Land rapid7#6026, Add support for NewClass elements on Rex::Java::Serialization

wchen-r7 · wchen-r7 · commit 352535e15d0c · 2015-10-08T12:33:12.000-05:00
diff --git a/lib/rex/java/serialization/model.rb b/lib/rex/java/serialization/model.rb
@@ -19,6 +19,7 @@ module Model
         autoload :NewClassDesc,   'rex/java/serialization/model/new_class_desc'
         autoload :NewEnum,        'rex/java/serialization/model/new_enum'
         autoload :NewObject,      'rex/java/serialization/model/new_object'
+        autoload :NewClass,       'rex/java/serialization/model/new_class'
         autoload :NullReference,  'rex/java/serialization/model/null_reference'
         autoload :Reference,      'rex/java/serialization/model/reference'
         autoload :Reset,          'rex/java/serialization/model/reset'
diff --git a/lib/rex/java/serialization/model/contents.rb b/lib/rex/java/serialization/model/contents.rb
@@ -28,7 +28,7 @@ def decode_content(io, stream)
             when TC_OBJECT
               content = NewObject.decode(io, stream)
             when TC_CLASS
-              content = ClassDesc.decode(io, stream)
+              content = NewClass.decode(io, stream)
             when TC_ARRAY
               content = NewArray.decode(io, stream)
             when TC_STRING
@@ -75,7 +75,7 @@ def encode_content(content)
               encoded << [TC_ENDBLOCKDATA].pack('C')
             when NewObject
               encoded << [TC_OBJECT].pack('C')
-            when ClassDesc
+            when NewClass
               encoded << [TC_CLASS].pack('C')
             when NewArray
               encoded << [TC_ARRAY].pack('C')
@@ -122,6 +122,8 @@ def print_content(content)
               str << "#{print_class(content)} { #{content.to_s} }"
             when ClassDesc
               str << "#{print_class(content)} { #{content.to_s} }"
+            when NewClass
+              str << "#{print_class(content)} { #{content.to_s} }"
             when NewArray
               str << "#{print_class(content)} { #{content.to_s} }"
             when Utf
diff --git a/lib/rex/java/serialization/model/new_class.rb b/lib/rex/java/serialization/model/new_class.rb
@@ -0,0 +1,57 @@
+# -*- coding: binary -*-
+
+module Rex
+  module Java
+    module Serialization
+      module Model
+        # This class provides a NewArray (Java Array) representation
+        class NewClass < Element
+
+          include Rex::Java::Serialization::Model::Contents
+
+          # @!attribute array_description
+          #   @return [Java::Serialization::Model::ClassDesc] The description of the class
+          attr_accessor :class_description
+
+          # @param stream [Rex::Java::Serialization::Model::Stream] the stream where it belongs to
+          def initialize(stream = nil)
+            super(stream)
+            self.class_description = nil
+          end
+
+          # Deserializes a Rex::Java::Serialization::Model::NewClass
+          #
+          # @param io [IO] the io to read from
+          # @return [self] if deserialization succeeds
+          # @raise [Rex::Java::Serialization::DecodeError] if deserialization doesn't succeed
+          def decode(io)
+            self.class_description = ClassDesc.decode(io, stream)
+            stream.add_reference(self) unless stream.nil?
+
+            self
+          end
+
+          # Serializes the Rex::Java::Serialization::Model::NewClass
+          #
+          # @return [String] if serialization succeeds
+          # @raise [Rex::Java::Serialization::EncodeError] if serialization doesn't succeed
+          def encode
+            unless class_description.kind_of?(ClassDesc)
+              raise Rex::Java::Serialization::EncodeError, 'Failed to serialize NewClass'
+            end
+
+            encoded = ''
+            encoded << class_description.encode
+          end
+
+          # Creates a print-friendly string representation
+          #
+          # @return [String]
+          def to_s
+            print_content(class_description)
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/lib/rex/java/serialization/model/new_object.rb b/lib/rex/java/serialization/model/new_object.rb
@@ -71,6 +71,7 @@ def encode
           # @return [String]
           def to_s
             str  = ''
+
             case class_desc.description
             when NewClassDesc
               str << class_desc.description.class_name.to_s
@@ -84,6 +85,8 @@ def to_s
             data_str = class_data.collect { |data| data.to_s }
             str << data_str.join(', ')
             str << ' }'
+
+            str
           end
 
           private
