Class: Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessSubsystem::Thread
- Inherits:
-
Object
- Object
- Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessSubsystem::Thread
- Defined in:
- lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb
Overview
Interfaces with a process’ executing threads by enumerating, opening, and creating threads.
Instance Method Summary collapse
-
#create(entry, parameter = nil, suspended = false) ⇒ Object
Creates a new thread in the context of the process and returns a Sys::Thread instance.
-
#each_thread(&block) ⇒ Object
Enumerate through each thread identifier.
-
#get_threads ⇒ Object
Returns an array of thread identifiers.
-
#initialize(process) ⇒ Thread
constructor
Initializes a thread instance that operates in the context of the supplied process instance.
-
#open(tid, access = THREAD_ALL) ⇒ Object
Opens an existing thread that is running within the context of the process and returns a Sys::Thread instance.
Constructor Details
#initialize(process) ⇒ Thread
Initializes a thread instance that operates in the context of the supplied process instance.
34 35 36 |
# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb', line 34 def initialize(process) self.process = process end |
Instance Method Details
#create(entry, parameter = nil, suspended = false) ⇒ Object
Creates a new thread in the context of the process and returns a Sys::Thread instance.
81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 |
# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb', line 81 def create(entry, parameter = nil, suspended = false) request = Packet.create_request('stdapi_sys_process_thread_create') creation_flags = 0 request.add_tlv(TLV_TYPE_PROCESS_HANDLE, process.handle) request.add_tlv(TLV_TYPE_ENTRY_POINT, entry) # Are we passing a parameter to the entry point of the thread? if (parameter != nil) request.add_tlv(TLV_TYPE_ENTRY_PARAMETER, parameter) end # Should we create the thread suspended? if (suspended) creation_flags |= CREATE_SUSPENDED end request.add_tlv(TLV_TYPE_CREATION_FLAGS, creation_flags) # Transmit the request response = process.client.send_request(request) thread_id = response.get_tlv_value(TLV_TYPE_THREAD_ID) thread_handle = response.get_tlv_value(TLV_TYPE_THREAD_HANDLE) # Create a thread class instance return Rex::Post::Meterpreter::Extensions::Stdapi::Sys::Thread.new( process, thread_handle, thread_id) end |
#each_thread(&block) ⇒ Object
Enumerate through each thread identifier.
115 116 117 |
# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb', line 115 def each_thread(&block) get_threads.each(&block) end |
#get_threads ⇒ Object
Returns an array of thread identifiers.
122 123 124 125 126 127 128 129 130 131 132 133 134 135 |
# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb', line 122 def get_threads request = Packet.create_request('stdapi_sys_process_thread_get_threads') threads = [] request.add_tlv(TLV_TYPE_PID, process.pid) response = process.client.send_request(request) response.each(TLV_TYPE_THREAD_ID) { |thr| threads << thr.value } return threads end |
#open(tid, access = THREAD_ALL) ⇒ Object
Opens an existing thread that is running within the context of the process and returns a Sys::Thread instance.
48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb', line 48 def open(tid, access = THREAD_ALL) request = Packet.create_request('stdapi_sys_process_thread_open') real = 0 # Translate access if (access & THREAD_READ) real |= THREAD_GET_CONTEXT | THREAD_QUERY_INFORMATION | SYNCHRONIZE end if (access & THREAD_WRITE) real |= THREAD_SET_CONTEXT | THREAD_SET_INFORMATION | THREAD_SET_THREAD_TOKEN | THREAD_IMPERSONATE | THREAD_DIRECT_IMPERSONATION end if (access & THREAD_EXECUTE) real |= THREAD_TERMINATE | THREAD_SUSPEND_RESUME | SYNCHRONIZE end # Add the thread identifier and permissions request.add_tlv(TLV_TYPE_THREAD_ID, tid) request.add_tlv(TLV_TYPE_THREAD_PERMS, real) # Transmit the request response = process.client.send_request(request) # Create a thread class instance return Rex::Post::Meterpreter::Extensions::Stdapi::Sys::Thread.new( process, response.get_tlv_value(TLV_TYPE_THREAD_HANDLE), tid) end |