Move crypto methods to Rex::Crypto namespace

GSoC/Meterpreter_Web_Console
Wei Chen 2018-04-17 20:12:26 -05:00
parent ee9f49fa39
commit ff9c55207e
6 changed files with 147 additions and 2 deletions

View File

@ -146,7 +146,7 @@ module Buffer
raise ArgumentError, 'Encryption key is missing' raise ArgumentError, 'Encryption key is missing'
end end
buf = Rex::Text.encrypt_aes256(encryption_opts[:iv], encryption_opts[:key], value) buf = Rex::Crypto.encrypt_aes256(encryption_opts[:iv], encryption_opts[:key], value)
when 'base64' when 'base64'
buf = Rex::Text.encode_base64(value) buf = Rex::Text.encode_base64(value)
when 'xor' when 'xor'
@ -160,7 +160,7 @@ module Buffer
raise ArgumentError, 'Encryption key is missing' raise ArgumentError, 'Encryption key is missing'
end end
buf = Rex::Text.rc4(encryption_opts[:key], value) buf = Rex::Crypto.rc4(encryption_opts[:key], value)
else else
raise ArgumentError, "Unsupported encryption format: #{encryption_opts[:format]}", caller raise ArgumentError, "Unsupported encryption format: #{encryption_opts[:format]}", caller
end end

View File

@ -114,6 +114,10 @@ require 'rex/compat'
require 'rex/sslscan/scanner' require 'rex/sslscan/scanner'
require 'rex/sslscan/result' require 'rex/sslscan/result'
# Cryptography
require 'rex/crypto/aes256'
require 'rex/crypto/rc4'
# Overload the Kernel.sleep() function to be thread-safe # Overload the Kernel.sleep() function to be thread-safe
Kernel.class_eval(" Kernel.class_eval("

33
lib/rex/crypto/aes256.rb Normal file
View File

@ -0,0 +1,33 @@
# -*- coding: binary -*-
module Rex
module Crypto
# Returns an encrypted string using AES256-CBC.
#
# @param iv [String] Initialization vector.
# @param key [String] Secret key.
# @return [String] The encrypted string.
def self.encrypt_aes256(iv, key, value)
aes = OpenSSL::Cipher::AES256.new(:CBC)
aes.encrypt
aes.iv = iv
aes.key = key
aes.update(value) + aes.final
end
# Returns a decrypted string using AES256-CBC.
#
# @param iv [String] Initialization vector.
# @param key [String] Secret key.
# @return [String] The decrypted string.
def self.decrypt_aes256(iv, key, value)
aes = OpenSSL::Cipher::AES256.new(:CBC)
aes.decrypt
aes.iv = iv
aes.key = key
aes.update(value) + aes.final
end
end
end

18
lib/rex/crypto/rc4.rb Normal file
View File

@ -0,0 +1,18 @@
# -*- coding: binary -*-
module Rex
module Crypto
# Returns a decrypted or encrypted RC4 string.
#
# @param key [String] Secret key.
# @param [String]
def self.rc4(key, value)
rc4 = RC4.new(key)
# This can also be used to decrypt
rc4.encrypt(value)
end
end
end

View File

@ -0,0 +1,62 @@
require 'spec_helper'
require 'securerandom'
describe Rex::Crypto do
let(:iv) {
SecureRandom.random_bytes(16)
}
let(:key) {
SecureRandom.random_bytes(32)
}
let(:value) {
'Hello World'
}
describe '#encrypt_aes256' do
it 'raises an exception due to a short IV' do
iv = SecureRandom.random_bytes(1)
# Because it could raise either a OpenSSL::Cipher::CipherError or an ArgumentError
# dependong on the environment, we will just expect it to raise an exception
expect { Rex::Crypto.encrypt_aes256(iv, key, value) }.to raise_exception
end
it 'raises an exception due to a short key' do
key = SecureRandom.random_bytes(1)
# Because it could raise either a OpenSSL::Cipher::CipherError or an ArgumentError
# dependong on the environment, we will just expect it to raise an exception
expect { Rex::Crypto.encrypt_aes256(iv, key, value) }.to raise_exception
end
it 'encrypts the string Hello World' do
encrypted_str = Rex::Crypto.encrypt_aes256(iv, key, value)
expect(encrypted_str).not_to eq(value)
end
end
describe '#decrypt_aes256' do
it 'raises an exception due to a short IV' do
iv = SecureRandom.random_bytes(1)
# Because it could raise either a OpenSSL::Cipher::CipherError or an ArgumentError
# dependong on the environment, we will just expect it to raise an exception
expect { Rex::Crypto.decrypt_aes256(iv, key, value) }.to raise_exception
end
it 'raises an exception due to a short key' do
key = SecureRandom.random_bytes(1)
# Because it could raise either a OpenSSL::Cipher::CipherError or an ArgumentError
# dependong on the environment, we will just expect it to raise an exception
expect { Rex::Crypto.decrypt_aes256(iv, key, value) }.to raise_exception
end
it 'decrypts the value to Hello World' do
encrypted_str = Rex::Crypto.encrypt_aes256(iv, key, value)
decrypted_str = Rex::Crypto.decrypt_aes256(iv, key, encrypted_str)
expect(decrypted_str).to eq(value)
end
end
end

View File

@ -0,0 +1,28 @@
require 'spec_helper'
require 'securerandom'
describe Rex::Crypto do
describe '#rc4' do
let(:key) {
SecureRandom.random_bytes(32)
}
let(:value) {
'Hello World'
}
it 'encrypts a string' do
expect(Rex::Crypto.rc4(key, value)).not_to eq(value)
end
it 'decrypts a string' do
encrypted_str = Rex::Crypto.rc4(key, value)
decrypted_str = Rex::Crypto.rc4(key, encrypted_str)
expect(decrypted_str).to eq(value)
end
end
end