infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Tabs vs Spaces 

git-svn-id: file:///home/svn/incoming/trunk@3453 4d416f70-5f16-0410-b530-b9f4589650da
unstable
HD Moore 2006-01-27 05:33:08 +00:00
parent e9b4b96f0d
commit b4ad4a5d75
30 changed files with 310 additions and 310 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
lib/msf/core/exploit/dcerpc.rb
View File

@ -50,15 +50,15 @@ module Exploit::Remote::DCERPC
if datastore['DCERPCFakeMultiBind']
opts['fake_multi_bind'] = 1
end
end
if datastore['SMBUSER']
opts['smb_user'] = datastore['SMBUSER']
end
if datastore['SMBPASS']
opts['smb_pass'] = datastore['SMBPASS']
end
if datastore['SMBUSER']
opts['smb_user'] = datastore['SMBUSER']
end
if datastore['SMBPASS']
opts['smb_pass'] = datastore['SMBPASS']
end
self.dcerpc = Rex::Proto::DCERPC::Client.new(h, dcerpc_socket(), opts)

54
lib/msf/core/exploit/http.rb
View File

@ -163,14 +163,14 @@ protected
[
OptString.new('URIPATH', [ false, "The URI to use for this exploit (default is random)"]),
], Exploit::Remote::HttpServer
)
)
register_evasion_options(
[
OptBool.new('HTTP::gzip', [false, 'Enable compression of HTTP responses via "Content-Encoding: gzip"', 'false']),
OptBool.new('HTTP::chunked', [false, 'Enable chunking of HTTP responses via "Transfer-Encoding: chunked"', 'false']),
], Exploit::Remote::HttpServer
)
register_evasion_options(
[
OptBool.new('HTTP::gzip', [false, 'Enable compression of HTTP responses via "Content-Encoding: gzip"', 'false']),
OptBool.new('HTTP::chunked', [false, 'Enable chunking of HTTP responses via "Transfer-Encoding: chunked"', 'false']),
], Exploit::Remote::HttpServer
)
end
@ -181,7 +181,7 @@ protected
#
def use_gzip
if (!Rex::Text.gzip_present? and datastore['HTTP::gzip'] == true)
raise RuntimeError, "GZIP support was not detected, yet the HTTP::gzip option was set. WTF?"
raise RuntimeError, "GZIP support was not detected, yet the HTTP::gzip option was set. WTF?"
end
end
@ -220,7 +220,7 @@ protected
}
)
self.service.server_name = 'Apache'
self.service.server_name = 'Apache'
# Default the procedure of the URI to on_request_uri if one isn't
# provided.
@ -278,31 +278,31 @@ protected
end
#
# Transmits a response to the supplied client, default content-type is text/html
#
# Payload evasions are implemented here!
#
def send_response(cli, body, headers = {})
response = create_response
#
# Transmits a response to the supplied client, default content-type is text/html
#
# Payload evasions are implemented here!
#
def send_response(cli, body, headers = {})
response = create_response
response['Content-Type'] = 'text/html'
response.body = body
if (datastore['HTTP::gzip'] == true)
response.body = body
if (datastore['HTTP::gzip'] == true)
self.use_gzip # make sure...
response.body = Rex::Text.gzip(response.body)
response['Content-Encoding'] = 'gzip'
end
response.body = Rex::Text.gzip(response.body)
response['Content-Encoding'] = 'gzip'
end
if (datastore['HTTP::chunked'] == true)
response.auto_cl = false
response.transfer_chunked = true
end
if (datastore['HTTP::chunked'] == true)
response.auto_cl = false
response.transfer_chunked = true
end
headers.each_pair { |k,v| response[k] = v }
cli.send_response(response)
end
end
#
# Sends a 302 redirect to the client

30
lib/msf/core/exploit/smb.rb
View File

@ -23,7 +23,7 @@ module Exploit::Remote::SMB
DCERPCClient = Rex::Proto::DCERPC::Client
DCERPCResponse = Rex::Proto::DCERPC::Response
DCERPCUUID = Rex::Proto::DCERPC::UUID
NDR = Rex::Proto::DCERPC::NDR
NDR = Rex::Proto::DCERPC::NDR
def initialize(info = {})
super
@ -50,25 +50,25 @@ module Exploit::Remote::SMB
], Msf::Exploit::Remote::SMB)
end
def connect()
def connect()
disconnect()
super
self.simple = SIMPLE.new(self.sock, datastore['SMBDirect'])
# setup pipe evasion foo
if datastore['SMBPipeEvasion']
# XXX - insert code to change the instance of the read/write functions to do segmentation
end
# setup pipe evasion foo
if datastore['SMBPipeEvasion']
# XXX - insert code to change the instance of the read/write functions to do segmentation
end
# setup smb evasion foo XXX - should be broken out to seperate bits instead of by level
if (datastore['SMBEvasion'])
# setup smb evasion foo XXX - should be broken out to seperate bits instead of by level
if (datastore['SMBEvasion'])
self.simple.client.evasion_level = datastore['SMBEvasion'].to_i
print_status("Using SMB evasion level #{self.simple.client.evasion_level}")
end
end
end
# Convert a standard ASCII string to 16-bit Unicode
def unicode (str)
@ -102,10 +102,10 @@ module Exploit::Remote::SMB
self.simple.create_pipe(pipe)
end
def smb_dcerpc_bind (pipe, handle)
self.dcerpc_socket = pipe
self.dcerpc_bind(handle)
end
def smb_dcerpc_bind (pipe, handle)
self.dcerpc_socket = pipe
self.dcerpc_bind(handle)
end
# This method calls a DCERPC procedure over a SMB pipe

4
lib/msf/core/exploit/tcp.rb
View File

@ -20,7 +20,7 @@ module Exploit::Remote::Tcp
Opt::RHOST,
Opt::RPORT,
Opt::SSL,
Opt::Proxies
Opt::Proxies
], Msf::Exploit::Remote::Tcp)
end
@ -34,7 +34,7 @@ module Exploit::Remote::Tcp
'LocalHost' => datastore['CHOST'] || "0.0.0.0",
'LocalPort' => datastore['CPORT'] ? datastore['CPORT'].to_i : 0,
'SSL' => datastore['SSL'],
'Proxies' => datastore['Proxies'],
'Proxies' => datastore['Proxies'],
'Context' =>
{
'Msf' => framework,

2
lib/msf/core/handler/bind_tcp.rb
View File

@ -83,7 +83,7 @@ module BindTcp
client = Rex::Socket::Tcp.create(
'PeerHost' => datastore['RHOST'],
'PeerPort' => datastore['LPORT'].to_i,
'Proxies' => datastore['Proxies'],
'Proxies' => datastore['Proxies'],
'Comm' => comm,
'Context' =>
{

6
lib/msf/core/handler/reverse_tcp.rb
View File

@ -53,9 +53,9 @@ module ReverseTcp
# if it fails to start the listener.
#
def setup_handler
if datastore['Proxies']
raise 'tcp connectback can not be used with proxies'
end
if datastore['Proxies']
raise 'tcp connectback can not be used with proxies'
end
self.listener_sock = Rex::Socket::TcpServer.create(
'LocalHost' => datastore['LHOST'],

6
lib/msf/core/handler/reverse_tcp_double.rb
View File

@ -53,9 +53,9 @@ module ReverseTcpDouble
# if it fails to start the listener.
#
def setup_handler
if datastore['Proxies']
raise 'tcp connectback can not be used with proxies'
end
if datastore['Proxies']
raise 'tcp connectback can not be used with proxies'
end
self.listener_sock = Rex::Socket::TcpServer.create(
'LocalHost' => datastore['LHOST'],

2
lib/msf/core/option_container.rb
View File

@ -575,7 +575,7 @@ module Opt
'LPORT' => [ OptPort, 'nil', true, '"The local port"' ],
'CPORT' => [ OptPort, 'nil', false, '"The local client port"' ],
'SSL' => [ OptBool, 'false', false, '"Use SSL"' ],
'Proxies' => [ OptString, 'nil', 'false', '"proxy chain"'],
'Proxies' => [ OptString, 'nil', 'false', '"proxy chain"'],
}
#

2
lib/rex/arch/x86.rb
View File

@ -188,7 +188,7 @@ module X86
# on the value supplied, different sets of instructions may be used.
#
# TODO: Make this moderatly intelligent so it chain instructions by itself
# (ie. xor eax, eax + mov al, 4 + xchg ah, al)
# (ie. xor eax, eax + mov al, 4 + xchg ah, al)
def self.set(dst, val, badchars = '')
_check_reg(dst)

24
lib/rex/encoder/alpha2/alpha_upper.rb
View File

@ -8,23 +8,23 @@ module Alpha2
class AlphaUpper < Generic
@@accepted_chars = ('B' .. 'Z').to_a + ('0' .. '9').to_a
def self.gen_decoder_prefix(reg, offset)
if (offset > 20)
raise "Critical: Offset is greater than 10"
end
# use inc ebx as a nop here so we still pad correctly
if (offset <= 10)
nop = 'C' * offset
mod = 'I' * (10 - offset) + nop + '7QZ' # dec ecx,,, push ecx, pop edx
edxmod = 'J' * (11 - offset)
else
mod = 'A' * (offset - 10)
nop = 'C' * (10 - mod.length)
mod += nop + '7QZ'
edxmod = 'B' * (11 - (offset - 10))
end
if (offset <= 10)
nop = 'C' * offset
mod = 'I' * (10 - offset) + nop + '7QZ' # dec ecx,,, push ecx, pop edx
edxmod = 'J' * (11 - offset)
else
mod = 'A' * (offset - 10)
nop = 'C' * (10 - mod.length)
mod += nop + '7QZ'
edxmod = 'B' * (11 - (offset - 10))
end
regprefix = {
'EAX' => 'PY' + dec, # push eax, pop ecx
'ECX' => 'I' + dec, # dec ecx
@ -38,7 +38,7 @@ class AlphaUpper < Generic
return regprefix[reg]
end
end
def self.gen_decoder(reg, offset)
decoder =

2
lib/rex/encoder/alpha2/generic.rb
View File

@ -8,7 +8,7 @@ module Alpha2
class Generic
@@accepted_chars = ('a' .. 'z').to_a + ('B' .. 'Z').to_a + ('0' .. '9').to_a
def Generic.gen_decoder_prefix(reg, offset)
# Should never happen - have to pick a specifc
# encoding:

18
lib/rex/encoder/alpha2/unicode_mixed.rb
View File

@ -18,21 +18,21 @@ class UnicodeMixed < Generic
# unicode uses additive encoding
(block - base)
end
def self.gen_decoder_prefix(reg, offset)
if (offset > 28)
raise "Critical: Offset is greater than 28"
end
# offset untested for unicode :(
if (offset <= 14)
nop = 'CP' * offset
mod = 'IA' * (14 - offset) + nop # dec ecx,,, push ecx, pop edx
else
mod = 'AA' * (offset - 14) # inc ecx
nop = 'CP' * (14 - mod.length)
mod += nop
end
if (offset <= 14)
nop = 'CP' * offset
mod = 'IA' * (14 - offset) + nop # dec ecx,,, push ecx, pop edx
else
mod = 'AA' * (offset - 14) # inc ecx
nop = 'CP' * (14 - mod.length)
mod += nop
end
regprefix = { # nops ignored below
'EAX' => 'PPYA' + dec, # push eax, pop ecx
'ECX' => dec + "4444", # dec ecx

16
lib/rex/encoder/alpha2/unicode_upper.rb
View File

@ -26,14 +26,14 @@ class UnicodeUpper < Generic
end
# offset untested for unicode :(
if (offset <= 4)
nop = 'CP' * offset
mod = 'IA' * (4 - offset) + nop # dec ecx,,, push ecx, pop edx
else
mod = 'AA' * (offset - 4) # inc ecx
nop = 'CP' * (4 - mod.length)
mod += nop
end
if (offset <= 4)
nop = 'CP' * offset
mod = 'IA' * (4 - offset) + nop # dec ecx,,, push ecx, pop edx
else
mod = 'AA' * (offset - 4) # inc ecx
nop = 'CP' * (4 - mod.length)
mod += nop
end
regprefix = { # nops ignored below
'EAX' => 'PPYA' + dec, # push eax, pop ecx

2
lib/rex/encoding/xor/dword_additive.rb
View File

@ -40,7 +40,7 @@ class DwordAdditive < Generic
(1 << (len << 3)) - 1
)
end
return key
end

12
lib/rex/exceptions.rb
View File

@ -54,16 +54,16 @@ end
class ArgumentError < ::ArgumentError
include Exception
def initialize(message = nil)
def initialize(message = nil)
@message = message
end
def to_s
str = 'An invalid argument was specified.'
if @message
str += " #{@message}"
end
str
str = 'An invalid argument was specified.'
if @message
str += " #{@message}"
end
str
end
end

2
lib/rex/proto/http/client.rb
View File

@ -258,7 +258,7 @@ class Client
protected
# https
# https
attr_accessor :ssl
attr_accessor :hostname, :port # :nodoc:

2
lib/rex/proto/http/client.rb.ut.rb
View File

@ -86,6 +86,6 @@ class Rex::Proto::Http::Client::UnitTest < Test::Unit::TestCase
assert_equal('OK', resp.message)
assert_equal('1.1', resp.proto)
c.close
end
end
end

56
lib/rex/proto/http/packet.rb
View File

@ -120,43 +120,43 @@ class Packet
return comp
end
#
# Build a 'Transfer-Encoding: chunked' payload with random chunk sizes
#
def chunk(str, min_size = 1, max_size = 1000)
chunked = ''
#
# Build a 'Transfer-Encoding: chunked' payload with random chunk sizes
#
def chunk(str, min_size = 1, max_size = 1000)
chunked = ''
# min chunk size is 1 byte
if (min_size < 1); min_size = 1; end
# min chunk size is 1 byte
if (min_size < 1); min_size = 1; end
# don't be dumb
if (max_size < min_size); max_size = min_size; end
# don't be dumb
if (max_size < min_size); max_size = min_size; end
while (str.size > 0)
chunk = str.slice!(0, rand(max_size - min_size) + min_size)
chunked += sprintf("%x", chunk.size) + "\r\n" + chunk + "\r\n"
end
chunked += "0\r\n\r\n"
end
while (str.size > 0)
chunk = str.slice!(0, rand(max_size - min_size) + min_size)
chunked += sprintf("%x", chunk.size) + "\r\n" + chunk + "\r\n"
end
chunked += "0\r\n\r\n"
end
#
# Converts the packet to a string.
#
def to_s
content = self.body.dup
content = self.body.dup
# Update the content length field in the header with the body length.
if (content)
if (self.auto_cl == true && self.transfer_chunked == true)
raise RuntimeError, "'Content-Length' and 'Transfer-Encoding: chunked' are incompatable"
elsif self.auto_cl == true
if (self.auto_cl == true && self.transfer_chunked == true)
raise RuntimeError, "'Content-Length' and 'Transfer-Encoding: chunked' are incompatable"
elsif self.auto_cl == true
self.headers['Content-Length'] = content.length
elsif self.transfer_chunked == true
if self.proto != '1.1'
raise RuntimeError, 'Chunked encoding is only available via 1.1'
end
self.headers['Transfer-Encoding'] = 'chunked'
content = self.chunk(content, self.chunk_min_size, self.chunk_max_size)
end
elsif self.transfer_chunked == true
if self.proto != '1.1'
raise RuntimeError, 'Chunked encoding is only available via 1.1'
end
self.headers['Transfer-Encoding'] = 'chunked'
content = self.chunk(content, self.chunk_min_size, self.chunk_max_size)
end
end
str = self.headers.to_s(cmd_string)
@ -195,8 +195,8 @@ class Packet
attr_accessor :transfer_chunked
attr_reader :incomplete
attr_accessor :chunk_min_size
attr_accessor :chunk_max_size
attr_accessor :chunk_min_size
attr_accessor :chunk_max_size
protected

6
lib/rex/proto/http/packet.rb.ut.rb
View File

@ -20,9 +20,9 @@ class Rex::Proto::Http::Packet::UnitTest < Test::Unit::TestCase
"\r\n" +
"Super body"
h.auto_cl = false
h.parse(req1)
assert_equal(Klass::ParseCode::Completed, h.parse(req1))
h.auto_cl = false
h.parse(req1)
assert_equal(Klass::ParseCode::Completed, h.parse(req1))
assert_equal(true, h.completed?)
assert_equal("Bird", h.headers['Foo'])
assert_equal("text/html", h.headers['Accept'])

34
lib/rex/proto/http/request.rb
View File

@ -97,15 +97,15 @@ class Request < Packet
# Puts a URI back together based on the URI parts
def uri
uri = self.uri_parts['Resource'] || '/'
# /././././
if self.junk_self_referring_directories
# /././././
if self.junk_self_referring_directories
uri.gsub!(/\//) {
'/.' * (rand(3) + 1) + '/'
}
end
end
# /RAND/../RAND../
# /RAND/../RAND../
if self.junk_directories
uri.gsub!(/\//) {
dirs = ''
@ -116,14 +116,14 @@ class Request < Packet
}
end
# ////
#
# ////
#
# NOTE: this must be done after junk directories, since junk_directories would cancel this out
if self.junk_slashes
uri.gsub!(/\//) {
'/' * (rand(3) + 1)
}
uri.gsub!(/^[\/]+/, '/') # only one beginning slash!
uri.gsub!(/^[\/]+/, '/') # only one beginning slash!
end
if self.method != 'POST'
@ -161,9 +161,9 @@ class Request < Packet
self.raw_uri = uri
update_uri_parts
end
# Returns a URI escaped version of the provided string, by providing an additional argument, all characters are escaped
def escape(str, all = nil)
# Returns a URI escaped version of the provided string, by providing an additional argument, all characters are escaped
def escape(str, all = nil)
if all
return str.gsub(/./) { |s| Rex::Text.to_hex(s, '%') }
else
@ -234,13 +234,13 @@ class Request < Packet
#
attr_accessor :relative_resource
# add junk directories
attr_accessor :junk_directories
# add junk directories
attr_accessor :junk_directories
# add junk slashes
attr_accessor :junk_slashes
# add junk self referring directories (aka /././././
attr_accessor :junk_slashes
# add junk self referring directories (aka /././././
attr_accessor :junk_self_referring_directories
# add junk params

32
lib/rex/proto/http/request.rb.ut.rb
View File

@ -43,14 +43,14 @@ class Rex::Proto::Http::Request::UnitTest < Test::Unit::TestCase
h.method = 'GET'
assert_equal("GET /foo HTTP/1.0\r\n", h.cmd_string, 'set method')
h.uri = '/bar'
h.uri = '/bar'
assert_equal("GET /bar HTTP/1.0\r\n", h.cmd_string, 'set uri')
h.proto = '1.2'
h.proto = '1.2'
assert_equal("GET /bar HTTP/1.2\r\n", h.cmd_string, 'set proto')
end
def test_params
def test_params
h = Klass.new
h.from_s("GET /foo?a=1&b=2 HTTP/1.0\r\n" +
"Foo: Bar\r\n\r\n")
@ -62,24 +62,24 @@ class Rex::Proto::Http::Request::UnitTest < Test::Unit::TestCase
h.uri_parts['QueryString']['c'] = '3'
assert_equal('/foo?a=1&b=2&c=3', h.uri, 'uri with additional params')
h.uri_parts['QueryString']['d'] = '='
h.uri_parts['QueryString']['d'] = '='
assert_equal('/foo?a=1&b=2&c=3&d=%3d', h.uri, 'uri with additional params that require escaping')
srand(0)
h.junk_directories = 1
srand(0)
h.junk_directories = 1
assert_equal('/D/../DnJT/../kXG/../Y/../BmnXu/../foo?a=1&b=2&c=3&d=%3d', h.uri, 'uri with junk directories')
h.junk_slashes = 1
h.junk_slashes = 1
assert_equal('/lZ//..//J//../zQzFP///..///S/..//Yxzd//../D/OngB/..///gf//..///XjL//..///ciA/..///k/..//..//RPEpq//../fBB/../jm/../uSbA/..//MqUL/..///DnJT///vDMko//..//jXPNV//..///x//..//jA/..//x///..//..//iwdDi/../Nwn//..//AK///..//rXC///..///ij//..///kXG///SujU/..//yb//..//Bk///..//Wro//..//CzQg///../..//uqzo/..//C//..///eirN/..///o/..///T/..///Y/CDs/../E/..//tLWN///../tL/..//Q///..//../QT/../og/../GVfNH//../Y///..///So///../BmnXu/Bf///../YYDSv///..///qMmj/..//gLoU//..//rlc/../..//bTZ/../uUdD//..///nJJp///../uays///..//fJKb//..///foo?a=1&b=2&c=3&d=%3d', h.uri, 'uri with junk directories')
h = Klass.new
h.from_s("GET /foo?a=1&b=2 HTTP/1.0\r\n" + "Foo: Bar\r\n\r\n")
h.junk_params = 1
assert_equal("/foo?zerStXB=qweQajx&JsNGmnINHQWPZIj=RHUZCQy&XYEksxXeZUhlXbdhzz=HpxJATk&UwDqBU=EQwvK&oebrfUGJbvjTMSxKih=MkBx&a=1&YkjFGDiohcEa=t&JFhHeIUH=VbsD&UHTfAFbreJT=VlcIruAo&mZKziXgT=z&hsytpEdbRjC=tPkpE&b=2&NetXijJaaWMPiazmuQvoAKL=HeGtePpmrSHcBpCycO&bkfdyudyhM=pQCIzKwabBAFYiPDulrTYGUGczGCccmlFtJkN&fRjtzIZVtlWQZulBFGMaKOIHtF=qDKybZDOSFERFeYDFokxYhShOxHruwhRdMugizXZuyrpuAMJSEHD&MltwtSzxHaxudDKUqBUQq=caXwCmJCspZkaEpKMohlnghajZyYSUecISZYnqcYSDsTtAKDGbjGTiy&mUrAktpChMPhXMFmBKGGmmL=VyyzCMdJzIFrBrPMvMVSZNecspVGkwoaeFPllxfgwQgKMdAdanWTFkT" ,h.uri, 'junk params')
h = Klass.new
h.from_s("GET /foo?a=1&b=2 HTTP/1.0\r\n" + "Foo: Bar\r\n\r\n")
h.junk_self_referring_directories = 1
assert_equal("/./foo?a=1&b=2", h.uri, 'junk self referring directories')
end
h.junk_params = 1
assert_equal("/foo?zerStXB=qweQajx&JsNGmnINHQWPZIj=RHUZCQy&XYEksxXeZUhlXbdhzz=HpxJATk&UwDqBU=EQwvK&oebrfUGJbvjTMSxKih=MkBx&a=1&YkjFGDiohcEa=t&JFhHeIUH=VbsD&UHTfAFbreJT=VlcIruAo&mZKziXgT=z&hsytpEdbRjC=tPkpE&b=2&NetXijJaaWMPiazmuQvoAKL=HeGtePpmrSHcBpCycO&bkfdyudyhM=pQCIzKwabBAFYiPDulrTYGUGczGCccmlFtJkN&fRjtzIZVtlWQZulBFGMaKOIHtF=qDKybZDOSFERFeYDFokxYhShOxHruwhRdMugizXZuyrpuAMJSEHD&MltwtSzxHaxudDKUqBUQq=caXwCmJCspZkaEpKMohlnghajZyYSUecISZYnqcYSDsTtAKDGbjGTiy&mUrAktpChMPhXMFmBKGGmmL=VyyzCMdJzIFrBrPMvMVSZNecspVGkwoaeFPllxfgwQgKMdAdanWTFkT" ,h.uri, 'junk params')
h = Klass.new
h.from_s("GET /foo?a=1&b=2 HTTP/1.0\r\n" + "Foo: Bar\r\n\r\n")
h.junk_self_referring_directories = 1
assert_equal("/./foo?a=1&b=2", h.uri, 'junk self referring directories')
end
end

74
lib/rex/proto/http/response.rb.ut.rb
View File

@ -22,8 +22,8 @@ class Rex::Proto::Http::Response::UnitTest < Test::Unit::TestCase
"Content-Length: 0\r\n" +
"Chicken: 47\r\n\r\n", h.to_s, 'to_s w/o body')
h.body = 'hi mom'
assert_equal(
h.body = 'hi mom'
assert_equal(
"HTTP/1.1 200 OK\r\n" +
"Foo: Fishing\r\n" +
"Content-Length: 6\r\n" +
@ -31,12 +31,12 @@ class Rex::Proto::Http::Response::UnitTest < Test::Unit::TestCase
end
def test_chunked
def test_chunked
h = Klass.new
h.headers['Foo'] = 'Fishing'
h.headers['Chicken'] = 47
h.auto_cl = false
h.auto_cl = false
h.transfer_chunked = true
@ -45,49 +45,49 @@ class Rex::Proto::Http::Response::UnitTest < Test::Unit::TestCase
"Transfer-Encoding: chunked\r\n" +
"Foo: Fishing\r\n" +
"Chicken: 47\r\n\r\n0\r\n\r\n", h.to_s, 'chunked w/o body'
)
srand(0)
h.body = Rex::Text.rand_text_alphanumeric(100)
assert_equal(
"HTTP/1.1 200 OK\r\n" +
"Transfer-Encoding: chunked\r\n" +
"Foo: Fishing\r\n" +
"Chicken: 47\r\n\r\n" +
"5\r\nsv1AD\r\n7\r\n7DnJTVy\r\n5\r\nkXGYY\r\n5\r\nM6Bmn\r\n4\r\nXuYR\r\n5\r\nlZNIJ\r\n5\r\nUzQzF\r\n9\r\nPvASjYxzd\r\n5\r\nTTOng\r\n4\r\nBJ5g\r\n8\r\nfK0XjLy3\r\n6\r\nciAAk1\r\n6\r\nFmo0RP\r\n1\r\nE\r\n2\r\npq\r\n6\r\n6f4BBn\r\n4\r\np5jm\r\n1\r\n3\r\n6\r\nLuSbAO\r\n1\r\nj\r\n2\r\n1M\r\n3\r\n5qU\r\n0\r\n\r\n",
h.to_s, 'random chunk sizes'
)
h.chunk_max_size = 1
h.body = 'hi mom'
assert_equal(
)
srand(0)
h.body = Rex::Text.rand_text_alphanumeric(100)
assert_equal(
"HTTP/1.1 200 OK\r\n" +
"Transfer-Encoding: chunked\r\n" +
"Foo: Fishing\r\n" +
"Chicken: 47\r\n\r\n" +
"1\r\nh\r\n1\r\ni\r\n1\r\n \r\n1\r\nm\r\n1\r\no\r\n1\r\nm\r\n0\r\n\r\n",
h.to_s, '1 byte chunks'
)
h.chunk_min_size = 2
assert_equal(
"5\r\nsv1AD\r\n7\r\n7DnJTVy\r\n5\r\nkXGYY\r\n5\r\nM6Bmn\r\n4\r\nXuYR\r\n5\r\nlZNIJ\r\n5\r\nUzQzF\r\n9\r\nPvASjYxzd\r\n5\r\nTTOng\r\n4\r\nBJ5g\r\n8\r\nfK0XjLy3\r\n6\r\nciAAk1\r\n6\r\nFmo0RP\r\n1\r\nE\r\n2\r\npq\r\n6\r\n6f4BBn\r\n4\r\np5jm\r\n1\r\n3\r\n6\r\nLuSbAO\r\n1\r\nj\r\n2\r\n1M\r\n3\r\n5qU\r\n0\r\n\r\n",
h.to_s, 'random chunk sizes'
)
h.chunk_max_size = 1
h.body = 'hi mom'
assert_equal(
"HTTP/1.1 200 OK\r\n" +
"Transfer-Encoding: chunked\r\n" +
"Foo: Fishing\r\n" +
"Chicken: 47\r\n\r\n" +
"2\r\nhi\r\n2\r\n m\r\n2\r\nom\r\n0\r\n\r\n",
h.to_s, '2 byte chunks'
)
"1\r\nh\r\n1\r\ni\r\n1\r\n \r\n1\r\nm\r\n1\r\no\r\n1\r\nm\r\n0\r\n\r\n",
h.to_s, '1 byte chunks'
)
h.chunk_min_size = 2
assert_equal(
"HTTP/1.1 200 OK\r\n" +
"Transfer-Encoding: chunked\r\n" +
"Foo: Fishing\r\n" +
"Chicken: 47\r\n\r\n" +
"2\r\nhi\r\n2\r\n m\r\n2\r\nom\r\n0\r\n\r\n",
h.to_s, '2 byte chunks'
)
h = Klass.new(200, 'OK', '1.0')
h.body = 'hi mom'
h.auto_cl = false
h.transfer_chunked = true
assert_raise(Rex::RuntimeError, 'chunked encoding via 1.0') {
h.to_s
}
h = Klass.new(200, 'OK', '1.0')
h.body = 'hi mom'
h.auto_cl = false
h.transfer_chunked = true
assert_raise(Rex::RuntimeError, 'chunked encoding via 1.0') {
h.to_s
}
end
end
def test_from_s
h = Klass.new

86
lib/rex/socket/comm/local.rb
View File

@ -66,20 +66,20 @@ class Rex::Socket::Comm::Local
sock.initsock(param)
# Otherwise, if we're creating a client...
else
chain = []
chain = []
# If we were supplied with host information
if (param.peerhost)
begin
if param.proxies
chain = param.proxies.dup
chain.push(['host',param.peerhost,param.peerport])
ip = chain[0][1]
port = chain[0][2].to_i
sock.connect(Rex::Socket.to_sockaddr(ip, port))
else
if param.proxies
chain = param.proxies.dup
chain.push(['host',param.peerhost,param.peerport])
ip = chain[0][1]
port = chain[0][2].to_i
sock.connect(Rex::Socket.to_sockaddr(ip, port))
else
sock.connect(Rex::Socket.to_sockaddr(param.peerhost, param.peerport))
end
end
rescue Errno::ECONNREFUSED
sock.close
raise Rex::ConnectionRefused.new(param.peerhost, param.peerport), caller
@ -105,15 +105,15 @@ class Rex::Socket::Comm::Local
end
end
if chain.size > 1
chain.each_with_index {
|proxy, i|
next_hop = chain[i + 1]
if next_hop
proxy(sock, proxy[0], next_hop[1], next_hop[2])
end
}
end
if chain.size > 1
chain.each_with_index {
|proxy, i|
next_hop = chain[i + 1]
if next_hop
proxy(sock, proxy[0], next_hop[1], next_hop[2])
end
}
end
end
# Notify handlers that a socket has been created.
@ -121,31 +121,31 @@ class Rex::Socket::Comm::Local
sock
end
def self.proxy (sock, type, host, port)
if type == 'socks4'
setup = [4,1,port.to_i].pack('CCn') + Socket.gethostbyname(host)[3] + "bmc\x00"
size = sock.put(setup)
if size != setup.length
raise 'ack, we did not write as much as expected!'
end
begin
ret = sock.get_once(8, 30)
rescue IOError
raise Rex::ConnectionRefused.new(host, port), caller
end
if (ret.nil? or ret.length < 8)
raise 'ack, sock4 server did not respond with a socks4 response'
end
if ret[1] != 90
raise "ack, socks4 server responded with error code #{ret[0]}"
end
else
raise 'unsupported socks protocol', caller
end
end
def self.proxy (sock, type, host, port)
if type == 'socks4'
setup = [4,1,port.to_i].pack('CCn') + Socket.gethostbyname(host)[3] + "bmc\x00"
size = sock.put(setup)
if size != setup.length
raise 'ack, we did not write as much as expected!'
end
begin
ret = sock.get_once(8, 30)
rescue IOError
raise Rex::ConnectionRefused.new(host, port), caller
end
if (ret.nil? or ret.length < 8)
raise 'ack, sock4 server did not respond with a socks4 response'
end
if ret[1] != 90
raise "ack, socks4 server responded with error code #{ret[0]}"
end
else
raise 'unsupported socks protocol', caller
end
end
##
#

8
lib/rex/socket/parameters.rb
View File

@ -114,9 +114,9 @@ class Rex::Socket::Parameters
self.ssl = false
end
if hash['Proxies']
self.proxies = hash['Proxies'].split('-').map{|a| a.strip}.map{|a| a.split(':').map{|b| b.strip}}
end
if hash['Proxies']
self.proxies = hash['Proxies'].split('-').map{|a| a.strip}.map{|a| a.split(':').map{|b| b.strip}}
end
# The protocol this socket will be using
if (hash['Proto'])
@ -252,7 +252,7 @@ class Rex::Socket::Parameters
attr_accessor :ssl
attr_accessor :proxies
attr_accessor :proxies
##

6
lib/rex/socket/ssl_tcp.rb
View File

@ -96,8 +96,8 @@ protected
rescue LoadError
end
def type?
return 'tcp-ssl'
end
def type?
return 'tcp-ssl'
end
end

8
lib/rex/socket/tcp.rb
View File

@ -68,9 +68,9 @@ module Rex::Socket::Tcp
end
end
# returns socket type
def type?
return 'tcp'
end
# returns socket type
def type?
return 'tcp'
end
end

12
lib/rex/socket/udp.rb
View File

@ -56,9 +56,9 @@ module Rex::Socket::Udp
# Read a datagram from the UDP socket.
#
def read(length = 65535)
if length < 0
length = 65535
end
if length < 0
length = 65535
end
return sysread(length)
end
@ -131,8 +131,8 @@ module Rex::Socket::Udp
10
end
def type?
return 'udp'
end
def type?
return 'udp'
end
end

60
lib/rex/text.rb
View File

@ -224,9 +224,9 @@ module Text
# Return nil if all bytes are restricted
return nil if foo.length == 0
buff = ""
# Generate a buffer from the remaining bytes
if foo.length >= 256
len.times { buff << Kernel.rand(256) }
@ -351,27 +351,27 @@ module Text
return false
end
end
# backwards compat for just a bit...
def self.gzip_present?
self.zlib_present?
end
# backwards compat for just a bit...
def self.gzip_present?
self.zlib_present?
end
#
# Compresses a string using zlib
#
def self.zlib_deflate(str)
#
# Compresses a string using zlib
#
def self.zlib_deflate(str)
raise RuntimeError, "Gzip support is not present." if (!zlib_present?)
return Zlib::Deflate.deflate(str)
end
return Zlib::Deflate.deflate(str)
end
#
# Uncompresses a string using zlib
#
def self.zlib_inflate(str)
#
# Uncompresses a string using zlib
#
def self.zlib_inflate(str)
raise RuntimeError, "Gzip support is not present." if (!zlib_present?)
return Zlib::Inflate.inflate(str)
end
return Zlib::Inflate.inflate(str)
end
#
# Compresses a string using gzip
@ -380,24 +380,24 @@ module Text
raise RuntimeError, "Gzip support is not present." if (!zlib_present?)
raise RuntimeError, "Invalid gzip compression level" if (level < 1 or level > 9)
s = ""
gz = Zlib::GzipWriter.new(StringIO.new(s), level)
gz << str
gz.close
return s
s = ""
gz = Zlib::GzipWriter.new(StringIO.new(s), level)
gz << str
gz.close
return s
end
#
#
# Uncompresses a string using gzip
#
def self.ungzip(str)
raise RuntimeError, "Gzip support is not present." if (!zlib_present?)
s = ""
gz = Zlib::GzipReader.new(StringIO.new(str))
s << gz.read
gz.close
return s
s = ""
gz = Zlib::GzipReader.new(StringIO.new(str))
s << gz.read
gz.close
return s
end
#

30
lib/rex/text.rb.ut.rb
View File

@ -12,22 +12,22 @@ class Rex::Text::UnitTest < Test::Unit::TestCase
assert_equal("\x00a\x00b\x00c", Rex::Text.to_unicode('abc', 1), 'unicode, big endian')
end
def test_zlib
assert_equal("x\234\313\310T\310\315\317\005\000\a\225\002;", Rex::Text.zlib_deflate('hi mom'), 'compress')
assert_equal('hi mom', Rex::Text.zlib_inflate("x\234\313\310T\310\315\317\005\000\a\225\002;"), 'decompress')
end
def test_zlib
assert_equal("x\234\313\310T\310\315\317\005\000\a\225\002;", Rex::Text.zlib_deflate('hi mom'), 'compress')
assert_equal('hi mom', Rex::Text.zlib_inflate("x\234\313\310T\310\315\317\005\000\a\225\002;"), 'decompress')
end
def test_gzip
string = Rex::Text.gzip('hi mom')
assert_equal("\x1f\x8b\x08\x00", string.slice!(0,4), 'gzip headers')
# skip the next 6 bytes as it is host & time specific (zlib's example gun does, so why not us too?)
string.slice!(0,6)
assert_equal("\xcb\xc8\x54\xc8\xcd\xcf\x05\x00\x68\xa4\x1c\xf0\x06\x00\x00\x00", string, 'gzip data')
def test_gzip
string = Rex::Text.gzip('hi mom')
assert_equal("\x1f\x8b\x08\x00", string.slice!(0,4), 'gzip headers')
# skip the next 6 bytes as it is host & time specific (zlib's example gun does, so why not us too?)
string.slice!(0,6)
assert_equal("\xcb\xc8\x54\xc8\xcd\xcf\x05\x00\x68\xa4\x1c\xf0\x06\x00\x00\x00", string, 'gzip data')
assert_equal('hi mom', Rex::Text.ungzip("\037\213\010\000|\261\275C\002\003\313\310T\310\315\317\005\000h\244\034\360\006\000\000\000"), 'ungzip')
end
assert_equal('hi mom', Rex::Text.ungzip("\037\213\010\000|\261\275C\002\003\313\310T\310\315\317\005\000h\244\034\360\006\000\000\000"), 'ungzip')
end
def test_badchar_index
assert_equal(nil, Rex::Text.badchar_index('abcdef', 'gzk'))
@ -38,7 +38,7 @@ class Rex::Text::UnitTest < Test::Unit::TestCase
str = "\x01\x02\xff"
assert_equal("\\x01\\x02\\xff", Rex::Text.to_hex(str), 'to_hex')
assert_equal("ABC01ABC02ABCff", Rex::Text.to_hex(str, 'ABC'), 'to_hex with prefix')
assert_equal("ABC01ABC02ABCff", Rex::Text.to_hex(str, 'ABC'), 'to_hex with prefix')
assert_equal("\"\\x01\\x02\\xff\"\n", Rex::Text.to_ruby(str), 'to_ruby')
assert_equal("\"\\x01\\x02\\xff\";\n", Rex::Text.to_perl(str), 'to_perl')
assert_equal("unsigned char buf[] = \n\"\\x01\\x02\\xff\";\n", Rex::Text.to_c(str), 'to_c')

8
lib/rex/ui/text/table.rb.ut.rb
View File

@ -43,10 +43,10 @@ End
'Indent' => 4)
dstr = <<End
col1 col2 col3
---- ---- ----
r1cell1 r1cell2 r1cell3
r2cell1 r2cell2 r2cell3
col1 col2 col3
---- ---- ----
r1cell1 r1cell2 r1cell3
r2cell1 r2cell2 r2cell3
End
assert_equal(tbl.to_s, dstr)