end
+          end
+
+          private
+
+          # Reads the return code from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [String]
+          # @raise [Rex::Proto::Rmi::DecodeError] if fails to decode the return code
+          def decode_code(io)
+            code = read_byte(io)
+            unless code == RETURN_VALUE || code == RETURN_EXCEPTION
+              raise Rex::Proto::Rmi::DecodeError, 'Failed to decode the ReturnValue code'
+            end
+
+            code
+          end
+
+          # Reads and deserializes the uid from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [Rex::Proto::Rmi::Model::UniqueIdentifier]
+          def decode_uid(io)
+            uid = Rex::Proto::Rmi::Model::UniqueIdentifier.decode(io)
+
+            uid
+          end
+
+          # Encodes the code field
+          #
+          # @return [String]
+          def encode_code
+            [code].pack('c')
+          end
+
+          # Encodes the uid field
+          #
+          # @return [String]
+          def encode_uid
+            uid.encode
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rex/proto/rmi/model/unique_identifier.rb

@@ -0,0 +1,77 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Proto
+    module Rmi
+      module Model
+        # This class provides a representation of UniqueIdentifier as used in RMI calls
+        class UniqueIdentifier < Element
+
+          # @!attribute number
+          #   @return [Fixnum] Identifies the VM where an object is generated
+          attr_accessor :number
+          # @!attribute time
+          #   @return [Fixnum] Time where the object was generated
+          attr_accessor :time
+          # @!attribute count
+          #   @return [Fixnum] Identifies different instance of the same object generated from the same VM
+          #     at the same time
+          attr_accessor :count
+
+          private
+
+          # Reads the number from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [Fixnum]
+          def decode_number(io)
+            number = read_int(io)
+
+            number
+          end
+
+          # Reads the time from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [Fixnum]
+          def decode_time(io)
+            time = read_long(io)
+
+            time
+          end
+
+          # Reads the count from the IO
+          #
+          # @param io [IO] the IO to read from
+          # @return [Fixnum]
+          def decode_count(io)
+            count = read_short(io)
+
+            count
+          end
+
+          # Encodes the number field
+          #
+          # @return [String]
+          def encode_number
+            [number].pack('l>')
+          end
+
+          # Encodes the time field
+          #
+          # @return [String]
+          def encode_time
+            [time].pack('q>')
+          end
+
+          # Encodes the count field
+          #
+          # @return [String]
+          def encode_count
+            [count].pack('s>')
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rex/proto/steam.rb

@@ -0,0 +1,3 @@
+# -*- coding: binary -*-
+
+require 'rex/proto/steam/message'

data/lib/rex/proto/steam/message.rb

@@ -0,0 +1,125 @@
+# -*- coding: binary -*-
+
+module Rex
+module Proto
+##
+#
+# Steam protocol support, taken from https://developer.valvesoftware.com/wiki/Server_queries
+#
+##
+module Steam
+  # The Steam header ussed when the message is fragmented.
+  FRAGMENTED_HEADER = 0xFFFFFFFE
+  # The Steam header ussed when the message is not fragmented.
+  UNFRAGMENTED_HEADER = 0xFFFFFFFF
+
+  # Decodes a Steam response message.
+  #
+  # @param message [String] the message to decode
+  # @return [Array] the message type and body
+  def decode_message(message)
+    # minimum size is header (4) + type (1)
+    return if message.length < 5
+    header, type = message.unpack('NC')
+    # TODO: handle fragmented responses
+    return if header != UNFRAGMENTED_HEADER
+    [type, message[5, message.length]]
+  end
+
+  # Encodes a Steam message.
+  #
+  # @param type [String, Fixnum] the message type
+  # @param body [String] the message body
+  # @return [String] the encoded Steam message
+  def encode_message(type, body)
+    if type.is_a? Fixnum
+      type_num = type
+    elsif type.is_a? String
+      type_num = type.ord
+    else
+      fail ArgumentError, 'type must be a String or Fixnum'
+    end
+
+    [UNFRAGMENTED_HEADER, type_num ].pack('NC') + body
+  end
+
+  # Builds an A2S_INFO message
+  #
+  # @return [String] the A2S_INFO message
+  def a2s_info
+    encode_message('T', "Source Engine Query\x00")
+  end
+
+  # Decodes an A2S_INFO response message
+  #
+  # @parameter response [String] the A2S_INFO resposne to decode
+  # @return [Hash] the fields extracted from the response
+  def a2s_info_decode(response)
+    # abort if it is impossibly short
+    return nil if response.length < 19
+    message_type, body = decode_message(response)
+    # abort if it isn't a valid Steam response
+    return nil if message_type != 0x49 # 'I'
+    info = {}
+    info[:version], info[:name], info[:map], info[:folder], info[:game_name],
+      info[:game_id], players, players_max, info[:bots],
+      type, env, vis, vac, info[:game_version], _edf = body.unpack("CZ*Z*Z*Z*SCCCCCCCZ*C")
+
+    # translate type
+    case type
+    when 100 # d
+      server_type = 'Dedicated'
+    when 108 # l
+      server_type = 'Non-dedicated'
+    when 112 # p
+      server_type = 'SourceTV relay (proxy)'
+    else
+      server_type = "Unknown (#{type})"
+    end
+    info[:type] = server_type
+
+    # translate environment
+    case env
+    when 108 # l
+      server_env = 'Linux'
+    when 119 # w
+      server_env = 'Windows'
+    when 109 # m
+    when 111 # o
+      server_env = 'Mac'
+    else
+      server_env = "Unknown (#{env})"
+    end
+    info[:environment] = server_env
+
+    # translate visibility
+    case vis
+    when 0
+      server_vis = 'public'
+    when 1
+      server_vis = 'private'
+    else
+      server_vis = "Unknown (#{vis})"
+    end
+    info[:visibility] = server_vis
+
+    # translate VAC
+    case vac
+    when 0
+      server_vac = 'unsecured'
+    when 1
+      server_vac = 'secured'
+    else
+      server_vac = "Unknown (#{vac})"
+    end
+    info[:VAC] = server_vac
+
+    # format players/max
+    info[:players] = "#{players}/#{players_max}"
+
+    # TODO: parse EDF
+    info
+  end
+end
+end
+end