sempervictus
diff --git a/‎lib/rex/java.rb
Lines changed: 3 additions & 0 deletions b/‎lib/rex/java.rb
Lines changed: 3 additions & 0 deletions
diff --git a/‎lib/rex/java/serialization.rb
Lines changed: 54 additions & 0 deletions b/‎lib/rex/java/serialization.rb
Lines changed: 54 additions & 0 deletions
diff --git a/‎lib/rex/java/serialization/model.rb
Lines changed: 20 additions & 0 deletions b/‎lib/rex/java/serialization/model.rb
Lines changed: 20 additions & 0 deletions
diff --git a/‎lib/rex/java/serialization/model/annotation.rb
Lines changed: 69 additions & 0 deletions b/‎lib/rex/java/serialization/model/annotation.rb
Lines changed: 69 additions & 0 deletions
diff --git a/‎lib/rex/java/serialization/model/block_data.rb
Lines changed: 70 additions & 0 deletions b/‎lib/rex/java/serialization/model/block_data.rb
Lines changed: 70 additions & 0 deletions
diff --git a/‎lib/rex/java/serialization/model/block_data_long.rb
Lines changed: 72 additions & 0 deletions b/‎lib/rex/java/serialization/model/block_data_long.rb
Lines changed: 72 additions & 0 deletions
diff --git a/‎lib/rex/java/serialization/model/class_desc.rb
Lines changed: 64 additions & 0 deletions b/‎lib/rex/java/serialization/model/class_desc.rb
Lines changed: 64 additions & 0 deletions
@@ -0,0 +1,3 @@
+# -*- coding: binary -*-
+
+require 'rex/java/serialization'
@@ -0,0 +1,54 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Java
+    # Include constants defining terminal and constant
+    # values expected in a stream.
+    module Serialization
+      STREAM_MAGIC = 0xaced
+      STREAM_VERSION = 5
+      TC_NULL = 0x70
+      TC_REFERENCE = 0x71
+      TC_CLASSDESC = 0x72
+      TC_OBJECT = 0x73
+      TC_STRING = 0x74
+      TC_ARRAY = 0x75
+      TC_CLASS = 0x76
+      TC_BLOCKDATA = 0x77
+      TC_ENDBLOCKDATA = 0x78
+      TC_RESET = 0x79
+      TC_BLOCKDATALONG = 0x7A
+      TC_EXCEPTION = 0x7B
+      TC_LONGSTRING =  0x7C
+      TC_PROXYCLASSDESC =  0x7D
+      TC_ENUM =  0x7E
+      BASE_WIRE_HANDLE = 0x7E0000
+
+      SC_WRITE_METHOD = 0x01 # if SC_SERIALIZABLE
+      SC_BLOCK_DATA = 0x08   # if SC_EXTERNALIZABLE
+      SC_SERIALIZABLE = 0x02
+      SC_EXTERNALIZABLE = 0x04
+      SC_ENUM = 0x10
+
+      PRIMITIVE_TYPE_CODES = {
+        'B' => 'byte',
+        'C' => 'char',
+        'D' => 'double',
+        'F' => 'float',
+        'I' => 'int',
+        'J' => 'long',
+        'S' => 'short',
+        'Z' => 'boolean'
+      }
+
+      OBJECT_TYPE_CODES = {
+        '[' => 'array',
+        'L' => 'object'
+      }
+
+      TYPE_CODES = PRIMITIVE_TYPE_CODES.merge(OBJECT_TYPE_CODES)
+    end
+  end
+end
+
+require 'rex/java/serialization/model'
@@ -0,0 +1,20 @@
+# -*- coding: binary -*-
+
+require 'rex/java/serialization/model/element'
+require 'rex/java/serialization/model/null_reference'
+require 'rex/java/serialization/model/reference'
+require 'rex/java/serialization/model/reset'
+require 'rex/java/serialization/model/utf'
+require 'rex/java/serialization/model/long_utf'
+require 'rex/java/serialization/model/block_data'
+require 'rex/java/serialization/model/block_data_long'
+require 'rex/java/serialization/model/end_block_data'
+require 'rex/java/serialization/model/contents'
+require 'rex/java/serialization/model/new_enum'
+require 'rex/java/serialization/model/field'
+require 'rex/java/serialization/model/new_array'
+require 'rex/java/serialization/model/annotation'
+require 'rex/java/serialization/model/class_desc'
+require 'rex/java/serialization/model/new_class_desc'
+require 'rex/java/serialization/model/new_object'
+require 'rex/java/serialization/model/stream'
@@ -0,0 +1,69 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Java
+    module Serialization
+      module Model
+        # This class provides an annotation representation. It's used for both class
+        # annotations (classAnnotation) and object annotations (objectAnnotation).
+        class Annotation < Element
+
+          include Rex::Java::Serialization::Model::Contents
+
+          # @!attribute contents
+          #   @return [Array] The annotation contents
+          attr_accessor :contents
+
+          # @param stream [Rex::Java::Serialization::Model::Stream] the stream where it belongs to
+          def initialize(stream = nil)
+            super(stream)
+            self.contents = []
+          end
+
+          # Deserializes a Rex::Java::Serialization::Model::Annotation
+          #
+          # @param io [IO] the io to read from
+          # @return [self] if deserialization succeeds
+          # @raise [RuntimeError] if deserialization doesn't succeed
+          def decode(io)
+            loop do
+              content = decode_content(io, stream)
+              self.contents << content
+              return self if content.class == EndBlockData
+            end
+
+            self
+          end
+
+          # Serializes the Rex::Java::Serialization::Model::Annotation
+          #
+          # @return [String] if serialization suceeds
+          # @raise [RuntimeError] if serialization doesn't succeed
+          def encode
+            raise ::RuntimeError, 'Failed to serialize Annotation with empty contents' if contents.empty?
+
+            encoded = ''
+
+            contents.each do |content|
+              encoded << encode_content(content)
+            end
+
+            encoded
+          end
+
+          # Creates a print-friendly string representation
+          #
+          # @return [String]
+          def to_s
+            str = '[ '
+            contents_data = contents.collect {|content| "#{print_content(content)}"}
+            str << contents_data.join(', ')
+            str << ' ]'
+            str
+          end
+
+        end
+      end
+    end
+  end
+end
@@ -0,0 +1,70 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Java
+    module Serialization
+      module Model
+        # This class provides a block data representation
+        class BlockData < Element
+
+          # @!attribute length
+          #   @return [Integer] the length of the block
+          attr_accessor :length
+          # @!attribute contents
+          #   @return [String] the contents of the block
+          attr_accessor :contents
+
+          # @param stream [Rex::Java::Serialization::Model::Stream] the stream where it belongs to
+          # @param contents [String] the contents of the block
+          def initialize(stream = nil, contents = '')
+            super(stream)
+            self.contents = contents
+            self.length = contents.length
+          end
+
+          # Deserializes a Rex::Java::Serialization::Model::BlockData
+          #
+          # @param io [IO] the io to read from
+          # @return [self] if deserialization succeeds
+          # @raise [RuntimeError] if deserialization doesn't succeed
+          def decode(io)
+            raw_length = io.read(1)
+            raise RuntimeError, 'Failed to unserialize BlockData' if raw_length.nil?
+            self.length = raw_length.unpack('C')[0]
+
+            if length == 0
+              self.contents = ''
+            else
+              self.contents = io.read(length)
+              if contents.nil? || contents.length != length
+                raise RuntimeError, 'Failed to unserialize BlockData'
+              end
+            end
+
+            self
+          end
+
+          # Creates a print-friendly string representation
+          #
+          # @return [String]
+          def to_s
+            contents_hex = []
+            contents.each_byte {|byte| contents_hex << "0x#{byte.to_s(16)}" }
+
+            "[ #{contents_hex.join(', ')} ]"
+          end
+
+          # Serializes the Rex::Java::Serialization::Model::BlockData
+          #
+          # @return [String]
+          def encode
+            encoded = [length].pack('C')
+            encoded << contents
+
+            encoded
+          end
+        end
+      end
+    end
+  end
+end
@@ -0,0 +1,72 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Java
+    module Serialization
+      module Model
+        # This class provides a block data (long) representation
+        class BlockDataLong < Element
+
+          # @!attribute length
+          #   @return [Integer] the length of the block
+          attr_accessor :length
+          # @!attribute contents
+          #   @return [String] the contents of the block
+          attr_accessor :contents
+
+          # @param stream [Rex::Java::Serialization::Model::Stream] the stream where it belongs to
+          # @param contents [String] the contents of the block
+          def initialize(stream = nil, contents = '')
+            super(stream)
+            self.contents = contents
+            self.length = contents.length
+          end
+
+          # Deserializes a Rex::Java::Serialization::Model::BlockDataLong
+          #
+          # @param io [IO] the io to read from
+          # @return [self] if deserialization succeeds
+          # @raise [RuntimeError] if deserialization doesn't succeed
+          def decode(io)
+            raw_length = io.read(4)
+            if raw_length.nil? || raw_length.length != 4
+              raise ::RuntimeError, 'Failed to unserialize BlockDataLong'
+            end
+            self.length = raw_length.unpack('N')[0]
+
+            if length == 0
+              self.contents = ''
+            else
+              self.contents = io.read(length)
+              if contents.nil? || contents.length != length
+                raise ::RuntimeError, 'Failed to unserialize BlockData'
+              end
+            end
+
+            self
+          end
+
+          # Serializes the Rex::Java::Serialization::Model::BlockDataLong
+          #
+          # @return [String]
+          def encode
+            encoded = [length].pack('N')
+            encoded << contents
+
+            encoded
+          end
+
+          # Creates a print-friendly string representation
+          #
+          # @return [String]
+          def to_s
+            contents_hex = []
+            contents.each_byte {|byte| contents_hex << "0x#{byte.to_s(16)}" }
+
+            "[ #{contents_hex.join(', ')} ]"
+          end
+        end
+      end
+    end
+  end
+end
@@ -0,0 +1,64 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Java
+    module Serialization
+      module Model
+        # This class provides a Java classDesc representation
+        class ClassDesc < Element
+
+          include Rex::Java::Serialization::Model::Contents
+
+          attr_accessor :description
+
+          # @param stream [Rex::Java::Serialization::Model::Stream] the stream where it belongs to
+          def initialize(stream = nil)
+            super(stream)
+            self.description = nil
+          end
+
+          # Deserializes a Rex::Java::Serialization::Model::ClassDesc
+          #
+          # @param io [IO] the io to read from
+          # @return [self] if deserialization succeeds
+          # @raise [RuntimeError] if deserialization doesn't succeed
+          def decode(io)
+            content = decode_content(io, stream)
+            allowed_contents = [NullReference, NewClassDesc, Reference]
+
+            unless allowed_contents.include?(content.class)
+              raise ::RuntimeError, 'ClassDesc unserialize failed'
+            end
+
+            self.description = content
+            self
+          end
+
+          # Serializes the Rex::Java::Serialization::Model::ClassDesc
+          #
+          # @return [String] if serialization succeeds
+          # @raise [RuntimeError] if serialization doesn't succeed
+          def encode
+            encoded = ''
+            allowed_contents = [NullReference, NewClassDesc, Reference]
+
+            unless allowed_contents.include?(description.class)
+              raise ::RuntimeError, 'Failed to serialize ClassDesc'
+            end
+
+            encoded << encode_content(description)
+
+            encoded
+          end
+
+          # Creates a print-friendly string representation
+          #
+          # @return [String]
+          def to_s
+            print_content(description)
+          end
+        end
+      end
+    end
+  end
+end
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+# -- coding: binary --`
	`2`	`+`
	`3`	`+require 'rex/java/serialization'`