rex 2.0.8 → 2.0.9

data/lib/rex/java/serialization/model/proxy_class_desc.rb

@@ -0,0 +1,109 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Java
+    module Serialization
+      module Model
+        # This class provides a ProxyClassDesc representation
+        class ProxyClassDesc < Element
+
+          include Rex::Java::Serialization
+
+          # @!attribute interfaces
+          #   @return [Array] An array of interface names
+          attr_accessor :interfaces
+          # @!attribute class_annotation
+          #   @return [Rex::Java::Serialization::Model::Annotation] The java class annotations
+          attr_accessor :class_annotation
+          # @!attribute super_class
+          #   @return [Rex::Java::Serialization::Model::ClassDesc] The java class superclass description
+          attr_accessor :super_class
+
+          # @param stream [Rex::Java::Serialization::Model::Stream] the stream where it belongs to
+          def initialize(stream = nil)
+            super(stream)
+            self.interfaces = []
+            self.class_annotation = nil
+            self.super_class = nil
+          end
+
+          # Deserializes a Rex::Java::Serialization::Model::ProxyClassDesc
+          #
+          # @param io [IO] the io to read from
+          # @return [self] if deserialization succeeds
+          # @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
+          def decode(io)
+            stream.add_reference(self) unless stream.nil?
+
+            interfaces_length = decode_interfaces_length(io)
+            interfaces_length.times do
+              interface = Utf.decode(io, stream)
+              self.interfaces << interface
+            end
+            self.class_annotation = Annotation.decode(io, stream)
+            self.super_class = ClassDesc.decode(io, stream)
+
+            self
+          end
+
+          # Serializes the Rex::Java::Serialization::Model::ProxyClassDesc
+          #
+          # @return [String] if serialization succeeds
+          # @raise [Rex::Java::Serialization::EncodeError] if serialization doesn't succeed
+          def encode
+            unless class_annotation.class == Rex::Java::Serialization::Model::Annotation ||
+                    super_class.class == Rex::Java::Serialization::Model::ClassDesc
+              raise Rex::Java::Serialization::EncodeError, 'Failed to serialize ProxyClassDesc'
+            end
+            encoded = ''
+            encoded << [interfaces.length].pack('N')
+            interfaces.each do |interface|
+              encoded << interface.encode
+            end
+            encoded << class_annotation.encode
+            encoded << super_class.encode
+
+            encoded
+          end
+
+          # Creates a print-friendly string representation
+          #
+          # @return [String]
+          def to_s
+            str = '[ '
+            interfaces_str = []
+            interfaces.each do |interface|
+              interfaces_str << interface.to_s
+            end
+            str << "#{interfaces_str.join(', ')} ]"
+
+            case super_class.description
+            when NewClassDesc
+              str << ", @super_class: #{super_class.description.class_name.to_s}"
+            when Reference
+              str << ", @super_class: #{super_class.description.to_s}"
+            end
+
+            str
+          end
+
+          private
+
+          # Deserializes the number of interface names
+          #
+          # @param io [IO] the io to read from
+          # @return [Fixnum] if deserialization is possible
+          # @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
+          def decode_interfaces_length(io)
+            fields_length = io.read(4)
+            if fields_length.nil? || fields_length.length != 4
+              raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize ProxyClassDesc'
+            end
+
+            fields_length.unpack('N')[0]
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rex/java/serialization/model/reference.rb

@@ -21,11 +21,11 @@ module Rex
           #
           # @param io [IO] the io to read from
           # @return [self] if deserialization succeeds
-          # @raise [RuntimeError] if deserialization doesn't succeed
+          # @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
           def decode(io)
             handle_raw = io.read(4)
             unless handle_raw && handle_raw.length == 4
-              raise ::RuntimeError, 'Failed to unserialize Reference'
+              raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize Reference'
             end
 
             self.handle = handle_raw.unpack('N')[0]
@@ -36,10 +36,10 @@ module Rex
           # Serializes the Rex::Java::Serialization::Model::Reference
           #
           # @return [String] if serialization succeeds
-          # @raise [RuntimeError] if serialization doesn't succeed
+          # @raise [Rex::Java::Serialization::EncodeError] if serialization doesn't succeed
           def encode
             if handle < BASE_WIRE_HANDLE
-              raise ::RuntimeError, 'Failed to serialize Reference'
+              raise Rex::Java::Serialization::EncodeError, 'Failed to serialize Reference'
             end
 
             encoded = ''

data/lib/rex/java/serialization/model/stream.rb

@@ -34,7 +34,7 @@ module Rex
           #
           # @param io [IO] the io to read from
           # @return [self] if deserialization succeeds
-          # @raise [RuntimeError] if deserialization doesn't succeed
+          # @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
           def decode(io)
             self.magic = decode_magic(io)
             self.version = decode_version(io)
@@ -50,7 +50,7 @@ module Rex
           # Serializes the Rex::Java::Serialization::Model::Stream
           #
           # @return [String] if serialization succeeds
-          # @raise [RuntimeError] if serialization doesn't succeed
+          # @raise [Rex::Java::Serialization::EncodeError] if serialization doesn't succeed
           def encode
             encoded = ''
             encoded << [magic].pack('n')
@@ -63,7 +63,7 @@ module Rex
 
           # Adds an element to the references array
           #
-          # @param io [Rex::Java::Serialization::Model::Element] the object to save as reference dst
+          # @param ref [Rex::Java::Serialization::Model::Element] the object to save as reference dst
           def add_reference(ref)
             self.references.push(ref)
           end
@@ -92,12 +92,12 @@ module Rex
           #
           # @param io [IO] the io to read from
           # @return [String] if deserialization succeeds
-          # @raise [RuntimeError] if deserialization doesn't succeed
+          # @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
           def decode_magic(io)
             magic = io.read(2)
 
             unless magic && magic.length == 2 && magic.unpack('n')[0] == STREAM_MAGIC
-              raise ::RuntimeError, 'Failed to unserialize Stream'
+              raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize Stream'
             end
 
             STREAM_MAGIC
@@ -107,11 +107,11 @@ module Rex
           #
           # @param io [IO] the io to read from
           # @return [Fixnum] if deserialization succeeds
-          # @raise [RuntimeError] if deserialization doesn't succeed
+          # @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
           def decode_version(io)
             version = io.read(2)
             unless version && version.unpack('n')[0] == STREAM_VERSION
-              raise ::RuntimeError, 'Failed to unserialize Stream'
+              raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize Stream'
             end
 
             STREAM_VERSION

data/lib/rex/java/serialization/model/utf.rb

@@ -26,11 +26,11 @@ module Rex
           #
           # @param io [IO] the io to read from
           # @return [self] if deserialization succeeds
-          # @raise [RuntimeError] if deserialization doesn't succeed
+          # @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
           def decode(io)
             raw_length = io.read(2)
             if raw_length.nil? || raw_length.length != 2
-              raise ::RuntimeError, 'Failed to unserialize Utf'
+              raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize Utf'
             end
             self.length = raw_length.unpack('n')[0]
 
@@ -39,7 +39,7 @@ module Rex
             else
               self.contents = io.read(length)
               if contents.nil? || contents.length != length
-                raise ::RuntimeError, 'Failed to unserialize Utf'
+                raise Rex::Java::Serialization::DecodeError, 'Failed to unserialize Utf'
               end
             end
 

data/lib/rex/json_hash_file.rb

@@ -0,0 +1,94 @@
+# -*- coding => binary -*-
+
+require 'json'
+require 'fileutils'
+
+#
+# This class provides a thread-friendly hash file store in JSON format
+#
+module Rex
+class JSONHashFile
+
+  attr_accessor :path
+
+  def initialize(path)
+    self.path = path
+    @lock = Mutex.new
+    @hash = {}
+    @last = 0
+  end
+
+  def [](k)
+    synced_update
+    @hash[k]
+  end
+
+  def []=(k,v)
+    synced_update do
+      @hash[k] = v
+    end
+  end
+
+  def keys
+    synced_update
+    @hash.keys
+  end
+
+  def delete(k)
+    synced_update do
+      @hash.delete(k)
+    end
+  end
+
+  def clear
+    synced_update do
+      @hash.clear
+    end
+  end
+
+private
+
+  # Save the file, but prevent thread & process contention
+  def synced_update(&block)
+    @lock.synchronize do
+      ::FileUtils.mkdir_p(::File.dirname(path))
+      ::File.open(path, ::File::RDWR|::File::CREAT) do |fd|
+        fd.flock(::File::LOCK_EX)
+
+        # Reload and merge if the file has changed recently
+        if fd.stat.mtime.to_f > @last
+          parse_data(fd.read).merge(@hash).each_pair do |k,v|
+            @hash[k] = v
+          end
+        end
+
+        res = nil
+
+        # Update the file on disk if new data is written
+        if block_given?
+          res = block.call
+          fd.rewind
+          fd.write(JSON.pretty_generate(@hash))
+          fd.sync
+          fd.truncate(fd.pos)
+        end
+
+        @last = fd.stat.mtime.to_f
+
+        res
+      end
+    end
+  end
+
+  def parse_data(data)
+    return {} if data.to_s.strip.length == 0
+    begin
+      JSON.parse(data)
+    rescue JSON::ParserError => e
+      # elog("JSONHashFile @ #{path} was corrupt: #{e.class} #{e}"
+      {}
+    end
+  end
+
+end
+end

data/lib/rex/logging/log_sink.rb

@@ -41,3 +41,4 @@ end
 
 require 'rex/logging/sinks/flatfile'
 require 'rex/logging/sinks/stderr'
+require 'rex/logging/sinks/timestamp_flatfile'

data/lib/rex/logging/sinks/timestamp_flatfile.rb

@@ -0,0 +1,21 @@
+# -*- coding: binary -*-
+module Rex
+module Logging
+module Sinks
+
+###
+#
+# This class implements the LogSink interface and backs it against a
+# file on disk with a Timestamp.
+#
+###
+class TimestampFlatfile < Flatfile
+
+  def log(sev, src, level, msg, from) # :nodoc:
+    msg = msg.chop.gsub(/\x1b\[[0-9;]*[mG]/,'').gsub(/[\x01-\x02]/, " ")
+    fd.write("[#{get_current_timestamp}] #{msg}\n")
+    fd.flush
+  end
+end
+
+end end end

data/lib/rex/parser/appscan_nokogiri.rb

@@ -141,9 +141,9 @@ module Rex
 
     def report_web_page(&block)
       return unless(in_issue && has_text)
-      return unless @state[:web_site]
-      return unless @state[:response_headers]
-      return unless @state[:uri]
+      return unless @state[:web_site].present?
+      return unless @state[:response_headers].present?
+      return unless @state[:uri].present?
       web_page_info = {}
       web_page_info[:web_site] = @state[:web_site]
       web_page_info[:path] = @state[:uri].path
@@ -187,31 +187,21 @@ module Rex
 
     def record_request_and_response
       return unless(in_issue && has_text)
-      return unless @state[:web_site]
+      return unless @state[:web_site].present?
       really_original_traffic = unindent_and_crlf(@text)
-      split_traffic = really_original_traffic.split(/\r\n\r\n/)
-      request_headers_text = split_traffic.first
-      content_length = 0
-      if request_headers_text =~ /\ncontent-length:\s+([0-9]+)/mni
-        content_length = $1.to_i
-      end
-      if(content_length > 0) and (split_traffic[1].to_s.size >= content_length)
-        request_body_text = split_traffic[1].to_s[0,content_length]
-      else
-        request_body_text = nil
-      end
-      response_headers_text = split_traffic[1].to_s[content_length,split_traffic[1].to_s.size].lstrip
-      request = request_headers_text
-      return unless(request && response_headers_text)
-      response_body_text = split_traffic[2]
+      request_headers, request_body, response_headers, response_body = really_original_traffic.split(/\r\n\r\n/)
+      return unless(request_headers && response_headers)
       req_header = Rex::Proto::Http::Packet::Header.new
       res_header = Rex::Proto::Http::Packet::Header.new
-      req_header.from_s request_headers_text.dup
-      res_header.from_s response_headers_text.dup
+      req_header.from_s request_headers.lstrip
+      res_header.from_s response_headers.lstrip
+      if response_body.blank?
+        response_body = ''
+      end
       @state[:request_headers] = req_header
-      @state[:request_body] = request_body_text
+      @state[:request_body] = request_body.lstrip
       @state[:response_headers] = res_header
-      @state[:response_body] = response_body_text
+      @state[:response_body] = response_body.lstrip
     end
 
     # Appscan tab-indents which makes parsing a little difficult. They

data/lib/rex/parser/fs/ntfs.rb

@@ -181,7 +181,8 @@ module Rex
 
             data = ''
             while data.length < size_wanted
-              data << @file_handler.read(size_wanted - data.length)
+              # Use a 4Mb block size to avoid target memory consumption
+              data << @file_handler.read([size_wanted - data.length, 2**22].min)
             end
             attribut << data
           end
@@ -196,8 +197,11 @@ module Rex
       #
       # return the attribute list from the MFT record
       # deal with resident and non resident attributes (but not $DATA due to performance issue)
+      # if lazy = True, this function only gather essential non resident attributes
+      # (INDEX_ALLOCATION). Non resident attributes can still be gathered later with
+      # cluster_from_attribute_non_resident function.
       #
-      def mft_record_attribute(mft_record)
+      def mft_record_attribute(mft_record, lazy=true)
         attribute_list_offset = mft_record[20, 2].unpack('C')[0]
         curs = attribute_list_offset
         attribute_identifier = mft_record[curs, 4].unpack('V')[0]
@@ -213,10 +217,11 @@ module Rex
             res[attribute_identifier] = mft_record[curs + content_offset, content_size]
           else
             # non resident
-            if attribute_identifier == DATA_ATTRIBUTE_ID
-              res[attribute_identifier] = mft_record[curs, attribute_size]
-            else
+            if attribute_identifier == INDEX_ALLOCATION_ID or 
+              (!lazy and attribute_identifier != DATA_ATTRIBUTE_ID)
               res[attribute_identifier] = cluster_from_attribute_non_resident(mft_record[curs, attribute_size])
+            else 
+              res[attribute_identifier] = mft_record[curs, attribute_size]
             end
           end
           if attribute_identifier == DATA_ATTRIBUTE_ID

data/lib/rex/parser/nmap_nokogiri.rb

@@ -17,7 +17,7 @@ module Rex
         Msf::ServiceState::Closed
       when "filtered"
         Msf::ServiceState::Filtered
-      when "unknown"
+      else
         Msf::ServiceState::Unknown
       end
     end
@@ -277,6 +277,8 @@ module Rex
           port_hash[:state] = determine_port_state(v)
         when "name"
           port_hash[:name] = v
+        when "tunnel"
+          port_hash[:name] = "#{v}/#{port_hash[:name] || 'unknown'}"
         when "reason"
           port_hash[:reason] = v
         when "product"