rex 2.0.9 → 2.0.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/rex/exploitation/cmdstager/bourne.rb +14 -8
- data/lib/rex/exploitation/cmdstager/echo.rb +3 -3
- data/lib/rex/exploitation/js/memory.rb +1 -1
- data/lib/rex/java/serialization/model/contents.rb +1 -1
- data/lib/rex/mime/message.rb +1 -1
- data/lib/rex/parser/acunetix_nokogiri.rb +2 -0
- data/lib/rex/parser/appscan_nokogiri.rb +1 -1
- data/lib/rex/parser/burp_issue_nokogiri.rb +139 -0
- data/lib/rex/parser/burp_session_nokogiri.rb +1 -1
- data/lib/rex/parser/fs/bitlocker.rb +233 -0
- data/lib/rex/parser/fusionvm_nokogiri.rb +2 -2
- data/lib/rex/parser/ini.rb +1 -8
- data/lib/rex/parser/nokogiri_doc_mixin.rb +5 -0
- data/lib/rex/payloads/meterpreter/config.rb +23 -4
- data/lib/rex/post/meterpreter/channel.rb +8 -3
- data/lib/rex/post/meterpreter/client.rb +1 -0
- data/lib/rex/post/meterpreter/client_core.rb +2 -2
- data/lib/rex/post/meterpreter/extensions/android/android.rb +86 -1
- data/lib/rex/post/meterpreter/extensions/android/tlv.rb +29 -0
- data/lib/rex/post/meterpreter/extensions/extapi/wmi/wmi.rb +1 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +75 -89
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +8 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +10 -5
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +7 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb +10 -5
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +8 -2
- data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +1 -1
- data/lib/rex/post/meterpreter/packet.rb +38 -0
- data/lib/rex/post/meterpreter/packet_dispatcher.rb +101 -108
- data/lib/rex/post/meterpreter/packet_parser.rb +14 -6
- data/lib/rex/post/meterpreter/packet_response_waiter.rb +42 -21
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/android.rb +54 -4
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +39 -13
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +8 -0
- data/lib/rex/proto/adb.rb +7 -0
- data/lib/rex/proto/adb/client.rb +39 -0
- data/lib/rex/proto/adb/message.rb +164 -0
- data/lib/rex/proto/dcerpc/svcctl/packet.rb +9 -9
- data/lib/rex/proto/http/client_request.rb +2 -1
- data/lib/rex/proto/http/response.rb +1 -1
- data/lib/rex/proto/kademlia/bootstrap_response.rb +2 -2
- data/lib/rex/proto/ntp/modes.rb +17 -0
- data/lib/rex/text.rb +12 -0
- data/lib/rex/zip/blocks.rb +1 -1
- data/lib/rex/zip/entry.rb +1 -1
- data/rex.gemspec +28 -1
- metadata +106 -3
@@ -53,7 +53,7 @@ class Client
|
|
53
53
|
end
|
54
54
|
end
|
55
55
|
rescue Rex::Proto::DCERPC::Exceptions::Fault => e
|
56
|
-
print_error("
|
56
|
+
print_error("Error getting scm handle: #{e}")
|
57
57
|
end
|
58
58
|
|
59
59
|
[scm_handle, scm_status]
|
@@ -124,7 +124,7 @@ class Client
|
|
124
124
|
end
|
125
125
|
end
|
126
126
|
rescue Rex::Proto::DCERPC::Exceptions::Fault => e
|
127
|
-
print_error("
|
127
|
+
print_error("Error creating service: #{e}")
|
128
128
|
end
|
129
129
|
|
130
130
|
return svc_handle, svc_status
|
@@ -149,7 +149,7 @@ class Client
|
|
149
149
|
response = dcerpc_client.call(CHANGE_SERVICE_CONFIG2_W, stubdata) # ChangeServiceConfig2
|
150
150
|
svc_status = error_code(response)
|
151
151
|
rescue Rex::Proto::DCERPC::Exceptions::Fault => e
|
152
|
-
print_error("
|
152
|
+
print_error("Error changing service description : #{e}")
|
153
153
|
end
|
154
154
|
|
155
155
|
svc_status
|
@@ -169,7 +169,7 @@ class Client
|
|
169
169
|
svc_status = error_code(response[20,4])
|
170
170
|
end
|
171
171
|
rescue Rex::Proto::DCERPC::Exceptions::Fault => e
|
172
|
-
print_error("
|
172
|
+
print_error("Error closing service handle: #{e}")
|
173
173
|
end
|
174
174
|
|
175
175
|
svc_status
|
@@ -195,7 +195,7 @@ class Client
|
|
195
195
|
end
|
196
196
|
end
|
197
197
|
rescue Rex::Proto::DCERPC::Exceptions::Fault => e
|
198
|
-
print_error("
|
198
|
+
print_error("Error opening service handle: #{e}")
|
199
199
|
end
|
200
200
|
|
201
201
|
svc_handle
|
@@ -219,7 +219,7 @@ class Client
|
|
219
219
|
svc_status = error_code(response)
|
220
220
|
end
|
221
221
|
rescue Rex::Proto::DCERPC::Exceptions::Fault => e
|
222
|
-
print_error("
|
222
|
+
print_error("Error starting service: #{e}")
|
223
223
|
end
|
224
224
|
|
225
225
|
svc_status
|
@@ -249,7 +249,7 @@ class Client
|
|
249
249
|
svc_status = error_code(response[28,4])
|
250
250
|
end
|
251
251
|
rescue Rex::Proto::DCERPC::Exceptions::Fault => e
|
252
|
-
print_error("
|
252
|
+
print_error("Error controlling service: #{e}")
|
253
253
|
end
|
254
254
|
|
255
255
|
svc_status
|
@@ -268,7 +268,7 @@ class Client
|
|
268
268
|
svc_status = error_code(response)
|
269
269
|
end
|
270
270
|
rescue Rex::Proto::DCERPC::Exceptions::Fault => e
|
271
|
-
print_error("
|
271
|
+
print_error("Error deleting service: #{e}")
|
272
272
|
end
|
273
273
|
|
274
274
|
svc_status
|
@@ -292,7 +292,7 @@ class Client
|
|
292
292
|
ret = 2
|
293
293
|
end
|
294
294
|
rescue Rex::Proto::DCERPC::Exceptions::Fault => e
|
295
|
-
print_error("
|
295
|
+
print_error("Error deleting service: #{e}")
|
296
296
|
end
|
297
297
|
|
298
298
|
ret
|
@@ -391,8 +391,9 @@ class ClientRequest
|
|
391
391
|
|
392
392
|
#
|
393
393
|
# Return the content length header
|
394
|
+
#
|
394
395
|
def set_content_len_header(clen)
|
395
|
-
return "" if opts['chunked_size'] > 0
|
396
|
+
return "" if clen == 0 || opts['chunked_size'] > 0 || (opts['headers'] && opts['headers']['Content-Length'])
|
396
397
|
set_formatted_header("Content-Length", clen)
|
397
398
|
end
|
398
399
|
|
@@ -51,14 +51,14 @@ module Kademlia
|
|
51
51
|
bootstrap_peer_id = Rex::Proto::Kademlia.decode_peer_id(message.body.slice!(0, 16))
|
52
52
|
bootstrap_tcp_port, bootstrap_version, num_peers = message.body.slice!(0, 5).unpack('vCv')
|
53
53
|
# protocol says there are no peers and the body confirms this, so just return with no peers
|
54
|
-
if num_peers == 0 && message.body.
|
54
|
+
if num_peers == 0 && message.body.to_s.empty?
|
55
55
|
peers = []
|
56
56
|
else
|
57
57
|
peers_data = message.body
|
58
58
|
# peers data is too long/short, abort
|
59
59
|
return if peers_data.size % BOOTSTRAP_PEER_SIZE != 0
|
60
60
|
peers = []
|
61
|
-
until peers_data.
|
61
|
+
until peers_data.to_s.empty?
|
62
62
|
peer_data = peers_data.slice!(0, BOOTSTRAP_PEER_SIZE)
|
63
63
|
peer_id = Rex::Proto::Kademlia.decode_peer_id(peer_data.slice!(0, 16))
|
64
64
|
ip, udp_port, tcp_port, version = peer_data.unpack('VvvC')
|
data/lib/rex/proto/ntp/modes.rb
CHANGED
@@ -92,6 +92,23 @@ module NTP
|
|
92
92
|
end
|
93
93
|
end
|
94
94
|
|
95
|
+
class NTPSymmetric < BitStruct
|
96
|
+
unsigned :li, 2, default: 0
|
97
|
+
unsigned :version, 3, default: 3
|
98
|
+
unsigned :mode, 3, default: 0
|
99
|
+
unsigned :stratum, 8, default: 0
|
100
|
+
unsigned :poll, 8, default: 0
|
101
|
+
unsigned :precision, 8, default: 0
|
102
|
+
unsigned :root_delay, 32, default: 0
|
103
|
+
unsigned :root_dispersion, 32, default: 0
|
104
|
+
unsigned :reference_id, 32, default: 0
|
105
|
+
unsigned :reference_timestamp, 64, default: 0
|
106
|
+
unsigned :origin_timestamp, 64, default: 0
|
107
|
+
unsigned :receive_timestamp, 64, default: 0
|
108
|
+
unsigned :transmit_timestamp, 64, default: 0
|
109
|
+
rest :payload
|
110
|
+
end
|
111
|
+
|
95
112
|
def self.ntp_control(version, operation, payload = nil)
|
96
113
|
n = NTPControl.new
|
97
114
|
n.version = version
|
data/lib/rex/text.rb
CHANGED
@@ -1477,6 +1477,18 @@ EOS
|
|
1477
1477
|
"{#{parts.join('-')}}"
|
1478
1478
|
end
|
1479
1479
|
|
1480
|
+
#
|
1481
|
+
# Generate a valid random 4 byte UTF-8 character
|
1482
|
+
# valid codepoints for 4byte UTF-8 chars: U+010000 - U+10FFFF
|
1483
|
+
#
|
1484
|
+
# @example
|
1485
|
+
# Rex::Text.rand_4byte_utf8 # => "\u{108CF3}"
|
1486
|
+
#
|
1487
|
+
# @return [String]
|
1488
|
+
def self.rand_4byte_utf8
|
1489
|
+
[rand(0x10000..0x10ffff)].pack('U*')
|
1490
|
+
end
|
1491
|
+
|
1480
1492
|
#
|
1481
1493
|
# Creates a pattern that can be used for offset calculation purposes. This
|
1482
1494
|
# routine is capable of generating patterns using a supplied set and a
|
data/lib/rex/zip/blocks.rb
CHANGED
data/lib/rex/zip/entry.rb
CHANGED
data/rex.gemspec
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
# encoding: utf-8
|
2
2
|
|
3
3
|
APP_NAME = "rex"
|
4
|
-
VERSION = "2.0.
|
4
|
+
VERSION = "2.0.10"
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = APP_NAME
|
@@ -17,4 +17,31 @@ Gem::Specification.new do |s|
|
|
17
17
|
s.extra_rdoc_files = ["README.markdown"]
|
18
18
|
s.platform = "ruby"
|
19
19
|
s.required_ruby_version = ">= 2.1.5"
|
20
|
+
|
21
|
+
# Needed for Javascript obfuscation
|
22
|
+
s.add_runtime_dependency 'jsobfu', '~> 0.4.1'
|
23
|
+
|
24
|
+
# Needed for some admin modules (scrutinizer_add_user.rb)
|
25
|
+
s.add_runtime_dependency 'json'
|
26
|
+
|
27
|
+
# Metasm compiler/decompiler/assembler
|
28
|
+
s.add_runtime_dependency 'metasm', '~> 1.0.2'
|
29
|
+
|
30
|
+
# Needed by anemone crawler
|
31
|
+
s.add_runtime_dependency 'nokogiri'
|
32
|
+
|
33
|
+
# rb-readline doesn't work with Ruby Installer due to error with Fiddle:
|
34
|
+
# NoMethodError undefined method `dlopen' for Fiddle:Module
|
35
|
+
unless Gem.win_platform?
|
36
|
+
# Command line editing, history, and tab completion in msfconsole
|
37
|
+
# Use the Rapid7 fork until the official gem catches up
|
38
|
+
s.add_runtime_dependency 'rb-readline-r7'
|
39
|
+
end
|
40
|
+
|
41
|
+
# Needed by anemone crawler
|
42
|
+
s.add_runtime_dependency 'robots'
|
43
|
+
|
44
|
+
# Needed so that disk size output isn't horrible
|
45
|
+
s.add_runtime_dependency 'filesize'
|
46
|
+
|
20
47
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rex
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.10
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- HD Moore
|
@@ -9,8 +9,106 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
13
|
-
dependencies:
|
12
|
+
date: 2016-03-07 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: jsobfu
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
17
|
+
requirements:
|
18
|
+
- - "~>"
|
19
|
+
- !ruby/object:Gem::Version
|
20
|
+
version: 0.4.1
|
21
|
+
type: :runtime
|
22
|
+
prerelease: false
|
23
|
+
version_requirements: !ruby/object:Gem::Requirement
|
24
|
+
requirements:
|
25
|
+
- - "~>"
|
26
|
+
- !ruby/object:Gem::Version
|
27
|
+
version: 0.4.1
|
28
|
+
- !ruby/object:Gem::Dependency
|
29
|
+
name: json
|
30
|
+
requirement: !ruby/object:Gem::Requirement
|
31
|
+
requirements:
|
32
|
+
- - ">="
|
33
|
+
- !ruby/object:Gem::Version
|
34
|
+
version: '0'
|
35
|
+
type: :runtime
|
36
|
+
prerelease: false
|
37
|
+
version_requirements: !ruby/object:Gem::Requirement
|
38
|
+
requirements:
|
39
|
+
- - ">="
|
40
|
+
- !ruby/object:Gem::Version
|
41
|
+
version: '0'
|
42
|
+
- !ruby/object:Gem::Dependency
|
43
|
+
name: metasm
|
44
|
+
requirement: !ruby/object:Gem::Requirement
|
45
|
+
requirements:
|
46
|
+
- - "~>"
|
47
|
+
- !ruby/object:Gem::Version
|
48
|
+
version: 1.0.2
|
49
|
+
type: :runtime
|
50
|
+
prerelease: false
|
51
|
+
version_requirements: !ruby/object:Gem::Requirement
|
52
|
+
requirements:
|
53
|
+
- - "~>"
|
54
|
+
- !ruby/object:Gem::Version
|
55
|
+
version: 1.0.2
|
56
|
+
- !ruby/object:Gem::Dependency
|
57
|
+
name: nokogiri
|
58
|
+
requirement: !ruby/object:Gem::Requirement
|
59
|
+
requirements:
|
60
|
+
- - ">="
|
61
|
+
- !ruby/object:Gem::Version
|
62
|
+
version: '0'
|
63
|
+
type: :runtime
|
64
|
+
prerelease: false
|
65
|
+
version_requirements: !ruby/object:Gem::Requirement
|
66
|
+
requirements:
|
67
|
+
- - ">="
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: '0'
|
70
|
+
- !ruby/object:Gem::Dependency
|
71
|
+
name: rb-readline-r7
|
72
|
+
requirement: !ruby/object:Gem::Requirement
|
73
|
+
requirements:
|
74
|
+
- - ">="
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: '0'
|
77
|
+
type: :runtime
|
78
|
+
prerelease: false
|
79
|
+
version_requirements: !ruby/object:Gem::Requirement
|
80
|
+
requirements:
|
81
|
+
- - ">="
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '0'
|
84
|
+
- !ruby/object:Gem::Dependency
|
85
|
+
name: robots
|
86
|
+
requirement: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - ">="
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '0'
|
91
|
+
type: :runtime
|
92
|
+
prerelease: false
|
93
|
+
version_requirements: !ruby/object:Gem::Requirement
|
94
|
+
requirements:
|
95
|
+
- - ">="
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: '0'
|
98
|
+
- !ruby/object:Gem::Dependency
|
99
|
+
name: filesize
|
100
|
+
requirement: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - ">="
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '0'
|
105
|
+
type: :runtime
|
106
|
+
prerelease: false
|
107
|
+
version_requirements: !ruby/object:Gem::Requirement
|
108
|
+
requirements:
|
109
|
+
- - ">="
|
110
|
+
- !ruby/object:Gem::Version
|
111
|
+
version: '0'
|
14
112
|
description: Rex provides a variety of classes useful for security testing and exploit
|
15
113
|
development.
|
16
114
|
email:
|
@@ -174,9 +272,11 @@ files:
|
|
174
272
|
- lib/rex/parser/apple_backup_manifestdb.rb
|
175
273
|
- lib/rex/parser/appscan_nokogiri.rb
|
176
274
|
- lib/rex/parser/arguments.rb
|
275
|
+
- lib/rex/parser/burp_issue_nokogiri.rb
|
177
276
|
- lib/rex/parser/burp_session_nokogiri.rb
|
178
277
|
- lib/rex/parser/ci_nokogiri.rb
|
179
278
|
- lib/rex/parser/foundstone_nokogiri.rb
|
279
|
+
- lib/rex/parser/fs/bitlocker.rb
|
180
280
|
- lib/rex/parser/fs/ntfs.rb
|
181
281
|
- lib/rex/parser/fusionvm_nokogiri.rb
|
182
282
|
- lib/rex/parser/group_policy_preferences.rb
|
@@ -394,6 +494,9 @@ files:
|
|
394
494
|
- lib/rex/proto/acpp.rb
|
395
495
|
- lib/rex/proto/acpp/client.rb
|
396
496
|
- lib/rex/proto/acpp/message.rb
|
497
|
+
- lib/rex/proto/adb.rb
|
498
|
+
- lib/rex/proto/adb/client.rb
|
499
|
+
- lib/rex/proto/adb/message.rb
|
397
500
|
- lib/rex/proto/addp.rb
|
398
501
|
- lib/rex/proto/dcerpc.rb
|
399
502
|
- lib/rex/proto/dcerpc/client.rb
|