more cool shit

git-svn-id: file:///home/svn/incoming/trunk@2711 4d416f70-5f16-0410-b530-b9f4589650da

lib/msf/base/simple/buffer.rb

@@ -18,7 +18,7 @@ module Buffer
 	#
 	# Serializes a buffer to a provided format
 	#
-	def self.transform(buf, fmt)
+	def self.transform(buf, fmt = "ruby")
 		case fmt
 			when 'raw'
 			when 'ruby'
@@ -34,6 +34,25 @@ module Buffer
 		return buf
 	end
 
+	#
+	# Creates a comment using the supplied format
+	#
+	def self.comment(buf, fmt = "ruby")
+		case fmt
+			when 'raw'
+			when 'ruby'
+				buf = Rex::Text.to_ruby_comment(buf)
+			when 'perl'
+				buf = Rex::Text.to_perl_comment(buf)
+			when 'c'
+				buf = Rex::Text.to_c_comment(buf)
+			else
+				raise ArgumentError, "Unsupported buffer format: #{fmt}", caller
+		end
+
+		return buf
+	end
+
 end
 
 end

lib/msf/base/simple/payload.rb

@@ -22,8 +22,20 @@ class Payload
 	#   Encoder   => A encoder module instance.
 	#   Badchars  => A string of bad characters.
 	#   Format    => The format to represent the data as: ruby, perl, c, raw
+	#   Options   => A hash of options to set.
+	#   OptionStr => A string of options in VAR=VAL form separated by
+	#                whitespace.
+	#   NoComment => Disables prepention of a comment
 	#
 	def self.generate(payload, opts)
+		# If options were supplied, import them into the payload's
+		# datastore
+		if (opts['Option'])
+			payload.datastore.import_options_from_hash(opts['Options'])
+		elsif (opts['OptionStr'])
+			payload.datastore.import_options_from_s(opts['OptionStr'])
+		end
+
 		# Generate the payload
 		buf = payload.generate
 
@@ -32,8 +44,18 @@ class Payload
 			buf = opts['Encoder'].encode(buf, opts['Badchars'])
 		end
 
+		fmt = opts['Format'] || 'raw'
+
 		# Serialize the generated payload to some sort of format
-		return Buffer.transform(buf, opts['Format'] || 'raw')
+		buf = Buffer.transform(buf, fmt)
+
+		# Prepend a comment
+		if (fmt != 'raw' and opts['NoComment'] != true)
+			buf = Buffer.comment(
+				"#{payload.refname}\n#{payload.datastore.to_s}\n", fmt) + buf
+		end
+
+		return buf
 	end
 
 end

lib/msf/core/data_store.rb

@@ -10,8 +10,10 @@ module Msf
 ###
 class DataStore < Hash
 
+	#
 	# This method is a helper method that imports the default value for
 	# all of the supplied options
+	#
 	def import_options(options)
 		options.each_option { |name, opt|
 			if (opt.default)
@@ -19,6 +21,60 @@ class DataStore < Hash
 			end
 		}
 	end
+
+	#
+	# Imports option values from a whitespace separated string in
+	# VAR=VAL format.
+	#
+	def import_options_from_s(option_str)
+		hash = {}
+	
+		# Figure out the deliminter, default to space.
+		delim = /\s/
+
+		if (option_str.index(','))
+			delim = ','
+		end
+		
+		# Split on the deliminter
+		option_str.split(delim).each { |opt|
+			var, val = opt.split('=')
+
+			# Invalid parse?  Raise an exception and let those bastards know.
+			if (var == nil or val == nil)
+				var = "unknown" if (!var)
+
+				raise ArgumentParseError, "Invalid option specified: #{var}", caller
+			end
+
+			# Store the value
+			hash[var] = val
+		}
+
+		import_options_from_hash(hash)
+	end
+
+	#
+	# Imports options from a hash
+	#
+	def import_options_from_hash(option_hash)
+		option_hash.each_pair { |key, val|
+			self.store(key, val)
+		}
+	end
+
+	#
+	# Serializes the options in the datastore to a string
+	#
+	def to_s(delim = ' ')
+		str = ''
+
+		keys.sort.each { |key|
+			str += "#{key}=#{self[key]}" + ((str.length) ? delim : '')
+		}
+
+		return str
+	end
 end
 
 end

lib/msf/core/module.rb

@@ -15,6 +15,14 @@ module Msf
 ###
 class Module
 
+	class <<self
+		# 
+		# The module's name that is assigned it it by the framework
+		# or derived from the path that the module is loaded from.
+		#
+		attr_accessor :refname
+	end
+
 	require 'msf/core/module/author'
 	require 'msf/core/module/platform_list'
 	require 'msf/core/module/reference'
@@ -45,6 +53,16 @@ class Module
 		self.privileged = module_info['Privileged'] || false
 	end
 	
+	#
+	# Return's the module's framework reference name.  This is the
+	# short name that end-users work with.  Ex: 
+	#
+	# win32/shell/reverse_tcp
+	#
+	def refname
+		return self.class.refname
+	end
+
 	#
 	# Return the module's name
 	#

lib/msf/core/module_manager.rb

@@ -64,6 +64,10 @@ protected
 
 	# Adds a module with a the supplied name
 	def add_module(module_class, name)
+		# Set the module's name so that it can be referenced when
+		# instances are created.
+		module_class.refname = name
+
 		self[name] = module_class
 	end
 

lib/msf/core/payload.rb

@@ -105,11 +105,13 @@ class Payload < Msf::Module
 			# Now it's our turn...
 			if ((val = datastore[name]))
 				if (pack == 'ADDR')
-					val = Socket.resolv_nbo(host)
+					val = Rex::Socket.resolv_nbo(val)
 				elsif (pack == 'RAW')
 					# Just use the raw value...
 				else
-					val = [ val ].pack(pack)	
+					# NOTE:
+					# Packing assumes integer format at this point, should fix...
+					val = [ val.to_i ].pack(pack)	
 				end
 
 				# Substitute it

lib/msf/core/payload_set.rb

@@ -49,6 +49,9 @@ class PayloadSet < ModuleSet
 			# and module
 			p = build_payload(handler, mod)
 
+			# Sets the modules derived name
+			p.refname = name
+
 			# Associate this class with the single payload's name
 			self[name] = p
 
@@ -95,6 +98,9 @@ class PayloadSet < ModuleSet
 				# Associate the name as a combination of the stager and stage
 				combined = stage_name + '/' + stager_conn
 
+				# Sets the modules derived name
+				p.refname = combined
+
 				self[combined] = p
 			
 				manager.add_module(p, combined)

lib/msf/ui/console/command_dispatcher/payload.rb

@@ -11,6 +11,7 @@ class Payload
 		"-b" => [ true,  "The list of characters to avoid '\\x00\\xff'"         ],
 		"-t" => [ true,  "The output type: ruby, perl, c, or raw."              ],
 		"-e" => [ true,  "The name of the encoder module to use."               ],
+		"-o" => [ true,  "A space separated list of options in VAR=VAL format." ],
 		"-h" => [ false, "Help banner."                                         ])
 
 	include Msf::Ui::Console::ModuleCommandDispatcher
@@ -28,6 +29,7 @@ class Payload
 
 		# Parse the arguments
 		encoder_name = nil
+		option_str   = nil
 		badchars     = nil
 		encoder      = nil
 		type         = "ruby"
@@ -40,8 +42,13 @@ class Payload
 					type = val
 				when '-e'
 					encoder_name = val
+				when '-o'
+					option_str = val
 				when '-h'
-					print(@@generate_opts.usage)
+					print(
+						"Usage: generate [options]\n\n" +
+						"Generates a payload.\n" +
+						@@generate_opts.usage)
 					return true
 			end
 		}
@@ -59,7 +66,8 @@ class Payload
 				mod, 
 				'Badchars'  => badchars,
 				'Encoder'   => encoder,
-				'Format'   => type)
+				'Format'    => type,
+				'OptionStr' => option_str)
 		rescue
 			print_error("Payload generation failed: #{$!}.")
 			return false

lib/msf/ui/console/driver.rb

@@ -49,13 +49,13 @@ class Driver < Msf::Ui::Driver
 
 			dispatcher_stack.each { |dispatcher|
 				begin
-					eval("
 					if (dispatcher.respond_to?('cmd_' + method))
+						eval("
 							dispatcher.#{'cmd_' + method}(arguments)
-							found = true
+							found = true")
-						end")
+					end
 				rescue
-					output.print_error("Error while running command #{method}: #{$!}.")
+					output.print_error("Error while running command #{method}: #{$!}\n#{$@}\n.")
 				end
 
 				# If the dispatcher stack changed as a result of this command,

lib/rex/text.rb

@@ -11,27 +11,50 @@ module Rex
 ###
 module Text
 
+	DefaultWrap = 60
+
 	#
 	# Converts a raw string into a ruby buffer
 	#
-	def self.to_ruby(str, wrap = 60)
+	def self.to_ruby(str, wrap = DefaultWrap)
 		return hexify(str, wrap, '"', '" +', '', '"')
 	end
 
+	#
+	# Creates a ruby-style comment
+	#
+	def self.to_ruby_comment(str, wrap = DefaultWrap)
+		return wordwrap(str, 0, wrap, '', '# ')
+	end
+
 	#
 	# Converts a raw string into a C buffer
 	#
-	def self.to_c(str, wrap = 60, name = "buf")
+	def self.to_c(str, wrap = DefaultWrap, name = "buf")
-		return hexify(str, wrap, '    "', '"', "unsigned char #{name}[] = \n", '";')
+		return hexify(str, wrap, '"', '"', "unsigned char #{name}[] = \n", '";')
+	end
+
+	#
+	# Creates a c-style comment
+	#
+	def self.to_c_comment(str, wrap = DefaultWrap)
+		return "/*\n" + wordwrap(str, 0, wrap, '', ' * ') + " */\n"
 	end
 
 	#
 	# Converts a raw string into a perl buffer
 	#
-	def self.to_perl(str, wrap = 60)
+	def self.to_perl(str, wrap = DefaultWrap)
 		return hexify(str, wrap, '"', '" .', '', '";')
 	end
 
+	#
+	# Creates a perl-style comment
+	#
+	def self.to_perl_comment(str, wrap = DefaultWrap)
+		return wordwrap(str, 0, wrap, '', '# ')
+	end
+
 	#
 	# Returns the raw string
 	#
@@ -49,7 +72,7 @@ module Text
 	#
 	# Wraps text at a given column using a supplied indention
 	#
-	def self.wordwrap(str, indent = 0, col = 60, append = '', prepend = '')
+	def self.wordwrap(str, indent = 0, col = DefaultWrap, append = '', prepend = '')
 		return str.gsub(/.{1,#{col - indent}}(?:\s|\Z)/){
 			( (" " * indent) + prepend + $& + append + 5.chr).gsub(/\n\005/,"\n").gsub(/\005/,"\n")}
 	end
@@ -57,7 +80,7 @@ module Text
 	#
 	# Converts a string to a hex version with wrapping support
 	#
-	def self.hexify(str, col = 60, line_start = '', line_end = '', buf_start = '', buf_end = '')
+	def self.hexify(str, col = DefaultWrap, line_start = '', line_end = '', buf_start = '', buf_end = '')
 		output   = buf_start
 		cur      = 0
 		count    = 0