rex 2.0.8 → 2.0.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/rex.rb +1 -0
- data/lib/rex/arch.rb +5 -0
- data/lib/rex/arch/x86.rb +19 -5
- data/lib/rex/arch/zarch.rb +17 -0
- data/lib/rex/compat.rb +5 -4
- data/lib/rex/constants.rb +3 -1
- data/lib/rex/encoder/alpha2/alpha_mixed.rb +70 -9
- data/lib/rex/encoder/alpha2/alpha_upper.rb +67 -8
- data/lib/rex/exploitation/cmdstager.rb +1 -0
- data/lib/rex/exploitation/cmdstager/certutil.rb +115 -0
- data/lib/rex/exploitation/cmdstager/echo.rb +6 -3
- data/lib/rex/exploitation/egghunter.rb +1 -1
- data/lib/rex/google/geolocation.rb +68 -0
- data/lib/rex/io/bidirectional_pipe.rb +0 -4
- data/lib/rex/java/serialization.rb +2 -0
- data/lib/rex/java/serialization/decode_error.rb +11 -0
- data/lib/rex/java/serialization/encode_error.rb +11 -0
- data/lib/rex/java/serialization/model.rb +2 -0
- data/lib/rex/java/serialization/model/annotation.rb +3 -3
- data/lib/rex/java/serialization/model/block_data.rb +3 -3
- data/lib/rex/java/serialization/model/block_data_long.rb +3 -3
- data/lib/rex/java/serialization/model/class_desc.rb +6 -6
- data/lib/rex/java/serialization/model/contents.rb +17 -10
- data/lib/rex/java/serialization/model/field.rb +12 -11
- data/lib/rex/java/serialization/model/long_utf.rb +3 -3
- data/lib/rex/java/serialization/model/new_array.rb +22 -23
- data/lib/rex/java/serialization/model/new_class.rb +57 -0
- data/lib/rex/java/serialization/model/new_class_desc.rb +15 -16
- data/lib/rex/java/serialization/model/new_enum.rb +5 -5
- data/lib/rex/java/serialization/model/new_object.rb +22 -17
- data/lib/rex/java/serialization/model/proxy_class_desc.rb +109 -0
- data/lib/rex/java/serialization/model/reference.rb +4 -4
- data/lib/rex/java/serialization/model/stream.rb +7 -7
- data/lib/rex/java/serialization/model/utf.rb +3 -3
- data/lib/rex/json_hash_file.rb +94 -0
- data/lib/rex/logging/log_sink.rb +1 -0
- data/lib/rex/logging/sinks/timestamp_flatfile.rb +21 -0
- data/lib/rex/parser/appscan_nokogiri.rb +13 -23
- data/lib/rex/parser/fs/ntfs.rb +10 -5
- data/lib/rex/parser/nmap_nokogiri.rb +3 -1
- data/lib/rex/parser/openvas_nokogiri.rb +70 -73
- data/lib/rex/parser/winscp.rb +108 -0
- data/lib/rex/parser/x509_certificate.rb +92 -0
- data/lib/rex/payloads.rb +0 -1
- data/lib/rex/payloads/meterpreter/config.rb +154 -0
- data/lib/rex/payloads/meterpreter/uri_checksum.rb +136 -0
- data/lib/rex/post/meterpreter.rb +1 -1
- data/lib/rex/post/meterpreter/client.rb +26 -3
- data/lib/rex/post/meterpreter/client_core.rb +387 -75
- data/lib/rex/post/meterpreter/extensions/android/android.rb +127 -37
- data/lib/rex/post/meterpreter/extensions/android/tlv.rb +46 -25
- data/lib/rex/post/meterpreter/extensions/extapi/extapi.rb +4 -0
- data/lib/rex/post/meterpreter/extensions/extapi/ntds/ntds.rb +39 -0
- data/lib/rex/post/meterpreter/extensions/extapi/pageant/pageant.rb +44 -0
- data/lib/rex/post/meterpreter/extensions/extapi/tlv.rb +9 -0
- data/lib/rex/post/meterpreter/extensions/kiwi/kiwi.rb +16 -1
- data/lib/rex/post/meterpreter/extensions/priv/priv.rb +1 -1
- data/lib/rex/post/meterpreter/extensions/python/python.rb +114 -0
- data/lib/rex/post/meterpreter/extensions/python/tlv.rb +21 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +17 -14
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +33 -12
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/mount.rb +57 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +3 -3
- data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +3 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +2 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +16 -3
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +29 -6
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +5 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +18 -6
- data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +2 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +34 -36
- data/lib/rex/post/meterpreter/packet.rb +29 -0
- data/lib/rex/post/meterpreter/packet_dispatcher.rb +20 -7
- data/lib/rex/post/meterpreter/ui/console.rb +1 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/android.rb +230 -72
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +544 -34
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/adsi.rb +188 -57
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/kiwi.rb +115 -93
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks/dhcp.rb +1 -1
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/mimikatz.rb +1 -1
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +49 -15
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +11 -2
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/python.rb +187 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +324 -133
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +52 -2
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +68 -65
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +9 -1
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +113 -118
- data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +3 -0
- data/lib/rex/powershell.rb +62 -0
- data/lib/rex/powershell/command.rb +359 -0
- data/lib/rex/{exploitation/powershell → powershell}/function.rb +0 -2
- data/lib/rex/{exploitation/powershell → powershell}/obfu.rb +0 -2
- data/lib/rex/{exploitation/powershell → powershell}/output.rb +11 -5
- data/lib/rex/{exploitation/powershell → powershell}/param.rb +0 -2
- data/lib/rex/powershell/parser.rb +182 -0
- data/lib/rex/powershell/payload.rb +78 -0
- data/lib/rex/{exploitation/powershell → powershell}/psh_methods.rb +16 -2
- data/lib/rex/{exploitation/powershell → powershell}/script.rb +2 -4
- data/lib/rex/proto/dcerpc/client.rb +6 -6
- data/lib/rex/proto/dcerpc/exceptions.rb +26 -0
- data/lib/rex/proto/http/client.rb +3 -3
- data/lib/rex/proto/http/client_request.rb +0 -5
- data/lib/rex/proto/http/response.rb +86 -0
- data/lib/rex/proto/ipmi/utils.rb +30 -26
- data/lib/rex/proto/kerberos/client.rb +1 -1
- data/lib/rex/proto/kerberos/model/kdc_request.rb +2 -2
- data/lib/rex/proto/rfb/client.rb +8 -3
- data/lib/rex/proto/rfb/constants.rb +1 -1
- data/lib/rex/proto/rmi.rb +2 -0
- data/lib/rex/proto/rmi/decode_error.rb +10 -0
- data/lib/rex/proto/rmi/exception.rb +10 -0
- data/lib/rex/proto/rmi/model.rb +5 -0
- data/lib/rex/proto/rmi/model/call.rb +4 -4
- data/lib/rex/proto/rmi/model/call_data.rb +137 -0
- data/lib/rex/proto/rmi/model/dgc_ack.rb +2 -2
- data/lib/rex/proto/rmi/model/element.rb +26 -11
- data/lib/rex/proto/rmi/model/output_header.rb +4 -4
- data/lib/rex/proto/rmi/model/ping.rb +2 -2
- data/lib/rex/proto/rmi/model/ping_ack.rb +2 -2
- data/lib/rex/proto/rmi/model/protocol_ack.rb +2 -2
- data/lib/rex/proto/rmi/model/return_data.rb +5 -5
- data/lib/rex/proto/rmi/model/return_value.rb +124 -0
- data/lib/rex/proto/rmi/model/unique_identifier.rb +77 -0
- data/lib/rex/proto/steam.rb +3 -0
- data/lib/rex/proto/steam/message.rb +125 -0
- data/lib/rex/proto/tftp/client.rb +35 -14
- data/lib/rex/random_identifier_generator.rb +2 -0
- data/lib/rex/ropbuilder.rb +1 -1
- data/lib/rex/socket/parameters.rb +9 -0
- data/lib/rex/socket/ssl_tcp.rb +25 -41
- data/lib/rex/socket/ssl_tcp_server.rb +10 -21
- data/lib/rex/sslscan/result.rb +20 -1
- data/lib/rex/text.rb +241 -55
- data/lib/rex/ui/output.rb +0 -3
- data/lib/rex/ui/subscriber.rb +0 -10
- data/lib/rex/ui/text/color.rb +9 -0
- data/lib/rex/ui/text/dispatcher_shell.rb +1 -0
- data/lib/rex/ui/text/output.rb +15 -4
- data/lib/rex/ui/text/output/file.rb +1 -0
- data/lib/rex/ui/text/output/stdio.rb +0 -16
- data/lib/rex/ui/text/shell.rb +3 -0
- data/lib/rex/ui/text/table.rb +85 -19
- data/lib/rex/user_agent.rb +118 -0
- data/rex.gemspec +2 -2
- metadata +41 -14
- data/lib/rex/exploitation/powershell.rb +0 -62
- data/lib/rex/exploitation/powershell/parser.rb +0 -183
- data/lib/rex/payloads/meterpreter.rb +0 -2
- data/lib/rex/payloads/meterpreter/patch.rb +0 -136
|
@@ -27,9 +27,12 @@ class CmdStagerEcho < CmdStagerBase
|
|
|
27
27
|
#
|
|
28
28
|
def generate(opts = {})
|
|
29
29
|
opts[:temp] = opts[:temp] || '/tmp/'
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
30
|
+
|
|
31
|
+
unless opts[:temp].empty?
|
|
32
|
+
opts[:temp].gsub!(/\\/, '/')
|
|
33
|
+
opts[:temp] = opts[:temp].shellescape
|
|
34
|
+
opts[:temp] << '/' if opts[:temp][-1,1] != '/'
|
|
35
|
+
end
|
|
33
36
|
|
|
34
37
|
# by default use the 'hex' encoding
|
|
35
38
|
opts[:enc_format] = opts[:enc_format] || 'hex'
|
|
@@ -46,7 +46,7 @@ class Egghunter
|
|
|
46
46
|
startreg = opts[:startreg]
|
|
47
47
|
searchforward = opts[:searchforward]
|
|
48
48
|
|
|
49
|
-
raise RuntimeError, "Invalid egg string! Need
|
|
49
|
+
raise RuntimeError, "Invalid egg string! Need 4 bytes." if opts[:eggtag].length != 4
|
|
50
50
|
marker = "0x%x" % opts[:eggtag].unpack('V').first
|
|
51
51
|
|
|
52
52
|
checksum = checksum_stub(payload, badchars, opts)
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
|
|
3
|
+
require 'net/http'
|
|
4
|
+
require 'json'
|
|
5
|
+
|
|
6
|
+
module Rex
|
|
7
|
+
module Google
|
|
8
|
+
# @example
|
|
9
|
+
# g = Rex::Google::Geolocation.new
|
|
10
|
+
# g.add_wlan("00:11:22:33:44:55", "example", -80)
|
|
11
|
+
# g.fetch!
|
|
12
|
+
# puts g, g.google_maps_url
|
|
13
|
+
class Geolocation
|
|
14
|
+
GOOGLE_API_URI = "https://maps.googleapis.com/maps/api/browserlocation/json?browser=firefox&sensor=true&"
|
|
15
|
+
|
|
16
|
+
attr_accessor :accuracy
|
|
17
|
+
attr_accessor :latitude
|
|
18
|
+
attr_accessor :longitude
|
|
19
|
+
|
|
20
|
+
def initialize
|
|
21
|
+
@uri = URI.parse(URI.encode(GOOGLE_API_URI))
|
|
22
|
+
@wlan_list = []
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
# Ask Google's Maps API for the location of a given set of BSSIDs (MAC
|
|
26
|
+
# addresses of access points), ESSIDs (AP names), and signal strengths.
|
|
27
|
+
def fetch!
|
|
28
|
+
@uri.query << @wlan_list.take(10).join("&wifi=")
|
|
29
|
+
request = Net::HTTP::Get.new(@uri.request_uri)
|
|
30
|
+
http = Net::HTTP.new(@uri.host, @uri.port)
|
|
31
|
+
http.use_ssl = true
|
|
32
|
+
response = http.request(request)
|
|
33
|
+
|
|
34
|
+
if response && response.code == '200'
|
|
35
|
+
results = JSON.parse(response.body)
|
|
36
|
+
self.latitude = results["location"]["lat"]
|
|
37
|
+
self.longitude = results["location"]["lng"]
|
|
38
|
+
self.accuracy = results["accuracy"]
|
|
39
|
+
else
|
|
40
|
+
msg = "Failure connecting to Google for location lookup."
|
|
41
|
+
msg += " Code #{response.code} for query #{@uri}" if response
|
|
42
|
+
fail msg
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
# Add an AP to the list to send to Google when {#fetch!} is called.
|
|
47
|
+
#
|
|
48
|
+
# Turns out Google's API doesn't really care about ESSID or signal strength
|
|
49
|
+
# as long as you have BSSIDs. Presumably adding them will make it more
|
|
50
|
+
# accurate? Who knows.
|
|
51
|
+
#
|
|
52
|
+
# @param mac [String] in the form "00:11:22:33:44:55"
|
|
53
|
+
# @param ssid [String] ESSID associated with the mac
|
|
54
|
+
# @param signal_strength [String] a thing like
|
|
55
|
+
def add_wlan(mac, ssid = nil, signal_strength = nil)
|
|
56
|
+
@wlan_list.push(URI.encode("mac:#{mac.upcase}|ssid:#{ssid}|ss=#{signal_strength.to_i}"))
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def google_maps_url
|
|
60
|
+
"https://maps.google.com/?q=#{latitude},#{longitude}"
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
def to_s
|
|
64
|
+
"Google indicates the device is within #{accuracy} meters of #{latitude},#{longitude}."
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
end
|
|
@@ -15,9 +15,11 @@ module Rex
|
|
|
15
15
|
autoload :Field, 'rex/java/serialization/model/field'
|
|
16
16
|
autoload :LongUtf, 'rex/java/serialization/model/long_utf'
|
|
17
17
|
autoload :NewArray, 'rex/java/serialization/model/new_array'
|
|
18
|
+
autoload :ProxyClassDesc, 'rex/java/serialization/model/proxy_class_desc'
|
|
18
19
|
autoload :NewClassDesc, 'rex/java/serialization/model/new_class_desc'
|
|
19
20
|
autoload :NewEnum, 'rex/java/serialization/model/new_enum'
|
|
20
21
|
autoload :NewObject, 'rex/java/serialization/model/new_object'
|
|
22
|
+
autoload :NewClass, 'rex/java/serialization/model/new_class'
|
|
21
23
|
autoload :NullReference, 'rex/java/serialization/model/null_reference'
|
|
22
24
|
autoload :Reference, 'rex/java/serialization/model/reference'
|
|
23
25
|
autoload :Reset, 'rex/java/serialization/model/reset'
|
|
@@ -24,7 +24,7 @@ module Rex
|
|
|
24
24
|
#
|
|
25
25
|
# @param io [IO] the io to read from
|
|
26
26
|
# @return [self] if deserialization succeeds
|
|
27
|
-
# @raise [
|
|
27
|
+
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
|
|
28
28
|
def decode(io)
|
|
29
29
|
loop do
|
|
30
30
|
content = decode_content(io, stream)
|
|
@@ -38,9 +38,9 @@ module Rex
|
|
|
38
38
|
# Serializes the Rex::Java::Serialization::Model::Annotation
|
|
39
39
|
#
|
|
40
40
|
# @return [String] if serialization suceeds
|
|
41
|
-
# @raise [
|
|
41
|
+
# @raise [Rex::Java::Serialization::EncodeError] if serialization doesn't succeed
|
|
42
42
|
def encode
|
|
43
|
-
raise ::
|
|
43
|
+
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize Annotation with empty contents' if contents.empty?
|
|
44
44
|
|
|
45
45
|
encoded = ''
|
|
46
46
|
|
|
@@ -26,10 +26,10 @@ module Rex
|
|
|
26
26
|
#
|
|
27
27
|
# @param io [IO] the io to read from
|
|
28
28
|
# @return [self] if deserialization succeeds
|
|
29
|
-
# @raise [
|
|
29
|
+
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
|
|
30
30
|
def decode(io)
|
|
31
31
|
raw_length = io.read(1)
|
|
32
|
-
raise
|
|
32
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize BlockData' if raw_length.nil?
|
|
33
33
|
self.length = raw_length.unpack('C')[0]
|
|
34
34
|
|
|
35
35
|
if length == 0
|
|
@@ -37,7 +37,7 @@ module Rex
|
|
|
37
37
|
else
|
|
38
38
|
self.contents = io.read(length)
|
|
39
39
|
if contents.nil? || contents.length != length
|
|
40
|
-
raise
|
|
40
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize BlockData'
|
|
41
41
|
end
|
|
42
42
|
end
|
|
43
43
|
|
|
@@ -26,11 +26,11 @@ module Rex
|
|
|
26
26
|
#
|
|
27
27
|
# @param io [IO] the io to read from
|
|
28
28
|
# @return [self] if deserialization succeeds
|
|
29
|
-
# @raise [
|
|
29
|
+
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
|
|
30
30
|
def decode(io)
|
|
31
31
|
raw_length = io.read(4)
|
|
32
32
|
if raw_length.nil? || raw_length.length != 4
|
|
33
|
-
raise ::
|
|
33
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize BlockDataLong'
|
|
34
34
|
end
|
|
35
35
|
self.length = raw_length.unpack('N')[0]
|
|
36
36
|
|
|
@@ -39,7 +39,7 @@ module Rex
|
|
|
39
39
|
else
|
|
40
40
|
self.contents = io.read(length)
|
|
41
41
|
if contents.nil? || contents.length != length
|
|
42
|
-
raise ::
|
|
42
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize BlockData'
|
|
43
43
|
end
|
|
44
44
|
end
|
|
45
45
|
|
|
@@ -21,13 +21,13 @@ module Rex
|
|
|
21
21
|
#
|
|
22
22
|
# @param io [IO] the io to read from
|
|
23
23
|
# @return [self] if deserialization succeeds
|
|
24
|
-
# @raise [
|
|
24
|
+
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
|
|
25
25
|
def decode(io)
|
|
26
26
|
content = decode_content(io, stream)
|
|
27
|
-
allowed_contents = [NullReference, NewClassDesc, Reference]
|
|
27
|
+
allowed_contents = [NullReference, NewClassDesc, Reference, ProxyClassDesc]
|
|
28
28
|
|
|
29
29
|
unless allowed_contents.include?(content.class)
|
|
30
|
-
raise ::
|
|
30
|
+
raise Rex::Java::Serialization::DecodeError, 'ClassDesc unserialize failed'
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
self.description = content
|
|
@@ -37,13 +37,13 @@ module Rex
|
|
|
37
37
|
# Serializes the Rex::Java::Serialization::Model::ClassDesc
|
|
38
38
|
#
|
|
39
39
|
# @return [String] if serialization succeeds
|
|
40
|
-
# @raise [
|
|
40
|
+
# @raise [Rex::Java::Serialization::EncodeError] if serialization doesn't succeed
|
|
41
41
|
def encode
|
|
42
42
|
encoded = ''
|
|
43
|
-
allowed_contents = [NullReference, NewClassDesc, Reference]
|
|
43
|
+
allowed_contents = [NullReference, NewClassDesc, Reference, ProxyClassDesc]
|
|
44
44
|
|
|
45
45
|
unless allowed_contents.include?(description.class)
|
|
46
|
-
raise ::
|
|
46
|
+
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize ClassDesc'
|
|
47
47
|
end
|
|
48
48
|
|
|
49
49
|
encoded << encode_content(description)
|
|
@@ -11,10 +11,10 @@ module Rex
|
|
|
11
11
|
#
|
|
12
12
|
# @param io [IO] the io to read from
|
|
13
13
|
# @return [Rex::Java::Serialization::Model::Element] if deserialization succeeds
|
|
14
|
-
# @raise [
|
|
14
|
+
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed or unsupported content
|
|
15
15
|
def decode_content(io, stream)
|
|
16
16
|
opcode = io.read(1)
|
|
17
|
-
raise ::
|
|
17
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize content' if opcode.nil?
|
|
18
18
|
opcode = opcode.unpack('C')[0]
|
|
19
19
|
content = nil
|
|
20
20
|
|
|
@@ -28,7 +28,7 @@ module Rex
|
|
|
28
28
|
when TC_OBJECT
|
|
29
29
|
content = NewObject.decode(io, stream)
|
|
30
30
|
when TC_CLASS
|
|
31
|
-
content =
|
|
31
|
+
content = NewClass.decode(io, stream)
|
|
32
32
|
when TC_ARRAY
|
|
33
33
|
content = NewArray.decode(io, stream)
|
|
34
34
|
when TC_STRING
|
|
@@ -42,17 +42,17 @@ module Rex
|
|
|
42
42
|
when TC_CLASSDESC
|
|
43
43
|
content = NewClassDesc.decode(io, stream)
|
|
44
44
|
when TC_PROXYCLASSDESC
|
|
45
|
-
|
|
45
|
+
content = ProxyClassDesc.decode(io, stream)
|
|
46
46
|
when TC_REFERENCE
|
|
47
47
|
content = Reference.decode(io, stream)
|
|
48
48
|
when TC_NULL
|
|
49
49
|
content = NullReference.decode(io, stream)
|
|
50
50
|
when TC_EXCEPTION
|
|
51
|
-
raise ::
|
|
51
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize unsupported TC_EXCEPTION content'
|
|
52
52
|
when TC_RESET
|
|
53
53
|
content = Reset.decode(io, stream)
|
|
54
54
|
else
|
|
55
|
-
raise ::
|
|
55
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize content'
|
|
56
56
|
end
|
|
57
57
|
|
|
58
58
|
content
|
|
@@ -62,7 +62,7 @@ module Rex
|
|
|
62
62
|
#
|
|
63
63
|
# @param content [Rex::Java::Serialization::Model::Element] the content to serialize
|
|
64
64
|
# @return [String] if serialization succeeds
|
|
65
|
-
# @raise [
|
|
65
|
+
# @raise [Rex::Java::Serialization::EncodeError] if serialization doesn't succeed
|
|
66
66
|
def encode_content(content)
|
|
67
67
|
encoded = ''
|
|
68
68
|
|
|
@@ -75,7 +75,7 @@ module Rex
|
|
|
75
75
|
encoded << [TC_ENDBLOCKDATA].pack('C')
|
|
76
76
|
when NewObject
|
|
77
77
|
encoded << [TC_OBJECT].pack('C')
|
|
78
|
-
when
|
|
78
|
+
when NewClass
|
|
79
79
|
encoded << [TC_CLASS].pack('C')
|
|
80
80
|
when NewArray
|
|
81
81
|
encoded << [TC_ARRAY].pack('C')
|
|
@@ -87,6 +87,8 @@ module Rex
|
|
|
87
87
|
encoded << [TC_ENUM].pack('C')
|
|
88
88
|
when NewClassDesc
|
|
89
89
|
encoded << [TC_CLASSDESC].pack('C')
|
|
90
|
+
when ProxyClassDesc
|
|
91
|
+
content = [TC_PROXYCLASSDESC].pack('C')
|
|
90
92
|
when NullReference
|
|
91
93
|
encoded << [TC_NULL].pack('C')
|
|
92
94
|
when Reset
|
|
@@ -94,7 +96,7 @@ module Rex
|
|
|
94
96
|
when Reference
|
|
95
97
|
encoded << [TC_REFERENCE].pack('C')
|
|
96
98
|
else
|
|
97
|
-
raise ::
|
|
99
|
+
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize content'
|
|
98
100
|
end
|
|
99
101
|
|
|
100
102
|
encoded << content.encode
|
|
@@ -105,6 +107,7 @@ module Rex
|
|
|
105
107
|
#
|
|
106
108
|
# @param content [Rex::Java::Serialization::Model::Element] the content to print
|
|
107
109
|
# @return [String]
|
|
110
|
+
# @raise [Rex::Java::Serialization::EncodeError] if the content is unknown
|
|
108
111
|
def print_content(content)
|
|
109
112
|
str = ''
|
|
110
113
|
|
|
@@ -119,6 +122,8 @@ module Rex
|
|
|
119
122
|
str << "#{print_class(content)} { #{content.to_s} }"
|
|
120
123
|
when ClassDesc
|
|
121
124
|
str << "#{print_class(content)} { #{content.to_s} }"
|
|
125
|
+
when NewClass
|
|
126
|
+
str << "#{print_class(content)} { #{content.to_s} }"
|
|
122
127
|
when NewArray
|
|
123
128
|
str << "#{print_class(content)} { #{content.to_s} }"
|
|
124
129
|
when Utf
|
|
@@ -129,6 +134,8 @@ module Rex
|
|
|
129
134
|
str << "#{print_class(content)} { #{content.to_s} }"
|
|
130
135
|
when NewClassDesc
|
|
131
136
|
str << "#{print_class(content)} { #{content.to_s} }"
|
|
137
|
+
when ProxyClassDesc
|
|
138
|
+
str << "#{print_class(content)} { #{content.to_s} }"
|
|
132
139
|
when NullReference
|
|
133
140
|
str << "#{print_class(content)}"
|
|
134
141
|
when Reset
|
|
@@ -136,7 +143,7 @@ module Rex
|
|
|
136
143
|
when Reference
|
|
137
144
|
str << "#{print_class(content)} { #{content.to_s} }"
|
|
138
145
|
else
|
|
139
|
-
raise ::
|
|
146
|
+
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize content'
|
|
140
147
|
end
|
|
141
148
|
|
|
142
149
|
str
|
|
@@ -11,13 +11,13 @@ module Rex
|
|
|
11
11
|
include Rex::Java::Serialization::Model::Contents
|
|
12
12
|
|
|
13
13
|
# @!attribute type
|
|
14
|
-
#
|
|
14
|
+
# @return [String] The type of the field.
|
|
15
15
|
attr_accessor :type
|
|
16
16
|
# @!attribute name
|
|
17
|
-
#
|
|
17
|
+
# @return [Rex::Java::Serialization::Model::Utf] The name of the field.
|
|
18
18
|
attr_accessor :name
|
|
19
19
|
# @!attribute field_type
|
|
20
|
-
#
|
|
20
|
+
# @return [Rex::Java::Serialization::Model::Utf] The type of the field on object types.
|
|
21
21
|
attr_accessor :field_type
|
|
22
22
|
|
|
23
23
|
# @param stream [Rex::Java::Serialization::Model::Stream] the stream where it belongs to
|
|
@@ -32,12 +32,12 @@ module Rex
|
|
|
32
32
|
#
|
|
33
33
|
# @param io [IO] the io to read from
|
|
34
34
|
# @return [self] if deserialization succeeds
|
|
35
|
-
# @
|
|
35
|
+
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
|
|
36
36
|
def decode(io)
|
|
37
37
|
code = io.read(1)
|
|
38
38
|
|
|
39
39
|
unless code && is_valid?(code)
|
|
40
|
-
raise ::
|
|
40
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize Field'
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
self.type = TYPE_CODES[code]
|
|
@@ -53,14 +53,14 @@ module Rex
|
|
|
53
53
|
# Serializes the Rex::Java::Serialization::Model::Field
|
|
54
54
|
#
|
|
55
55
|
# @return [String] if serialization succeeds
|
|
56
|
-
# @raise [
|
|
56
|
+
# @raise [Rex::Java::Serialization::EncodeError] if serialization doesn't succeed
|
|
57
57
|
def encode
|
|
58
58
|
unless name.kind_of?(Rex::Java::Serialization::Model::Utf)
|
|
59
|
-
raise ::
|
|
59
|
+
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize Field'
|
|
60
60
|
end
|
|
61
61
|
|
|
62
62
|
unless is_type_valid?
|
|
63
|
-
raise ::
|
|
63
|
+
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize Field'
|
|
64
64
|
end
|
|
65
65
|
|
|
66
66
|
encoded = ''
|
|
@@ -138,11 +138,12 @@ module Rex
|
|
|
138
138
|
# Serializes the `field_type` attribute.
|
|
139
139
|
#
|
|
140
140
|
# @return [String]
|
|
141
|
+
# @raise [Rex::Java::Serialization::EncodeError] if serialization fails
|
|
141
142
|
def encode_field_type
|
|
142
143
|
allowed_contents = [Utf, Reference]
|
|
143
144
|
|
|
144
145
|
unless allowed_contents.include?(field_type.class)
|
|
145
|
-
raise ::
|
|
146
|
+
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize Field'
|
|
146
147
|
end
|
|
147
148
|
|
|
148
149
|
encoded = encode_content(field_type)
|
|
@@ -154,13 +155,13 @@ module Rex
|
|
|
154
155
|
#
|
|
155
156
|
# @param io [IO] the io to read from
|
|
156
157
|
# @return [Java::Serialization::Model::Utf]
|
|
157
|
-
# @raise [
|
|
158
|
+
# @raise [Rex::Java::Serialization::DecodeError] if unserialization doesn't succeed
|
|
158
159
|
def decode_field_type(io)
|
|
159
160
|
allowed_contents = [Utf, Reference]
|
|
160
161
|
type = decode_content(io, stream)
|
|
161
162
|
|
|
162
163
|
unless allowed_contents.include?(type.class)
|
|
163
|
-
raise ::
|
|
164
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize Field field_type'
|
|
164
165
|
end
|
|
165
166
|
|
|
166
167
|
type
|