adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/api/Msf/Exploit/Remote/Unirpc.html
T
jenkins-metasploit c3f5bd3de2 Reboot gh-pages
2026-05-08 17:08:43 +00:00

1036 lines
60 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Module: Msf::Exploit::Remote::Unirpc
&mdash; Documentation by YARD 0.9.37
</title>
<link rel="stylesheet" href="../../../css/style.css" type="text/css" />
<link rel="stylesheet" href="../../../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "Msf::Exploit::Remote::Unirpc";
relpath = '../../../';
</script>
<script type="text/javascript" charset="utf-8" src="../../../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../../../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../../../class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../../../_index.html">Index (U)</a> &raquo;
<span class='title'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span>
&raquo;
<span class="title">Unirpc</span>
</div>
<div id="search">
<a class="full_list_link" id="class_list_link"
href="../../../class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Module: Msf::Exploit::Remote::Unirpc
</h1>
<div class="box_info">
<dl>
<dt>Defined in:</dt>
<dd>lib/msf/core/exploit/remote/unirpc.rb</dd>
</dl>
</div>
<h2>Overview</h2><div class="docstring">
<div class="discussion">
<p>Adapted from <a href="https://github.com/rbowes-r7/libneptune">github.com/rbowes-r7/libneptune</a></p>
</div>
</div>
<div class="tags">
</div><h2>Defined Under Namespace</h2>
<p class="children">
<strong class="classes">Classes:</strong> <span class='object_link'><a href="Unirpc/UniRPCCommunicationError.html" title="Msf::Exploit::Remote::Unirpc::UniRPCCommunicationError (class)">UniRPCCommunicationError</a></span>, <span class='object_link'><a href="Unirpc/UniRPCError.html" title="Msf::Exploit::Remote::Unirpc::UniRPCError (class)">UniRPCError</a></span>, <span class='object_link'><a href="Unirpc/UniRPCUnexpectedResponseError.html" title="Msf::Exploit::Remote::Unirpc::UniRPCUnexpectedResponseError (class)">UniRPCUnexpectedResponseError</a></span>, <span class='object_link'><a href="Unirpc/UniRPCUsageError.html" title="Msf::Exploit::Remote::Unirpc::UniRPCUsageError (class)">UniRPCUsageError</a></span>
</p>
<h2>
Constant Summary
<small><a href="#" class="constants_summary_toggle">collapse</a></small>
</h2>
<dl class="constants">
<dt id="UNIRPC_TYPE_INTEGER-constant" class="">UNIRPC_TYPE_INTEGER =
<div class="docstring">
<div class="discussion">
<p>Argument types</p>
</div>
</div>
<div class="tags">
</div>
</dt>
<dd><pre class="code"><span class='int'>0</span></pre></dd>
<dt id="UNIRPC_TYPE_FLOAT-constant" class="">UNIRPC_TYPE_FLOAT =
</dt>
<dd><pre class="code"><span class='int'>1</span></pre></dd>
<dt id="UNIRPC_TYPE_STRING-constant" class="">UNIRPC_TYPE_STRING =
</dt>
<dd><pre class="code"><span class='int'>2</span></pre></dd>
<dt id="UNIRPC_TYPE_BYTES-constant" class="">UNIRPC_TYPE_BYTES =
</dt>
<dd><pre class="code"><span class='int'>3</span></pre></dd>
<dt id="UNIRPC_MESSAGE_LOGIN-constant" class="">UNIRPC_MESSAGE_LOGIN =
<div class="docstring">
<div class="discussion">
<p>Message types</p>
</div>
</div>
<div class="tags">
</div>
</dt>
<dd><pre class="code"><span class='int'>0x0F</span></pre></dd>
<dt id="UNIRPC_MESSAGE_OSCOMMAND-constant" class="">UNIRPC_MESSAGE_OSCOMMAND =
</dt>
<dd><pre class="code"><span class='int'>0x06</span></pre></dd>
</dl>
<h2>
Instance Method Summary
<small><a href="#" class="summary_toggle">collapse</a></small>
</h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#build_unirpc_message-instance_method" title="#build_unirpc_message (instance method)">#<strong>build_unirpc_message</strong>(version_byte: 0x6c, other_version_byte: 0x01, body_length_override: nil, argcount_override: nil, body_override: nil, oldschool_data: &#39;&#39;, args: [], skip_header: false) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Build a unirpc packet.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#initialize-instance_method" title="#initialize (instance method)">#<strong>initialize</strong>(info = {}) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#recv_unirpc_message-instance_method" title="#recv_unirpc_message (instance method)">#<strong>recv_unirpc_message</strong>(sock, first_result_is_status: false) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Receive and parse a message from UniRPC server on the given socket.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#unirpc_get_version-instance_method" title="#unirpc_get_version (instance method)">#<strong>unirpc_get_version</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
</ul>
<div id="instance_method_details" class="method_details_list">
<h2>Instance Method Details</h2>
<div class="method_details first">
<h3 class="signature first" id="build_unirpc_message-instance_method">
#<strong>build_unirpc_message</strong>(version_byte: 0x6c, other_version_byte: 0x01, body_length_override: nil, argcount_override: nil, body_override: nil, oldschool_data: &#39;&#39;, args: [], skip_header: false) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Build a unirpc packet. There are lots of arguments defined, pretty much all of them optional.</p>
<p>Header fields:.</p>
<ul><li>
<p>version_byte: The protocol version (this is always 0x6c in the protocol)</p>
</li><li>
<p>other_version_byte: Another version byte (always 0x01 in the protocol)</p>
</li><li>
<p>body_length_override: The length of the body (automatically calculated, normally)</p>
</li><li>
<p>argcount_override: If set, specifies a custom number of “args” (automatically calculated, normally)</p>
</li></ul>
<p>Body fields:</p>
<ul><li>
<p>body_override: If set, use it as the literal body and ignore the rest of these</p>
</li><li>
<p>oldschool_data: The service supports two different types of serialized data; AFAICT, this field is just free-form string data that nothing really seems to support</p>
</li><li>
<p>args: An array of arguments (the most common way to pass arguments to an rpc call).</p>
</li></ul>
<p>Args are an array of hashes with :type / :value Valid types: :integer - :value is the integer (32-bits) :string / :bytes - value is the string or nil :float - :value is just a 64-bit value</p>
<p>Integer and Float values also have an :extra field, which is sent where the strings length would go - I think its normally set to uninitialized memory, so probably you never need it.</p>
<p>String values have a boolean :null_terminate field as well, in case you want to disable null-termination (the service uses the length field in some cases, and null termination in others, so it could be interesting)</p>
<p>Set :skip_header to not attach a header (some services require only a body)</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/unirpc.rb', line 106</span>
<span class='kw'>def</span> <span class='id identifier rubyid_build_unirpc_message'>build_unirpc_message</span><span class='lparen'>(</span>
<span class='label'>version_byte:</span> <span class='int'>0x6c</span><span class='comma'>,</span>
<span class='label'>other_version_byte:</span> <span class='int'>0x01</span><span class='comma'>,</span>
<span class='label'>body_length_override:</span> <span class='kw'>nil</span><span class='comma'>,</span>
<span class='label'>argcount_override:</span> <span class='kw'>nil</span><span class='comma'>,</span>
<span class='label'>body_override:</span> <span class='kw'>nil</span><span class='comma'>,</span>
<span class='label'>oldschool_data:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='label'>args:</span> <span class='lbracket'>[</span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>skip_header:</span> <span class='kw'>false</span>
<span class='rparen'>)</span>
<span class='id identifier rubyid_encrypt'>encrypt</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>UNIRPC_ENCODE_MESSAGES</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='comment'># Ensure this is a string (in case the caller sets it to nil or something
</span> <span class='id identifier rubyid_oldschool_data'>oldschool_data</span> <span class='op'>=</span> <span class='id identifier rubyid_oldschool_data'>oldschool_data</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span>
<span class='comment'># Allow the caller to override the body entirely, instead of packing
</span> <span class='comment'># arguments
</span> <span class='kw'>if</span> <span class='id identifier rubyid_body_override'>body_override</span>
<span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='id identifier rubyid_body_override'>body_override</span>
<span class='kw'>else</span>
<span class='comment'># Pack the args at the start of the body - this is kinda metadata-ish
</span> <span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='id identifier rubyid_args'>args</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_a'>a</span><span class='op'>|</span>
<span class='kw'>case</span> <span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:type</span><span class='rbracket'>]</span>
<span class='kw'>when</span> <span class='symbol'>:integer</span>
<span class='comment'># Ints ignore the first value, and the second is always 0
</span> <span class='lbracket'>[</span><span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:extra</span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='int'>0</span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UNIRPC_TYPE_INTEGER-constant" title="Msf::Exploit::Remote::Unirpc::UNIRPC_TYPE_INTEGER (constant)">UNIRPC_TYPE_INTEGER</a></span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_pack'>pack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>NN</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='symbol'>:string</span>
<span class='comment'># Strings store the length in the first value, and the value in the body
</span> <span class='kw'>if</span> <span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:null_terminate</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span> <span class='op'>||</span> <span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:null_terminate</span><span class='rbracket'>]</span> <span class='op'>==</span> <span class='kw'>true</span>
<span class='lbracket'>[</span><span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:value</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span> <span class='op'>+</span> <span class='int'>1</span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UNIRPC_TYPE_STRING-constant" title="Msf::Exploit::Remote::Unirpc::UNIRPC_TYPE_STRING (constant)">UNIRPC_TYPE_STRING</a></span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_pack'>pack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>NN</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='lbracket'>[</span><span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:value</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UNIRPC_TYPE_STRING-constant" title="Msf::Exploit::Remote::Unirpc::UNIRPC_TYPE_STRING (constant)">UNIRPC_TYPE_STRING</a></span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_pack'>pack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>NN</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>when</span> <span class='symbol'>:bytes</span>
<span class='comment'># Bytes / rpcstrings store the length in the first value, and the value in the body
</span> <span class='lbracket'>[</span><span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:value</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UNIRPC_TYPE_BYTES-constant" title="Msf::Exploit::Remote::Unirpc::UNIRPC_TYPE_BYTES (constant)">UNIRPC_TYPE_BYTES</a></span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_pack'>pack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>NN</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='symbol'>:float</span>
<span class='comment'># Floats ignore the first value, and the second value is the type
</span> <span class='lbracket'>[</span><span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:extra</span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='int'>0</span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UNIRPC_TYPE_FLOAT-constant" title="Msf::Exploit::Remote::Unirpc::UNIRPC_TYPE_FLOAT (constant)">UNIRPC_TYPE_FLOAT</a></span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_pack'>pack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>NN</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_raise'>raise</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="Unirpc/UniRPCUsageError.html" title="Msf::Exploit::Remote::Unirpc::UniRPCUsageError (class)">UniRPCUsageError</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Tried to build UniRPC packet with unknown type: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:type</span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span><span class='period'>.</span><span class='id identifier rubyid_join'><span class='object_link'><a href="../../../top-level-namespace.html#join-instance_method" title="#join (method)">join</a></span></span>
<span class='comment'># Follow it with the &#39;oldschool_data&#39; arg
</span> <span class='id identifier rubyid_body'>body</span> <span class='op'>+=</span> <span class='id identifier rubyid_oldschool_data'>oldschool_data</span>
<span class='comment'># Follow that data section with the args - this is the value of the args
</span> <span class='id identifier rubyid_body'>body</span> <span class='op'>+=</span> <span class='id identifier rubyid_args'>args</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_a'>a</span><span class='op'>|</span>
<span class='kw'>case</span> <span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:type</span><span class='rbracket'>]</span>
<span class='kw'>when</span> <span class='symbol'>:integer</span>
<span class='lbracket'>[</span><span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:value</span><span class='rbracket'>]</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_pack'>pack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>N</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='symbol'>:string</span>
<span class='id identifier rubyid_str'>str</span> <span class='op'>=</span> <span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:value</span><span class='rbracket'>]</span>
<span class='kw'>if</span> <span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:null_terminate</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span> <span class='op'>||</span> <span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:null_terminate</span><span class='rbracket'>]</span> <span class='op'>==</span> <span class='kw'>true</span>
<span class='id identifier rubyid_str'>str</span> <span class='op'>+=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>\0</span><span class='tstring_end'>&quot;</span></span>
<span class='kw'>end</span>
<span class='comment'># Align to multiple of 4, always adding at least one
</span> <span class='id identifier rubyid_str'>str</span> <span class='op'>+=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>\0</span><span class='tstring_end'>&quot;</span></span>
<span class='id identifier rubyid_str'>str</span> <span class='op'>+=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>\0</span><span class='tstring_end'>&quot;</span></span> <span class='kw'>while</span> <span class='lparen'>(</span><span class='id identifier rubyid_str'>str</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span> <span class='op'>%</span> <span class='int'>4</span><span class='rparen'>)</span> <span class='op'>!=</span> <span class='int'>0</span>
<span class='id identifier rubyid_str'>str</span>
<span class='kw'>when</span> <span class='symbol'>:bytes</span>
<span class='id identifier rubyid_str'>str</span> <span class='op'>=</span> <span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:value</span><span class='rbracket'>]</span>
<span class='comment'># Alignment
</span> <span class='id identifier rubyid_str'>str</span> <span class='op'>+=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>\0</span><span class='tstring_end'>&quot;</span></span> <span class='kw'>while</span> <span class='lparen'>(</span><span class='id identifier rubyid_str'>str</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span> <span class='op'>%</span> <span class='int'>4</span><span class='rparen'>)</span> <span class='op'>!=</span> <span class='int'>0</span>
<span class='id identifier rubyid_str'>str</span>
<span class='kw'>when</span> <span class='symbol'>:float</span>
<span class='lbracket'>[</span><span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:value</span><span class='rbracket'>]</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_pack'>pack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Q</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_raise'>raise</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="Unirpc/UniRPCUsageError.html" title="Msf::Exploit::Remote::Unirpc::UniRPCUsageError (class)">UniRPCUsageError</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Tried to build UniRPC packet with unknown type: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_a'>a</span><span class='lbracket'>[</span><span class='symbol'>:type</span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span><span class='period'>.</span><span class='id identifier rubyid_join'><span class='object_link'><a href="../../../top-level-namespace.html#join-instance_method" title="#join (method)">join</a></span></span>
<span class='kw'>end</span>
<span class='comment'># &quot;Encrypt&quot; if we&#39;re supposed to
</span> <span class='comment'># We use the key &quot;2&quot;, other options include &quot;1&quot;
</span> <span class='kw'>if</span> <span class='id identifier rubyid_encrypt'>encrypt</span>
<span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='id identifier rubyid_body'>body</span><span class='period'>.</span><span class='id identifier rubyid_bytes'>bytes</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_b'>b</span><span class='op'>|</span>
<span class='lparen'>(</span><span class='id identifier rubyid_b'>b</span> <span class='op'>^</span> <span class='int'>2</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_chr'>chr</span>
<span class='kw'>end</span><span class='period'>.</span><span class='id identifier rubyid_join'><span class='object_link'><a href="../../../top-level-namespace.html#join-instance_method" title="#join (method)">join</a></span></span>
<span class='kw'>end</span>
<span class='comment'># Figure out the argcount
</span> <span class='kw'>if</span> <span class='id identifier rubyid_argcount_override'>argcount_override</span>
<span class='id identifier rubyid_argcount'>argcount</span> <span class='op'>=</span> <span class='id identifier rubyid_argcount_override'>argcount_override</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_argcount'>argcount</span> <span class='op'>=</span> <span class='id identifier rubyid_args'>args</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span>
<span class='comment'># If we pass plaintext data, it actually counts as an extra arg
</span> <span class='kw'>if</span> <span class='id identifier rubyid_oldschool_data'>oldschool_data</span> <span class='op'>!=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_argcount'>argcount</span> <span class='op'>+=</span> <span class='int'>1</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='comment'># Let the user to skip appending a header, if they choose
</span> <span class='kw'>if</span> <span class='id identifier rubyid_skip_header'>skip_header</span>
<span class='kw'>return</span> <span class='id identifier rubyid_body'>body</span>
<span class='kw'>end</span>
<span class='comment'># Pack the header
</span> <span class='id identifier rubyid_header'>header</span> <span class='op'>=</span> <span class='lbracket'>[</span>
<span class='id identifier rubyid_version_byte'>version_byte</span><span class='comma'>,</span> <span class='comment'># Has to be 0x6c
</span> <span class='id identifier rubyid_other_version_byte'>other_version_byte</span><span class='comma'>,</span> <span class='comment'># Can be 0x01 or 0x02
</span> <span class='int'>0x00</span><span class='comma'>,</span> <span class='comment'># Reserved (ignored)
</span> <span class='int'>0x00</span><span class='comma'>,</span> <span class='comment'># Reserved (ignored)
</span>
<span class='id identifier rubyid_body_length_override'>body_length_override</span> <span class='op'>||</span> <span class='id identifier rubyid_body'>body</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span><span class='comma'>,</span> <span class='comment'># Length of data (0x7FFFFFFF =&gt; heap overflow)
</span>
<span class='int'>0x00000000</span><span class='comma'>,</span> <span class='comment'># Reserved (ignored)
</span>
<span class='int'>2</span><span class='comma'>,</span> <span class='comment'># Encryption &quot;key&quot; - basically the XOR key (can only be 1 or 2)
</span> <span class='int'>0</span><span class='comma'>,</span> <span class='comment'># Do compression?
</span> <span class='id identifier rubyid_encrypt'>encrypt</span> <span class='op'>?</span> <span class='int'>1</span> <span class='op'>:</span> <span class='int'>0</span><span class='comma'>,</span> <span class='comment'># Encryption (0 = not encrypted, 1 = encrypted)
</span> <span class='int'>0x00</span><span class='comma'>,</span> <span class='comment'># Padding
</span>
<span class='int'>0x00000000</span><span class='comma'>,</span> <span class='comment'># Unknown (reserved?) 0 unused, but has to be 0
</span>
<span class='id identifier rubyid_argcount'>argcount</span><span class='comma'>,</span> <span class='comment'># Argcount, which we compute earlier
</span> <span class='id identifier rubyid_oldschool_data'>oldschool_data</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span> <span class='comment'># Data length
</span> <span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_pack'>pack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>CCCCNNCCCCNnn</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>return</span> <span class='id identifier rubyid_header'>header</span> <span class='op'>+</span> <span class='id identifier rubyid_body'>body</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="initialize-instance_method">
#<strong>initialize</strong>(info = {}) &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
26
27
28
29
30
31
32
33
34
35
36</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/unirpc.rb', line 26</span>
<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_info'>info</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='kw'>super</span>
<span class='ivar'>@error_codes</span> <span class='op'>=</span> <span class='const'>YAML</span><span class='period'>.</span><span class='id identifier rubyid_safe_load'>safe_load</span><span class='lparen'>(</span><span class='op'>::</span><span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_join'>join</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Config.html" title="Msf::Config (class)">Config</a></span></span><span class='period'>.</span><span class='id identifier rubyid_data_directory'><span class='object_link'><a href="../../Config.html#data_directory-class_method" title="Msf::Config.data_directory (method)">data_directory</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>unirpc-errors.yaml</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span><span class='rparen'>)</span>
<span class='comment'># This will let the module decide whether or not to use the
</span> <span class='comment'># packet-level encoding
</span> <span class='id identifier rubyid_register_advanced_options'>register_advanced_options</span><span class='lparen'>(</span><span class='lbracket'>[</span>
<span class='const'><span class='object_link'><a href="../../OptBool.html" title="Msf::OptBool (class)">OptBool</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBool.html#initialize-instance_method" title="Msf::OptBool#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>UNIRPC_ENCODE_MESSAGES</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>true</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Use UniRPC&#39;s message encoding (which obscures messages by XORing with a constant</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='kw'>true</span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="recv_unirpc_message-instance_method">
#<strong>recv_unirpc_message</strong>(sock, first_result_is_status: false) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Receive and parse a message from UniRPC server on the given socket</p>
<p>Many RPC replies put a status / error code in the first argument. To check that argument and raise an error when the server returns an error, set first_result_is_status to true</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/unirpc.rb', line 242</span>
<span class='kw'>def</span> <span class='id identifier rubyid_recv_unirpc_message'>recv_unirpc_message</span><span class='lparen'>(</span><span class='id identifier rubyid_sock'>sock</span><span class='comma'>,</span> <span class='label'>first_result_is_status:</span> <span class='kw'>false</span><span class='rparen'>)</span>
<span class='comment'># Receive the header
</span> <span class='id identifier rubyid_header'>header</span> <span class='op'>=</span> <span class='id identifier rubyid_sock'>sock</span><span class='period'>.</span><span class='id identifier rubyid_get_once'>get_once</span><span class='lparen'>(</span><span class='int'>0x18</span><span class='rparen'>)</span>
<span class='comment'># Make sure we received all of it
</span> <span class='kw'>if</span> <span class='id identifier rubyid_header'>header</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
<span class='id identifier rubyid_raise'>raise</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="Unirpc/UniRPCCommunicationError.html" title="Msf::Exploit::Remote::Unirpc::UniRPCCommunicationError (class)">UniRPCCommunicationError</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Couldn&#39;t receive UniRPC packet header</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>elsif</span> <span class='id identifier rubyid_header'>header</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span> <span class='op'>&lt;</span> <span class='int'>0x18</span>
<span class='id identifier rubyid_raise'>raise</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="Unirpc/UniRPCCommunicationError.html" title="Msf::Exploit::Remote::Unirpc::UniRPCCommunicationError (class)">UniRPCCommunicationError</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>UniRPC packet header was truncated (expected 24 bytes, received </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_header'>header</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span><span class='embexpr_end'>}</span><span class='tstring_content'>) - this might not be a UniRPC server</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='comment'># Parse out the fields
</span> <span class='lparen'>(</span>
<span class='id identifier rubyid_version_byte'>version_byte</span><span class='comma'>,</span>
<span class='id identifier rubyid_other_version_byte'>other_version_byte</span><span class='comma'>,</span>
<span class='id identifier rubyid__reserved1'>_reserved1</span><span class='comma'>,</span>
<span class='id identifier rubyid__reserved2'>_reserved2</span><span class='comma'>,</span>
<span class='id identifier rubyid_body_length'>body_length</span><span class='comma'>,</span>
<span class='id identifier rubyid__reserved3'>_reserved3</span><span class='comma'>,</span>
<span class='id identifier rubyid_encryption_key'>encryption_key</span><span class='comma'>,</span>
<span class='id identifier rubyid_claim_compression'>claim_compression</span><span class='comma'>,</span>
<span class='id identifier rubyid_claim_encryption'>claim_encryption</span><span class='comma'>,</span>
<span class='id identifier rubyid__reserved4'>_reserved4</span><span class='comma'>,</span>
<span class='id identifier rubyid__reserved5'>_reserved5</span><span class='comma'>,</span>
<span class='id identifier rubyid_argcount'>argcount</span><span class='comma'>,</span>
<span class='id identifier rubyid_data_length'>data_length</span><span class='comma'>,</span>
<span class='rparen'>)</span> <span class='op'>=</span> <span class='id identifier rubyid_header'>header</span><span class='period'>.</span><span class='id identifier rubyid_unpack'>unpack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>CCCCNNCCCCNnn</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='comment'># Note that we don&#39;t attempt to decrypt / decompress here, because
</span> <span class='comment'># we&#39;ve never seen a server actually enable encryption or compression
</span> <span class='comment'># (even if we start it)
</span> <span class='id identifier rubyid_results'>results</span> <span class='op'>=</span> <span class='lbrace'>{</span>
<span class='label'>header:</span> <span class='id identifier rubyid_header'>header</span><span class='comma'>,</span>
<span class='label'>version_byte:</span> <span class='id identifier rubyid_version_byte'>version_byte</span><span class='comma'>,</span>
<span class='label'>other_version_byte:</span> <span class='id identifier rubyid_other_version_byte'>other_version_byte</span><span class='comma'>,</span>
<span class='label'>body_length:</span> <span class='id identifier rubyid_body_length'>body_length</span><span class='comma'>,</span>
<span class='label'>encryption_key:</span> <span class='id identifier rubyid_encryption_key'>encryption_key</span><span class='comma'>,</span>
<span class='label'>claim_compression:</span> <span class='id identifier rubyid_claim_compression'>claim_compression</span><span class='comma'>,</span>
<span class='label'>claim_encryption:</span> <span class='id identifier rubyid_claim_encryption'>claim_encryption</span><span class='comma'>,</span>
<span class='label'>argcount:</span> <span class='id identifier rubyid_argcount'>argcount</span><span class='comma'>,</span>
<span class='label'>data_length:</span> <span class='id identifier rubyid_data_length'>data_length</span>
<span class='rbrace'>}</span>
<span class='comment'># Receive the body
</span> <span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='id identifier rubyid_sock'>sock</span><span class='period'>.</span><span class='id identifier rubyid_get_once'>get_once</span><span class='lparen'>(</span><span class='id identifier rubyid_body_length'>body_length</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_body'>body</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span> <span class='op'>!=</span> <span class='id identifier rubyid_body_length'>body_length</span>
<span class='id identifier rubyid_raise'>raise</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="Unirpc/UniRPCCommunicationError.html" title="Msf::Exploit::Remote::Unirpc::UniRPCCommunicationError (class)">UniRPCCommunicationError</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>UniRPC packet body was truncated (expected </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_body_length'>body_length</span><span class='embexpr_end'>}</span><span class='tstring_content'> bytes, received </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_body'>body</span><span class='period'>.</span><span class='id identifier rubyid_length'>length</span><span class='embexpr_end'>}</span><span class='tstring_content'>) - this might not be a UniRPC server</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='comment'># Parse the argument metadata, data, and argument data
</span> <span class='id identifier rubyid_args'>args</span><span class='comma'>,</span> <span class='id identifier rubyid__data'>_data</span><span class='comma'>,</span> <span class='id identifier rubyid_extra_data'>extra_data</span> <span class='op'>=</span> <span class='id identifier rubyid_body'>body</span><span class='period'>.</span><span class='id identifier rubyid_unpack'>unpack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>a</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_argcount'>argcount</span> <span class='op'>*</span> <span class='int'>8</span><span class='embexpr_end'>}</span><span class='tstring_content'>a</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_data_length'>data_length</span><span class='embexpr_end'>}</span><span class='tstring_content'>a*</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='comment'># Parse the argument metadata + data
</span> <span class='id identifier rubyid_results'>results</span><span class='lbracket'>[</span><span class='symbol'>:args</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
<span class='int'>1</span><span class='period'>.</span><span class='id identifier rubyid_upto'>upto</span><span class='lparen'>(</span><span class='id identifier rubyid_argcount'>argcount</span><span class='rparen'>)</span> <span class='kw'>do</span>
<span class='id identifier rubyid_arg'>arg</span><span class='comma'>,</span> <span class='id identifier rubyid_args'>args</span> <span class='op'>=</span> <span class='id identifier rubyid_args'>args</span><span class='period'>.</span><span class='id identifier rubyid_unpack'>unpack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>a8a*</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='lparen'>(</span><span class='id identifier rubyid_value'>value</span><span class='comma'>,</span> <span class='id identifier rubyid_type'>type</span><span class='rparen'>)</span> <span class='op'>=</span> <span class='id identifier rubyid_arg'>arg</span><span class='period'>.</span><span class='id identifier rubyid_unpack'>unpack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>NN</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>case</span> <span class='id identifier rubyid_type'>type</span>
<span class='kw'>when</span> <span class='const'><span class='object_link'><a href="#UNIRPC_TYPE_INTEGER-constant" title="Msf::Exploit::Remote::Unirpc::UNIRPC_TYPE_INTEGER (constant)">UNIRPC_TYPE_INTEGER</a></span></span> <span class='comment'># 32-bit integer
</span> <span class='lparen'>(</span><span class='id identifier rubyid_arg_data'>arg_data</span><span class='comma'>,</span> <span class='id identifier rubyid_extra_data'>extra_data</span><span class='rparen'>)</span> <span class='op'>=</span> <span class='id identifier rubyid_extra_data'>extra_data</span><span class='period'>.</span><span class='id identifier rubyid_unpack'>unpack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Na*</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_results'>results</span><span class='lbracket'>[</span><span class='symbol'>:args</span><span class='rbracket'>]</span> <span class='op'>&lt;&lt;</span> <span class='lbrace'>{</span>
<span class='label'>type:</span> <span class='symbol'>:integer</span><span class='comma'>,</span>
<span class='label'>value:</span> <span class='id identifier rubyid_arg_data'>arg_data</span><span class='comma'>,</span>
<span class='label'>extra:</span> <span class='id identifier rubyid_value'>value</span>
<span class='rbrace'>}</span>
<span class='kw'>when</span> <span class='const'><span class='object_link'><a href="#UNIRPC_TYPE_STRING-constant" title="Msf::Exploit::Remote::Unirpc::UNIRPC_TYPE_STRING (constant)">UNIRPC_TYPE_STRING</a></span></span> <span class='comment'># Null-able string
</span> <span class='kw'>if</span> <span class='id identifier rubyid_value'>value</span> <span class='op'>==</span> <span class='int'>0</span>
<span class='id identifier rubyid_string_value'>string_value</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='kw'>else</span>
<span class='lparen'>(</span><span class='id identifier rubyid_string'>string</span><span class='comma'>,</span> <span class='id identifier rubyid_extra_data'>extra_data</span><span class='rparen'>)</span> <span class='op'>=</span> <span class='id identifier rubyid_extra_data'>extra_data</span><span class='period'>.</span><span class='id identifier rubyid_unpack'>unpack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>a</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_value'>value</span><span class='embexpr_end'>}</span><span class='tstring_content'>a*</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_string_value'>string_value</span> <span class='op'>=</span> <span class='id identifier rubyid_string'>string</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_results'>results</span><span class='lbracket'>[</span><span class='symbol'>:args</span><span class='rbracket'>]</span> <span class='op'>&lt;&lt;</span> <span class='lbrace'>{</span>
<span class='label'>type:</span> <span class='symbol'>:string</span><span class='comma'>,</span>
<span class='label'>value:</span> <span class='id identifier rubyid_string_value'>string_value</span><span class='comma'>,</span>
<span class='label'>extra:</span> <span class='id identifier rubyid_value'>value</span>
<span class='rbrace'>}</span>
<span class='kw'>when</span> <span class='const'><span class='object_link'><a href="#UNIRPC_TYPE_BYTES-constant" title="Msf::Exploit::Remote::Unirpc::UNIRPC_TYPE_BYTES (constant)">UNIRPC_TYPE_BYTES</a></span></span> <span class='comment'># They call this &quot;RPC String&quot;
</span> <span class='lparen'>(</span><span class='id identifier rubyid_string'>string</span><span class='comma'>,</span> <span class='id identifier rubyid_extra_data'>extra_data</span><span class='rparen'>)</span> <span class='op'>=</span> <span class='id identifier rubyid_extra_data'>extra_data</span><span class='period'>.</span><span class='id identifier rubyid_unpack'>unpack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>a</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_value'>value</span><span class='embexpr_end'>}</span><span class='tstring_content'>a*</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_string_value'>string_value</span> <span class='op'>=</span> <span class='id identifier rubyid_string'>string</span>
<span class='id identifier rubyid_results'>results</span><span class='lbracket'>[</span><span class='symbol'>:args</span><span class='rbracket'>]</span> <span class='op'>&lt;&lt;</span> <span class='lbrace'>{</span>
<span class='label'>type:</span> <span class='symbol'>:string</span><span class='comma'>,</span>
<span class='label'>value:</span> <span class='id identifier rubyid_string_value'>string_value</span>
<span class='rbrace'>}</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_raise'>raise</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="Unirpc/UniRPCUnexpectedResponseError.html" title="Msf::Exploit::Remote::Unirpc::UniRPCUnexpectedResponseError (class)">UniRPCUnexpectedResponseError</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Unidata: received unknown RPC type (</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_type'>type</span><span class='embexpr_end'>}</span><span class='tstring_content'>)!</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='id identifier rubyid_first_result_is_status'>first_result_is_status</span>
<span class='kw'>if</span> <span class='id identifier rubyid_results'>results</span><span class='op'>&amp;.</span><span class='id identifier rubyid_dig'>dig</span><span class='lparen'>(</span><span class='symbol'>:args</span><span class='comma'>,</span> <span class='int'>0</span><span class='comma'>,</span> <span class='symbol'>:type</span><span class='rparen'>)</span> <span class='op'>!=</span> <span class='symbol'>:integer</span>
<span class='id identifier rubyid_raise'>raise</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="Unirpc/UniRPCUnexpectedResponseError.html" title="Msf::Exploit::Remote::Unirpc::UniRPCUnexpectedResponseError (class)">UniRPCUnexpectedResponseError</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>UniRPC server returned a non-integer status code</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_error_code'>error_code</span> <span class='op'>=</span> <span class='id identifier rubyid_results'>results</span><span class='lbracket'>[</span><span class='symbol'>:args</span><span class='rbracket'>]</span><span class='lbracket'>[</span><span class='int'>0</span><span class='rbracket'>]</span><span class='lbracket'>[</span><span class='symbol'>:value</span><span class='rbracket'>]</span>
<span class='kw'>if</span> <span class='id identifier rubyid_error_code'>error_code</span> <span class='op'>!=</span> <span class='int'>0</span>
<span class='id identifier rubyid_raise'>raise</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="Unirpc/UniRPCUnexpectedResponseError.html" title="Msf::Exploit::Remote::Unirpc::UniRPCUnexpectedResponseError (class)">UniRPCUnexpectedResponseError</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>UniRPC server returned an error code: </span><span class='embexpr_beg'>#{</span><span class='ivar'>@error_codes</span><span class='lbracket'>[</span><span class='id identifier rubyid_error_code'>error_code</span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Unknown error: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_error_code'>error_code</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>return</span> <span class='id identifier rubyid_results'>results</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="unirpc_get_version-instance_method">
#<strong>unirpc_get_version</strong> &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
</div>
</div>
<div class="tags">
<p class="tag_title">Raises:</p>
<ul class="raise">
<li>
<span class='type'>(<tt><span class='object_link'><a href="Unirpc/UniRPCUnexpectedResponseError.html" title="Msf::Exploit::Remote::Unirpc::UniRPCUnexpectedResponseError (class)">UniRPCUnexpectedResponseError</a></span></tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/unirpc.rb', line 38</span>
<span class='kw'>def</span> <span class='id identifier rubyid_unirpc_get_version'>unirpc_get_version</span>
<span class='comment'># These are the services we&#39;ve found that return version numbers
</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>defcs</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>udserver</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_service'>service</span><span class='op'>|</span>
<span class='id identifier rubyid_vprint_status'>vprint_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Trying to get version number from service </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_service'>service</span><span class='embexpr_end'>}</span><span class='tstring_content'>...</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_connect'>connect</span>
<span class='id identifier rubyid_sock'>sock</span><span class='period'>.</span><span class='id identifier rubyid_put'>put</span><span class='lparen'>(</span><span class='id identifier rubyid_build_unirpc_message'>build_unirpc_message</span><span class='lparen'>(</span><span class='label'>args:</span> <span class='lbracket'>[</span>
<span class='comment'># Service name
</span> <span class='lbrace'>{</span> <span class='label'>type:</span> <span class='symbol'>:string</span><span class='comma'>,</span> <span class='label'>value:</span> <span class='id identifier rubyid_service'>service</span> <span class='rbrace'>}</span><span class='comma'>,</span>
<span class='comment'># &quot;Secure&quot; flag - this must be non-zero if the server is started in
</span> <span class='comment'># &quot;secure&quot; mode (-s) - it makes no actual difference to us,
</span> <span class='comment'># so just use secure mode to cover all bases
</span> <span class='lbrace'>{</span> <span class='label'>type:</span> <span class='symbol'>:integer</span><span class='comma'>,</span> <span class='label'>value:</span> <span class='int'>1</span> <span class='rbrace'>}</span><span class='comma'>,</span>
<span class='rbracket'>]</span><span class='rparen'>)</span><span class='rparen'>)</span>
<span class='id identifier rubyid_result'>result</span> <span class='op'>=</span> <span class='id identifier rubyid_recv_unirpc_message'>recv_unirpc_message</span><span class='lparen'>(</span><span class='id identifier rubyid_sock'>sock</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_result'>result</span><span class='op'>&amp;.</span><span class='id identifier rubyid_dig'>dig</span><span class='lparen'>(</span><span class='symbol'>:args</span><span class='comma'>,</span> <span class='int'>0</span><span class='comma'>,</span> <span class='symbol'>:type</span><span class='rparen'>)</span> <span class='op'>==</span> <span class='symbol'>:string</span>
<span class='id identifier rubyid_version'>version</span> <span class='op'>=</span> <span class='id identifier rubyid_result'>result</span><span class='period'>.</span><span class='id identifier rubyid_dig'>dig</span><span class='lparen'>(</span><span class='symbol'>:args</span><span class='comma'>,</span> <span class='int'>0</span><span class='comma'>,</span> <span class='symbol'>:value</span><span class='rparen'>)</span><span class='op'>&amp;.</span><span class='id identifier rubyid_gsub'>gsub</span><span class='lparen'>(</span><span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>.*:</span><span class='regexp_end'>/</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>unless</span> <span class='id identifier rubyid_version'>version</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
<span class='kw'>return</span> <span class='id identifier rubyid_version'>version</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='kw'>ensure</span>
<span class='id identifier rubyid_disconnect'>disconnect</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_raise'>raise</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="Unirpc/UniRPCUnexpectedResponseError.html" title="Msf::Exploit::Remote::Unirpc::UniRPCUnexpectedResponseError (class)">UniRPCUnexpectedResponseError</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Could not determine UniRPC version!</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
</div>
<div id="footer">
Generated on Fri May 8 17:01:40 2026 by
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.37 (ruby-3.1.5).
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink