rex 2.0.8 → 2.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/rex.rb +1 -0
- data/lib/rex/arch.rb +5 -0
- data/lib/rex/arch/x86.rb +19 -5
- data/lib/rex/arch/zarch.rb +17 -0
- data/lib/rex/compat.rb +5 -4
- data/lib/rex/constants.rb +3 -1
- data/lib/rex/encoder/alpha2/alpha_mixed.rb +70 -9
- data/lib/rex/encoder/alpha2/alpha_upper.rb +67 -8
- data/lib/rex/exploitation/cmdstager.rb +1 -0
- data/lib/rex/exploitation/cmdstager/certutil.rb +115 -0
- data/lib/rex/exploitation/cmdstager/echo.rb +6 -3
- data/lib/rex/exploitation/egghunter.rb +1 -1
- data/lib/rex/google/geolocation.rb +68 -0
- data/lib/rex/io/bidirectional_pipe.rb +0 -4
- data/lib/rex/java/serialization.rb +2 -0
- data/lib/rex/java/serialization/decode_error.rb +11 -0
- data/lib/rex/java/serialization/encode_error.rb +11 -0
- data/lib/rex/java/serialization/model.rb +2 -0
- data/lib/rex/java/serialization/model/annotation.rb +3 -3
- data/lib/rex/java/serialization/model/block_data.rb +3 -3
- data/lib/rex/java/serialization/model/block_data_long.rb +3 -3
- data/lib/rex/java/serialization/model/class_desc.rb +6 -6
- data/lib/rex/java/serialization/model/contents.rb +17 -10
- data/lib/rex/java/serialization/model/field.rb +12 -11
- data/lib/rex/java/serialization/model/long_utf.rb +3 -3
- data/lib/rex/java/serialization/model/new_array.rb +22 -23
- data/lib/rex/java/serialization/model/new_class.rb +57 -0
- data/lib/rex/java/serialization/model/new_class_desc.rb +15 -16
- data/lib/rex/java/serialization/model/new_enum.rb +5 -5
- data/lib/rex/java/serialization/model/new_object.rb +22 -17
- data/lib/rex/java/serialization/model/proxy_class_desc.rb +109 -0
- data/lib/rex/java/serialization/model/reference.rb +4 -4
- data/lib/rex/java/serialization/model/stream.rb +7 -7
- data/lib/rex/java/serialization/model/utf.rb +3 -3
- data/lib/rex/json_hash_file.rb +94 -0
- data/lib/rex/logging/log_sink.rb +1 -0
- data/lib/rex/logging/sinks/timestamp_flatfile.rb +21 -0
- data/lib/rex/parser/appscan_nokogiri.rb +13 -23
- data/lib/rex/parser/fs/ntfs.rb +10 -5
- data/lib/rex/parser/nmap_nokogiri.rb +3 -1
- data/lib/rex/parser/openvas_nokogiri.rb +70 -73
- data/lib/rex/parser/winscp.rb +108 -0
- data/lib/rex/parser/x509_certificate.rb +92 -0
- data/lib/rex/payloads.rb +0 -1
- data/lib/rex/payloads/meterpreter/config.rb +154 -0
- data/lib/rex/payloads/meterpreter/uri_checksum.rb +136 -0
- data/lib/rex/post/meterpreter.rb +1 -1
- data/lib/rex/post/meterpreter/client.rb +26 -3
- data/lib/rex/post/meterpreter/client_core.rb +387 -75
- data/lib/rex/post/meterpreter/extensions/android/android.rb +127 -37
- data/lib/rex/post/meterpreter/extensions/android/tlv.rb +46 -25
- data/lib/rex/post/meterpreter/extensions/extapi/extapi.rb +4 -0
- data/lib/rex/post/meterpreter/extensions/extapi/ntds/ntds.rb +39 -0
- data/lib/rex/post/meterpreter/extensions/extapi/pageant/pageant.rb +44 -0
- data/lib/rex/post/meterpreter/extensions/extapi/tlv.rb +9 -0
- data/lib/rex/post/meterpreter/extensions/kiwi/kiwi.rb +16 -1
- data/lib/rex/post/meterpreter/extensions/priv/priv.rb +1 -1
- data/lib/rex/post/meterpreter/extensions/python/python.rb +114 -0
- data/lib/rex/post/meterpreter/extensions/python/tlv.rb +21 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +17 -14
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +33 -12
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/mount.rb +57 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +3 -3
- data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +3 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +2 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +16 -3
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +29 -6
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +5 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +18 -6
- data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +2 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +34 -36
- data/lib/rex/post/meterpreter/packet.rb +29 -0
- data/lib/rex/post/meterpreter/packet_dispatcher.rb +20 -7
- data/lib/rex/post/meterpreter/ui/console.rb +1 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/android.rb +230 -72
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +544 -34
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/adsi.rb +188 -57
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/kiwi.rb +115 -93
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks/dhcp.rb +1 -1
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/mimikatz.rb +1 -1
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +49 -15
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +11 -2
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/python.rb +187 -0
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +324 -133
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +52 -2
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +68 -65
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +9 -1
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +113 -118
- data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +3 -0
- data/lib/rex/powershell.rb +62 -0
- data/lib/rex/powershell/command.rb +359 -0
- data/lib/rex/{exploitation/powershell → powershell}/function.rb +0 -2
- data/lib/rex/{exploitation/powershell → powershell}/obfu.rb +0 -2
- data/lib/rex/{exploitation/powershell → powershell}/output.rb +11 -5
- data/lib/rex/{exploitation/powershell → powershell}/param.rb +0 -2
- data/lib/rex/powershell/parser.rb +182 -0
- data/lib/rex/powershell/payload.rb +78 -0
- data/lib/rex/{exploitation/powershell → powershell}/psh_methods.rb +16 -2
- data/lib/rex/{exploitation/powershell → powershell}/script.rb +2 -4
- data/lib/rex/proto/dcerpc/client.rb +6 -6
- data/lib/rex/proto/dcerpc/exceptions.rb +26 -0
- data/lib/rex/proto/http/client.rb +3 -3
- data/lib/rex/proto/http/client_request.rb +0 -5
- data/lib/rex/proto/http/response.rb +86 -0
- data/lib/rex/proto/ipmi/utils.rb +30 -26
- data/lib/rex/proto/kerberos/client.rb +1 -1
- data/lib/rex/proto/kerberos/model/kdc_request.rb +2 -2
- data/lib/rex/proto/rfb/client.rb +8 -3
- data/lib/rex/proto/rfb/constants.rb +1 -1
- data/lib/rex/proto/rmi.rb +2 -0
- data/lib/rex/proto/rmi/decode_error.rb +10 -0
- data/lib/rex/proto/rmi/exception.rb +10 -0
- data/lib/rex/proto/rmi/model.rb +5 -0
- data/lib/rex/proto/rmi/model/call.rb +4 -4
- data/lib/rex/proto/rmi/model/call_data.rb +137 -0
- data/lib/rex/proto/rmi/model/dgc_ack.rb +2 -2
- data/lib/rex/proto/rmi/model/element.rb +26 -11
- data/lib/rex/proto/rmi/model/output_header.rb +4 -4
- data/lib/rex/proto/rmi/model/ping.rb +2 -2
- data/lib/rex/proto/rmi/model/ping_ack.rb +2 -2
- data/lib/rex/proto/rmi/model/protocol_ack.rb +2 -2
- data/lib/rex/proto/rmi/model/return_data.rb +5 -5
- data/lib/rex/proto/rmi/model/return_value.rb +124 -0
- data/lib/rex/proto/rmi/model/unique_identifier.rb +77 -0
- data/lib/rex/proto/steam.rb +3 -0
- data/lib/rex/proto/steam/message.rb +125 -0
- data/lib/rex/proto/tftp/client.rb +35 -14
- data/lib/rex/random_identifier_generator.rb +2 -0
- data/lib/rex/ropbuilder.rb +1 -1
- data/lib/rex/socket/parameters.rb +9 -0
- data/lib/rex/socket/ssl_tcp.rb +25 -41
- data/lib/rex/socket/ssl_tcp_server.rb +10 -21
- data/lib/rex/sslscan/result.rb +20 -1
- data/lib/rex/text.rb +241 -55
- data/lib/rex/ui/output.rb +0 -3
- data/lib/rex/ui/subscriber.rb +0 -10
- data/lib/rex/ui/text/color.rb +9 -0
- data/lib/rex/ui/text/dispatcher_shell.rb +1 -0
- data/lib/rex/ui/text/output.rb +15 -4
- data/lib/rex/ui/text/output/file.rb +1 -0
- data/lib/rex/ui/text/output/stdio.rb +0 -16
- data/lib/rex/ui/text/shell.rb +3 -0
- data/lib/rex/ui/text/table.rb +85 -19
- data/lib/rex/user_agent.rb +118 -0
- data/rex.gemspec +2 -2
- metadata +41 -14
- data/lib/rex/exploitation/powershell.rb +0 -62
- data/lib/rex/exploitation/powershell/parser.rb +0 -183
- data/lib/rex/payloads/meterpreter.rb +0 -2
- data/lib/rex/payloads/meterpreter/patch.rb +0 -136
|
@@ -27,9 +27,12 @@ class CmdStagerEcho < CmdStagerBase
|
|
|
27
27
|
#
|
|
28
28
|
def generate(opts = {})
|
|
29
29
|
opts[:temp] = opts[:temp] || '/tmp/'
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
30
|
+
|
|
31
|
+
unless opts[:temp].empty?
|
|
32
|
+
opts[:temp].gsub!(/\\/, '/')
|
|
33
|
+
opts[:temp] = opts[:temp].shellescape
|
|
34
|
+
opts[:temp] << '/' if opts[:temp][-1,1] != '/'
|
|
35
|
+
end
|
|
33
36
|
|
|
34
37
|
# by default use the 'hex' encoding
|
|
35
38
|
opts[:enc_format] = opts[:enc_format] || 'hex'
|
|
@@ -46,7 +46,7 @@ class Egghunter
|
|
|
46
46
|
startreg = opts[:startreg]
|
|
47
47
|
searchforward = opts[:searchforward]
|
|
48
48
|
|
|
49
|
-
raise RuntimeError, "Invalid egg string! Need
|
|
49
|
+
raise RuntimeError, "Invalid egg string! Need 4 bytes." if opts[:eggtag].length != 4
|
|
50
50
|
marker = "0x%x" % opts[:eggtag].unpack('V').first
|
|
51
51
|
|
|
52
52
|
checksum = checksum_stub(payload, badchars, opts)
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
|
|
3
|
+
require 'net/http'
|
|
4
|
+
require 'json'
|
|
5
|
+
|
|
6
|
+
module Rex
|
|
7
|
+
module Google
|
|
8
|
+
# @example
|
|
9
|
+
# g = Rex::Google::Geolocation.new
|
|
10
|
+
# g.add_wlan("00:11:22:33:44:55", "example", -80)
|
|
11
|
+
# g.fetch!
|
|
12
|
+
# puts g, g.google_maps_url
|
|
13
|
+
class Geolocation
|
|
14
|
+
GOOGLE_API_URI = "https://maps.googleapis.com/maps/api/browserlocation/json?browser=firefox&sensor=true&"
|
|
15
|
+
|
|
16
|
+
attr_accessor :accuracy
|
|
17
|
+
attr_accessor :latitude
|
|
18
|
+
attr_accessor :longitude
|
|
19
|
+
|
|
20
|
+
def initialize
|
|
21
|
+
@uri = URI.parse(URI.encode(GOOGLE_API_URI))
|
|
22
|
+
@wlan_list = []
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
# Ask Google's Maps API for the location of a given set of BSSIDs (MAC
|
|
26
|
+
# addresses of access points), ESSIDs (AP names), and signal strengths.
|
|
27
|
+
def fetch!
|
|
28
|
+
@uri.query << @wlan_list.take(10).join("&wifi=")
|
|
29
|
+
request = Net::HTTP::Get.new(@uri.request_uri)
|
|
30
|
+
http = Net::HTTP.new(@uri.host, @uri.port)
|
|
31
|
+
http.use_ssl = true
|
|
32
|
+
response = http.request(request)
|
|
33
|
+
|
|
34
|
+
if response && response.code == '200'
|
|
35
|
+
results = JSON.parse(response.body)
|
|
36
|
+
self.latitude = results["location"]["lat"]
|
|
37
|
+
self.longitude = results["location"]["lng"]
|
|
38
|
+
self.accuracy = results["accuracy"]
|
|
39
|
+
else
|
|
40
|
+
msg = "Failure connecting to Google for location lookup."
|
|
41
|
+
msg += " Code #{response.code} for query #{@uri}" if response
|
|
42
|
+
fail msg
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
# Add an AP to the list to send to Google when {#fetch!} is called.
|
|
47
|
+
#
|
|
48
|
+
# Turns out Google's API doesn't really care about ESSID or signal strength
|
|
49
|
+
# as long as you have BSSIDs. Presumably adding them will make it more
|
|
50
|
+
# accurate? Who knows.
|
|
51
|
+
#
|
|
52
|
+
# @param mac [String] in the form "00:11:22:33:44:55"
|
|
53
|
+
# @param ssid [String] ESSID associated with the mac
|
|
54
|
+
# @param signal_strength [String] a thing like
|
|
55
|
+
def add_wlan(mac, ssid = nil, signal_strength = nil)
|
|
56
|
+
@wlan_list.push(URI.encode("mac:#{mac.upcase}|ssid:#{ssid}|ss=#{signal_strength.to_i}"))
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def google_maps_url
|
|
60
|
+
"https://maps.google.com/?q=#{latitude},#{longitude}"
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
def to_s
|
|
64
|
+
"Google indicates the device is within #{accuracy} meters of #{latitude},#{longitude}."
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
end
|
|
@@ -15,9 +15,11 @@ module Rex
|
|
|
15
15
|
autoload :Field, 'rex/java/serialization/model/field'
|
|
16
16
|
autoload :LongUtf, 'rex/java/serialization/model/long_utf'
|
|
17
17
|
autoload :NewArray, 'rex/java/serialization/model/new_array'
|
|
18
|
+
autoload :ProxyClassDesc, 'rex/java/serialization/model/proxy_class_desc'
|
|
18
19
|
autoload :NewClassDesc, 'rex/java/serialization/model/new_class_desc'
|
|
19
20
|
autoload :NewEnum, 'rex/java/serialization/model/new_enum'
|
|
20
21
|
autoload :NewObject, 'rex/java/serialization/model/new_object'
|
|
22
|
+
autoload :NewClass, 'rex/java/serialization/model/new_class'
|
|
21
23
|
autoload :NullReference, 'rex/java/serialization/model/null_reference'
|
|
22
24
|
autoload :Reference, 'rex/java/serialization/model/reference'
|
|
23
25
|
autoload :Reset, 'rex/java/serialization/model/reset'
|
|
@@ -24,7 +24,7 @@ module Rex
|
|
|
24
24
|
#
|
|
25
25
|
# @param io [IO] the io to read from
|
|
26
26
|
# @return [self] if deserialization succeeds
|
|
27
|
-
# @raise [
|
|
27
|
+
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
|
|
28
28
|
def decode(io)
|
|
29
29
|
loop do
|
|
30
30
|
content = decode_content(io, stream)
|
|
@@ -38,9 +38,9 @@ module Rex
|
|
|
38
38
|
# Serializes the Rex::Java::Serialization::Model::Annotation
|
|
39
39
|
#
|
|
40
40
|
# @return [String] if serialization suceeds
|
|
41
|
-
# @raise [
|
|
41
|
+
# @raise [Rex::Java::Serialization::EncodeError] if serialization doesn't succeed
|
|
42
42
|
def encode
|
|
43
|
-
raise ::
|
|
43
|
+
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize Annotation with empty contents' if contents.empty?
|
|
44
44
|
|
|
45
45
|
encoded = ''
|
|
46
46
|
|
|
@@ -26,10 +26,10 @@ module Rex
|
|
|
26
26
|
#
|
|
27
27
|
# @param io [IO] the io to read from
|
|
28
28
|
# @return [self] if deserialization succeeds
|
|
29
|
-
# @raise [
|
|
29
|
+
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
|
|
30
30
|
def decode(io)
|
|
31
31
|
raw_length = io.read(1)
|
|
32
|
-
raise
|
|
32
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize BlockData' if raw_length.nil?
|
|
33
33
|
self.length = raw_length.unpack('C')[0]
|
|
34
34
|
|
|
35
35
|
if length == 0
|
|
@@ -37,7 +37,7 @@ module Rex
|
|
|
37
37
|
else
|
|
38
38
|
self.contents = io.read(length)
|
|
39
39
|
if contents.nil? || contents.length != length
|
|
40
|
-
raise
|
|
40
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize BlockData'
|
|
41
41
|
end
|
|
42
42
|
end
|
|
43
43
|
|
|
@@ -26,11 +26,11 @@ module Rex
|
|
|
26
26
|
#
|
|
27
27
|
# @param io [IO] the io to read from
|
|
28
28
|
# @return [self] if deserialization succeeds
|
|
29
|
-
# @raise [
|
|
29
|
+
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
|
|
30
30
|
def decode(io)
|
|
31
31
|
raw_length = io.read(4)
|
|
32
32
|
if raw_length.nil? || raw_length.length != 4
|
|
33
|
-
raise ::
|
|
33
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize BlockDataLong'
|
|
34
34
|
end
|
|
35
35
|
self.length = raw_length.unpack('N')[0]
|
|
36
36
|
|
|
@@ -39,7 +39,7 @@ module Rex
|
|
|
39
39
|
else
|
|
40
40
|
self.contents = io.read(length)
|
|
41
41
|
if contents.nil? || contents.length != length
|
|
42
|
-
raise ::
|
|
42
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize BlockData'
|
|
43
43
|
end
|
|
44
44
|
end
|
|
45
45
|
|
|
@@ -21,13 +21,13 @@ module Rex
|
|
|
21
21
|
#
|
|
22
22
|
# @param io [IO] the io to read from
|
|
23
23
|
# @return [self] if deserialization succeeds
|
|
24
|
-
# @raise [
|
|
24
|
+
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
|
|
25
25
|
def decode(io)
|
|
26
26
|
content = decode_content(io, stream)
|
|
27
|
-
allowed_contents = [NullReference, NewClassDesc, Reference]
|
|
27
|
+
allowed_contents = [NullReference, NewClassDesc, Reference, ProxyClassDesc]
|
|
28
28
|
|
|
29
29
|
unless allowed_contents.include?(content.class)
|
|
30
|
-
raise ::
|
|
30
|
+
raise Rex::Java::Serialization::DecodeError, 'ClassDesc unserialize failed'
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
self.description = content
|
|
@@ -37,13 +37,13 @@ module Rex
|
|
|
37
37
|
# Serializes the Rex::Java::Serialization::Model::ClassDesc
|
|
38
38
|
#
|
|
39
39
|
# @return [String] if serialization succeeds
|
|
40
|
-
# @raise [
|
|
40
|
+
# @raise [Rex::Java::Serialization::EncodeError] if serialization doesn't succeed
|
|
41
41
|
def encode
|
|
42
42
|
encoded = ''
|
|
43
|
-
allowed_contents = [NullReference, NewClassDesc, Reference]
|
|
43
|
+
allowed_contents = [NullReference, NewClassDesc, Reference, ProxyClassDesc]
|
|
44
44
|
|
|
45
45
|
unless allowed_contents.include?(description.class)
|
|
46
|
-
raise ::
|
|
46
|
+
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize ClassDesc'
|
|
47
47
|
end
|
|
48
48
|
|
|
49
49
|
encoded << encode_content(description)
|
|
@@ -11,10 +11,10 @@ module Rex
|
|
|
11
11
|
#
|
|
12
12
|
# @param io [IO] the io to read from
|
|
13
13
|
# @return [Rex::Java::Serialization::Model::Element] if deserialization succeeds
|
|
14
|
-
# @raise [
|
|
14
|
+
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed or unsupported content
|
|
15
15
|
def decode_content(io, stream)
|
|
16
16
|
opcode = io.read(1)
|
|
17
|
-
raise ::
|
|
17
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize content' if opcode.nil?
|
|
18
18
|
opcode = opcode.unpack('C')[0]
|
|
19
19
|
content = nil
|
|
20
20
|
|
|
@@ -28,7 +28,7 @@ module Rex
|
|
|
28
28
|
when TC_OBJECT
|
|
29
29
|
content = NewObject.decode(io, stream)
|
|
30
30
|
when TC_CLASS
|
|
31
|
-
content =
|
|
31
|
+
content = NewClass.decode(io, stream)
|
|
32
32
|
when TC_ARRAY
|
|
33
33
|
content = NewArray.decode(io, stream)
|
|
34
34
|
when TC_STRING
|
|
@@ -42,17 +42,17 @@ module Rex
|
|
|
42
42
|
when TC_CLASSDESC
|
|
43
43
|
content = NewClassDesc.decode(io, stream)
|
|
44
44
|
when TC_PROXYCLASSDESC
|
|
45
|
-
|
|
45
|
+
content = ProxyClassDesc.decode(io, stream)
|
|
46
46
|
when TC_REFERENCE
|
|
47
47
|
content = Reference.decode(io, stream)
|
|
48
48
|
when TC_NULL
|
|
49
49
|
content = NullReference.decode(io, stream)
|
|
50
50
|
when TC_EXCEPTION
|
|
51
|
-
raise ::
|
|
51
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize unsupported TC_EXCEPTION content'
|
|
52
52
|
when TC_RESET
|
|
53
53
|
content = Reset.decode(io, stream)
|
|
54
54
|
else
|
|
55
|
-
raise ::
|
|
55
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize content'
|
|
56
56
|
end
|
|
57
57
|
|
|
58
58
|
content
|
|
@@ -62,7 +62,7 @@ module Rex
|
|
|
62
62
|
#
|
|
63
63
|
# @param content [Rex::Java::Serialization::Model::Element] the content to serialize
|
|
64
64
|
# @return [String] if serialization succeeds
|
|
65
|
-
# @raise [
|
|
65
|
+
# @raise [Rex::Java::Serialization::EncodeError] if serialization doesn't succeed
|
|
66
66
|
def encode_content(content)
|
|
67
67
|
encoded = ''
|
|
68
68
|
|
|
@@ -75,7 +75,7 @@ module Rex
|
|
|
75
75
|
encoded << [TC_ENDBLOCKDATA].pack('C')
|
|
76
76
|
when NewObject
|
|
77
77
|
encoded << [TC_OBJECT].pack('C')
|
|
78
|
-
when
|
|
78
|
+
when NewClass
|
|
79
79
|
encoded << [TC_CLASS].pack('C')
|
|
80
80
|
when NewArray
|
|
81
81
|
encoded << [TC_ARRAY].pack('C')
|
|
@@ -87,6 +87,8 @@ module Rex
|
|
|
87
87
|
encoded << [TC_ENUM].pack('C')
|
|
88
88
|
when NewClassDesc
|
|
89
89
|
encoded << [TC_CLASSDESC].pack('C')
|
|
90
|
+
when ProxyClassDesc
|
|
91
|
+
content = [TC_PROXYCLASSDESC].pack('C')
|
|
90
92
|
when NullReference
|
|
91
93
|
encoded << [TC_NULL].pack('C')
|
|
92
94
|
when Reset
|
|
@@ -94,7 +96,7 @@ module Rex
|
|
|
94
96
|
when Reference
|
|
95
97
|
encoded << [TC_REFERENCE].pack('C')
|
|
96
98
|
else
|
|
97
|
-
raise ::
|
|
99
|
+
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize content'
|
|
98
100
|
end
|
|
99
101
|
|
|
100
102
|
encoded << content.encode
|
|
@@ -105,6 +107,7 @@ module Rex
|
|
|
105
107
|
#
|
|
106
108
|
# @param content [Rex::Java::Serialization::Model::Element] the content to print
|
|
107
109
|
# @return [String]
|
|
110
|
+
# @raise [Rex::Java::Serialization::EncodeError] if the content is unknown
|
|
108
111
|
def print_content(content)
|
|
109
112
|
str = ''
|
|
110
113
|
|
|
@@ -119,6 +122,8 @@ module Rex
|
|
|
119
122
|
str << "#{print_class(content)} { #{content.to_s} }"
|
|
120
123
|
when ClassDesc
|
|
121
124
|
str << "#{print_class(content)} { #{content.to_s} }"
|
|
125
|
+
when NewClass
|
|
126
|
+
str << "#{print_class(content)} { #{content.to_s} }"
|
|
122
127
|
when NewArray
|
|
123
128
|
str << "#{print_class(content)} { #{content.to_s} }"
|
|
124
129
|
when Utf
|
|
@@ -129,6 +134,8 @@ module Rex
|
|
|
129
134
|
str << "#{print_class(content)} { #{content.to_s} }"
|
|
130
135
|
when NewClassDesc
|
|
131
136
|
str << "#{print_class(content)} { #{content.to_s} }"
|
|
137
|
+
when ProxyClassDesc
|
|
138
|
+
str << "#{print_class(content)} { #{content.to_s} }"
|
|
132
139
|
when NullReference
|
|
133
140
|
str << "#{print_class(content)}"
|
|
134
141
|
when Reset
|
|
@@ -136,7 +143,7 @@ module Rex
|
|
|
136
143
|
when Reference
|
|
137
144
|
str << "#{print_class(content)} { #{content.to_s} }"
|
|
138
145
|
else
|
|
139
|
-
raise ::
|
|
146
|
+
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize content'
|
|
140
147
|
end
|
|
141
148
|
|
|
142
149
|
str
|
|
@@ -11,13 +11,13 @@ module Rex
|
|
|
11
11
|
include Rex::Java::Serialization::Model::Contents
|
|
12
12
|
|
|
13
13
|
# @!attribute type
|
|
14
|
-
#
|
|
14
|
+
# @return [String] The type of the field.
|
|
15
15
|
attr_accessor :type
|
|
16
16
|
# @!attribute name
|
|
17
|
-
#
|
|
17
|
+
# @return [Rex::Java::Serialization::Model::Utf] The name of the field.
|
|
18
18
|
attr_accessor :name
|
|
19
19
|
# @!attribute field_type
|
|
20
|
-
#
|
|
20
|
+
# @return [Rex::Java::Serialization::Model::Utf] The type of the field on object types.
|
|
21
21
|
attr_accessor :field_type
|
|
22
22
|
|
|
23
23
|
# @param stream [Rex::Java::Serialization::Model::Stream] the stream where it belongs to
|
|
@@ -32,12 +32,12 @@ module Rex
|
|
|
32
32
|
#
|
|
33
33
|
# @param io [IO] the io to read from
|
|
34
34
|
# @return [self] if deserialization succeeds
|
|
35
|
-
# @
|
|
35
|
+
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
|
|
36
36
|
def decode(io)
|
|
37
37
|
code = io.read(1)
|
|
38
38
|
|
|
39
39
|
unless code && is_valid?(code)
|
|
40
|
-
raise ::
|
|
40
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize Field'
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
self.type = TYPE_CODES[code]
|
|
@@ -53,14 +53,14 @@ module Rex
|
|
|
53
53
|
# Serializes the Rex::Java::Serialization::Model::Field
|
|
54
54
|
#
|
|
55
55
|
# @return [String] if serialization succeeds
|
|
56
|
-
# @raise [
|
|
56
|
+
# @raise [Rex::Java::Serialization::EncodeError] if serialization doesn't succeed
|
|
57
57
|
def encode
|
|
58
58
|
unless name.kind_of?(Rex::Java::Serialization::Model::Utf)
|
|
59
|
-
raise ::
|
|
59
|
+
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize Field'
|
|
60
60
|
end
|
|
61
61
|
|
|
62
62
|
unless is_type_valid?
|
|
63
|
-
raise ::
|
|
63
|
+
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize Field'
|
|
64
64
|
end
|
|
65
65
|
|
|
66
66
|
encoded = ''
|
|
@@ -138,11 +138,12 @@ module Rex
|
|
|
138
138
|
# Serializes the `field_type` attribute.
|
|
139
139
|
#
|
|
140
140
|
# @return [String]
|
|
141
|
+
# @raise [Rex::Java::Serialization::EncodeError] if serialization fails
|
|
141
142
|
def encode_field_type
|
|
142
143
|
allowed_contents = [Utf, Reference]
|
|
143
144
|
|
|
144
145
|
unless allowed_contents.include?(field_type.class)
|
|
145
|
-
raise ::
|
|
146
|
+
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize Field'
|
|
146
147
|
end
|
|
147
148
|
|
|
148
149
|
encoded = encode_content(field_type)
|
|
@@ -154,13 +155,13 @@ module Rex
|
|
|
154
155
|
#
|
|
155
156
|
# @param io [IO] the io to read from
|
|
156
157
|
# @return [Java::Serialization::Model::Utf]
|
|
157
|
-
# @raise [
|
|
158
|
+
# @raise [Rex::Java::Serialization::DecodeError] if unserialization doesn't succeed
|
|
158
159
|
def decode_field_type(io)
|
|
159
160
|
allowed_contents = [Utf, Reference]
|
|
160
161
|
type = decode_content(io, stream)
|
|
161
162
|
|
|
162
163
|
unless allowed_contents.include?(type.class)
|
|
163
|
-
raise ::
|
|
164
|
+
raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize Field field_type'
|
|
164
165
|
end
|
|
165
166
|
|
|
166
167
|
type
|