2014-12-10 09:52:23 -06:00
|
|
|
# -*- coding: binary -*-
|
|
|
|
|
|
2014-12-03 17:22:23 -06:00
|
|
|
module Rex
|
|
|
|
|
module Java
|
|
|
|
|
module Serialization
|
|
|
|
|
module Model
|
|
|
|
|
# This class provides a NewObject (Java Object) representation
|
|
|
|
|
class NewObject < Element
|
|
|
|
|
|
2014-12-05 12:42:27 -06:00
|
|
|
include Rex::Java::Serialization::Model::Contents
|
2014-12-03 17:22:23 -06:00
|
|
|
|
2014-12-03 17:34:12 -06:00
|
|
|
# @!attribute class_desc
|
2014-12-07 17:52:09 -06:00
|
|
|
# @return [Rex::Java::Serialization::Model::ClassDesc] The description of the object
|
2014-12-03 17:22:23 -06:00
|
|
|
attr_accessor :class_desc
|
2014-12-03 17:34:12 -06:00
|
|
|
# @!attribute class_data
|
|
|
|
|
# @return [Array] The data of the object
|
2014-12-03 17:22:23 -06:00
|
|
|
attr_accessor :class_data
|
|
|
|
|
|
2014-12-05 20:11:45 -06:00
|
|
|
# @param stream [Rex::Java::Serialization::Model::Stream] the stream where it belongs to
|
2014-12-05 16:52:59 -06:00
|
|
|
def initialize(stream = nil)
|
|
|
|
|
super(stream)
|
2014-12-03 17:22:23 -06:00
|
|
|
self.class_desc = nil
|
|
|
|
|
self.class_data = []
|
|
|
|
|
end
|
|
|
|
|
|
2014-12-09 19:37:42 -06:00
|
|
|
# Deserializes a Rex::Java::Serialization::Model::NewObject
|
2014-12-03 17:22:23 -06:00
|
|
|
#
|
|
|
|
|
# @param io [IO] the io to read from
|
|
|
|
|
# @return [self] if deserialization succeeds
|
2015-04-05 18:43:03 -05:00
|
|
|
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
|
2014-12-03 17:22:23 -06:00
|
|
|
def decode(io)
|
2014-12-05 17:14:37 -06:00
|
|
|
self.class_desc = ClassDesc.decode(io, stream)
|
2014-12-05 17:35:38 -06:00
|
|
|
stream.add_reference(self) unless stream.nil?
|
2014-12-05 19:12:05 -06:00
|
|
|
|
2015-01-28 17:00:15 -06:00
|
|
|
case class_desc.description
|
|
|
|
|
when NewClassDesc
|
2014-12-05 19:12:05 -06:00
|
|
|
self.class_data = decode_class_data(io, class_desc.description)
|
2015-01-28 17:00:15 -06:00
|
|
|
when Reference
|
2014-12-05 20:11:45 -06:00
|
|
|
ref = class_desc.description.handle - BASE_WIRE_HANDLE
|
2014-12-05 19:12:05 -06:00
|
|
|
self.class_data = decode_class_data(io, stream.references[ref])
|
2014-12-05 12:42:27 -06:00
|
|
|
end
|
2014-12-03 17:22:23 -06:00
|
|
|
|
|
|
|
|
self
|
|
|
|
|
end
|
|
|
|
|
|
2014-12-09 19:37:42 -06:00
|
|
|
# Serializes the Rex::Java::Serialization::Model::NewObject
|
2014-12-03 17:22:23 -06:00
|
|
|
#
|
|
|
|
|
# @return [String] if serialization succeeds
|
2015-04-05 18:43:03 -05:00
|
|
|
# @raise [Rex::Java::Serialization::EncodeError] if serialization doesn't succeed
|
2014-12-03 17:22:23 -06:00
|
|
|
def encode
|
2015-01-28 17:00:15 -06:00
|
|
|
unless class_desc.kind_of?(ClassDesc)
|
2015-04-05 18:43:03 -05:00
|
|
|
raise Rex::Java::Serialization::EncodeError, 'Failed to serialize NewObject'
|
2014-12-03 17:22:23 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
encoded = ''
|
|
|
|
|
encoded << class_desc.encode
|
|
|
|
|
|
|
|
|
|
class_data.each do |value|
|
2015-01-28 17:00:15 -06:00
|
|
|
if value.kind_of?(Array)
|
2014-12-05 19:55:52 -06:00
|
|
|
encoded << encode_value(value)
|
|
|
|
|
else
|
|
|
|
|
encoded << encode_content(value)
|
|
|
|
|
end
|
2014-12-03 17:22:23 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
encoded
|
|
|
|
|
end
|
|
|
|
|
|
2014-12-07 17:52:09 -06:00
|
|
|
# Creates a print-friendly string representation
|
|
|
|
|
#
|
|
|
|
|
# @return [String]
|
|
|
|
|
def to_s
|
|
|
|
|
str = ''
|
2015-09-30 12:30:52 -05:00
|
|
|
|
2015-01-28 17:00:15 -06:00
|
|
|
case class_desc.description
|
|
|
|
|
when NewClassDesc
|
2014-12-07 17:52:09 -06:00
|
|
|
str << class_desc.description.class_name.to_s
|
2015-03-19 15:41:24 -05:00
|
|
|
when ProxyClassDesc
|
|
|
|
|
str << class_desc.description.interfaces.collect { |iface| iface.contents }.join(',')
|
2015-01-28 17:00:15 -06:00
|
|
|
when Reference
|
2014-12-07 17:52:09 -06:00
|
|
|
str << (class_desc.description.handle - BASE_WIRE_HANDLE).to_s(16)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
str << ' => { '
|
2015-01-28 17:00:15 -06:00
|
|
|
data_str = class_data.collect { |data| data.to_s }
|
|
|
|
|
str << data_str.join(', ')
|
2014-12-07 17:52:09 -06:00
|
|
|
str << ' }'
|
2015-09-30 12:30:52 -05:00
|
|
|
|
|
|
|
|
str
|
2014-12-07 17:52:09 -06:00
|
|
|
end
|
|
|
|
|
|
2014-12-03 17:22:23 -06:00
|
|
|
private
|
|
|
|
|
|
2014-12-04 19:19:42 -06:00
|
|
|
# Deserializes the class_data for a class_desc and its super classes
|
|
|
|
|
#
|
|
|
|
|
# @param io [IO] the io to read from
|
2014-12-05 19:12:05 -06:00
|
|
|
# @param my_class_desc [Rex::Java::Serialization::Model::NewClassDesc] the class description whose data is being extracted
|
2014-12-04 19:19:42 -06:00
|
|
|
# @return [Array] class_data values if deserialization succeeds
|
2015-04-05 18:43:03 -05:00
|
|
|
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
|
2014-12-04 19:19:42 -06:00
|
|
|
def decode_class_data(io, my_class_desc)
|
|
|
|
|
values = []
|
|
|
|
|
|
2014-12-05 20:16:50 -06:00
|
|
|
unless my_class_desc.super_class.description.class == NullReference
|
2015-01-07 15:19:28 -06:00
|
|
|
if my_class_desc.super_class.description.class == Reference
|
|
|
|
|
ref = my_class_desc.super_class.description.handle - BASE_WIRE_HANDLE
|
|
|
|
|
values += decode_class_data(io, stream.references[ref])
|
|
|
|
|
else
|
|
|
|
|
values += decode_class_data(io, my_class_desc.super_class.description)
|
|
|
|
|
end
|
2014-12-04 19:19:42 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
values += decode_class_fields(io, my_class_desc)
|
|
|
|
|
|
|
|
|
|
values
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Deserializes the fields data for a class_desc
|
2014-12-03 17:34:12 -06:00
|
|
|
#
|
|
|
|
|
# @param io [IO] the io to read from
|
2014-12-05 19:12:05 -06:00
|
|
|
# @param my_class_desc [Rex::Java::Serialization::Model::NewClassDesc] the class description whose data is being extracted
|
2014-12-03 17:34:12 -06:00
|
|
|
# @return [Array] class_data values if deserialization succeeds
|
2015-04-05 18:43:03 -05:00
|
|
|
# @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
|
2014-12-04 19:19:42 -06:00
|
|
|
def decode_class_fields(io, my_class_desc)
|
2014-12-03 17:22:23 -06:00
|
|
|
values = []
|
|
|
|
|
|
2014-12-05 19:12:05 -06:00
|
|
|
my_class_desc.fields.each do |field|
|
2014-12-05 12:42:27 -06:00
|
|
|
if field.is_primitive?
|
|
|
|
|
values << decode_value(io, field.type)
|
|
|
|
|
else
|
2014-12-05 19:55:52 -06:00
|
|
|
content = decode_content(io, stream)
|
|
|
|
|
values << content
|
2014-12-03 17:22:23 -06:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
values
|
|
|
|
|
end
|
|
|
|
|
|
2014-12-03 17:34:12 -06:00
|
|
|
# Deserializes a class_data value
|
2014-12-03 17:22:23 -06:00
|
|
|
#
|
|
|
|
|
# @param io [IO] the io to read from
|
2014-12-03 17:34:12 -06:00
|
|
|
# @param type [String] the type of the value to deserialize
|
|
|
|
|
# @return [Array(String, <Fixnum, Float>)] type and value if deserialization succeeds
|
2015-04-05 18:43:03 -05:00
|
|
|
# @raise [Rex::Java::Serialization::DecodeError] if deserialization fails
|
2014-12-03 17:22:23 -06:00
|
|
|
def decode_value(io, type)
|
|
|
|
|
value = []
|
|
|
|
|
|
|
|
|
|
case type
|
|
|
|
|
when 'byte'
|
|
|
|
|
value_raw = io.read(1)
|
2015-04-05 18:43:03 -05:00
|
|
|
raise Rex::Java::Serialization::DecodeError, 'Failed to deserialize NewArray value' if value_raw.nil?
|
2014-12-03 17:22:23 -06:00
|
|
|
value.push('byte', value_raw.unpack('c')[0])
|
|
|
|
|
when 'char'
|
|
|
|
|
value_raw = io.read(2)
|
|
|
|
|
unless value_raw && value_raw.length == 2
|
2015-04-05 18:43:03 -05:00
|
|
|
raise Rex::Java::Serialization::DecodeError, 'Failed to deserialize NewArray value'
|
2014-12-03 17:22:23 -06:00
|
|
|
end
|
|
|
|
|
value.push('char', value_raw.unpack('s>')[0])
|
|
|
|
|
when 'double'
|
|
|
|
|
value_raw = io.read(8)
|
|
|
|
|
unless value_raw && value_raw.length == 8
|
2015-04-05 18:43:03 -05:00
|
|
|
raise Rex::Java::Serialization::DecodeError, 'Failed to deserialize NewArray value'
|
2014-12-03 17:22:23 -06:00
|
|
|
end
|
|
|
|
|
value.push('double', value = value_raw.unpack('G')[0])
|
|
|
|
|
when 'float'
|
|
|
|
|
value_raw = io.read(4)
|
|
|
|
|
unless value_raw && value_raw.length == 4
|
2015-04-05 18:43:03 -05:00
|
|
|
raise Rex::Java::Serialization::DecodeError, 'Failed to deserialize NewArray value'
|
2014-12-03 17:22:23 -06:00
|
|
|
end
|
|
|
|
|
value.push('float', value_raw.unpack('g')[0])
|
|
|
|
|
when 'int'
|
|
|
|
|
value_raw = io.read(4)
|
|
|
|
|
unless value_raw && value_raw.length == 4
|
2015-04-05 18:43:03 -05:00
|
|
|
raise Rex::Java::Serialization::DecodeError, 'Failed to deserialize NewArray value'
|
2014-12-03 17:22:23 -06:00
|
|
|
end
|
|
|
|
|
value.push('int', value_raw.unpack('l>')[0])
|
|
|
|
|
when 'long'
|
|
|
|
|
value_raw = io.read(8)
|
|
|
|
|
unless value_raw && value_raw.length == 8
|
2015-04-05 18:43:03 -05:00
|
|
|
raise Rex::Java::Serialization::DecodeError, 'Failed to deserialize NewArray value'
|
2014-12-03 17:22:23 -06:00
|
|
|
end
|
|
|
|
|
value.push('long', value_raw.unpack('q>')[0])
|
|
|
|
|
when 'short'
|
|
|
|
|
value_raw = io.read(2)
|
|
|
|
|
unless value_raw && value_raw.length == 2
|
2015-04-05 18:43:03 -05:00
|
|
|
raise Rex::Java::Serialization::DecodeError, 'Failed to deserialize NewArray value'
|
2014-12-03 17:22:23 -06:00
|
|
|
end
|
|
|
|
|
value.push('short', value_raw.unpack('s>')[0])
|
|
|
|
|
when 'boolean'
|
|
|
|
|
value_raw = io.read(1)
|
2015-04-05 18:43:03 -05:00
|
|
|
raise Rex::Java::Serialization::DecodeError, 'Failed to deserialize NewArray value' if value_raw.nil?
|
2014-12-03 17:22:23 -06:00
|
|
|
value.push('boolean', value_raw.unpack('c')[0])
|
|
|
|
|
else
|
2015-04-05 18:43:03 -05:00
|
|
|
raise Rex::Java::Serialization::DecodeError, 'Unsupported NewArray type'
|
2014-12-03 17:22:23 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
value
|
|
|
|
|
end
|
|
|
|
|
|
2014-12-03 17:34:12 -06:00
|
|
|
# Serializes an class_data value
|
2014-12-03 17:22:23 -06:00
|
|
|
#
|
2014-12-03 17:34:12 -06:00
|
|
|
# @param value [Array] the type and value to serialize
|
2014-12-03 17:22:23 -06:00
|
|
|
# @return [String] the serialized value
|
2015-04-05 18:43:03 -05:00
|
|
|
# @raise [Rex::Java::Serialization::EncodeError] if serialization fails
|
2014-12-03 17:22:23 -06:00
|
|
|
def encode_value(value)
|
|
|
|
|
res = ''
|
|
|
|
|
|
|
|
|
|
case value[0]
|
|
|
|
|
when 'byte'
|
|
|
|
|
res = [value[1]].pack('c')
|
|
|
|
|
when 'char'
|
|
|
|
|
res = [value[1]].pack('s>')
|
|
|
|
|
when 'double'
|
|
|
|
|
res = [value[1]].pack('G')
|
|
|
|
|
when 'float'
|
|
|
|
|
res = [value[1]].pack('g')
|
|
|
|
|
when 'int'
|
|
|
|
|
res = [value[1]].pack('l>')
|
|
|
|
|
when 'long'
|
|
|
|
|
res = [value[1]].pack('q>')
|
|
|
|
|
when 'short'
|
|
|
|
|
res = [value[1]].pack('s>')
|
|
|
|
|
when 'boolean'
|
|
|
|
|
res = [value[1]].pack('c')
|
|
|
|
|
else
|
2015-04-05 18:43:03 -05:00
|
|
|
raise Rex::Java::Serialization::EncodeError, 'Unsupported NewArray type'
|
2014-12-03 17:22:23 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
res
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2015-01-28 17:00:15 -06:00
|
|
|
end
|
