Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
lib/msf/core/module_manager.rb - bug fixes to make it work with ruby-cvs
lib/rex/arch/x86.rb - removed illegal 'break' statements

lib/rex/peparsey* - imported from spn/, renamed classes to Rex
msfpescan - first version from spoonm


git-svn-id: file:///home/svn/incoming/trunk@3598 4d416f70-5f16-0410-b530-b9f4589650da
  • Loading branch information
HD Moore committed Apr 15, 2006
1 parent bf6ac76 commit da41886
Show file tree
Hide file tree
Showing 14 changed files with 1,685 additions and 10 deletions.
5 changes: 5 additions & 0 deletions ext/README
@@ -0,0 +1,5 @@
This directory contains external components and libraries that are not part of
the Metasploit Framework and may be subject to a different license.

A file named 'LICENSE' can be found in each subdirectory and should be
referenced for all licensing-related decisions.
6 changes: 3 additions & 3 deletions lib/msf/core/module_manager.rb
Expand Up @@ -577,7 +577,7 @@ def add_module_path(path)
# Make sure the path is a valid directory before we try to rock the
# house
if (File.directory?(path) == false)
raise NameError, "The path supplied is not a valid directory.",
raise RuntimeError, "The path supplied is not a valid directory.",
caller
end

Expand Down Expand Up @@ -755,7 +755,7 @@ def load_modules(path, demand = false)
# Trap the name error and flag this file path as still needing to
# be delay loaded.
rescue NameError
delay[file] = $!
delay[file] = $!
end
}
end
Expand Down Expand Up @@ -850,7 +850,7 @@ def load_module_from_file(path, file, loaded, recalc, counts, demand = false)

# Re-raise the name error so that the caller catches it and adds this
# file path to the list of files that are to be delay loaded.
raise NameError, $!
raise $!
rescue LoadError
elog("LoadError: #{$!}.")
return false
Expand Down
14 changes: 7 additions & 7 deletions lib/rex/arch/x86.rb
Expand Up @@ -216,33 +216,33 @@ def self.set(dst, val, badchars = '')
# try push BYTE val; pop dst (3 bytes)
begin
return _check_badchars(push_byte(val) + pop_dword(dst), badchars)
rescue ::ArgumentError, RuntimeError, RangeError
rescue ::ArgumentError, ::RuntimeError, ::RangeError
end

# try clear dst, mov BYTE dst (4 bytes)
begin
break if val == 0
# break if val == 0
return _check_badchars(clear(dst, badchars) + mov_byte(dst, val), badchars)
rescue ::ArgumentError, RuntimeError, RangeError
rescue ::ArgumentError, ::RuntimeError, ::RangeError
end

# try mov DWORD dst (5 bytes)
begin
return _check_badchars(mov_dword(dst, val), badchars)
rescue ::ArgumentError, RuntimeError, RangeError
rescue ::ArgumentError, ::RuntimeError, ::RangeError
end

# try push DWORD, pop dst (6 bytes)
begin
return _check_badchars(push_dword(val) + pop_dword(dst), badchars)
rescue ::ArgumentError, RuntimeError, RangeError
rescue ::ArgumentError, ::RuntimeError, ::RangeError
end

# try clear dst, mov WORD dst (6 bytes)
begin
break if val == 0
# break if val == 0
return _check_badchars(clear(dst, badchars) + mov_word(dst, val), badchars)
rescue ::ArgumentError, RuntimeError, RangeError
rescue ::ArgumentError, ::RuntimeError, ::RangeError
end

raise RuntimeError, "No valid set instruction could be created!", caller()
Expand Down
5 changes: 5 additions & 0 deletions lib/rex/peparsey.rb
@@ -0,0 +1,5 @@
#!/usr/bin/env ruby

require 'rex/peparsey/exceptions'
require 'rex/peparsey/pe'
require 'rex/peparsey/pe_memdump'
27 changes: 27 additions & 0 deletions lib/rex/peparsey/exceptions.rb
@@ -0,0 +1,27 @@
#!/usr/bin/ruby

module Rex
module PeParsey

class PeError < ::RuntimeError
end

class ParseError < PeError
end

class DosHeaderError < ParseError
end

class FileHeaderError < ParseError
end

class OptionalHeaderError < ParseError
end

class BoundsError < PeError
end

class WtfError < PeError
end

end end
5 changes: 5 additions & 0 deletions lib/rex/peparsey/image_source.rb
@@ -0,0 +1,5 @@
#!/usr/bin/ruby

require 'rex/peparsey/image_source/image_source.rb'
require 'rex/peparsey/image_source/memory.rb'
require 'rex/peparsey/image_source/disk.rb'
60 changes: 60 additions & 0 deletions lib/rex/peparsey/image_source/disk.rb
@@ -0,0 +1,60 @@
#!/usr/bin/env ruby

require 'rex/peparsey/image_source/image_source'

require 'rex/struct2'

module Rex
module PeParsey
module ImageSource
class Disk < ImageSource

attr_accessor :file, :file_offset, :size

WINDOW_SIZE = 4096
WINDOW_OVERLAP = 64

def initialize(_file, _offset = 0, _len = nil)
_len = _file.stat.size if !_len

self.file = _file
self.file_offset = _offset
self.size = _len
end

def read(offset, len)
if offset < 0 || offset+len > size
raise RangeError, "Offset #{offset} outside of image source", caller
end

file.seek(file_offset + offset)
file.read(len)
end

def index(search, offset = 0)
# do a sliding window search across the disk
while offset < size

# get a full window size if we can, we
# don't want to read past our boundaries
wsize = size - offset
wsize = WINDOW_SIZE if wsize > WINDOW_SIZE

window = self.read(offset, wsize)
res = window.index(search)
return res + offset if res
offset += WINDOW_SIZE - WINDOW_OVERLAP
end
end

def subsource(offset, len)
self.class.new(file, file_offset+offset, len)
end

def close
file.close
end
end

end end end

45 changes: 45 additions & 0 deletions lib/rex/peparsey/image_source/image_source.rb
@@ -0,0 +1,45 @@
#!/usr/bin/env ruby

module Rex
module PeParsey
module ImageSource
class ImageSource

#
# Um, just some abstract class stuff I guess, this is the interface
# that any image sources should subscribe to...
#

def subsource(offset, len)
raise "do something"
end

def size
raise "do something"
end

def file_offset
raise "do something"
end

def close
raise "do something"
end

def read_asciiz(offset)
# FIXME, make me better
string = ''
loop do
char = read(offset, 1)
break if char == "\x00"
offset += 1
string << char
end
return string
end


end

end end end

37 changes: 37 additions & 0 deletions lib/rex/peparsey/image_source/memory.rb
@@ -0,0 +1,37 @@
#!/usr/bin/env ruby

require 'rex/peparsey/image_source/image_source'

require 'rex/struct2'

module Rex
module PeParsey
module ImageSource
class Memory < ImageSource

attr_accessor :rawdata, :size, :file_offset

def initialize(_rawdata, _file_offset = 0)
self.rawdata = _rawdata
self.size = _rawdata.length
self.file_offset = _file_offset
end

def read(offset, len)
rawdata[offset, len]
end

def subsource(offset, len)
self.class.new(rawdata[offset, len], offset + file_offset)
end

def close
end

def index(*args)
rawdata.index(*args)
end
end

end end end

0 comments on commit da41886

Please sign in to comment.