Class: Rex::Post::Meterpreter::PacketParser

Inherits:

Object

• Object
• Rex::Post::Meterpreter::PacketParser

Defined in:

lib/rex/post/meterpreter/packet_parser.rb

Overview

This class is responsible for reading in and decrypting meterpreter packets that arrive on a socket

Instance Method Summary

• #initialize(cipher = nil) ⇒ PacketParser constructor

  Initializes the packet parser context with an optional cipher.

• #recv(sock) ⇒ Object

  Reads data from the wire and parse as much of the packet as possible.

• #reset ⇒ Object

  Resets the parser state so that a new packet can begin being parsed.

Constructor Details

#initialize(cipher = nil) ⇒ PacketParser

Initializes the packet parser context with an optional cipher.

# File 'lib/rex/post/meterpreter/packet_parser.rb', line 18

def initialize(cipher = nil)
  self.cipher = cipher

  reset
end

Instance Method Details

#recv(sock) ⇒ Object

Reads data from the wire and parse as much of the packet as possible.

# File 'lib/rex/post/meterpreter/packet_parser.rb', line 36

def recv(sock)
  if (self.hdr_length_left > 0)
    buf = sock.read(self.hdr_length_left)

    if (buf)
      self.raw << buf

      self.hdr_length_left -= buf.length
    else
      raise EOFError
    end

    # If we've finished reading the header, set the
    # payload length left to the number of bytes
    # specified in the length
    if (self.hdr_length_left == 0)
      self.payload_length_left = raw.unpack("N")[0] - 8
    end
  elsif (self.payload_length_left > 0)
    buf = sock.read(self.payload_length_left)

    if (buf)
      self.raw << buf

      self.payload_length_left -= buf.length
    else
      raise EOFError
    end
  end

  # If we've finished reading the entire packet
  if ((self.hdr_length_left == 0) &&
      (self.payload_length_left == 0))

    # Create a typeless packet
    packet = Packet.new(0)

    # TODO: cipher decryption
    if (cipher)
    end

    # Serialize the packet from the raw buffer
    packet.from_r(self.raw)

    # Reset our state
    reset

    return packet
  end
end

#reset ⇒ Object

Resets the parser state so that a new packet can begin being parsed.

# File 'lib/rex/post/meterpreter/packet_parser.rb', line 27

def reset
  self.raw = ''
  self.hdr_length_left = 8
  self.payload_length_left = 0
end