Class: Rex::Proto::DCERPC::UUID

Inherits:
Object
  • Object
show all
Defined in:
lib/rex/proto/dcerpc/uuid.rb

Constant Summary collapse

@@known_uuids =
{
  'MGMT'      => [ 'afa8bd80-7d8a-11c9-bef4-08002b102989', '2.0' ],
  'REMACT'    => [ '4d9f4ab8-7d1c-11cf-861e-0020af6e7c57', '0.0' ],
  'SYSACT'    => [ '000001a0-0000-0000-c000-000000000046', '0.0' ],
  'LSA_DS'    => [ '3919286a-b10c-11d0-9ba8-00c04fd92ef5', '0.0' ],
  'SAMR'      => [ '12345778-1234-abcd-ef00-0123456789ac', '1.0' ],
  'MSMQ'      => [ 'fdb3a030-065f-11d1-bb9b-00a024ea5525', '1.0' ],
  'EVENTLOG'  => [ '82273fdc-e32a-18c3-3f78-827929dc23ea', '0.0' ],
  'SVCCTL'    => [ '367abb81-9844-35f1-ad32-98f038001003', '2.0' ],
  'SRVSVC'    => [ '4b324fc8-1670-01d3-1278-5a47bf6ee188', '3.0' ],
  'PNP'       => [ '8d9f4e40-a03d-11ce-8f69-08003e30051b', '1.0' ]
}

Class Method Summary collapse

Class Method Details

.is?(uuid_str) ⇒ Boolean

Validate a text based UUID

Returns:

  • (Boolean)

Raises:



35
36
37
38
39
40
41
42
# File 'lib/rex/proto/dcerpc/uuid.rb', line 35

def self.is? (uuid_str)
  raise ArgumentError if !uuid_str
  if uuid_str.match(/^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}$/)
    return true
  else
    return false
  end
end

.uuid_by_name(name) ⇒ Object

Determine the UUID string for the DCERPC service with this name



62
63
64
65
66
# File 'lib/rex/proto/dcerpc/uuid.rb', line 62

def self.uuid_by_name (name)
  if @@known_uuids.key?(name)
    @@known_uuids[name][0]
  end
end

.uuid_pack(uuid_str) ⇒ Object

Convert a UUID in string format to the binary representation

Raises:



45
46
47
48
49
# File 'lib/rex/proto/dcerpc/uuid.rb', line 45

def self.uuid_pack (uuid_str)
  raise ArgumentError if !self.is?(uuid_str)
  parts = uuid_str.split('-')
  [ parts[0].hex, parts[1].hex, parts[2].hex, parts[3].hex ].pack('Vvvn') + [ parts[4] ].pack('H*')
end

.uuid_unpack(uuid_bin) ⇒ Object

Convert a UUID in binary format to the string representation

Raises:



23
24
25
26
27
28
29
30
31
32
# File 'lib/rex/proto/dcerpc/uuid.rb', line 23

def self.uuid_unpack(uuid_bin)
  raise ArgumentError if uuid_bin.length != 16
  sprintf("%.8x-%.4x-%.4x-%.4x-%s",
    uuid_bin[ 0, 4].unpack('V')[0],
    uuid_bin[ 4, 2].unpack('v')[0],
    uuid_bin[ 6, 2].unpack('v')[0],
    uuid_bin[ 8, 2].unpack('n')[0],
    uuid_bin[10, 6].unpack('H*')[0]
  )
end

.vers_by_name(name) ⇒ Object

Determine the common version number for the DCERPC service with this name



69
70
71
72
73
# File 'lib/rex/proto/dcerpc/uuid.rb', line 69

def self.vers_by_name (name)
  if @@known_uuids.key?(name)
    @@known_uuids[name][1]
  end
end

.vers_to_nums(vers) ⇒ Object

Convert a string or number in float format to two unique numbers 2.0 => [2, 0]



76
77
78
79
80
# File 'lib/rex/proto/dcerpc/uuid.rb', line 76

def self.vers_to_nums (vers)
  vers_maj = vers.to_i
  vers_min = ((vers.to_f - vers.to_i) * 10).to_i
  return vers_maj, vers_min
end

.xfer_syntax_uuidObject

Provide the common TransferSyntax UUID in packed format



52
53
54
# File 'lib/rex/proto/dcerpc/uuid.rb', line 52

def self.xfer_syntax_uuid ()
  self.uuid_pack('8a885d04-1ceb-11c9-9fe8-08002b104860')
end

.xfer_syntax_versObject

Provide the common TransferSyntax version number



57
58
59
# File 'lib/rex/proto/dcerpc/uuid.rb', line 57

def self.xfer_syntax_vers ()
  '2.0'
end