Class: Rex::Post::Meterpreter::Extensions::Stdapi::Sys::Thread

Inherits:

Thread

• Object
• Thread
• Rex::Post::Meterpreter::Extensions::Stdapi::Sys::Thread

Includes:

ObjectAliasesContainer

Defined in:

lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb

Overview

This class implements the Rex::Post::Thread interface which wrappers a logical thread for a given process.

Instance Attribute Summary

• #handle ⇒ Object

  :nodoc:.

• #process ⇒ Object

  :nodoc:.

• #tid ⇒ Object

  :nodoc:.

Attributes included from ObjectAliasesContainer

#aliases

Class Method Summary

• .close(client, handle) ⇒ Object

  Closes the thread handle.

• .finalize(client, handle) ⇒ Object

Instance Method Summary

• #close ⇒ Object

  Instance method.

• #initialize(process, handle, tid) ⇒ Thread constructor

  Initialize the thread instance.

• #pretty_regs ⇒ Object

  Formats the registers in a pretty way.

• #query_regs ⇒ Object

  Queries the register state of the thread.

• #resume ⇒ Object

  Resumes the thread's execution.

• #set_regs(regs_hash) ⇒ Object

  Sets the register state of the thread.

• #suspend ⇒ Object

  Suspends the thread's execution.

• #terminate(code) ⇒ Object

  Terminates the thread's execution.

Methods included from ObjectAliasesContainer

#dump_alias_tree, #initialize_aliases, #method_missing

Constructor Details

#initialize(process, handle, tid) ⇒ Thread

Initialize the thread instance.

# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb', line 33

def initialize(process, handle, tid)
  self.process = process
  self.handle  = handle
  self.tid     = tid

  # Ensure the remote object is closed when all references are removed
  ObjectSpace.define_finalizer(self, self.class.finalize(process.client, handle))
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class Rex::Post::Meterpreter::ObjectAliasesContainer

Instance Attribute Details

#handle ⇒ Object

:nodoc:

# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb', line 180

def handle
  @handle
end

#process ⇒ Object

:nodoc:

# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb', line 180

def process
  @process
end

#tid ⇒ Object

:nodoc:

# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb', line 180

def tid
  @tid
end

Class Method Details

.close(client, handle) ⇒ Object

Closes the thread handle.

# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb', line 163

def self.close(client, handle)
  request = Packet.create_request(COMMAND_ID_STDAPI_SYS_PROCESS_THREAD_CLOSE)
  request.add_tlv(TLV_TYPE_THREAD_HANDLE, handle)
  client.send_request(request, nil)
  handle = nil
  return true
end

.finalize(client, handle) ⇒ Object

# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb', line 42

def self.finalize(client,handle)
  proc { self.close(client,handle) }
end

Instance Method Details

#close ⇒ Object

Instance method

# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb', line 172

def close
  unless self.handle.nil?
    ObjectSpace.undefine_finalizer(self)
    self.class.close(self.process.client, self.handle)
    self.handle = nil
  end
end

#pretty_regs ⇒ Object

Formats the registers in a pretty way.

# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb', line 141

def pretty_regs
  regs = query_regs

  buf  = sprintf("eax=%.8x ebx=%.8x ecx=%.8x edx=%.8x esi=%.8x edi=%.8x\n",
                 regs['eax'], regs['ebx'], regs['ecx'], regs['edx'], regs['esi'], regs['edi'])
  buf += sprintf("eip=%.8x esp=%.8x ebp=%.8x\n",
                 regs['eip'], regs['esp'], regs['ebp'])
  buf += sprintf("cs=%.4x ss=%.4x ds=%.4x es=%.4x fs=%.4x gs=%.4x\n",
                 regs['cs'], regs['ss'], regs['ds'], regs['es'], regs['fs'], regs['gs'])

  return buf
end

#query_regs ⇒ Object

Queries the register state of the thread.

# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb', line 101

def query_regs
  request = Packet.create_request(COMMAND_ID_STDAPI_SYS_PROCESS_THREAD_QUERY_REGS)
  regs    = {}

  request.add_tlv(TLV_TYPE_THREAD_HANDLE, handle)

  response = process.client.send_request(request)

  response.each(TLV_TYPE_REGISTER) { |reg|
    regs[reg.get_tlv_value(TLV_TYPE_REGISTER_NAME)] = reg.get_tlv_value(TLV_TYPE_REGISTER_VALUE_32)
  }

  return regs
end

#resume ⇒ Object

Resumes the thread's execution.

# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb', line 68

def resume
  request = Packet.create_request(COMMAND_ID_STDAPI_SYS_PROCESS_THREAD_RESUME)

  request.add_tlv(TLV_TYPE_THREAD_HANDLE, handle)

  process.client.send_request(request)

  return true
end

#set_regs(regs_hash) ⇒ Object

Sets the register state of the thread. The registers are supplied in the form of a hash.

# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb', line 120

def set_regs(regs_hash)
  request = Packet.create_request(COMMAND_ID_STDAPI_SYS_PROCESS_THREAD_SET_REGS)

  request.add_tlv(TLV_TYPE_THREAD_HANDLE, handle)

  # Add all of the register that we're setting
  regs_hash.each_key { |name|
    t = request.add_tlv(TLV_TYPE_REGISTER)

    t.add_tlv(TLV_TYPE_REGISTER_NAME, name)
    t.add_tlv(TLV_TYPE_REGISTER_VALUE_32, regs_hash[name])
  }

  process.client.send_request(request)

  return true
end

#suspend ⇒ Object

Suspends the thread's execution.

# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb', line 55

def suspend
  request = Packet.create_request(COMMAND_ID_STDAPI_SYS_PROCESS_THREAD_SUSPEND)

  request.add_tlv(TLV_TYPE_THREAD_HANDLE, handle)

  process.client.send_request(request)

  return true
end

#terminate(code) ⇒ Object

Terminates the thread's execution.

# File 'lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb', line 81

def terminate(code)
  request = Packet.create_request(COMMAND_ID_STDAPI_SYS_PROCESS_THREAD_TERMINATE)

  request.add_tlv(TLV_TYPE_THREAD_HANDLE, handle)
  request.add_tlv(TLV_TYPE_EXIT_CODE, code)

  process.client.send_request(request)

  return true
end