Class: Rex::Post::Meterpreter::PacketParser

Inherits:

Object

• Object
• Rex::Post::Meterpreter::PacketParser

Defined in:

lib/rex/post/meterpreter/packet_parser.rb

Overview

This class is responsible for reading in and decrypting meterpreter packets that arrive on a socket

Instance Method Summary

• #initialize(cipher = nil) ⇒ PacketParser constructor

  Initializes the packet parser context with an optional cipher.

• #recv(sock) ⇒ Object

  Reads data from the wire and parse as much of the packet as possible.

• #reset ⇒ Object

  Resets the parser state so that a new packet can begin being parsed.

Constructor Details

#initialize(cipher = nil) ⇒ PacketParser

Initializes the packet parser context with an optional cipher.

# File 'lib/rex/post/meterpreter/packet_parser.rb', line 19

def initialize(cipher = nil)
	self.cipher = cipher

	reset
end

Instance Method Details

#recv(sock) ⇒ Object

Reads data from the wire and parse as much of the packet as possible.

# File 'lib/rex/post/meterpreter/packet_parser.rb', line 37

def recv(sock)
	if (self.hdr_length_left > 0)
		buf = sock.read(self.hdr_length_left)

		if (buf)
			self.raw << buf

			self.hdr_length_left -= buf.length
		else
			raise EOFError
		end

		# If we've finished reading the header, set the
		# payload length left to the number of bytes
		# specified in the length
		if (self.hdr_length_left == 0)
			self.payload_length_left = raw.unpack("N")[0] - 8
		end
	elsif (self.payload_length_left > 0)
		buf = sock.read(self.payload_length_left)

		if (buf)
			self.raw << buf

			self.payload_length_left -= buf.length
		else
			raise EOFError
		end
	end

	# If we've finished reading the entire packet
	if ((self.hdr_length_left == 0) &&
	    (self.payload_length_left == 0))

		# Create a typeless packet
		packet = Packet.new(0)

		# TODO: cipher decryption
		if (cipher)
		end

		# Serialize the packet from the raw buffer
		packet.from_r(self.raw)

		# Reset our state
		reset

		return packet
	end
end

#reset ⇒ Object

Resets the parser state so that a new packet can begin being parsed.

# File 'lib/rex/post/meterpreter/packet_parser.rb', line 28

def reset
	self.raw = ''
	self.hdr_length_left = 8
	self.payload_length_left = 0
end