Class: Metasploit::Aggregator::Tlv::Packet

Inherits:
GroupTlv
  • Object
show all
Defined in:
lib/metasploit/aggregator/tlv/packet.rb

Overview

The logical meterpreter packet class

Instance Attribute Summary collapse

Attributes inherited from GroupTlv

#tlvs

Attributes inherited from Tlv

#compress, #type, #value

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from GroupTlv

#add_tlv, #add_tlvs, #each, #each_tlv, #each_tlv_with_index, #each_with_index, #get_tlv, #get_tlv_value, #get_tlv_values, #get_tlvs, #has_tlv?, #reset

Methods inherited from Tlv

#inspect, #meta_type?, #type?, #value?

Constructor Details

#initialize(type = nil, method = nil) ⇒ Packet

Initializes the packet to the supplied packet type and method, if any. If the packet is a request, a request identifier is created.



609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 609

def initialize(type = nil, method = nil)
  super(type)

  if (method)
    self.method = method
  end

  self.created_at = ::Time.now

  # If it's a request, generate a random request identifier
  if ((type == PACKET_TYPE_REQUEST) ||
      (type == PACKET_TYPE_PLAIN_REQUEST))
    rid = ''

    32.times { |val| rid << rand(10).to_s }

    add_tlv(TLV_TYPE_REQUEST_ID, rid)
  end
end

Instance Attribute Details

#created_atObject

Returns the value of attribute created_at.



565
566
567
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 565

def created_at
  @created_at
end

Class Method Details

.create_request(method = nil) ⇒ Object

Creates a request with the supplied method.



576
577
578
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 576

def Packet.create_request(method = nil)
  return Packet.new(PACKET_TYPE_REQUEST, method)
end

.create_response(request = nil) ⇒ Object

Creates a response to a request if one is provided.



583
584
585
586
587
588
589
590
591
592
593
594
595
596
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 583

def Packet.create_response(request = nil)
  response_type = PACKET_TYPE_RESPONSE
  method = nil

  if (request)
    if (request.type?(PACKET_TYPE_PLAIN_REQUEST))
      response_type = PACKET_TYPE_PLAIN_RESPONSE
    end

    method = request.method
  end

  return Packet.new(response_type, method)
end

Instance Method Details

#from_r(bytes) ⇒ Object

Override the function that reads from a raw byte stream so that the XORing of data is included in the process prior to passing it on to the default functionality that can parse the TLV values.



651
652
653
654
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 651

def from_r(bytes)
  xor_key = bytes[0,4].unpack('N')[0]
  super(xor_bytes(xor_key, bytes[4, bytes.length]))
end

#methodObject

Returns the value of the packet’s method TLV.



704
705
706
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 704

def method
  return get_tlv_value(TLV_TYPE_METHOD)
end

#method=(method) ⇒ Object

Sets the packet’s method TLV to the method supplied.



697
698
699
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 697

def method=(method)
  add_tlv(TLV_TYPE_METHOD, method, true)
end

#method?(method) ⇒ Boolean

Checks to see if the packet’s method is equal to the supplied method.

Returns:

  • (Boolean) 


690
691
692
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 690

def method?(method)
  return (get_tlv_value(TLV_TYPE_METHOD) == method)
end

#response?Boolean

Checks to see if the packet is a response.

Returns:

  • (Boolean) 


676
677
678
679
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 676

def response?
  return ((self.type == PACKET_TYPE_RESPONSE) ||
      (self.type == PACKET_TYPE_PLAIN_RESPONSE))
end

#resultObject

Gets the value of the packet’s result TLV.



726
727
728
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 726

def result
  return get_tlv_value(TLV_TYPE_RESULT)
end

#result=(result) ⇒ Object

Sets the packet’s result TLV.



719
720
721
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 719

def result=(result)
  add_tlv(TLV_TYPE_RESULT, result, true)
end

#result?(result) ⇒ Boolean

Checks to see if the packet’s result value is equal to the supplied result.

Returns:

  • (Boolean) 


712
713
714
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 712

def result?(result)
  return (get_tlv_value(TLV_TYPE_RESULT) == result)
end

#ridObject

Gets the value of the packet’s request identifier TLV.



733
734
735
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 733

def rid
  return get_tlv_value(TLV_TYPE_REQUEST_ID)
end

#to_rObject

Override the function that creates the raw byte stream for sending so that it generates an XOR key, uses it to scramble the serialized TLV content, and then returns the key plus the scrambled data as the payload.



635
636
637
638
639
640
641
642
643
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 635

def to_r
  raw = super
  xor_key = rand(254) + 1
  xor_key |= (rand(254) + 1) << 8
  xor_key |= (rand(254) + 1) << 16
  xor_key |= (rand(254) + 1) << 24
  result = [xor_key].pack('N') + xor_bytes(xor_key, raw)
  result
end

#xor_bytes(xor_key, bytes) ⇒ Object

Xor a set of bytes with a given DWORD xor key.



659
660
661
662
663
664
665
 
# File 'lib/metasploit/aggregator/tlv/packet.rb', line 659

def xor_bytes(xor_key, bytes)
  result = ''
  bytes.bytes.zip([xor_key].pack('V').bytes.cycle).each do |b|
    result << (b[0].ord ^ b[1].ord).chr
  end
  result
end