Class: Rex::OLE::Header

Inherits:
Object
  • Object
show all
Defined in:
lib/rex/ole/header.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeHeader

Returns a new instance of Header


29
30
31
32
33
34
35
36
# File 'lib/rex/ole/header.rb', line 29

def initialize
  set_defaults

  # calculate some numbers (save a little math)
  @sector_size = 1 << @_uSectorShift
  @mini_sector_size = 1 << @_uMiniSectorShift
  @idx_per_sect = @sector_size / 4
end

Instance Attribute Details

#_csectDifObject

Returns the value of attribute _csectDif


22
23
24
# File 'lib/rex/ole/header.rb', line 22

def _csectDif
  @_csectDif
end

#_csectFatObject

Returns the value of attribute _csectFat


19
20
21
# File 'lib/rex/ole/header.rb', line 19

def _csectFat
  @_csectFat
end

#_csectMiniFatObject

Returns the value of attribute _csectMiniFat


20
21
22
# File 'lib/rex/ole/header.rb', line 20

def _csectMiniFat
  @_csectMiniFat
end

#_sectDifStartObject

Returns the value of attribute _sectDifStart


22
23
24
# File 'lib/rex/ole/header.rb', line 22

def _sectDifStart
  @_sectDifStart
end

#_sectDirStartObject

Returns the value of attribute _sectDirStart


23
24
25
# File 'lib/rex/ole/header.rb', line 23

def _sectDirStart
  @_sectDirStart
end

#_sectFatObject

Returns the value of attribute _sectFat


19
20
21
# File 'lib/rex/ole/header.rb', line 19

def _sectFat
  @_sectFat
end

#_sectMiniFatStartObject

Returns the value of attribute _sectMiniFatStart


20
21
22
# File 'lib/rex/ole/header.rb', line 20

def _sectMiniFatStart
  @_sectMiniFatStart
end

#_ulMiniSectorCutoffObject

Returns the value of attribute _ulMiniSectorCutoff


21
22
23
# File 'lib/rex/ole/header.rb', line 21

def _ulMiniSectorCutoff
  @_ulMiniSectorCutoff
end

#_uMajorVersionObject

Returns the value of attribute _uMajorVersion


24
25
26
# File 'lib/rex/ole/header.rb', line 24

def _uMajorVersion
  @_uMajorVersion
end

#_uMiniSectorShiftObject

Returns the value of attribute _uMiniSectorShift


21
22
23
# File 'lib/rex/ole/header.rb', line 21

def _uMiniSectorShift
  @_uMiniSectorShift
end

#idx_per_sectObject

Returns the value of attribute idx_per_sect


26
27
28
# File 'lib/rex/ole/header.rb', line 26

def idx_per_sect
  @idx_per_sect
end

#mini_sector_sizeObject

Returns the value of attribute mini_sector_size


27
28
29
# File 'lib/rex/ole/header.rb', line 27

def mini_sector_size
  @mini_sector_size
end

#sector_sizeObject

Returns the value of attribute sector_size


26
27
28
# File 'lib/rex/ole/header.rb', line 26

def sector_size
  @sector_size
end

Instance Method Details

#read(fd) ⇒ Object

low-level functions


125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
# File 'lib/rex/ole/header.rb', line 125

def read(fd)
  buf = fd.read(HDR_SZ)

  @_abSig        = buf[0x00,8]
  if (@_abSig != SIG) and (@_abSig != SIG_BETA)
    raise RuntimeError, 'Invalid signature for OLE file'
  end
  @_clid = CLSID.new(buf[0x08,16])

  @_uByteOrder   = Util.get16(buf, 0x1c)
  Util.set_endian(@_uByteOrder)

  @_uMinorVersion       = Util.get16(buf, 0x18)
  @_uMajorVersion       = Util.get16(buf, 0x1a)

  @_uSectorShift        = Util.get16(buf, 0x1e)
  @_uMiniSectorShift    = Util.get16(buf, 0x20)

  # ignore reserved bytes

  @_csectDir            = Util.get32(buf, 0x28) # NOTE: only for v4 files

  @_csectFat            = Util.get32(buf, 0x2c)
  @_sectDirStart        = Util.get32(buf, 0x30)

  @_signature           = Util.get32(buf, 0x34)

  @_ulMiniSectorCutoff  = Util.get32(buf, 0x38)
  @_sectMiniFatStart    = Util.get32(buf, 0x3c)
  @_csectMiniFat        = Util.get32(buf, 0x40)

  @_sectDifStart        = Util.get32(buf, 0x44)
  @_csectDif            = Util.get32(buf, 0x48)

  @_sectFat = Util.get32array(buf[0x4c, (109 * 4)])
end

#set_defaultsObject


38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
# File 'lib/rex/ole/header.rb', line 38

def set_defaults
  @_abSig               = SIG
  @_clid = CLSID.new
  @_uByteOrder          = LITTLE_ENDIAN

  @_uMinorVersion       = 0x3e
  @_uMajorVersion       = 0x03

  @_uSectorShift        = 9         # 512 byte sectors
  @_uMiniSectorShift    = 6         # 64 byte mini-sectors

  @_csectDir            = nil             # TBD (v4 only, 1 required)

  @_csectFat            = nil             # TBD (one required)
  @_sectDirStart        = nil             # TBD (one required)

  @_signature           = 0               # no transactions support

  @_ulMiniSectorCutoff  = 0x1000    # 4k
  @_sectMiniFatStart    = SECT_END   # TBD
  @_csectMiniFat        = 0               # TBD

  @_sectDifStart        = SECT_END   # TBD (default to none)
  @_csectDif            = 0               # TBD (default to none)

  @_sectFat             = []              # TBD
end

#to_sObject


66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
# File 'lib/rex/ole/header.rb', line 66

def to_s
  ret = "{\n"
  ret << "  _abSig => \"%s\"" % Util.Printable(@_abSig)
  ret << ",\n"
  ret << "  _clid => %s" % @_clid.to_s
  ret << ",\n"
  ret << "  _uMinorVersion => 0x%04x" % @_uMinorVersion
  ret << ",\n"
  ret << "  _uMajorVersion => 0x%04x" % @_uMajorVersion
  ret << ",\n"
  ret << "  _uByteOrder => 0x%04x" % @_uByteOrder
  ret << ",\n"
  ret << "  _uSectorShift => 0x%04x" % @_uSectorShift
  ret << ",\n"
  ret << "  _uMiniSectorShift => 0x%04x" % @_uMiniSectorShift
  ret << ",\n"

  if (@_csectDir)
    ret << "  _csectDir => 0x%08x" % @_csectDir
  else
    ret << "  _csectDir => UNALLOCATED" % @_csectDir
  end
  ret << ",\n"

  if (@_csectFat)
    ret << "  _csectFat => 0x%08x" % @_csectFat
  else
    ret << "  _csectFat => UNALLOCATED"
  end
  ret << ",\n"

  if (@_sectDirStart)
    ret << "  _sectDirStart => 0x%08x" % @_sectDirStart
  else
    ret << "  _sectDirStart => UNALLOCATED"
  end
  ret << ",\n"

  ret << "  _signature => 0x%08x" % @_signature
  ret << ",\n"
  ret << "  _uMiniSectorCutoff => 0x%08x" % @_ulMiniSectorCutoff
  ret << ",\n"
  ret << "  _sectMiniFatStart => 0x%08x" % @_sectMiniFatStart
  ret << ",\n"
  ret << "  _csectMiniFat => 0x%08x" % @_csectMiniFat
  ret << ",\n"
  ret << "  _sectDifStart => 0x%08x" % @_sectDifStart
  ret << ",\n"
  ret << "  _csectDif => 0x%08x" % @_csectDif
  #ret << ",\n"
  #ret << "  _sectFat => "
  #ret << Rex::Text.to_hex_dump32array(@_sectFat)
  ret << "\n}"
  ret
end

#write(fd) ⇒ Object


162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
# File 'lib/rex/ole/header.rb', line 162

def write(fd)
  hdr = ""
  hdr << @_abSig
  hdr << @_clid.pack
  hdr << Util.pack16(@_uMinorVersion)
  hdr << Util.pack16(@_uMajorVersion)
  hdr << Util.pack16(@_uByteOrder)
  hdr << Util.pack16(@_uSectorShift)
  hdr << Util.pack16(@_uMiniSectorShift)
  if (@_uMajorVersion == 0x04)
    hdr << "\x00" * 6 # reserved bytes
    hdr << Util.pack32(@_csectDir)
  else
    hdr << "\x00" * 10 # reserved bytes
  end

  fs_count = @_csectFat
  fs_count ||= 0
  hdr << Util.pack32(fs_count)

  dir_start = @_sectDirStart
  dir_start ||= SECT_END
  hdr << Util.pack32(dir_start)

  hdr << Util.pack32(@_signature)
  hdr << Util.pack32(@_ulMiniSectorCutoff)
  hdr << Util.pack32(@_sectMiniFatStart)
  hdr << Util.pack32(@_csectMiniFat)
  hdr << Util.pack32(@_sectDifStart)
  hdr << Util.pack32(@_csectDif)
  hdr << Util.pack32array(@_sectFat)

  fd.seek(0, ::IO::SEEK_SET)
  fd.write(hdr)
end