class Rex::Post::Meterpreter::Packet
The logical meterpreter packet class
Attributes
Public Class Methods
Creates a request with the supplied method.
# File lib/rex/post/meterpreter/packet.rb, line 614 def Packet.create_request(method = nil) return Packet.new(PACKET_TYPE_REQUEST, method) end
Creates a response to a request if one is provided.
# File lib/rex/post/meterpreter/packet.rb, line 621 def Packet.create_response(request = nil) response_type = PACKET_TYPE_RESPONSE method = nil if (request) if (request.type?(PACKET_TYPE_PLAIN_REQUEST)) response_type = PACKET_TYPE_PLAIN_RESPONSE end method = request.method end return Packet.new(response_type, method) end
Initializes the packet to the supplied packet type and method, if any. If the packet is a request, a request identifier is created.
Rex::Post::Meterpreter::GroupTlv::new
# File lib/rex/post/meterpreter/packet.rb, line 647 def initialize(type = nil, method = nil) super(type) if (method) self.method = method end self.created_at = ::Time.now # If it's a request, generate a random request identifier if ((type == PACKET_TYPE_REQUEST) || (type == PACKET_TYPE_PLAIN_REQUEST)) rid = '' 32.times { |val| rid << rand(10).to_s } add_tlv(TLV_TYPE_REQUEST_ID, rid) end end
Public Instance Methods
Override the function that reads from a raw byte stream so that the XORing of data is included in the process prior to passing it on to the default functionality that can parse the TLV values.
Rex::Post::Meterpreter::GroupTlv#from_r
# File lib/rex/post/meterpreter/packet.rb, line 689 def from_r(bytes) xor_key = bytes[0,4].unpack('N')[0] super(xor_bytes(xor_key, bytes[4, bytes.length])) end
Returns the value of the packet's method TLV.
# File lib/rex/post/meterpreter/packet.rb, line 742 def method return get_tlv_value(TLV_TYPE_METHOD) end
Sets the packet's method TLV to the method supplied.
# File lib/rex/post/meterpreter/packet.rb, line 735 def method=(method) add_tlv(TLV_TYPE_METHOD, method, true) end
Checks to see if the packet's method is equal to the supplied method.
# File lib/rex/post/meterpreter/packet.rb, line 728 def method?(method) return (get_tlv_value(TLV_TYPE_METHOD) == method) end
Checks to see if the packet is a response.
# File lib/rex/post/meterpreter/packet.rb, line 714 def response? return ((self.type == PACKET_TYPE_RESPONSE) || (self.type == PACKET_TYPE_PLAIN_RESPONSE)) end
Gets the value of the packet's result TLV.
# File lib/rex/post/meterpreter/packet.rb, line 764 def result return get_tlv_value(TLV_TYPE_RESULT) end
Sets the packet's result TLV.
# File lib/rex/post/meterpreter/packet.rb, line 757 def result=(result) add_tlv(TLV_TYPE_RESULT, result, true) end
Checks to see if the packet's result value is equal to the supplied result.
# File lib/rex/post/meterpreter/packet.rb, line 750 def result?(result) return (get_tlv_value(TLV_TYPE_RESULT) == result) end
Gets the value of the packet's request identifier TLV.
# File lib/rex/post/meterpreter/packet.rb, line 771 def rid return get_tlv_value(TLV_TYPE_REQUEST_ID) end
Override the function that creates the raw byte stream for sending so that it generates an XOR key, uses it to scramble the serialized TLV content, and then returns the key plus the scrambled data as the payload.
Rex::Post::Meterpreter::GroupTlv#to_r
# File lib/rex/post/meterpreter/packet.rb, line 673 def to_r raw = super xor_key = rand(254) + 1 xor_key |= (rand(254) + 1) << 8 xor_key |= (rand(254) + 1) << 16 xor_key |= (rand(254) + 1) << 24 result = [xor_key].pack('N') + xor_bytes(xor_key, raw) result end
Xor a set of bytes with a given DWORD xor key.
# File lib/rex/post/meterpreter/packet.rb, line 697 def xor_bytes(xor_key, bytes) result = '' bytes.bytes.zip([xor_key].pack('V').bytes.cycle).each do |b| result << (b[0].ord ^ b[1].ord).chr end result end